JP2018139077A - Network system and communication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a network system capable of efficiently using a document placed in an environment in which security is kept.SOLUTION: A network system includes first and second systems. The first system comprises a print data storage unit which stores print data according to a document print request in a document storage unit, a transmission unit which transmits the print data stored in the print data storage unit in response to an acquisition request, and a control unit which forms on a business terminal an UI through which a user can instruct a request to print documents in the document storage unit by operating the business terminal. The second system comprises a print unit, and an acquisition request transmission unit which transmits the acquisition request of the print data based on the print request from the business terminal and printed by the print unit to the first system. A communication control device permits communication from the business terminal to the control unit and communication from the print unit to the print data storage unit, but does not permit communication from the business terminal to the document storage unit, the print data storage unit, and the transmission unit.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a network system and a communication method.

  In recent years, information management has become more important in organizations and the like. One of the causes of information leakage in an organization is information leakage due to a paper medium, that is, a printed matter. As one of countermeasures against information leakage due to printed matter, a security management system disclosed in Patent Document 1 has been proposed. In this system, print data and control data including at least one of a job name, a terminal name, and a user name are accumulated as a print log. When it is determined that the predetermined word is included in the print data, the system notifies the destination registered in advance that the print data including the predetermined word has been printed. In addition, the system can reconfirm the contents of the print job by outputting the print log and securing the log of the print job, and can prevent unauthorized printing.

  By the way, the system of this patent document 1 does not touch on the security measures for the original data that is the origin of printing in detail. On the other hand, when a company or government office handles strictly confidential documents strictly, a dedicated room for managing the confidential documents is prepared, and the network in the room is separated from the network in other areas. It is possible to isolate. Only certain authorized users can enter the room, and confidential documents can be created through operations (document creation, registration, scanning, printing, etc.) that deal with confidential documents in the room. It is possible to prevent leakage to the outside easily.

  However, in this case, the user who wants to handle confidential documents has to travel to this dedicated room. The user does not have to do only the task of handling confidential documents, but may perform other tasks, and whenever the task of handling confidential documents occurs, the user must move to this dedicated room. Can be a burden on the user. On the other hand, it is not desirable to perform all operations including the other operations in this dedicated room. In particular, if it is permitted to perform work (search work, etc.) connected to an external network such as the Internet in a dedicated room, there is a risk of being attacked from the external network, increasing the risk of information leakage.

  The present invention has been made in view of the above, and an object thereof is to provide a network system that can efficiently use a document in an environment in which security is maintained.

  In order to solve the above-described problems and achieve the object, the present invention provides a first system constructed in a first network and a second system constructed in a second network to which business terminals are connected. And a control device that controls communication between the first network and the second network, wherein the first system includes a document storage unit that stores a document, and a document storage unit Requested in response to a print request for a document stored in the print data storage unit for storing print data for printing the document, and a print data acquisition request stored in the print data storage unit. A print data transmission unit that transmits print data and a user interface that allows a user to instruct a print request for a document stored in the document storage unit by operating a business terminal. A print data control unit formed on the terminal, and the second system executes printing of print data based on a print request from the business terminal, and obtains print data to be printed by the print unit. An acquisition request transmission unit that transmits an acquisition request to be transmitted to the first system, and the control device performs communication from a device connected to the first network to a device connected to the second network. A communication control unit for controlling permission and permission / rejection of communication from a device connected to the second network to a device connected to the first network, and the communication control unit controls print data from the business terminal; Communication from the printing unit to the print data storage unit is permitted, and communication from the business terminal to the document storage unit, the print data storage unit, and the print data transmission unit is not permitted.

  According to the present invention, it is possible to provide a network system that can efficiently use a document in an environment in which security is maintained.

FIG. 1 is a block diagram illustrating a configuration example of a network system according to the embodiment. FIG. 2 is a block diagram illustrating a hardware configuration of an example of a business terminal applicable to the embodiment. FIG. 3 is a functional block diagram illustrating an example of functions of a business terminal applicable to the embodiment. FIG. 4 is a block diagram illustrating a hardware configuration of an example of a printing apparatus applicable to the embodiment. FIG. 5 is a functional block diagram illustrating an example of functions of the printing apparatus according to the embodiment. FIG. 6 is a functional block diagram illustrating an example of functions of the VDI server applicable to the embodiment. FIG. 7 is a functional block diagram illustrating an example of functions of the log storage server according to the embodiment. FIG. 8 is a functional block diagram illustrating an example of functions of a communication control apparatus applicable to the embodiment. FIG. 9 is a diagram illustrating an example of communication control by the communication control device according to the embodiment. FIG. 10 is a sequence diagram illustrating an example of processing when a business terminal in a normal partition requests printing of a confidential document in a secret partition according to the embodiment. FIG. 11 is a sequence diagram illustrating an example of processing that is applicable to the embodiment when a business terminal requests printing of a general document in a normal section. FIG. 12 is a sequence diagram illustrating an example of processing for performing printing according to a print job stored in a print server in a normal partition or a secret partition from the printing apparatus according to the embodiment. FIG. 13 is a diagram illustrating an example of a print control screen displayed on the operation panel, which can be applied to the embodiment.

  Hereinafter, embodiments of a network system and a communication method will be described in detail with reference to the accompanying drawings.

(Embodiment)
FIG. 1 shows an exemplary configuration of a network system according to the embodiment. In FIG. 1, the network system 1 includes a first network configured by the network 20 in the confidential partition 2 and a second network configured by the network 30 in the normal partition 3. The network 20 and the network 30 are connected via the communication control device 10. The communication control device 10 is, for example, a firewall (FW), and controls communication from the network 20 to the network 30 and communication from the network 30 to the network 20 according to settings.

  The confidential section 2 is a section for handling confidential documents, and is generally a section set with stricter security than other sections (for example, the normal section 3). An example of strict security is advanced authentication processing such as vein authentication that is not provided in other sections. The confidential section 2 is configured as, for example, one independent room, and it can be assumed that users who can enter the room are restricted. The confidential section 2 includes a confidential document server 200, a VDI (Virtual Desktop Infrastructure) server 201, a log storage server 202, and a print server 203 each connected to the network 20. Further, it is assumed that the network 20 in the confidential section 2 is not connected to an external network such as the Internet.

  Although FIG. 1 shows that the confidential document server 200, the VDI server 201, and the log storage server 202 are independent hardware, this is not limited to this example. For example, two or more of the confidential document server 200, the VDI server 201, and the log storage server 202 may be configured integrally.

  The normal section 3 is a section that is distinguished from the confidential section 2, and is a section that is used when a user performs a normal operation. In the example of FIG. 1, the normal partition 3 includes a business terminal 300 connected to the network 30, a user information management server 301, an authentication server 302, a print server 303, a printing device 304, and a print log management server 305. Including. The normal section 3 does not store confidential documents stored and managed in the confidential section 2 described later. In addition, it is assumed that the network 30 in the normal partition 3 is permitted to connect to an external network such as the Internet.

  In FIG. 1, the user information management server 301, the authentication server 302, and the print log management server 305 are shown as independent hardware, but this is not limited to this example. For example, two or more of the user information management server 301, the authentication server 302, and the print log management server 305 may be configured integrally. On the other hand, FIG. 1 shows that one device is provided for each type in the confidential section 2 and the normal section 3, but this is not limited to this example, and a plurality of devices of the same type are provided. It may be done.

  In the normal section 3, the business terminal 300 is a terminal device used by a user for general business, for example, a personal computer. The business terminal 300 applicable to the embodiment is equipped with a client application program (hereinafter referred to as a VDI client) that supports desktop virtualization by the VDI server 201 described later. Furthermore, the business terminal 300 includes an application program (hereinafter referred to as a document creation program) for creating a document, such as a word processor program, a spreadsheet program, and an image editing program, and a printer driver program (for causing the printing apparatus 403 to execute printing). Hereinafter, a printer driver) can be installed.

  The user selects a printer driver necessary for his / her business from a printer driver for transmitting a print job to the print server 303 or a printer driver for transmitting a print job to a specific printing apparatus 304, and It can be installed in the business terminal 300. As will be described later, the VDI client is a dedicated application program for performing a specific job, and is therefore installed only in the specific job terminal 300, and a plurality of users can share and use the job terminal 300. May be.

  The user information management server 301 registers user information including user identification information for each user in order to manage one or more users who use the network system 1. The user information management server 301 stores and manages user information of all registered users using a database (DB). Examples of user identification information include a user ID and an employee number. The user's uniqueness is ensured by the identification information itself or by associating the identification information with the password. Here, it is assumed that the user ID and password are associated with each other and registered in the user information management server 301.

  When the user ID and password are transmitted from the outside and the presence confirmation is requested, the user information management server 301 receives the transmitted user ID and password, the user ID and password registered in the user information management server 301, Thus, the user can be confirmed. In addition, the user information management server 301 can register authority information indicating whether or not to add usage authority to the user in association with the user identification information. As the authority information, when it is desired to restrict at least the work performed by accessing the confidential area 2 to a specific user, the authority to access the confidential area 2 is given only to the specific user. The user information management server 301 can apply an active directory, for example.

  The authentication server 302 controls user authentication when the user logs into the printing apparatus 304 in order to use the printing apparatus 304. The authentication server 302 stores, for example, identification information (card ID) of an IC (Integrated Circuit) card possessed by each user and capable of near field communication, and the user ID and password of the user in association with each other. Further, the authentication server 302 can capture the user information registered in the user information management server 301 by performing a synchronization process with the user information registered in the user information management server 301. The user ID and password registered in association with the card ID in the authentication server 302 are normally registered in the user information management server 301.

  The print server 303 stores the print job transmitted from the business terminal 300. The print job includes, for example, print data generated by a printer driver based on a document created on the business terminal 300, and a user ID input to the business terminal 300 by the user. The print job can include the user ID as part of the print data. Not limited to this, the print job may include a user ID separately from the print data. Note that the document here refers to document data, table data, image data, and the like created by a document creation program installed in the business terminal 300, for example.

  For example, the print server 303 may have a function of receiving text from the business terminal 300 and converting the received document into print data. The print server 303 stores print job information indicating the correspondence between the user ID included in the print job and the print data. The print job stored in the print server 303 is accumulated in the print server 303 until a predetermined time elapses or a print request is issued from the printing apparatus 304. In response to the print request from the printing apparatus 304, the print server 303 transmits print data requested by the print request to the printing apparatus 304.

  The printing device 304 performs printing according to the print data. The printing apparatus 304 is, for example, an MFP (Multi Function Printer) that can realize a plurality of functions such as a printing function, a scanner function, a copy function, and a FAX function in one housing. However, the present invention is not limited to this, and the printing apparatus 304 may be a single-function printing apparatus that executes only the printing function among these functions.

  In addition, the printing apparatus 304 applicable to the embodiment, for example, print control for realizing a so-called pull print function in which print data stored in the print server 303 is acquired and printed in cooperation with the print server 303. An application program (hereinafter, print control application) can be installed. Using this print control application, the user acquires print data from a print job stored in the print server 303 installed in the normal section 3 or the print server 203 installed in the confidential section 2 and executes printing. can do. Note that the printing apparatus 304 can execute not only printing of print data acquired from the print server 303 but also printing of print data transmitted from the business terminal 300.

  The print log management server 305 receives and stores a print log generated by the printing apparatus 304 when the printing apparatus 304 prints the print data. The print log generated by the printing apparatus 304 includes a user ID included in a print job or print data, a user ID of a user who executed printing using the print data, and a printing condition (color / Monochrome printing, single-sided printing, double-sided printing, consolidated printing, etc.), bibliographic information including the number of printed sheets, number of sides, printing date and time, and the like.

  Also, it is assumed that print image data, which is data corresponding to a printed print image, is not transmitted from the printing apparatus 304 to the print log management server 305. The print image data is image data capable of displaying the contents of the actually printed document to the user. This print image data is hereinafter referred to as an image log. In particular, it is to be avoided that the image log of the confidential document stored in the confidential section 2 is stored by a device in the normal section 3 unless access to the device is protected by excessively strong security.

  In the confidential section 2, the confidential document server 200 stores and manages confidential documents that are documents that are permitted to be browsed and used only by a specific person. The confidential document server 200 is controlled to be inaccessible from the network 30 in the normal partition 3 by the communication control device 10.

  The VDI server 201 generates one or more virtualized desktops. The VDI server 201 provides the generated virtual desktop to the business terminal 300 connected to the network 30 in the normal partition 3 and equipped with the corresponding VDI client. The VDI server 201 executes processing in the network 20 in the secret partition 2 in accordance with a request transmitted from the business terminal 300 via the virtual desktop. For example, the VDI server 201 acquires a confidential document from the confidential document server 200 in accordance with the document acquisition request transmitted from the business terminal 300, and generates a print job including the acquired confidential document. The VDI server 201 passes the generated print job to the log storage server 202.

  As described above, the virtual desktop generated by the VDI server 201 forms an interface for the business terminal 300 to execute the printing of the confidential document in the confidential section 2 and provides it to the business terminal 300. The business terminal 300 gives an instruction via an interface virtually displayed on its own screen, and the result of the process corresponding to the instruction is displayed on the screen. This process is actually performed by the VDI server 201. It is. Therefore, the confidential document in the confidential section 2 is not transmitted to the business terminal 300, and the confidential document in the confidential section 2 is not acquired by the business terminal 300.

  Further, the VDI server 201 is loaded with a program (dedicated printer driver) that accepts a print instruction for a confidential document in the confidential section 2 in response to a request via the virtual desktop of the business terminal 300. The dedicated printer driver also functions as a print data control unit that controls print processing of print data based on a document acquired by the VDI server 201 such as a confidential document or a document stored in the VDI server 202.

  When receiving a print instruction for a document such as a confidential document, the dedicated printer driver executes print control for transmitting a print job including the document to be printed to the log management server 202. The VDI server 201 does not perform print control other than transmission to the log management server 202 as print control. Therefore, the user cannot instruct the VDI server 201 to transmit a print job directly from the VDI server 201 to the print server 303 or the printing apparatus 304. In other words, the VDI server 201 is set to transmit to the log management server 202 so that no printer other than the printer set to transmit to the log management server 202 can be selected when the user issues a print instruction. It is built so that only the selected printer can be selected.

  The VDI server 201 is loaded with a document management program for browsing confidential documents stored in the confidential document server 200. The user activates a document management program installed in the VDI server 201 via the business terminal 300 on which a virtual desktop is formed, and performs various instruction operations from the business terminal 300 on the activated document management program. By doing so, it is possible to cause the VDI server 201 on which this document management program is executed to generate a screen for acquiring the confidential document from the confidential document server 200 and displaying the contents thereof. Therefore, the business terminal 300 transmits an acquisition request for requesting acquisition of a confidential document to the network 20 in the confidential section 2 via this screen in response to a user operation via the virtual desktop. This also functions as a print request transmission unit that requests printing.

  When the log storage server 202 receives a print job from the VDI server 201, the log storage server 202 determines whether or not the received print job is for printing a print-prohibited document. When the log storage server 202 determines that the print job does not print a print-prohibited document, the log storage server 202 generates log information including a print image based on the print job, and stores the generated log information. The log information generated here includes at least the user ID of the user who has issued a print instruction via the virtual desktop and the image log of the print job. Further, the log information may further include bibliographic information such as printing conditions set when the user issues a printing instruction and the date and time when the printing instruction is received. After storing the log information of the print job, the log storage server 202 passes the print job to the print server 203.

  The print server 203 stores the print job passed from the log storage server 202. At this time, the print server 203 converts the document to be printed included in the print job into print data that the printing apparatus 304 can handle, and stores the print job. The print server 203 stores print job information related to the print job. When a print list request is transmitted from the printing apparatus 304 with a user ID specified, the print server 203 specifies print data associated with the specified user ID from the print job information in response to the request. Then, the specified print data list is transmitted to the printing apparatus 304. Further, when a print request for print data associated with the designated user ID is transmitted from the printing apparatus 304, the requested print data is transmitted to the printing apparatus 304. As described above, the print servers 203 and 303 include a function as a print data storage unit that stores a print job, a function as a print job information storage unit that stores print job information, and a print data transmission unit that transmits print data. As a function.

(More detailed configuration of each part according to the embodiment)
Next, a more detailed configuration of each unit according to the embodiment described with reference to FIG. 1 will be described.

  FIG. 2 shows an exemplary hardware configuration of the business terminal 300 applicable to the embodiment. In FIG. 2, a business terminal 300 includes a CPU (Central Processing Unit) 320, a ROM (Read Only Memory) 321, a RAM (Random Access Memory) 322, a graphics I / F (interface) 323, a storage 324, A data I / F 325 and a communication I / F 326 are provided, and these units are communicably connected to each other via a bus 330.

  The storage 324 is a storage medium that stores data in a nonvolatile manner, and a hard disk drive or a flash memory can be applied. The storage 324 stores programs and data for operating the CPU 320.

  For example, the CPU 320 controls the overall operation of the business terminal 300 using the RAM 322 as a work memory according to a program stored in advance in the ROM 321 or the storage 324. The graphics I / F 323 generates a display signal that can be supported by the display 327 based on the display control signal generated by the CPU 320 according to the program. The display 327 displays a screen corresponding to the display signal supplied from the graphics I / F 323.

  The data I / F 325 transmits / receives data to / from an external device. As the data I / F 325, for example, USB (Universal Serial Bus) can be applied. In this example, a keyboard 328a and a pointing device 328b are connected to the data I / F 325 as input devices that accept user input. The communication I / F 326 controls communication with the network 30 in accordance with an instruction from the CPU 320.

  FIG. 3 is an exemplary functional block diagram for explaining functions of the business terminal 300 applicable to the embodiment. The business terminal 300 includes an overall control unit 3000, a communication control unit 3001, a VDI client 3002, and a print request unit 3005. The overall control unit 3000, the communication control unit 3001, the VDI client 3002, and the print request unit 3005 are configured by a program running on the CPU 320. The business terminal 300 may further include a document creation unit that creates a document.

  The overall control unit 3000 is an OS (Operating System), for example, and controls the overall operation of the business terminal 300. The communication control unit 3001 controls the communication I / F 326 to perform communication with the network 30.

  When the print request unit 3005 receives a print instruction for a document stored or acquired by the business terminal 300 in response to a user operation, the print request unit 3005 sends a print job of the document to an output destination (the printing device 304 or the print device specified by the user). Server 303). Although details will be described later, since transmission of print data from the business terminal 300 to the print server 203 is not permitted, if the print server 203 is designated as the output destination of the print job, the transmission fails and an error occurs. Become. The above-described printer driver installed in the business terminal 300 can execute the processing of the print request unit 3005.

  The VDI client 3002 is mounted in addition to the overall control unit 3000 and the communication control unit 3001, for example, and includes a communication unit 3003 and a UI unit 3004. A communication unit 3003 communicates with the VDI server 201. The UI unit 3004 realizes a user interface such as information display for the user, screen display for user operation, and input processing by user operation corresponding to the screen display.

  The UI unit 3004 causes the display 327 to display a screen that allows the user to input user authentication information (such as a user ID and password) for communication connection with the VDI server 201. For example, when a communication connection with the VDI server 201 is requested in response to a user operation on the business terminal 300, the UI unit 3004 transmits the input user authentication information to the user information management server 301 to request authentication. Upon receiving an authentication result indicating successful authentication from the user management server 301, the UI unit 3004 transmits user information (such as user identification information) of the authenticated user to the VDI server 201 and establishes communication connection with the VDI server 201. Request.

  In addition, the UI unit 3004 causes the display 327 to display the virtual desktop screen provided from the VDI server 201 through communication with the VDI server 201 by the communication unit 3003. The UI unit 3004 also receives input from an input device corresponding to the virtual desktop screen, and communicates with the VDI server 201 by the communication unit 3003 in response to the received input.

  FIG. 4 illustrates an exemplary hardware configuration of the printing apparatus 304 applicable to the embodiment. Here, it is assumed that the printing apparatus 304 is an MFP. 4, the printing apparatus 304 includes a CPU 340, a ROM 341, a RAM 342, an external I / F 343, an operation unit I / F 344, an operation panel 3440, a short-range wireless communication unit 345, a communication I / F 346, Storage 350. Further, the printing apparatus 304 has a configuration for executing each function of the printing apparatus 304.

  The storage 350 is a storage medium that stores data in a nonvolatile manner, and a hard disk drive or a flash memory can be applied. The storage 350 stores programs and data for the CPU 340 to operate.

  In this example in which the printing apparatus 304 has a printing function, a copying function, a scanner function, and a FAX function, the printing apparatus 304 has an image processing / engine control unit 360, a scanner unit 361, and a configuration for executing each function. A printer unit 362 and a FAX unit 363 are provided. The above-described units included in the printing apparatus 304 are connected to each other via buses 370 and 371 so as to communicate with each other.

  For example, the CPU 340 controls the overall operation of the printing apparatus 304 by using the RAM 342 as a work memory in accordance with a program stored in advance in the ROM 341 or the storage 350.

  The operation unit I / F 344 is connected to an operation unit that receives a user operation and an operation panel 3440 that includes a display unit for presenting information to the user. As the operation unit, a touch panel configured to output a signal corresponding to the touched position can be used, and the touch panel and the display unit can be integrally configured. A signal output from the operation panel 3440 according to a user operation is supplied to the CPU 340 via the operation unit I / F 344. In addition, the operation unit I / F 344 displays a screen on the display unit of the operation unit 3440 in accordance with the display control signal supplied from the CPU 340.

  The short-range wireless communication unit 345 performs short-range wireless communication that is wireless communication with a communication area of an extremely short distance of, for example, several centimeters to 1 m, and includes a communication part for transmitting and receiving signals by wireless communication. . The communication part is provided, for example, near the surface of the casing of the printing apparatus 304 so that communication with the outside of the printing apparatus 304 is easy. For example, an IC (Integrated Circuit) card including an RFIC (Radio Frequency Integrated Circuit) chip including a storage unit, a short-range wireless communication unit 345, and a short-range wireless communication unit corresponding to a communication method is prepared. The short-range wireless communication unit 345 communicates with the short-range wireless communication unit included in the IC card by acquiring the information stored in the storage unit included in the IC card by the proximity of the IC card to the communication site. can do.

  The communication I / F 346 controls communication with the network 30 in accordance with an instruction from the CPU 340. The external I / F 343 is an interface for connecting an external device such as a USB interface.

  The scanner unit 361 scans and reads an image of a document set on a document table using an optical sensor such as a CIS (Contact Image Sensor), and outputs image data. The printer unit 362 forms an image on a medium based on image data using an image forming method such as an ink jet method or an electrophotographic method.

  The image processing / engine control unit 360 controls the operations of the scanner unit 361 and the printer unit 362 in accordance with instructions from the CPU 340. Further, the image processing / engine control unit 360 performs predetermined image processing on the image data read by the scanner unit 361 and outputs the image data to the bus 371 in accordance with an instruction from the CPU 340. Further, the image processing / engine control unit 360 performs predetermined image processing on the image data supplied via the bus 371 and supplies the image data to the printer unit 362. The FAX unit 363 is connected to a public telephone line, for example, and performs FAX transmission processing of image data supplied via the bus 371 in accordance with an instruction from the CPU 340.

  FIG. 5 is a functional block diagram illustrating an example of functions of the printing apparatus 304 according to the embodiment. The printing apparatus 304 includes a print execution unit 3040, a communication control unit 3041, an authentication processing unit 3042, and a print control unit 3043. The print execution unit 3040, the communication control unit 3041, the authentication processing unit 3042, and the print control unit 3043 are configured by a program running on the CPU 340.

  The print execution unit 3040 executes printing according to print data on a print medium such as paper. The communication control unit 3041 controls the communication I / F 346 to perform communication with the network 30. For example, the authentication processing unit 3042 reads a card ID, a user ID, and a password stored in a storage unit included in the IC card from an IC card that is close to the short-range wireless communication unit 345, and transmits the card ID, a user ID, and a password to the authentication server 302. Request authentication of a user who owns.

  The print control unit 3043 is configured by, for example, an application program additionally installed in the printing apparatus 304 operating on the CPU 340. Not limited to this, the print control unit 3043 may be incorporated in the printing apparatus 304 in advance.

  The print control unit 3043 includes a UI unit 3044 and a list acquisition unit 3045. The UI unit 3044 generates a UI (User Interface) screen to be displayed on the operation panel 3440. The UI unit 3044 receives a user operation on the operation panel 3440 and controls the operation of the printing apparatus 304 in accordance with the received user operation. The list acquisition unit 3045 can acquire a list of print jobs waiting for printing from the print server 303 in the normal section 3 or the print server 203 in the confidential section 2 set as a list acquisition destination. .

  In the normal partition 3, the authentication server 302, the print server 303, and the print log management server 305 can be realized with the same hardware configuration as the business terminal 300 described with reference to FIG. The description of is omitted. Here, the authentication server 302, the print server 303, and the print log management server 305 can omit the graphics I / F 323, the display 327, the keyboard 328a, and the pointing device 328b in FIG.

  FIG. 6 is a functional block diagram illustrating an example of functions of the VDI server 201 applicable to the embodiment. The VDI server 201 can be realized with a hardware configuration equivalent to that of the business terminal 300 described with reference to FIG. 2, and thus the description of the hardware configuration is omitted. Here, the VDI server 201 can omit the graphics I / F 323, the display 327, the keyboard 328a, and the pointing device 328b in FIG.

  6, the VDI server 201 includes a virtual desktop control unit 2010, a communication control unit 2012, and a print control unit 2013. The virtual desktop control unit 2010, the communication control unit 2012, and the print control unit 2013 are configured by a program running on a CPU provided in the VDI server 201.

  The communication control unit 2012 performs communication with the network 20 by controlling the communication I / F included in the VDI server 201 in accordance with an instruction from the virtual desktop control unit 2010. The print control unit 2013 generates a print job in accordance with an instruction from the virtual desktop control unit 2010.

The virtual desktop control unit 2010 generates virtual desktops 2011 ₁ , 2011 ₂ ,... According to requests from a plurality of business terminals 300, 300,. To do. Each virtual desktop 2011 ₁ , 2011 ₂ ,... Transmits, for example, information for configuring a UI to each business terminal 300, 300,. The UI screen can be displayed, and a user operation corresponding to the displayed UI screen can be accepted.

For example, the virtual desktop 2011 ₁ receives a user operation corresponding to the UI screen displayed on the business terminal 300 by the virtual desktop 2011 _{1, and} sends user operation information indicating the received user operation to the virtual desktop control unit 2010. hand over. The virtual desktop control unit 2010 issues an instruction to the communication control unit 2012 and the print control unit 2013 according to the user operation information passed from the virtual desktop 2011 ₁ .

For example, in response to a user operation requesting printing of a confidential document to the business terminal 300 to which the virtual desktop 2011 ₁ is provided, the virtual desktop control unit 2010 sends a print request to the print control unit 2013 of the confidential document requested to be printed. Instructs the printing process. The print control unit 2013 generates a print job including the confidential document acquired from the confidential document server 200 in accordance with the instruction of the virtual desktop control unit 2010. As described above, the VDI server 201 can execute acquisition of a confidential document from the confidential document server 201 by the function of the document management program.

  At this time, the print control unit 2013 includes the attribute information of the print job in the print job. The attribute information includes, for example, a terminal ID for identifying the business terminal 300 that has performed an operation for instructing printing, a user ID of the user who performed the operation, time information indicating the time when the print job was generated, and a print target It includes information (for example, a file name) indicating a document and a print attribute designated by the user as a print condition. The print attribute includes parameters related to printing such as a print color (color or monochrome), the number of pages, and the number of copies. The VDI server 201 transmits the print job generated by the print control unit 2013 to the log storage server 202.

In the following, when there is no need to distinguish between the virtual desktops 2011 ₁ , 2011 ₂ ,..., Any one of them will be described as the virtual desktop 2011.

  FIG. 7 is a functional block diagram illustrating an example of functions of the log storage server 202 according to the embodiment. Note that the log storage server 202 can be realized with a hardware configuration equivalent to that of the business terminal 300 described with reference to FIG. Here, the log storage server 202 can omit the graphics I / F 323, the display 327, the keyboard 328a, and the pointing device 328b in FIG.

  In FIG. 7, the log storage server 202 includes a detection unit 2020, a prohibited character string storage unit 2021, a log information collection unit 2022, a conversion unit 2023, and a log storage unit 2024. Among these, the detection unit 2020, the log information collection unit 2022, and the conversion unit 2023 are configured by a program operating on a CPU provided in the log storage server 202. In addition, as the prohibited character string storage unit 2021 and the log storage unit 2024, for example, predetermined storage areas of the storage provided in the log storage server 202 are used.

  The prohibited character string storage unit 2021 stores a character string (referred to as a prohibited character string) that is a target of prohibiting printing of the document when it is included in the document to be printed. When the print job transmitted to the log storage server 202 is input, the detection unit 2020 refers to the prohibited character string stored in the prohibited character string storage unit 2021 and detects the document information included in the input print job. To execute the prohibited character string detection process.

  The detection unit 2020 detects, as information to be detected, information recognized as text information (recognized as character information) among information included in the print job, such as the entire text of the document to be printed and the file name of the document file of the document to be printed. Optional information) can be specified. The detection unit 2020 detects a prohibited character string from preset document information to be detected, and determines whether the prohibited character string is included.

  When the prohibited character string is not detected from the document included in the print job, the detection unit 2020 passes the print job to the log information collection unit 2022. On the other hand, when the prohibited character string is detected from the document included in the print job, the detection unit 2020 discards the print job and returns an error message to the VDI server 201. When the VDI server 201 receives this error message from the log management server 202, the VDI server 201 generates an error screen for the print request and notifies the user of the error.

  The log information collection unit 2022 stores log information based on the print job delivered from the detection unit 2020 in the log storage unit 2024. At this time, the log information collection unit 2022 passes the document included in the print job to the conversion unit 2023. The conversion unit 2023 converts the document delivered from the log information collection unit 2022 into print image data, and returns it to the log information collection unit 2022. The print image data is data corresponding to a print image obtained by printing a document on the printing apparatus 304, and is, for example, PDF (Portable Document Format) data. The log information collection unit 2022 stores the print image data obtained by converting the document included in the print job in the log storage unit 2024 in association with the attribute information of the print job.

  When the log information collection unit 2022 stores the print image data in the log storage unit 2024, the log information collection unit 2022 transmits a print job corresponding to the stored print image to the print server 203.

  FIG. 8 is a functional block diagram of an example for explaining the functions of the communication control apparatus 10 applicable to the embodiment. Note that the communication control apparatus 10 can be realized with a hardware configuration equivalent to the business terminal 300 described with reference to FIG. 2, and thus the description of the hardware configuration is omitted. Here, the communication control apparatus 10 can omit the graphics I / F 323, the display 327, the keyboard 328a, and the pointing device 328b in FIG.

  In FIG. 8, the communication control apparatus 10 includes a setting unit 1000 and a filter unit 1001. Each of the setting unit 1000 and the filter unit 1001 may be configured by a program operating on a CPU included in the communication control apparatus 10, or may be configured by a hardware circuit that operates in cooperation with each other. .

  The setting unit 1000 sets communication control for the filter unit 1001 for each destination and transmission source, for example. The filter unit 1001 controls communication between the network 20 and the network 30 according to setting information indicating the contents set by the setting unit 1000. For example, the filter unit 1001 acquires a packet transmitted from the network 20 to the network 30 and from the network 30 to the network 20, and extracts destination information and transmission source information included in, for example, a header portion of the acquired packet. The filter unit 1001 controls whether or not to allow the packet to pass based on the extracted destination information and the setting information set in the setting unit 1000.

  FIG. 9 shows an example of communication control by the communication control apparatus 10 according to the embodiment. In FIG. 9, the same reference numerals are given to the same parts as those in FIGS. 1 and 8 described above, and detailed description thereof will be omitted.

  In FIG. 9, horizontal arrows in the figure indicate communication control by the filter unit 1001 according to the setting of the setting unit 1000 in the communication control device 10. The communication control apparatus 10 permits the user information management server 301 in the normal partition 3 to communicate with the confidential document server 201, the VDI server 201, the log storage server 202, and the print server 203 in the confidential partition 2.

  The communication control apparatus 10 allows the business terminal 300 in the normal partition 3 to communicate with the VDI server 201 in the confidential partition 2, and communicates with the confidential document server 200, log storage server 202, and print server 203. Do not allow communication. The communication control apparatus 10 allows the printing device 304 in the normal section 3 to communicate with the print server 203 in the confidential section 2, and communicates with the confidential document server 200, the VDI server 201, and the log storage server 202. Do not allow communication. The communication control apparatus 10 permits the authentication server 302 in the normal section 3 to communicate with the print server 203 in the confidential section 2, and communicates with the confidential document server 200, the VDI server 201, and the log storage server 202. Do not allow communication. Not limited to this, the communication control device 10 may be set to further permit communication with other devices in the confidential section 2 that require authentication processing by the authentication server 302.

  The communication control device 10 does not permit access to the network 20 in the confidential partition 2 for each unit not shown in FIG. 9, the print server 303 and the print log management server 305 in the normal partition 3. When the authentication server 302 performs only user authentication in response to a direct authentication request from the printing apparatus 304 when the user uses the printing apparatus 304, the communication control apparatus 10 starts from the authentication server 302. You may set so that the access with respect to the network 20 in the confidential division 2 is not permitted.

  Furthermore, the communication control device 10 does not particularly limit communication from the network 20 in the confidential partition 2 to the network 30 in the normal partition 3. The communication control device 10 is not limited to this, and communication from the network 20 in the confidential partition 2 to the network 30 in the normal partition 3 is similar to the communication from the network 30 to the network 20 for each destination and transmission source. You may control to.

(Details of processing according to the embodiment)
Next, the process according to the embodiment will be described in more detail. FIG. 10 is a sequence diagram illustrating an example of a process in the case of requesting printing of a confidential document stored in the confidential document server 200 in the confidential section 2 from the business terminal 300 in the normal section 3 according to the embodiment. In FIG. 10, the same reference numerals are given to the same parts as those in FIG. 1 described above, and detailed description thereof is omitted.

  When a user requests printing of a confidential document stored in the confidential document server 200 in the confidential section 2 in the normal section 3, the user activates the VDI client 3002 in the business terminal 300. When the VDI client 3002 is activated, the UI unit 3044 displays a login screen. The user operates the business terminal 300 and inputs a user ID and a password (PW) according to the login screen (step S100).

  In the business terminal 300, the VDI client 3002 transmits the input user ID and password and the terminal ID for specifying the business terminal 300 to the VDI server 201 and requests login to the VDI server 201 ( Step S101). The terminal ID is identification information unique to each business terminal 300. For example, a MAC (Media Access Control) address can be used.

  As described with reference to FIG. 9, since the communication control apparatus 10 permits communication between the business terminal 300 and the VDI server 201, the user ID, password, and terminal ID transmitted from the business terminal 300 are And received by the VDI server 201 via the communication control device 10.

  The VDI server 201 transmits the user ID and password out of the received user ID, password, and terminal ID to the user information management server 301 in the normal partition 3, and requests authentication of the user indicated by the user ID (step S102). ). Based on the user ID and password, the user information management server 301 determines whether or not the user indicated by the user ID is registered as a user who has been given access authority to the network 20 in the confidential section 2. The user information management server 301 transmits this determination result as an authentication result to the VDI server 201 (step S103). As described above, the user information management server 301 also functions as an authentication unit that authenticates a user who uses the business terminal 300.

  When the authentication result by the user information management server 301 indicates user registration and the authentication is successful, the VDI server 201 generates, for example, the virtual desktop 2011 and sends the login request to the business terminal 300 that has transmitted the login request. The UI configuration information by the generated virtual desktop 2011 is transmitted (step S110).

  In the user information management server 301, whether or not the user ID and password are registered, that is, if the user exists is confirmed and it is determined that the user exists, the user information of the user including the presence / absence of access authority is obtained. You may make it reply to the VDI server 201. FIG. In this case, the VDI server 201 that has received the user information determines whether or not the user is a user who has been given access authority to the network 20 in the confidential partition 2 based on the authority.

  In addition, the VDI server 201 determines that the authentication has failed, if the authentication result indicates that the user is not registered, that is, the user who requested the login is not authorized to access the network 20, the login request Is denied access to the business terminal 300 that has transmitted.

  The business terminal 300 configures the UI based on the UI configuration information transmitted from the VDI server 201 in step S110 by the VDI client 3002, and displays the UI screen on the display 327 (step S111). The business terminal 300 uses the VDI client 3002 to request a list of confidential documents stored in the confidential document server 200 from the VDI server 201 in response to a user operation based on the UI screen (step S112). At this time, the VDI client 3002 adds the terminal ID of the business terminal 300 to the confidential document list request and transmits it to the VDI server 201.

  In accordance with the confidential document list request transmitted from the business terminal 300, the VDI server 201 requests the confidential document server 200 for a list of stored confidential documents (step S113). In response to this request, the confidential document server 200 transmits a list of stored confidential documents to the VDI server 201 (step S114). The VDI server 201 presents the confidential document list transmitted from the confidential document server 200 to the business terminal 300 via the virtual desktop 2011 (step S115). The business terminal 300 causes the VDI client 3002 to display the confidential document list transmitted from the VDI server 201 on the display 327 (step S116).

  The business terminal 300 requests the VDI server 201 to print the confidential document designated by the user operation corresponding to the confidential document list displayed on the display 327 by the VDI client 3002 (step S120). The VDI server 201 requests the confidential document server 200 for the confidential document designated by the print request from the business terminal 300 (step S121). In response to this request, the confidential document server 200 passes the designated confidential document to the VDI server 201 (step S122).

  When the VDI server 201 receives a confidential document from the confidential document server 200, the VDI server 201 creates a print job including the received confidential document and attribute information regarding printing of the confidential document. As described above, the attribute information includes the terminal ID and user ID of the business terminal 300 and the user who transmitted the print request, the time information indicating the time when the print job was created, the information indicating the confidential document, and the print attribute. Including. The VDI server 201 transmits the created print job to the log storage server 202, and requests the log storage server 202 to print a confidential document (step S123).

  The selection of the confidential document is not limited to the selection by displaying the confidential document list. For example, a confidential document stored in the confidential document server 200 may be searched, a specific confidential document may be designated, and the content of this document may be browsed before printing is requested. In this case, the VDI server 201 may acquire a confidential document from the confidential document server 200 when browsing.

  When the log storage server 202 receives the print job transmitted from the VDI server 201, the detection unit 2020 performs a print prohibition character string detection process on the confidential document included in the received print job, and the print job Whether or not printing is possible is checked (step S124). The detection unit 2020 returns an error message to the VDI server 201 when a print prohibited character string is detected from the confidential document to be printed. The VDI server 201 can transmit this error message to the transmission source business terminal 300 that has transmitted the print request.

  The log storage server 202 passes the print job to the log information collection unit 2022 when no print prohibited characters are detected from the confidential document to be printed. The log information collection unit 2022 generates log information based on the passed print job, and stores the generated log information in the log storage unit 2024 (step S125). More specifically, the log information collection unit 2022 passes the confidential document included in the transferred print job to the conversion unit 2023, and print data that has been converted by the conversion unit 2023 into the print job attributes. The log storage unit 2024 stores the information in association with the information.

  When the log storage server 202 stores the log information in the log storage unit 2024, the log storage server 202 transmits the print job to the print server 203 in the confidential section 2 (step S126). Upon receiving the print job transmitted from the log storage server 201, the print server 203 stores the received print job (step S127).

  FIG. 11 is a sequence diagram illustrating an example of processing when the business terminal 300 requests printing of a general document in the normal section 3 that can be applied to the embodiment. Note that the general document here is a document that does not limit the browsing target. In FIG. 11, the same reference numerals are given to the portions common to FIG. 1 described above, and detailed description thereof is omitted.

  In step S200, the business terminal 300 receives the user ID and password (step S200). The user ID and password are input in response to a user operation in order for the user to log in to the business terminal 300, for example. The business terminal 300 transmits the input user ID and password to the user information management server 301 and requests authentication (step S201). The user information management server 301 determines whether the user ID and password transmitted from the business terminal 300 are registered. The user information management server 301 transmits this determination result as an authentication result to the business terminal 300 (step S202).

  When the authentication result indicates registration of the user and the authentication is successful, the user who has logged in the business terminal 300 designates a document to be printed, a print attribute, an output destination, and the like, and requests printing of the designated document. The business terminal 300 receives the print request and creates a print job including the specified document (step S203). At this time, the business terminal 300 sets attribute information including the user ID input in step S200, creates print data of the designated document, and includes it in the print job. The business terminal 300 can specify, for example, a document created by an installed document creation program as a document to be printed. The business terminal 300 transmits the created print job to the print server 303 in the normal section 3 (step S204). The print server 303 receives the print job transmitted from the business terminal 300 and stores the received print job (step S205).

  FIG. 12 is a sequence diagram illustrating an example of processing for performing printing according to a print job stored in the print server 203 or the print server 303 from the printing apparatus 304 according to the embodiment. In FIG. 12, the same reference numerals are given to the portions common to FIG. 1 described above, and detailed description thereof will be omitted.

  When printing is performed by designating a document to be printed from the printing apparatus 304, the user requests the printing apparatus 304 to log in using login information, that is, user authentication information (for example, a user ID and password) (step S300). ).

  For example, the user brings an IC card, in which a card ID is stored in advance, close to a communication part of the short-range wireless communication unit 345 provided in the printing apparatus 304. Thereby, communication is performed between the IC card and the short-range wireless communication unit 345, and the card ID stored in the IC card is input to the printing apparatus 304, and login to the printing apparatus 304 is requested.

  The printing apparatus 304 transmits the card ID input by the login request to the authentication server 302, and requests authentication from the authentication server 302 (step S301). In response to this request, the authentication server 302 refers to card management information that is registered in the authentication server 302 and is associated with a card ID, a user ID, and a password. Based on the ID, it is determined whether the user ID and password associated with the card ID can be specified. If it can be identified, the identified user ID and password are transmitted to the user information management server 301, and the user information management server 301 is requested to collate these user ID and password (step S302).

  The user information management server 301 collates the user ID and password transmitted from the authentication server 302 with the registered user ID and password, and returns the collation result to the authentication server 302 (step S303). When the presence of the user corresponding to the user ID and password transmitted from the authentication server 302 is confirmed based on the collation result transmitted from the user information management server 301, the authentication server 302 determines that the authentication is successful and the user's printing apparatus Login to 304 is permitted, and a message to that effect is sent to the printing apparatus 304 as an authentication result (step S304).

  When the printing apparatus 304 receives an authentication result permitting the user to log in, the UI unit 3044 causes the operation panel 3440 to display a print control screen for designating a print job (step S305).

  FIG. 13 shows an example of a print control screen displayed on the operation panel 3440 applicable to the embodiment. For example, in FIG. 13A, the print control screen 400 includes display units 401 and 413, tabs 402a and 402b, a print data list display unit 403, and buttons 410 to 412 and 420 to 422. The display unit 401 displays information (for example, a user ID) indicating a user who has logged into the printing apparatus 304.

  Tabs 402a and 402b are tabs for designating a print target as either a general document or a confidential document. The tab 402a is a tab for designating a general document as a print target. FIG. 13A shows a state in which the tab 402a is designated. When the tab 402a is designated, the UI unit 3044 of the printing apparatus 304 causes the list acquisition unit to acquire a print job corresponding to the user ID of the user who has logged into the printing apparatus 304 from the print server 303 in the normal partition 3. 3045 is instructed. The list acquisition unit 3045 acquires a list of print jobs from the print server 303 in accordance with this instruction.

  On the other hand, the tab 402b is a tab for designating a confidential document as a print target. FIG. 13B shows a state in which the tab 402b is designated. When the tab 402b is designated, the UI unit 3044 of the printing apparatus 304 causes the list acquisition unit to acquire a print job corresponding to the user ID of the user who has logged into the printing apparatus 304 from the print server 203 in the confidential section 2. 3045 is instructed. The list acquisition unit 3045 acquires a list of print jobs from the print server 203 in accordance with this instruction.

  The print data list display unit 403 displays a list of print job information acquired from the print server 303 in the normal section 3 or the print server 203 in the confidential section 2 in accordance with operations on the tabs 402a and 402b. By specifying the print job information displayed on the print data list display unit 403 by a user operation on the operation panel 3440, for example, the specified print job can be selected as a print job to be printed.

  Here, it is assumed that when a print job list display is requested by a user operation, a list of print jobs with the tab 402a selected by default is displayed. By doing so, since the print job list of the confidential document is not acquired unless the user designates the tab 402b, unnecessary access to the confidential section 2 can be reduced.

  In the example of FIG. 13A in which the tab 402a is specified, the print data list display unit 403 displays a list of information of each print job for printing a general document acquired from the print server 303. In the example of FIG. 13B in which the tab 402b is designated, the print data list display unit 403 displays a list of information on each print job for printing confidential documents acquired from the print server 203. .

  In the examples of FIGS. 13A and 13B, the print job information displayed on the print data list display unit 403 includes the file name of the document file to be printed by the print job, and the print job. Time information indicating the specified time and print attributes designated by the print job. The print attribute includes information such as a print color (color or monochrome), the number of pages, and the number of copies.

  Buttons 410 to 412 are buttons for performing operations on the display of the print data list display unit 403. The button 410 prints all print jobs acquired from the print server 303 when the tab 402a is specified, and all print jobs acquired from the print server 203 when the tab 402b is specified. It is a button for selecting as a job.

  Buttons 411 and 412 are buttons for switching pages of the print data list display unit 403. For example, the UI unit 3044 is a unit of pages based on the number of print jobs (two in this example) that the print data list display unit 403 can display a list of print jobs acquired from the print server 203 or the print server 303 at a time. Treat as. Buttons 411 and 412 are buttons for switching the page displayed in the current print data list display unit 403 to the previous page and the next page, respectively, according to an operation. The display unit 413 displays information indicating how many pages are currently displayed in the print data list display unit 403 among all the pages in the acquired print job list.

  Buttons 420 to 422 are buttons for instructing processing for a print job corresponding to the print job information specified in the print data list display unit 403. A button 420 is a button for deleting a print job corresponding to the designated print job information, and a button 421 is a button for editing the print job information. The button 422 is a button for instructing printing by the print job corresponding to the information of the designated print job.

  Returning to FIG. 12, when the tab 402a is specified on the print control screen 400 displayed in step S305, the process of step S310 is executed, and when the tab 402b is specified, the process of step S320 is executed. The

  The process of step S310 will be described. Step S310 includes each process of step S3101 to step S3109. In step S3101, the printing apparatus 304 requests the print server 303 in the normal section 3 for a list of print jobs and transmits the user ID of the logged-in user (step S3101). In response to the print job list request transmitted from the printing apparatus 304, the print server 303 requests the authentication server 302 to collate the stored print job with the user ID transmitted from the printing apparatus 304 (step S302). S3102).

  The authentication server 302 checks the user ID based on the user ID transmitted from the print server 303, and determines whether or not the user with the user ID has authority to execute printing by the printing apparatus 304. judge. If the authentication server 302 determines that the user with the user ID does not have the authority to use the printing apparatus 304, the authentication server 302 can output an error message, for example. This error message is transmitted to the printing apparatus 304 via the print server 303, for example. On the other hand, if the authentication server 302 determines that the user with the user ID has the authority to use the printing apparatus 304, the authentication server 302 transmits the user ID to the user information management server 301 (step S3103), and the user ID Request confirmation of the existence of the user.

  The user information management server 301 collates the user ID transmitted from the authentication server 302, and when the presence of the user with the user ID is confirmed, the collation result indicating the authentication success is transmitted to the authentication server 302 (step S3104). ). The authentication server 302 transmits a collation result indicating the successful authentication of the user ID to the print server 303 (step S3105).

  Note that the user information management server 301 can output an error message when the presence of the user with the user ID is not confirmed as a result of the collation. This error message is transmitted to the print server 303, for example, and is transmitted from the print server 303 to the printing apparatus 304. Note that the processing in these steps S3103 and S3104 can be omitted.

  When the print server 303 receives the authentication success verification result based on the user ID from the printing apparatus 304 from the authentication server 302, the print server 303 extracts the print job corresponding to the user ID, and uses the extracted print job attribute information as the print job. Is transmitted to the printing apparatus 304 as information included in the information list (step S3106).

  Upon receiving the list of print job information transmitted from the print server 303, the printing apparatus 304 receives the print data list display unit 403 of the print control screen 400 displayed on the operation panel 3440 by the UI unit 3044. Displays a list of information about the print jobs that have been completed. The UI unit 3044 waits for a user operation for designating a print target on the operation panel 3440 (step S3107).

  The UI unit 3044 requests the print server 303 for a print job corresponding to the print job information specified as the print target in response to a user operation for specifying the print target on the operation panel 3440 (step S3108). The print server 303 transmits the requested print job to the printing apparatus 304 (step S3109). Note that print data generation based on a print job can also be performed on the printing apparatus 304 side. The printing apparatus 304 receives the print job transmitted from the print server 303, and executes print processing according to the print data included in the received print job (step S3110).

  When the printing process is executed, the printing apparatus 304 transmits print log information related to the executed printing process to the print log management server 305 (step S3111). Upon receiving the print log information transmitted from the printing apparatus 304, the print log management server 305 stores the received print log information (step S3112).

  In the print control screen 400, the state in which the tab 402a is designated can be set as a default state. In this case, the processes in steps S 3101 to S 3103 included in step S 310 are automatically executed as the print control screen 400 is displayed.

  Next, the process of step S320 will be described. Step S320 includes each process of step S3201 to step S3209. The processes in steps S3201 to S3209 included in step S320 are the same as the processes in steps S3101 to S1209 included in step S310 described above, except that the acquisition destination from which the printing apparatus 304 acquires a print job or the like is different. It becomes processing of.

  In step S3201, the printing apparatus 304 requests the print server 203 in the confidential section 2 for a list of print jobs and transmits the user ID of the logged-in user (step S3201). As described with reference to FIG. 9, since the communication control apparatus 10 permits communication between the printing apparatus 304 and the print server 203 in the confidential section 2, the print job transmitted from the printing apparatus 304 is used. The list request and the user ID are received by the print server 203 via the communication control device 10. In response to the print job list request transmitted from the printing apparatus 304, the print server 203 requests the authentication server 302 to collate the stored print job with the user ID transmitted from the printing apparatus 304 (step S3). S3202).

  The authentication server 302 checks the user ID based on the user ID transmitted from the print server 203, and determines whether or not the user with the user ID has authority to execute printing by the printing apparatus 304. judge. If the authentication server 302 determines that the user with the user ID does not have the authority to use the printing apparatus 304, the authentication server 302 can output an error message, for example. This error message is transmitted to the printing apparatus 304 via the print server 303, for example.

  On the other hand, if the authentication server 302 determines that the user with the user ID has authority to use the printing apparatus 304, the authentication server 302 transmits the user ID to the user information management server 301 (step S3203). Requesting confirmation of the existence of the user and confirmation of whether the user has the right to access the confidential area 2. The user information management server 301 collates the user ID transmitted from the authentication server 302, confirms the existence of the user with the user ID, and the user has an access right to the confidential area 2. If it is determined, the verification result indicating the authentication success is transmitted to the authentication server 302 (step S3204). The authentication server 302 transmits a verification result indicating successful authentication of the user ID to the print server 303 (step S3205).

  Note that the user information management server 301 can output an error message when the presence of the user with the user ID is not confirmed as a result of the collation. Further, the user information management server 301 can output an error message even when it is not confirmed that the user with the user ID has the access authority to the confidential section 2 as a result of the collation. This error message is transmitted to the print server 303, for example, and is transmitted from the print server 303 to the printing apparatus 304.

  When the print server 203 receives the authentication success verification result based on the user ID from the printing apparatus 304 from the authentication server 302, the print server 203 extracts the print job corresponding to the user ID, and uses the extracted print job attribute information as the print job. Is transmitted to the printing apparatus 304 as information included in the information list (step S3206).

  The printing apparatus 304 causes the UI unit 3044 to display a list of print job information transmitted from the print server 203 on the print data list display unit 403 of the print control screen 400 displayed on the operation panel 3440. The UI unit 3044 waits for a user operation for designating a print target on the operation panel 3440 (step S3207).

  The UI unit 3044 requests the print server 203 for a print job corresponding to the print job information specified as the print target in response to a user operation for specifying the print target on the operation panel 3440 (step S3208). The print server 203 transmits the requested print job to the printing apparatus 304 (step S3209). The printing apparatus 304 executes print processing according to the print data transmitted from the print server 203 (step S3210).

  When the printing process is executed, the printing apparatus 304 transmits print log information related to the executed printing process to the print log management server 305 (step S3211). Upon receiving the print log information transmitted from the printing apparatus 304, the print log management server 305 stores the received print log information (step S3212).

  As described above, in the network system 1 according to the embodiment, in the communication between the network 20 in the secret partition 2 and the network 30 in the normal partition 3, the business terminal 300 in the normal partition 3 and the secret terminal 2 Mutual communication with the VDI server 201 and mutual communication between the printing device 304 in the normal section 3 and the print server 203 in the confidential section 2 are permitted. In addition, the business terminal 300 is prohibited from accessing any device other than the VDI server 201 in the confidential section 2.

  In the embodiment, after the communication between the network 20 and the network 30 is controlled as described above, the business terminal 300 requests the VDI server 201 to print the confidential document in the confidential section 2. In response to this request, the VDI server 201 controls print data based on the confidential document in the confidential section 2.

  Thereby, in the network system 1 according to the embodiment, it is possible to execute the printing of the confidential document in the confidential section 2 according to the operation on the business terminal 300 in the normal section 3, and for the printing of the confidential document. The user does not need to move from the normal section 3 to the confidential section 2. In addition, since the business terminal 300 cannot directly access the confidential document in the confidential section 2, the confidential document can be prevented from leaking from the confidential section 2. Furthermore, since the confidential document in the confidential section 2 can be printed by the printing device 304 in the normal section 3, resources can be efficiently used.

(Modification of the embodiment)
In the above description, the log information is stored by the log storage server 202 in the confidential section 2 before the print job based on the confidential document to be printed is stored in the print server 203 in the confidential section 2 (FIG. 10, FIG. 10). Step S125) is not limited to this example. For example, log information may be stored by the log storage server 202 when a print job is requested from the printing apparatus 304 to the print server 203 (FIG. 12, step S3205).

  Further, in the above description, the print log management server 305 in the normal partition 3 stores the print log information even when the printing apparatus 304 executes printing by the print job acquired from the confidential partition 2 (network 20) ( FIG. 12, step S3209) is not limited to this example. That is, the print log management server 305 may not leave the print log information when the printing apparatus 304 prints the print job acquired from the confidential section 2.

  For example, the print log management server 305 does not store print log information when a print job acquired from the confidential section 2 is printed. Alternatively, the print log management server 305 stores the print log information according to the process of step S3209 in FIG. 12, but deletes the print log information at a predetermined timing. Alternatively, the log storage server 202 periodically acquires print log information related to confidential documents and deletes it from the print log management server 305 at this timing. Thereby, the analogy of the print content based on, for example, the file name of the confidential document that has been printed and is stored as the print log information can be prevented.

  In each of the above-described embodiments, an example has been described in which the confidential document is stored in the confidential section 2. However, the document stored in the confidential section 2 is not limited to the confidential document. Good. The confidential document server 200 is a document management apparatus that cannot be accessed from the user's business terminal 300 via an external network. The type of the confidential document server 200 is not particularly limited as long as it is a document stored in such a document management apparatus.

  Each of the above-described embodiments is a preferred embodiment of the present invention, but is not limited thereto, and various modifications can be made without departing from the gist of the present invention.

DESCRIPTION OF SYMBOLS 1 Network system 2 Confidential division 3 Normal division 10 Communication control apparatus 200 Confidential document server 201 VDI server 202 Log storage server 203,303 Print server 300 Business terminal 301 User DB
302 Authentication Server 304 Printing Device 305 Print Log Management Server 2020 Detection Unit 2021 Prohibited Character String Storage Unit 2022 Log Information Collection Unit 2023 Conversion Unit 2024 Log Storage Unit

JP 2007-257552 A

Claims (8)

Between the first system constructed in the first network, the second system constructed in the second network to which the business terminal is connected, the first network and the second network A network system comprising a control device for controlling communication,
The first system includes:
A document storage unit for storing the document;
A print data storage unit that stores print data for printing the document in response to a print request for the document stored in the document storage unit;
A print data transmission unit that transmits the requested print data in response to receiving a print data acquisition request stored in the print data storage unit;
A print data control unit that forms a user interface on the business terminal that allows the user to instruct the print request of the document stored in the document storage unit by operating the business terminal;
Have
The second system is:
A printing unit that executes printing of print data based on the print request from the business terminal;
An acquisition request transmitting unit that transmits the acquisition request for requesting acquisition of print data to be printed by the printing unit to the first system;
Have
The control device includes:
Permitting communication from a device connected to the first network to a device connected to the second network, and from a device connected to the second network to a device connected to the first network A communication control unit that controls whether the communication is permitted or not,
The communication control unit
Permit communication from the business terminal to the print data control unit,
Allowing communication from the print unit to the print data storage unit;
A network system that does not permit communication from the business terminal to the document storage unit, the print data storage unit, and the print data transmission unit. The first system includes:
A log storage unit that stores log information indicating the document requested to be printed by the print request in response to reception of the print request;
The communication control unit
The network system according to claim 1, wherein communication from the business terminal and the printing unit to the log storage unit is not permitted. The log storage unit
Designated as the print destination of the document by the print request, the document is included in the log information indicating the document in response to the print request, and is further supplied to the print data storage unit The network system according to claim 2. The log storage unit
Information indicating the document; information indicating a time when the print request for requesting printing of the document is transmitted; identification information identifying the business terminal that transmitted the print request; and a user who transmitted the print request. The network system according to claim 2, wherein the log information including at least identification information for identification is stored. The log storage unit
5. The network system according to claim 4, wherein the log information further includes a print image corresponding to a print image obtained by printing the document by the printing unit. The print data control unit
6. The control according to claim 1, wherein control is performed to acquire the document from the document storage unit in response to the print request transmitted from the business terminal and to supply the acquired document to the print data storage unit. The network system according to item 1. The second system is:
An authentication unit that authenticates a user who uses the business terminal;
The communication control unit
Allowing communication between the authentication unit and the print data control unit;
The print data control unit
7. The server according to claim 1, wherein the authentication unit is requested to authenticate the business terminal in response to a connection request from the business terminal, and the user interface is formed for the business terminal that has been successfully authenticated. The network system according to item. Between the first system constructed in the first network, the second system constructed in the second network to which the business terminal is connected, the first network and the second network A communication method in a network system comprising a control device for controlling communication,
In the first system, in response to a print request for a document stored in the document storage unit, storing print data for printing the document in the print data storage unit;
In the first system, in response to receiving a print data acquisition request stored in the print data storage unit, the requested print data is transmitted by a print data transmission unit;
In the first system, the print data control unit has a user interface that allows the user to instruct the print request for the document stored in the document storage unit by operating the business terminal. Forming step;
In the second system, transmitting the acquisition request for requesting acquisition of print data to be printed by a printing unit that prints print data based on the print request from the business terminal;
The control device permits or rejects communication from a device connected to the first network to a device connected to the second network, and from the device connected to the second network to the first network. A communication control step for controlling whether or not communication to a connected device is permitted;
Have
The communication control step includes
Permit communication from the business terminal to the print data control unit,
Allowing communication from the print unit to the print data storage unit;
A communication method that does not permit communication from the business terminal to the document storage unit, the print data storage unit, and the print data transmission unit.

Images