JP2012185594A - Content providing system, content server, content providing method and computer program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable a user to receive a pull-print service more flexibly than before.SOLUTION: A private print server 2A performs the steps of: storing print data 73 in association with a user; transmitting the print data 73 to an image formation device 1A when requested by the image formation device 1A; and moving the stored print data 73 to a public print server 2B when it is detected that the user has exited from a facility. The public print server 2B performs the steps of: storing the print data 73 received from the private print server 2A; transmitting the print data 73 to an image formation device 1B when the user is authenticated on the image formation device 1B and deleting the data thereafter; and deleting the print data 73 if it is unused, when it is detected that the user has entered into the facility.

Description

  The present invention relates to a system and method for providing content data in response to a request from a content output apparatus such as an image forming apparatus.

  In recent years, a form in which main arithmetic processing for a service is not executed by an end user client but by a server of a service provider has been widespread. That is, a form in which software for main calculation processing is run on a server and the calculation result is transmitted to the client via the network has become widespread. Such software or its form is generally called “SaaS (Software as a Service)”.

  In recent years, image forming apparatuses having various functions such as copying, scanning, faxing, IP (Internet Protocol) communication, and file servers have become widespread. Such an image forming apparatus is called an “MFP (Multi Function Peripherals)” or “multifunction machine”. Furthermore, these functions are applied in various ways depending on applications, and various services provided by the image forming apparatus are provided to users.

  SaaS can be applied by linking the image forming apparatus with the server. For example, a service called “pull print” has been proposed.

  According to this service, print data transmitted from a personal computer is not immediately received by the image forming apparatus, but temporarily stored in a server called “pull print server”. The pull print server receives print data from various personal computers and manages them centrally. Thereafter, when the user goes to an arbitrary image forming apparatus and performs a predetermined operation, the pull print server transmits the print data of the user to the image forming apparatus.

  In recent years, image forming apparatuses having a function of “touch and print” have become widespread. According to this function, the image forming apparatus does not start printing immediately after receiving print data from the personal computer, but the IC card is touched (tapped) to the IC reader, and data of a specific value is read from the IC card. Start printing later.

WO2006 / 9158 Japanese Patent Laid-Open No. 10-143724

  According to SaaS, a user can receive a service regardless of location as long as the user can connect to the server. Therefore, the user saves the print data in a pull print server in the facility of the organization where he / she is working, and prints the printed document using the image forming device in the facility or the image forming device outside the facility. Should be able to get.

  However, in reality, in view of security protection, access to the pull print server from an image forming apparatus outside the facility is often prohibited. In other words, printing using print data managed by the pull print server is often limited to image forming apparatuses in the facility.

  The following technologies have been proposed as technologies for protecting content. The gate device installed at the gate acquires entrance information indicating entry into the gate and exit information indicating exit from the gate. When the entrance information is acquired, reproduction of at least a part of the content is permitted. On the other hand, when the exit information is acquired, the reproduction of the content is prohibited (Patent Document 1). Patent Document 2 proposes a technique for managing entrance to a specific place.

  However, with the conventional techniques described in Patent Documents 1 and 2, the print data cannot be safely used by the image forming apparatus outside the facility on the pull print server in the organization facility.

  SUMMARY OF THE INVENTION The present invention has been made in view of such a problem, and an object of the present invention is to allow a user to receive a pull print service more flexibly than before.

  A content providing system according to an aspect of the present invention includes a first content server that communicates with a first content output device installed at a specific location, and a second content output installed outside the specific location. A content providing system having a second content server that communicates with an apparatus, wherein the first content server stores content data that is data for reproducing content in association with a user. And a first providing means for transmitting the content data stored in the first storage means to the first content output apparatus when requested by the first content output apparatus. The content data stored in the first storage means is forwarded when the user's exit from the specific location is detected. Transfer means for transmitting to the second content server, and the second content server stores the content data transmitted from the first content server in association with the user. And when the user is authenticated and requested by the second content output device, the content data stored in the second storage device is transmitted to the second content output device. , A second providing means, and a deleting means for deleting the content data from the second storing means when the user's entry to the specific place is detected.

  Preferably, the transfer unit encrypts the content data and transmits the encrypted content data to the second content server, and the second storage unit stores the content data in an encrypted state, and The providing means transmits the content data in an encrypted state to the second content output device.

  Alternatively, the first content server is further provided with a write control means for controlling the writing device so that a decryption key for decrypting the content data is recorded on a portable recording medium. Yes. Or it has the entrance / exit detection means which detects the said exit and the said approach by reading the said user's identification information memorize | stored in the said recording medium.

  Alternatively, the first content server may request the second content server to receive the content data when the entry is detected, and store the request in the first storage unit. Storage control means is provided, wherein the first providing means transmits the content data to the first content output device, and then deletes the content data from the first storage means. After transmitting the data to the second content server for transmission, the data is deleted from the first storage unit, and the second providing unit transmits the content data to the second content output device , Deleting from the second storage means, and the deleting means deletes the content data when the content data is requested from the first content server. Transmitted to one content server, then deletes the content data from said second storage means.

  According to the present invention, a user can receive a pull-print service more flexibly than before.

1 is a diagram illustrating an example of the overall configuration of a printing system. 2 is a diagram illustrating an example of a hardware configuration of an image forming apparatus. FIG. It is a figure which shows the example of a functional structure of the image forming apparatus by 1st touch and print software. It is a figure which shows the example of a functional structure of the image forming apparatus by 2nd touch and print software. It is a figure which shows the example of the hardware constitutions of a private print server and a public print server. It is a figure which shows the example of a functional structure of a private print server. It is a figure which shows the example of a functional structure of a public print server. It is a figure which shows the example of the whole structure of a security gate system. It is a figure which shows the example of a functional structure of a participation gate control apparatus. It is a figure which shows the example of external appearances, such as a participation IC card reader / writer and a participation gate. It is a figure which shows the example of a functional structure of an entrance gate control apparatus. 10 is a flowchart illustrating an example of the overall processing flow of a private print server. It is a flowchart explaining the example of the flow of the whole process of a public print server. 6 is a flowchart illustrating an example of the overall processing flow of the image forming apparatus. 10 is a flowchart illustrating a modification of the overall processing flow of the private print server. 10 is a flowchart illustrating a modification of the overall processing flow of the private print server.

  FIG. 1 is a diagram illustrating an example of the overall configuration of the printing system 6. FIG. 2 is a diagram illustrating an example of a hardware configuration of the image forming apparatuses 1A and 1B. FIG. 3 is a diagram illustrating an example of a functional configuration of the image forming apparatus 1A using the first touch-and-print software 7SA. FIG. 4 is a diagram illustrating an example of a functional configuration of the image forming apparatus 1B using the second touch and print software 7SB. FIG. 5 is a diagram illustrating an example of the hardware configuration of the private print server 2A and the public print server 2B. FIG. 6 is a diagram illustrating an example of a functional configuration of the private print server 2A. FIG. 7 is a diagram illustrating an example of a functional configuration of the public print server 2B. FIG. 8 is a diagram illustrating an example of the overall configuration of the security gate system 3. FIG. 9 is a diagram illustrating an example of a functional configuration of the participation gate control device 30C. FIG. 10 is a diagram showing an example of the appearance of the participation IC card reader / writer 30A, the participation gate 30B, and the like. FIG. 11 is a diagram illustrating an example of a functional configuration of the entrance gate control device 34C.

  As shown in FIG. 1, the printing system 6 includes an intranet 5, a public print server 2B, and one or a plurality of image forming apparatuses 1B. The intranet 5, the public print server 2B, and the image forming apparatus 1B can be connected to each other via the Internet or the like. Hereinafter, each image forming apparatus 1B may be described separately as “image forming apparatus 1B1,” “image forming apparatus 1B2,”.

  The intranet 5 includes a gateway device 4G, a private print server 2A, one or a plurality of image forming apparatuses 1A, a security gate system 3, a personal computer 4P, and the like. Hereinafter, each image forming apparatus 1A may be described separately as “image forming apparatus 1A1,” “image forming apparatus 1A2,”.

  The intranet 5 is provided in a facility of an organization such as a government office or a company. Hereinafter, a case where an intranet 5 is used in a certain company X and an employee of the company X is a user of the printing system 6 will be described as an example. An IC (Integrated Circuit) card 38 storing a unique user code 71 is given to each employee, that is, a user.

  The gateway device 4G connects the intranet 5 to another network. A router or a firewall device is used as the gateway device 4G.

  The gateway device 4G widely recognizes connections from devices in the intranet 5 to devices in other networks. However, connections from other network devices to devices in the intranet 5 are severely restricted. Specifically, the request for access from the private print server 2A to the public print server 2B is passed, but the request for access from the public print server 2B to the private print server 2A is blocked. Accordingly, the private print server 2A and the public print server 2B are connected when requesting establishment of a session from the private print server 2A, but are not connected when requested by the public print server 2B.

  The image forming apparatus 1 </ b> A and the image forming apparatus 1 </ b> B are devices called “multifunction peripherals” or “MFP (Multi Function Peripherals)”, and are copy, network print, touch and print (touch and print), pull print, and fax. , And a device that integrates functions such as a scanner.

  The network print function is a function for receiving print data from the personal computer 4P and printing an image on paper. Sometimes called a “network printer function” or a “PC print function”.

  The touch and print function is an extended function of the network print function, and does not start printing as soon as print data is received from the personal computer 4P, but prints after data of a specific value is read from the IC card. It is a function to start.

  The pull print function temporarily stores the print data transmitted from the personal computer 4P in the server instead of immediately receiving it, and then downloads the print data from the server for printing when the user performs a predetermined operation. It is a function of performing. Note that this server is generally called a “pull print server”.

  As shown in FIG. 2, the image forming apparatus 1A and the image forming apparatus 1B include a CPU (Central Processing Unit) 10a, a RAM (Random Access Memory) 10b, a ROM (Read Only Memory) 10c, a mass storage device 10d, and a scanner unit. 10e, a printing unit 10f, a network interface 10g, a touch panel display 10h, a modem 10i, a finisher 10j, an IC card reader 10k, and a control circuit.

  The network interface 10g is a NIC (Network Interface Card) for communicating with the private print server 2A, the public print server 2B, or the personal computer 4P using a protocol such as TCP / IP (Transmission Control Protocol / Internet Protocol).

  The touch panel display 10h displays a screen for giving a message or an instruction to the user, a screen for the user to input processing commands and conditions, a screen showing the processing result of the CPU 10a, and the like. Moreover, the position which the user touched with the finger | toe is detected, and the signal which shows a detection result is transmitted to CPU10a.

  The scanner unit 10e reads an image made up of photographs, characters, pictures, charts and the like written on a sheet and generates image data.

  The modem 10i is a device for exchanging image data with other fax terminals using a protocol such as G3.

  The printing unit 10f prints an image indicated by data received from the personal computer 4P or a fax terminal in addition to the image read by the scanner unit 10e.

  The finisher 10j performs a finishing process such as a process of binding with staples and a process of punching holes on a printed material on which an image is printed by the printing unit 10f.

  The IC card reader 10k reads data from the IC card 38. In the present embodiment, in particular, the user code 71 is read.

  Software such as an operating system and middleware is installed in the ROM 10c or the mass storage device 10d. Modules constituting the software are loaded into the RAM 10b as necessary and executed by the CPU 10a. An HDD (Hard Disk Drive), an SSD (Solid State Drive), or the like is used as the mass storage device 10d.

  Further, the first touch and print software 7SA is installed in the ROM 10c or the mass storage device 10d of the image forming apparatus 1A, and the second touch is installed in the ROM 10c or the mass storage device 10d of the image forming apparatus 1B. And print software 7SB is installed. Both the first touch and print software 7SA and the second touch and print software 7SB are software for realizing a pull print function and a touch and print function. However, some processes are different.

  According to the first touch and print software 7SA, the user code extraction unit 101, the user authentication processing unit 102, the print data acquisition unit 103, the print control unit 104, and the like illustrated in FIG. 3 are realized.

  On the other hand, the second touch and print software 7SB realizes the user code extraction unit 131, the user authentication processing unit 132, the print data acquisition unit 133, the decryption processing unit 134, the print control unit 135, and the like shown in FIG. .

  The image forming apparatus 1A is placed in the facility of the company X. Accordingly, only employees of the company X are users of the image forming apparatus 1A. On the other hand, the image forming apparatus 1B is placed in a convenience store or a public facility. Therefore, not only the employees of company X but anyone can use it.

  Returning to FIG. 1, both the private print server 2A and the public print server 2B are so-called pull print servers.

  As shown in FIG. 5, the private print server 2A and the public print server 2B are configured by a CPU 20a, a RAM 20b, a ROM 20c, a mass storage device 20d, a network interface 20e, and the like.

  The network interface 20e is a NIC for communicating with the image forming apparatuses 1A and 1B, the personal computer 4P, or the other pull print server.

  Software such as an operating system and middleware is installed in the ROM 20c or the mass storage device 20d. Modules constituting the software are loaded into the RAM 20b as necessary and executed by the CPU 20a. An HDD or SSD is used as the large capacity storage device 10d.

  Further, the first pull print software 7TA is installed in the ROM 20c or the mass storage device 20d of the private print server 2A, and the second pull print software is installed in the ROM 20c or the mass storage device 20d of the public print server 2B. Software 7TB is installed. Both the first pull print software 7TA and the second pull print software 7TB are software for realizing the touch and print function and the pull print function. However, some processes are different.

  According to the first pull print software 7TA, the print data receiving unit 200, the first print data searching unit 201, the first print data transmitting unit 202, the contestant data receiving unit 211, and the second print data shown in FIG. A search unit 212, an encryption processing unit 213, a second print data transmission unit 214, a visitor data reception unit 251, an unused print data acquisition unit 252, a decryption processing unit 253, a print data storage unit 240, and the like are realized. .

  On the other hand, according to the second pull print software 7TB, the print data receiving unit 261, the first print data search unit 262, the print data transmission unit 263, the second print data search unit 264, and the print data return unit shown in FIG. 265, the print data storage unit 266, and the like are realized.

  Returning to FIG. 1, the security gate system 3 manages the user (employee) who enters the facility of the company X and the user who participates from the facility.

  As shown in FIG. 8, the security gate system 3 includes an entry IC card reader / writer 30A, an entry gate 30B, an entry gate control device 30C, an entry IC card reader / writer 34A, an entry gate 34B, and an entry gate control device. 34C or the like.

  The participation IC card reader / writer 30A, the entry gate 30B, and the entry gate control device 30C are provided at the exit of the company X facility. On the other hand, the entrance IC card reader / writer 34A, the entrance gate 34B, and the entrance gate control device 34C are provided at the entrance of the facility of the company X.

  The participation IC card reader / writer 30A and the participation gate 30B are connected to the participation gate control device 30C. Similarly, the entrance IC card reader / writer 34A and the entrance gate 34B are connected to the entrance gate control device 34C.

  The participation IC card reader / writer 30 </ b> A reads the user code 71 from the IC card 38. Further, the decryption key 72 is written in the IC card 38 based on the command from the participation gate control device 30C.

  The participation gate 30B is opened and closed based on a command from the participation gate control device 30C.

  The participation gate control device 30C is mainly configured by a CPU, a RAM, a ROM, a large-capacity storage device, a network interface, and the like, like the private print server 2A shown in FIG.

  The network interface is a NIC for communicating with the participation IC card reader / writer 30A and the participation gate 30B. Communication may be performed by providing a standard device such as USB (Universal Serial Bus) or Bluetooth instead of the NIC.

  The ROM or mass storage device includes a user code extraction unit 301, a user authentication processing unit 302, an opening command unit 303, an encryption key decryption key generation unit 304, a decryption key write command unit 305, and participant data shown in FIG. The first gate software 7UA for realizing the transmission unit 306 and the like is stored. The modules constituting the first gate software 7UA are loaded into the RAM as necessary and executed by the CPU.

  As the participation IC card reader / writer 30A and the entry gate 30B, an IC card reader and an automatic opening / closing gate provided as an automatic ticket gate system such as a ticket gate at a station as shown in FIG. 10 may be used. The participation gate control device 30C may be integrated with the participation IC card reader / writer 30A or the participation gate 30B. The same applies to the entrance IC card reader / writer 34A, the entrance gate 34B, and the entrance gate control device 34C described below.

  The entrance IC card reader / writer 34A reads the user code 71 from the IC card 38. Further, the decryption key 72 is erased from the IC card 38 based on a command from the entrance gate control device 34C.

  The entrance gate 34B opens and closes based on a command from the entrance gate control device 34C.

  Similar to the entry gate control device 30C, the entrance gate control device 34C is mainly configured by a CPU, a RAM, a ROM, a mass storage device, a network interface, and the like.

  However, the ROM or mass storage device implements a user code extraction unit 341, a user authentication processing unit 342, an opening command unit 343, a decryption key deletion command unit 344, a visitor data transmission unit 345, and the like shown in FIG. Second gate software 7UB for storing is stored. The modules constituting the second gate software 7UB are loaded into the RAM as necessary and executed by the CPU.

  Returning to FIG. 1, the personal computer 4P is a client for the user to receive a print service provided by the image forming apparatus 1A and the private print server 2A. A printer driver is installed in the personal computer 4P. This printer driver converts a document (content) into print data for printing by the image forming apparatuses 1A and 1B. The print data is described in a page description language corresponding to the image forming apparatuses 1A and 1B.

  Next, each part of the image forming apparatus 1A shown in FIG. 3, each part of the image forming apparatus 1B shown in FIG. 4, each part of the private print server 2A shown in FIG. 6, each part of the public print server 2B shown in FIG. Processing contents of each part of the entry gate control device 30C shown in FIG. 11 and each part of the entrance gate control device 34C shown in FIG. 11 will be described.

[Process of receiving print data 73 from personal computer 4P]
The user logs in to the personal computer 4P with his / her user code 71. Further, image data of the document to be printed is prepared in the personal computer 4P. The image data may be prepared by creating a document with an application such as word processing software or drawing software. Alternatively, it is also possible to download WEB page data from a website on the Internet and use this data as image data.

  Then, the user inputs a print command to the personal computer 4P. At this time, both the pull print function and the touch and print function are designated.

  Then, the personal computer 4P generates print data of the document by executing the printer driver. This print data shows the user code 71 of this user. Hereinafter, the generated print data is referred to as “print data 73”. Then, the personal computer 4P transmits the print data 73 to the private print server 2A (see FIG. 6).

  The print data receiving unit 200 of the private print server 2A receives the print data 73 from the personal computer 4P. The print data 73 is stored in the print data storage unit 240.

  Each time the user performs the above operation, the above processing is performed by the personal computer 4P and the print data receiving unit 200, and the print data 73 is accumulated in the print data storage unit 240.

[Touch and print processing when the user is in the company]
When the user is in the facility of the company X, the user can cause one of the image forming apparatuses 1A to print a document based on his / her print data 73 stored in the private print server 2A. Hereinafter, a case where a document is printed on the image forming apparatus 1A1 will be described as an example.

  The user goes to the image forming apparatus 1A1 and touches (tap) his / her IC card 38 on the IC card reader 10k (see FIG. 3) of the image forming apparatus 1A1.

  Then, the IC card reader 10 k reads data including the user code 71 from the IC card 38.

  The user code extraction unit 101 extracts the user code 71 from the data read by the IC card reader 10k.

  The user authentication processing unit 102 determines whether or not the user is a valid person based on the user code 71 extracted by the user code extraction unit 101. That is, user authentication is performed. For example, the user codes 71 of all users may be registered in the database in advance, and if the extracted user code 71 is registered in this database, it may be determined that the user is a valid person. Alternatively, the user code 71 may be notified to the authentication server to perform user authentication.

  When the user authentication processing unit 102 determines that the user is a valid person, the print data acquisition unit 103 requests and downloads the print data 73 from the private print server 2A. At this time, the user code 71 extracted by the user code extraction unit 101 is notified to the private print server 2A.

  The first print data search unit 201 (see FIG. 6) of the private print server 2A searches the print data storage unit 240 for the print data 73 indicating the notified user code 71.

  The first print data transmission unit 202 transmits the retrieved print data 73 to the requesting image forming apparatus 1A (in this example, the image forming apparatus 1A1).

  The print data 73 is deleted from the print data storage unit 240 at a predetermined timing after transmission. For example, it is deleted when a predetermined time (for example, 1 minute) elapses after transmission. Alternatively, when a notification that printing has been completed is received from the image forming apparatus 1A, it is deleted.

  Then, the print control unit 104 (see FIG. 3) of the image forming apparatus 1A1 uses the print data 73 downloaded from the private print server 2A by the print data acquisition unit 103 so that the document is printed on a sheet. To control. Thereby, a printed matter of the document is obtained.

  If a plurality of print data 73 indicating the user code 71 of the user is stored in the print data storage unit 240, the private print server 2A presents a list of these print data 73 to the image forming apparatus 1A and displays the user. Either of them may be selected. Then, only the print data 73 selected by the user may be transmitted to the image forming apparatus 1A.

[Process when user goes outside]
When the user goes out of the facility of the company X, the user must pass through the participation gate 30B (see FIGS. 9 and 10) provided at the exit. Before passing, the user touches his IC card 38 on the IC card reader / writer 30A for participation.

  Then, the participation IC card reader / writer 30 </ b> A (see FIG. 9) reads data including the user code 71 from the IC card 38.

  The user code extraction unit 301 extracts the user code 71 from the data read by the participation IC card reader / writer 30A.

  The user authentication processing unit 302 determines whether or not the user is a valid person based on the extracted user code 71. That is, user authentication is performed. The user authentication method is the same as the user authentication method in the user authentication processing unit 102 described above.

  When the user authentication processing unit 302 determines that the user is a valid person, the opening instruction unit 303 transmits opening instruction data 74 indicating an opening instruction to the participation gate 30B.

  Upon receiving the opening command data 74, the participation gate 30B opens until a certain time (for example, 10 seconds) elapses or the user passes the exit. The user can pass through the entry gate 30B only while it is open.

  The encryption key / decryption key generation unit 304 generates a pair of the decryption key 72 and the encryption key 75 of the public key encryption method before or after or in parallel with the processing by the opening instruction unit 303.

  The decryption key write command unit 305 transmits the decryption key 72 generated by the encryption key / decryption key generation unit 304 to the participation IC card reader / writer 30A and instructs the decryption key 72 to be written to the IC card 38.

  Then, the participation IC card reader / writer 30A writes the decryption key 72 into the touched IC card 38.

  The participant data transmission unit 306 is generated by the user code 71 extracted by the user code extraction unit 301 and the encryption key decryption key generation unit 304 before, after or in parallel with the processing by the decryption key writing command unit 305. The encryption key 75 is transmitted to the private print server 2A.

  The participant data reception unit 211 (see FIG. 6) of the private print server 2A receives the user code 71 and the encryption key 75 from the participation gate control device 30C.

  The second print data search unit 212 searches the print data storage unit 240 for print data 73 indicating the user code 71 received by the participant data reception unit 211.

  The encryption processing unit 213 encrypts the print data 73 retrieved by the second print data retrieval unit 212 using the encryption key 75 received by the participant data reception unit 211. Hereinafter, the encrypted print data 73 is referred to as “encrypted print data 73B”. However, the user code 71 in the print data 73 is not encrypted.

  The second print data transmission unit 214 transmits the encrypted print data 73B generated by the encryption processing unit 213 to the public print server 2B.

  The print data receiving unit 261 (see FIG. 7) of the public print server 2B receives the encrypted print data 73B from the private print server 2A and stores it in the print data storage unit 266.

  Every time a user enters the company X facility, if the user's print data 73 is stored in the private print server 2A, as described above, it is encrypted into the encrypted print data 73B and stored in the print data storage unit 266. Saved. In this way, the encrypted print data 73B is stored in the print data storage unit 266.

[Touch and print processing when the user is outside the company]
When the user is outside the facility of the company X for a business trip or the like, the user can obtain a printed document using the image forming apparatus 1B installed in a convenience store or the like. Hereinafter, a case where a document is printed on the image forming apparatus 1B1 will be described as an example.

  The user touches his / her IC card 38 on the IC card reader 10k (see FIG. 4) of the image forming apparatus 1B (image forming apparatus 1B1 in this example).

  Then, the IC card reader 10 k reads data including the user code 71 and the decryption key 72 from the IC card 38.

  The user code etc. extracting unit 131 extracts the user code 71 and the decryption key 72 from the data read by the IC card reader 10k.

  The user authentication processing unit 132 determines whether or not the user is a valid person based on the user code 71 extracted by the user code etc. extracting unit 131. That is, user authentication is performed. The user authentication method is the same as the user authentication method in the user authentication processing unit 102 described above.

  When the user authentication processing unit 132 determines that the user is a valid person, the print data acquisition unit 133 requests and downloads the encrypted print data 73B from the public print server 2B. At this time, the user code 71 extracted by the user code extraction unit 131 is notified to the public print server 2B.

  When the first print data search unit 262 (see FIG. 7) of the public print server 2B receives the user code 71 from the image forming apparatus 1B1, the encrypted print data 73B indicating the user code 71 is stored in the print data storage unit 266. Search from inside.

  The print data transmission unit 263 transmits the retrieved encrypted print data 73B to the requesting image forming apparatus 1B (in this example, the image forming apparatus 1B1).

  Similarly to the case where the print data 73 is deleted from the print data storage unit 240 (see FIG. 6) after transmission, the encrypted print data 73B is also deleted from the print data storage unit 266 at a predetermined timing after transmission.

  The decryption processing unit 134 (see FIG. 4) of the image forming apparatus 1B1 decrypts the encrypted print data 73B downloaded by the print data acquisition unit 133 using the decryption key 72 extracted by the user code etc. extraction unit 131. That is, the print data 73 is reproduced.

  Then, the print control unit 135 controls the print unit 10f so that the document is printed on the paper using the print data 73 obtained by the decryption processing unit 134. Thereby, a printed matter of the document is obtained.

  If a plurality of encrypted print data 73B indicating the user code 71 of the user is stored in the print data storage unit 266, the public print server 2B displays a list of these encrypted print data 73B in the image forming apparatus 1B. The user may be allowed to select one of them. Then, only the encrypted print data 73B selected by the user may be transmitted to the image forming apparatus 1B.

[Processing when the user enters the facility of Company X]
When entering the facility of the company X, the user must pass through the entrance gate 34B (see FIGS. 10 and 11) provided at the entrance. Before passing, the user touches his / her IC card 38 on the entrance IC card reader / writer 34A.

  Then, the entrance IC card reader / writer 34A (see FIG. 11) reads data including the user code 71 from the IC card 38.

  The user code etc. extracting unit 341 extracts the user code 71 from the data read by the entrance IC card reader / writer 34A. If the decryption key 72 is included, the decryption key 72 is also extracted.

  The user authentication processing unit 342 determines whether or not the user is a valid person based on the extracted user code 71. That is, user authentication is performed. The user authentication method is the same as the user authentication method in the user authentication processing unit 102 described above.

  When the user authentication processing unit 342 determines that the user is a valid person, the opening command unit 343 transmits the opening command data 74 to the entrance gate 34B.

  Upon receiving the opening command data 74, the entrance gate 34B opens until a certain time elapses or the user passes the exit. The user can pass through the entrance gate 34B only while it is open.

  The decryption key deletion command unit 344 transmits, to the entrance IC card reader / writer 34A, deletion command data 76 indicating a command to delete the decryption key 72 before or after the processing by the opening command unit 343.

  Then, the entrance IC card reader / writer 34A deletes (deletes) the decryption key 72 from the touched IC card 38.

  The visitor data transmission unit 345 privately prints the user code 71 and the decryption key 72 extracted by the user code etc. extraction unit 341 before or after or in parallel with the processing by the opening command unit 343 and the decryption key deletion command unit 344. Send to server 2A.

  The visitor data receiving unit 251 (see FIG. 6) of the private print server 2A receives the user code 71 and the decryption key 72 from the entrance gate control device 34C.

  The unused print data acquisition unit 252 requests and downloads the encrypted print data 73B from the public print server 2B. At this time, the user code 71 received by the visitor data receiving unit 251 is notified to the public print server 2B.

  The second print data search unit 264 (see FIG. 7) of the public print server 2B searches the print data storage unit 266 for the encrypted print data 73B indicating the notified user code 71.

  The print data return unit 265 transmits the retrieved encrypted print data 73B to the private print server 2A. That is, the unused encrypted print data 73B is returned to the private print server 2A. After the transmission, the encrypted print data 73B is deleted from the print data storage unit 266.

  The decryption processing unit 253 (see FIG. 6) of the private print server 2A decrypts the encrypted print data 73B acquired by the unused print data acquisition unit 252 with the decryption key 72 received by the visitor data reception unit 251. . That is, the print data 73 is reproduced. Then, the print data 73 is stored again in the print data storage unit 240.

  In this way, the print data 73 that the user has not used outside the company is returned to the private print server 2A.

  FIG. 12 is a flowchart illustrating an example of the overall processing flow of the private print server 2A. FIG. 13 is a flowchart for explaining an example of the overall processing flow of the public print server 2B. FIG. 14 is a flowchart illustrating an example of the overall processing flow of the image forming apparatus 1B.

  Next, the overall processing flow in the private print server 2A, the public print server 2B, and the image forming apparatus 1B will be described with reference to the flowcharts shown in FIGS.

  Each time the private print server 2A receives data from another apparatus (# 801 in FIG. 12), the private print server 2A performs the following processing according to the data.

  When receiving the print data 73 from the personal computer 4P (Yes in # 802), the private print server 2A stores the print data 73 in the print data storage unit 240 (# 803).

  Alternatively, when the user code 71 is received together with the print data request from the image forming apparatus 1A (Yes in # 804), the private print server 2A stores the print data 73 indicating the user code 71 in the print data storage unit 240. (# 805), transmitted to the image forming apparatus 1A, and deleted from the print data storage unit 240 (# 806).

  Alternatively, when the user code 71 and the encryption key 75 are received from the participation gate control device 30C (Yes in # 807), the private print server 2A searches the print data storage unit 240 for the print data 73 indicating the user code 71. Then, the encrypted print data 73B is generated by encrypting the print data 73 with the encryption key 75 (# 809). However, the user code 71 in the print data 73 is not encrypted and is left in plain text. The encrypted print data 73B is transmitted to the public print server 2B (# 810), and the print data 73 is deleted from the print data storage unit 240 (# 811).

  Alternatively, when the user code 71 and the decryption key 72 are received from the entrance gate control device 34C (Yes in # 812), the private print server 2A sends the encrypted print data 73B indicating the user code 71 from the public print server 2B. Download (# 813), and decrypt to print data 73 with this decryption key 72 (# 814). The print data 73 is stored again in the print data storage unit 240 (# 815).

  On the other hand, whenever the public print server 2B receives data from another device (# 821 in FIG. 13), the public print server 2B performs the following processing according to the data.

  When the public print server 2B receives the encrypted print data 73B from the private print server 2A (Yes in # 822), the public print server 2B stores the encrypted print data 73B in the print data storage unit 266 (# 823).

  Alternatively, when the user code 71 is received together with the print data request from the image forming apparatus 1B (Yes in # 824), the public print server 2B sends the encrypted print data 73B indicating the user code 71 to the print data storage unit 266. Are searched for (# 825), transmitted to the image forming apparatus 1B, and deleted from the print data storage unit 266 (# 826).

  Alternatively, when the user code 71 is received together with the request for the encrypted print data from the private print server 2A (Yes in # 827), the public print server 2B stores the encrypted print data 73B indicating the user code 71 as print data. The data is searched from the unit 266 (# 828), transmitted to the private print server 2A, and deleted from the print data storage unit 266 (# 829).

  On the other hand, when reading the user code 71 from the IC card 38 (# 831 in FIG. 14), the image forming apparatus 1B performs user authentication (# 832).

  If the user authentication is successful (Yes in # 833), the image forming apparatus 1B downloads the encrypted print data 73B indicating the read user code 71 from the public print server 2B (# 834) and decrypts it from the IC card 38. The key 72 is read (# 835). Note that the decryption key 72 may be read together with the user code 71 in step # 831.

  The image forming apparatus 1B decrypts the downloaded encrypted print data 73B using the read decryption key 72 (# 836). Thereby, the encrypted print data 73B is reproduced. Then, the document is printed on a sheet based on the reproduced print data 73 (# 837).

  According to this embodiment, the user can receive the pull print service more flexibly than in the past. Moreover, the print data 73 is stored outside the printing system 6 only while the user is outside the office, and the print data 73 is encrypted and stored during that time. Therefore, the print data 73 can be handled safely.

  In addition, the user can print the document on the image forming apparatus even outside the company by simply performing touch-and-print operations in the same manner as in the office.

  15 and 16 are flowcharts for explaining a modification of the overall processing flow of the private print server 2A.

  In this embodiment, the entry gate control device 30C controls the entry IC card reader / writer 30A and the entry gate 30B, and the entry gate control device 34C controls the entry IC card reader / writer 34A and the entry gate 34B. However, it may be performed by the private print server 2A. In this case, all of the user code extraction unit 301 through decryption key write command unit 305 shown in FIG. 9 and the user code etc. extraction unit 341 through decryption key deletion command unit 344 shown in FIG. 11 are provided in the private print server 2A. Just do it. Alternatively, the user authentication processing units 302 and 342 may be left in the entry gate control device 30C and the entrance gate control device 34C, respectively. That is, the user authentication process may be performed by the entry gate control device 30C and the entrance gate control device 34C.

  Here, the overall processing flow of the private print server 2A when the private print server 2A controls the participation IC card reader / writer 30A and the like will be described with reference to the flowcharts of FIGS.

  Each time the private print server 2A receives data from another device (# 841 in FIG. 15), the private print server 2A performs the following processing according to the data.

  When the print data 73 is received from the personal computer 4P and when the user code 71 is received together with the print data request from the image forming apparatus 1A, the processing as previously described in steps # 802 to # 806 of FIG. 12 is performed. (# 842- # 846).

  Alternatively, when the user code 71 of the user who has succeeded in the user authentication is received from the participation gate control device 30C (Yes in # 847, Yes in # 849), the private print server 2A performs the processes of steps # 850 to # 857. Run as appropriate.

  The private print server 2A searches the print data storage unit 240 for the print data 73 indicating the user code 71 received from the participation gate control device 30C (# 850).

  If the print data 73 is found (Yes in # 851), the private print server 2A generates a pair of decryption key 72 and encryption key 75 (# 852). Then, the participation IC card reader / writer 30A is controlled so as to write the decryption key 72 into the IC card 38 (# 853). Further, the encrypted print data 73B is generated by encrypting the found print data 73 using the encryption key 75 (# 854), and transmitted to the public print server 2B (# 855). Then, the print data 73 is deleted from the print data storage unit 240 (# 856).

  Before or after or in parallel with these processes, the private print server 2A opens the participation gate 30B (# 857).

  On the other hand, if the print data 73 is not found (No in # 851), neither encryption processing nor transfer processing to the public print server 2B is required. Therefore, the private print server 2A skips steps # 862 to # 856 and opens the participation gate 30B (# 857).

  Alternatively, when the user code 71 of the user who has succeeded in user authentication is received from the entrance gate control device 34C (Yes in # 847, No in # 849), the private print server 2A performs steps # 858 to # 864 in FIG. The process is appropriately executed.

  The private print server 2A requests the encrypted print data 73B indicating the user code 71 from the public print server 2B and tries to download it (# 858).

  If the encrypted print data 73B has been downloaded (Yes in # 859), the private print server 2A controls the entrance IC card reader / writer 34A to read the decryption key 72 from the IC card 38 (# 860). The decryption key 72 may be read together with the user code 71 first.

  The private print server 2A uses the decryption key 72 to decrypt the downloaded encrypted print data 73B (# 861). As a result, the print data 73 is reproduced. The print data 73 is stored again in the print data storage unit 240 (# 862), and the entrance IC card reader / writer 34A is controlled to delete the decryption key 72 from the IC card 38 (# 863).

  Before or after or in parallel with these processes, the private print server 2A opens the entrance gate 34B (# 864).

  On the other hand, if the encrypted print data 73B could not be downloaded (No in # 859), the private print server 2A controls the entrance IC card reader / writer 34A to delete the decryption key 72 from the IC card 38. (# 863), the entrance gate 34B is opened (# 864).

  If the private print server 2A fails to authenticate the user who is going to participate (No in # 847 in FIG. 15), the private gate 30B is left closed without being opened (# 848). Similarly, if authentication of a user who is going to enter fails (No in # 847 in FIG. 15), the entrance gate 34B is kept open without being opened (# 848).

  In this embodiment, the print data 73 is moved between the private print server 2A and the public print server 2B, but the present invention can also be applied to the exchange of data of other types of content.

  For example, the present invention can be applied to exchange of multimedia data for reproducing music or moving image content. In this case, instead of printing a document on paper, multimedia data may be written to a music player, a mobile phone terminal, a smartphone, or the like carried by the user by USB or Bluetooth. Alternatively, based on the multimedia data, a moving image may be displayed on the touch panel display 10h provided in the image forming apparatuses 1A and 1B, or music may be output from a speaker. A personal computer may be used instead of the image forming apparatuses 1A and 1B.

  Alternatively, it can be applied to exchange of files created by an application such as word processing software or presentation software.

  By the way, although the user touches the IC card 38 on the IC card reader / writer 30A for participation, the user may stop participating in the facility. However, according to the present embodiment, the print data 73 of the user is moved to the public print server 2B. Therefore, this user cannot perform touch and print with the image forming apparatus 1A.

  Therefore, the private print server 2A and the public print server 2B may perform processing as follows.

  Even if the private print server 2A encrypts the print data 73 and transmits it to the public print server 2B, the private print server 2A leaves the print data 73 without deleting it from the print data storage unit 240. That is, the print data 73 is copied and stored in both the private print server 2A and the public print server 2B.

  The public print server 2B records the encrypted print data 73B transmitted to the image forming apparatus 1B.

  When the user touches his / her IC card 38 on the entrance IC card reader / writer 34A, the private print server 2A uses the encrypted print data 73B transmitted from the user to the image forming apparatus 1B as the public print server 2B. Contact If there is such encrypted print data 73B, the private print server 2A deletes the print data 73, which is the basis of the encrypted print data 73B, from the print data storage unit 240.

  In this embodiment, the user code 71 and the decryption key 72 are written in the IC card 38, but instead of the IC card 38, a music player, a mobile phone terminal, a smartphone, or the like incorporating an IC tag may be used.

  In the present embodiment, the decryption key 72 and the encryption key 75 are generated every time the user leaves the facility of the company X, and the decryption key 72 is deleted each time the user enters the facility. The decryption key 72 and the encryption key 75 may continue to be used.

  In the present embodiment, the decryption key 72 and the encryption key 75 of the public key cryptosystem are used, but a key of the common key cryptosystem may be used. In this case, one secret key is issued and used as the decryption key 72 and the encryption key 75.

  In this embodiment, the case where the image forming apparatus 1B is installed in a facility where anyone can enter such as a convenience store has been described as an example. However, the image forming apparatus 1A and the image forming apparatus 1B are installed in separate facilities of the company X, respectively. The present invention can also be applied to such cases. In this case, the public print server 2B may store the print data 73 without encrypting it.

  When the print data 73 is stored in the public print server 2B without being encrypted, the storage location of the print data 73 in the public print server 2B, for example, a URL (Uniform Resource Locator) or a network path is used instead of the decryption key 72. May be written on the IC card 38. Then, the image forming apparatus 1B may download the print data 73 from the public print server 2B based on the storage location stored in the IC card 38. When a URL is used as a storage location, it is desirable to make the path name portion complicated.

  In addition, the configuration of the whole or each part of the printing system 6, the image forming apparatuses 1A and 1B, the private print server 2A, the public print server 2B, and the security gate system 3, the processing content, the processing order, the data configuration, etc. are the gist of the present invention. Can be changed as appropriate.

1A image forming apparatus (first content output apparatus)
1B image forming apparatus (second content output apparatus)
2A Private print server (first content server)
2B Public print server (second content server)
202 1st print data transmission part (1st provision means)
214 Second print data transmission unit (transfer means)
240 Print data storage unit (first storage means)
253 Decryption processing unit (resave control means)
263 Print data transmission unit (second providing means)
265 Print data return section (deletion means)
266 Print data storage unit (second storage means)
3 Security gate system (entrance / exit detection means)
30A participation IC card reader / writer (writing device)
30C participation gate control device (writing control means)
38 IC card (recording medium)
6 Printing system (content provision system)
72 Decryption key 73 Print data (content data)
73B Encrypted print data (content data)

Claims (10)

A first content server that communicates with a first content output device installed at a specific location; and a second content server that communicates with a second content output device installed outside the specific location. A content providing system,
In the first content server,
First storage means for storing content data, which is data for reproducing content, in association with a user;
First providing means for transmitting the content data stored in the first storage means to the first content output apparatus when requested by the first content output apparatus;
Transfer means for transmitting the content data stored in the first storage means to the second content server when the user's exit from the specific location is detected;
Is provided,
In the second content server,
Second storage means for storing the content data transmitted from the first content server in association with the user;
A second provision for transmitting the content data stored in the second storage means to the second content output device when the user is authenticated and requested by the second content output device; Means,
A deletion unit that deletes the content data from the second storage unit when the user's entry to the specific location is detected;
Is provided,
A content providing system characterized by that. The transfer means encrypts the content data and transmits it to the second content server,
The second storage means stores the content data in an encrypted state,
The second providing means transmits the content data in an encrypted state to the second content output device.
The content providing system according to claim 1. The first content server further includes
Write control means is provided for controlling the writing device so that a decryption key for decrypting the content data is recorded on a portable recording medium.
The content providing system according to claim 2. Ingress / egress detection means for detecting the exit and the approach by reading the identification information of the user stored in the recording medium,
The content providing system according to claim 3. The first content server further includes
When the entry is detected, a re-storing control unit that requests and receives the content data from the second content server and stores it in the first storing unit is provided,
The first providing means deletes the content data from the first storage means after transmitting the content data to the first content output device,
The transfer means transmits the content data to the second content server for transmission, and then deletes it from the first storage means,
The second providing means deletes the content data from the second storage means after transmitting the content data to the second content output device,
The deletion unit transmits the content data to the first content server when the content data is requested from the first content server, and then deletes the content data from the second storage unit. ,
The content providing system according to any one of claims 1 to 4. A first content output device installed at a specific location and another content server for providing content data, which is data for reproducing the content, to a second content output device installed outside the specific location; A content server for communication,
Storage means for storing the content data in association with a user;
Providing means for transmitting the content data stored in the storage means to the first content output device when requested by the first content output device;
Transfer means for transmitting the content data stored in the storage means to the other content server when the user's exit from the specific location is detected;
A content server comprising: Another content server for providing content data, which is data for reproducing content, to a first content output device installed at a specific location, and a second content output device installed outside the specific location; A content server for communication,
Storage means for storing the content data transmitted from the other content server in association with a user;
Providing means for transmitting the content data stored in the storage means to the second content output device when the user is authenticated and requested by the second content output device;
A deletion unit that deletes the content data from the storage unit when an entry of the user to the specific location is detected;
A content server comprising: A first content server that communicates with a first content output device installed at a specific location and a second content server that communicates with a second content output device installed outside the specific location are used. Content providing method,
The first content server is
Content data that is data for reproducing the content is stored in the first storage means in association with the user,
When requested by the first content output device, the content data stored in the first storage means is transmitted to the first content output device,
When the user's exit from the specific location is detected, the content data stored in the first storage means is transmitted to the second content server,
The second content server is
Storing the content data transmitted from the first content server in a second storage unit in association with the user;
When the user is authenticated and requested by the second content output device, the content data stored in the second storage means is transmitted to the second content output device;
When the entry of the user to the specific location is detected, the content data is deleted from the second storage means;
A content providing method characterized by the above. A first content output device installed at a specific location and another content server for providing content data, which is data for reproducing the content, to a second content output device installed outside the specific location; A computer program used for a content server for communication,
In the content server,
A process for storing the content data in a storage unit in association with the user;
When requested by the first content output device, the content data stored in the storage means is transmitted to the first content output device,
Executing a process of transmitting the content data stored in the storage unit to the other content server when the user exit from the specific location is detected;
A computer program characterized by the above. Another content server for providing content data, which is data for reproducing content, to a first content output device installed at a specific location, and a second content output device installed outside the specific location; A computer program used for a content server for communication,
In the content server,
Causing the content data transmitted from the other content server to be associated with a user and stored in a storage unit;
When the user is authenticated and requested by the second content output device, a process of transmitting the content data stored in the storage unit to the second content output device is executed.
Causing the content data to be deleted from the storage means when the user's entry to the specific location is detected;
A computer program characterized by the above.

Images