JP2018157349A - Image formation device, image processing system, usage management method and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To improve a job efficiency by making standard functions available quickly, in an image formation device for authenticating a user by using wireless authentication and authentication by image.SOLUTION: An image formation device for authenticating a user has a radio communication unit for acquiring information from a radio terminal owned by a user, a wireless authentication unit for authenticating the user by using the information acquired by the radio communication unit, an imaging unit for capturing the image of the user, an image authentication unit for authenticating the user by using the image captured by the imaging unit, when the user uses a first function requiring a prescribed right of use, and a usage management unit for permitting a user, succeeded in authentication by the wireless authentication unit, to use a second function not requiring a prescribed right of use, and permitting a user, succeeded in authentication by the wireless authentication unit and authentication by the image authentication unit, to use a first function.SELECTED DRAWING: Figure 3

Description

  The present application relates to an image forming apparatus, an image processing system, a usage management method, and a program.

  As an authentication method for authenticating a user, an image authentication technique such as face authentication that does not require an operation such as a password input and can prevent spoofing due to loss or theft of an IC card has become widespread.

  For example, an image processing apparatus that authenticates a user by comparing and collating information generated from a face image obtained by imaging a region including the user's face with previously registered authentication information is known. (For example, refer to Patent Document 1).

  However, an authentication method using a captured image such as face authentication (hereinafter referred to as image authentication) is more accurate than an authentication method using an IC card or the like (hereinafter referred to as wireless authentication) that has been widely used. There is a problem that is low.

  Therefore, for example, it is conceivable to use an authentication method for authenticating a user using an authentication result by image authentication and an authentication result by card authentication. Thus, by performing authentication by combining wireless authentication and image authentication, the accuracy of authentication can be improved and spoofing can be prevented.

  However, for example, when such an authentication method is used for an image forming apparatus, image authentication is always performed, so that the accuracy of authentication is high, but a standard function that is frequently used such as copying and scanning is quickly used. There is a problem that the business efficiency is lowered because it cannot be performed.

  Embodiments of the present invention have been made in view of the above problems, and quickly use standard functions in an image forming apparatus that authenticates a user using wireless authentication and image authentication. Improve operational efficiency by making it possible.

  In order to solve the above problems, an image forming apparatus according to an embodiment of the present invention is an image forming apparatus that authenticates a user, and a wireless communication unit that acquires information from a wireless terminal possessed by the user; A wireless authentication unit that authenticates the user using information acquired by the wireless communication unit; an imaging unit that captures an image of the user; and a first that requires a predetermined usage authority of the user When using the function, the image authentication unit that authenticates the user using an image captured by the image capturing unit and the user who has succeeded in the authentication by the wireless authentication unit need the predetermined use authority. A use management unit that permits use of the first function and permits use of the first function to a user who has succeeded in authentication by the wireless authentication unit and authentication by the image authentication unit.

  According to the embodiment of the present invention, in an image forming apparatus that authenticates a user using wireless authentication and image authentication, it is possible to quickly use standard functions, thereby improving business efficiency. Can be improved.

1 is a diagram illustrating a configuration example of an image processing system according to an embodiment. 2 is a diagram illustrating an example of a hardware configuration of an image forming apparatus according to an embodiment. FIG. 2 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the first embodiment. FIG. It is a figure which shows the example of the user information which concerns on 1st Embodiment. 4 is a flowchart illustrating an example of processing of the image forming apparatus according to the first embodiment. FIG. 3A is a diagram (1) illustrating an example of a display screen of the image forming apparatus according to an embodiment. 6 is a flowchart illustrating another example of processing of the image forming apparatus according to the first embodiment. 7 is a flowchart illustrating an example of processing of an image forming apparatus according to a second embodiment. FIG. 6B is a diagram (2) illustrating an example of a display screen of the image forming apparatus according to an embodiment. FIG. 10 is a diagram illustrating an example of a functional configuration of an image forming apparatus according to a third embodiment. It is a figure which shows the example of the function information which concerns on 3rd Embodiment. It is a figure which shows the example of the apparatus setting process which concerns on 3rd Embodiment. 10 is a flowchart illustrating an example of processing of an image forming apparatus according to a fourth embodiment. It is a figure which shows the example of a function structure of the image forming apparatus which concerns on 5th Embodiment. It is a figure which shows the example of the user information which concerns on 5th Embodiment. 10 is a flowchart illustrating an example of processing of an image forming apparatus according to a fifth embodiment. FIG. 10 is a sequence diagram illustrating an example of processing of an image forming apparatus according to a fifth embodiment. It is a figure which shows the example of a function structure of the image forming apparatus which concerns on 6th Embodiment. 14 is a flowchart illustrating an example of processing of an image forming apparatus according to a sixth embodiment.

  Embodiments of the present invention will be described below with reference to the accompanying drawings.

<System configuration>
FIG. 1 is a diagram illustrating a configuration example of an image processing system according to an embodiment. In FIG. 1, the image processing system 100 includes an image forming apparatus 101 and an RFID (Radio Frequency Identifier) tag 102 possessed by a user 105.

  The image forming apparatus 101 is, for example, an electronic device such as an MFP (Multifunction Peripheral), a copier, or a printer having functions such as a printer, a scanner, a copy, and a facsimile.

  The image forming apparatus 101 includes an RF tag reader 103 that receives predetermined information such as a tag ID from an RFID tag 102 within a predetermined range, and a camera 104 that captures an image of the user 105.

  RFID is a technology that performs short-range wireless communication using an electromagnetic field, radio waves, or the like between an RFID tag 102 that stores predetermined information such as a tag ID and an RF tag reader 103.

  For example, when the RFID tag 102 is a passive tag, the RF tag reader 103 radiates a predetermined radio wave to a detection range (predetermined range) of the RF tag reader 103 described later. Further, when receiving the radio wave radiated from the RF tag reader 103, the RFID tag 102 operates using the received radio wave as power, and transmits predetermined information such as a tag ID stored in advance to the RF tag reader 103.

  The passive tag is an RFID tag 102 that operates using radio waves from the RF tag reader 103 as an energy source, and does not need to incorporate a battery. The antenna of the passive tag reflects a part of the radio wave from the RF tag reader 103, and information such as the tag ID is returned on the reflected wave. Since the intensity of this reflection is very small, a passive tag has a shorter communication distance than an active tag that transmits radio waves with its own power, but is inexpensive and operates almost permanently.

  The camera 104 is a camera that, for example, is installed so that the user 105 using the image forming apparatus 101 is included in the image captured by the camera 104 and captures the user 105.

  With the above configuration, for example, when the user 105 holding the RFID tag 102 approaches a predetermined distance (for example, within 3 m) from the image forming apparatus 101, predetermined information (for example, tag ID) stored in the RFID tag 102 Is automatically transmitted to the image forming apparatus 101.

  The image forming apparatus 101 authenticates the user 105 (or the RFID tag 102) based on user information registered in advance (hereinafter referred to as user information) and the tag ID received from the RFID tag 102 (see FIG. (Wireless authentication).

  If the wireless authentication of the user 105 is successful, the user 105 uses a standard function (image forming function) that does not require a predetermined use authority such as copying, scanning, and printing. Will be able to.

  Here, for example, when the user 105 uses a function (management function) that requires a predetermined use authority, such as a setting change of the image forming apparatus 101, the image forming apparatus 101 displays the image of the user 105. And image authentication. For example, the image forming apparatus 101 extracts a face image of the user 105 included in an image captured using the camera 104 and performs face authentication of the user 105.

  The image forming apparatus 101 permits a user 105 who has succeeded in wireless authentication and image authentication to use a function that requires a predetermined use authority (hereinafter referred to as a management function).

  As a result, in the image forming apparatus 101 according to the present embodiment, the standard functions of the image forming apparatus 101 can be used only by wireless authentication, and the management functions have succeeded in wireless authentication and image authentication. Only the user 105 is allowed to use it.

  Therefore, according to the present embodiment, in the image forming apparatus 101 that authenticates the user 105 using wireless authentication and image authentication, a standard function can be used quickly, so that Efficiency can be improved.

  Note that the system configuration shown in FIG. 1 is merely an example. For example, the image forming apparatus 101 may be various information processing apparatuses that authenticate a user, such as a PC (Personal Computer), a tablet terminal, a smartphone, a game machine, and a video conference apparatus. In addition, the camera 104, the RF tag reader 103, and the like may be externally attached to the outside of the image forming apparatus 101.

  The RFID tag 102 may be an RFID active tag, a semi-active tag, or the like. Note that the RFID tag 102 is an example of a wireless terminal. The wireless terminal is equipped with a wireless system different from the RFID, for example, a Bluetooth (registered trademark) Low Energy (hereinafter referred to as BLE), a NFC (Near Field Communication) or the like, or a RFID tag or the like ( Alternatively, it may be a mounted object or the like.

  Further, the image authentication is not limited to face authentication, and various authentication methods for performing user authentication using an image obtained by capturing the user and characteristic information about the user's living body, such as fingerprint authentication, iris authentication, It may be vein authentication or the like.

<Hardware configuration>
(Hardware configuration of image forming apparatus)
FIG. 2 is a diagram illustrating an example of a hardware configuration of the image forming apparatus according to the embodiment. The image forming apparatus 101 includes a main body 210 that realizes various image forming functions such as a copy function, a scanner function, a fax function, and a printer function, and an operation unit 220 that receives a user operation. Note that accepting a user operation is a concept including accepting information (including a signal indicating a coordinate value of a screen) input according to the user operation. The main body 210 and the operation unit 220 are connected to be communicable with each other via a dedicated communication path 230. The communication path 230 may be, for example, a USB (Universal Serial Bus) standard, but may be of any standard regardless of wired or wireless.

  The main body 210 can perform an operation corresponding to the operation received by the operation unit 220. The main body 210 can also communicate with an external device such as a client PC (personal computer), and can also perform an operation according to an instruction received from the external device.

  First, the hardware configuration of the main body 210 will be described. As shown in FIG. 2, the main body 210 includes a CPU (Central Processing Unit) 211, a ROM (Read Only Memory) 212, a RAM (Random Access Memory) 213, a storage unit 214, a communication I / F (Interface) 215, and a connection I. / F216, engine unit 217, moving body sensor 218, system bus 219, and the like.

  The CPU 211 controls the overall operation of the main body 210 by executing a program stored in the ROM 212 or the storage unit 214 using the RAM 213 as a work area (work area). For example, the CPU 211 uses the engine unit 217 to realize various functions such as the copy function, the scanner function, the fax function, and the printer function described above.

  The ROM 212 is, for example, a non-volatile memory that stores a basic input / output system (BIOS) executed when the main body 210 is started, various settings, and the like. The RAM 213 is a volatile memory used as a work area for the CPU 211. The storage unit 214 is a non-volatile storage device that stores, for example, an OS (Operating System), application programs, various data, and the like, and includes, for example, an HDD (Hard Disk Drive), an SSD (Solid State Drive), or the like. The

  The communication I / F 215 is a network interface such as a wireless LAN or a wired LAN for connecting the main body 210 to the network 240 and performing communication with an external device connected to the network 240. The connection I / F 216 is an interface for communicating between the main body 210 and the operation unit 220 via the communication path 230.

  The engine unit 217 is hardware that performs general-purpose information processing and processing other than communication for realizing functions such as a copy function, a scanner function, a fax function, and a printer function. The engine unit 217 includes, for example, a scanner (image reading unit) that scans and reads an image of a document, a plotter (image forming unit) that performs printing on a sheet material such as paper, and a fax unit that performs fax communication. . Furthermore, the engine unit 217 may include specific options such as a finisher that sorts printed sheet materials and an ADF (automatic document feeder) that automatically feeds documents.

  The moving body sensor 218 is a sensor that detects a moving body such as a human body within a detection range around the image forming apparatus 101. For example, a pyroelectric sensor or the like is used. In the present embodiment, the image forming apparatus 101 does not have to include the moving body sensor 218.

  A system bus 219 is connected to each of the above components, and transmits an address signal, a data signal, various control signals, and the like.

  Next, the hardware configuration of the operation unit 220 will be described. As shown in FIG. 2, the operation unit 220 includes a CPU 221, a ROM 222, a RAM 223, a flash memory 224, a communication I / F 225, an operation panel 226, a connection I / F 227, an external connection I / F 228, an RF tag reader 103, a camera 104, and A system bus 229 and the like are included.

  The CPU 221 controls the operation of the entire operation unit 220 by executing a program stored in the ROM 222 or the flash memory 224 using the RAM 223 as a work area (working area).

  The ROM 222 is a non-volatile memory that stores, for example, a BIOS executed when the operation unit 220 is activated, various settings, and the like. The RAM 223 is a volatile memory used as a work area for the CPU 221. The flash memory 224 is, for example, a non-volatile storage device that stores an OS, application programs, various data, and the like.

  The communication I / F 225 is, for example, a network interface such as a wireless LAN or a wired LAN in order to connect the operation unit 220 to the network 240 and perform communication with an external device connected to the network 240.

  The operation panel 226 accepts various inputs according to user operations and displays various information. The operation panel 226 is configured by, for example, a liquid crystal display (LCD) having a touch panel function, but is not limited thereto. The operation panel 226 may be configured by, for example, an organic EL (Electro Luminescence) display device equipped with a touch panel function. Further, the operation panel 226 can be provided with an operation unit such as a hardware key or a display unit such as a lamp in addition to or instead of this.

  The connection I / F 227 is an interface for communicating between the operation unit 220 and the main body 210 via the communication path 230.

  The external connection I / F 228 is an interface such as a USB for connecting an external device. The external devices connected to the external connection I / F 228 can include, for example, the camera 104 attached to the outside of the image forming apparatus 101, the RF tag reader 103, and the like.

  The RF tag reader 103 corresponds to the RF tag reader 103 in FIG. 1 and is an example of a wireless communication apparatus that acquires predetermined information used for wireless authentication from the RFID tag 102. As described above, the RF tag reader 103 may be provided outside the image forming apparatus 101.

  The camera 104 corresponds to the camera 104 in FIG. 1 and is an example of an imaging device that captures an image of a user. As described above, the camera 104 may be provided outside the image forming apparatus 101.

  The system bus 229 is connected to each of the above components, and transmits an address signal, a data signal, various control signals, and the like.

[First Embodiment]
<Functional configuration>
FIG. 3 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the first embodiment.

(Functional structure of the main unit)
A main body 210 of the image forming apparatus 101 includes a moving body detection unit 321, a state control unit 322, an image formation unit 323, a storage unit 325, a communication unit 324, and the like.

  The moving body detection unit 321 is realized by, for example, a program executed by the CPU 211 (or CPU 221) in FIG. 2, and uses the moving body sensor 218 to move the moving body (in the detection range) around the image forming apparatus 101 (in the detection range). For example, a person) is detected. In addition, when a moving body is detected within the detection range, the moving body detection unit 321 notifies the state control unit 322 that the moving body has been detected.

  The state control unit 322 is realized by, for example, a program executed by the CPU 211 (or CPU 221) in FIG. 2 and controls the power state of the operation unit 220 and the main body 210. For example, the state control unit 322 causes the image forming apparatus 101 to be in a power saving state in which the power consumption is lower than the normal state in which the image forming process can be performed when the image forming apparatus 101 is not used for a preset time. To move to. When the state control unit 322 receives a notification from the moving body detection unit 321 that the moving body is detected while the image forming apparatus 101 is in the power saving state, the state control unit 322 moves the operation unit 220 from the power saving state to the normal state. Return to the normal state where operation is possible.

  The image forming unit 323 is realized by, for example, a program executed by the CPU 211 (or the CPU 221) in FIG. 2, and has an image forming function (for example, printing, copying, scanning, faxing, etc.) provided in the image forming apparatus 101, as shown in FIG. This is executed using the engine unit 217.

  The communication unit 324 is realized by, for example, a program executed by the CPU 211 (or CPU 221) in FIG. 2 and communicates with the operation unit 220 using the connection I / F 216 in FIG.

  The storage unit (storage unit) 504 is realized by, for example, the storage unit 214 in FIG. 2, the RAM 213, and a program executed by the CPU 211 in FIG. 2 and the like, and user information A 326 that is user information registered in advance. Store information.

(Function configuration of the operation unit)
The operation unit 220 of the image forming apparatus 101 includes a wireless communication unit 301, a wireless authentication unit 302, an imaging unit 303, an image authentication unit 304, a usage management unit 305, a user information management unit 306, a usage authority management unit 307, and a display control unit. 308, an operation reception unit 309, a communication unit 310, a storage unit 311, and the like.

  The wireless communication unit 301 is realized by, for example, a program executed by the CPU 221 (or the CPU 211) in FIG. 2, and uses the RF tag reader 103 or the like to transmit predetermined information from the RFID tag (wireless terminal) 102 possessed by the user 105. (Radio tag ID etc.) is acquired.

  The wireless authentication unit 302 is realized by, for example, a program executed by the CPU 221 (or CPU 211) in FIG. The wireless authentication unit 302 uses the predetermined information (for example, tag ID) acquired (received) by the wireless communication unit 301 and the user information registered in advance, and the user 105 (or RFID possessed by the user 105). The tag 102) is authenticated (wireless authentication).

  For example, when the tag ID of the RFID tag 102 acquired by the wireless communication unit 301 is included in the previously registered user information, the wireless authentication unit 302 permits authentication of the user 105 (or the RFID tag 102) (success). ) In addition, when the tag ID of the RFID tag 102 acquired by the wireless communication unit 301 is not included in the user information registered in advance, the wireless authentication unit 302 rejects the authentication of the user 105 (or the RFID tag 102) ( Make it fail).

  The imaging unit 303 is realized by, for example, a program executed by the CPU 221 (or the CPU 211) in FIG. 2 and captures an image of the user 105 using the camera 104.

  The image authentication unit 304 is realized by, for example, a program executed by the CPU 221 (or CPU 211) in FIG. The image authentication unit 304 is registered in advance with an image of the user 105 captured by the imaging unit 303 when the user 105 uses a function (first function) that requires a predetermined usage authority, for example. The user 105 is authenticated (image authentication) using the acquired user information.

  For example, the image authentication unit 304 extracts the facial feature information of the user 105 from the image of the user 105 captured by the imaging unit 303, and extracts the extracted facial feature information and pre-registered user information. The similarity of feature information of a plurality of users included is calculated. Further, the image authentication unit 304 authenticates the user 105 when the similarity between the extracted facial feature information of the user 105 and the feature information of one user included in the user information is equal to or greater than a threshold value. Allow (success).

  Note that the image authentication unit 304 according to the present embodiment may perform user face authentication using any face authentication method (for example, the technique disclosed in Patent Document 1).

  In addition, the image authentication unit 304 performs various known image authentication methods for performing user authentication based on feature information about the user's living body included in the image captured by the imaging unit 303, for example, fingerprint authentication, iris authentication, and the like. Alternatively, user authentication may be performed by vein authentication or the like.

  The usage management unit 305 is realized, for example, by a program executed by the CPU 221 (or CPU 211) in FIG. The use management unit 305 is a standard function (second function) that does not require a predetermined authority (for example, administrator authority) set in advance for the user 105 who has succeeded in wireless authentication by the wireless authentication unit 302. ) Is allowed. The use management unit 305 also has a management function (an example of a first function) that requires a predetermined authority for the user 105 who has succeeded in wireless authentication by the wireless authentication unit 302 and image authentication by the image authentication unit 304. ) Is allowed.

  The user information management unit 306 is realized by, for example, a program executed by the CPU 221 (or CPU 211) in FIG. 2 and stores and manages user information a 312 in the storage unit 311.

  Here, examples of the user information a 312 and the user information A 326 will be described.

  FIG. 4 is a diagram illustrating an example of user information according to the first embodiment. FIG. 4A shows an example of user information a 312 stored in the storage unit 311 of the operation unit 220. The user information a 312 stores information on a plurality of users who are permitted to use the image forming apparatus 101. In the example of FIG. 4A, “user ID”, “wireless tag ID”, And information such as “user characteristic information”.

  “User ID” is identification information for identifying each user.

  “Radio tag ID” is identification information (tag ID) transmitted by the RFID tag 102 possessed by each user. The “wireless tag ID” is an example of predetermined information transmitted from the wireless tag.

  “User feature information” is feature information of each user (for example, facial feature information). In the “user characteristic information”, for example, information such as the contour of the face, the shape of each part such as eyes, nose, chin, cheekbone, and relative position is acquired and stored in advance. The data format shown in FIG. 4A is an example of the data format of “user feature information”, and the data format of “user feature information” may be any format.

  FIG. 4B shows an example of user information A 326 stored in the storage unit 325 of the main body 210. The user information A326 stores information on a plurality of users who are permitted to use the image forming apparatus 101. In the example of FIG. 4B, “user ID”, “mail address”, login Information such as “password” and “authority information” is included.

  The “user ID” is identification information for identifying each user, and corresponds to the “user ID” of the user information a 312 shown in FIG.

  “Mail address” is the mail address of each user.

  The “login password” is a password when each user logs in to the image forming apparatus 101 by inputting a password.

  “Authority information” is information indicating the authority of each user. In the example of FIG. 4B, “general” indicating that the user is a general user, and an administrator who manages the image forming apparatus 101. Two types of authority “administrator” indicating the existence are included.

  Note that the user information a 312 illustrated in FIG. 4A and the user information A 326 illustrated in FIG. 4B are examples. For example, the user information a 312 may include information such as “authority information” and “login password” shown in FIG. Further, the user information A 326 may include information such as “wireless tag ID” and “user characteristic information” shown in FIG.

  Further, at least part of the information included in the user information (user information a 312 or user information A 326) may be managed separately from the user information in association with the user ID. . For example, FIG. 4C illustrates an example of authority information 401 in which authority information is stored for each user ID of each user.

  FIG. 4D shows an example of wireless tag ID information 402 in which a wireless tag ID is stored for each user ID of each user. The wireless authentication unit 302 can perform wireless authentication faster than using the user information by using the wireless tag ID information having a smaller information amount than the user information.

  Here, returning to FIG. 3, the description of the functional configuration of the operation unit 220 is continued.

  The usage authority management unit 307 is realized by, for example, a program executed by the CPU 221 (or the CPU 211) in FIG. 2, and obtains the authority information of the user 105 from the user information A 326 stored in the storage unit 325 of the main body 210. get.

  The display control unit 308 is realized by, for example, a program executed by the CPU 221 (or CPU 211) in FIG. 2 and displays an operation screen or the like on the operation panel 226.

  The operation reception unit 309 is realized by, for example, a program executed by the CPU 221 (or CPU 211) in FIG. 2 and receives an operation of the user 105 on an operation screen displayed on the operation panel 226.

  The communication unit 310 is realized by, for example, a program executed by the CPU 221 (or the CPU 211) in FIG. 2, and communicates with the main body 210 using the connection I / F 227.

  The storage unit 311 is realized by, for example, a program executed by the flash memory 224, the RAM 223 in FIG. 2, and the CPU 221 in FIG. 2, and stores various information such as user information a 312.

  Note that the functional configuration of the image forming apparatus 101 shown in FIG. 3 is an example, and does not limit the scope of the present invention. For example, at least a part of the functional configuration included in the operation unit 220 may be included in the main body 210. In addition, at least a part of the functional configuration included in the main body 210 may be included in the operation unit 220.

  Further, the image forming apparatus 101 may be an integrated image forming apparatus 101 that is not divided into the main body 210 and the operation unit 220. Furthermore, at least a part of each functional configuration shown in FIG. 3 may be realized by hardware.

<Process flow>
Subsequently, a flow of a usage management method of the image forming apparatus 101 according to the present embodiment will be described.

(Processing 1 of image forming apparatus)
FIG. 5 is a flowchart illustrating an example of processing of the image forming apparatus according to the first embodiment. This process is an example of the process of the image forming apparatus 101 when the user 105 possessing the RFID tag 102 sets a management function that requires the use authority of the administrator.

  In step S <b> 501, the wireless authentication unit 302 of the image forming apparatus 101 executes a wireless authentication process for the user 105.

  For example, the wireless communication unit 301 acquires a tag ID (hereinafter referred to as a wireless tag ID) stored in the RFID tag 102 from the RFID tag 102 possessed by the user 105.

  Further, the wireless authentication unit 302, when the acquired wireless tag ID is stored in the “wireless tag ID” of the user information a 312 as shown in FIG. 4A, for example, the user 105 (or RFID tag) 102) is permitted (successful). On the other hand, if the acquired wireless tag ID is not stored in the “wireless tag ID” of the user information a 312 as shown in FIG. 4A, for example, the wireless authentication unit 302 uses the user 105 (or RFID tag). 102) wireless authentication is rejected (failed).

  In step S502, the wireless authentication unit 302 determines whether the wireless authentication of the user 105 has been successful.

  When the wireless authentication of the user 105 is successful, the wireless authentication unit 302 shifts the process to step S503. On the other hand, when the wireless authentication of the user 105 has failed, the wireless authentication unit 302 returns the process to step S501, for example, and executes the wireless authentication process again.

  In step S503, the usage management unit 305 performs a standard function (hereinafter referred to as a standard function) that does not require a predetermined usage authority (in this case, an administrator's authority) to the user 105 who has succeeded in the wireless authentication. Allow the use of.

  In step S504, when the use of the standard function is permitted, the display control unit 308 causes the operation panel 226 to display a home screen 610 as illustrated in FIG. On the home screen 610, for example, a selection button 611 for using an image forming function such as a scanner, a copy, and a printer, a selection button 612 for setting the image forming apparatus 101, and the like are displayed.

  In this state, the user 105 can use standard functions of the image forming apparatus 101 such as scanning, copying, and printing.

  In step S505, the operation reception unit 309 receives a device setting operation by the user 105. For example, the user 105 can perform a device setting operation by selecting a selection button 612 for setting the image forming apparatus 101 on the home screen 610 illustrated in FIG.

  In step S506, when the device setting operation is performed, the display control unit 308 causes the operation panel 226 to display an administrator authentication screen 620 as illustrated in FIG. 6B, for example. In the example of FIG. 6B, the administrator authentication screen 620 displays a message that prompts the user 105 to perform image authentication such as face authentication, for example.

  In step S <b> 507, the image authentication unit 304 performs image authentication processing such as face authentication of the user 105.

  For example, the imaging unit 303 captures an image of the user 105. Also, the image authentication unit 304 extracts, for example, the facial feature information of the user 105 from the captured image, and the extracted facial feature information, for example, the user as shown in FIG. The degree of similarity with the user feature information included in the information a 312 is calculated.

  Preferably, the image authentication unit 304 calculates the similarity between the extracted facial feature information and the user feature information corresponding to the user ID of the user 105 who succeeded in the wireless authentication in step S501.

  For example, when the calculated similarity is equal to or greater than the threshold, the image authentication unit 304 permits (successfully) image authentication of the user 105. On the other hand, if the calculated similarity is less than the threshold, the image authentication unit 304 rejects (fails) the image authentication of the user 105.

  In step S508, the image authentication unit 304 determines whether image authentication of the user 105 has been successful.

  When the image authentication of the user 105 is successful, the image authentication unit 304 causes the process to proceed to step S509. On the other hand, when the image authentication of the user 105 has failed, the image authentication unit 304 causes the process to proceed to step S511.

  In step S509, the use management unit 305 has a management function (hereinafter, referred to as a predetermined use right) that requires the user 105 who has succeeded in wireless authentication and image authentication to use the administrator (an example of a predetermined use right). (This is called a management function.)

  In step S510, the display control unit 308 causes the operation panel 226 to display a setting screen 630 including a setting button 631 for the administrator as shown in FIG. 6C, for example. In this state, the user 105 can perform settings for an administrator (for example, registration or change of user information) in addition to standard settings such as basic settings and paper settings.

  On the other hand, when the process proceeds to step S511, the display control unit 308 causes the operation panel 226 to display a standard setting screen 640 that does not include the setting button 631 for the administrator as illustrated in FIG. In this state, the user 105 can perform only standard settings such as basic settings and paper settings.

  In step S512, when the operation receiving unit 309 receives an end operation, the image forming apparatus 101 ends the management function setting process. Note that the user 105 can perform an end operation by selecting an “end” button 632 on a setting screen 630 as shown in FIG. 6C, for example.

(Processing 2 of image forming apparatus)
FIG. 7 is a flowchart illustrating another example of processing of the image forming apparatus according to the first embodiment. This process shows another example of the process shown in FIG. 7 is the same as the process shown in FIG. 5, and here, the description will focus on the differences from the process shown in FIG. 5.

  In step S701, the use management unit 305 confirms whether the user who succeeded in the wireless authentication matches the user who succeeded in the image authentication (is the same user).

  In step S <b> 702, if the user who succeeded in wireless authentication matches the user who succeeded in image authentication, the usage management unit 305 shifts the processing to step 509. On the other hand, if the user who succeeds in the wireless authentication and the user who succeeds in the image authentication do not match, the usage management unit 305 shifts the processing to step 511.

  Image authentication has a problem that the accuracy of authentication is lower than that of wireless authentication. Therefore, in the above process, it is possible to improve the accuracy of the image authentication by determining whether the user who succeeds in the wireless authentication matches the user who succeeds in the image authentication.

  As described above, in the image forming apparatus 101 according to the present embodiment, the standard functions of the image forming apparatus 101 can be used only by wireless authentication, and the management functions are successfully used for wireless authentication and image authentication. Only the user 105 is allowed to use.

  Therefore, according to the present embodiment, in the image forming apparatus 101 that authenticates the user 105 using wireless authentication and image authentication, a standard function can be used quickly, so that Efficiency can be improved.

[Second Embodiment]
The functional configuration of the image forming apparatus 101 according to the second embodiment is the same as the functional configuration of the image forming apparatus 101 according to the first embodiment shown in FIG. In the second embodiment, an example of processing when the user 105 does not have administrator authority (an example of a predetermined authority) and cancels the image authentication process by the image authentication unit 304 is described. explain.

<Process flow>
FIG. 8 is a flowchart illustrating an example of image forming processing according to the second embodiment. Here, an example of processing in the case where the user 105 continuously performs device setting after using the copy function in the image forming apparatus 101 will be described.

  8 are the same as the processes in steps S501 to S504 in FIG. 5, and here, the description will focus on differences from the process according to the first embodiment shown in FIG. . Further, detailed description relating to the same processing as in the first embodiment is omitted here.

  In step S801, the user 105 selects a selection button 611 for using the copy function from the home screen 610 as shown in FIG. 6A, for example, and uses the copy function.

  In step S802, when the user 105 logs out after using the copy function, the image forming apparatus 101 ends the process. On the other hand, when the user 105 does not log out, the image forming apparatus 101 shifts the processing to step S803.

  In step S <b> 803, the operation reception unit 309 receives a device setting operation by the user 105.

  As a specific example in the case of performing such processing, the user 105 cancels the color copy prohibition setting in order to perform color copy after executing copy in the image forming apparatus 101 in which color copy is prohibited. The case where it does is considered.

  In step S804, when the device setting operation is performed, the display control unit 308 causes the operation panel 226 to display an administrator authentication screen 910 as illustrated in FIG.

  In step S805, the wireless authentication unit 302 executes the same wireless authentication process as in step S501 again. As a result, for example, after using the copy function in step S801, wireless authentication can be performed correctly even when another user 105 who has not performed wireless authentication is using the image forming apparatus 101. .

  In step S806, the wireless authentication unit 302 determines whether the wireless authentication of the user 105 has been successful.

  When the wireless authentication of the user 105 is successful, the wireless authentication unit 302 moves the process to step S807. On the other hand, when the wireless authentication of the user 105 fails, the wireless authentication unit 302 ends the process.

  When the process proceeds to step S807, the use authority management unit 307 displays the authority information corresponding to the user ID of the user 105 who succeeded in the wireless authentication in step S805, for example, the user of the main body 210 as shown in FIG. Obtained from information A326.

  In step S808, if the usage management unit 305 and the user 105 have the authority of “manager” (predetermined usage authority), the process proceeds to step S809. On the other hand, if the user 105 does not have “administrator” authority (predetermined use authority), the use authority management unit 307 returns the process to step S504.

  Preferably, when returning the process to step S504, the display control unit 308 causes the operation panel 226 to display a display screen 920 indicating that the administrator authentication has failed, for example, as illustrated in FIG.

  In step S809, the image authentication unit 304 executes image authentication processing such as face authentication of the user 105.

  In step S810, the image authentication unit 304 determines whether image authentication of the user 105 has been successful.

  When the image authentication of the user 105 is successful, the image authentication unit 304 causes the process to proceed to step S811. On the other hand, when the image authentication of the user 105 has failed, the image authentication unit 304 returns the process to step S504.

  Preferably, when returning the process to step S504, the display control unit 308 causes the operation panel 226 to display a display screen 920 indicating that the administrator authentication has failed, for example, as illustrated in FIG.

  In step S811, the use management unit 305 permits the user 105 who has succeeded in the wireless authentication and the image authentication to use the setting screen that requires the use right of the administrator.

  In step S812, the display control unit 308 causes the operation panel 226 to display a setting screen 630 as shown in FIG. 6C, for example.

  In step S812, when the operation reception unit 309 receives a setting end operation, the operation reception unit 309 returns the process to step S504.

  With the above processing, the image forming apparatus 101 cancels the image authentication processing by the image authentication unit 304 when the user 105 does not have the administrator use authority (an example of a predetermined use authority). Therefore, execution of unnecessary image authentication processing can be suppressed.

[Third Embodiment]
In the first and second embodiments, the case where the authority of the user 105 is two of “general” and “administrator” has been described. In the third embodiment, an example will be described in which a plurality of managers with different usage rights are included in the manager.

  For example, a “device administrator” that manages settings of the image forming apparatus 10, a “network administrator” that manages settings related to network connections, and a “document administrator” that manages document access rights are provided to a plurality of administrators. And “super user” having all authority.

<Functional configuration>
FIG. 10 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the third embodiment. The operation unit 220 according to the third embodiment illustrated in FIG. 10 includes a determination unit 1001 in addition to the functional configuration of the operation unit 220 according to the first embodiment illustrated in FIG. In addition, function information 1002 is stored in the storage unit 311 of the operation unit 220.

  The other functional configuration of the image forming apparatus 101 is the same as the functional configuration according to the first embodiment illustrated in FIG. 3, and therefore, here, the description will focus on differences from the first embodiment.

  The determination unit 1001 is realized by, for example, a program executed by the CPU 221 (or the CPU 211) in FIG. 2, and uses the function information 1002 to determine whether or not to perform image authentication for the user 105 using a predetermined function. Determine.

  FIG. 11 is a diagram illustrating an example of functional information according to the third embodiment. In the example of FIG. 11, the function information 1002 includes information such as “function”, “subfunction”, and “authority information”.

  “Function” corresponds to a plurality of functions of the image forming apparatus 101, and includes, for example, a copy, a scanner, a document box, and initial settings as shown in FIG.

  The “sub function” is a subdivided function included in the “function”, and in this embodiment, the usage authority can be set for each sub function. In the example of FIG. 11, the function “document box” includes sub-functions “operation on own document” and “operation on all documents”, and the function “initial setting” includes sub-functions “paper setting”, Includes "Interface Settings".

  Note that there may be functions for which no sub-function is defined, such as the functions “copy” and “scanner” in FIG. In the following description, “function” and “sub-function” may be referred to as “each function of the image forming apparatus 101”.

  “Authority information” is information indicating use authority corresponding to each function of the image forming apparatus 101. For example, in the function information 1002 illustrated in FIG. 11, when the user 105 uses the sub-function “interface setting” of the function “initial setting”, the determination unit 1001 determines that the user 105 has the authority information “device manager”. Or having a “network administrator”. Further, the determination unit determines that image authentication of the user 105 is performed when the user 105 has the usage authority of “device administrator” or “network administrator”. On the other hand, the determination unit determines that image authentication of the user 105 is not performed when the user 105 does not have the usage authority of “device manager” or “network administrator”.

<Process flow>
FIG. 12 is a diagram illustrating an example of a device setting process according to the third embodiment. It is assumed that the wireless authentication of the user 105 has been successful and the home screen is displayed on the operation panel 226 at the start of the processing shown in FIG.

  In step S1201, when the operation accepting unit 309 accepts an initial setting operation by the user 105, in step S1201, the display control unit 308 displays an administrator authentication screen as shown in FIG. To display.

  In step S1203, the determination unit 1001 acquires authority information corresponding to “initial setting” from function information 1002 as illustrated in FIG. 11, for example. For example, from the function information 1002 as illustrated in FIG. 11, the determination unit 1001 includes authority information “device manager” corresponding to the sub function “paper setting” and authority information “device management” corresponding to the sub function “interface setting”. Acquired "and" Network Administrator ".

  In step S1204, the usage authority management unit 307 acquires the authority information of the user 105 from, for example, user information A326 of the main body 210 as illustrated in FIG. 4B.

  In steps S1205 and S1206, the determination unit 1001 performs image authentication of the user 105 based on the authority information corresponding to the initial setting acquired in step S1203 and the authority information of the user 105 acquired in step S1204. Determine.

  For example, in step S1205, the determination unit 1001 determines whether the user 105 is a device manager.

  When the user 105 is a device administrator, the determination unit 1001 shifts the processing to step S1207. On the other hand, when the user 105 is not a device administrator, the determination unit 1001 shifts the processing to step S1206.

  In step S1206, the determination unit 1001 determines whether the user 105 is a network administrator.

  When the user 105 is a network administrator, the determination unit 1001 shifts the processing to step S1211. On the other hand, when the user 105 is not a network administrator, the determination unit 1001 ends the process.

  In step S1207, the image authentication unit 304 executes image authentication processing such as face authentication of the user 105.

  In step S1208, the image authentication unit 304 determines whether image authentication of the user 105 has been successful.

  If the image authentication of the user 105 is successful, the image authentication unit 304 causes the process to proceed to step S1209. On the other hand, when the image authentication of the user 105 fails, the image authentication unit 304 ends the process.

  In step S1209, the usage management unit 305 permits the user 105 to use the initial setting function.

  In step S1210, the display control unit 308 causes the operation panel 226 to display an initial setting screen. As a result, the user 105 can perform initial settings such as paper settings and interface settings, for example.

  In step S <b> 1211, the image authentication unit 304 executes image authentication processing such as face authentication of the user 105.

  In step S <b> 1212, the image authentication unit 304 determines whether image authentication of the user 105 has been successful.

  When the image authentication of the user 105 is successful, the image authentication unit 304 shifts the process to step S1213. On the other hand, when the image authentication of the user 105 fails, the image authentication unit 304 ends the process.

  In step S1213, the use management unit 305 permits the user 105 to use the interface setting function.

  In step S1214, the display control unit 308 causes the operation panel 226 to display an interface setting screen. As a result, the user 105 can set the interface setting among the initial setting functions.

  As described above, according to the present exemplary embodiment, the image forming apparatus 101 performs image authentication for each function and responds to the usage authority even when the administrator includes a plurality of administrators having different usage authorities. Functions can be provided.

[Fourth Embodiment]
In the fourth embodiment, for example, in the processing of the image forming apparatus according to the second embodiment illustrated in FIG. 8, an example in which the user 105 is notified of the failure reason when the administrator authentication fails will be described. To do. The functional configuration of the image forming apparatus 101 according to the fourth embodiment may be the same as the functional configuration of the image forming apparatus 101 according to the first embodiment shown in FIG.

<Process flow>
FIG. 13 is a flowchart illustrating an example of processing of the image forming apparatus according to the fourth embodiment. Note that the processing in steps S501 to S506 in FIG. 13 is the same as the processing according to the first embodiment shown in FIG. 5, and therefore, here, the description will focus on the differences from the first embodiment.

  In step S1301, the wireless authentication unit 302 executes the same wireless authentication process as in step S501 again.

  In step S1302, the wireless authentication unit 302 determines whether the wireless authentication of the user 105 has been successful.

  When the wireless authentication of the user 105 is successful, the wireless authentication unit 302 moves the process to step S1303. On the other hand, when the wireless authentication of the user 105 fails, the wireless authentication unit 302 ends the process.

  In step S1303, the usage authority management unit 307 displays the authority information corresponding to the user ID of the user 105 who succeeded in the wireless authentication in step S1301, for example, the user of the main body 210 as shown in FIG. Obtained from information A326.

  In step S <b> 1304, the usage management unit 305 determines whether the user 105 has “administrator” authority (predetermined usage authority).

  When the user 105 has the authority of “manager”, the usage management unit 305 shifts the processing to step S1305. On the other hand, when the user 105 does not have the authority of “manager”, the usage management unit 305 shifts the processing to step S1307.

  In step S1305, the image authentication unit 304 executes image authentication processing such as face authentication of the user 105.

  In step S1306, the image authentication unit 304 determines whether image authentication of the user 105 has been successful.

  If the image authentication of the user 105 is successful, the image authentication unit 304 causes the process to proceed to step S1308. On the other hand, when the image authentication of the user 105 has failed, the image authentication unit 304 causes the process to proceed to step S1307.

  In step S1307, the display control unit 308 causes the operation panel 226 to display an authentication failure screen 930 including a message notifying the reason for failure as shown in FIG.

  As shown in FIG. 9C, the authentication failure screen 930 is displayed as a dialog on the display screen of the operation panel 226 as an example. In the example of FIG. 9C, a message 931 indicating that there is no use authority is displayed as an example of the reason for failure. As a result, the user 105 can recognize that he / she does not have the authority to set the image forming process.

  For example, when the user 105 selects the “confirm” button 932 on the authentication failure screen 930, the display control unit 308 ends the display of the authentication failure screen 930 and returns the process to step S504.

  In step S1308, the use management unit 305 permits the user 105 who has succeeded in the wireless authentication and the image authentication to use the setting screen that requires the use right of the administrator.

  In step S1309, the display control unit 308 causes the operation panel 226 to display a setting screen 630 as shown in FIG. 6C, for example.

  In step S1310, when the operation reception unit 309 receives a setting end operation, the operation reception unit 309 returns the process to step S504.

  With the above processing, the image forming apparatus 101 cancels the image authentication processing by the image authentication unit 304 when the user 105 does not have the administrator use authority (an example of a predetermined use authority), and determines the failure reason. indicate. Therefore, the image forming apparatus 101 can suppress execution of unnecessary image authentication processing, and the user 105 can determine the reason why the setting cannot be performed.

[Fifth Embodiment]
<Functional configuration>
FIG. 14 is a diagram illustrating an example of a functional configuration of an image forming apparatus according to the fifth embodiment. An operation unit 220 according to the fifth embodiment illustrated in FIG. 14 includes an initial setting application 1401 in addition to the functional configuration of the operation unit 220 according to the first embodiment illustrated in FIG.

  In addition, user information b1402 and login information 1403 are stored in the storage unit 311 of the operation unit 220. The other functional configuration of the image forming apparatus 101 according to the fifth embodiment is the same as that of the image forming apparatus 101 according to the first embodiment shown in FIG. The explanation will be focused on.

  The initial setting application 1401 is an application for the user 105 to set the image forming apparatus 101.

  The login information 1403 stores the user ID of the user who is currently logged into the image forming apparatus 101.

  An example of the user information b1402 is shown in FIG. As shown in FIG. 15, in the user information b1402, “authority information” is added in addition to the information included in the user information a312 according to the first embodiment shown in FIG. This “authority information” is a copy of the authority information included in the user information A 326 stored in the storage unit 325 of the main body 210. The copy timing will be described later.

  In the user information b1402 shown in FIG. 15, the authority information may not be copied. In this case, “unset” is set in the authority information.

<Process flow>
FIG. 16 is a flowchart illustrating an example of processing of the image forming apparatus according to the fifth embodiment. Note that the processing in steps S501 to S503 in FIG. 16 is the same as the processing according to the first embodiment shown in FIG. 5, and therefore, here, the description will focus on differences from the first embodiment.

  In step S1501, the use authority management unit 307 displays authority information corresponding to the user ID of the user 105 who succeeded in the wireless authentication in step S501, for example, user information A326 of the main body 210 as shown in FIG. Get from.

  In step S1502, the usage management unit 305 stores the user ID of the user 105 who has succeeded in the wireless authentication in the login information 1403 of the storage unit 311 and uses the authority information acquired by the usage authority management unit 307 as the user information. b1402.

  In step S1503, when the use of the standard function is permitted, the display control unit 308 displays the home screen 940 and the operation panel 226 as illustrated in FIG. 9D, for example.

  In step S1504, the operation accepting unit 309 accepts the selection of the “initial setting” selection button 941 for using the initial setting application 1401 on the home screen 940 shown in FIG.

  In step S1504, the display control unit 308 causes the operation panel 226 to display an administrator authentication screen 910 as shown in FIG. 9A, for example.

  In step S1506, the wireless authentication unit 302 executes again the same wireless authentication process as in step S501.

  In step S1507, the wireless authentication unit 302 determines whether the wireless authentication of the user 105 has been successful.

  If the wireless authentication of the user 105 is successful, the wireless authentication unit 302 shifts the processing to step S1508. On the other hand, when the wireless authentication of the user 105 fails, the wireless authentication unit 302 ends the process.

  In step S1508, the usage management unit 305 determines whether the user ID of the user 105 who has succeeded in the wireless authentication matches the user ID stored in the login information 1403.

  If the user ID of the user 105 who has succeeded in the wireless authentication matches the user ID stored in the login information 1403, the usage management unit 305 moves the process to step S1509. On the other hand, when the user ID of the user 105 who has succeeded in the wireless authentication and the user ID stored in the login information 1403 do not match, the usage management unit 305 shifts the processing to step S1512.

  In step S1509, the usage management unit 305 determines whether the user 105 is a device manager using the authority information stored in the user information b1402.

  When the user 105 is a device manager, the usage management unit 305 shifts the processing to step S1510. On the other hand, when the user 105 is not a device manager, the usage management unit 305 shifts the processing to step S1512.

  In step S <b> 1510, the image authentication unit 304 performs image authentication processing such as face authentication of the user 105. At this time, for example, the image authentication unit 304 performs image authentication of the user 105 using the user characteristics of the user 105 that succeeded in the wireless authentication in step S1506.

  In step S1511, it is determined whether the user 105 has successfully authenticated the image.

  When the image authentication of the user 105 is successful, the image authentication unit 304 causes the process to proceed to step S1513. On the other hand, when the image authentication of the user 105 has failed, the image authentication unit 304 causes the process to proceed to step S1512.

  In step S1512, the display control unit 308 causes the operation panel 226 to display an authentication failure screen 930 as shown in FIG. 9C, for example.

  On the other hand, in step S1513, the use management unit 305 permits the user 105 who has succeeded in the wireless authentication and the image authentication to use the setting screen that requires the use right of the administrator.

  In step S1514, the display control unit 308 causes the operation panel 226 to display a setting screen 630 as shown in FIG. 6C, for example.

  In step S1515, when the operation reception unit 309 receives a setting end operation, the operation reception unit 309 returns the process to step S1503.

  FIG. 17 is a sequence diagram illustrating an example of processing of the image forming apparatus according to the fifth embodiment. This process shows an example of specific processes in steps S501 to S503 and steps S1501 to S1509 in FIG. Here, it is assumed that the user 105 is permitted to use the image forming apparatus 101 and the information of the user 105 is registered in the user information b1402 and the user information A326. Do.

  In step S <b> 1701, the wireless communication unit 301 acquires a wireless tag ID from the RFID tag 102.

  In step S1702, the wireless authentication unit 302 uses the user information b1402 stored in the storage unit 311 to search for a user ID corresponding to the acquired wireless tag ID.

  In step S1703, when the user ID corresponding to the wireless tag ID is found in step S1702, the wireless authentication unit 302 permits (successfully) wireless authentication of the user 105. Here, as described above, since the information of the user 105 is registered in the user information b1402, wireless authentication of the user 105 is permitted.

  In step S1704, the wireless authentication unit 302 notifies the usage management unit 305 of the authentication result of the wireless authentication. This authentication result includes that the result of the wireless authentication is “success” and the user ID of the user 105 who has succeeded in the wireless authentication.

  In step S1705, the use management unit 305 permits the user 105 to use the standard function, and notifies the display control unit 308 that the use of the standard function is permitted, for example.

  In step S1706, the wireless authentication unit 302 notifies the user information management unit 306 of the authentication result of wireless authentication, for example, in parallel with the processing in step S1704.

  In step S <b> 1707, the user information management unit 306 uses the usage authority management unit 307 to obtain authority information corresponding to the user ID that has been successfully authenticated from the user information A 326 stored in the storage unit 325 of the main body 210. get.

  In step S1708, the user information management unit 306 stores the user ID of the user 105 who has succeeded in the wireless authentication in the login information 1403, and the authority information acquired in step S1707 corresponds to the user ID in the user information b1402. Then remember.

  In step S1709, when receiving a notification indicating that the use of the standard function is permitted from the usage management unit 305 in step S1705, the display control unit 308 displays the home screen 940 on the operation panel.

  In step S1710, when the operation accepting unit 309 accepts an initial setting operation by the user 105, in step S1711, the display control unit 308 causes the operation panel 226 to display the administrator authentication screen 910.

  In step S1712, for example, the display control unit 308 requests the wireless authentication unit 302 to perform wireless authentication.

  In step S <b> 1713, the wireless communication unit 301 acquires the wireless tag ID from the RFID tag 102 again.

  In step S <b> 1714, the wireless authentication unit 302 uses the user information b <b> 1402 stored in the storage unit 311 to search for a user ID corresponding to the acquired wireless tag ID.

  In step S1715, if the user ID corresponding to the wireless tag ID is found in step S1702, the wireless authentication unit 302 permits (successfully) wireless authentication of the user 105. Here, as described above, since the information of the user 105 is registered in the user information b1402, wireless authentication of the user 105 is permitted.

  In step S1716, the wireless authentication unit 302 notifies the usage management unit 305 of the authentication result of the wireless authentication. This authentication result includes that the result of the wireless authentication is “success” and the user ID of the user 105 who has succeeded in the wireless authentication.

  In step S <b> 1717, the usage management unit 305 acquires the user ID of the logged-in user 105 from the login information 1403 stored in the storage unit 311 of the operation unit 220.

  In step S1718, the usage management unit 305 confirms whether the user ID notified from the wireless authentication unit 302 in step S1716 matches the user ID acquired in step S1717. When the two user IDs match, the usage management unit 305 executes the processing after step S1719.

  In step S1719, the usage management unit 305 acquires authority information corresponding to the user ID matched in step S1718 from the user information b1402 stored in the storage unit 311.

  In step S1720, the use management unit 305 confirms whether the user 105 is a device administrator using the authority information acquired in step S1719. If the user 105 is a device administrator, the use management unit 305 requests the image authentication unit 304 to perform image authentication in step S1721.

  Through the above processing, also in the present embodiment, it is possible to quickly use standard functions in the image forming apparatus 101 that authenticates the user 105 using wireless authentication and image authentication. , Work efficiency can be improved.

[Sixth Embodiment]
In the first to fifth embodiments, the example in which the predetermined usage authority is the usage authority of the device administrator has been described, but in the sixth embodiment, the predetermined usage authority is the document administrator. An example will be described.

<Functional configuration>
FIG. 18 is a diagram illustrating an example of a functional configuration of an image forming apparatus according to the sixth embodiment. An operation unit 220 according to the sixth embodiment illustrated in FIG. 18 includes a document management application 1801 in addition to the functional configuration of the operation unit 220 according to the first embodiment illustrated in FIG.

  The document management application 1801 is used by the user 105 to view, delete, edit, etc. the document data 1802 stored in the image forming apparatus 101 (for example, the storage unit 325 of the main body 210). In addition, in order for the user 105 to use the document management application 1801, it is assumed that the user 105 needs to have a “document administrator” usage authority (an example of a predetermined usage authority).

  Other functional configurations of the image forming apparatus 101 according to the sixth embodiment may be the same as those of the image forming apparatus 101 according to the first embodiment shown in FIG.

<Process flow>
FIG. 19 is a flowchart illustrating an example of processing of the image forming apparatus according to the sixth embodiment. This process is an example of the process when the user 105 holding the RFID tag 102 uses the document management application 1801 of the image forming apparatus 101. Note that the processing in steps S501 to S504 in FIG. 19 is the same as the processing according to the first embodiment shown in FIG. 5, and therefore, here, the description will focus on differences from the first embodiment.

  In step S1901, the operation reception unit 309 receives a selection operation of the document management application 1801 by the user 105.

  In step S1902, when the selection operation of the document management application 1801 is performed, the display control unit 308 causes the operation panel 226 to display an administrator authentication screen 910 as illustrated in FIG.

  In step S1903, the wireless authentication unit 302 executes the same wireless authentication process as in step S501 again.

  In step S1904, the wireless authentication unit 302 determines whether the wireless authentication of the user 105 has been successful.

  When the wireless authentication of the user 105 is successful, the wireless authentication unit 302 moves the process to step S1905. On the other hand, when the wireless authentication of the user 105 fails, the wireless authentication unit 302 ends the process.

  In step S1905, the usage authority management unit 307 acquires the authority information corresponding to the user ID of the user 105 who succeeded in the wireless authentication in step S1903, for example, from the user information A326 of the main body 210.

  In step S1906, the usage management unit 305 determines whether the user 105 has the authority of “document manager” (predetermined usage authority).

  When the user 105 has the authority of “document manager” (predetermined usage authority), the usage authority management unit 307 shifts the processing to step S1907. On the other hand, if the user 105 does not have the authority of “document manager” (predetermined usage authority), the usage authority management unit 307 shifts the processing to step S1909.

  In step S1907, the image authentication unit 304 executes image authentication processing such as face authentication of the user 105.

  In step S1908, the image authentication unit 304 determines whether image authentication of the user 105 has been successful.

  If the image authentication of the user 105 is successful, the image authentication unit 304 causes the process to proceed to step S1910. On the other hand, when the image authentication of the user 105 has failed, the image authentication unit 304 causes the process to proceed to step S1909.

  In step S1909, the display control unit 308 causes the operation panel 226 to display an authentication failure screen 930 as shown in FIG. 9C, for example. For example, when the user 105 selects the “confirm” button 932 on the authentication failure screen 930, the display control unit 308 ends the display of the authentication failure screen 930 and returns the process to step S504.

  In step S1910, the use management unit 305 permits the user 105 who has succeeded in the wireless authentication and the image authentication to use the document management application that requires the use authority of the document manager.

  In step S 1911, the document management application 1801 displays the document management screen of the document management application 1801 on the operation panel 226 using the display control unit 308. In this state, the user 105 can browse, delete, edit, etc. the document data 1802 stored in the storage unit 325 of the main body 210, for example.

  In step S <b> 1912, when the operation reception unit 309 receives an end operation of the document management application 1801, the operation reception unit 309 returns the process to step S <b> 504.

  As described above, the predetermined usage authority according to the present embodiment is not limited to the usage authority of the device administrator, and may be various usage authorities such as a document administrator and a network administrator.

DESCRIPTION OF SYMBOLS 100 Image processing system 101 Image forming apparatus 102 RFID tag (wireless terminal)
DESCRIPTION OF SYMBOLS 301 Wireless communication part 302 Wireless authentication part 303 Imaging part 304 Image authentication part 305 Usage management part 308 Display control part 1001 Determination part

JP-A-2015-35178

Claims (10)

An image forming apparatus for authenticating a user,
A wireless communication unit for obtaining information from a wireless terminal possessed by the user;
A wireless authentication unit that authenticates the user using the information acquired by the wireless communication unit;
An imaging unit that captures an image of the user;
An image authentication unit that authenticates the user using an image captured by the imaging unit when the user uses a first function that requires a predetermined usage right;
A user who has succeeded in authentication by the wireless authentication unit and authentication by the image authentication unit by permitting a user who has succeeded in authentication by the wireless authentication unit to use the second function that does not require the predetermined use authority. A use management unit that permits use of the first function;
An image forming apparatus.   The image forming apparatus according to claim 1, wherein the image authentication unit stops authentication by the image authentication unit when the user does not have the predetermined use authority.   The usage management unit rejects the use of the first function when a user who has been successfully authenticated by the wireless authentication unit and a user who has been successfully authenticated by the image authentication unit are not the same user. Item 3. The image forming apparatus according to Item 1 or 2. A storage unit storing function information stored in association with one or more of the first functions and the predetermined use authority;
A determination unit that determines whether or not to perform authentication by the image authentication unit for the user who uses one of the one or more first functions, using the function information;
The image forming apparatus according to claim 1, further comprising:   A display control unit that displays a display screen indicating that the first function cannot be used when the user does not have the predetermined usage right or when the authentication by the image authentication unit fails; The image forming apparatus according to claim 1.   The image forming apparatus according to claim 5, wherein the display screen indicating that the first function cannot be used includes information indicating a reason why the first function cannot be used.   7. The function according to claim 1, wherein the first function is a function for managing the image forming apparatus, and the second function is a function for forming an image in the image forming apparatus. The image forming apparatus described. An image processing system for authenticating a user,
A wireless communication unit for obtaining information from a wireless terminal possessed by the user;
A wireless authentication unit that authenticates the user using the information acquired by the wireless communication unit;
An imaging unit that captures an image of the user;
An image authentication unit that authenticates the user using an image captured by the imaging unit when the user uses a function that requires a predetermined usage right;
The user who has succeeded in the authentication by the wireless authentication unit is allowed to use the function that does not require the predetermined use authority, and the user who has succeeded in the authentication by the wireless authentication unit and the authentication by the image authentication unit, A usage management unit that allows the use of functions that require predetermined usage rights;
An image processing system. A method for managing the use of an image forming apparatus for authenticating a user,
The image forming apparatus includes:
A wireless communication step of acquiring information from a wireless terminal possessed by the user;
A wireless authentication step of authenticating the user using the acquired information;
A first use permission step for allowing a user who has succeeded in the authentication by the wireless authentication step to use a function that does not require a predetermined use right;
An imaging step of capturing an image of the user using the function that requires the predetermined usage authority;
An image authentication step of authenticating the user using the captured image;
A second usage permission step for permitting the user who has succeeded in the authentication in the wireless authentication step and the authentication in the image authentication step to use the function requiring the predetermined usage right;
Including usage management methods.   A program for causing a computer to execute the usage management method according to claim 9.

Images