JP2018142875A - Image forming system, terminal, server, image forming apparatus, and image forming method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an image forming system that prevents unauthorized alteration of confidential data.SOLUTION: A confidential data transmission part 110 of a terminal 1 transmits, to a server 2, confidential data 500 including an image or characters specified as confidential in a document of document data 400. A code image creation part 210 of the server 2 creates a code image 510 for outputting the confidential data 500. A confidential document data creation part 130 of the terminal 1 creates confidential document data 410 obtained by adding the code image 510 to the document data 400. A decoding part 310 of an image forming apparatus 3 decodes the code image 510 from acquired confidential document data 411 including the code image 510. A code confidential data acquisition part 320 acquires the confidential data 500 corresponding to the details of the code image 510. A comparison part 330 compares the confidential data 500 acquired by a confidential data acquisition part 200 with image data of a document.SELECTED DRAWING: Figure 5

Description

  The present invention relates to an image forming system, a terminal, a server, an image forming apparatus, and an image forming method, and more particularly to an image forming system, a terminal, a server, an image forming apparatus, and an image forming method for managing documents.

  Conventionally, there are image forming apparatuses such as multifunction peripherals (MFPs) and copiers capable of printing documents and images.

In recent years, the spread of image forming apparatuses has increased, and anyone can easily copy a document. In addition, it is also common to convert a document into document data such as PDF and exchange data between users. Along with this, leakage due to copying of confidential documents that should not be viewed by anyone other than related parties such as confidential documents has become a major problem.
Also, many document editing software have been developed so that documents can be easily edited. For this reason, illegal editing and modification of documents is also a problem.

In order to deal with these problems, there is a technique called a watermark. The watermark is written together with information that is encoded so as to be inconspicuous in a document or that a specific mark is described.
For example, there is a configuration in which a warning character such as “confidential” is revealed when a dot pattern of a ground pattern is read and copied. There is also a system for embedding origin information such as information on the MFP that printed the document and printing date and time.

Here, as an example of such a conventional technique, referring to Patent Document 1, an access log to a document is created based on a user's processing request, a digital watermark is created from the log ID, and “confidential” is used. A technique for adding to a document by combining with a watermark (background pattern) is described. In the technique of Patent Literature 1, a synthesized log ID is extracted from a watermark to obtain a document ID, and the owner is notified that there has been a processing request for the document when the document is read.
According to the technique of Patent Document 1, it is possible to know when a confidential document leaks illegally.
Further, if the original image at the time of copying is saved together with the log, an unauthorized change of the document can be confirmed.

JP 2006-5605 A

  However, the technique of Patent Document 1 cannot prevent the illegally changed document itself from being output.

  The present invention has been made in view of such a situation, and an object thereof is to provide an image forming apparatus that solves the above-described problems.

An image forming system according to the present invention is an image forming system including a terminal, a server accessed from the terminal, and an image forming apparatus that acquires data stored in the server according to an instruction from the terminal. Includes a confidential data transmission unit that transmits confidential data including images or characters designated for confidentiality in a document of document data to the server, and a code image that acquires a code image for outputting the confidential data from the server. An acquisition unit; and a confidential document data generation unit that generates confidential document data by adding the code image acquired by the code image acquisition unit as a watermark to the document data, and the server includes the confidential data of the terminal. A confidential data acquisition unit that acquires the confidential data transmitted from the transmission unit, and the device acquired by the confidential data acquisition unit A code image creation unit for creating the code image for outputting data, a code image transmission unit for sending the code image created by the code image creation unit to the terminal, and corresponding to the contents of the code image A code confidential data transmission unit that transmits the confidential data to the image forming apparatus, the image forming apparatus reading a document on which the confidential document data is output as image data, and the document reading unit. In response to the content of the code image decoded by the decoding unit and the code confidential data transmission unit of the server, the confidential data is decoded from the image data of the original read by the decoding unit. A code confidential data acquisition unit for acquiring data, and the confidential data acquired by the code confidential data acquisition unit and the original Characterized in that it comprises a comparison unit for comparing the image data.
In the image forming system according to the aspect of the invention, when the comparison result by the comparison unit is different, the image forming apparatus outputs the output data obtained by replacing the image data of the document with the confidential data acquired by the code confidential data acquisition unit. Is further provided with an output data creation unit for creating the data.
In the image forming system of the present invention, the code image creating unit of the server creates the code image including user access information to the confidential data, and the image forming apparatus authenticates the user. The decryption unit decrypts the code image including the access information of the user, and the code confidential data acquisition unit uses the authentication state of the user by the authentication unit and the access information to determine the server. The behavior at the time of acquiring the confidential data is changed.
In the image forming system of the present invention, the server acquires user authentication information from the authentication unit, and when an access to the confidential data is attempted, a log in which the authentication state is associated with the confidential data. It further comprises a log recording unit for recording.
The image forming system according to the present invention is characterized in that the terminal further includes a confidential data update unit that updates the confidential data.
The terminal of the present invention is a terminal of an image forming system including a server accessed from the own apparatus and an image forming apparatus that acquires data stored in the server according to an instruction from the own apparatus. A confidential data transmission unit that transmits confidential data including images or characters designated for confidentiality to the server, a code image acquisition unit that acquires a code image for output of the confidential data from the server, and the code And a confidential document data creation unit that creates confidential document data in which the code image acquired by the image acquisition unit is added to the document data as a watermark.
The server of the present invention is a server of an image forming system including a terminal, a local device accessed from the terminal, and an image forming apparatus that acquires data stored in the local device according to an instruction from the terminal, A confidential data acquisition unit that acquires confidential data transmitted from a terminal, a code image generation unit that generates a code image for outputting the confidential data acquired by the confidential data acquisition unit, and the code image generation unit A code image transmission unit that transmits the generated code image to the terminal, and a code confidential data transmission unit that transmits the confidential data corresponding to the content of the code image to the image forming apparatus. .
An image forming apparatus of the present invention is an image forming apparatus of an image forming system including a terminal, a server accessed from the terminal, and a self apparatus that acquires data stored in the server according to an instruction of the terminal, An original reading unit that reads, as image data, an original from which confidential document data including a code image for outputting confidential data is output, and the code image from the image data of the original read by the original reading unit And a code confidential data acquisition unit that acquires the confidential data from the server corresponding to the content of the code image decoded by the decoding unit, and the code confidential data acquisition unit A comparison unit that compares the confidential data with the image data of the document is provided.
An image forming method of the present invention is performed by an image forming system including a terminal, a server accessed from the terminal, and an image forming apparatus that acquires data stored in the server according to an instruction from the terminal. In the method, confidential data including images or characters designated for confidentiality in a document of document data is transmitted to the server by the terminal, and a code image for outputting the confidential data is acquired from the server. Creating confidential document data by adding the acquired code image as a watermark to the document data, acquiring the confidential data transmitted from the terminal by the server, and outputting the acquired confidential data The code image is generated, the generated code image is transmitted to the terminal, and the secret corresponding to the content of the code image is transmitted. Data is transmitted to the image forming apparatus, the original on which the confidential document data is output is read as image data by the image forming apparatus, the code image is decoded from the read image data of the original, and the decoding is performed. The confidential data is acquired from the server in accordance with the contents of the code image, and the acquired confidential data is compared with the image data of the document.

  According to the present invention, confidential data of document data is transmitted to a server at a terminal, a code image for output of confidential data created by the server is acquired, and confidential document data added to the document data is created. When the confidential document data is to be output by the forming apparatus, it is possible to provide an image forming system capable of detecting unauthorized modification of the document by acquiring and comparing the confidential data stored in the server.

1 is a system configuration diagram of an image forming system according to an embodiment of the present invention. It is a block diagram which shows the control structure of the terminal shown in FIG. It is a block diagram which shows the control structure of the server shown in FIG. FIG. 2 is a block diagram illustrating a control configuration of the image forming apparatus illustrated in FIG. 1. 1 is a block diagram illustrating a functional configuration of an image forming system according to an embodiment of the present invention. It is a flowchart of the confidential document output process which concerns on embodiment of this invention. FIG. 7 is a conceptual diagram of confidential document output processing document data and confidential document data shown in FIG. 6. It is a flowchart of the confidential document copy process which concerns on embodiment of this invention. FIG. 9 is a conceptual diagram of server authentication processing and authentication response processing shown in FIG. 8. It is a conceptual diagram of the confidential data comparison process shown in FIG. It is a conceptual diagram of the log recorded by the log recording process shown in FIG. It is a flowchart of the confidential data update process which concerns on embodiment of this invention. It is a conceptual diagram of the replacement selection process shown in FIG.

<Embodiment>
[System configuration of image forming system X]
First, the system configuration of the image forming system X will be described with reference to FIGS. According to FIG. 1, the image forming system X according to the embodiment of the present invention can acquire a terminal 1, a server 2 accessed from the terminal 1, and data stored in the server 2 according to an instruction from the terminal 1. And a possible image forming apparatus 3. Each device is connected by a network 5.

The terminal 1 is a terminal such as a PC, a mobile phone, a smartphone, a PDA (Personal Data Assistant), a business terminal, and a dedicated terminal for the image forming apparatus 3.
The terminal 1 operates various general-purpose OS (Operating System) and the like. Further, the terminal 1 can install a control program such as a device driver for the image forming apparatus 3. Accordingly, functions such as printing, scanning, FAX transmission / reception, network FAX, and the like of the image forming apparatus 3 can be used from the OS and various application software (Application Software, hereinafter referred to simply as “application”). . In addition, the terminal 1 can create and update various documents managed by the server 2.

The server 2 is a management information processing apparatus that is accessed from the terminal 1 and the image forming apparatus 3 and that can transmit and receive various data. In the present embodiment, the server 2 may be, for example, a general-purpose machine, a PC (Personal Computer) server, a NAS (Network Attached Storage), or the like.
Further, the server 2 can store, manage, charge, authorize, etc. the document data 400 (FIG. 5) in a document box (shared folder, storage folder) associated with the user of the image forming system X, for example. Is possible. At this time, the server 2 acquires and stores the confidential data 500 of the document data 400 treated as confidential, and creates and transmits a code image 510 for accessing the confidential data 500. The server 2 may be capable of performing transmission processing to a business or office DMS (Document Management System) or the like.

  The image forming apparatus 3 is an information processing apparatus such as an MFP, a network scanner, a document scanner, a network FAX, and a printer that can transmit and receive various types of data stored in the server 2 according to instructions from the terminal 1. The image forming apparatus 3 can also output the confidential document data 410 created by the terminal 1 by copying (copying), printing, scanning, facsimile transmission, or the like.

  In this embodiment, the network 5 is a local area network (LAN) such as an intranet, a wide area network (WAN) such as the Internet (registered trademark) or a mobile phone network, and the like. When the network 5 is a WAN, it may be connectable to another server via a router or a gateway. The network 5 may constitute a VPN (Virtual Private Network).

In the image forming system X, a plurality of terminals 1, servers 2, and image forming apparatuses 3 may be provided. Conversely, a configuration in which either the server 2 or the image forming apparatus 3 does not exist is possible.
Each device can be distinguished by a device ID (Identification) to be described later.

(Configuration of terminal 1)
2, the terminal 1 includes a control unit 10, a network transmission / reception unit 15, an input unit 16, a display unit 17, a storage unit 19, and the like.

  The control unit 10 includes a general purpose processor (GPP), a central processing unit (CPU), a micro processing unit (MPU), a digital signal processor (DSP), a graphics processing unit (GPU), and an application specific processor (ASIC). An information processing unit such as a processor for a specific application).

The input unit 16 is a keyboard, various sensors, a pointing device, and the like for acquiring various instructions from the user. The pointing device includes a touch panel, a digitizer, a touch pad, and the like.
The input unit 16 can input various instructions by a user through a GUI (Graphical User Interface) on the OS, and can acquire them. Further, processing such as creation and transmission of document data 400 (FIG. 5), input and change of information on each user, and the like can be performed according to instructions input by the user through the input unit 16.

The display unit 17 is an LCD (Liquid Crystal Display), an organic EL display, a FED (Field Emission Display), a flat display panel such as a fluorescent display tube, a projector, a status display LED, or the like. The display unit 17 can display various operation screens related to the GUI.
The input unit 16 and the display unit 17 may be integrally formed as a display with a touch panel, a digitizer, or the like.

  The network transmission / reception unit 15 is a network connection unit including a LAN board for connecting to the network 5 and a wireless transmission / reception unit.

The storage unit 19 is a storage unit using a non-temporary recording medium. For example, the storage unit 19 may include various RAMs (Random Access Memory) as a main storage unit. The storage unit 19 may include, for example, a ROM (Read Only Memory), an eMMC (embedded Multi Media Card), an SSD (Solid State Drive), an HDD (Hard Disk Drive), and the like as an auxiliary storage unit.
The storage unit 19 may include external storage media such as various flash memories and optical recording media.
Further, the storage unit 19 may store a serial number and a unique ID for identifying the device itself, a version of the OS, firmware, device driver, and the like, and a device ID such as an IP address and a MAC address.

The auxiliary storage unit of the storage unit 19 stores a control program for performing operation control of the terminal 1. This control program includes programs and data such as an OS and various applications. The control program also includes middleware that operates on the OS, a device driver that controls the image forming apparatus 3, and the like.
In addition to this, the storage unit 19 may also store user account settings 430.

Note that the control unit 10 may incorporate a RAM, a ROM, a flash memory, or the like.
Further, the control unit 10 reads out a control program stored in the storage unit 19 and develops and executes the control program, thereby being operated as each unit of a functional block described later.

(Configuration of server 2)
Next, according to FIG. 3, the server 2 includes a control unit 20, a network transmission / reception unit 25, and a storage unit 29.

The control unit 20 is an information processing unit including a CPU, MPU, DSP, GPU, ASIC, and the like.
The control unit 20 reads out the control program stored in the storage unit 29, develops and executes the control program, and is operated as each functional unit described later.

  The network transmission / reception unit 25 is a network connection unit including a LAN board or the like for connecting to the network 5.

The storage unit 29 is a storage unit using a non-temporary recording medium. The storage unit 29 may include a RAM or the like as the main storage unit. The storage unit 29 may include a ROM, eMMC, SSD, HDD, and the like as an auxiliary storage unit.
Further, the storage unit 29 may include an area for a document box (storage folder, shared folder) for each user.
The storage unit 29 may store the device ID of the server 2.

  Note that the control unit 20 may also include a RAM, a ROM, a flash memory, or the like. Further, the control unit 20 reads out a control program stored in the storage unit 29 and develops and executes the control program, thereby being operated as each functional unit of a functional block described later.

(Configuration of image forming apparatus 3)
Next, according to FIG. 4, the image forming apparatus 3 includes an image processing unit 31, a document reading unit 32, a document feeding unit 33, a sheet feeding unit 34, a network transmission / reception unit 35, an operation panel unit 36, and an image forming unit 37 ( Image forming means), FAX transmission / reception unit 38, storage unit 39, and the like. Each unit is connected to the control unit 30 and controlled in operation by the control unit 30.

The control unit 30 is information processing means including a CPU, MPU, DSP, GPU, ASIC, and the like.
The control unit 30 reads out a control program stored in the ROM or HDD of the storage unit 39, expands the control program in the RAM, and executes it, thereby operating as each functional unit of a functional block described later. The control unit 30 controls the entire apparatus in accordance with predetermined instruction information input from the terminal 1 or the operation panel unit 36.

The image processing unit 31 is a control calculation unit such as a DSP (Digital Signal Processor) or a GPU (Graphics Processing Unit). The image processing unit 31 is a unit that performs predetermined image processing on the image data, and performs various types of image processing such as enlargement / reduction, density adjustment, gradation adjustment, and image improvement.
The image processing unit 31 converts the image data output when the document of the confidential document data 410 (FIG. 5) is read by the document reading unit 32 into the storage unit 39 by converting it into the acquired confidential document data 411 and stores it. Is possible. At this time, the image processing unit 31 may store the image data as bitmap data, or may convert and store it in a file unit of a format such as PDF.

The image processing unit 31 can also compare image data. As this comparison, for example, the difference can be calculated by a ratio or the like by rotating and reducing in a plurality of directions. Further, the image processing unit 31 may recognize this when reading a document of printed matter that is difficult to copy.
The image processing unit 31 may have a function of optical character recognition (hereinafter referred to as “OCR”) of image data. Further, the image processing unit 31 may be able to recognize a watermark or a background pattern.

The document reading unit 32 is a (scan) unit that reads a set document. The document reading unit 32 is disposed on the upper part of the main body of the image forming apparatus 3.
The document reading unit 32 can read a document on which confidential document data 410 (FIG. 5) is recorded on a recording sheet and output as image data.
The document reading unit 32 includes a scanner, a platen glass, and a document reading slit. When reading a document placed on the platen glass, the document reading unit 32 moves the scanner to a position facing the platen glass and reads the document placed on the platen glass while scanning to obtain image data. Then, the acquired image data is output to the control unit 30 and the image processing unit 31.

  Further, when reading the document fed from the document feeding unit 33, the document reading unit 32 moves the scanner to a position facing the document reading slit. Then, the document reading unit 32 reads the document in synchronization with the document transport operation by the document feeding unit 33 through the document reading slit, and acquires image data. The document reading unit 32 outputs the acquired image data to the control unit 30 and the image processing unit 31.

The document feeding unit 33 is a mechanism for transporting a document read by the document reading unit 32. The document feeding unit 33 is disposed above the document reading unit 32.
The document feeding unit 33 includes a document placing unit and a document transport mechanism. The document feeding unit 33 feeds the documents placed on the document placing unit one by one by the document feeding mechanism in order, and feeds them to the document reading unit 32.

  The paper feed unit 34 is a mechanism that feeds recording sheets one by one toward the image forming unit 37. The paper feed unit 34 is provided in the main body unit.

The network transmission / reception unit 35 is a network connection unit including a LAN board for connecting to the network 5 and a wireless transceiver.
The network transmission / reception unit 35 transmits / receives data on a data communication line and transmits / receives audio signals on a voice telephone line.

The operation panel unit 36 is disposed on the front side of the image forming apparatus 3.
The operation panel unit 36 includes an input unit 46 and a display unit 47.

The input unit 46 is an input unit such as a button or a touch panel for acquiring an instruction to the image forming apparatus 3 by the user. This button may be a button for giving instructions related to numeric keypad, start, cancel, operation mode switching, and job execution. This operation mode may include types of modes such as copy, printer, scanner, and FAX transmission. The job includes printing, transmission, storage, recording, and the like of the selected document.
In addition, it is also possible to input and change information of each user according to user instructions acquired from the input unit 46.
The input unit 46 can also be connected to a magnetic card or IC card reader, a biometric authentication device, or the like.

  The display unit 47 is an LCD (Liquid Crystal Display), an organic EL display, or the like. The display unit 47 can display various operation screens of GUI (Graphical User Interface).

Note that the input unit 46 and the display unit 47 of the external recording medium may be integrally configured, such as a display with a touch panel.
The operation panel unit 36 may include a connection unit for connecting an external recording medium such as a flash memory card or a USB device.

The FAX transmission / reception unit 38 is a means for performing facsimile transmission / reception. The FAX transmission / reception unit 38 can receive a facsimile from another FAX apparatus (not shown) via a voice line, save it in the storage unit 39, and cause the image forming unit 37 to form an image.
Further, the FAX transmission / reception unit 38 can convert the document read by the document reading unit 32 or the data of the network FAX transmitted from an external terminal into image data, and can be facsimile-transmitted to another FAX apparatus via a voice line. Is possible.

The storage unit 39 is a storage unit using a semiconductor memory such as a ROM (Read Only Memory) or a RAM (Random Access Memory) or a non-temporary recording medium such as an HDD (Hard Disk Drive).
Even if the RAM of the storage unit 39 is in a power saving state, the stored contents are held by a function such as self-refresh.
A control program for controlling the operation of the image forming apparatus 3 is stored in the ROM and HDD of the storage unit 39.
The storage unit 39 may also store the device ID of the image forming apparatus 3.
The storage unit 39 may store user account settings 430. The storage unit 39 may include a document box area for each user.

In the image forming apparatus 3, the control unit 30 and the image processing unit 31 may be integrally formed, such as a CPU with a built-in GPU or a chip-on-module package.
The control unit 30 and the image processing unit 31 may include a RAM, a ROM, a flash memory, and the like.

[Functional configuration of image forming system X]
Here, the functional configuration of the image forming system X will be described with reference to FIG. FIG. 5 shows main functional units of the image forming system X.
The control unit 10 of the terminal 1 includes a document data creation unit 100, a confidential data transmission unit 110, a code image acquisition unit 120, a confidential document data creation unit 130, and a confidential data update unit 140.
The storage unit 19 of the terminal 1 stores document data 400, confidential document data 410, and access information 520.
The control unit 20 of the server 2 includes a confidential data acquisition unit 200, a code image creation unit 210, a code image transmission unit 220, a code confidential data transmission unit 230, and a log recording unit 240.
The storage unit 29 of the server 2 stores confidential data 500, a code image 510, access information 520, an account setting 430, and a log 440.
The control unit 30 of the image forming apparatus 3 includes an authentication unit 300, a decryption unit 310, a code confidential data acquisition unit 320, a comparison unit 330, and an output data creation unit 340.
The storage unit 39 of the image forming apparatus 3 stores acquired confidential document data 411 and output data 420.

  The document data creation unit 100 creates document data 400 output from an application or the like. At this time, the document data creation unit 100 designates the confidential data 500 of the document data 400 in cooperation with the server 2 from the device driver GUI or the like, and sets the document data 400 as the confidential document data 410. It can be set.

  The confidential data transmission unit 110 transmits the confidential data 500 designated in the document data 400 to the server 2.

  The code image acquisition unit 120 acquires a code image 510 for output of the confidential data 500 from the server 2.

The confidential document data creation unit 130 creates confidential document data 410 in which the code image 510 acquired by the code image acquisition unit 120 is added to the document data 400. That is, the confidential document data creation unit 130 converts the document data 400 into confidential document data 410.
At this time, the confidential document data creation unit 130 may add the code image 510 to the document data 400 as a “watermark”. This watermark may be a watermark (background pattern).
Further, the confidential document data creation unit 130 may not add the confidential data 500. Also, the confidential document data creation unit 130 may add the confidential data 500 in a state that makes it difficult to copy when it is printed.
Further, the confidential document data creation unit 130 may store the created confidential document data 410 in a document box of the server 2 or may form an image with the image forming unit 37 of the image forming apparatus 3.

  The confidential data update unit 140 updates the confidential data 500. For example, the confidential data update unit 140 creates document data 400 in which the confidential data 500 is updated, and sends the document data 400 to the server 2.

  The confidential data acquisition unit 200 acquires the confidential data 500 transmitted from the confidential data transmission unit 110 of the terminal 1. The confidential data acquisition unit 200 may also acquire the access information 520.

The code image creation unit 210 creates a code image 510 for outputting the confidential data 500 acquired by the confidential data acquisition unit 200.
The code image creation unit 210 may create a code image 510 including user access information 520 for the confidential data 500.

  The code image transmission unit 220 transmits the code image 510 created by the code image creation unit 210 to the terminal 1.

  The code confidential data transmission unit 230 transmits confidential data 500 corresponding to the contents of the code image 510 to the image forming apparatus 3.

  The log recording unit 240 acquires user authentication information from the authentication unit 300 of the image forming apparatus 3. Further, when access to the confidential data 500 is attempted, the log recording unit 240 records a log 440 that associates the authentication state with the confidential data 500. In addition, the log recording unit 240 may record a log 440 for acquiring the confidential data 500, creating the code image 510, and accessing other terminals 1 and the image forming apparatus 3.

The authentication unit 300 performs user authentication with reference to the account setting 430.
At this time, the authentication unit 300 may acquire the user ID or password input from the input unit 16 of the terminal 1 or the input unit 46 of the operation panel unit 36 of the image forming apparatus 3 and perform user authentication. Good. The authentication unit 300 may perform biometric authentication using a magnetic card, an IC card, a fingerprint, a vein pattern, a retinal blood vessel pattern, face authentication, or the like connected to the terminal 1 or the operation panel unit 36.
Further, the authentication unit 300 can confirm access authority when accessing the confidential data 500 of the server 2, and perform password authentication when there is no access authority.

The decrypting unit 310 decrypts the code image 510 from the confidential document data 410 including the code image 510. For example, the decryption unit 310 can decrypt the code image 510 and specify the confidential data 500 stored in the server 2 and associated with the document data 400.
Further, the decoding unit 310 may decode the code image 510 including the user access information 520.

The code confidential data acquisition unit 320 acquires the confidential data 500 from the code confidential data transmission unit 230 of the server 2 in accordance with the content of the code image 510 decrypted by the decryption unit 310.
Further, the code confidential data acquisition unit 320 changes the behavior when acquiring the confidential data 500 from the server 2 based on the user authentication state and the access information 520 by the authentication unit 300. As this behavior, the code confidential data acquisition unit 320 may acquire the confidential data 500 from the server 2 as it is, for example, in the authentication state where the access authority has been successfully confirmed. Further, the code confidential data acquisition unit 320 may acquire the confidential data 500 from the server 2 as long as password authentication is successful even if the access authority confirmation fails. In other cases, the code confidential data acquisition unit 320 may not acquire the confidential data 500.

The comparison unit 330 compares the confidential data 500 acquired by the confidential data acquisition unit 200 with the image data of the document. The comparison unit 330 may perform this comparison by image matching of the image processing unit 31 or the like.
The comparison unit 330 may warn the user when the compared results are different.

The output data creation unit 340 creates output data 420 in which the confidential data 500 is included in the acquired confidential document data 411. The output data creation unit 340 includes, for example, the confidential data 500 acquired by the code confidential data acquisition unit 320 in the output data 420 when the acquired confidential document data 411 is output by the image forming unit 37 or the like.
The output data creation unit 340 may include the confidential data 501 included in the acquired confidential document data 411 as it is in the output data 420, for example.
However, the output data creation unit 340 does not have to output the output data 420 when the results compared by the comparison unit 330 are different. In this case, the output data creation unit 340 discards the confidential data 501 of the acquired confidential document data 411 that is the image data of the document, and replaces the output data 420 with the confidential data 500 acquired by the confidential data acquisition unit 200. You may create it.

The document data 400 includes image data of a document read by the document reading unit 32, page description language (PDL), PS (Post Script, registered trademark), PDF (Portable Document Format), and the like output from an application of the terminal 1. Electronic document files, structured document files such as XML (Extensible Markup Language) or HTML (HyperText Markup Language), word processors for the terminal 1 or the image forming apparatus 3, application files such as spreadsheet software and presentation software, A plain text file (Plain Text) file or the like.
In the document data 400, the confidential data 500 can be designated in the present embodiment.

The confidential document data 410 is data in a state where the code image 510 is added to the document data 400. The code image 510 may be added as a watermark. The confidential document data 410 may be added so that it is difficult to copy, even if the confidential data 500 designated as confidential in the original document data 400 is not added. This difficult-to-copy state may be a state where the density, dithering, etc. are adjusted so that the image becomes drowned or blackened during copying.
The confidential document data 410 may be encrypted so that it cannot be output by anyone other than the image forming apparatus 3 or the user corresponding to the access information 520.

  The acquired confidential document data 411 is obtained from the original image data of the confidential document data 410 read by the original reading unit 32, the document box of the user of the terminal 1, other terminals (not shown), the server 2, the external recording medium, or the like. The acquired confidential document data 410 and the like. That is, although the acquired confidential document data 411 should be data of a document equivalent to the confidential document data 410, the possibility that the acquired confidential document data 411 has been tampered with is considered.

The output data 420 is image data in which the confidential data 500 is included in the acquired confidential document data 411.
The output data 420 may include confidential data 501 when the acquired confidential document data 411 has not been tampered with.

  The account setting 430 is a database or the like including user ID for user authentication, password, authority information, contact information such as an email address and a telephone number, and the like. The account setting 430 also includes the storage location of the confidential data 500 for each user, the location of the document box, and the like.

  The log 440 is a record of various data or the like sent from the terminal 1 or the image forming apparatus 3 created by the log recording unit 240. The log 440 may be various data in which the authentication state and the confidential data 500 are associated, for example.

  The confidential data 500 is data of a part including an image or a character designated for confidentiality in the document of the document data 400. The confidential data 500 is, for example, a specific group of characters, sentences, paragraphs, chapters, illustrations, columns, etc. in the document data 400, pages corresponding to recording paper such as cut sheets (hereinafter referred to as “paragraphs”). The location of the data corresponding to can be specified by setting the device driver or the like. The confidential data 500 may be specified by being added as metadata that is not output of the document data 400, or may be a separate file or specified as data on a database.

The code image 510 is an image obtained by encoding various information such as a two-dimensional barcode such as a QR code (registered trademark), a one-dimensional barcode (group), a color code, a dot code that is a collection of a plurality of points, and the like. It is data to include. In the present embodiment, the code image 510 is added to a location designated as the confidential data 500 in the confidential document data 410, for example. The code image 510 may be added as a watermark, for example.
Also, the code image 510 includes an encoded ID, storage location, access information 520 and the like for identifying the confidential data 500 and acquiring it by downloading.
The code image 510 may be added to the first page of the document data 400, or may be added to the end of the page.

The access information 520 is information such as a user's access authority that can output the confidential data 500. Further, the access information 520 may include, for example, information indicating the authority of a specific user ID, password, user title, group, administrator, and the like.
Note that the access information 520 may be encrypted and included in the code image 510.

Here, the control unit 10 of the terminal 1, the control unit 20 of the server 2, and the control unit 30 of the image forming apparatus 3 execute the control programs stored in the storage units 19, 29, and 39, respectively. Data creation unit 100, confidential data transmission unit 110, code image acquisition unit 120, confidential document data generation unit 130, confidential data update unit 140, confidential data acquisition unit 200, code image generation unit 210, code image transmission unit 220, code confidentiality The data transmission unit 230, log recording unit 240, authentication unit 300, decryption unit 310, code confidential data acquisition unit 320, comparison unit 330, and output data creation unit 340 function.
Each unit of the terminal 1, the server 2, and the image forming apparatus 3 is a hardware resource for executing the image forming method of the present invention.

[Confidential Document Output Processing by Image Forming System X]
Next, confidential document output processing by the image forming system X according to the embodiment of the present invention will be described with reference to FIGS.
In the confidential document output processing of the present embodiment, the confidential data 500 is stored in the server 2 in the mode for printing a confidential document such as an internal secret by the device driver of the terminal 1, the confidential document data 410 is created, and the image The output is performed by the forming apparatus 3.
In the confidential document output processing of the present embodiment, the control units 10, 20, and 30 mainly execute the programs stored in the storage units 19, 29, and 39 using hardware resources in cooperation with the respective units. To do.
Hereinafter, the details of the confidential document output process will be described step by step with reference to the flowchart of FIG.

(Step S101)
First, the document data creation unit 100 of the terminal 1 performs document data creation processing.
The document data creation unit 100 outputs a document created by the user with an application or the like as document data 400.
According to FIG. 7A, at this time, the document data creation unit 100 sets the location of the confidential data 500 of the document data 400 to be output on the device driver setting screen or the like of the image forming apparatus 3 according to a user instruction. .
Further, the document data creation unit 100 may set the access authority for the document data 400 in the access information 520.

(Step S102)
Next, the confidential document data creation unit 130 performs confidential data transmission processing.
The confidential document data creation unit 130 executes the device driver of the image forming apparatus 3 and transmits the confidential data 500 specified in the document data 400 to the server 2.
The confidential document data creation unit 130 may also transmit the access information 520 to the server 2.

(Step S103)
Next, the confidential data acquisition unit 200 of the server 2 performs confidential data acquisition processing.
The confidential data acquisition unit 200 acquires the confidential data 500 transmitted from the confidential data transmission unit 110 of the terminal 1 and stores the confidential data 500 in the storage unit 29 in association with the device ID of the terminal 1, the document data 400, and the like.
At this time, the confidential data acquisition unit 200 may store the access information 520 in the storage unit 29 in association with the confidential data 500.

(Step S104)
Next, the code image creation unit 210 performs code image creation processing.
The code image creation unit 210 creates a code image 510 for outputting the confidential data 500. The code image creating unit 210 generates a code image 510 including information for acquiring the confidential data 500 by downloading or the like when outputting the image on the image forming apparatus 3. Further, the code image creation unit 210 may create a code image 510 including the access information 520.
The code image creation unit 210 may include a password encrypted with a hash function or the like in the code image 510.

(Step S105)
Next, the code image transmission unit 220 performs code image transmission processing.
The code image transmission unit 220 transmits the generated code image 510 to the terminal 1.

(Step S106)
Next, the code image acquisition unit 120 of the terminal 1 performs a code image acquisition process.
The code image acquisition unit 120 of the terminal 1 receives the code image 510 from the server 2 and temporarily stores it in the storage unit 19.

(Step S107)
Next, the confidential document data creation unit 130 performs confidential document data creation processing.
The confidential document data creation unit 130 creates confidential document data 410 in which the code image 510 acquired by the code image acquisition unit 120 is added to the document data 400.
According to the example of the confidential document data 410a in FIG. 7B, the confidential document data creation unit 130 may add the code image 510 as a watermark.
The confidential document data creation unit 130 may add the confidential data 500 by printing it so that it is difficult to copy.

(Step S108)
Next, the confidential document data creation unit 130 performs confidential document data transmission processing.
Also, the confidential document data creation unit 130 stores the created confidential document data 410 in the document box of the server 2, for example. At this time, the confidential document data creation unit 130 may perform user authentication with the server 2.
The confidential document data creation unit 130 may execute a device driver of the image forming apparatus 3 and transmit the confidential document data 410 to the image forming apparatus 3 for printing.
The terminal 1 may store the confidential document data 410 in the document box of the storage unit 19 of the terminal 1 or record it in an external recording medium without outputting the confidential document data 410.

(Step S109)
Next, the image forming unit 37 of the image forming apparatus 3 performs confidential document data output processing. The control unit 10 of the image forming apparatus 3 temporarily stores the confidential document data 410 in the storage unit 39 and causes the image forming unit 37 to form an image on a recording sheet.
The confidential document data 410 may be transmitted by facsimile by the FAX transmission / reception unit 38.
The confidential document data 410 may be stored in a document box of the image forming apparatus 3.
Thus, the confidential document output process according to the embodiment of the present invention is completed.

[Confidential Document Copy Processing by Image Forming System X]
Next, confidential document copying processing by the image forming system X according to the embodiment of the present invention will be described with reference to FIGS.
In this confidential document copying process, the user copies confidential document data 410 in which the code image 510 is recorded as a manuscript. Further, the code image 510 of the original is read, and the confidential data 500 is acquired from the server 2. At this time, the access authority may be confirmed, and the behavior may be changed according to the access authority. Further, the confidential data 501 of the document at the time of copying may be compared with the confidential data 500 acquired from the server 2. A log 440 may be recorded.
In the confidential document copying process according to the present embodiment, mainly the control unit 20 of the server 2 and the control unit 30 of the image forming apparatus 3 cooperate with the respective units to store programs stored in the storage units 29 and 39, respectively. Execute using hardware resources.
Hereinafter, details of the confidential document copying process will be described step by step with reference to the flowchart of FIG.

(Step S201)
First, the authentication unit 300 or the like of the image forming apparatus 3 performs document data acquisition processing.
First, the authentication unit 300 performs user authentication for copying with the image forming apparatus 3. For example, the authentication unit 300 displays an authentication screen on the operation panel unit 36, inputs a user ID and password, and transmits this to the server 2 as authentication information. The server 2 performs authentication with reference to the account setting 430.
Thereafter, the user instructs to copy the confidential document data 410 including the code image 510 by using a button or the like of the input unit 46 of the operation panel unit 36.
As a result, the document reading unit 32 scans the document to create image data, and the image processing unit 31 stores it in the storage unit 39 as the acquired confidential document data 411.
The authentication unit 300 directly acquires confidential document data 410 from an external recording medium, a document box of the image forming apparatus 3, the server 2, or the terminal 1, and stores it in the storage unit 39 as acquired confidential document data 411. Also good.

(Step S202)
Next, the decoding unit 310 performs code image decoding processing.
Here, the decryption unit 310 decrypts the code image 510 included in the acquired confidential document data 411. As a result, the decryption unit 310 identifies the confidential data 500 associated with the acquired confidential document data 411. In the present embodiment, the decoding unit 310 also acquires access information 520 when the code image 510 is decoded.

(Step S203)
Next, the authentication unit 300 performs an access authority confirmation process.
The decryption unit 310 confirms from the access information 520 obtained from the decrypted code image 510 whether the user who instructed copying is a user who has the authority to obtain and output the confidential data 500. The decryption unit 310 may also confirm this by accessing the server 2 and referring to the account setting 430 of the user.
Also, the decryption unit 310 changes the authentication state to “authorized” or “unauthorized” based on the result of the confirmation by the server 2.

(Step S204)
Next, the authentication unit 300 of the image forming apparatus 3 determines whether or not the user is an authorized user. The authentication unit 300 determines Yes when the user who has instructed copying is in the “authorized” authentication state in which the acquired confidential document data 411 is output. In other cases, that is, in the authentication state of “no authority”, the authentication unit 300 determines No.
In Yes, authentication part 300 advances processing to Step S208.
In No, the authentication part 300 advances a process to step S205.

(Step S205)
When the authentication state is “no authority” and the user does not have the authority to output the acquired confidential document data 411, the authentication unit 300 performs a password authentication process.
The authentication unit 300 performs password authentication for a user who does not have access authority to the confidential data 500. That is, the image forming apparatus 3 changes the behavior depending on the authentication state.
According to FIG. 9A, the authentication unit 300 displays a dialog box such as the screen example 700 on the display unit 47 of the operation panel unit 36 and causes the input unit 46 to input a password. The authentication unit 300 transmits this password to the server 2 as authentication information. The server 2 may check whether the user has the authority to output with reference to the confidential data 500 associated with the password. The decryption unit 310 can also change the authentication state “authorized” to “unauthorized” based on the result of this confirmation.

(Step S206)
Next, the authentication unit 300 of the image forming apparatus 3 determines whether or not password authentication is successful. The authentication unit 300 determines Yes when the password authentication with the server 2 is successful and the authentication state is “authorized”. The authentication unit 300 determines “No” in other cases, that is, in the case of “no authority”.
In the case of Yes, the authentication part 300 displays a screen like the example screen 710 of FIG.9 (b) as authentication succeeding, and advances a process to step S207.
In No, the authentication part 300 complete | finishes the confidential document output process which concerns on this embodiment. As a result, copying is not performed. At this time, the authentication unit 300 may display a failure screen such as a screen example 720 in FIG.

(Step S207)
Here, the code confidential data acquisition unit 320 of the image forming apparatus 3 performs code confidential data acquisition processing.
Here, the user who has instructed copying from the image forming apparatus 3 has access authority to the confidential data 500 of the acquired confidential document data 411. For this reason, the code confidential data acquisition unit 320 accesses the server 2 in order to download the confidential data 500 to the server based on the information of the code image 510. At this time, user authentication information, a device ID of the image forming apparatus 3, and the like may be transmitted to the server 2.

(Step S208)
When the access authority confirmation or password authentication is successful, the code confidential data transmission unit 230 of the server 2 performs code confidential data transmission processing.
The code confidential data transmission unit 230 transmits the specified confidential data 500 to the image forming apparatus 3.
The code confidential data acquisition unit 320 of the image forming apparatus 3 acquires the confidential data 500 and temporarily stores it in the storage unit 39.

(Step S209)
Next, the comparison unit 330 performs confidential data comparison processing.
As in the example of FIGS. 10A and 10B, the comparison unit 330 compares the downloaded confidential data 500 with the confidential data 501 of the acquired confidential document data 411. In this example, the comparison unit 330 compares the confidential data 500 of the output data 420 by image matching or the like.
In the acquired confidential document data 411, this comparison is not performed when the confidential data 501 is not added in the first place. In this case, the comparison unit 330 may not exist.

(Step S210)
Next, the comparison unit 330 determines whether the confidential data 501 has been tampered with. Specifically, the comparison unit 330 determines that the confidential data 500 and the confidential data 501 compared by the comparison unit 330 have been tampered with when the difference is greater than a specific threshold, for example. To do. The comparison unit 330 determines that the content has not been tampered with in other cases, including the case where the comparison was not performed, and No.
In Yes, the comparison part 330 advances a process to step S211.
In No, the comparison part 330 advances a process to step S212.

(Step S211)
If it has been tampered with, the comparison unit 330 and the output data creation unit 340 perform a user notification replacement process.
When there is a difference between the confidential data 500 and the confidential data 501, the comparison unit 330 notifies the user that there is a difference.
As illustrated in a screen example 730 in FIG. 10C, the comparison unit 330 may display a warning screen on the display unit 47 of the operation panel unit 36. In this example, the user may instruct to continue copying by pressing the “OK” button, or may instruct to end by pressing the “end copying” button.
In the case of an end instruction, the comparison unit 330 may end the confidential document output process according to the present embodiment. In addition, the comparison unit 330 may upload the confidential data 501 to the server 2.
Further, the output data creation unit 340 can replace the altered confidential data 501 so that it is restored even if the user instructs to continue copying. In this case, the output data creation unit 340 includes the confidential data 500 acquired from the server 2 in the output data 420 described below.

(Step S212)
Next, the output data creation unit 340 performs output data creation processing.
The output data creation unit 340 performs output data creation processing. The output data creation unit 340 creates output data 420 including, for example, the code image 510 in the output data 420 and including the confidential data 500 acquired from the server 2 in the acquired confidential document data 411.
Note that the output data creation unit 340 may create the output data 420 including the confidential data 501 of the acquired confidential document data 411 as it is when the confidential data has not been falsified in the above comparison.
Further, the output data creation unit 340 may access the server 2 again to acquire and add an updated code image including the access information 520 and the like. As a result, it is possible to make a copy only with the copy every time it is copied, such as a “one-time password”.

After that, the output data creation unit 340 can print out the output data 420 of the copied document by forming an image with the image forming unit 37 and recording it on a recording sheet.
The output data creation unit 340 transmits the output data 420 by facsimile using the FAX transmission / reception unit 38, stores it in the document box of the server 2, the terminal 1, or the image forming apparatus 3 according to the user's instruction, or stores the user's e-mail. Or the like.

(Step S213)
Here, the log recording unit 240 of the server 2 performs log recording processing.
The log recording unit 240 stores various data sent from the image forming apparatus 3 in the storage unit 29 of the server 2 as a log 440.
According to the example of the log 440 in FIG. 11, for example, the log 440 includes the accessed user ID, the access date / time, the success / failure of acquisition of the confidential data 500, the device ID (access device) of the accessed terminal 1 or image forming apparatus 3, Whether or not the confidential data 500 is updated and an image log including an image are included.
Thus, the confidential document output process according to the embodiment of the present invention is completed.

[Confidential data update processing by image forming system X]
Next, confidential data update processing by the image forming system X according to the embodiment of the present invention will be described with reference to FIGS.
In the confidential data update process, for example, when there is a mistake in the document and it is desired to correct the document or update to a new document, the confidential data 500 stored on the server 2 is updated. This process may be executed only by a user who has access authority to the confidential document data 410.
In the confidential data update processing of the present embodiment, mainly the control unit 10 of the terminal 1 and the control unit 20 of the server 2 cooperate with the respective units to store the programs stored in the storage units 19 and 29, respectively. Run with.
Hereinafter, the details of the confidential data update processing will be described step by step with reference to the flowchart of FIG.

(Step S301)
First, the confidential data update unit 140 of the terminal 1 performs replacement selection processing.
When the user edits the document data 400 and opens the device driver setting on the GUI, the confidential data update unit 140 is activated.
Then, the confidential data update unit 140 performs user authentication from the terminal 1 to the server 2. This user authentication can be performed in the same manner as the processing in step S201 described above.
When the authentication is successful, the confidential data update unit 140 displays a list of confidential document data 410 stored in the document box of the server 2 on the display unit 17 and presents it to the user. The confidential data update unit 140 may display only the file of the authenticated user.
According to the screen example 740 in FIG. 13A, the confidential data update unit 140 displays the document name of the confidential document data 410 and the user name of the registered user on the display unit 17. Here, when the user selects “replace”, the confidential data update unit 140 can confirm the confidential document data 410 to be replaced as shown in FIG. In this example, the confidential data update unit 140 synthesizes and displays the confidential data 500c included in the edited document data 400 and the confidential document data 410c to be replaced.

(Step S302)
Next, the confidential data update unit 140 performs confidential data update processing.
As illustrated in FIG. 13A, when the user selects confidential document data 410 to be replaced and selects “OK”, the confidential data update unit 140 transmits the confidential data 500 of the edited document data 400 to the server 2. Send to.

(Step S303)
Next, the confidential data acquisition unit 200 of the server 2 performs confidential data acquisition processing.
The confidential data acquisition unit 200 acquires the updated confidential data 500 and temporarily stores it in the storage unit 29 of the server 2.

(Step S304)
Next, the confidential data acquisition unit 200 performs confidential data replacement processing.
The confidential data acquisition unit 200 replaces the confidential data 500 transmitted from the terminal 1 with the confidential data 500 of the confidential document data 410 selected by the user. At this time, a new code image 510 may be created and transmitted to the terminal 1.
Thus, the confidential data update process according to the embodiment of the present invention is completed.

With the configuration described above, the following effects can be obtained.
Conventionally, many document editing softwares have been developed so that documents can be easily edited. For this reason, illegal editing and modification of documents has also become a problem. However, the technique of Patent Document 1 cannot prevent the illegally changed document itself from being output.
On the other hand, the image forming system X according to the embodiment of the present invention is an image that acquires the data stored in the server 1 according to the terminal 1, the server 2 accessed from the terminal 1, and the instruction of the terminal 1. 1 is an image forming system including a forming apparatus 3. The terminal 1 sends a confidential data transmission unit 110 that transmits confidential data 500 including images or characters designated for confidentiality in the document of the document data 400 to the server 2 and a code image 510 for output of the confidential data 500 to the server. 2, and a confidential document data creation unit 130 that creates confidential document data 410 in which the code image 510 acquired by the code image acquisition unit 120 is added as a watermark to the document data 400. The server 2 obtains a confidential data acquisition unit 200 that acquires the confidential data 500 transmitted from the confidential data transmission unit 110 of the terminal 1, and a code image 510 for outputting the confidential data 500 acquired by the confidential data acquisition unit 200. The code image creation unit 210 to be created, the code image transmission unit 220 that sends the code image 510 created by the code image creation unit 210 to the terminal 1, and the confidential data 500 corresponding to the contents of the code image 510 are stored in the storage unit 29. And a secret code data transmission unit 230 that transmits to the image forming apparatus 3. The image forming apparatus 3 decodes the code image 510 from the original reading unit that reads the original on which the confidential document data 410 is output as image data, and the acquired confidential document data 411 that is the image data of the original read by the original reading unit. A confidential data acquisition unit 200 that acquires confidential data 500 from the code confidential data transmission unit 230 of the server 2 in correspondence with the content of the code image 510 decrypted by the decryption unit 310, and a confidential data acquisition unit The comparison unit 330 compares the confidential data 500 acquired by the client 200 with the confidential data 501 that is image data of the document.
With this configuration, it is possible to provide the image forming system X that can compare the stored confidential data 500 and prevent unauthorized modification of the document. In other words, even if an attempt is made to print a document that has been changed by a method other than a regular one, the unauthorized change itself can be automatically detected, and copying can be prevented.
Further, since the confidential data 500 is stored in the server 2, even if the image forming apparatus 3 is hacked or the like, tampering or the like can be prevented and security performance can be improved.

Further, the technique of Patent Document 1 requires time and effort to track the access log when an unauthorized change is made.
On the other hand, the image forming system of the present embodiment cannot be output if an unauthorized change is made to the confidential data 500 in the first place.

Further, in the image forming system X according to the embodiment of the present invention, the image forming apparatus 3 uses the confidential data 501 that is the image data of the document as the confidential data acquiring unit 200 when the comparison result by the comparing unit 330 is different. It further comprises an output data creation unit 340 that creates output data 420 replaced with the confidential data 500 acquired by the above.
With this configuration, the confidential data 500 that has been tampered with is automatically replaced with the confidential data 500 before the change, so that the unauthorized change itself can be prevented.

In the image forming apparatus 3 according to the embodiment of the present invention, the code image creation unit 210 of the server 2 creates a code image 510 including user access information 520 for the confidential data 500. The image forming apparatus 3 further includes an authentication unit 300 that performs user authentication, the decryption unit 310 decrypts the code image 510 including the user access information 520, and the code confidential data acquisition unit 320 uses the authentication unit 300. The behavior when acquiring the confidential data 500 from the server 2 is changed according to the user authentication status and the access information 520.
With this configuration, since copying can be performed only by an authorized user of the image forming apparatus 3, unauthorized copying can be reliably prevented.
Further, since the code image 510 is added for each confidential data 500 of the confidential document data 410, the security performance can be improved.

In addition, the server 2 according to the embodiment of the present invention obtains user authentication information from the authentication unit 300, and when access to the confidential data 500 is attempted, the log that associates the authentication state with the confidential data 500 Further, a log recording unit 240 for recording 440 is further provided.
By configuring in this way, it is possible to easily know the status of unauthorized copying of the output of the confidential data 500, and the labor of the administrator can be reduced. Further, the server 2 can keep network security relatively safe, and can improve security performance.

Further, the terminal 1 according to the embodiment of the present invention is characterized by further including a confidential data update unit 140 that updates the confidential data 500.
With this configuration, the confidential data 500 can be easily updated, user convenience is improved, and security performance can be improved by frequent updating.

Further, the confidential document data creation unit 130 of the terminal 1 according to the embodiment of the present invention adds the code image 510 to the document data 400 as a watermark.
With this configuration, the possibility that the code image 510 itself is tampered with can be reduced. Further, by making the copy-forgery-inhibited pattern code image 510 float when an illegal copy is made, the visibility of the copy can be reduced to make it difficult to see, and as a result, the illegal copy can be prevented.

[Other Embodiments]
In the embodiment of the present invention, an example in which all authentication is performed by the server 2 is described, but the present invention is not limited to this.
For example, the authentication unit 300 may perform local authentication using account settings stored in the storage unit of the image forming apparatus 3.
Further, the access information 520 may include a password for permitting the acquisition of the confidential data 500 even for a user without access authority. The password may be included after being encoded with a hash function or the like.
In this case, for example, when the user does not have the authority to output the confidential document data 410 and password authentication is performed, the authentication unit 300 checks the password input by the user against the password included in the access information 520. May be.
With this configuration, even if the server 2 is a simple NAS or the like, password authentication can be performed only by the image forming apparatus 3, and the configuration can be simplified and the cost can be reduced. The log 440 can also be stored in the image forming apparatus 3 or the terminal 1.

Conversely, the code image creation unit 210 may store the password included in the access information 520 in the storage unit 29 of the server 2 in association with the confidential data 500 and confirm the password in the server 2. .
With this configuration, security can be enhanced.

In the above-described embodiment, the confidential document data 410 is described as being created by the terminal 1, but the present invention is not limited to this.
In other words, the secret document data 410 may be created by the server 2 or the image forming apparatus 3.
With this configuration, the load on the terminal 1 can be reduced. Further, the confidential document data 410 can be prevented from being falsified due to hacking of the terminal 1 or the like.

  The present invention can also be applied to an information processing apparatus other than the image forming apparatus. That is, a configuration using a network scanner, a server in which the scanner is separately connected by a USB, or the like may be used.

  Further, the configuration and operation of the above-described embodiment are examples, and it goes without saying that they can be appropriately modified and executed without departing from the gist of the present invention.

DESCRIPTION OF SYMBOLS 1 Terminal 2 Server 3 Image forming apparatus 5 Network 10, 20, 30 Control part 15, 25, 35 Network transmission / reception part 16, 46 Input part 17, 47 Display part 19, 29, 39 Storage part 31 Image processing part 32 Original reading part 33 Document feeding section 34 Paper feeding section 36 Operation panel section 37 Image forming section 38 FAX transmission / reception section 100 Document data creation section 110 Confidential data transmission section 120 Code image acquisition section 130 Confidential document data creation section 140 Confidential data update section 200 Confidential data Acquisition unit 210 Code image creation unit 220 Code image transmission unit 230 Code confidential data transmission unit 240 Log recording unit 300 Authentication unit 310 Decoding unit 320 Code confidential data acquisition unit 330 Comparison unit 340 Output data creation unit 400 Document data 410, 410a, 410c Confidential document data 411 Acquired confidential document data Data 420 Output data 430 Account setting 440 Log 500, 500c, 501 Confidential data 510 Code image 520 Access information 700, 710, 720, 730, 740 Screen example X Image forming system

Claims (9)

An image forming system including a terminal, a server accessed from the terminal, and an image forming apparatus that acquires data stored in the server according to an instruction from the terminal,
The terminal
A confidential data transmission unit that transmits confidential data including images or characters designated for confidentiality in the document of the document data to the server;
A code image acquisition unit for acquiring a code image for output of the confidential data from the server;
A confidential document data creation unit that creates confidential document data obtained by adding the code image acquired by the code image acquisition unit as a watermark to the document data;
The server
A confidential data acquisition unit that acquires the confidential data transmitted from the confidential data transmission unit of the terminal;
A code image creation unit for creating the code image for outputting the confidential data acquired by the confidential data acquisition unit;
A code image transmission unit for transmitting the code image created by the code image creation unit to the terminal;
A secret code data transmission unit that transmits the secret data corresponding to the content of the code image to the image forming apparatus;
The image forming apparatus includes:
A document reading unit that reads the document from which the confidential document data is output as image data;
A decoding unit for decoding the code image from the image data of the document read by the document reading unit;
Corresponding to the content of the code image decrypted by the decryption unit, a code confidential data acquisition unit that acquires the confidential data from the code confidential data transmission unit of the server;
An image forming system, comprising: a comparison unit that compares the confidential data acquired by the code confidential data acquisition unit with image data of the document. The image forming apparatus includes:
An output data creation unit that creates output data in which the image data of the document is replaced with the confidential data acquired by the code confidential data acquisition unit when the comparison results by the comparison unit are different from each other; The image forming system according to claim 1. The code image creation unit of the server
Creating the code image including user access information to the sensitive data;
The image forming apparatus includes:
An authentication unit for authenticating the user;
The decoding unit decodes the code image including the access information of the user,
The code secret data acquisition unit changes a behavior when the secret data is acquired from the server according to the authentication state of the user and the access information by the authentication unit. Image forming system. The server
It further comprises a log recording unit that obtains user authentication information from the authentication unit and records a log that associates the authentication state with the confidential data when access to the confidential data is attempted. The image forming system according to claim 3. The terminal
The image forming system according to claim 1, further comprising a secret data update unit that updates the secret data. A terminal of an image forming system including a server accessed from the own device and an image forming device that acquires data stored in the server according to an instruction from the own device;
A confidential data transmission unit that transmits confidential data including images or characters designated for confidentiality in the document of the document data to the server;
A code image acquisition unit for acquiring a code image for output of the confidential data from the server;
A terminal comprising: a confidential document data creation unit that creates confidential document data in which the code image acquired by the code image acquisition unit is added as a watermark to the document data. A server of an image forming system including a terminal, an own apparatus accessed from the terminal, and an image forming apparatus that acquires data stored in the own apparatus according to an instruction from the terminal;
A confidential data acquisition unit that acquires confidential data transmitted from the terminal;
A code image creation unit for creating a code image for outputting the confidential data acquired by the confidential data acquisition unit;
A code image transmission unit for transmitting the code image created by the code image creation unit to the terminal;
A server comprising: a code confidential data transmission unit that transmits the confidential data corresponding to the content of the code image to the image forming apparatus. An image forming apparatus of an image forming system comprising: a terminal; a server accessed from the terminal; and an own apparatus that acquires data stored in the server according to an instruction from the terminal,
A document reading unit that reads, as image data, a document from which confidential document data including a code image for outputting confidential data is output;
A decoding unit for decoding the code image from the image data of the document read by the document reading unit;
Corresponding to the content of the code image decrypted by the decryption unit, a code confidential data acquisition unit that acquires the confidential data from the server;
An image forming apparatus, comprising: a comparison unit that compares the confidential data acquired by the code confidential data acquisition unit with image data of the document. An image forming method executed by an image forming system including a terminal, a server accessed from the terminal, and an image forming apparatus that acquires data stored in the server according to an instruction from the terminal,
By the terminal
Sending confidential data including images or characters designated as confidential in the document of the document data to the server;
Obtaining a code image for outputting the confidential data from the server;
Creating confidential document data by adding the acquired code image as a watermark to the document data;
By the server
Obtaining the confidential data transmitted from the terminal;
Creating the code image for outputting the acquired confidential data;
Send the created code image to the terminal,
Transmitting the confidential data corresponding to the content of the code image to the image forming apparatus;
By the image forming apparatus,
Read the document from which the confidential document data is output as image data,
The code image is decoded from the read image data of the document,
In response to the content of the decrypted code image, obtain the confidential data from the server,
The acquired confidential data is compared with the image data of the document.

An image forming method.

Images