JP2018107612A - Communication device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a technology that, depending on whether a value stored in a memory of a communication device needs to be encrypted or not, is able to appropriately perform supply of the value to an external device.SOLUTION: A communication device acquires external supply information from an external device and supplies the external device with value data including at least one value in a memory. In a case where it is determined that a predetermined condition is satisfied, the communication device generates first value data including a first value of a first item with a first secrecy order and a second value of a second item with a second secrecy order higher than the first secrecy order, and supplies the external device with first encrypted data generated from the first value data. In a case where it is determined that the predetermined condition is not satisfied, the communication device generates second value data including the first value but not including the second value and supplies the external device with the second value data without encrypting the second value data.SELECTED DRAWING: Figure 2

Description

  The present specification discloses a technique for supplying a value stored in a memory of a communication device to an external device.

  Patent Document 1 discloses a technique for supplying a plurality of setting data set in a first terminal to a second terminal. A security level is assigned to each of the plurality of setting data. When the first terminal accepts a predetermined operation, the first terminal includes a plurality of setting data, a first type of data having a level lower than a specific security level, and a second type of data having a level higher than a specific security level. And sort. The first terminal encrypts the second type of data using the encryption key and does not encrypt the first type of data. The first terminal generates a QR code (registered trademark) including a public part that is an area including the first type of data and a private part that is an area including the encrypted second type of data, The QR code is displayed on the liquid crystal display of the first terminal. The second terminal reads the QR code displayed on the liquid crystal display of the first terminal, decrypts the encrypted data included in the private part of the QR code, and acquires the second type of data.

Japanese Patent Laying-Open No. 2015-121662

  In the above technique, it is assumed that the first terminal displays a QR code including encrypted data, and it is assumed that the first terminal displays a QR code including only unencrypted data. Not done.

  The present specification provides a technique that can appropriately supply a value to an external device depending on whether or not to encrypt a value stored in a memory of a communication device.

  The communication device disclosed in this specification is a memory that stores, for each of a plurality of items of information related to the communication device, the value of the item and the confidentiality ranking of the item in association with each other. The plurality of items includes: a first item having a first confidentiality ranking; and a second item having a second confidentiality ranking higher than the first confidentiality ranking; An acquisition unit for acquiring external supply information for supplying at least one value in the memory from the external device to the external device; and the at least one in the memory in response to acquiring the external supply information And a supply unit for supplying value data including individual values to the external device. The supply unit obtains the external supply information, and determines whether or not a predetermined condition related to encryption of the value data is satisfied, and the predetermined condition is A first generation unit that generates first value data including a first value of the first item and a second value of the second item when it is determined that the value is satisfied; A first cipher for generating first encrypted data by encrypting the first value data using an encryption key stored in the memory when the first value data is generated; A first data supply unit that supplies the first encrypted data to the external device when the first encrypted data is generated, and the predetermined condition is determined not to be satisfied. The second value data including the first value and not including the second value. A second generation unit configured to supply the second value data to the external device without encrypting the second value data when the second value data is generated; The data supply unit may be provided.

  According to the above configuration, when it is determined that the predetermined condition is satisfied, the communication apparatus generates the first value data including the second value having a relatively high confidentiality rank, and the first value The data is encrypted, and the first encrypted data is supplied to the external device. Thus, since the 1st encryption data is supplied to an external device, it can control that the 2nd value which has a comparatively high secret ranking is acquired by the third party. On the other hand, when it is determined that the predetermined condition is not satisfied, the communication device generates second value data not including the second value having a relatively high confidentiality order, and encrypts the second value data. Without this, the second value data is supplied to the external device. As described above, since the second value data does not include the second value, even if the second value data is supplied to the external device without being encrypted, the second value data having a relatively high confidentiality ranking is used. Can be suppressed by a third party. Therefore, the communication device can appropriately execute the supply of the value to the external device depending on whether or not the value stored in the memory of the communication device should be encrypted.

  A control method, a computer program, and a computer-readable recording medium storing the computer program for realizing the communication device are also novel and useful.

1 shows a configuration of a communication system. The flowchart of the supply process of 1st Example is shown. In the first embodiment, a case A1 for obtaining an item file from the terminal device and a case A2 for obtaining an encrypted item file from the terminal device are shown. The flowchart of the supply process of 2nd Example is shown. In the second embodiment, cases B1 and B2 for acquiring item files from the terminal device and case B3 for acquiring an encrypted item file from the terminal device are shown. The flowchart of the supply process of 3rd Example is shown. FIG. 7 is a flowchart continued from FIG. 6. FIG. In the third embodiment, a case C1 for acquiring a common key item file from the terminal device and a case C2 for acquiring a password item file from the terminal device are shown.

(First embodiment)
(Configuration of communication system 2; FIG. 1)
As shown in FIG. 1, the communication system 2 includes a printer 10 and a terminal device 100. The devices 10 and 100 belong to the same LAN (abbreviation of Local Area Network) 4 and can communicate with each other via the LAN 4.

(Configuration of Printer 10; FIG. 1)
The printer 10 is a peripheral device that can execute a printing function (that is, a peripheral device of the terminal device 100). The printer 10 includes a network interface 16 and a control unit 20. Each unit 16 and 20 is connected to a bus line (reference numeral omitted). The network interface 16 is an interface for performing wireless communication, and is connected to the AP 6 (so-called wireless LAN 4). In a modification, the network interface 16 may be an interface for executing wired communication. In this case, the LAN 4 is a so-called wired LAN. Hereinafter, the interface is referred to as “I / F”.

  The control unit 20 includes a CPU 22 and a memory 24. The CPU 22 executes various processes according to the program 26 stored in the memory 24. The memory 24 is configured by a volatile memory, a nonvolatile memory, or the like. The memory 24 further stores a confidential table 28 and a plurality of values 30 corresponding to a plurality of items of information related to the printer 10.

  The confidential table 28 is a table in which, for each of a plurality of items, an item name indicating the item and a confidentiality ranking of the item are associated with each other. The item name “sleep time” indicates an item corresponding to a standby time for the printer 10 to shift from the normal mode to the power saving mode. The item name “sleep time” is associated with “Lv1” indicating the lowest secret order. The item name “remaining amount” indicates an item corresponding to the current remaining amount of printing agent (for example, toner, ink, etc.) stored in a cartridge (not shown) that is detachable from the printer 10. The item name “SSID” indicates an item corresponding to an SSID (abbreviation of Service Set Identifier) for identifying the wireless LAN 4 to which the printer 10 currently belongs. The item names “remaining amount” and “SSID” are associated with “Lv2” indicating a higher-ranking confidentiality order than “Lv1”. Further, the printer 10 allows the value 30 in the memory 24 to be changed on condition that the password is input to the printer 10 by the user and the authentication of the password is successful. The item name “password” indicates an item corresponding to the password used for this authentication. The item name “password” is associated with “Lv3” indicating the highest secret order.

  The plurality of values 30 are associated with a plurality of item names in the confidential table 28. A value “100” associated with the item name “sleep time” indicates that the standby time for shifting from the normal mode to the power saving mode is 100 seconds. Similarly, each other value is also associated with each item name in the confidential table 28. The value “50%” indicates that the current remaining amount of the printing agent in the cartridge is 50%. The value “ss001” indicates the SSID of the wireless LAN 4 to which the printer 10 currently belongs. The value “xxxxx” indicates the password stored in the memory 24 by the user.

(Configuration of terminal device 100; FIG. 1)
The terminal device 100 is a user terminal such as a desktop PC (abbreviation of Personal Computer), a notebook PC, or a mobile terminal. The terminal device 100 stores an item file 130. The item file 130 is a file in which item data including one or more item names corresponding to one or more values to be supplied from the printer 10 to the terminal device 100 is described in a predetermined format. The predetermined format is, for example, a JSON (abbreviation of JavaScript (registered trademark) Object Notation) format, an XML (abbreviation of Extensible Markup Language) format, or the like. In the example of FIG. 1, the item file 130 includes an item name “sleep time”, an item name “remaining amount”, an item name “SSID”, and an item name among a plurality of item names in the confidential table 28. Includes "password".

  When the terminal device 100 should acquire information from the printer 10 (for example, when an operation for acquiring information is performed by the user), the terminal device 100 includes an item file 130 or an encrypted item file via the LAN 4 Information is supplied to the printer 10. The external supply information is information for supplying one or more values corresponding to one or more item names in the item file 130 to the terminal device 100.

  When the terminal device 100 receives an instruction to select the item file 130 from the user, the terminal device 100 displays an input screen for inputting a password. When the password “xxxxx” stored in the printer 10 is input to the input screen, the terminal device 100 generates an encrypted item file by encrypting the item file 130 using the input password as an encryption key. Then, the terminal device 100 supplies the external supply information including the encrypted item file and the encrypted information indicating that the item file is encrypted to the printer 10. The item file 130 is encrypted according to a common key encryption method. The common key encryption method is a method in which encryption and decryption are executed with the same predetermined key, and is, for example, AES (abbreviation of Advanced Encryption Standard).

  On the other hand, when no password is input on the input screen, the terminal device 100 supplies the external supply information including the item file 130 to the printer 10 without encrypting the item file 130. In this case, the external supply information does not include encryption information.

(Supply processing; Fig. 2)
Next, the contents of processing executed by the CPU 22 of the printer 10 according to the program 26 will be described with reference to FIG. This process is started when the printer 10 is turned on.

  In S <b> 10, the CPU 22 monitors the acquisition of external supply information from the terminal device 100 via the network I / F 16. When the CPU 22 acquires the external supply information from the terminal device 100 (YES in S10), the CPU 22 proceeds to S12.

  In S12, the CPU 22 determines whether or not the acquired external supply information includes encryption information. If the CPU 22 determines that the external supply information includes encryption information (YES in S12), the CPU 22 proceeds to S14. If the CPU 22 determines that the external supply information does not include encryption information (NO in S12), S14 is performed. Skip to step S20.

  In S14, the CPU 22 acquires the password “xxxxx” corresponding to the item name “password” from the memory 24, and decrypts the encrypted item file included in the externally supplied information using the password “xxxxx” as a decryption key. Thereby, CPU22 acquires an item file.

  In S20, the CPU 22 specifies a target item name from one or more item names in the item file. In S22, the CPU 22 determines whether or not the external supply information includes encryption information, as in S12. Here, when it is determined that the externally supplied information includes the encryption information, it means that the terminal device 100 has executed the encryption of the item file using the password. Therefore, the terminal device 100 can execute decryption using the password. In such a situation, since the printer 10 can supply the terminal device 100 with the encrypted information using the password, a value corresponding to the item name having a relatively high security ranking “Lv2” is set. It supplies to the terminal device 100. On the other hand, when it is determined that the externally supplied information does not include the encryption information, it means that the terminal device 100 has not executed encryption of the item file. Therefore, the terminal device 100 cannot execute decryption using a password. In such a situation, the printer 10 cannot supply the encrypted information to the terminal device 100, and therefore does not supply the terminal device 100 with a value corresponding to the item name having a relatively high security ranking “Lv2”. . As described above, the printer 10 switches information to be supplied to the terminal device 100 based on whether or not the external supply information includes encryption information. If the CPU 22 determines that the external supply information includes encryption information (YES in S22), the CPU 22 proceeds to S24. If the CPU 22 determines that the external supply information does not include encryption information (NO in S22), the process proceeds to S28. move on.

  In S24, the CPU 22 uses the confidential table 28 to determine whether or not the confidentiality ranking corresponding to the target item name is “Lv2” or lower (that is, “Lv1” or “Lv2”). When the CPU 22 determines that the confidentiality ranking of the target item name is “Lv2” or less (YES in S24), the CPU 22 adds the target item name to the target list in S26. The target list is a list of item names corresponding to values to be supplied to the terminal device 100. On the other hand, when the CPU 22 determines that the confidentiality ranking of the target item name is “Lv3” (NO in S24), it skips S26 and proceeds to S40.

  In S28, the CPU 22 uses the confidential table 28 to determine whether or not the confidentiality ranking of the target item name is “Lv1”. When the CPU 22 determines that the confidentiality ranking of the target item name is “Lv1” (YES in S28), the CPU 22 adds the target item name to the target list in S26. On the other hand, when determining that the confidentiality ranking of the target item name is “Lv2” or higher (that is, “Lv2” or “Lv3”) (NO in S28), the CPU 22 skips S26 and proceeds to S40.

  In S40, the CPU 22 determines whether or not there is an item name not specified as the target item name in S20 among one or more item names in the item file. If the CPU 22 determines that an unspecified item name exists (YES in S40), the CPU 22 returns to S20 and specifies a new target item name. On the other hand, if the CPU 22 determines that there is no unspecified item name (NO in S40), the CPU 22 proceeds to S50.

  In S50, the CPU 22 obtains at least one value corresponding to at least one item name included in the target list from the memory 24, and generates a value file including the at least one value. The value file is described in the same predetermined format as the item file included in the external supply information. Here, the value file includes a value corresponding to an item name having a confidentiality order of “Lv2” or lower when determined YES in S22, and “Lv1” when determined NO in S22. Only the value corresponding to the item name having the confidentiality order of is included.

  S52 is the same as S12. If it is determined YES in S52, the CPU 22 encrypts the value file generated in S50 using the password “xxxxx” in the memory 24 as an encryption key in S56 to generate an encrypted value file. In S <b> 60, the CPU 22 supplies the encrypted value file to the terminal device 100.

  On the other hand, if NO is determined in S52, the CPU 22 skips S56, that is, proceeds to S60 without encrypting the value file generated in S50. In this case, the CPU 22 supplies the value file to the terminal device 100 without encrypting the value file. When S60 ends, the supply process of FIG. 2 ends.

(Specific case: Fig. 3)
A specific case realized by the process of FIG. 2 will be described with reference to FIG. In T100, the user of the terminal device 100 selects the item file 130. In T102, the terminal device 100 displays an input screen SC1 for inputting a password. Input screen SC1 includes an input field for inputting a password and an OK button for receiving a supply instruction from the user.

(Case A1)
In case A1, the user selects the OK button without entering a password in the input field of the input screen SC1. In this case, in T110, the terminal device 100 supplies the external supply information including the item file 130 to the printer 10 without encrypting the item file 130. In this case, the external supply information does not include encryption information indicating that the item file 130 is encrypted.

  When the printer 10 obtains the external supply information (YES in S10 of FIG. 2), the external supply information does not include the encryption information (NO in S12), so that the item file in the external supply information is not executed without performing decryption. 130 is obtained. Since the external supply information does not include the encryption information (NO in S22), the printer 10 determines that the four item names “sleep time”, “remaining amount”, and “SSID” included in the item file 130 at T116. , A value file including only the value “100” corresponding to the item name “sleep time” having the confidentiality ranking “Lv1” is generated from “password” (YES in S28, S50). The value file includes the item names “remaining amount” having the confidentiality level “Lv2”, the values “50%” and “ss001” corresponding to the “SSID”, and the item name “password” having the confidentiality level “Lv3”. "Xxxxx" is not included (NO in S28).

  In T120, the printer 10 supplies the value file to the terminal device 100 without encrypting the value file generated in T116 (NO in S52) (S60). As a result, at T122, the terminal apparatus 100 displays the value “100” included in the value file.

(Case A2)
In case A2, at T154, the user enters the password “xxxxx” in the input field of the input screen SC1 displayed at T102, and selects the OK button. In this case, in T160, the terminal device 100 encrypts the item file 130 using the input password “xxxxx” as an encryption key to generate an encrypted item file. Then, the terminal device 100 supplies the external supply information including the encrypted item file and the encrypted information indicating that the item file 130 is encrypted to the printer 10.

  When the printer 10 obtains the external supply information (YES in S10 of FIG. 2), the external supply information includes the encrypted information (YES in S12), and therefore the password “xxxxx” corresponding to the item name “password” in T162. Using the decryption key, the encrypted item file is decrypted to obtain the item file 130. Since the external supply information includes encryption information (YES in S22), the printer 10 determines that the four item names “sleep time”, “remaining amount”, “SSID”, Three values “100”, “50%” corresponding to three item names “sleep time”, “remaining amount”, and “SSID” having a security ranking of “Lv2” or less from “password” A value file including “ss001” is generated (YES in S24, S50). The value file does not include a value corresponding to the item name “password” having the confidentiality order of “Lv3” (NO in S24).

  At T168, since the external supply information includes encryption information (YES at S52), the printer 10 generates an encrypted value file from the value file generated at T166 using the password “xxxxx” as an encryption key (S56). . In T170, the printer 10 supplies the encrypted value file to the terminal device 100 (S60).

  In T172, the terminal device 100 decrypts the encrypted value file using the password “xxxxx” input in the input field of the input screen SC1 as a decryption key, and acquires the value file. In T174, the terminal device 100 displays the values “100”, “50%”, and “ss001” included in the value file.

(Effect of this embodiment)
When it is determined that the externally supplied information includes the encrypted information, the printer 10 has a value “50%” corresponding to the item names “remaining amount” and “SSID” having “Lv2” having a relatively high confidentiality order. , A value file including “ss001” is generated (T166). Then, the printer 10 encrypts the value file and supplies the encrypted value file to the terminal device 100 (T170). In this way, since the encrypted value file is supplied to the terminal device 100, it is possible to prevent the values “50%” and “ss001” having relatively high confidentiality ranks from being obtained by a third party.

  On the other hand, when it is determined that the externally supplied information does not include the encryption information, the printer 10 has the item names “remaining amount” and “SSID” having the confidentiality ranking “Lv2” in which the item file has a relatively high confidentiality ranking. A value file that does not include the values “50%” and “ss001” corresponding to the item name is generated (T116). Then, the printer 10 supplies the value file to the terminal device 100 without encrypting the value file (T120). As described above, since the value file does not include the values “50%” and “ss001”, even if the value file is supplied to the terminal device 100 without being encrypted, the value “50%” having a relatively high confidentiality ranking is used. "," Ss001 "can be prevented from being acquired by a third party.

  In addition, when the item file (or encrypted item file) included in the externally supplied information includes the item name “password” having “Lv3” which is the highest confidential order, the printer 10 includes the item file “Lv3”. A value file that does not include the value “xxxxx” corresponding to the item name is generated even though the item name “password” having “” is included (T116, T166). Therefore, it is possible to prevent the value “xxxxx” having the highest confidentiality order from being acquired by a third party.

(Correspondence)
The printer 10 and the terminal device 100 are examples of “communication device” and “external device”, respectively. The item name “sleep time”, the item name “remaining amount” (or “SSID”), the value “100”, and the value “50%” (or “ss001”) are respectively “first item information” and “first item information”. 2 item information ”,“ first value ”, and“ second value ”. The security rankings “Lv1” and “Lv2” are examples of “first security ranking” and “second security ranking”, respectively. The confidentiality rankings of the item names “password” and “Lv3” are examples of “topmost item information” and “highest confidentiality ranking”, respectively. The value file of T166, the value file of T116, and the encrypted value file of T170 are examples of “first value data”, “second value data”, and “first encrypted data”, respectively. The encrypted item file of T160 and the item file of T110 are examples of “encrypted item data” and “unencrypted item data”, respectively. Determining YES in S22 is an example of “a predetermined condition is satisfied”. The password “xxxxx” is an example of the “encryption key”.

(Second embodiment)
(Configuration of Printer 10; FIG. 1)
In this embodiment, the state of the printer 10 is set to an authentication required state or an authentication unnecessary state by a user (that is, an administrator). The authentication required state is a state in which the password “xxxxx” is stored in the memory 24 by the user, and the value in the printer 10 (provided that the password matching the password is input to the printer 10 by the user) For example, “100” corresponding to “sleep time”) is allowed to be changed to a new value. The authentication unnecessary state is a state in which the password “xxxxx” is not stored in the memory 24 by the user, and even if the password is not input to the printer 10, the value in the printer 10 can be changed to a new value. It is a state to be done. In the authentication unnecessary state, the memory 24 stores a NULL value as a value corresponding to the item name “password”.

(Supply processing; Fig. 4)
In the present embodiment, the CPU 22 of the printer 10 executes the process of FIG. 4 instead of the process of FIG. In S100, the CPU 22 executes the processes from S10 to S14 in FIG. The process of S120 executed after the process of S14 is the same as the process of S20 of FIG.

  In S122, the CPU 22 determines whether or not the status of the printer 10 is a status requiring authentication. Specifically, when the memory 24 stores a value other than the NULL value (ie, password “xxxxx”) as a value corresponding to the item name “password” (YES in S122), the state of the printer 10 is determined. Is in the authentication required state, and the process proceeds to S124. On the other hand, when the memory 24 stores a NULL value as a value corresponding to the item name “password” (NO in S122), the CPU 22 determines that the state of the printer 10 is an authentication unnecessary state, and proceeds to S132. move on.

  The processes of S124 and S126 are the same as S24 and S26 of FIG. In S128, the CPU 22 uses the confidential table 28 to determine whether or not the confidential order of the target item name is “Lv2”. If the CPU 22 determines that the confidentiality ranking of the target item name is “Lv2” (YES in S128), the CPU 22 changes the encryption flag from “OFF” to “ON” in S130. The encryption flags “OFF” and “ON” respectively indicate that a value file described later should not be encrypted and should be encrypted. On the other hand, when the CPU 22 determines that the confidentiality ranking of the target item name is “Lv1” (NO in S128), it skips S130 and proceeds to S140. As described above, the CPU 22 sets the encryption flag to “ON” when one or more item names in the item file include an item name having a security ranking of “Lv2”. On the other hand, the CPU 22 does not set the encryption flag to “ON” (that is, keeps it “OFF”) when only the item name having the security ranking of “Lv1” is included in the one or more item names. To do).

  The processes of S132, S134, S140, and S150 are the same as S28, S26, S40, and S50 of FIG. In S152, the CPU 22 determines whether or not the encryption flag is “ON”. When the CPU 22 determines that the encryption flag is “ON” (YES in S152), the CPU 22 proceeds to S156. S156 is the same as S56 of FIG. On the other hand, when the CPU 22 determines that the encryption flag is “OFF” (NO in S152), the CPU 22 proceeds to S154. S154 is the same as S52 of FIG. If the CPU 22 determines YES in S154, it proceeds to S156, and if it determines NO in S154, it skips S156 and proceeds to S160. S160 is the same as S60 of FIG. When S160 ends, the supply process of FIG. 4 ends.

(Specific case: Fig. 5)
A specific case realized by the process of FIG. 4 will be described with reference to FIG. In FIG. 5, the memory 24 stores the password “xxxxx”, and the printer 10 is in a state where authentication is necessary.

(Case B1)
In case B1, at T200, the user of the terminal device 100 selects an item file 132 that is different from the item file 130. The item file 132 includes an item name “sleep time” and an item name “remaining amount”. T202 is the same as T102 in FIG. In this case, the user selects the OK button without entering a password in the input field of the input screen SC1. T210 is the same as T110 in FIG. 3 except that the item file 132 is communicated instead of the item file 130.

  Since the printer 10 is in the authentication-necessary state (YES in S122) and the item file 132 in the external supply information includes the item name “remaining amount” having the confidentiality ranking “Lv2” (S128). YES), the encryption flag is changed from “OFF” to “ON” (S130). In T216, the printer 10 generates a value file including two values “100” and “50%” corresponding to the two item names “sleep time” and “remaining amount” included in the item file 132 ( (YES in S124, S126, S150). Since the encryption flag is “ON” (YES in S152), the printer 10 encrypts the value file generated in T216 using the password “xxxxx” as the encryption key in T218 to generate an encrypted value file. To do. T220 to T224 are the same as T170 to T174 in FIG. 3 except that the encrypted value file includes two values “100” and “50%”. In this embodiment, the terminal device 100 stores the password “xxxxx” because the password “xxxxx” has been input in the past even if the user does not input the password “xxxxx” on the input screen SC1. Yes. For this reason, the terminal device 100 can execute decryption at T222 using the stored password “xxxxx”.

(Case B2)
In case B2, at T230, the user selects an item file 134 different from the item files 130 and 132. The item file 134 includes only the item name “sleep time”. T232 is the same as T202, and T240 is the same as T210 except that the item file 132 is communicated instead of the item file 13.

  Although the printer 10 is in a state where authentication is necessary (YES in S122), the item file 134 in the external supply information does not include an item name having a security ranking of “Lv2” or higher (NO in S128). The encryption flag is not set to “ON”. In T246, the printer 10 generates a value file including the value “100” corresponding to the item name “sleep time” included in the item file 134 (YES in S124, S126, S150). Since the encryption flag is “OFF” (NO in S152) and the external supply information does not include the encryption information (NO in S154), the printer 10 generates the value file generated in T246 in T250. The value file is supplied to the terminal device 100 without encrypting (S160). T254 is the same as T122 in FIG.

(Case B3)
In case B3, as in case B2, the user selects the item file 134. Then, unlike Case B2, the user inputs the password “xxxxx” in the input field of the input screen SC1, and selects the OK button (T234). In this case, the terminal device 100 generates an encrypted item file by encrypting the item file 134 using the password “xxxxx” input in T234 as an encryption key. In T260, the terminal device 100 supplies the external supply information including the encrypted item file and the encrypted information to the printer 10.

  In T262, the printer 10 decrypts the encrypted item file using the password “xxxxx” as a decryption key, and acquires the item file 134 (S14 in S100 of FIG. 4). As in the case B1, the printer 10 does not set the encryption flag to “ON”. T266 is the same as T246. The printer 10 has the encryption flag “OFF” (NO in S152), but the external supply information includes the encryption information (YES in S154). Therefore, in T268, the password “xxxxx” is used as the encryption key in T266. Encrypt the generated value file to generate an encrypted value file. T270 is the same as T220 except that the encrypted value file includes only one value “100”. Thereafter, the processing executed by the terminal device 100 is the same as T222 and T224.

(Effect of this embodiment)
In this embodiment, the printer 10 switches whether or not the value file should be encrypted, depending on whether the authentication is required or not (S122 in FIG. 4). When the value file is to be encrypted, the printer 10 transmits the encrypted value file including the value “50%” corresponding to the item name “remaining amount” having the relatively high confidentiality order “Lv2” to the terminal device 100. (T220 in FIG. 5). When the value file should not be encrypted, the printer 10 supplies the terminal device 100 with a value file that does not include a value corresponding to the item name having a relatively high confidentiality ranking “Lv2” (S132 in FIG. 4). NO). For this reason, it is possible to prevent a third party from acquiring a value corresponding to an item name having a relatively high confidentiality ranking “Lv2”.

  In the present embodiment, even if the printer 10 includes an item file whose external supply information is not encrypted, the printer 10 is in an authentication-necessary state and the item file 132 is “Lv2”. When the item name “remaining amount” having the confidentiality order is included, a value file including the value “50%” corresponding to the item name is generated (T216), the value file is encrypted (T218), and encrypted. The value file is supplied to the terminal device 100 (T220). For this reason, even if the user does not input the password “xxxxx” on the input screen SC1, encrypted communication with a value having a relatively high security ranking “Lv2” is automatically executed. Since it is not necessary for the user to input the password “xxxxx”, it is possible to improve the convenience of the user and to prevent a value having a relatively high confidentiality ranking “Lv2” from being acquired by a third party.

  In this embodiment, the printer 10 also uses the encrypted value file when the external supply information includes encryption information (NO in S152 and YES in S154) even if the encryption flag is not set to “ON”. Is supplied to the terminal device 100. Therefore, the printer 10 can appropriately execute the encrypted communication to the terminal device 100 in accordance with the encrypted communication from the terminal device 100 to the printer 10. In other words, it is possible to suppress the execution of non-encrypted communication from the printer 10 to the terminal device 100 despite the execution of encrypted communication from the terminal device 100 to the printer 10.

(Correspondence)
Changing the value in the printer 10 to a new value is an example of “predetermined processing”. The item file 132 or 134 is an example of “item data”. The value file generated at T216 and the value file generated at T246 are examples of “first value data” and “third value data”, respectively. The encrypted value file of T270 is an example of “second encrypted data”. Determining YES in S122 is an example of “a predetermined condition is satisfied”.

(Third embodiment)
(Configuration of Printer 10; FIG. 1)
In this embodiment, the memory 24 of the printer 10 stores a common key CK in addition to the password “xxxxx”. The common key CK is not stored in the memory 24 by the user, but is stored in advance in the printer 10 from the shipment stage of the printer 10. Further, in the confidential table 28, the item name “SSID” is associated with the higher confidentiality order “Lv3” than the confidentiality order “Lv2”. In addition, the item name “password” is associated with the highest secret order “Lv4” higher than the secret orders “Lv2” and “Lv3”.

(Configuration of terminal device 100; FIG. 1)
Similarly to the printer 10, the terminal device 100 also stores a common key CK. The common key CK is stored in the terminal device 100 when a program for supplying external supply information to the printer 10 is installed in the terminal device 100. As in the first embodiment, when receiving an instruction to select the item file 130, the terminal device 100 displays an input screen for entering a password. The input screen includes a check box for allowing the user to specify whether or not to encrypt the item file, in addition to an input field for inputting a password. The terminal device 100 generates a common key item file by encrypting the item file 130 using the common key CK as an encryption key when the check box is designated to be checked and the password is not input on the input screen. On the other hand, the terminal device 100 generates a password item file by encrypting the item file 130 using the input password as an encryption key when the check box is designated as unchecked and the password is input on the input screen. To do. That is, in this embodiment, when the item file is encrypted, the external supply information supplied from the terminal device 100 to the printer 10 includes a common key item file or a password item file as the encrypted item file.

(Supply processing: FIGS. 6 and 7)
In this embodiment, the CPU 22 of the printer 10 executes the processes of FIGS. 6 and 7 instead of the process of FIG. S200 and S202 are the same as S10 and S12 of FIG. In S204, the CPU 22 decrypts the encrypted item file included in the external supply information using the password “xxxxx” as a decryption key, as in S14 of FIG. In S206, the CPU 22 determines whether or not the decryption in S204 is successful. Specifically, if the decrypted file generated by the decryption in S204 can be interpreted, the CPU 22 determines that the decryption has succeeded (YES in S206), and proceeds to S208. In S208, the CPU 22 changes the password flag from “OFF” to “ON”. The password flag “ON” means that the external supply information includes a password item file as an encrypted item file. In other words, the password flags “OFF” and “ON” mean that the printer 10 should not use the password as an encryption key in the processing described later, and should use it.

  On the other hand, if the decrypted file cannot be interpreted, the CPU 22 determines that decryption has failed (NO in S206), and proceeds to S210. In S210, the CPU 22 decrypts the encrypted item file included in the externally supplied information using the common key CK as a decryption key. In S212, the CPU 22 changes the common key flag from “OFF” to “ON”. The common key flag “ON” means that the external supply information includes a common key item file as an encrypted item file. In other words, the common key flags “OFF” and “ON” mean that the printer 10 should not use the common key CK as an encryption key and should be used in the processing described later.

  S220 in FIG. 7 is the same as S20 in FIG. In S222, the CPU 22 determines whether or not the password flag is “ON”. When the CPU 22 determines that the password flag is “ON” (YES in S222), the CPU 22 proceeds to S224. In S224, the CPU 22 uses the confidential table 28 to determine whether or not the confidentiality ranking of the target item name is “Lv3” or lower (that is, “Lv1”, “Lv2”, or “Lv3”). When the CPU 22 determines that the confidentiality ranking of the target item name is “Lv3” or less (YES in S224), the CPU 22 proceeds to S226. S226 is the same as S26 of FIG. On the other hand, when the CPU 22 determines that the confidentiality ranking of the target item name is “Lv4” (NO in S224), it skips S226 and proceeds to S240.

  If the CPU 22 determines that the password flag is “OFF” (NO in S222), the CPU 22 proceeds to S228. In S228, the CPU 22 determines whether or not the common key flag is “ON”. If the CPU 22 determines that the common key flag is “ON” (YES in S228), the CPU 22 proceeds to S230. S230 is the same as S24 of FIG. If the CPU 22 determines YES in S230, it proceeds to S226. If it is determined NO in S230, it skips S226 and proceeds to S240.

  If the CPU 22 determines that the common key flag is “OFF” (NO in S228), the process proceeds to S232. S232 is the same as S28 of FIG. If the CPU 22 determines YES in S232, it proceeds to S226, and if it is determined NO in S232, it skips S226 and proceeds to S240.

  S240 and S250 are the same as S40 and S50 in FIG. S252 is the same as S222. If the CPU 22 determines YES in S252, it proceeds to S256. In S256, the CPU 22 generates a password value file by encrypting the value file generated in S250 using the password “xxxxx” as an encryption key, as in S56 of FIG.

  If the CPU 22 determines NO in S252, it proceeds to S254. S254 is the same as S228. If the CPU 22 determines YES in S254, the common key value file is generated by encrypting the value file generated in S250 using the common key CK as the encryption key. If the CPU 22 determines NO in S254, it proceeds to S260. In S260, the CPU 22 supplies the terminal device 100 with the password value file generated in S256, the common key value file generated in S258, or the value file generated in S250 (in the case of NO in S254). When S260 ends, the supply process of FIGS. 6 and 7 ends.

(Specific case; Fig. 8)
A specific case realized by the processing of FIGS. 6 and 7 will be described with reference to FIG. T300 is the same as T100 in FIG. In T302, the terminal device 100 displays the input screen SC2. The input screen SC2 is the same as the input screen SC1 in FIG. 3 except that the input screen SC2 includes a check box CB for allowing the user to specify whether to encrypt the item file.

(Case C1)
In case C1, at T304, the user designates the check box CB in a checked state and does not input a password in the input field. In this case, the terminal device 100 encrypts the item file 130 using the common key CK as an encryption key, and generates a common key item file as an encrypted item file. In T310, the terminal device 100 supplies the external supply information including the common key item file and the encryption information to the printer 10.

  Since the printer 10 fails to decrypt the common key item file using the password “xxxxx” as a decryption key (NO in S206 of FIG. 6), in T310, the common key item file is decrypted using the common key CK as the decryption key. (S210). In T314, the printer 10 sets the common key flag to “ON” (S212).

  Since the common key flag is “ON” in the printer 10 (NO in S222 in FIG. 7 and YES in S228), at T316, the four item names “sleep time” and “remaining amount” included in the item file 130 are displayed. , “SSID”, “password”, two values “100”, “50%” corresponding to two item names “sleep time”, “remaining amount” having a security order of “Lv2” or lower Is generated (YES in S230, S226, S250).

  In T318, since the common key flag is “ON” (NO in S252, YES in S254), the printer 10 encrypts the value file generated in T316 using the common key CK as an encryption key and uses the common key value file. Is generated. In T320, the printer 10 supplies the common key value file to the terminal device 100.

  In T322, the terminal device 100 decrypts the common key value file using the common key CK as a decryption key, and acquires the value file. In T324, the terminal device 100 displays two values “100” and “50%” included in the value file.

(Case C2)
In case C2, in T344, the user designates the check box CB in the input screen SC2 displayed in T302 to be in a check state, and inputs the password “xxxxx” in the input field in the input screen SC2. In this case, the terminal device 100 encrypts the item file 130 using the input password “xxxxx” as an encryption key, and generates a password item file as an encrypted item file. In T360, the terminal device 100 supplies the external supply information including the password item file and the encryption information to the printer 10.

  In T362, the printer 10 decrypts the password item file using the password “xxxxx” as a decryption key (S204 in FIG. 6). Since the decryption is successful (YES in S206), the printer 10 sets the password flag to “ON” in T364 (S208).

  Since the password flag of the printer 10 is “ON” (YES in S222 of FIG. 7), in T366, the four item names “sleep time”, “remaining amount”, “SSID”, Three values “100”, “50%” corresponding to three item names “sleep time”, “remaining amount”, and “SSID” having a security ranking of “Lv3” or less from “password” A value file including “ss001” is generated (YES in S224, S226, S250).

  At T368, since the password flag is “ON” (YES at S252), the printer 10 encrypts the value file generated at T366 using the password “xxxxx” as an encryption key to generate a password value file. In T370, the printer 10 supplies the password value file to the terminal device 100.

  In T372, the terminal device 100 decrypts the password value file using the password “xxxxx” as a decryption key, and acquires the value file. In T374, the terminal device 100 displays three values “100”, “50%”, and “ss001” included in the value file.

(Effect of this embodiment)
In this embodiment, as in the first embodiment, the printer 10 switches whether or not the value file should be encrypted, depending on whether or not the external supply information includes encryption information (S202 in FIG. 6). . And then. When the value file is to be encrypted (YES in S202), the printer 10 sends an encrypted value file including a value corresponding to the item name having a relatively high security ranking “Lv2” or “LV3” to the terminal device 100. (T320 or T370 in FIG. 8). When the value file is not to be encrypted, the printer 10 supplies the terminal device 100 with a value file that does not include a value corresponding to the item name having a relatively high confidentiality ranking “Lv2” or “LV3” ( NO in S232 of FIG. 7). For this reason, it is possible to prevent a third party from acquiring a value corresponding to an item name having a relatively high confidentiality ranking “Lv2” or “LV3”.

  In addition, when the value file should be encrypted using the password “xxxxx” that is difficult to be known by a third party as an encryption key (YES in S222 in FIG. 7), the printer 10 corresponds to the item name having the confidentiality order “Lv3”. The password value file including the value to be supplied is supplied to the terminal device 100 (YES in S224 in FIG. 7; On the other hand, if the value file should be encrypted using the common key CK that is easily known by a third party as the encryption key (YES in S228 in FIG. 7), the printer 10 corresponds to the item name having the confidentiality ranking “Lv3”. A common key value file that does not include a value is supplied to the terminal device 100 (NO in S230 of FIG. 7, T320 of FIG. 8). As described above, the printer 10 uses an encrypted value file (that is, a password value file or a password value file) that includes an appropriate value depending on whether the password “xxxxx” should be used as an encryption key or the common key CK should be used as an encryption key. The common key value file) can be supplied to the terminal device 100.

(Correspondence)
The confidentiality ranking “Lv3” and the value “ss001” are examples of “third confidentiality ranking” and “third value”, respectively. The common key value file of T320 or the password value file of T370 is an example of “first encrypted data”.

  Specific examples of the present invention have been described in detail above, but these are merely examples and do not limit the scope of the claims. The technology described in the claims includes various modifications and changes of the specific examples illustrated above. The modifications of the above embodiment are listed below.

(Modification 1) For example, in the first embodiment, the storage medium (for example, USB (abbreviation of Universal Serial Bus) memory, SD card, etc.) attached to the printer 10 is an unencrypted item file, or When the encrypted item file is stored, the printer 10 may acquire the item file from the storage medium in S10 of FIG. In this case, the printer 10 determines whether the item file acquired from the storage medium includes a predetermined extension indicating that the item file is an encrypted item file, instead of the process of S12 of FIG. It may be judged. If the item file includes a predetermined extension, the printer 10 determines YES and proceeds to S14. On the other hand, if the item file does not include the predetermined extension, the printer 10 determines NO and skips S14. Then, the process may proceed to S20. Similarly, in the case of the item 22 in FIG. 2, the printer 10 determines YES when the item file includes a predetermined extension, and proceeds to S24. On the other hand, if the item file does not include the predetermined extension, It may be determined NO and proceed to S28. The printer 10 is the same in S52 of FIG. If the item file includes a predetermined extension, the determination is YES, and the process proceeds to S56. On the other hand, if the item file does not include the predetermined extension, the determination is NO, S56 is skipped, and the process proceeds to S60. You may go on. In the present modification, the item file itself is an example of “external supply information”. Each item name in the item file is an example of “item data”. The predetermined extension is an example of “encrypted information” and “predetermined information”.

(Modification 2) The external supply information may include command information indicating that the value file to be supplied to the terminal device 100 should be encrypted instead of the encryption information. The printer 10 may determine whether or not the external supply information includes command information in S22 of FIG. In this modification, the command information is an example of “predetermined information”.

(Modification 3) In the second embodiment, the authentication required state is that the setting value in the printer 10 is newly set on condition that a password matching the password stored in the memory 24 is input to the printer 10 by the user. This is a state that is allowed to be changed to the set value. Alternatively, the authentication-necessary state may be a state where the user is allowed to execute the printing function of the printer 10 on condition that a password matching the password stored in the memory 24 is input to the printer 10 by the user. Good. The authentication unnecessary state may be a state in which the user is allowed to execute the printing function of the printer 10 even if a password is not input to the printer 10. In this modification, execution of the printing function of the printer 10 is an example of “predetermined processing”.

(Modification 4) In the second embodiment, the printer 10 determines in S122 of FIG. 4 whether or not the memory 24 stores a password “xxxxx” that is different from the NULL value. Instead, the memory 24 stores setting information indicating whether the state of the printer 10 is set to an authentication required state or an authentication unnecessary state, and the printer 10 requires authentication instead of S122. It may be determined whether or not setting information indicating that the state is set is stored. In the present modification, storing the setting information indicating that the authentication required state is set is an example of the “predetermined condition”.

(Modification 5) S128 and S130 of FIG. 4 do not have to be executed, and in S152, the same processing as S122 may be executed. In the present modification, in the case B2 of FIG. 5, the printer 10 is in the authentication-necessary state even if the item file 134 includes only the item name having the confidentiality ranking of “Lv1”. The encrypted value file is supplied to the terminal device 100. In the present modification, the “third supply unit” can be omitted.

(Modification 6) In the first embodiment, the printer 10 uses the security table 28 to determine whether or not the security ranking corresponding to the target item name is “Lv2” or lower in S24 of FIG. . Instead, the printer 10 may determine whether or not the security ranking corresponding to the target item name is “Lv3” or lower by using the security table 28. That is, the “first generation unit” may generate first value data including the value of the highest item.

(Modification 7) In the above-described embodiment, the CPU 22 of the printer 10 executes the program 26 (that is, software), thereby realizing the processes shown in FIGS. 2, 4, 6, and 7. Instead, any of the processes may be realized by hardware such as a logic circuit.

  The technical elements described in this specification or the drawings exhibit technical usefulness alone or in various combinations, and are not limited to the combinations described in the claims at the time of filing. In addition, the technology illustrated in the present specification or the drawings achieves a plurality of objects at the same time, and has technical utility by achieving one of the objects.

  2: Communication system, 4: LAN, 10: Printer, 16: Network I / F, 20: Control unit, 22: CPU, 24: Memory, 26: Program, 28: Confidential table, 30: Multiple values, CK : Common key, 100: Terminal device, 130, 132, 134: Item file

Claims (10)

A communication device,
For each of a plurality of items of information related to the communication device, a memory that stores the value of the item and the confidentiality order of the item in association with each other, the plurality of items being a first item The memory comprising: a first item having a confidentiality ranking; and a second item having a second confidentiality ranking higher than the first confidentiality ranking;
An acquisition unit for acquiring external supply information for supplying at least one value in the memory to the external device from an external device;
A supply unit for supplying value data including the at least one value in the memory to the external device in response to obtaining the external supply information;
The supply unit
A first determination unit that determines whether or not a predetermined condition related to encryption of the value data is satisfied in response to acquiring the external supply information;
A first value for generating first value data including a first value of the first item and a second value of the second item when it is determined that the predetermined condition is satisfied; A generator of
A first cipher for generating first encrypted data by encrypting the first value data using an encryption key stored in the memory when the first value data is generated; And
A first data supply unit configured to supply the first encrypted data to the external device when the first encrypted data is generated;
A second generator for generating second value data that includes the first value and does not include the second value when it is determined that the predetermined condition is not satisfied;
A second data supply unit configured to supply the second value data to the external device without encrypting the second value data when the second value data is generated;
A communication device comprising: The first determination unit includes:
When the external supply information includes predetermined information, it is determined that the predetermined condition is satisfied,
The communication apparatus according to claim 1, wherein when the external supply information does not include the predetermined information, it is determined that the predetermined condition is not satisfied. The external supply information is
In the case of including encrypted item data, further including the predetermined information which is encryption information indicating that the item data is encrypted,
When the item data that is not encrypted is included, the predetermined information that is the encryption information is not included,
The item data includes first item information indicating the first item and second item information indicating the second item,
The supply unit further includes:
A decrypting unit that decrypts the encrypted item data when the external supply information includes the predetermined information that is the encrypted information;
The first generation unit, when it is determined that the predetermined condition is satisfied, the first value of the first item indicated by the first item information included in the decoded item data And generating the first value data including the second value of the second item indicated by the second item information included in the decrypted item data,
When the second generation unit determines that the predetermined condition is not satisfied, the unencrypted item data includes the first item information and the second item information. The communication apparatus according to claim 2, wherein the second value data including the first value and not including the second value is generated. The plurality of items further includes a third item having a third confidentiality ranking higher than the second confidentiality ranking;
The supply unit further includes:
When it is determined that the predetermined condition is satisfied, a password stored in the memory by the user should be used as the encryption key, or a common key stored in advance in the memory should be used as the encryption key. A second determination unit for determining whether or not to use the external supply information;
The first generator is
When it is determined that the password should be used as the encryption key, the first value data including the first value, the second value, and the third value of the third item is generated. And
When it is determined that the common key should be used as the encryption key, the first value data including the first value and the second value and not including the third value is generated. ,
The first encryption unit includes:
When it is determined that the password should be used as the encryption key, the first value data is encrypted using the password as the encryption key to generate the first encrypted data,
When it is determined that the common key should be used as the encryption key, the first value data is encrypted using the common key as the encryption key to generate the first encrypted data The communication device according to any one of claims 1 to 3. The first determination unit includes:
When the state of the communication device is an authentication required state, it is determined that the predetermined condition is satisfied,
When the state of the communication device is an authentication unnecessary state, it is determined that the predetermined condition is not satisfied,
The authentication required state is a state in which the communication device is allowed to execute a predetermined process on condition that a password that matches a password stored in the memory is input to the communication device by a user. Yes,
The authentication unnecessary state is a state in which the communication device is allowed to execute the predetermined process even if the password is not input to the communication device.
The communication apparatus according to claim 1, wherein the encryption key is the password. The first determination unit includes:
When the memory stores the password, it is determined that the state of the communication device is the authentication required state,
The communication device according to claim 5, wherein when the memory does not store the password, the communication device determines that the state of the communication device is the authentication unnecessary state. The external supply information includes item data including one or more item information indicating one or more items of the plurality of items,
When it is determined that the predetermined condition is satisfied, and the item data includes first item information indicating the first item and second item information indicating the second item ,
The first generation unit is indicated by the first value of the first item indicated by the first item information included in the item data and the second item information included in the item data. Generating the first value data including the second value of the second item
The first encryption unit generates the first encrypted data,
The first data supply unit supplies the first encrypted data to the external device;
The supply unit further includes:
When it is determined that the predetermined condition is satisfied, and the item data includes the first item information and does not include upper item information indicating an item having a confidentiality order higher than the second confidentiality order. And generating third value data including the first value of the first item indicated by the first item information included in the item data and not including the second value. A generator,
A third supply unit configured to supply the third value data to the external device without encrypting the third value data when the third value data is generated; Item 7. The communication device according to Item 5 or 6. The external supply information is
In the case of including encrypted item data, it further includes encryption information indicating that the item data is encrypted,
If it contains item data that is not encrypted, it does not contain the encryption information,
The supply unit further includes:
A third determination unit for determining whether or not the external supply information includes the encryption information;
It is determined that the predetermined condition is satisfied, the item data includes the first item information, does not include the upper item information, and the external supply information includes the encryption information. A second encryption unit that encrypts the third value data using the encryption key stored in the memory to generate second encrypted data;
A fourth supply unit for supplying the second encrypted data to the external device when the second encrypted data is generated;
The third supply unit is determined that the predetermined condition is satisfied, the item data includes the first item information and does not include the upper item information, and the external supply information is the The communication device according to claim 7, wherein when it is determined that encryption information is not included, the third value data is supplied to the external device without encrypting the third value data. The external supply information includes item data including one or more item information indicating one or more items of the plurality of items,
The first generator is determined to satisfy the predetermined condition, and the item data includes first item information indicating the first item and second item indicating the second item. In the case of including item information and top item information indicating a top item having a top secret order higher than the second secret order, the item data includes the top item information. , The first value of the first item indicated by the first item information included in the item data, and the second item indicated by the second item information included in the item data. The first value data including the second value and not including the value of the top item indicated by the top item information included in the item data is generated. The communication apparatus as described in any one. A computer program for a communication device,
The communication device is a memory that stores, for each of a plurality of items of information related to the communication device, a value of the item and a security ranking of the item in association with each other, and the plurality of items Comprises a first item having a first confidentiality ranking and a second item having a second confidentiality ranking higher than the first confidentiality ranking;
The computer program stores the computer of the communication device in the following units:
An acquisition unit for acquiring external supply information for supplying at least one value in the memory from the external device to the external device;
In response to acquiring the external supply information, function as a supply unit that supplies the external device with value data including the at least one value in the memory;
The supply unit
A first determination unit that determines whether or not a predetermined condition related to encryption of the value data is satisfied in response to acquiring the external supply information;
A first value for generating first value data including a first value of the first item and a second value of the second item when it is determined that the predetermined condition is satisfied; A generator of
A first cipher for generating first encrypted data by encrypting the first value data using an encryption key stored in the memory when the first value data is generated; And
A first data supply unit configured to supply the first encrypted data to the external device when the first encrypted data is generated;
A second generator for generating second value data that includes the first value and does not include the second value when it is determined that the predetermined condition is not satisfied;
A second data supply unit configured to supply the second value data to the external device without encrypting the second value data when the second value data is generated;
A computer program comprising:

Images