JP2018006935A - Image formation system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an image formation system capable of making a formal document be issued using an image formation device installed in a personal dwelling house or an office.SOLUTION: An MFP 100 comprises: a printing application unit 121 for attaching a signature to user identification information and printing identification information to transmit them to a manager terminal 200; and a printing control unit 122 for decrypting printing permission information using a public key 140, collating the decrypted printing permission information with the printing identification information, and instructing to print document data on dedicated recording paper only when the collation results in agreement. The manager terminal 200 comprises: a printing application determination unit 214 for reading paper identification information linked with the user identification information from an HDD 221, verifying the signature using the read paper identification information as a key, and outputting the printing identification information only when the verification of the signature is successful; and a printing permission information generation unit 215 for generating the printing permission information obtained by encrypting the printing identification information using a secret key 230 and transmitting the printing permission information to the MFP 100.SELECTED DRAWING: Figure 4

Description

  The present invention relates to an image forming system suitable for printing various certificates issued by local governments.

  Various certificate issuance methods have been proposed in consideration of convenience for obtaining various certificates such as family register copies and seal certificates issued by administrative agencies such as local governments.

  For example, Patent Document 1 proposes a document issuance method capable of receiving a document issuance at a location or time convenient for the user. In this technology, when the center side device that transmits the issued data is not operating, the user side device transmits the acceptance data received from the user to the center side device after waiting for the center side device to operate, The document corresponding to the issuance data received from the side device is issued to the user who has applied for issuance.

  Patent Document 2 proposes a certificate issuing system that accepts an issuance reservation at a location and time designated by a user and issues a certificate. In this technology, in a certificate issuance system comprising a center side device for managing / distributing a certificate and one or a plurality of image forming apparatuses, a certificate creating means for creating certificate data according to an application, a certificate The center side device having a transmission means for transmitting the document data to the designated image forming apparatus, the reception means for receiving the certificate data transmitted from the center side device, and the issuing process is started by the user's input An image forming apparatus having an issuing process starting unit, a reading unit that requests the user to present an identification card and reads it, and a personal identification unit that verifies the identity based on information read by the reading unit It is.

JP 2000-259720 A JP 2003-242279 A

  In the document issuance method disclosed in Patent Document 1 described above, even when the center side apparatus is inactive, the issuance acceptance of the document is performed by the user side apparatus. Therefore, the document is issued at a time convenient for the user. In addition, it is possible to issue a document at a location convenient for the user. In the certificate issuing system described in Patent Document 2 described above, the certificate data is transmitted from the center side device to the designated image forming apparatus. Therefore, the certificate is issued at the location and time designated by the user. Is possible.

  However, the document issuing methods disclosed in Patent Documents 1 and 2 have a problem in that it is impossible to manage on which recording paper the certificate data is printed. In other words, official documents such as certificates are generally issued by printing specific document data on dedicated recording paper, but in the prior art, specific document data is printed on recording paper other than dedicated recording paper. There is a risk of being. Accordingly, the certificate issuance has been limited to third party organizations approved by the administrative body that can manage certificate data and dedicated recording paper in association with each other.

  The present invention has been made in view of such a situation, and an image forming system capable of solving the above problems and issuing an official document using an image forming apparatus installed in a private house or company. The purpose is to provide.

An image forming system according to the present invention is an image forming system including an image forming apparatus and an administrator terminal connected via a network, and the image forming apparatus uses paper identification information given to a dedicated recording sheet. A paper information reading unit for reading, a document identification unit for generating document identification information for identifying document data to be printed on the dedicated recording paper, the paper identification information and the document identification information are linked, and the paper identification information and the paper identification information A print identification unit that can uniquely identify document identification information and generates print identification information that cannot reconstruct the paper identification information and the document identification information, and associates the user identification information with the print identification information. And generating a signature of the user identification information and the print identification information using the paper identification information as a key, and attaching the signature to the user identification information and the print identification information. Upon receiving the print application section to be transmitted to the administrator terminal and the print permission information encrypted using the secret key, the print permission information decrypted by the public key paired with the secret key and decrypted And a print control unit that generates print control information for instructing printing of the document data on the dedicated recording paper only when the collation matches, and based on the print control information, A printer control unit that prints document data on the dedicated recording paper, and the administrator terminal stores the user identification information and the paper identification information in association with each other, and the image forming apparatus When the user identification information, the print identification information, and the signature are received from the storage unit, the paper identification information associated with the user identification information is read from the storage unit, and the signature is read. Verifying the paper identification information as a key, if the signature verification is successful only, and print application determination unit that outputs the print identification information,
A print permission information generation unit that generates the print permission information obtained by encrypting the print identification information output from the print application determination unit using the secret key and transmits the generated print permission information to the image forming apparatus. Features.
Further, in the image forming system of the present invention, in the administrator terminal, the storage unit stores the document identification information associated with the paper identification information, and the print application determination unit includes the signature After the verification is successful, the print identification information is generated from the paper identification information and the document identification information stored in the storage unit in the same manner as the print identification unit of the image forming apparatus, and the generated When the print identification information matches the received print identification information, the generated or received print identification information may be output.
According to another aspect of the present invention, there is provided an image forming system including an image forming apparatus and an administrator terminal connected via a network, wherein the image forming apparatus identifies a paper attached to a dedicated recording sheet. A paper information reading unit for reading information, a document identification unit for generating document identification information for identifying document data to be printed on the dedicated recording paper, the paper identification information and the document identification information, A print identification unit that can uniquely identify the document identification information and generates print identification information that cannot reconstruct the paper identification information and the document identification information, and user identification information and the print identification information. And generating encrypted document data obtained by encrypting the document data using the paper identification information as a key, and signing the user identification information, the print identification information, and the encryption A print application for generating a signature of document data by using the paper identification information as a key, and transmitting the signature to the administrator terminal by attaching the signature to the user identification information, the print identification information, and the encrypted document data And the print permission information encrypted using the secret key, decrypted with the public key paired with the secret key, and collated the decrypted print permission information with the print identification information, Only when the collation matches, a print control unit that generates print control information for instructing printing of the document data onto the dedicated recording paper, and based on the print control information, the document data is stored on the dedicated recording paper. A printer control unit for printing, and the administrator terminal stores the user identification information and the paper identification information in association with each other, and stores the user identification information from the image forming apparatus. When receiving the identification information, the print identification information, the encrypted document data, and the signature, the paper identification information associated with the user identification information is read from the storage unit, and the paper identification from which the signature is read Only when the information is verified as a key and the verification of the signature is successful, the encrypted document data is decrypted and output using the read paper identification information as a key, and when the print permission input is received, the print identification information A print application determination unit that outputs the print permission information obtained by encrypting the print identification information output from the print application determination unit using the secret key and transmitting the print permission information to the image forming apparatus And an information generation unit.
According to another aspect of the present invention, there is provided an image forming system including an image forming apparatus and an administrator terminal connected via a network, wherein the image forming apparatus identifies a paper attached to a dedicated recording sheet. A paper information reading unit for reading information, a document identification unit for generating document identification information for identifying document data to be printed on the dedicated recording paper, the paper identification information and the document identification information, A print identification unit that can uniquely identify the document identification information and generates print identification information that cannot reconstruct the paper identification information and the document identification information, and user identification information and the print identification information. And generating encrypted document data obtained by encrypting the document data using the paper identification information as a key, and signing the user identification information, the print identification information, and the encryption A print application for generating a signature of document data by using the paper identification information as a key, and transmitting the signature to the administrator terminal by attaching the signature to the user identification information, the print identification information, and the encrypted document data A print control unit that receives the encrypted changed document data and decrypts the changed document data using the paper identification information, and a printer control unit that prints the decrypted changed document data on the dedicated recording paper. The administrator terminal includes a storage unit in which the user identification information and the paper identification information are associated and stored, and the user identification information, the print identification information, and the encryption from the image forming apparatus. When the document data and the signature are received, the paper identification information associated with the user identification information is read from the storage unit, and the paper identification from which the signature has been read is read. Only when the information is verified as a key and the verification of the signature is successful, the encrypted document data is decrypted and output using the read paper identification information as a key, and the document data changed by the change input is output. A print application determining unit that outputs the changed document data; and the image forming apparatus that generates the encrypted changed document data obtained by encrypting the changed document data output from the print application determining unit using the paper identification information. And a print permission information generation unit to be transmitted.

  According to the image forming system of the present invention, even when the image forming apparatus is installed in a private house or company, the administrator terminal manages document data and dedicated recording paper for printing the document data. And an official document can be issued using the image forming apparatus.

1 is a system configuration diagram showing a first embodiment of an image forming system according to the present invention. FIG. 2 is a block diagram illustrating a configuration example of an MFP illustrated in FIG. 1. It is a block diagram which shows the structural example of the administrator terminal of FIG. FIG. 4 is an explanatory diagram illustrating a printing operation of the first embodiment of the image forming system according to the present invention. It is explanatory drawing explaining the printing operation of 2nd Embodiment of the image forming system which concerns on this invention. It is explanatory drawing explaining the printing operation of 3rd Embodiment of the image forming system which concerns on this invention.

  Embodiments of an image forming system according to the present invention will be described below with reference to the drawings. As an example of the image forming apparatus in the following description, for example, an MFP (multi-peripheral device equipped with a multi-operation function for each job such as copy, print, FAX (Facsimile), a user box function, etc. Multifunction Peripheral).

(First embodiment)
As shown in FIG. 1, an image forming system according to the first embodiment, a plurality of MFPs 100 are connected to an administrator terminal 200 via a network 300 such as the Internet. It is assumed that MFP 100 is installed in a private house or company. That is, the administrator terminal 200 is installed in an issuing organization that issues official documents. The issuing organization is an administrative organization such as a local government. The MFP 100 is installed beside a user who acquires official documents issued by an issuing organization.

  The administrator terminal 200 is assumed to be arranged at an issuing organization that issues official documents, for example, an administrative organization such as a local government that issues various certificates such as a family register copy or a seal certificate. The administrator terminal 200 has a secret key 230 described later, and the MFP 100 has a public key 140 that is paired with the secret key 230 of the administrator terminal 200.

  For official documents such as family register copies and seal certification, the document data provided by the issuing organization such as an administrative organization is printed on an unfilled recording paper (hereinafter referred to as a dedicated recording paper) dedicated to the certificate prepared by the issuing organization. To be issued. Therefore, pre-filled dedicated recording paper is distributed to users based on identity verification. The dedicated recording paper to be distributed is attached with an RF (Radio Frequency) tag storing paper identification information for identifying the individual recording paper. Also, a storage medium such as a USB memory in which document data to be printed on the dedicated recording paper is distributed to the user together with the dedicated recording paper. It may be distributed via the network 300. Note that the document data stored in the storage medium provided to the user is provided in a state accessible only by the MFP 100 of the present invention.

  Next, an example of the configuration of the MFP 100 will be described with reference to FIG. The MFP 100 includes a control unit 110, a scanner unit 130, a printer unit 131, a FAX unit 132, an I / F (interface) 133, a paper information reading unit 134, a panel unit 135, an HDD (Hard disk drive) 136, and a user information reading unit. 137 and a mounting unit (not shown) to which a storage medium 138 storing document data provided from the issuing organization can be mounted.

  The scanner unit 130 inputs image data of a document read by an image sensor (not shown) to the control unit 110. That is, the scanner unit 130 converts an image signal of a document from an image sensor (not shown) into digital image data, and sequentially inputs the digital image data to the control unit 110.

  The printer unit 131 prints an image on a sheet based on the image data output from the control unit 110. The FAX unit 132 transmits the image data output from the control unit 110 to the counterpart facsimile via the telephone line, and receives the image data from the counterpart facsimile and inputs the image data to the control unit 110. That is, the FAX unit 132 compresses and modulates the image data output from the control unit 110 while controlling the connection with a telephone line by an NCU (Network Control Unit) (not shown), and transmits the image data to the counterpart facsimile. The FAX unit 132 demodulates and decompresses image data from the other party's facsimile while connecting to the telephone line via the NCU, and inputs the image data to the control unit 110.

  The I / F 133 communicates with the administrator terminal 200 via the network 300 such as the Internet.

  The paper information reading unit 134 includes a tag reader that can read information from the RF tag, and reads the paper identification information from the RF tag attached to the dedicated recording paper. The paper information reading unit 134 is disposed, for example, in the vicinity of a paper feed tray (not shown) of the MFP 100, and when the dedicated recording paper is set in the paper feed tray, the dedicated recording set in the paper feed tray from the RF tag. The paper identification information for identifying the individual paper is read.

  The panel unit 135 displays operation buttons for selecting any of the printer function, FAX function, and scan function of the MFP 100 and performing various settings. Further, the panel unit 135 displays a setting screen for selecting document data to be printed on a dedicated recording sheet.

  The HDD 136 stores application programs for providing various functions of the MFP 100.

  The user information reading unit 137 includes a card reader that can read information from an IC card or the like, and reads a user ID that is user identification information for identifying the user from an ID card owned by the user. Note that the user ID may be input from the panel unit 135.

  The control unit 110 controls the overall operation of the MFP 100, and includes a scanner control unit 111, a printer control unit 112, a FAX control unit 113, a communication control unit 114, a RAM (Random Access Memory) 115, and a ROM (Read Only Memory). 116, image processing unit 117, paper identification unit 118, document identification unit 119, print identification unit 120, print application unit 121, print control unit 122, panel operation control unit 123, HDD control unit 124, storage medium control unit 125, system A control unit 126 is provided. These are connected to the data bus 127.

  The scanner control unit 111 controls the reading operation of the scanner unit 130. The printer control unit 112 controls the printing operation of the printer unit 131. The FAX control unit 113 controls image data transmission / reception operations by the FAX unit 132. The communication control unit 114 controls communication via the I / F 133.

  The RAM 115 is a work memory for executing a program. The ROM 116 stores a control program for performing an operation check of each unit. The image processing unit 117 performs image processing on image data of a document read by the scanner unit 130, for example. In image processing, processing corresponding to any one of a copy function, a print function, a FAX function, and a user box function is executed.

  The paper identification unit 118 acquires the paper identification information read by the paper information reading unit 134 from the RF tag attached to the dedicated recording paper, and gives it to the print identification unit 120 and the print application unit 121.

  When document data to be printed on the dedicated recording paper is selected by the panel unit 135, the document identification unit 119 generates document identification information for identifying the selected document data and supplies the document identification information to the print identification unit 120. The document identification information is information that can uniquely identify the selected document data. As the document identification information, for example, a hash value of document data calculated using a hash function can be used. The selected document data itself can be used as document identification information.

  The print identification unit 120 generates print identification information in which the paper identification information from the paper identification unit 118 and the document identification information from the document identification unit 119 are associated with each other, and provides the print application unit 121 with the print identification information. The print identification information is information that can uniquely identify the associated paper identification information and document identification information, and cannot reconstruct the paper identification information and document identification information from the print identification information. As the document identification information, for example, paper identification information calculated using a hash function and a hash value of the document identification information can be used.

  The print application unit 121 associates the user ID read by the user information reading unit 137 with the print identification information from the print identification unit 120, and identifies the associated user ID and the signature of the print identification information with HMAC or the like. The paper identification information from the unit 118 is generated as a key. Then, the print application unit 121 attaches the generated signature to the associated user ID and print identification information, and transmits the print request to the administrator terminal 200 via the I / F 133.

  When receiving the print permission information from the administrator terminal 200, the print control unit 122 decrypts the print permission information using the public key 140, and collates the decrypted print permission information with the print identification information from the print identification unit 120. To do. Then, the print control unit 122 generates print control information for instructing the printer control unit 112 to print the selected document data on the dedicated recording sheet only when the collation matches, and the printer control unit To 112. Then, the printer control unit 112 prints the selected document data on a dedicated recording sheet based on the print control information.

  The panel operation control unit 123 controls the display operation of the panel unit 135. The HDD control unit 124 controls writing and reading of data with respect to the HDD 136. The storage medium control unit 125 controls reading of document data stored in the storage medium 138. When the printing of the document data stored in the storage medium 138 for the dedicated recording paper set in the paper feed tray is set, the system control unit 126 is configured to use the paper identification unit 118, the document identification unit 119, the print identification unit 120, It controls processing by the print application unit 121, the print control unit 122, and the like.

  Next, an example of the configuration of the administrator terminal 200 will be described with reference to FIG. The administrator terminal 200 includes a control unit 210, an I / F 220, an HDD 221 and the like. The HDD 221 stores a user ID for identifying the user, paper identification information for identifying the individual of the distributed dedicated recording paper, and document identification information for uniquely identifying the distributed document data when distributing the dedicated recording paper to the user. Are linked and stored. The document identification information is generated from the distributed document data by the same method as the document identification unit 119 of the MFP 100.

  The I / F 220 communicates with the MFP 100 via the network 300 such as the Internet.

  The control unit 210 controls the overall operation of the administrator terminal 200, and includes a communication control unit 211, a RAM 212, a ROM 213, a print application determination unit 214, a print permission information generation unit 215, an HDD control unit 216, and a system control unit 217. It has. These are connected to the data bus 218.

  The communication control unit 211 controls communication via the I / F 220. The RAM 212 is a work memory for executing a program. The ROM 213 stores a control program for checking the operation of each unit.

  When the print application determination unit 214 receives a user ID, print identification information, and the signature as a print application, the print application determination unit 214 reads the paper identification information associated with the received user ID from the HDD 221 and reads the received signature. Verification is performed using the identification information as a key. Then, only when the received signature is successfully verified, the print application determination unit 214 gives the received print identification information to the print permission information generation unit 215 to instruct generation of the print permission information. When a plurality of dedicated recording papers are distributed to the user, the HDD 221 has a plurality of pieces of paper identification information associated with the same user ID. In this case, the print application determination unit 214 verifies the signature using each of the plurality of paper identification information as a key. In addition, after the signature verification is successful, print identification information is generated from the paper identification information and document identification information stored in association with the HDD 221 in the same manner as the print identification unit 120 of the MFP 100, and the generated print identification is generated. If the information matches the received print identification information, the generated or received print identification information may be given to the print permission information generation unit 215 to instruct generation of the print permission information.

  When the print identification information is input, the print permission information generation unit 215 encrypts the print identification information input using the secret key 230, and uses the encrypted print identification information as the print permission information via the I / F 220. To the MFP 100.

  The HDD control unit 216 controls data writing to and reading from the HDD 221. When the system control unit 217 receives print identification information, which will be described later, mainly from the MFP 100, the system control unit 217 controls operations by the print application determination unit 214 and the print permission information generation unit 215.

  Next, with reference to FIG. 4, an example of a flow from the image forming system to setting on a paper feed tray, selecting a dedicated recording sheet, and printing document data will be described.

  First, in MFP 100, when the user sets a dedicated recording sheet on the paper feed tray (step S101), the paper information reading unit 134 reads the paper identification information from the RF tag added to the dedicated recording sheet (step S102). Here, the paper identification unit 118 acquires the paper identification information read by the paper information reading unit 134 and gives it to the print identification unit 120 and the print application unit 121 (step S103).

  In addition, the user holds the iD card storing the user ID for identifying himself / herself over the user information reading unit 137 (step S104), and the user information reading unit 137 reads the user ID from the ID card (step S105).

  In addition, the user selects document data to be printed on the dedicated recording paper using the panel unit 135 (step S106). The document information selected by the user is given to the document identification unit 119 and the printer control unit 112.

  Next, the document identification unit 119 generates document identification information for identifying the document data selected in step S106, and provides the document identification information to the print identification unit 120 (step S107). The print identification unit 120 generates print identification information in which the paper identification information from the paper identification unit 118 and the document identification information from the document identification unit 119 are associated with each other, and gives the print identification information to the print application unit 121 and the print control unit 122. (Step S108).

  The print application unit 121 associates the user ID read in step S105 with the print identification information from the print identification unit 120, and sends the associated user ID and the print identification information signature from the paper identification unit 118 using HMAC or the like. Is generated using the paper identification information as a key, and the generated signature is attached to the associated user ID and print identification information, and transmitted as a print application to the administrator terminal 200 via the I / F 133 (step S109).

  When the print application determination unit 214 of the administrator terminal 200 receives the user ID and the print identification information and the signature as the print application, the HDD 221 receives the paper identification information and the document identification information associated with the received user ID. (Step S110), and the received signature is verified using the read paper identification information as a key. When the received signature is successfully verified, the print application determination unit 214 performs print identification using the same method as the print identification unit 120 of the MFP 100 from the paper identification information and document identification information stored in association with the HDD 221. Information is generated, and when the generated print identification information matches the received print identification information, the generated or received print identification information is given to the print permission information generation unit 215 to instruct generation of the print permission information (Step S1). S111).

  When the print identification information is input, the print permission information generation unit 215 encrypts the print identification information input using the secret key 230, and uses the encrypted print identification information as the print permission information via the I / F 220. To the MFP 100 (step S112).

  Upon receiving the print permission information from the administrator terminal 200, the print control unit 122 of the MFP 100 decrypts the print permission information using the public key 140, the decrypted print permission information, and the print identification information from the print identification unit 120. To match. Then, the print control unit 122 outputs print control information for instructing the printer control unit 112 to print the selected document data on the dedicated recording paper only when the collation matches (step S113). When the print control information is input, the printer control unit 112 prints the selected document data on a dedicated recording sheet (step S114).

As described above, the first embodiment is an image forming system including the MFP 100 and the administrator terminal 200 connected via the network 300. The MFP 100 is a sheet attached to a dedicated recording sheet. A paper information reading unit 134 for reading the identification information, a document identification unit 119 for generating document identification information for identifying the document data to be printed on the dedicated recording paper, the paper identification information and the document identification information, The print identification unit 120 that can uniquely identify the document identification information and generates the print identification information that cannot reconstruct the paper identification information and the document identification information, and the user identification information and the print identification information, Using the paper identification information as a key, a signature of the user identification information and the print identification information is generated, and the signature is attached to the user identification information and the print identification information, and the administrator terminal 2 When the print application section 121 to be transmitted to 0 and the print permission information encrypted using the private key 230 are received, the public key 140 paired with the private key 230 is decrypted, and the decrypted print permission information is displayed. The print control unit 122 that generates print control information for instructing printing of the document data on the dedicated recording paper only when the check is matched with the print identification information, and the document data is recorded based on the print control information. The administrator terminal 200 includes an HDD 221 in which user identification information and paper identification information are stored in association with each other, and the user identification information, print identification information, and signature from the MFP 100. Is received from the HDD 221, the paper identification information associated with the user identification information is read from the HDD 221 and verified using the paper identification information from which the signature has been read as a key. Only when the verification is successful, the print application determination unit 214 that outputs the print identification information and the print permission information obtained by encrypting the print identification information output from the print application determination unit 214 using the secret key 230 are generated. And a print permission information generation unit 215 that transmits to the MFP 100.
With this configuration, even when the MFP 100 is installed in a private house or company, the administrator terminal 200 can manage document data and a dedicated recording sheet for printing the document data. Official documents can be issued. Therefore, it is not necessary to go to a third party organization recognized by the issuing organization in order to have the official document such as a certificate issued, and the convenience of issuing the official document can be improved. In addition, when the dedicated recording paper is distributed, the issuing institution itself can perform face-to-face identity verification, improving the reliability of identity confirmation. Printing can be performed by other than the certificate issuing organization, and the third party does not need to confirm the identity when the certificate is issued, thereby improving convenience.

Further, in the first embodiment, in the administrator terminal 200, the HDD 221 stores document identification information associated with the paper identification information, and the print application determination unit 214 has successfully verified the signature. After that, print identification information is generated from the paper identification information and document identification information stored in the HDD 221 by the same method as the print identification unit 120 of the MFP 100, and the generated print identification information matches the received print identification information. In this case, the generated or received print identification information is output.
With this configuration, it is possible to easily verify whether document data to be printed on the dedicated recording paper in MFP 100 is valid.

(Second Embodiment)
The image forming system according to the second embodiment will be described in detail with reference to FIG. In addition, about the structure same as 1st Embodiment, the same code | symbol is provided and description is abbreviate | omitted suitably.
In the image forming system according to the second embodiment, the print application unit 121a of the MFP 100a associates the user ID read by the user information reading unit 137 with the print identification information from the print identification unit 120, and displays the paper identification information. Encrypted document data obtained by encrypting the document data selected in step S106 as a key is generated. In the second embodiment, the document data that can be selected in step S106 is not limited to that provided by the issuing organization, but is a document created by the user or provided by a third party. It may be data.

  Then, the print application unit 121a generates the associated user ID and the signature of the print identification information and the signature of the generated encrypted document data by using the paper identification information from the paper identification unit 118 as a key by HMAC or the like. . Further, the print application unit 121a and the print application unit 121 attach the generated signature to the associated user ID and print identification information and the generated encrypted document data, respectively. It transmits to the administrator terminal 200a via F133.

  When the print application determination unit 214a of the administrator terminal 200a receives the user ID and print identification information, the encrypted document data, and the respective signatures as a print application, the paper identification information associated with the received user ID. Is read from the HDD 221 (step S202), and the signature of the user ID and the print identification information and the signature of the encrypted document data are verified using the read paper identification information as a key. If the verification of both the user ID and the signature of the print identification information and the signature of the encrypted document data is successful, the print application determination unit 214a uses the paper identification information read in step S202 as a key to encrypt the document data. Is output from display means such as a display (not shown) or printing means such as a printer.

  Thereby, the administrator of the issuing organization can visually confirm the document data that the user intends to print on the dedicated recording paper, and can determine whether printing is possible. When the administrator of the issuing organization approves printing, the printing application determination unit 214a inputs the received printing identification information to the printing permission information generation unit 215 by inputting printing permission from an input unit such as a keyboard (not shown). The generation of print permission information is instructed (step S111). Thereafter, the selected document data is printed on a dedicated recording sheet in the same steps as in the first embodiment.

As described above, the second embodiment is an image forming system including the MFP 100a and the administrator terminal 200a connected via the network 300, and the MFP 100a is a sheet attached to a dedicated recording sheet. A paper information reading unit 134 for reading the identification information, a document identification unit 119 for generating document identification information for identifying the document data to be printed on the dedicated recording paper, the paper identification information and the document identification information, The print identification unit 120 that can uniquely identify the document identification information and generates the print identification information that cannot reconstruct the paper identification information and the document identification information, and the user identification information and the print identification information, Encrypted document data is generated by encrypting the document data using the paper identification information as a key. The signature of the user identification information and the print identification information and the encrypted document data A print application unit 121a that generates a name and paper identification information as a key, attaches a signature to the user identification information, print identification information, and encrypted document data, and transmits it to the administrator terminal 200a, and a secret key 230 When the print permission information encrypted by using is received, it is decrypted with the public key 140 paired with the private key 230, and the decrypted print permission information is collated with the print identification information. A print control unit 122 that generates print control information for instructing printing of document data on a dedicated recording sheet, and a printer control unit 112 that prints document data on a dedicated recording sheet based on the print control information. The user terminal 200a includes an HDD 221 in which user identification information and paper identification information are linked and stored, and user identification information and print identification information from the MFP 100a. When the encoded document data and the signature are received, the paper identification information associated with the user identification information is read from the HDD 221 and verified using the paper identification information from which the signature has been read as a key. The encrypted document data is decrypted and output using the read paper identification information as a key, and upon receiving a print permission input, the print application determination unit 214a outputs the print identification information, and the print identification output from the print application determination unit 214a A print permission information generation unit 215 that generates print permission information obtained by encrypting the information using the secret key 230 and transmits the print permission information to the MFP 100a.
With this configuration, the administrator of the issuing organization can visually confirm the document data that the user intends to print on the dedicated recording paper, and can determine whether printing is possible.

(Third embodiment)
An image forming system according to the third embodiment will be described in detail with reference to FIG. In addition, about the structure same as 2nd Embodiment, the same code | symbol is provided and description is abbreviate | omitted suitably.
In the image forming system according to the third embodiment, the paper identification unit 118a of the MFP 100b acquires the paper identification information read by the paper information reading unit 134, and the print identification unit 120, the print application unit 121, and the print control unit 122a. (Step S301).

  Also, the print identification unit 120a generates print identification information in which the paper identification information from the paper identification unit 118a and the document identification information from the document identification unit 119 are associated with each other, and supplies the print identification information to the print application unit 121 (step S302). .

  When the print application determination unit 214b of the administrator terminal 200b receives the user ID and print identification information, the encrypted document data, and the respective signatures as the print application, the paper identification information associated with the received user ID. Is read from the HDD 221 (step S202), and the signature of the user ID and the print identification information and the signature of the encrypted document data are verified using the read paper identification information as a key. When the verification of both the user ID and the signature of the print identification information and the signature of the encrypted document data is successful, the print application determination unit 214b uses the paper identification information read in step S302 as a key to encrypt the document data. Is decrypted and output from a display means such as a display (not shown) or a printing means such as a printer, and the addition / correction of the administrator of the issuing organization is accepted for the decrypted document data (step S303).

  As a result, the administrator of the issuing organization can add or modify the document data that the user intends to print on the dedicated recording paper after visually confirming the document data. Then, when the administrator of the issuing institution approves the printing of the document data that has been added / corrected, the print application determination unit 214b can input the print permission from an input unit such as a keyboard (not shown) so that the added / corrected document The data is changed document data, and the changed document data and the paper identification information read in step S202 are given to the print permission information generation unit 215a (step S304).

  The print permission information generation unit 215a generates encrypted changed document data obtained by encrypting the changed document data using the paper identification information as a key, and the MFP 100b through the I / F 220 as the generated encrypted changed document data as the print permission information. (Step S305).

  Upon receiving the encrypted changed document data from the administrator terminal 200b, the print control unit 122a of the MFP 100b decrypts the encrypted changed document data using the paper identification information, and outputs the decoded changed document data to the printer control unit 112a. (Step S306). Then, the printer control unit 112a prints the input encrypted change document data on a dedicated recording sheet (step S307).

As described above, the third embodiment is an image forming system including the MFP 100b and the administrator terminal 200b connected via the network 300, and the MFP 100b is a sheet attached to a dedicated recording sheet. A paper information reading unit 134 for reading the identification information, a document identification unit 119 for generating document identification information for identifying the document data to be printed on the dedicated recording paper, the paper identification information and the document identification information, The print identification unit 120 that can uniquely identify the document identification information and generates the print identification information that cannot reconstruct the paper identification information and the document identification information, and the user identification information and the print identification information, Encrypted document data is generated by encrypting the document data using the paper identification information as a key. The signature of the user identification information and the print identification information and the encrypted document data A print application unit 121a that generates a name and a paper identification information as a key, attaches a signature to user identification information, print identification information, and encrypted document data, and transmits the encrypted document data to the administrator terminal 200b; When the data is received, the printing apparatus includes a print control unit 122a that decrypts the changed document data using the paper identification information, and a printer control unit 112a that prints the decrypted changed document data on the dedicated recording paper. When the user identification information, the print identification information, the encrypted document data, and the signature are received from the MFP 100b, 200b is associated with the user identification information. The paper identification information read from the HDD 221 is verified using the paper identification information from which the signature is read as a key, and the signature verification is successful. Only when the read paper identification information is used as a key, the encrypted document data is decrypted and output, and the document data changed by the change input is output as changed document data, and the print application determining unit 214b. A print permission information generating unit 215a that generates encrypted changed document data obtained by encrypting the changed document data output from the paper identification information using the paper identification information and transmits the data to the MFP 100b.
With this configuration, the administrator of the issuing organization can add or modify the document data that the user intends to print on the dedicated recording paper after visually confirming it.

  Note that the present invention is not limited to the above-described embodiments, and it is obvious that the embodiments can be appropriately changed within the scope of the technical idea of the present invention. In addition, the number, position, shape, and the like of the constituent members are not limited to the above-described embodiment, and can be set to a suitable number, position, shape, and the like in practicing the present invention. In each figure, the same numerals are given to the same component.

100, 100a, 100b MFP
110 Control Unit 111 Scanner Control Unit 112, 112a Printer Control Unit 113 FAX Control Unit 114 Communication Control Unit 115 RAM
116 ROM
117 Image processing unit 118, 118a Paper identification unit 119 Document identification unit 120, 120a Print identification unit 121, 121a Print application unit 122, 122a Print control unit 123 Panel operation control unit 124 HDD control unit 125 Storage medium control unit 126 System control unit 127 Data bus 130 Scanner unit 131 Printer unit 132 FAX unit 133 I / F
134 Paper Information Reading Unit 135 Panel Unit 136 HDD
137 User information reading unit 138 Storage medium 140 Public keys 200, 200a, 200b Administrator terminal 210 Control unit 211 Communication control unit 212 RAM
213 ROM
214, 214a, 214b Print application determination unit 215, 215a Print permission information generation unit 216 HDD control unit 217 System control unit 218 Data bus 220 I / F
221 HDD
230 private key 300 network

Claims (4)

An image forming system comprising an image forming apparatus and an administrator terminal connected via a network,
The image forming apparatus includes:
A paper information reading unit for reading the paper identification information given to the dedicated recording paper;
A document identification unit for generating document identification information for identifying document data to be printed on the dedicated recording paper;
Print identification information that associates the paper identification information with the document identification information, can uniquely identify the paper identification information and the document identification information, and cannot reconstruct the paper identification information and the document identification information. A print identification unit for generating
The user identification information and the print identification information are linked, and the user identification information and the print identification information signature are generated using the paper identification information as a key, and the signature is attached to the user identification information and the print identification information. And a print application part to be transmitted to the administrator terminal,
When print permission information encrypted using a private key is received, decryption is performed using the public key paired with the private key, and the decrypted print permission information is collated with the print identification information. A print control unit that generates print control information that instructs printing of the document data onto the dedicated recording paper only when
A printer control unit that prints the document data on the dedicated recording paper based on the print control information;
The administrator terminal is
A storage unit that stores the user identification information and the paper identification information in association with each other;
When the user identification information, the print identification information, and the signature are received from the image forming apparatus, the paper identification information associated with the user identification information is read from the storage unit, and the paper identification information from which the signature is read A print application determination unit that outputs the print identification information only when signature verification is successful, and
A print permission information generation unit that generates the print permission information obtained by encrypting the print identification information output from the print application determination unit using the secret key and transmits the generated print permission information to the image forming apparatus. A featured image forming system. In the administrator terminal,
The storage unit stores the document identification information associated with the paper identification information,
After the signature verification is successful, the print application determination unit determines the print identification in the same manner as the print identification unit of the image forming apparatus from the paper identification information and the document identification information stored in the storage unit. 2. The image forming system according to claim 1, wherein information is generated, and the generated or received print identification information is output when the generated print identification information matches the received print identification information. An image forming system comprising an image forming apparatus and an administrator terminal connected via a network,
The image forming apparatus includes:
A paper information reading unit for reading the paper identification information given to the dedicated recording paper;
A document identification unit for generating document identification information for identifying document data to be printed on the dedicated recording paper;
Print identification information that associates the paper identification information with the document identification information, can uniquely identify the paper identification information and the document identification information, and cannot reconstruct the paper identification information and the document identification information. A print identification unit for generating
The user identification information is associated with the print identification information, and encrypted document data is generated by encrypting the document data using the paper identification information as a key. The user identification information, the signature of the print identification information, and the encryption A print for generating a signature of the encrypted document data using the paper identification information as a key, and attaching the signature to the user identification information, the print identification information, and the encrypted document data, and transmitting the signature to the administrator terminal The application department,
When print permission information encrypted using a private key is received, decryption is performed using the public key paired with the private key, and the decrypted print permission information is collated with the print identification information. A print control unit that generates print control information that instructs printing of the document data onto the dedicated recording paper only when
A printer control unit that prints the document data on the dedicated recording paper based on the print control information;
The administrator terminal is
A storage unit that stores the user identification information and the paper identification information in association with each other;
When the user identification information, the print identification information, the encrypted document data, and the signature are received from the image forming apparatus, the paper identification information associated with the user identification information is read from the storage unit, and the signature Only when the signature verification is successful and the signature verification is successful, the encrypted document data is decrypted and output using the read paper identification information as a key, and a print permission input is performed. A print application determination unit that outputs the print identification information upon receipt;
A print permission information generation unit that generates the print permission information obtained by encrypting the print identification information output from the print application determination unit using the secret key and transmits the generated print permission information to the image forming apparatus. A featured image forming system. An image forming system comprising an image forming apparatus and an administrator terminal connected via a network,
The image forming apparatus includes:
A paper information reading unit for reading the paper identification information given to the dedicated recording paper;
A document identification unit for generating document identification information for identifying document data to be printed on the dedicated recording paper;
Print identification information that associates the paper identification information with the document identification information, can uniquely identify the paper identification information and the document identification information, and cannot reconstruct the paper identification information and the document identification information. A print identification unit for generating
The user identification information is associated with the print identification information, and encrypted document data is generated by encrypting the document data using the paper identification information as a key. The user identification information, the signature of the print identification information, and the encryption A print for generating a signature of the encrypted document data using the paper identification information as a key, and attaching the signature to the user identification information, the print identification information, and the encrypted document data, and transmitting the signature to the administrator terminal The application department,
A print control unit that receives the encrypted changed document data and decrypts the changed document data using the paper identification information;
A printer controller that prints the decrypted changed document data on the dedicated recording paper;
The administrator terminal is
A storage unit that stores the user identification information and the paper identification information in association with each other;
When the user identification information, the print identification information, the encrypted document data, and the signature are received from the image forming apparatus, the paper identification information associated with the user identification information is read from the storage unit, and the signature The encrypted document data is decrypted and output using the read paper identification information as a key, and is changed by a change input only when the verification of the signature is successful. A print application determination unit that outputs the document data as changed document data;
A print permission information generating unit that generates the encrypted changed document data obtained by encrypting the changed document data output from the print application determination unit using the paper identification information and transmits the encrypted changed document data to the image forming apparatus. An image forming system.

Images