JP2023085173A - Printer, control method for printer and program - Google Patents

Abstract

To provide a printer that allows a user to select a use environment for the printer, thereby setting a security function of the printer to a setting suitable for the selected use environment.SOLUTION: In a printer, a set value group including a plurality of set values corresponding to a plurality of setting items including a security setting item specific to the printer is associated with a first use environment, a set value group including a plurality of set values corresponding to a plurality of setting items not including the security setting item specific to the printer is associated with a second use environment, and each of them is stored. Information indicating a selection result for specifying a use environment for the printer is received. The set value of the printer is changed based on the set value group corresponding to the first use environment or the second use environment specified by the information indicating the selection result.SELECTED DRAWING: Figure 6

Description

The present invention relates to a printing apparatus that collectively sets security-related functions.

In general, an information processing apparatus connected to a network has a setting function for setting security-related functions based on user operations. In recent years, information processing apparatuses have come to be installed in various environments such as telecommuting and public spaces shared by an unspecified number of people, and required security settings have become complicated.

In view of this, Japanese Patent Laid-Open No. 2002-100001 discloses a technique of collectively setting security-related functions of an image forming apparatus according to a security level by a user specifying a security level divided into stages.

JP 2007-185814 A

However, Japanese Patent Application Laid-Open No. 2002-200000 does not consider setting security-related functions suitable for the usage environment of the image forming apparatus. Therefore, the user may not know which security level should be specified for the usage environment of the image forming apparatus.

One aspect of the present invention is to provide an information processing apparatus that accepts a user operation for selecting a usage environment of a printing apparatus, thereby setting security-related functions to settings suitable for the selected usage environment. One of the purposes. Another aspect of the present invention is to improve the convenience of setting security-related functions.

In order to achieve at least one of the above objects, a printing device according to one aspect of the present invention provides a setting value group including a plurality of setting values corresponding to a plurality of setting items including security setting items unique to the printing device. is associated with a first usage environment, and a setting value group including a plurality of setting values corresponding to a plurality of setting items that do not include security setting items specific to the printing device is associated with a second usage environment and stored respectively. storage means; reception means for receiving information indicating a selection result for specifying a usage environment of the printing apparatus; and the first use specified by the information indicating the selection result stored in the storage means. setting change means for changing the setting values of the printing device based on the setting value group corresponding to the environment or the second usage environment.

According to one aspect of the present invention, it is possible to provide a printing device that allows a user to select a usage environment of the printing device, thereby setting security-related functions to settings suitable for the selected usage environment. In addition, as another aspect of the present invention, it is possible to enhance the convenience of setting security-related functions.

It is a figure which illustrates the usage environment of an information processing apparatus. 4 is a flowchart showing an example of conditions for classifying usage environments of information processing apparatuses; 2 is a diagram illustrating an example of a hardware configuration of an image forming apparatus 101; FIG. 2 is a diagram illustrating an example of a software configuration of the image forming apparatus 101; FIG. 3A and 3B are diagrams showing examples of screens displayed on the operation unit 320 of the image forming apparatus 101 in the first embodiment. FIG. 4 is a flowchart illustrating an example of security setting processing executed by the image forming apparatus 101; 8 is a flowchart illustrating an example of security setting cancellation processing executed by the image forming apparatus 101; 8A and 8B are diagrams showing examples of screens displayed on the operation unit 320 of the image forming apparatus 101 in the second embodiment; FIG. 10 is a flowchart showing an example of screen display and security setting processing executed by the image forming apparatus 101 in the second embodiment. 10 is a flowchart showing an example of screen display and security setting processing executed by the image forming apparatus 101 in the second embodiment.

Hereinafter, embodiments for carrying out the present invention will be described with reference to the drawings. In addition, the following embodiments do not limit the invention according to the claims, and not all combinations of features described in the embodiments are essential for the solution of the invention. .

<First embodiment>
FIG. 1 is a configuration diagram illustrating the usage environment of an information processing apparatus according to this embodiment.

Image forming apparatuses 101 to 104, which are examples of information processing apparatuses according to the present embodiment, are installed in different usage environments 111 to 114, respectively. The usage environments 111 to 114 illustrated in FIG. 1 are an in-house intranet environment 111, an Internet-connected environment 112, an Internet-prohibited environment 113, and a home environment 114, respectively.

The company intranet environment 111 is an environment in which the image forming apparatus 101 and the PC 121 are connected via a LAN (Local Area Network) 131 in the company. A firewall 141 is installed at the boundary between the LAN 131 and the Internet 100 . That is, the firewall 141 monitors and protects communication between each information processing device in the company intranet environment 111 and the Internet 100 . Therefore, in the corporate intranet environment 111, threats such as access to each information processing device by an attacker from the Internet 100 are greatly reduced.

On the other hand, a firewall is not installed in the Internet direct connection environment 112 . The Internet direct connection environment 112 is an environment in which the image forming apparatus 102 and the PC 122 are directly connected to the Internet 100 for communication. Therefore, information processing apparatuses such as the image forming apparatus 102 and the PC 122 need to take measures against threats such as access by attackers from the Internet 100 by using a personal firewall function in each information processing apparatus.

The Internet prohibited environment 113 is a closed network environment isolated from other networks such as the Internet 100 . Information processing apparatuses such as the image forming apparatus 103 and the PC 123 are connected via a LAN 133 . In the Internet-prohibited environment 113 , network communication is possible only between the information processing devices installed on the LAN 133 . Each information processing device is not accessed by unspecified users on the Internet 100 .

A home environment 114 is an environment in which the image forming apparatus 104 and the PC 124 are connected via a home LAN 134 . Although the LAN 134 is a private network configured by the home router 144, there is no strong firewall security measure as in the in-house intra-environment 111. FIG. Therefore, the information processing devices installed in the home environment 114 have countermeasures against threats such as access by attackers from the Internet 100 by using a personal firewall function in each information processing device, as in the Internet direct connection environment 112 . necessary.

In this embodiment, in addition to the usage environments 111 to 114, a public space environment and a highly confidential management environment (not shown) are assumed. The above six usage environment classifications will be described in detail with reference to FIG.

In this embodiment, the usage environment of the information processing apparatus is classified into six categories, and appropriate security settings are provided for each category. FIG. 2 is a flow chart showing the concept of classification in classifying and defining usage environments. It should be noted that the definition of the usage environment below does not limit the present invention, and some or other usage environments exemplified in this embodiment may be defined. For example, assuming installation within a company, the usage environment may be classified according to industry such as finance and public offices.

S201 is a classification as to whether or not the environment handles highly confidential information. It can be said that an environment in which highly confidential information is handled is an environment in which security measures need to be prioritized. Henceforth, in this embodiment, the highly confidential information management environment 116 is defined as the environment in which the highest priority should be given to this security measure.

If the environment does not handle highly confidential information, the usage environment classification is further subdivided. S202 is a classification as to whether the environment is an entry-controlled environment. This is an example of classification based on whether or not an unspecified user can physically access the information processing device, that is, whether or not users entering the location where the information processing device is installed are restricted. Therefore, the classification condition as to whether physical access is possible is not limited to this embodiment, and conditions other than room entry management may be the classification condition. Also, the room entry management in this embodiment is not limited to the entry/exit system using cards. For example, an environment in which only people who belong to the organization work during work, and who can enter the room is narrowed down, and the room is locked outside of work hours, is also included in the environment where entry is controlled. .

If room entry management is not performed, that is, if an unspecified user can physically access the information processing apparatus, the usage environment is subdivided according to the classification conditions shown in S205. S205 is a classification as to whether or not an unspecified user shares and uses the network in the environment. In this embodiment, an environment in which unspecified users share and use a network within the environment is defined as a public space environment 115 . A home environment 114 is defined as an environment in which unspecified users do not share the network within the environment. In this embodiment, an environment such as the home environment 114 in which unspecified users do not share the network in the environment, that is, an environment in which users can be specified is defined as a private network environment.

The usage environments classified as being subject to room entry management in S202 are further subdivided according to the classification conditions shown in S203. S203 is a classification as to whether or not the information processing apparatus in the environment is connected to an external network such as the Internet. An environment in which there is no connection to an external network such as the Internet is defined as an Internet prohibited environment 113 . Note that the Internet-prohibited environment 113, in which entry is controlled and which is based on the premise of a closed network, is a private network environment.

If the information processing apparatus in the environment is connected to an external network such as the Internet, the usage environment is further subdivided according to the classification conditions shown in S204. S204 is a classification as to whether or not a firewall is installed. An environment in which a firewall is installed is defined as an in-house intranet environment 111 . An environment in which no firewall is installed is defined as an Internet direct connection environment 112 . The in-house intranet environment 111, in which users using the network within the environment can be restricted by a firewall, is a private network environment.

Next, the above six usage environments and security measures to be taken for each usage environment will be described using Table 1. Here are seven examples of security measures.

Communication path encryption is a security measure for preventing information leakage by encrypting communication contents on a network. TLS (Transport Layer Security) is an example of a function that implements encryption of communication paths. In an environment connected to the Internet, it is desirable to encrypt the communication path because there is a possibility that the content of communication may be intercepted by a third party. In other words, it is recommended to encrypt the communication path except for the Internet prohibited environment 113 .

Legacy Protocol Disablement is a security measure that prevents spoofing and information leakage by disabling the ability to use insecure legacy communication protocols. An example of a legacy protocol is WINS (Windows Internet Name Service). As with the encryption of communication paths, it is desirable to disable legacy protocols in an environment connected to an external network such as the Internet. In other words, disabling legacy protocols is recommended except for the Internet prohibited environment 113 .

A personal firewall is a firewall that is installed and used in an information processing device. Like a normal firewall, it monitors communication between the information processing device and an external network such as the Internet. Examples of firewalls are IP filters and port number filters. An IP filter is a security measure that reads destination information and source information of communication packets and permits only communication packets set in advance. As a result, unauthorized access can be prevented and information leakage can be prevented. A port number filter is a security measure that closes unused ports to prevent intrusion from ports. This makes it possible to prevent DoS (Denial of Service), which is a cyber-attack that causes vulnerabilities by imposing a large amount of load. In an environment where the environment is connected to an external network and where no firewall is installed, there is a possibility of information leakage or DoS, so it is desirable to enable a personal firewall. That is, it is recommended to enable the personal firewall except for the Internet prohibited environment 113 which is not connected to the external network and the in-house intranet environment 111 where the firewall is installed.

Strengthening the security of authentication means strengthening countermeasures against spoofing by, for example, prohibiting caching of passwords and specifying the minimum password length. Except for the Internet prohibited environment 113 connected within an isolated network, it is desirable to enhance the security of authentication because of the possibility of spoofing.

Physical attack countermeasures are security countermeasures that prevent information from being physically leaked. The image forming apparatuses 101 to 104 generate temporary data such as print jobs in their hard disks. A perfect erase function is provided that automatically completely erases the generated temporary data at the same time as the job ends. An example of physical attack countermeasures for the image forming apparatuses 101 to 104 is the complete erasing function described above. If this function is set, even if the hard disk is physically removed, the temporary data will not be read. In the home environment 114 and the public space environment 115, which are environments in which entry management is not performed and physical access to the information processing apparatus cannot be restricted, it is desirable to implement physical attack countermeasures. It is also desirable to implement physical attack countermeasures even in the highly confidential information management environment 116, where reducing the risk of information leakage is given top priority.

The file sharing function is the function of sharing files on the network in the environment. In an environment where unspecified users share a network within the environment, it is desirable to disable the file sharing function in order to prevent information leakage. That is, it is recommended to disable the file sharing function except in private network environments where specific users share networks within the environment. As described above, the private network environments in this embodiment are the in-house intranet environment 111, the Internet prohibited environment 113, and the home environment 114. FIG. Therefore, disabling the file sharing function is recommended in the Internet direct connection environment 112, the public space environment 115, and the highly confidential information management environment 116, excluding these. An example of settings related to the file sharing function is SMB (Server Message Block) server settings.

Disabling an external storage device means, for example, setting a USB (Universal Serial Base) storage device so that it cannot be used as an external storage device in the information processing apparatus. This prevents the information from being written to the external storage device, thereby preventing information leakage. In addition, computer virus infection via the USB storage device and associated information leakage can be prevented. The threat of information leakage from an external storage device such as a USB is common in any usage environment. Therefore, it is desirable to disable it in all usage environments.

Table 2 shows setting items and setting values that are recommended for each usage environment based on the security measures described above. For items for which settings are recommended, recommended setting values are indicated, such as "on", "off", and "reject". When the user selects a usage environment on the screen shown in FIG. 5, which will be described later, the recommended setting values for the selected usage environment are applied by the processing shown in FIG. 6, which will be described later.

The image forming apparatuses 101 to 104, which are examples of information processing apparatuses, have a wide variety of setting items such as setting items related to security functions and other setting items, and perform various controls according to setting values corresponding to the setting items. Execute. In this embodiment, 22 items shown in Table 2 are subject to the collective setting of security functions.

LPD, RAW, WSD and IPP are printing protocols for communicating between client devices and printers. Unlike other protocols, IPP is a safer printing protocol than other protocols because the protocol itself provides user authentication, access control, and communication data encryption functions. Therefore, it is recommended to set "use IPP printing" to "on" in a highly confidential information management environment that requires high security. In addition, LPD, RAW, and WSD, which have weaker security than IPP, are recommended to be turned "off" except for reliable environments such as in-house intranet environments and Internet-prohibited environments.

SNMP is a protocol for monitoring and controlling communication devices on a network, and it is possible to check the number of pages printed by a printer, error information, and the like using a PC. SNMPv1 determines the communication range by information called a community name, but since the community name is sent over the network in plaintext, there is a risk of information leakage. Therefore, it is recommended to set this item to "OFF" except for the in-house intranet environment, which is a reliable environment, and the Internet-prohibited environment that is not connected to the Internet.

A dedicated port is a port used for setting and referring to printer information from a printer driver or the like. If the item "Use dedicated port" is set to "Off", printer information cannot be obtained when using a printer driver or the like with a network connection. Since there is a risk of information leakage in an environment directly connected to the Internet or in a public space environment, it is recommended to set this item to "OFF". It is also recommended to turn it "OFF" even in highly confidential information management environments that require high security.

The automatic deletion of interrupted jobs is a function for automatically deleting print jobs that have been interrupted due to an error or the like. It is possible to prevent a situation in which an interrupted print job is restarted after a while and printed matter is left unprinted, thereby reducing the risk of information leakage. It is recommended that this setting be set to "on" in a home environment, a public space environment, or a highly confidential information management environment that requires high security.

A transmission result report is a report for confirming whether transmission to the intended destination was successful. This is an item for setting whether or not to automatically print a report of transmission results such as facsimile, e-mail, and I-fax transmission, and storage in a file server or user box. By turning off the transmission result report, it is possible to prevent reports containing information such as transmitted contents and transmission history from being left unattended on the printer, thereby reducing the risk of information leakage. It is recommended to turn it off in a home environment, a public space environment, or a highly confidential information management environment that requires high security.

Simple login is a method of logging in by pressing a user name displayed on the operation panel, and is a method that saves the trouble of entering a user name. With simple login, it is possible to set a password. In this item, it is possible to set whether or not to always use this password. If the password is not used, the user can easily log in by simply selecting the user name displayed on the operation panel, but there is a risk of spoofing. By setting this item to "ON", the risk of spoofing can be reduced. It is recommended that this setting be set to "on" in a home environment, a public space environment, or a highly confidential information management environment that requires high security.

"Display job status before authentication" is an item for setting whether or not to display a screen for confirming the job status before authentication, assuming that the login service is used. By setting this item to "OFF", it is possible to prevent the job status from being seen by an unspecified number of people and reduce the risk of information leakage. It is recommended that this setting be set to "OFF" in a home environment, a public space environment, or a highly confidential information management environment that requires high security.

A job history is a history of print jobs, and includes information such as the user name of the user who instructed printing and the document name of the printed document. By turning off the display of the job history, it is possible to prevent information such as the document name and the name of the user who printed it from being seen by an unspecified number of people, thereby reducing the risk of information leakage. It is recommended that this setting be set to "OFF" in a home environment, a public space environment, or a highly confidential information management environment that requires high security.

Security events can be audited using the audit log function. For example, a user authentication log can be used to check for unauthorized access or attempted access to a device, and a log for printing, document transmission, setting changes, etc. can be used to check for unauthorized use of the device. The key operation log is a log of key operations performed by the user, and includes, for example, a key operation log at the time of login operation. By saving and analyzing these logs, it is possible to investigate how the printer was operated. By acquiring or storing audit logs and key operation logs, it is possible to prevent the user from denying unauthorized access or use. Since the risk of denial exists in any environment, these settings are commonly recommended settings for the six environments.

Although not listed in Table 2, it is possible to add the following setting items in a highly confidential information management environment that requires high security. For example, "use Mopria", "use AirPrint", "use remote UI", and the like.

In addition, in the home environment, it is also possible to add the following items. For example, items related to PJL (Printer Job Language), Admin (Embedded Web Server) password, SNMPv1/v2, and SNMPv3. For example, a device to which home environment batch setting is applied is controlled so that the PJL or EWS administrator password cannot be changed. SNMP is a device management protocol for an administrator to acquire or set setting values of an image forming apparatus such as a printing apparatus via a network. If SNMP can be used, setting values for the functions of the image forming apparatus can be changed freely, and authority required for each setting can be managed. In order to prevent general users working from home from changing settings after the group of setting values according to the policy determined by the company has been reflected, control settings such as permissions related to the device management protocol in the home environment so that they cannot be changed. be able to. It is also possible to check the firmware version and add setting items related to updates. It is also possible to add a setting item for selecting whether or not to restrict access to PJL commands, and a setting item for redirecting to HTTPS.

Note that the setting values are not limited to the values in Table 2 as long as they are suitable for each use environment. For example, in Table 2, since a firewall is installed in the in-house intranet environment, setting of a personal firewall is unnecessary. However, there may be cases where both a firewall installed in an office and a personal firewall are used. Against this background, it is possible to perform batch settings including personal firewall settings even in an in-house intranet environment or an environment where the Internet is prohibited. The same applies to other setting items.

Among the setting items shown in Table 2, the TLS setting, the setting related to the personal firewall, and the like are setting items related to the network in general. On the other hand, items related to the print protocol and items related to the functions and device management of the printing apparatus, such as print job history display, are setting items specific to the printing apparatus.

This embodiment provides an information processing apparatus that performs settings suitable for a selected usage environment based on the definition of the environment classification and the recommended setting values of the security functions described above. A specific description will be given below.

<Hardware Configuration of Image Forming Apparatus 101>
The hardware configuration of the image forming apparatus 101, which is an example of the information processing apparatus according to this embodiment, will be described with reference to FIG. Although only the image forming apparatus 101 will be described in FIG. It is assumed that the configuration is similar to that of 101 .

The image forming apparatus 101 has a printer 330 that outputs electronic data to paper media, and a scanner 340 that reads paper media and converts them into electronic data. Although the image forming apparatus 101 having a plurality of functions is exemplified as an example of the information processing apparatus in this embodiment, the information processing apparatus is not limited to this. For example, it may be a device such as a single-function printer or scanner. Alternatively, a device such as a 3D printer or a 3D scanner may be used.

A control unit 310 including a CPU (Central Processing Unit) 311 controls the overall operation of the image forming apparatus 101 . A ROM (Read Only Memory) 312 is used to store programs executed by the CPU 311 . The CPU 311 reads control programs stored in the ROM 312 and performs various controls of the image forming apparatus 101 such as reading control and transmission control. A RAM (Random Access Memory) 313 is used as a main memory of the CPU 311 and a temporary storage area such as a work area. A HDD (Hard Disk Drive) 314 is a storage device that stores image data, various programs, and various setting information. Note that another storage device such as an SSD (Solid State Drive) may be provided. Thus, the hardware such as the CPU 311, ROM 312, RAM 313, HDD 314, etc. constitute a so-called computer.

An operation unit I/F (interface) 315 connects the operation unit 320 and the control unit 310 . The operation unit 320 includes a liquid crystal display unit having a touch panel function, various hard keys, and the like. The operation unit 320 functions as a display unit that displays information to the user and a reception unit that receives instructions from the user.

Printer I/F 316 connects printer 330 and control unit 310 . Image data to be printed by the printer 330 is transferred from the control unit 310 via the printer I/F 316 . The input image data is output onto a recording medium by the printer 330 . Scanner I/F 317 connects scanner 340 and control unit 310 . The scanner 340 reads a document placed on a document platen (not shown) and generates image data. The generated image data is input to control unit 310 via scanner I/F 317 .

A network cable is connected to the network I/F 318 and can communicate with an external device on the LAN 131 . In this embodiment, it is assumed that the interface is a communication interface that performs wired communication, but it is not limited to this. For example, it may be a wireless communication interface. Note that the network I/F 318 of the image forming apparatus 101 is connected to the LAN 131, but the connected network differs depending on the usage environment. For example, image forming device 102 is directly connected to Internet 100 . Image forming apparatuses 103 and 104 are connected to LANs 133 and 134, respectively.

<Software Configuration of Image Forming Apparatus 101>
Next, the software configuration of the image forming apparatus 101, which is an example of the information processing apparatus according to this embodiment, will be described with reference to FIG. Each unit shown in FIG. 4 is implemented by the CPU 311 executing a program corresponding to each unit stored in the ROM 312 .

Operation control unit 410 displays a screen for the user on operation unit 320 . It also detects the user's operation, and switches screens or updates the display based on the detection result.

Data storage unit 420 stores data in HDD 314 and reads data from HDD 314 in accordance with requests from other control units. The data storage unit 420 stores setting information for determining the operation of the image forming apparatus 101 as well as information related to security function settings. Specifically, a recommended setting value database 421, pre-change setting data 422, and current operation setting data 423 are stored.

The recommended set value database 421 is a database as shown in Table 2 described above. That is, it is a database in which combinations of security function setting items and setting values suitable for the usage environment of the image forming apparatus 101 are associated with a plurality of divided usage environments. Here, the setting items are items such as TLS setting and WINS setting. The setting values are shown in Table 2 as "on", "off", "reject", and the like. In Table 2, setting items whose setting values are blank and shaded indicate that they do not have recommended setting values. That is, the setting value related to the setting item is not changed, and the setting value before the setting change is inherited. In this embodiment, the recommended setting value database 421 is defined in advance by the vendor of the image forming apparatus 101 and stored in the data storage unit 420 .

The pre-change setting data 422 is data of a combination of setting items and setting values applied before the user selects the environment type on the screen 500 of FIG. 5, which will be described later. When the security setting control unit 430, which will be described later, performs collective setting, it is used to restore the setting values in the event that a problem such as the end user's desired function not being available in the operation setting after collective setting occurs. In this embodiment, the pre-change setting data 422 is stored when the environment type is selected for the first time in the image forming apparatus 101, or when the environment type is selected for the first time after pressing a cancel button 502, which will be described later. . That is, when the user continuously selects the environment type, the pre-change setting data 422 is not updated.

The current operation setting data 423 is data of combinations of setting items and setting values currently applied to the image forming apparatus 101 . When changing the setting, the current operation setting data 423 is rewritten. After that, when the image forming apparatus 101 is restarted, the rewritten current operation setting data 423 is read by the program, and the image forming apparatus is operated with the applied settings.

The security setting control unit 430 collectively sets security functions of the image forming apparatus 101 in accordance with user instructions detected by the operation control unit 410 . Specific setting control will be described later with reference to FIGS. Note that the batch setting in this embodiment is a function that can collectively set recommended setting values for typical security functions defined by vendors. Henceforth, it is also called collective setting function. It is different in nature from a function that applies a security policy edited by the user and prohibits changing the setting for a specific security setting item to a setting that does not match the policy. That is, even if a user such as an administrator performs batch setting using the batch setting function, depending on the actual usage situation, individual setting items can be set via an individual setting change screen (not shown). The value can be changed again to another set value.

A web UI (User Interface) control unit 440 controls a setting screen displayed on an external information processing apparatus such as the PC 121 via the network I/F 318 . The user can refer to and change the settings of the image forming apparatus 101 using the setting screen on the web browser provided by the web UI control unit 440 . Also, the web UI control unit 440 may have a function of importing and exporting the recommended setting value database 421 . By providing this function, the user can create and edit data files related to the recommended setting value database 421 on the PC 121 . Also, the edited recommended setting value database 421 can be transmitted to the image forming apparatus 101 and stored in the data storage unit 420 . Note that the web UI control unit 440 can be omitted in this embodiment.

Next, a setting screen 500 displayed on the operation unit 320 of the image forming apparatus 101 will be described using FIG. Although the setting screen 500 displayed on the operation unit 320 of the image forming apparatus 101 will be described in this embodiment, the present invention is not limited to this. For example, the web UI control unit 440 may be used to provide a web page similar to the setting screen 500 to the web browser of the external information processing apparatus, and the setting operation may be performed via the web page. .

A setting screen 500 is a screen displayed on the operation unit 320 by the operation control unit 410 . A usage environment list button 501 is a button for the user to select a usage environment. The user selects the usage environment of the image forming apparatus 101 from the usage environment list button 501 on the setting screen 500 and presses the execution button 503 . In this embodiment, the user selects one of the six usage environment options shown in FIG. The operation control unit 410 of the image forming apparatus 101 detects the user's operation and transmits information indicating the user's selection result to the security setting control unit 430 . The security setting control unit 430 collectively sets security functions suitable for the usage environment selected by the user and received from the operation control unit 410 .

A setting cancel button 502 is a button for the user to cancel the collective setting after the collective setting of the security functions has been performed. The user performs an operation of pressing the execution button 503 while the setting cancel button 502 is selected. The operation control unit 410 detects the user's operation and transmits information indicating the user's setting cancellation instruction to the security setting control unit 430 . When the security setting control unit 430 receives the information indicating the setting cancellation instruction, it cancels the batch setting of the security function and restores the original setting. After the user selects the usage environment and collectively sets the security function, it is conceivable that a problem may arise in using the image forming apparatus 101 . In such a case, by providing the setting cancel button 502, it is possible to return to the state before the collective setting, and to immediately deal with the problem.

Next, the process from when the user selects the usage environment on the screen 500 to when the security functions are collectively set will be described with reference to FIG.

Each operation (step) shown in the flowchart of FIG. 6 is realized by CPU 311 calling a program for realizing each control unit stored in ROM 312 or HDD 314 to RAM 313 and executing the program.

When the operation control unit 410 detects that the user has selected a usage environment and pressed the execution button 503 on the operation unit 320, the processing shown in FIG. 6 is started.

In S<b>601 , the security setting control unit 430 determines whether or not another usage environment has already been selected and the collective setting of security functions suitable for that usage environment has been applied. The pre-change setting data 422 stored in the data storage unit 420 is used for this determination. When pre-change setting data 422 is stored in data storage unit 420, security setting control unit 430 determines that another usage environment has already been selected. If pre-change setting data 422 is not saved in data storage unit 420, it is determined that another usage environment has not been selected. Therefore, if the pre-change setting data 422 is saved, the process proceeds to S605, and if not saved, the process proceeds to S602.

First, the processing when the pre-change setting data 422 is not saved will be described. In S<b>602 , the security setting control unit 430 saves the combination of the currently applied security function setting items and setting values in the data storage unit 420 as pre-change setting data 422 .

Subsequently, in S<b>603 , the security setting control unit 430 reads recommended setting data from the data storage unit 420 . The recommended setting data is a combination of security setting items and setting values suitable for the usage environment selected by the user. The usage environment selected by the user is detected by the operation control unit 410 on the operation unit 320 , and the security setting control unit 430 receives the information from the operation control unit 410 . The security setting control unit 430 performs the process of S603 by extracting recommended setting data suitable for the selected usage environment from the recommended setting value database 421 stored in the data storage unit 420 .

In step S<b>604 , the security setting control unit 430 applies the read recommended setting data to the setting of the security function of the image forming apparatus 101 . Specifically, the security setting control unit 430 reads the current operation setting data 423 stored in the data storage unit 420 and overwrites the current operation setting data 423 with the recommended setting data. That is, if the recommended setting data has a value for a setting item of a certain security function, the setting value is changed to the recommended setting value. If the recommended setting data does not have a value (items shaded in Table 2), the setting value remains the current value of the operation setting data 423 without change. Through the above processing, the security setting control unit 430 determines a combination of setting items and setting values for the security function to be newly set. Then, the current operation setting data 423 is rewritten with the newly determined data.

Finally, the process advances to step S<b>609 , and the security setting control unit 430 reboots the image forming apparatus 101 . When the image forming apparatus 101 is restarted, the rewritten current operation setting data 423 is read by the program, and the program operates with the new rewritten settings. In this manner, the applied settings are reflected in the operation of the image forming apparatus 101 .

Next, processing when it is determined in S601 that the pre-change setting data 422 is stored in the data storage unit 420 will be described. In S<b>605 , the security setting control unit 430 reads the pre-change setting data 422 stored in the data storage unit 420 .

Subsequently, in S606, the security setting control unit 430 reads recommended setting data suitable for the usage environment selected by the user. The processing of S606 is the same as that of S603.

Proceeding to S607, the security setting control unit 430 uses the pre-change setting data 422 read in S605 and the recommended setting data read in S606 to determine a combination of setting items and setting values for the security function to be newly set. decide. The security setting control unit 430 determines data to be newly set by overwriting the pre-change setting data 422 with the recommended setting data. If the recommended setting data has a value for a setting item of a certain security function, the setting value is changed to the recommended setting value. If the recommended setting data does not have a value (items shaded in Table 2), the setting value remains unchanged from the pre-change setting data. Through the above processing, the security setting control unit 430 determines a combination of setting items and setting values for the security function to be newly set.

Proceeding to step S<b>608 , the security setting control unit 430 applies the setting value determined in step S<b>607 to the setting of the security function of the image forming apparatus 101 . Specifically, the current operation setting data 423 is rewritten with the data newly determined in S607.

Finally, in step S<b>609 , the security setting control unit 430 restarts the image forming apparatus 101 and reflects the applied settings in the operation of the image forming apparatus 101 .

Through the above processing, the user selects the usage environment of the image forming apparatus 101, thereby realizing the processing of collectively setting security functions suitable for the usage environment.

Note that the overwriting process shown in S607 may be omitted. In that case, the processing of S605-S608 is not performed, and only the processing of S603-S604 is performed.

Next, setting cancellation processing using the setting cancellation button 502 will be described with reference to FIG. Each operation (step) shown in the flowchart of FIG. 7 is realized by the CPU 311 calling the program for realizing each control unit stored in the ROM 312 or HDD 314 to the RAM 313 and executing it, as in FIG.

When the operation control unit 410 detects that the user has selected the cancel setting button 502 and pressed the execution button 503 on the operation unit 320, the processing shown in FIG. 7 is started.

In S<b>701 , the security setting control unit 430 reads the pre-change setting data 422 stored in the data storage unit 420 .

In step S<b>702 , the security setting control unit 430 applies the read pre-change setting data 422 to the setting of the security function of the image forming apparatus 101 .

In S<b>703 , the security setting control unit 430 deletes the pre-change setting data 422 stored in the data storage unit 420 .

Finally, in step S<b>704 , the security setting control unit 430 restarts the image forming apparatus 101 to reflect the applied settings in the operation of the image forming apparatus 101 .

By the above processing, the user selects collective setting cancellation, thereby realizing the setting cancellation processing for returning to the state before the collective setting of the security function suitable for the usage environment.

By allowing the user to select the usage environment of the information processing apparatus through the series of processes described above, it is possible to collectively set the settings of the security-related functions to the settings suitable for the selected usage environment. In addition, even if a problem such as the inability to use a function desired by the user arises due to the setting change, the state before the setting change can be immediately restored. In this way, the convenience of setting the security function can be enhanced.

<Second embodiment>
In the first embodiment, as shown in the usage environment list button 501 in FIG. 5, the user selects the environment type. In the second embodiment, a configuration will be described in which a question for judging the usage environment is displayed to the user, and security functions are collectively set based on the usage environment determined by the user's answer to the question. Note that the hardware configuration and software configuration of the image forming apparatus 101 according to the present embodiment are the same as those of the first embodiment, so description thereof will be omitted.

The screen configuration in this embodiment will be described with reference to FIG. FIG. 8 illustrates a setting screen displayed on the operation unit 320 of the image forming apparatus 101. As shown in FIG. Note that although the setting screen displayed on the operation unit 320 of the image forming apparatus 101 will be described in this embodiment, the present invention is not limited to this. For example, the web UI control unit 440 may be used to provide a web page similar to the setting screen 500 to the web browser of the external information processing apparatus, and the setting operation may be performed via the web page. .

Due to space limitations, FIG. 8 shows an example of a screen that can be displayed on the operation unit 320. As shown in FIG. FIG. 8(a) shows a setting screen 800 for presenting the user with a question for judging the Internet prohibited type, the in-house intranet type, or the Internet direct connection type. FIG. 8B shows a setting screen 801 displayed when the user selects "yes" on the setting screen 800. FIG. A setting screen 801 presents the user with a question for determining the in-house intranet type or the Internet direct connection type. FIG. 8C shows a setting screen 802 displayed when the user selects "No" on the setting screen 801. FIG. A setting screen 802 presents that the Internet direct connection type has been determined as a result of the usage environment determination. In addition, a question is presented to the user as to whether or not to apply security function settings suitable for the Internet direct connection type. When the user selects "yes" on the setting screen 802, security function settings suitable for the Internet direct connection type are applied.

The display of the screen shown in FIG. 8 and processing related to batch setting of security functions will be described with reference to FIGS.

Each operation (step) shown in FIGS. 9 and 10 is realized by CPU 311 calling a program for realizing each control unit stored in ROM 312 or HDD 314 to RAM 313 and executing the program.

When the operation control unit 410 detects that the user has opened the security function setting screen on the operation unit 320, the process shown in FIG. 9 is started.

The processes shown in FIGS. 9 and 10 classify which of the definitions shown in FIG. 2 applies to the usage environment used by the user by asking a plurality of questions to the user. Therefore, the following description will be made in correspondence with the environment classification step in FIG.

First, in step S<b>901 , the operation control unit 410 displays on the operation unit 320 a question asking the user whether the usage environment of the image forming apparatus 101 is an environment in which highly confidential information is handled. The question of S901 corresponds to the classification of S201 in FIG. After displaying the question, the process proceeds to S902. When the operation control unit 410 detects that the user's answer to the question in S901 is "yes", the process proceeds to A, which will be described later. If the operation control unit 410 detects "No", the process proceeds to S903.

In step S<b>903 , the operation control unit 410 displays a question on the operation unit 320 asking the user whether or not the usage environment of the image forming apparatus 101 is an environment where entry is controlled. The question of S903 corresponds to the classification of S202 in FIG. After displaying the question, the process proceeds to S904. When the operation control unit 410 detects that the user's answer to the question in S903 is "no", the process proceeds to S905. If the operation control unit 410 detects "Yes", the process proceeds to S907.

In step S<b>905 , the operation control unit 410 displays a question on the operation unit 320 asking the user whether the usage environment of the image forming apparatus 101 is an environment in which unspecified users share the network. The question of S905 corresponds to the classification of S205 in FIG. After displaying the question, the process proceeds to S906. When the operation control unit 410 detects that the user's answer to the question in S905 is "yes", the process proceeds to B, which will be described later. When the operation control unit 410 detects "No", the process proceeds to C described later.

In step S<b>907 , the operation control unit 410 displays on the operation unit 320 a question asking the user whether the usage environment of the image forming apparatus 101 is an Internet connection environment. The question of S907 corresponds to the classification of S203 in FIG. After displaying the question, the process proceeds to S908. When the operation control unit 410 detects that the user's answer to the question in S907 is "no", the process proceeds to D, which will be described later. If the operation control unit 410 detects "Yes", the process proceeds to S909.

In step S<b>909 , the operation control unit 410 displays on the operation unit 320 a question asking the user whether a firewall is installed in the usage environment of the image forming apparatus 101 . The question of S909 corresponds to the classification of S204 in FIG. After displaying the question, the process proceeds to S910. When the operation control unit 410 detects that the user's answer to the question in S909 is "no", the process proceeds to E, which will be described later. If the operation control unit 410 detects "Yes", the process proceeds to S911.

In step S<b>911 , the operation control unit 410 displays on the operation unit 320 a question asking the user whether or not to apply the recommended settings suitable for the in-house intranet environment to the security function settings of the image forming apparatus 101 . After displaying the question, the process proceeds to S912. When the operation control unit 410 detects that the user's answer to the question in S911 is "yes", the process proceeds to S913. When the operation control unit 410 detects "cancel", the process proceeds to F and returns to S901. At this time, instead of returning to S901, the configuration may be such that FIG. 5 is displayed. Alternatively, a message or a QR code (registered trademark) may be displayed to guide display of a detailed manual.

In step S<b>913 , the security setting control unit 430 applies the recommended setting suitable for the in-house intranet environment to the setting of the security function of the image forming apparatus 101 . In applying the recommended settings, the same processing as in the first embodiment described with reference to FIG. 6 is performed. Finally, in step S<b>914 , the security setting control unit 430 restarts the image forming apparatus 101 to reflect the applied settings in the operation of the image forming apparatus 101 .

Next, with reference to FIG. 10, the processes A to E described above will be described.

First, processing A will be described with reference to FIG. In step S<b>1001 , the operation control unit 410 displays on the operation unit 320 a question asking the user whether or not to apply recommended settings suitable for the highly confidential information management environment to the security function settings of the image forming apparatus 101 . After displaying the question, the process proceeds to S1002. When the operation control unit 410 detects that the user's answer to the question in S1001 is "yes", the process advances to S1003. When the operation control unit 410 detects "cancel", the process proceeds to F and returns to S901. In step S<b>1003 , the security setting control unit 430 performs the same processing as in FIG. 6 and applies recommended settings suitable for the highly confidential information management environment to the security function settings of the image forming apparatus 101 . Finally, the process proceeds to G, and the security setting control unit 430 restarts the image forming apparatus 101 in S914.

Processes B to E are processes similar to process A. FIG. Processing A displays and sets the highly confidential information management environment, processing B replaces the public space environment, processing C replaces the home environment, processing D replaces the Internet prohibited environment, and processing E replaces the Internet directly connected environment.

Through the above processing, the user answers the question for determining the usage environment of the image forming apparatus 101, thereby realizing the processing of collectively setting the security function suitable for the usage environment.

<Modification>
In the above-described embodiments, the display of the setting screen and the generation of the current operation setting data are sent to the image forming apparatus 101 or the web browser of the external information processing apparatus using the web UI control unit 440 of the image forming apparatus 101. The case where it is performed on the web page provided by However, it is not limited to this. Specifically, the display of the setting screen and the generation of current operation setting data may be performed on an application in an external information processing device.

The external application displays the setting screen shown in FIG. 5 or 8 and has an operation control unit that receives user operations. It also has a data storage unit that stores data similar to the recommended setting value database 421 , pre-change setting data 422 , and current operation setting data 423 . Note that the external application acquires data similar to the current operation setting data 423 from the image forming apparatus 101 via the network.

First, the external application displays the setting screen shown in FIG. 5 or 8 on the external information processing device. The user selects the usage environment of the image forming apparatus 101 on the external application. The external application receives information indicating the usage environment selected by the user.

The external application extracts recommended setting data suitable for the usage environment selected by the user from the recommended setting value database stored in the external application. The same processing as S601 to S608 in FIG. 6 is performed within the external application to generate new current operation setting data.

The external application transmits an operation setting change instruction to the image forming apparatus 101 based on the generated new current operation setting data. For example, an operation setting change instruction is transmitted using a SetRequest operation of SNMP (Simple Network Management Protocol). It should be noted that the communication protocol used for changing settings and the method for giving instructions for changing settings are not limited to SNMP. For example, it is possible to generate a data file for importing setting values that list setting items and setting values, and transmit the data file to the image forming apparatus 101 . The image forming apparatus 101 that receives this data file changes its settings based on the data file.

The image forming apparatus 101 receives new current operation setting data from the external application and applies it to the settings of the image forming apparatus 101 . The image forming apparatus 101 is restarted, and the applied settings are reflected in the operation of the image forming apparatus 101 .

Through the above processing, the user can set the security function of the image forming apparatus 101 on the application of the external information processing apparatus.

In this modification, the external application acquires current operation setting data from the image forming apparatus 101 via the network. At this time, the acquired current operation setting data may be named and saved in the external application. The name may be given based on the usage environment selected by the user. As described above, after collective setting is performed based on the usage environment selected by the user, the user can again change the setting value of each setting item to another setting value. When the current operation setting data acquired by the external application has individual setting values changed in this way, it may be saved under a new name. The setting data saved in this manner can be distributed to an image forming apparatus different from the image forming apparatus 101 . The distributed setting data is applied to each image forming apparatus.

<Other embodiments>
The present invention supplies a program that implements one or more functions of each of the above-described embodiments to a system or apparatus via a network or a storage medium, and one or more processors in the computer of the system or apparatus reads the program. It can also be realized by executing processing. It can also be realized by a circuit (for example, ASIC or FPGA) that realizes one or more functions.

101 image forming apparatus 410 operation control section 420 data storage section 430 security setting control section

Claims (19)

A printing device,
A setting value group including a plurality of setting values corresponding to a plurality of setting items including a security setting item specific to the printing device is associated with a first usage environment, and a plurality of setting items not including the security setting item specific to the printing device. a storage means for associating a setting value group including a plurality of setting values corresponding to the second usage environment and storing each of them;
receiving means for receiving information indicating a selection result for specifying the usage environment of the printing device;
changing the setting values of the printing apparatus based on the setting value group corresponding to the first usage environment or the second usage environment specified by the information indicating the selection result stored in the storage means; a setting change means for
a printing device. 2. The printing apparatus according to claim 1, wherein said reception means further receives information indicating an instruction to cancel the change of the setting value in said setting change means. The storage means further stores a set value group for canceling the change of the set values in the setting change means,
3. The printing apparatus according to claim 2, wherein the setting value group for canceling the change is a setting value group set in the printing apparatus before the setting value is changed by the setting change means. . The setting change means sets the setting values of the printing device based on the set value group for canceling the change stored in the storage means when the receiving means receives information indicating an instruction to cancel the change. 4. The printing apparatus according to claim 3, wherein: After the setting values of the printing device are changed based on the setting value group corresponding to the first usage environment or the second usage environment, the printing device is configured to set individual setting items of the printing device by the user. 5. The printing apparatus according to claim 1, wherein information indicating an instruction to change a setting value corresponding to is received. 6. The setting change unit according to claim 5, wherein the setting value of the printing apparatus is changed to the setting value indicated by information indicating an instruction to change the setting value corresponding to the individual setting item. printing device. The setting change means is based on a setting value group corresponding to the first usage environment or the second usage environment specified by the information indicating the selection result and a setting value group for canceling the change. 7. The printing apparatus according to any one of claims 3 to 6, wherein the setting values of the printing apparatus are changed. The setting change means overwrites the setting value group for canceling the change with the setting value group corresponding to the first usage environment or the second usage environment specified by the information indicating the selection result. 8. The printing device of claim 7, wherein the printing device settings are determined. 9. The printing apparatus according to any one of claims 1 to 8, wherein the information indicating the selection result is received when a user selects a plurality of divided usage environment options. 9. The printing apparatus according to any one of claims 1 to 8, wherein the information indicating the selection result is received when a user selects an answer to a question for determining the usage environment. The usage environment options include at least a plurality of options out of six options: in-house intranet environment, Internet-connected environment, Internet-prohibited environment, home environment, public space environment, and highly confidential information management environment. 10. The printing device according to claim 9. 12. The setting value group including the plurality of setting values corresponding to the plurality of setting items is characterized in that at least part of the set value group differs for each of the plurality of divided usage environments. The printing device according to . 13. The printing apparatus according to any one of claims 1 to 12, wherein said accepting means accepts information indicating a selection result made by a user through a screen of said printing apparatus. The printing device comprises communication means for performing network communication with an external information processing device,
14. The printing apparatus according to any one of claims 1 to 13, wherein said accepting means accepts information indicating a result of user's selection made by said external information processing apparatus. The set value group stored in the storage means in association with the first usage environment or the second usage environment is set values created by the external information processing device and sent to the printing device. 15. The printing device of claim 14, wherein the printing device is a group. 16. The security setting item peculiar to the printing apparatus includes at least one of a setting item relating to print job history display and a setting item relating to automatic deletion of interrupted print jobs. 10. A printing device according to claim 1. A printing device,
receiving means for receiving, as a result of selection for specifying the usage environment of the printing device, information indicating an environment assumed for use of the printing device in telecommuting;
A setting value including a plurality of setting values corresponding to a plurality of setting items including a security setting item of the printing device associated with information indicating an environment assumed for use of the printing device in telecommuting as the result of the selection. setting change means for changing setting values of the printing device based on the group;
The security setting items of the printing device include setting items related to the device management protocol used by the administrator and setting items related to the password used in the printing device. A control method for a printing device comprising storage means,
The storage means associates a setting value group including a plurality of setting values corresponding to a plurality of setting items including security setting items specific to the printing device with a first usage environment, and includes the security setting items specific to the printing device. associates a set value group including a plurality of set values corresponding to a plurality of set items that do not correspond to a second usage environment and stores them respectively;
The control method is
a receiving step of receiving information indicating a selection result for specifying a usage environment of the printing device;
changing the setting values of the printing apparatus based on the setting value group corresponding to the first usage environment or the second usage environment specified by the information indicating the selection result stored in the storage means; a setting change step to
A control method with A program for causing a computer to execute the control method according to claim 18.

Images