JP4381329B2 - Communications system - Google Patents

Description

The present invention relates to a communication system that includes a communication unit that transmits and receives information in response to an accepted request and includes a plurality of image processing apparatuses that perform image processing based on registered information.

  A multifunction device having a function of a facsimile machine that transmits and receives images can save the trouble of inputting a fax number at the time of transmission by registering a fax number or the like in the destination information. In a multi-function peripheral having an e-mail transmission function, an e-mail address or the like can be registered in the destination information.

However, when a new device is introduced due to lease expiration or new purchase, it is necessary to newly input destination information. As a method for solving this problem, a method has been proposed in which registration information such as destination information is stored in a memory card and read by a new device (see, for example, Patent Document 1).
JP-A-3-285457

  When a memory card is used, a card reader for the memory card is required, resulting in a problem that costs increase. The destination information is important information similar to customer information. However, when a memory card is used, there is a problem that important information can be easily taken out and security is lowered.

The present invention has been made in view of such circumstances, and a confirmation unit for confirming the protection state of registration information in another image processing apparatus as a transmission destination when a registration information transmission request is received from another image processing apparatus. And a transmission control unit that permits or prohibits transmission of registration information from the communication unit based on the confirmation result, thereby preventing registration information from being transmitted to a destination without a protection function. and purpose thereof is to provide a communication system including a.

Further, the present invention, when accepting a registration information transmission request, confirms the level of protection performed at the transmission destination, and transmits the registration information when the confirmed level is higher than or equal to a predetermined level. Provided is a communication system including an image processing apparatus capable of preventing registration information from being transmitted to a transmission destination having a low level of protection by including transmission control means for permitting and prohibiting transmission of registration information when it is low For other purposes.

In addition, the present invention provides a communication system including an image processing apparatus that can prevent an unspecified number of users from browsing or updating registration information by configuring a protection unit to perform authentication when accepting an operation on registration information. The other purpose is to provide.

In the present invention, when a registration information transmission request is accepted, a confirmation means for confirming an authentication code used at a transmission destination and a case where the confirmed authentication code matches an authentication code used in the apparatus Can prevent registration information from being transmitted to outsiders such as devices with different managers by providing transmission control means that permits transmission of registration information and prohibits transmission of registration information if they do not match Another object is to provide a communication system including an image processing apparatus.

  In addition, the present invention provides an image processing apparatus capable of preventing important information such as destination information from being transmitted to outsiders by processing image processing including image transmission processing and registration information including destination information. To do other purposes.

Communication system according to the present invention, in order to protect the registration information, and protection means for executing a receiving with Rukoto capable plurality of processing settings execution / non-execution or execution frequency in each to request accepted And a communication unit that transmits and receives information in response, and in a communication system having a plurality of image processing devices that perform image processing based on registered information, the protection unit is equipped with a security kit that performs encryption processing or erasure processing And when one of the plurality of image processing apparatuses receives a registration information transmission request from another image processing apparatus, the other image processing apparatus as a transmission destination is protected. the setting of the plurality of processing each and notification of the setting information including the presence or absence of attachment of the security kit to a request, based on the setting information notified from the destination, the protection status of the registration information by the protection means And confirmation means for confirming whether or not to satisfy a condition previously defined, based on the check result of the checking means, and a transmission control means for permitting or prohibiting the transmission of the registration information from the communication means, the confirmation The means is characterized in that when the security kit is installed, the protection state is confirmed to satisfy the prescribed state .

Communication system according to the present invention, in order to protect the registration information, and protection means for executing encryption processing or erase processing can accept each execution / non-execution or execution frequency setting in each to request accepted And a communication unit that transmits and receives information in response, and in a communication system having a plurality of image processing apparatuses that perform image processing based on registration information, the protection unit includes whether or not a security kit that performs encryption or deletion is installed. One of a plurality of the image processing apparatuses, when receiving a registration information transmission request from another image processing apparatus, the protection means of the other image processing apparatus as the transmission destination a plurality of processing each set, as well as request a notification of setting information including the model information of the existence and security kit mounting security kit of the process being set to run , Execution count, or the strength of the encryption, or the confirmation means based on the type of security kit to confirm the level of protection, the level to which the confirmation means has confirmed is higher or equal than the level of protection by their protection means for authorizes the transmission of the registration information, if low you and a sending control means for inhibiting the transmission of registration information.

  The image processing apparatus according to the present invention is characterized in that the protection means is configured to perform authentication when accepting an operation on registered information.

  In the image processing apparatus according to the present invention, the image processing includes image transmission processing, and the registration information includes destination information.

In the present invention, when one image processing apparatus receives a registration information transmission request from another image processing apparatus , the registration information is registered based on the processing setting information in the protection means notified from the destination image processing apparatus . The protection state is confirmed by the confirmation unit, and based on the confirmation result, the transmission of the registration information from the communication unit is permitted or prohibited. Therefore, the parties to whom the registration information is transmitted can be limited. For example, it is possible to permit / prohibit the transmission of registration information according to the presence / absence of the protection function of the registration information of the transmission destination, and it is possible to prevent the registration information from being transmitted to the transmission destination without the protection function. . The registered information often includes important information such as destination information registered by the user, for example, and it is possible to prevent the important information from being transmitted to a device without a protection function, thereby improving security. Furthermore, security can be enhanced, for example, by permitting transmission only when a security kit that performs encryption or erasure as a protection function is installed at the other party and protection is ensured.

In the present invention, when one image processing apparatus accepts a registration information transmission request from another image processing apparatus , the confirmation means confirms the level of protection performed at the transmission destination, and the transmission control means confirms the confirmed level. Registration information is sent to a destination with a low protection level, because transmission of registration information is permitted when it is higher than or equal to a predetermined level such as the protection level of this device, and transmission of registration information is prohibited when it is lower. Can be prevented. The registered information often includes important information such as destination information registered by the user, and can prevent the important information from being transmitted to a device with a low level of protection, thereby improving security. In addition, transmission is permitted only when a security kit that performs encryption or erasure as a protection function is installed at the other party, and the security kit model is more than a predetermined model and protection is guaranteed. it can.

  In the present invention, since the protection means performs authentication when accepting an operation on the registered information, it is possible to limit users who view or update the registered information. However, the registration information may include an administrator setting set by the administrator and a general setting set by the general user. Authentication is performed when an operation for the administrator setting is accepted, and an operation for the general setting is authenticated. It is also possible to accept without. The registration information often includes important information such as destination information registered by the user, for example, so that it is possible to prevent an unspecified number of people from browsing or updating and to improve security.

  In the present invention, the image processing includes image transmission processing, and the registration information includes destination information. Therefore, registration information such as destination information can be prevented from being transmitted to outsiders. It is possible to prevent important information such as destination information from being transmitted to outsiders, thereby improving security.

  According to the present invention, the trouble of newly registering registration information such as destination information can be saved. Further, at this time, it is possible to prevent registration information from being transmitted to a transmission destination having no protection function, thereby improving security.

  ADVANTAGE OF THE INVENTION According to this invention, it can prevent that registration information is transmitted to the transmission destination with a low protection level, and can improve security.

  According to the present invention, it is possible to prevent an unspecified number of people from browsing or updating registered information, and to improve security.

  According to the present invention, it is possible to prevent important information such as destination information from being transmitted to an outsider, thereby improving security.

  Hereinafter, the present invention will be specifically described with reference to the drawings showing embodiments thereof. FIG. 1 is a block diagram showing an example of a communication network having a digital multi-function peripheral (image processing apparatus) according to the present invention. In the example illustrated in FIG. 1, the communication network includes, for example, an internal network N1 constructed in the company and an external network N2 constructed outside the company. Connected to the internal network N1 are the digital multifunction peripheral 1 of the present invention, another digital multifunction peripheral 30, and a plurality of personal computers (hereinafter referred to as personal computers) 32. To the external network N2, another digital multifunction device 36, an Internet fax machine (hereinafter referred to as iFAX machine) 34, and a personal computer 32 are connected.

  As shown in FIG. 1, the digital multi-function peripheral 1 stores an image reading unit 2 having a CCD 2a, an input unit 4a such as various operation keys, and an operation unit 4 including a display unit 4b such as a liquid crystal display panel, and image data. A communication unit (communication means) for controlling communication with the internal network N1, and an image forming unit 6 having a memory 6a, a printing unit 6b for forming an image on a sheet, and an encryption / decryption unit 6c for encrypting / decrypting data. ) 10 and a FAX modem 11 for controlling communication with the telephone line network N3 to which the facsimile machine 38 is connected, a hard disk 12 for storing image data, etc., and management for storing registration information and control programs such as various settings. And a control unit 8 such as a CPU for controlling each component in the apparatus based on the control program and registration information.

  Each component of the digital multi-function peripheral 1 is controlled by the control unit 8 and receives an operation instruction from the input unit 4a such as a touch panel or an input key, and executes processing according to the accepted operation instruction, or the digital multi-function peripheral 1 It is possible to notify the user of necessary information by displaying information on the operation state of the display on the display unit 4b. Further, the management unit 14 stores management information such as a history of operation states of each component, and registration information such as setting information and destination information. In the present embodiment, the digital multifunction peripheral 1 can operate as a copier, a printer, a network scanner, and a facsimile.

  FIG. 2 is a schematic diagram illustrating an example of the operation unit 4. The operation unit 4 includes an input unit 4a and a display unit 4b, and the input unit 4a has a key group disposed adjacent to the liquid crystal panel. In the example of FIG. 2, there are a start key 16 for instructing the start of copying, a full release key 17 for interrupting processing being executed, a clear key 18 for clearing input contents, a FAX number or the number of copies. A numeric keypad 22 for instructing, mode switching keys 23a, 23b, and 23c for switching modes, a setting key 24, and the like are provided. The display unit 4b is composed of a dot matrix type liquid crystal panel, and displays necessary information to the user. In addition, a transparent touch panel is provided on the screen of the liquid crystal panel, and various instructions can be input by operating the touch panel according to information displayed on the liquid crystal panel. It functions as a part of the part 4a.

  In the example of FIG. 2, the mode switching key 23a is assigned to a printer, the mode switching key 23b is assigned to fax or image transmission, and the mode switching key 23c is assigned to copy. When the digital multifunction peripheral 1 is used as a copying machine, for example, when the mode switching key 23c is selected and the start key 16 is pressed, the original set on the image reading section 2 is electronically controlled by the control section 8. The read image data is stored in the memory 6 a and then stored in the hard disk 12. If there are a plurality of documents, the same processing is repeated. Thereafter, the image data stored in the hard disk 12 is sequentially read out at an appropriate timing and sent to the memory 6a under the control of the control unit 8, and the image data is transferred from the memory 6a to the printing unit 6b in accordance with the printing timing of the printing unit 6b. Sent to. When printing a plurality of image data, the image data is repeatedly sent to the printing unit 6b by the number of output copies.

  When the digital multi-function peripheral 1 is used as a printer, the communication unit 10 receives image data transmitted from the personal computer 32 connected to the internal network N1, and the image data received by the communication unit 10 is controlled by the control unit 8. , Sent to the memory 6a, stored in units of pages, and then stored in the hard disk 12. Thereafter, under the control of the control unit 8, the image data stored in the hard disk 12 is sent to the memory 6a, and is sent to the printing unit 6b in the same manner as in the case of using the copying machine described above.

  When the digital multifunction peripheral 1 is used as a network scanner, for example, when the mode switch key 23b is selected and the start key 16 is pressed, the document set on the image reading unit 2 is electronically controlled by the control unit 8. The image data of the read original is stored in the memory 6 a and then stored in the hard disk 12. Thereafter, the image data stored in the hard disk 12 is transmitted to the memory 6 a under the control of the control unit 8, and transmitted from the communication unit 10 to the transmission destination received by the operation unit 4. As the transmission destination of the image data, the personal computer 32 in the internal network N1, the personal computer 32 in the external network N2, the iFAX machine 34, or the printer 36 can be designated. It is also possible to designate a FAX number as a transmission destination and transmit image data from the modem 11 to an external FAX machine 38 via the telephone line network N3. Note that the transmission destination can be selected from the destination information managed by the management unit 14.

  The control program stored in the management unit 14 includes a security program, and the control unit (protection means) 8 performs security processing for protecting data stored in the hard disk 12 and the management unit 14 according to the security program. Execute. Settings such as on / off of security processing can be accepted by the operation unit 4, and the accepted settings are stored in the setting information of the management unit 14 by the control unit 8. The setting information includes general settings that can be set by a general user and administrator information that can be set by an administrator but cannot be set by a general user. The general settings include, for example, screen contrast settings for the display unit 4b, paper feed tray settings, date / time settings, and the like. The administrator setting includes, for example, reading setting of the image reading unit 2, printing setting of the image forming unit 6, transmission setting of the FAX modem 11, operation setting of the operation unit 4, network setting of the communication unit 10, security setting, energy saving setting, And setting of administrator code.

  3, 4, 5, and 6 are diagrams showing examples of display screens of the display unit 4b. FIG. 3A shows an example of the general setting screen. The general setting screen is displayed when, for example, the setting key 24 of the input unit 4a is pressed under the control of the control unit 8. The general setting screen includes, for example, “total used number display”, “screen contrast setting”, “data list print”, “paper tray setting”, “destination registration”, “date / time setting”, and “administrator setting”. And so on. When the selection of “total used number display”, “data list print”, or “destination registration” is accepted, the total used number managed by the management unit 14 is displayed on the display unit 4b under the control of the control unit 8. In addition, a list of data stored in the hard disk 12 is printed by the printing unit 6 or a destination registration screen is displayed to accept destination registration and update destination information in the management unit 14. When the selection of “screen contrast setting”, “paper tray setting”, or “date / time setting” is accepted, the control of the control unit 8 controls the screen contrast setting screen, paper tray setting screen, or date / time setting. A time setting screen is displayed on the display unit 4b, the setting is accepted, and the general setting of the setting information is updated.

  When “administrator setting” is selected on the general setting screen, an administrator code input screen shown in FIG. 3B is displayed on the display unit 4 b under the control of the control unit 8. When the input of the administrator code is received by the numeric keypad 22 of the operation unit 4, the control unit 8 checks the code stored in the management unit 14, and if the authentication is successful, the administrator setting screen shown in FIG. Displayed on the display unit 4b. The administrator setting screen includes, for example, “reading setting”, “printing setting”, “transmission setting”, “operation setting”, “network setting”, “security setting”, “energy saving setting”, “apparatus information”, “management report”. Selection keys such as “print” and “change administrator code” are included. When the selection of “apparatus information”, “print management report”, or “change manager code” is accepted, the control section 8 controls the display section 4b to store apparatus information, which will be described later, managed by the management section 14. The management code based on the above-described management information managed by the management unit 14 is displayed, or the administrator code change screen is displayed to accept the change of the administrator code. When the selection of “reading setting”, “printing setting”, “transmission setting”, “operation setting”, “network setting”, “security setting”, or “energy saving setting” is accepted, the control unit 8 controls , A reading setting screen, a print setting screen, a transmission setting screen, an operation setting screen, a network setting screen, a security setting screen, or an energy saving setting screen are displayed on the display unit 4b, accepting the setting, and setting the administrator of the setting information Update.

  FIGS. 5A and 5B are diagrams showing examples of the security setting screen. In the example of FIG. 5A, “all data area erase” and its “erase count”, “automatic erase at power-on” and its “erase count”, and “automatic erase at job end” and its “erase” It has a selection key such as “number of times”. When the selection of “Erase All Data Area” is accepted, unnecessary data stored in the hard disk 12 is invalidated by overwriting under the control of the control unit 8. In addition, when accepting the selection of “automatic erasing at power-on” or “automatic erasing at job end”, it turns on / off of auto-erasing at power-on or on / off of auto-erasing at the end of job. Switch to update the administrator settings in the setting information. If any of the “erase count” selections is accepted, the designation of the erase count is accepted with the numeric keypad 22 or the like, and the administrator setting of the setting information is updated. 5B includes selection keys such as “data encryption”, “destination printing prohibition”, “data list printing prohibition”, and “management report printing prohibition”. When selection of each selection key is accepted, ON / OFF is switched and the administrator setting of the setting information is updated. In FIGS. 5A and 5B, ON / OFF is indicated by the presence / absence of a check mark (a “let” -shaped mark).

  FIG. 6A shows an example of a network setting screen. In the example of FIG. 6A, an IP address, an IP netmask, an IP gateway, and the like are set as nutwork settings, and are stored in the management unit 14 as setting information. It is also possible to automatically set an IP address or the like using the “DHCP” key. FIG. 6B is a diagram illustrating an example of a device information display screen. The device information includes the model name, serial number, security kit, device name, installation location, and the like, and is stored in the management unit 14. The model name and serial number are stored in the management unit 14 in advance and cannot be changed. The device name or installation location is stored in the management unit 14 after receiving registration from the input unit 4a. If the security kit is installed, the model name of the installed security kit is displayed. If the security kit is not installed, for example, “not installed” is displayed.

  The above-described various screens and registration information such as destination information and various settings are stored in the management unit 14, and display switching and operation acceptance of each setting screen and each setting screen are conventionally performed by the control of the control unit 8. The same is done.

  Further, when the control unit 8 receives a transmission request for registration information such as destination information by the communication unit 10 or the like, the control unit 8 controls the communication unit 10 to communicate with the transmission destination, and obtains information on the transmission destination from the transmission destination. It operates as a transmission control unit that permits or prohibits transmission of registration information from the communication unit 10 based on the acquisition unit that acquires and information on the acquired transmission destination.

  As the information about the transmission destination, the location information about the installation location of the transmission destination device is used. If the location information acquired from the transmission destination matches the predetermined location information, the transmission of the registration information is permitted. It is possible to prohibit the transmission of information. For example, if the location information of the transmission destination matches the location information in the company or department, it is possible to permit transmission of registration information. As the location information, it is possible to use the installation location of the device information or the IP address of the network setting (the upper address is the same in the company or within the department), etc. One or a plurality of location information is used as the predetermined location information. It is possible to register in the management unit 14 in advance. In addition, as the information regarding the transmission destination, identification information regarding the administrator of the transmission destination apparatus can be used. For example, when the administrator code (authentication code) of the transmission destination apparatus matches the administrator code of the apparatus 1, it is possible to permit transmission of registration information. As the administrator code, an administrator ID or password can be used.

  Further, the control unit (confirming unit) 8 confirms the protection state of the registration information of the transmission destination, and permits or prohibits transmission of the registration information from the communication unit 10 based on the confirmation result. For example, it is possible to check the presence or absence of a security kit in the transmission destination device, and to prohibit registration information transmission if there is no security kit. Alternatively, the level of protection performed at the transmission destination is confirmed. If the level of protection at the transmission destination is higher than or equal to the level of protection of this device, transmission of registration information is permitted. Can be prohibited. For example, if the security kit version or model name is the same, the protection level is considered to be at least the same level, or all items for which the security setting of the device is on are at least the same if the destination is also on. It can be considered a level. As the protection level, it is possible to use the encryption strength level, the number of times data is erased (see FIG. 5A), or the like.

  FIG. 7 is a flowchart illustrating an example of a registration information transmission procedure. However, the digital multi-function peripheral 1 is already installed, and a case where another multi-function peripheral (hereinafter referred to as an additional multi-function peripheral) 30 is newly added to the internal network N1 will be described as an example. The configurations of the digital multifunction peripheral 1 and the additional multifunction peripheral 30 are substantially the same. The additional multifunction device 30 that has received the registration information acquisition instruction and the acquisition partner (in this description, the digital multifunction device 1) from the setting screen or the like transmits a request for registration information to the digital multifunction device 1 (S10). The control unit 8 of the digital multifunction device 1 that has received the request by the communication unit 10 transmits a notification request for a management state or a protection state from the communication unit 10 to the additional multifunction device 30 (S12). Here, the management state is information such as an installation location or an administrator, and the protection state is information such as presence / absence of a security kit or security settings.

  Upon receiving the management state or protection state notification request, the additional multifunction device 30 notifies the digital multifunction device 1 of the management state or protection state (S14). The control unit 8 of the digital multifunction device 1 that has received the management state or the protection state by the communication unit 10 confirms the management state or protection state of the additional multifunction device 30 (S16), and permits or prohibits transmission of registration information. For example, if the installation location is in-house, or if a security kit is provided, transmission of registration information is permitted. If the transmission of the registration information is permitted (S18: YES), the control unit 8 controls the communication unit 10 to transmit the registration information to the additional multifunction device 30 (S20). The additional multifunction peripheral 30 that has received the transmitted registration information updates the registration information (S22). When the transmission of the registration information is prohibited (S18: NO), the control unit 8 of the digital multifunction device 1 controls the communication unit 10 to notify the additional multifunction device 30 that transmission is not possible (S24).

  In the embodiment described above, a configuration including only one of a function for permitting or prohibiting transmission of registration information based on a management state and a function for permitting or prohibiting transmission of registration information based on a protection state It is also possible. In addition, the image processing apparatus of the present invention is not limited to a multifunction machine, and can be applied to any apparatus having a communication function.

  If the registration information transmission destination does not have a facsimile function, transmission of destination information regarding the facsimile number is not required. If the registration information transmission destination does not have an email function, the destination information regarding the email address is It is unnecessary. Therefore, the control unit (transmission control means) 8 can acquire the function of the transmission destination, determine whether transmission of registration information is unnecessary, and can prohibit transmission if it is not necessary.

It is a block diagram which shows the example of the communication network which has the image processing apparatus which concerns on this invention. It is a schematic diagram which shows the example of an operation part. It is a figure which shows the example of the display screen of a display part. It is a figure which shows the example of the display screen of a display part. It is a figure which shows the example of the display screen of a display part. It is a figure which shows the example of the display screen of a display part. It is a flowchart which shows the example of the transmission procedure of registration information.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Digital multifunction device 2 Image reading part 4 Operation part 6 Image formation part 8 Control part 10 Communication part 11 FAX modem 12 Hard disk 14 Management part N1 Internal network N2 External network N3 Telephone line network

Claims (4)

To protect the registration information, communication means for transmitting and receiving the protection means to run the receiving with Rukoto capable plurality of processing settings execution / non-execution or execution frequency in each information in response to a request received In a communication system having a plurality of image processing devices that perform image processing based on registration information,
The protection means includes means for determining whether or not a security kit for performing encryption processing or erasure processing is installed,
One of the plurality of image processing apparatuses is
When a registration information transmission request is received from another image processing apparatus, notification of setting information including setting for each of the plurality of processes of the protection means of the other image processing apparatus as a transmission destination and whether or not a security kit is attached Requesting and confirming means for confirming whether or not the protection state of the registered information by the protection means satisfies a predetermined condition based on the setting information notified from the transmission destination;
Transmission control means for permitting or prohibiting transmission of registration information from the communication means based on the confirmation result of the confirmation means ,
When the security kit is installed, the confirmation means confirms that the protection state satisfies the prescribed state . To protect the registration information, communication means for transmitting and receiving a protection means for executing encryption processing or erase processing can accept each execution / non-execution or execution count set in each information in response to a request received In a communication system having a plurality of image processing devices that perform image processing based on registration information,
The protection means includes means for determining whether or not a security kit for performing encryption or erasure is installed,
One of the plurality of image processing apparatuses is
When a registration information transmission request is received from another image processing apparatus, the setting for each of the plurality of processes of the protection means of the other image processing apparatus as the transmission destination, the presence / absence of installation of the security kit, and the model of the security kit Confirmation means for requesting notification of setting information including information and confirming the level of protection based on the content of the processing set to be executed, the number of execution times, the strength of encryption , or the model of the security kit ;
Transmission control means for permitting transmission of registration information when the level confirmed by the confirmation means is higher than or equal to the level of protection by its own protection means, and for prohibiting transmission of registration information when it is lower. A communication system characterized by the above. It said protection means, the communication system according to claim 1 or 2, characterized in that are configured to perform authentication when receiving an operation for registration information. The image processing includes image transmission processing,
The registration information, the communication system according to any one of claims 1 3, characterized in that it comprises a destination information.

Images