JP4845104B2 - Information processing method, information processing apparatus, program, and information recording medium - Google Patents

Description

  The present invention relates to an information processing method and an information processing apparatus for processing to store a paper document as an electronic document whose originality is guaranteed.

  “E-Document Law” (actually, “Act on the Use of Information and Communication Technology (General Law) in the Preservation of Documents, etc. Performed by Private Business Operators)” and “Private Business Operators”, which were enforced in April 2006 Legislation on the maintenance of related documents accompanying the enforcement of the Act on the Use of Information and Communication Technology for the Preservation of Written Documents (Preparation Act) ”), which has traditionally been legally required to be preserved in paper documents Etc. are now allowed to be stored as digital data (electronic documents).

  When storing a paper document as an electronic document, it is important how to guarantee the originality of the electronic document. In the e-document method, originality assurance by time authentication (time stamp) is regarded as important. In order to handle an electronic document as an original document in administrative procedures, contract procedures, etc., in addition to ensuring that the electronic document has not been tampered with, it is an important requirement that the electronic document has existed since then. Because.

  For example, Patent Document 1 is known as a prior art document relating to time authentication. This document discloses an example of a time authentication system that performs processing for storing an electronic document of a paper document with time authentication for guaranteeing its originality, and an MFP (Multi Function Printer) used therefor. ing.

  In the time authentication system described above, the time authentication acquisition operation (operation of processing for storing a paper document with time authentication for guaranteeing its originality) is as follows. First, the MFP transmits digital data (electronic document) obtained by scanning a paper document or a hash value thereof to a time authentication server (certificate authority), requests time authentication, and receives time authentication (time stamp). wait. In the time authentication server, the received hash value or the hash value generated from the received electronic document and the electronic signature for the time information acquired from the clock unit are generated with a secret key, and this is used as a time stamp (time authentication) to the MFP. Send. When the MFP receives the time stamp from the time authentication server, the MFP transmits the set of the time stamp and the electronic document to the storage server, requests storage, and waits for reception of the storage destination pointer. The storage server encrypts and stores the received electronic document and time stamp, and transmits the storage destination pointer to the MFP. When the MFP receives the save destination pointer, the MFP synthesizes a stamp in which the save destination pointer and the time information extracted from the previously received time stamp are embedded into an electronic document to generate image data for printing. To do.

  The operation when verifying the time authentication of the electronic document is as follows. The MFP scans a stamped document printed at the time of time authentication acquisition, reads the storage destination pointer embedded in the stamp, and transmits it to the storage server to request transfer of the electronic document and the time stamp. . On the storage server side, a pair of electronic document and time stamp corresponding to the storage destination pointer is retrieved, decoded, and transmitted to the MFP. The MFP transmits the time stamp to the time authentication server recognized from the received time stamp and requests verification thereof. The time authentication server decrypts the electronic signature in the received time stamp using a secret key, determines whether or not falsification has occurred, and simultaneously extracts time information embedded in the time stamp. Then, the determination result of the presence / absence of falsification and the time information are transmitted as verification results to the MFP. The MFP displays the received time information, or prints only the time information or an electronic document obtained by synthesizing the time information.

JP 2005-123980 A

  In the time authentication system described in Patent Document 1, when processing requests are concentrated on the time authentication server (certificate authority), the time authentication is requested from the MFP until the time authentication is returned from the time authentication server. There is a long waiting time, during which the MFP cannot proceed to the next processing stage. As a result, it takes a long time to complete the processing for one paper document. This is extremely inconvenient when time authentication is continuously acquired for a large number of paper documents.

  SUMMARY OF THE INVENTION An object of the present invention is to improve the above inconvenience in a process of storing an electronic document of a paper document with authentication for guaranteeing its originality.

The invention described in claim 1
In an information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, an authentication process returned from the authentication server, A first processing step of sequentially executing a process of storing temporary authentication to the effect that a request has been received together with the electronic document in the storage server, and temporarily ending processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing step of completing a process related to the authentication request instruction.

The invention described in claim 2
In an information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, and provisional authentication indicating that an application for authentication is in progress A first processing step of sequentially executing the step of storing the temporary authentication together with the electronic document in the storage server and temporarily ending the processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing step of completing a process related to the authentication request instruction.

The invention according to claim 3
An information processing method according to claim 1 or 2, wherein
In the first processing stage, before temporarily ending the processing related to the authentication request instruction, a step of generating image data for printing the electronic document with a temporary authentication stamp and printing the image data is executed. This is an information processing method.

The invention according to claim 4
An information processing method according to claim 1 or 2, wherein
In the first processing step, before temporarily ending the processing related to the authentication request instruction, image data for printing the electronic document with a temporary authentication stamp is generated, and the image data is stored in the authentication request instruction An information processing method characterized by executing a step of transmitting to an external device as an input source.

The invention described in claim 5
An information processing method according to the invention of claim 3 or 4,
In the information processing method, a storage destination pointer returned from the storage server in the step of storing the temporary authentication together with the electronic document in the storage server is embedded in the temporary authentication stamp.

The invention described in claim 6
An information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, an authentication process returned from the authentication server, First processing means for sequentially executing a process of storing temporary authentication to the effect that a request has been received in the storage server together with the electronic document, and temporarily ending processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing means for executing a process for additionally storing the information and completing the processing relating to the authentication request instruction.

The invention described in claim 7
An information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, and provisional authentication indicating that an application for authentication is in progress A first processing means for sequentially executing a step of storing the temporary authentication together with the electronic document in the storage server, and temporarily ending the processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing means for executing a process for additionally storing the information and completing the processing relating to the authentication request instruction.

The invention according to claim 8 provides:
An information processing apparatus according to the invention of claim 6 or 7,
The first processing unit generates image data for printing the electronic document with a temporary authentication stamp and temporarily prints the image data before temporarily ending the processing related to the authentication request instruction. It is an information processing apparatus characterized by doing.

The invention according to claim 9 is:
An information processing apparatus according to the invention of claim 6 or 7,
The first processing means generates image data for printing the electronic document with a temporary authentication stamp before temporarily ending the processing related to the authentication request instruction, and uses the image data as the authentication request instruction An information processing apparatus that executes a process of transmitting to an input source external apparatus.

The invention according to claim 10 is:
An information processing apparatus according to claim 8 or 9, wherein
The information processing apparatus according to claim 1, wherein a storage destination pointer returned from the storage server in the step of storing the temporary authentication together with the electronic document in the storage server is embedded in the temporary authentication stamp.

The invention according to claim 11
A computer capable of communicating with the authentication server and storage server;
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document into the memory, a step of requesting the authentication server to authenticate the originality of the electronic document, returned from the authentication server, First processing means for sequentially executing a process of storing temporary authentication to the effect that a request for authentication has been received in the storage server together with the electronic document, and temporarily ending processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication Is a program that functions as a second processing unit that executes a step of additionally storing and completes processing related to the authentication request instruction.

The invention according to claim 12
A computer capable of communicating with the authentication server and storage server;
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document into the memory, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, an application for authentication A first processing unit that sequentially executes a step of generating temporary authentication, a step of storing the temporary authentication in the storage server together with the electronic document, and temporarily ending the processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication Is a program that functions as a second processing stage that completes the process related to the authentication request instruction.

The invention according to claim 13
A computer-readable information recording medium on which a program according to the invention of claim 11 is recorded.

(1) In the information processing method or the information processing apparatus according to claims 1 to 10, a long waiting time from when an authentication request is issued to the authentication server due to load concentration of the authentication server or the like until normal authentication is issued Even if such a situation occurs, the process proceeds without waiting for the issuance of regular authentication, and after the authentication request instruction is input, the temporary authentication is added and the electronic document is stored in the storage server. The process related to the request instruction is temporarily terminated. Accordingly, it is possible to continuously input authentication request instructions at short intervals and to efficiently process a large amount of paper documents. When the normal authentication is issued from the authentication server, the temporary authentication is replaced by the authentication, or the authentication is additionally stored, so that the originality of the stored electronic document is secured.
(2) In the information processing method or information processing apparatus according to claims 3 to 5, 8 to 10, a print with a temporary authentication stamp of an electronic document can be obtained by the information processing apparatus or an external apparatus that has input an authentication request instruction. . The temporary authentication stamp does not guarantee the originality of the print, but merely indicates that the authentication request has been accepted by the authentication server or that an application for authentication has been made. However, a print with a temporary authentication stamp is reliable in that limit because it can be presumed that the electronic document has already been granted normal authentication, or if not, normal authentication will be granted. is there. There are many cases where it is desirable to obtain and use prints with such a reliability level as soon as possible. For example, a paper document print created in a company is used in the same company. In such a case, it is very advantageous to obtain a print with a temporary authentication stamp prior to the issuance of regular authentication. In the information processing method or information processing apparatus according to claims 5 and 10, since the storage destination pointer is embedded in the temporary authentication stamp, for example, when performing authentication verification, the storage destination is stored from the print. There is an advantage that the pointer can be easily extracted.
(3) According to the program according to claims 11 and 12 or the program recorded in the information recording medium according to claim 13, it relates to claims 6 and 7 using a computer capable of communicating with the authentication server and the storage server. An information processing apparatus can be easily realized.

  FIG. 1 is a schematic block diagram for explaining an information processing system and its subsystems according to an embodiment of the present invention.

  This information processing system is used for processing to store an electronic document, which is a paper document, with authentication for guaranteeing its originality, and the information according to the present invention is stored in a network 101 such as a LAN, an intranet, or the Internet. An MFP 102 as an example of a processing apparatus, a personal computer (PC) 103 using the MFP 102, an authentication server (certificate authority) 104 that issues authentication for guaranteeing the originality of an electronic document, and a storage used for storing an electronic document In this configuration, subsystems such as the server 105 are connected. The storage server 105 can be integrated with the MFP 102, and such an embodiment is also included in the present invention.

  The MFP 102 includes a data storage unit 111, a transmission / reception processing unit 112, a scanner unit 113, an operation unit 115, a data processing unit 116, an image forming unit 117, an authentication processing unit 118, and a control unit 119.

  The transmission / reception processing unit 112 performs processing related to communication with the PC 103, the authentication server 104, and the storage server 105 through the network 101. The scanner unit 113 scans a paper document, reads an image, and inputs the image as digital data. The data storage unit 111 stores various data. The data processing unit 116 performs compression, expansion, format conversion, and other processing on the digital data input from the scanning unit 113 and the transmission / reception processing unit 112 and the digital data stored in the data storage unit 111. . The image forming unit 117 prints a document on paper. The authentication processing unit 118 is related to processing such as saving a paper document as an electronic document. The operation unit 115 is used by the user to input various instructions to the MFP 102, or the MFP 102 displays a message or the like to the user. The control unit 119 controls the overall operation of the MFP 102 and the above-described units.

  Description of operations of general functions of the MFP 102 as an MFP, that is, a copy function, a printer function, a scanner function, a facsimile function, an image server function, and the like, is omitted. The characteristics of the MFP 102 relate to processing for storing an electronic document, which is a paper document, with authentication for guaranteeing its originality, and the details of the operation and functional configuration will be described later in detail.

  The authentication server 104 is described here as issuing time authentication (time stamp) as authentication for guaranteeing the originality of the electronic document. The authentication server 104 includes a transmission / reception processing unit 120 that performs processing related to communication with the MFP 102 and the like via the network 101, a data storage unit 122 that stores data, a processing unit 123 that performs processing for issuing and verifying time authentication, And a control unit 121 that controls the overall operation of the server and controls the above-described units. The control unit 121 includes a clock that provides highly accurate time information.

  The storage server 105 stores an electronic document of a paper document and authentication for guaranteeing its originality. The storage server 105 stores data, a transmission / reception processing unit 130 that performs processing related to communication with the MFP 102 and the like via the network 101. A data storage unit 132, a processing unit 133 that performs processing related to storage of electronic documents, update storage, and the like, and a control unit 131 that controls the overall operation of the server and the above-described units.

[1] Operation and functional configuration when an authentication request instruction is input First, processing for storing an electronic document of a paper document with authentication for guaranteeing its originality will be described.

  First, the flow of processing will be described. FIG. 2 is a sequence diagram schematically showing the flow of this process.

  (1) First, an authentication request instruction is input to the MFP 102, and an electronic document of a paper document is input. Specifically, the user inputs an authentication request instruction from the operation unit 115 of the MFP 102, and the scanner unit 113 scans the paper document to input an electronic document (digital data) of the paper document. The format of the electronic document is arbitrary, but the data processor 116 performs format conversion as necessary.

  It is also possible to input an authentication request instruction and a paper document electronic document from the PC 103 to the MFP 102. In this case, the electronic document can be input as image data in an arbitrary format or can be input as PDL (page description language). In the latter case, the data processing unit 116 expands the PDL into image data, and further performs necessary format conversion.

  (2) The MFP 102 generates an authentication request at the authentication processing unit 118 and transmits it to the authentication server 104.

  (3) When the authentication server 104 receives the authentication request, the processing unit 123 immediately generates a temporary authentication and transmits it to the MFP 102. This temporary authentication simply indicates that an authentication request has been received (“applying for authentication” from the MFP side), and is different from regular authentication. The authentication server 104 then executes a process for issuing regular authentication in response to the authentication request when it becomes possible.

  (4) When provisional authentication is returned from the authentication server 104, the MFP 102 generates a save request at the authentication processing unit 118 and transmits it to the save server 105.

  (5) When the storage server 105 receives the storage request, the storage server 105 performs processing for storing the electronic document and temporary authentication pair received by the processing unit 133 in the data storage unit 132 and transmits the storage destination pointer to the MFP 102.

  (6) When the storage destination pointer is returned from the storage server 104, the MFP 102 causes the authentication processing unit 118 to display a process of displaying temporary authentication or an electronic document to which a temporary authentication stamp embedded with the storage destination pointer is added. Process to print. When an authentication request instruction is input from the operation unit 115 of the MFP 102, the display is performed by the operation unit 115, and printing is performed by the image forming unit 117. When an authentication request instruction is input from the PC 103, the display data or digital data for printing an electronic document with a temporary authentication stamp is transmitted to the PC 103, and display or print processing is performed on the PC 103 side.

  At this stage, the MFP 102 once ends the process related to the authentication request instruction. Therefore, for example, a new authentication request instruction can be input and processing for it can be started.

  (7) When processing for the authentication request received in (3) becomes possible, the authentication server 104 executes authentication processing in the processing unit 123 to generate regular authentication, and transmits this to the MFP 102. .

  (8) Upon receiving normal authentication, the MFP 102 generates an update storage request in the authentication processing unit 118 and transmits it to the storage server 105.

  (9) In the storage server 105, the processing unit 133 searches the electronic document and the temporary authentication corresponding to the storage destination pointer included in the update storage request, and performs the update storage process. Specifically, the temporary authentication is replaced by the normal authentication included in the update storage request, or the normal authentication is additionally stored. Then, an update storage processing end notification is transmitted to the MFP 102. If the storage destination pointer is changed by the update storage process, the storage destination pointer after the change is returned to the MFP 102. The MFP 102 completes the processing related to one authentication request instruction at this stage.

  The outline of the processing related to the authentication request instruction has been described above. Next, operations of the MFP 102, the authentication server 104, and the storage server 105 will be described in detail.

  3A to 3C are flowcharts for explaining a specific processing procedure example of the MFP 102 at the time of the authentication acquisition processing.

  First, refer to FIG. When an authentication request instruction is input from the operation unit 115 or the PC 103, the control unit 119 of the MFP 119 activates a process A1 illustrated in FIG.

  First, an electronic document as a paper document is input, and an index for searching the electronic document is generated (step 1). Specifically, when an authentication request instruction is input from the operation unit 115, the scanner unit 113 is caused to scan a paper document to generate image data, and the data processing unit 116 formats the data as necessary. An electronic document of a paper document is obtained by performing conversion. When an authentication request instruction is input from the PC 103, the electronic document is obtained by causing the data processing unit 116 to perform processing for expanding the PLD data of, for example, a paper document received from the PC 103 into image data and performing necessary format conversion. To get. The electronic document is stored in the data storage unit 111 at least until the authentication acquisition process is completed. The index of the electronic document is also stored in the data storage unit 111.

  Next, the authentication processing unit 118 performs processing for generating an authentication request, and transmits the generated authentication request to the authentication server 104 by the transmission / reception processing unit 112 (step 2). Specifically, for example, a hash value of an electronic document is generated using a one-way function designated by the authentication server 104 that is the authentication request destination and its parameters, and an authentication request command and request source information (address of the MFP 102) Generate an authentication request consisting of a hash value. However, the electronic document itself may be transmitted instead of the hash value. In this case, the hash value is generated on the authentication server 104 side.

  Next, the authentication processing unit 118 puts the index of the electronic document into the queue (queue) A1, and the control unit 119 activates the process A2 shown in FIG. 3-2 (step 3). The queue A1 is placed in the data storage unit 111. Then, the authentication processing unit 118 waits for reception of temporary authentication from the authentication server 104 (step 4).

  When the temporary authentication is returned from the authentication server 104, the authentication processing unit 118 generates a storage request and transmits it to the storage server 105 by the transmission / reception processing unit 112 (step 5). The save request includes a save request command, request source information (address of the MFP 102), an electronic document, and temporary authentication. Then, the authentication processing unit 118 waits for reception of a storage destination pointer from the storage server 105 (step 6).

  When the storage destination pointer is returned from the storage server 105, the authentication processing unit 118 stores the received storage destination pointer in the data storage unit 111 in association with the index of the electronic document (step 7).

  Next, the authentication processing unit 118 checks whether or not there is a print designation (step 8). This print designation is input simultaneously with the authentication request instruction, for example. It is also possible to set this default.

  When there is no print designation (step 8, No), when the authentication request instruction is input from the operation unit 115, the recognition processing unit 118 causes the operation unit 115 to display display data indicating the provisional authentication, and the authentication request instruction. Is input from the PC 103, the display data is transmitted to the PC 103 and displayed on the display of the PC 103 (step 10).

  If there is a print designation (step 8, Yes), the recognition processing unit 118 uses the data processing unit 116 to generate image data (print image) obtained by combining the temporary authentication stamp in which the storage destination pointer is embedded in the image data of the electronic document. When the authentication request instruction is input from the operation unit 115, the print image is printed on the image forming unit 117. When the authentication request instruction is input from the PC 103, the print image is transmitted to the PC 103. Print with the printer (step 9). The storage destination pointer is embedded in the temporary authentication stamp as a barcode, for example. When step 9 or step 10 is executed, the processing related to the authentication request instruction is temporarily ended.

  As can be understood from the above description, the process A1 corresponds to an example of a “first processing stage” according to claim 1 or an example of a “first processing means” according to claim 6. . Then, step 1 is “a step of inputting an electronic document of a paper document related to an authentication request instruction”, step 2 is “a step of requesting the authentication server for authentication for guaranteeing the originality of the electronic document”, and steps 5 and 6 are “ Each of the steps corresponds to the step of storing the temporary authentication returned immediately from the authentication server to the storage server together with the electronic document indicating that the authentication request has been accepted. Steps 9 and 10 are related to claims 3 to 4 and 8 to 10 according to the steps of “Generating Image Data for Printing an Electronic Document with a Temporary Authentication Stamp and Printing the Image Data or Authentication Request Instructions”. This corresponds to “a step of transmitting to an external device as an input source”.

  Next, the process A2 will be described with reference to FIG. This process is a process executed in the authentication processing unit 118. The authentication processing unit 118 waits for reception of regular authentication from the authentication server 104 (step 22). When the authentication is received, the authentication processing unit 118 takes out one index from the queue A1, puts the index and authentication pair into another queue A2, and starts the process A3 (step 23). The queue A2 is also placed in the data storage unit 111. When the queue A1 becomes empty (step 21, Yes), the process A2 ends.

  Next, the process A3 will be described with reference to FIG. This process is a process executed in the authentication processing unit 118. The authentication processing unit 118 retrieves one index and authentication pair from the queue A2, retrieves a storage destination pointer corresponding to the index from the data storage unit 116, updates update command, request source information (address of MFP 102), and the storage. An update storage request composed of the destination pointer and the authentication is generated and transmitted to the storage server 105 (step 32). Then, it waits for reception of an end notification from the storage server 105 (step 33). When the end notification is returned, the process related to one authentication request instruction once completed in the process A1 is completed. Although not shown in FIG. 3C, if the storage destination pointer is included in the end notification from the storage server 105, the recognition processing unit 118 has received the storage destination pointer corresponding to the index. Rewrite with the save destination pointer. The process A3 ends when the queue A2 becomes empty (step 31, Yes).

  As can be understood from the above description, the processes A2 and A3 correspond to one embodiment of the second processing stage according to claim 1 or one embodiment of "second processing means" according to claim 6. .

  4A and 4B are flowcharts for explaining an example of a processing procedure in the authentication server 104.

  Reference is first made to FIG. The process B1 shown in this figure is a process of the authentication server 104, is always operating, and monitors reception of an authentication request (step 41). Upon receiving the authentication request, the processing unit 123 immediately generates a temporary authentication and transmits this temporary authentication to the requesting MFP 102 (step 42). The temporary authentication merely represents that the authentication request has been accepted, and can be generated in a short time. The request source is known from the request source information in the authentication request. Next, the processing unit 123 puts the received authentication request into the queue B1, and starts the process B2 shown in FIG. 4-2 (step 43). The queue B1 is placed in the data storage unit 122.

  Reference is now made to FIG. The process B2 shown in this figure is also a process of the processing unit 123. The processing unit 123 extracts one authentication request from the queue B1, executes the authentication process to generate regular authentication, and transmits this to the requesting MFP 102 (step 52). Specifically, precise time information is acquired from the clock unit in the control unit 121, and the digital signature for the hash value included in the time information and the authentication request is used by using the secret key of the authentication server 104. The generated electronic signature is transmitted to the requesting MFP 102 as a normal authentication (time stamp). However, when the authentication request includes not the hash value but the electronic document itself, the processing unit 123 generates a hash value of the electronic document. When the queue B1 becomes empty (step 51, Yes), the process B2 ends.

  5A and 5B are flowcharts for explaining an example of a processing procedure in the storage server 105.

  Reference is first made to FIG. The process C1 shown in this figure is a process of the storage server 105, is always operating, and monitors reception of a storage request (step 61). When the storage request is received, the processing unit 133 executes the storage process (step 62). Specifically, the electronic document and the temporary authentication included in the storage request are respectively encrypted and stored in the data storage unit 132. Such encryption prevents the stored data from being falsified. Then, the storage destination pointer of the encrypted data is transmitted to the requesting MFP 102 (step 63), and the reception of the storage request is awaited again (step 61).

  Refer to FIG. The process C2 shown in this figure is a process of the storage server 105, is always operating, and monitors reception of an update storage request (step 71). When the update storage request is received, the processing unit 133 executes an update storage process (step 73). That is, the corresponding temporary authentication in the data storage unit 132 is searched and decrypted by the storage destination pointer included in the update storage request, the temporary authentication is rewritten by regular authentication, and then encrypted again to re-encrypt the data storage unit. Return to 132. Alternatively, the regular authentication is encrypted and stored additionally. Then, a notification of completion of the update storage process is transmitted to the requesting MFP 102 (step 73). If the storage destination pointer is changed by the update storage processing, the storage destination pointer after the change is added to the end notification and returned to the MFP 102.

  Up to this point, it has been described that temporary authentication is issued by the authentication server 104, but temporary authentication can be issued inside the MFP 102 by specifying from the operation unit 115.

  In this case, the flow of processing is as shown in FIG. That is, the authentication processing unit 118 of the MFP 102 issues a temporary authentication indicating that an authentication request is being applied immediately after issuing an authentication request and transmitting it to the authentication server 104. The subsequent operation is as described above.

  In this case, the process flow of the process A1 is changed as shown in FIG. In other words, step 4 waiting for temporary authentication reception in FIG. 3A is replaced with step 4A for issuing temporary authentication.

  Also, as a matter of course, the processing flow of the process B1 of the authentication server 104 is changed as shown in FIG. 8, and the temporary authentication issue step 42 in FIG. 4-1 is omitted. In this way, the processing procedure of the authentication server 104 can be made standard without issuing temporary authentication.

  As is clear from the above description, the process A1 shown in FIG. 7 is an example of the “first processing stage” according to claim 2 or the “second processing means” according to claim 7. It corresponds to an example. Step 4A corresponds to “a step of generating temporary authentication indicating that an application for authentication is being applied”.

  Although not described so far, the authentication server 104 and the storage server 105 may be selected on the MFP 102 side. However, in this case, it is necessary to change the queue A1 for each authentication server and the queue A2 for each storage server.

[2] Description of processing and functional configuration when a print instruction for a stored electronic document is input Processing for printing an electronic document stored in the storage server 105 will be described. First, the flow of processing will be described. FIG. 9 is a sequence diagram schematically showing the flow of processing.

  (1) First, an index for searching a stored electronic document (stored in the data storage unit 111) is displayed on the operation unit 115 of the MFP 102 or the display of the PC 103, and the user of the operation unit 115 or the PC 103 prints it. The index of the electronic document to be specified is designated and a print instruction is input. The control unit 119 of the MFP 102 activates a process A5 shown in FIG.

  (2) The authentication processing unit 118 of the MFP 102 fetches the storage destination pointer corresponding to the designated index from the data storage unit 116 (step 91), and includes the transfer command, request source information (address of the MFP 102), and the storage destination pointer. A transfer request is generated and transmitted to the storage server 105 (step 92), and reception of data from the storage server 105 is awaited (step 93).

  (3) In the storage server 105, the process C3 shown in FIG. 5-3 is constantly operating and monitoring the reception of the transfer request (step 81). When the storage server 105 receives the transfer request, the processing unit 133 searches the electronic document and authentication (or temporary authentication) corresponding to the storage destination pointer included in the transfer request, decrypts it, and decrypts the request. To the MFP 102 (step 82).

  (4) When the electronic document and authentication (or temporary authentication) are returned from the storage server 104 to the MFP 102, the authentication processing unit 118 performs authentication (temporary authentication) in which the storage destination pointer and authentication (or temporary authentication) are embedded in the electronic document. (Authentication) The image processing unit 116 generates image data obtained by combining the stamps, and performs the printing process (step 94). That is, the image data is printed by the image forming unit 117 (when a print instruction is input from the operation unit 115), or the image data is transmitted to the PC 103 and printed by the printer of the PC 103 (the print instruction is received from the PC 103). If entered).

[3] Description of processing and functional configuration when an authentication verification instruction is input Authentication of an electronic document printed in the “processing related to authentication request instruction” described with reference to FIGS. 2 to 8, or FIG. Processing for verifying authentication of an electronic document printed with “print designation” described with reference to FIG. 10 will be described.

  FIG. 11 is a sequence diagram schematically showing the flow of the authentication verification process. The processing flow of the MFP 102 related to this processing is shown in FIG. 12, and the processing flow of the authentication server 104 is shown in FIGS. 13-1 and 13-2. FIG. 5C is a processing flow related to the storage server 105, which has already been described.

  (1) First, an authentication verification instruction is input to the MFP 102. Specifically, the user inputs an authentication request instruction from the operation unit 115 of the MFP 102. In this case, a print with a temporary authentication (authentication) stamp of the electronic document described above is set in the scanner unit 113 in advance. Alternatively, an authentication verification instruction can be input from the PC 103 to the MFP 102. In this case, the image data of the temporary authentication (authentication) stamped print is transmitted from the PC 103 to the MFP 102 following the authentication verification instruction.

  When the authentication verification instruction is input, the control unit 119 of the MFP 102 activates a process A6 illustrated in FIG.

  (2) The authentication processing unit 118 of the MFP 102 performs processing for obtaining a storage destination pointer of the document (step 101). That is, when an authentication verification instruction is input from the operation unit 115, the print is scanned by the scanner unit 113, the image data is input to the data processing unit 116, and an authentication verification instruction is input from the PC 103. In this case, the image data of the temporary authentication (authentication) stamped print received from the PC 103 is input to the data processing unit 116, and the data processing unit 116 stores the stamp embedded in the image data in the form of a barcode or the like. The destination pointer is extracted.

  (3) The authentication processing unit 118 of the MFP 102 generates a transfer request including the transfer command, request source information (address of the MFP 102), and the acquired storage destination pointer, and transmits the transfer request to the storage server 105 that is the storage destination ( Step 102) Waits for data reception from the storage server 105 (step 103).

  (4) The storage server 105 monitors reception of the transfer request (step 81). When the transfer request is received, the processing unit 133 searches the corresponding electronic document and authentication by the storage destination pointer included in the transfer request, decrypts it, and transmits it to the requesting MFP 102 (step 82).

  (6) Upon receiving the electronic document and the authentication from the storage server 104, the authentication processing unit 118 of the MFP 102 generates an authentication verification request including the authentication verification command, the request source information (address of the MFP 102), and the authentication. It transmits to the authentication server 104 of the authentication issuer recognized by the analysis of the authentication (or designated by default) (step 104). And it waits for reception of the verification result from the authentication server 104 (step 105).

  (7) In the authentication server 104, the process B5 is always operating and monitoring the reception of the authentication verification request (step 111). When receiving the authentication verification request, the control unit 121 of the authentication server 104 inputs the authentication verification request to the queue B5 and starts the process B6 shown in FIG. 13-2 (step 112). This process B6 is a process of the processing unit 123. The processing unit 123 extracts one authentication verification request from the queue B5 and executes the verification process (step 122). Specifically, the electronic signature in the authentication (time stamp) included in the authentication verification request is decrypted with the secret key, whether or not falsification has occurred is determined, and time information embedded in the time stamp is extracted.

  Then, the processing unit 123 transmits the determination result of the presence / absence of falsification and the time information as a verification result to the MFP 102 designated by the request source information in the authentication verification request (step 123). The process B6 ends when the queue B5 becomes empty (step 121, Yes).

  (8) When the MFP 102 receives the verification result from the authentication server 104, the authentication processing unit 118 checks whether or not there is a print designation (step 106), and selects the next process. This print designation is input simultaneously with the authentication request instruction input.

  If there is a print designation (step 106, Yes), the recognition processing unit 118 causes the data processing unit 116 to generate image data of the electronic document to which the authentication result is added, and causes the image data image forming unit 117 to print the image data (step 107). . However, when an authentication verification instruction is input from the PC 103, the image data is transmitted to the PC 103 and printed by the printer of the PC 103.

  When there is no print designation (step 106, No), the recognition processing unit 118 displays the authentication result on the operation unit 115 (step 108). However, when an authentication verification instruction is input from the PC 103, the authentication result is transmitted to the PC 103 and displayed on the display of the PC 103.

[4] Scanner unit 113 and image forming unit 117 of MFP 102
FIG. 14 is a schematic cross-sectional view illustrating an example of the configuration of the scanner unit 113 and the image forming unit 117 of the MFP 102.

  First, the scanner unit 113 will be described. The lower surface of the paper document placed on the contact glass 5 provided on the upper surface of the main body case 4 is scanned. Reference numeral 6 denotes a manuscript pressure plate 6 for pressing a paper document placed on the contact glass 5. A reading optical system 7 is provided below the contact glass 5. The reading optical system 7 includes a first traveling body 10 on which a light source 8 and a mirror 9 for illuminating a paper document are mounted, a second traveling body 13 on which two mirrors 11 and 12 are mounted, a CCD image sensor, and the like. The image sensor 15 and an imaging lens 14 for imaging the reflected light of the paper document guided by the mirrors 9, 11, and 12 on the image sensor 15. The reading scan of the paper document is performed while moving the first traveling body 8 and the second traveling body 13 in the right direction from the left end side (sub scanning). The main scanning of the reading scan is performed by the image sensor 15. Since the operation of the scanner unit having such a configuration is well known, further description is omitted.

  Next, the image forming unit 117 will be described. Reference numeral 17 denotes an electrophotographic printer engine, which is a photosensitive drum 21 and a laser scanning unit 23 for forming an electrostatic latent image by scanning the surface of the photosensitive drum 21 with a laser beam modulated by a recording signal. including. The sub-scan of the recording scan is performed by rotating the photosensitive drum 21 in the clockwise direction in the drawing. Around the photosensitive drum 21, a charger 22 for uniformly charging the surface of the photosensitive drum 21, a developing device 24 for developing toner with an electrostatic latent image formed on the photosensitive drum 21, and a photosensitive drum A transfer unit 25 for transferring the toner image on the sheet 21 to a sheet and a cleaner 26 for removing the toner remaining on the surface of the photosensitive drum 21 are arranged in this order. Reference numeral 16 denotes a cassette for storing paper, 18 denotes a fixing device for fixing the toner image on the paper, and 19 denotes a stacker for discharging the printed paper. The sheets are fed one by one from the cassette, conveyed between the photosensitive drum 21 and the transfer device 25 via the conveyance path 20, and further discharged through the fixing device 18 to the stacker 19. Since the operation of the image forming unit having such a configuration is well known, further description is omitted.

  The MFP 102 as an example of the information processing apparatus according to the present invention has been described in detail above. However, the information processing apparatus according to the present invention includes a computer that has an interface with the network 101 and can communicate with the authentication server 104 and the storage server 105. It can also be realized by using it. In this case, the programs for the processes A1, A2, and A3 shown in FIGS. 3-1 to 3-3 and FIG. 7 are installed in advance in, for example, a hard disk device provided in the computer, and the program is loaded into the main memory of the computer. By being executed by the CPU of the computer, the information processing method or the information processing apparatus according to claims 1 to 10 can be implemented and realized. Such a program corresponds to an embodiment of the program according to claims 11 and 12, and various kinds of information recording (storing) that can be read by a computer such as a magnetic disk, an optical disk, a magneto-optical disk, and a semiconductor storage element on which the program is recorded. ) The medium corresponds to a primary embodiment of the information recording medium according to claim 13.

It is a schematic block diagram for demonstrating the information processing system which concerns on one Embodiment of this invention, and its subsystem. FIG. 10 is a sequence diagram showing an operation flow when an authentication request instruction is input to the MFP. It is a flowchart of process A1 of MFP. 6 is a flowchart of process A2 of the MFP. It is a flowchart of process A3 of MFP. It is a flowchart of process B1 of an authentication server. It is a flowchart of process B2 of an authentication server. It is a flowchart of process C1 of a preservation | save server. It is a flowchart of process C2 of a preservation | save server. It is a flowchart of process C3 of a preservation | save server. FIG. 6 is a sequence diagram when issuing temporary authentication inside the MFP. 10 is a flowchart of a process A1 when a temporary authentication is issued inside the MFP. 10 is a flowchart of a process B1 in a case where temporary authentication is issued inside the MFP. FIG. 10 is a sequence diagram illustrating a flow of operations when a print instruction for a stored electronic document is input to an MFP. It is a flowchart of process A5 of MFP. FIG. 10 is a sequence diagram showing a flow of operations when an authentication verification instruction is input to the MFP. It is a flowchart of process A6 of MFP. It is a flowchart of process B5 of an authentication server. It is a flowchart of process B6 of an authentication server. 2 is a schematic cross-sectional view illustrating a configuration example of a scanner unit and an image forming unit of an MFP. FIG.

Explanation of symbols

101 Network 102 MFP (MFP)
103 Personal computer (PC)
104 Authentication server 105 Storage server

Claims (13)

In an information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, an authentication process returned from the authentication server, A first processing step of sequentially executing a process of storing temporary authentication to the effect that a request has been received together with the electronic document in the storage server, and temporarily ending processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing step of completing a process related to the authentication request instruction. In an information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, and provisional authentication indicating that an application for authentication is in progress A first processing step of sequentially executing the step of storing the temporary authentication together with the electronic document in the storage server and temporarily ending the processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing step of completing a process related to the authentication request instruction.   In the first processing stage, before temporarily ending the processing related to the authentication request instruction, a step of generating image data for printing the electronic document with a temporary authentication stamp and printing the image data is executed. The information processing method according to claim 1, wherein the information processing method is performed.   In the first processing step, before temporarily ending the processing related to the authentication request instruction, image data for printing the electronic document with a temporary authentication stamp is generated, and the image data is stored in the authentication request instruction The information processing method according to claim 1, wherein a step of transmitting to an external device as an input source is executed.   5. The information processing according to claim 3, wherein a storage destination pointer returned from the storage server in the step of storing the temporary authentication together with the electronic document in the storage server is embedded in the temporary authentication stamp. Method. An information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, an authentication process returned from the authentication server, First processing means for sequentially executing a process of storing temporary authentication to the effect that a request has been received in the storage server together with the electronic document, and temporarily ending processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing means for completing the process relating to the authentication request instruction. An information processing apparatus capable of communicating with an authentication server and a storage server,
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, and provisional authentication indicating that an application for authentication is in progress A first processing means for sequentially executing a step of storing the temporary authentication together with the electronic document in the storage server, and temporarily ending the processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication And a second processing means for completing the process relating to the authentication request instruction.   The first processing unit generates image data for printing the electronic document with a temporary authentication stamp and temporarily prints the image data before temporarily ending the processing related to the authentication request instruction. The information processing apparatus according to claim 6 or 7, wherein:   The first processing means generates image data for printing the electronic document with a temporary authentication stamp before temporarily ending the processing related to the authentication request instruction, and uses the image data as the authentication request instruction The information processing apparatus according to claim 6, wherein a process of transmitting to an input source external apparatus is executed.   10. The information processing according to claim 8, wherein a storage destination pointer returned from the storage server in the step of storing the temporary authentication together with the electronic document in the storage server is embedded in the temporary authentication stamp. apparatus. A computer capable of communicating with the authentication server and storage server;
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document into the memory, a step of requesting the authentication server to authenticate the originality of the electronic document, returned from the authentication server, First processing means for sequentially executing a process of storing temporary authentication to the effect that a request for authentication has been received in the storage server together with the electronic document, and temporarily ending processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication A program for executing the step of additionally storing and functioning as second processing means for completing the processing related to the authentication request instruction. A computer capable of communicating with the authentication server and storage server;
When an authentication request instruction is input, at least a step of inputting an electronic document of a paper document into the memory, a step of requesting authentication for guaranteeing the originality of the electronic document to the authentication server, an application for authentication A first processing unit that sequentially executes a step of generating temporary authentication, a step of storing the temporary authentication in the storage server together with the electronic document, and temporarily ending the processing related to the authentication request instruction;
When authentication for guaranteeing the originality of the electronic document is returned from the authentication server, at least the storage server stores the authentication instead of the temporary authentication stored with the electronic document or the authentication A program for executing a step of additionally storing and functioning as a second processing step for completing the processing relating to the authentication request instruction.   A computer-readable information recording medium on which the program according to claim 11 or 12 is recorded.

Images