JP5321293B2 - Information processing apparatus, method for executing authentication processing, method for setting authentication processing, and authentication processing program - Google Patents

Description

  The present invention relates to an information processing apparatus capable of performing authentication processing for a print job, a method for executing the authentication processing, a method for setting the authentication processing, and an authentication processing program directed to them.

  Conventionally, printers or multifunction peripherals (Multi Function Peripheral, hereinafter also referred to as “MFP”) capable of security printing have appeared. Secure printing is a function that enables print output when a password is set from the printer driver during printing and the password can be entered on the panel of the printer body.

  This function is increasingly used in the trend of enhancing information security in the world.

  However, in many cases, the user has to use the same password that has been set in the printer driver in the past, but it is necessary to enter the same password every time it prints, which is very inconvenient. .

  In particular, neither a printer nor an MFP has a hard key keyboard on the operation panel, and there are many models that require input using a software keyboard or the like, which takes time and is inconvenient.

  In order to solve this problem, it is also possible to use an IC card as described in JP-A-2005-335282 (Patent Document 1). Specifically, a method has been proposed in which authentication information is registered in an IC card, the authentication information registered in the IC card is read, personal authentication is performed, and print processing is performed.

  However, it is necessary to provide a function for reading an IC card in a printer or MFP, and there is a problem that the cost increases.

  On the other hand, as a simple authentication method, in Japanese Patent Laid-Open No. 2003-228553 (Patent Document 2), an authentication method for selecting an image (registered image) stored in a storage unit by a user from a plurality of pieces of image information. Has been proposed.

JP 2005-335282 A JP 2003-228553 A

  However, in the case of security printing, if print output is executed simply by selecting one piece of image information from a plurality of pieces of image information, there is a possibility that security will be weakened.

  The present invention has been made to solve the above-described problems, and can provide user convenience while suppressing an increase in cost, and can secure necessary security according to a print target. An object is to provide an information processing apparatus, a method for executing authentication processing, a method for setting authentication processing, and an authentication processing program.

  An information processing apparatus according to the present invention includes an authentication processing unit that can provide both a first authentication method and a second authentication method that is simpler than the first authentication method, and a target print job. In contrast, when it is determined that a relatively high security is required for the target print job, a determination unit that determines whether relatively high security is required, and an authentication processing unit, Prohibiting means for prohibiting the provision of the second authentication method for the print job.

In the information processing apparatus according to the present invention, the authentication processing means performs the first authentication for the preceding print job for a plurality of print jobs in which the same authentication information is registered in association with the first authentication method. And a means for providing a second authentication method for the subsequent print job on the condition that the authentication based on the method is successful, and the prohibiting means determines that a relatively high security is required for the preceding print job. If the authentication is based on the first authentication method, the second authentication method is prohibited from being provided for the subsequent print job.

  Preferably, the information processing apparatus further includes a display unit that displays an authentication screen, and the prohibiting unit does not cause the display unit to display content related to the second authentication method.

  Preferably, the information processing apparatus further includes an input unit that receives authentication information input by a user, and the prohibiting unit does not receive authentication information related to the second authentication method by the input unit.

  Preferably, the determination unit determines that a relatively high security is required when at least one of a copy prevention copy-forgery-inhibited pattern and a watermark is added to the print document included in the target print job. .

  Preferably, the determination unit determines that relatively high security is required when a predetermined number or more of character strings related to security are assigned to the print document included in the target print job.

  An information processing apparatus according to another aspect of the present invention can set both a first authentication method and a second authentication method that is simpler than the first authentication method for a print job. Authentication setting means, determination means for determining whether or not relatively high security is required for the print job, and authentication when it is determined that relatively high security is required for the print job And a prohibiting unit that prohibits the setting unit from setting the second authentication method for the print job.

  Preferably, the information processing apparatus further includes: a print setting unit that performs settings related to printing according to a user operation; and a generation unit that generates a print job according to the content set by the print setting unit. The prohibiting means prohibits acceptance of authentication information related to the second authentication method by the print setting means, including means for receiving authentication information related to the first authentication method and authentication information related to the second authentication method.

  More preferably, the print setting means further includes means for displaying a screen for performing settings relating to printing, and the prohibiting means includes the authentication information relating to the second authentication method on the screen for performing settings relating to printing. The contents related to acceptance are not displayed.

  Alternatively, more preferably, the print setting means further includes means for displaying a screen for performing settings relating to printing, and the prohibiting means is configured to input the authentication information related to the second authentication method when the user attempts to input authentication information. Notify on the screen that authentication information entry is prohibited.

  Preferably, the determination unit determines that relatively high security is required when the security setting is set by the print setting unit.

  Alternatively, preferably, it is determined that relatively high security is required when a predetermined security attribute is assigned to data that is a source for generating a print job.

Preferably, said means are provided by execution of a printer driver.
Preferably, the first authentication method and the second authentication method differ in at least one level of authentication accuracy and user convenience.

According to still another aspect of the present invention, a method for executing an authentication process using an information processing apparatus is provided. This method includes the following steps executed by the information processing apparatus, and the following steps include the step of providing the first authentication method and whether relatively high security is required for the target print job. In addition to the first authentication method, it is simpler than the first authentication method when it is determined that a relatively high security is not required for the target print job. Providing a second authentication method, and prohibiting the provision of the second authentication method when it is determined that relatively high security is required for the target print job. In the step of providing the second authentication method, authentication based on the first authentication method for the preceding print job is performed for a plurality of print jobs in which the same authentication information is registered in association with the first authentication method. Is provided, a second authentication method for subsequent print jobs is provided. In the step of prohibiting the provision of the second authentication method, if it is determined that relatively high security is required for the subsequent print job, even if the authentication based on the first authentication method is successful, Providing the second authentication method for the subsequent print job is prohibited.

  According to still another aspect of the present invention, a method for setting an authentication process using an information processing apparatus is provided. The method includes the following steps executed by the information processing apparatus, and the following steps require setting a first authentication method for the print job and relatively high security for the print job. The first authentication method in addition to the first authentication method for the print job when it is determined that relatively high security is not required for the print job. Setting a second authentication method that is simpler than the method, and setting a second authentication method for the print job when it is determined that relatively high security is required for the print job. Forbidden steps.

According to still another aspect of the present invention, an authentication processing program executed by a computer including a processor is provided. The authentication processing program includes an authentication processing unit capable of providing both a first authentication method and a second authentication method that is simpler than the first authentication method, and a target print job. If it is determined that a relatively high security is required for the target print job, a determination unit that determines whether relatively high security is required for the authentication processing unit And function as a prohibiting unit that prohibits the provision of the second authentication method for the print job. The authentication processing means is provided on the condition that the authentication based on the first authentication method for the preceding print job is successful for a plurality of print jobs in which the same authentication information is registered in association with the first authentication method. And providing a second authentication method for subsequent print jobs. In the case where it is determined that relatively high security is required for the subsequent print job, the prohibiting unit determines whether the second print job for the subsequent print job is valid even if the authentication based on the first authentication method is successful. Prohibiting the provision of authentication methods.

  According to still another aspect of the present invention, an authentication processing program executed by a computer including a processor is provided. This authentication processing program is an authentication setting unit that allows a computer to set both a first authentication method and a second authentication method that is simpler than the first authentication method for a print job. A determination unit that determines whether or not relatively high security is required for the print job, and an authentication setting unit that determines that relatively high security is required for the print job. On the other hand, it functions as a prohibiting unit that prohibits the setting of the second authentication method for the print job.

  According to the present invention, it is possible to provide user convenience while suppressing an increase in cost, and to secure necessary security according to a print target.

It is a block diagram which shows the outline | summary of the information processing system according to Embodiment 1 of this invention. 1 is a block diagram showing a schematic configuration of an MFP according to a first embodiment of the present invention. It is a block diagram which shows schematic structure of the personal computer (PC) according to Embodiment 1 of this invention. It is a flowchart which shows the procedure of the print job production | generation process in PC according to Embodiment 1 of this invention. It is a figure which shows an example of the print setting screen 40 displayed on the display part of PC according to Embodiment 1 of this invention. It is a figure which shows an example of the registration screen of the authentication information at the time of performing the security printing displayed on the display part of PC according to Embodiment 1 of this invention. It is a functional block diagram of an authentication processing unit of the MFP according to the first embodiment of the present invention. It is a figure which shows an example of the authentication table stored in the data storage part for authentication shown in FIG. 5 is a flowchart showing a security printing process in the MFP according to the first embodiment of the present invention. It is a figure which shows an example of the process screen of security printing according to Embodiment 1 of this invention. It is a figure which shows an example of the security document according to Embodiment 1 of this invention. It is a flowchart which shows the password authentication process shown to FIG.10 S30. It is a figure which shows an example of the content change of the authentication table at the time of performing the password authentication process shown in FIG. It is a flowchart which shows the password image authentication process shown to step S28 of FIG. It is a figure which shows an example of the process screen of the password image authentication process shown to step S28 of FIG. It is a figure which shows an example of the content change of the authentication table at the time of performing the password image authentication process shown in FIG. It is a flowchart which shows the password image authentication process according to the modification 1 of Embodiment 1 of this invention. It is a flowchart which shows the password authentication process according to the modification 2 of Embodiment 1 of this invention. It is a figure which shows an example of the process screen of security printing according to the modification 2 of Embodiment 1 of this invention. It is a block diagram which shows the outline | summary of the information processing system according to Embodiment 2 of this invention. It is a functional block diagram provided by the print driver executed by the PC according to the second embodiment of the present invention. It is a flowchart which shows the procedure of the print job production | generation process in PC according to Embodiment 2 of this invention. It is a figure which shows an example of the registration screen of the authentication information at the time of performing the security printing displayed on the display part of PC according to Embodiment 2 of this invention. FIG. 24 is a diagram (part 1) illustrating a print setting screen for setting more detailed contents of the print setting screen illustrated in FIG. 23; FIG. 24 is a view (No. 2) showing a print setting screen for setting more detailed contents of the print setting screen shown in FIG. 23; It is a figure which shows the print setting screen displayed on the display part of PC according to Embodiment 2 of this invention. It is a functional block diagram of the authentication process part of MFP according to Embodiment 2 of this invention. It is a flowchart which shows the security printing process in MFP according to Embodiment 2 of this invention. It is a figure which shows an example of the processing screen of the security printing according to Embodiment 2 of this invention. It is a functional block diagram of the authentication process part of MFP according to the modification 1 of Embodiment 2 of this invention. It is a figure which shows an example of the authentication table stored in the data storage part for authentication shown in FIG. It is a flowchart which shows the security printing process in MFP according to Embodiment 2 of this invention. It is a flowchart which shows the normal password authentication process shown to step S158 of FIG. It is a figure which shows an example of the content change of the authentication table at the time of performing the password authentication process shown in FIG. It is a flowchart which shows the simple password authentication process shown to step S156 of FIG. It is a figure which shows an example of the content change of the authentication table at the time of performing the simple password authentication process shown in FIG.

  Embodiments of the present invention will be described in detail with reference to the drawings. Note that the same or corresponding parts in the drawings are denoted by the same reference numerals and description thereof will not be repeated.

[Embodiment 1]
<Overall configuration>
FIG. 1 is a configuration diagram showing an overview of an information processing system 1 according to the first embodiment of the present invention. Referring to FIG. 1, here, a typical example of an information processing apparatus, a configuration in which a personal computer (hereinafter also simply referred to as a PC) 100 and an MFP 20 are connected via a LAN (Local Area Network) 17 is shown. Has been.

  The PC 100 and the MFP 20 are connected so as to be able to exchange data with each other via the LAN 17. In the first embodiment, image data created on an application executed on the PC 100 is sent to the MFP 20 as a print job. Send. The MFP 20 receives the print job transmitted from the PC 100 and executes print processing.

  Note that, here, a configuration in which one PC is connected to the LAN 17 as a terminal device will be described, but the number is not limited to one, and it is sufficient that there is at least one or more. Moreover, not only LAN but WAN (Wide Area Network) etc. may be sufficient.

<Hardware configuration>
FIG. 2 is a block diagram showing a schematic configuration of MFP 20 according to the first embodiment of the present invention. Referring to FIG. 2, MFP 20 according to the first embodiment of the present invention includes HDD (hard disk drive) 2, authentication processing unit 4, ROM (Read Only Memory) 6, RAM (Random Access Memory) 8, A CPU (Central Processing Unit) 10, a network card 12, a FAX modem 14, a scanner unit 16, a printer unit 18, and an operation panel 19 are included. Each unit is connected by an internal bus and can exchange data with each other.

  The HDD 2 is a storage device that stores various data in a nonvolatile manner. The authentication processing unit 4 is a part for executing an authentication process described later. The ROM 6 is a storage device that stores a software program used for realizing a predetermined function in the MFP 20 in a nonvolatile manner. The RAM 8 is a storage device that stores various data in a volatile manner, and is used as a work area for the CPU 10. The CPU 10 controls the entire MFP 20 and outputs predetermined instructions to each unit. The network card 12 is an interface connected to the external LAN 17 and receives, for example, a print job from the PC 100. The received print job is stored in the RAM 8. That is, the network card 12 functions as a receiving unit that receives a print job from the outside. Then, the print data (drawing data) included in the print job stored in the RAM 8 is expanded, and the print data is printed on a predetermined sheet. The FAX modem 14 provides a FAX function such as transmission / reception of FAX data with other MFPs. The scanner unit 16 reads a document set on a loading table (not shown) and acquires image data. The printer unit 18 prints image data on a predetermined sheet. The operation panel 19 functions as display means and input means, accepts various operation inputs by the user, and displays various setting information. More specifically, the operation panel 19 displays an authentication screen and accepts authentication information input by the user.

  FIG. 3 is a block diagram showing a schematic configuration of PC 100 according to the first embodiment of the present invention. Referring to FIG. 3, PC 100 according to the first embodiment of the present invention is configured to include a main body, display means, and input means.

  The display unit 206 functions as a display unit and displays various information screens. The input unit 209 functions as an input unit, and includes a keyboard that is a key input unit, a mouse that is a pointing device, and the like.

  In addition, in this example, although the display part 206 and the input part 209 are demonstrated as what is comprised integrally, you may be comprised separately. The display unit 206 may be a liquid crystal display device, a CRT (Cathode Ray Tube) display device, a plasma display device, or a device capable of displaying. Anything is fine.

  The main unit includes a CPU 201 for executing various programs including an operating system (OS), a RAM 212 for temporarily storing data necessary for executing the program portion of the CPU 201, a program executed by the CPU 201, It includes an HDD 211 that stores data in a nonvolatile manner and a ROM 213 in which a program executed by the CPU 201 is stored in advance. The ROM 213 or the HDD 211 stores basic software (OS) in advance, and various applications are executed by executing the OS.

  The HDD 211 stores a printer driver that is a software program for transmitting a print job to the MFP 20, and functions described later are realized by the CPU 201 reading the printer driver.

  Such a program is read from a flexible disk 317a or a CD-ROM 315a by a FD drive 217 or a CD-ROM (Compact Disc-Read Only Memory) drive 215, respectively. The read program is stored in the HDD 211 and used.

  The CPU 201 receives an instruction from the user via the input unit 209 and outputs a screen output generated by executing the program to the display control unit 205. The display control unit 205 outputs screen output to the display unit 206. Further, the CPU 201 transmits a print job to the MFP 20 connected to the LAN 60 (or WAN or the like) via a network interface card (NIC) 207 including a LAN card or the like. The above-described units exchange data with each other via the internal bus 203.

<Print job generation processing>
First, generation processing of a print job transmitted from the PC 100 to the MFP 20 will be described. FIG. 4 is a flowchart showing a procedure of print job generation processing in PC 100 according to the first embodiment of the present invention.

  Referring to FIG. 4, first, CPU 201 (FIG. 3) of PC 100 determines whether or not the printer driver is activated (step S2). Specifically, the CPU 201 determines whether or not there has been a printer driver activation instruction using a mouse or a keyboard. If the CPU 201 determines that the printer driver has been activated, then the CPU 201 performs printing as shown in FIG. A setting screen is displayed (step S3).

  FIG. 5 is a diagram showing an example of the print setting screen 40 displayed on the display unit 206 of the PC 100 according to the first embodiment of the present invention. The print setting screen 40 shown in FIG. 5 is provided by the activated printer driver. In this print setting screen 40, it is possible to set a plurality of various setting items related to the printing environment setting. Specifically, for example, a plurality of tabs classified for each setting item provided in the upper part are displayed. By specifying with a mouse or a keyboard as a pointing device, settings relating to various printing environments can be executed. Further, by specifying various tabs or setting items with a mouse or the like, it is possible to select, for example, print paper, set image quality, or the number of copies to be printed.

  In this example, as an example, various setting items when a “basic setting” tab related to basic settings is designated are displayed.

  For example, as an example, items for setting the orientation of the document and the document size are provided. Also, an item button 116 relating to the setting of the output method is shown. By specifying the item button 116, the user can set various output methods such as “normal printing” and “security printing” by using a pull-down menu, for example. It is possible to perform a change operation. In the first embodiment, a case where security printing is set as an output method setting item using a mouse as a pointing device will be described.

  “Normal” printing differs from normal printing in that authentication information such as a password is set when a print job is transmitted, and an image included in the print job is entered and verified on the panel of the MFP 20. This function allows data to be printed out. With this function, it is possible to avoid the problem that the print job is executed and the print output is left and the content leaks.

  Here, an “apply” item button is provided in the lower area of the print setting screen 40. When the user designates the apply button 122 with a mouse or the like as a pointing device, the set content, that is, security printing is set in this example.

  Referring to FIG. 4 again, next, CPU 20 determines whether or not a security printing function is selected (step S4). Specifically, the CPU 20 can determine whether or not the setting item of the output method on the print setting screen 40 is designated as security printing using the mouse.

  If it is determined in step S4 that the security printing function has been selected (YES in step S4), the CPU 20 then displays a registration screen as shown in FIG. 6 (step S5).

  FIG. 6 is a diagram showing an example of the authentication information registration screen 124 when executing the security printing displayed on the display unit 206 of the PC 100 according to the first embodiment of the present invention. Referring to FIG. 6, here, a case is shown in which input fields 126 and 128 for inputting a user ID registered as authentication information used when executing security printing and a password are provided. As described above, it is assumed that the registration screen 124 is displayed by specifying the apply button 122 on the print setting screen 40 in FIG.

  It is possible to input a user ID in the input field 126 using a keyboard or the like, and input a password in the input field 128 using a keyboard or the like.

  Here, an item button “setting” is provided in the lower area of the registration screen 124. When the user designates the item button 130 with a mouse or the like as a pointing device, it is set as authentication information in secure printing.

  On the other hand, by designating the “cancel” button 132, it is possible to end the processing without setting authentication information on the security printing registration screen.

  Referring to FIG. 4 again, next, CPU 20 determines whether or not there is an input of a user ID and a password (step S6). Specifically, the determination is made based on whether or not there is an input in the input fields 126 and 128 on the registration screen and the item button “setting” is designated.

  If it is determined in step S6 that the user ID and password are input (YES in step S6), the CPU 201 next sets authentication information (step S7).

  Next, it is determined whether or not a print job is transmitted (step S8). Specifically, the determination is made based on whether or not the user has designated the print button 120 with the mouse or the like as a pointing device on the print setting screen 40 in FIG. If specified (YES in step S8), a print job is transmitted from the PC 100 to the MFP 20 and the process ends (END).

<Functional configuration that provides password image authentication>
Next, an authentication method (hereinafter also referred to as “password image authentication”), which is set when a security print job is transmitted from the PC 100 to the MFP 20 a plurality of times, will be described. Briefly explaining this password image authentication, the password authentication based on the password assigned to the security print job is executed at the first authentication, and the subsequent authentication is performed at the first authentication. Password image authentication based on an image (authentication information) registered by the user is executed. That is, for a print job, both the first authentication method (normal password authentication method) and the second authentication method (password image authentication method) simpler than the first authentication method are available. It can be set.

  In other words, a normal password authentication method and a password image authentication method differ in at least one level of authentication accuracy (security level) and user convenience (usability).

  FIG. 7 is a functional block diagram of authentication processing unit 4 of MFP 20 according to the first embodiment of the present invention. Referring to FIG. 7, the authentication processing unit 4 includes an authentication method selection unit 30, a password authentication unit 32, a password image authentication unit 34, an authentication data storage unit 36, a password image setting unit 38, and a security document. And a detection unit 39.

  The authentication method selection unit 30 selects authentication processing in the password authentication unit 32 or authentication processing in the password image authentication unit 34. The password authentication unit 32 performs password authentication in accordance with an input instruction from the user. The password image authentication unit 34 performs image authentication in accordance with an input instruction from the user. The authentication data storage unit 36 has an authentication table in which authentication data used for authentication is stored. The password image setting unit 38 sets an image used in the password image authentication unit 34, which will be described later. The security document detection unit 39 determines whether or not the received print job is a security document, and notifies the authentication method selection unit 30 of the determination result.

  That is, the security document detection unit 39 corresponds to a determination unit that determines whether relatively high security is required for the print job. The password authentication unit 32 and the password image authentication unit 34 correspond to an authentication processing unit that executes an authentication process based on an authentication method set for a target print job based on authentication information input. Further, when the authentication method selection unit 30 and the security document detection unit 39 determine that a relatively high security is required for any print job, provision of a password image authentication method for the print job is prohibited. It also functions as a prohibition means.

  FIG. 8 is a diagram showing an example of an authentication table stored in the authentication data storage unit 36 shown in FIG. Referring to FIG. 8, the authentication table includes, as registration items, a user ID, a password, a password image, an on / off of a password image authentication function, and an authentication time.

  Specifically, the case where “Alice”, “Bob”, “Charlie”, “David”, “Erik”, and “Fred” are registered as user IDs is shown.

  As an example, in correspondence with the user ID “Alice”, the password is “Ow8gcA”, the password image is “none”, the password image authentication function is turned “off”, and the authentication time is “08/12/14 17:03: The case where it is registered as “15” is shown. As will be described later, ON / OFF of the password image authentication function is a flag for determining whether or not to execute password image authentication. As will be described later, the authentication time is used to determine the elapsed time from the previous authentication.

  Further, as another registration content, the password is “wQ9DspX”, the password image is “Yes (image object 310 in FIG. 10)”, and the password image authentication function is “on”, corresponding to the user ID “Bob”. The case where the authentication time is registered as “09/1/7 11:20:34” is shown.

  Note that the password stored in the authentication table may be encrypted instead of being kept in plain text.

<Print job print output processing>
FIG. 9 is a flowchart showing a security printing process in MFP 20 according to the first embodiment of the present invention. FIG. 10 is a diagram showing an example of a security printing processing screen according to the first embodiment of the present invention. FIG. 11 is a diagram showing an example of a security document according to the first embodiment of the present invention.

  Referring to FIG. 9, first, CPU 10 determines whether a security printing function has been selected (step S12). It is determined whether or not the security printing function has been selected by executing a predetermined operation on an operation key provided on the operation panel 19 (not shown).

  If it is determined that the security printing function has been selected (YES in step S12), an ID selection screen is displayed (step S14). Specifically, the authentication method selection unit 30 described with reference to FIG. 7 reads the authentication table stored in the authentication data storage unit 36 and displays the registered ID on the operation panel 19 as an ID selection screen. .

  FIG. 10A shows an example of ID selection screen 300 according to Embodiment 1 of the present invention. Referring to FIG. 10A, here, a case where six registered IDs are displayed is shown. The user specifies an item corresponding to his / her ID (user name in this example) via the touch panel.

  Here, as an example, a case where a registration ID item 302 displayed as “Bob”, which is a user name, is provided, and in this example, a case where the “Bob” is specified will be described. .

  Again referring to FIG. 9, it is next determined whether or not there is ID selection (step S16). Specifically, the authentication method selection unit 30 determines whether or not an item corresponding to the ID has been designated on the ID selection screen described above.

  Next, when it is determined that there is ID selection (YES in step S16), it is determined whether there is a security print job for the selected ID (step S18). Specifically, the authentication method selection unit 30 determines whether a secure print job corresponding to the specified ID stored in the RAM 8 has been received.

  If it is determined that there is a security print job for the selected ID (YES in step S18), authentication method selection unit 30 next determines whether the passwords are the same (step S20). Specifically, does the password set as the authentication information in the security print job match the password in the authentication table stored in the authentication data storage unit 36 corresponding to the user ID selected above? Judge whether.

  If it is determined that the passwords are the same (YES in step S20), it is next determined whether or not the password image authentication function is on (step S22). Specifically, the authentication method selection unit 30 checks the on / off flag of the password image authentication function of the corresponding ID in the authentication table.

  If it is determined that the password image authentication function is on (YES in step S22), it is determined whether it is within 2 hours from the previous authentication (step S24). Specifically, the authentication method selection unit 30 refers to the authentication time of the corresponding ID in the authentication table and determines whether it is within 2 hours from the previous authentication based on the comparison with the current time.

  If it is determined that it is within 2 hours from the previous authentication (YES in step S24), it is determined whether the target print job is a security document (step S26). Specifically, the security document detection unit 39 determines whether the document is a security document based on the substantial contents of the print document included in the print job to be printed (step S26).

  As exemplified in FIG. 11A, a security document in this specification typically includes a character string such as “Confidential” or “Mal secret” indicating that the document should be concealed in a header or footer. Includes those granted. In addition, a character string indicating such a security document may be embedded as a watermark in the background of the document as illustrated in FIG. 11B. Furthermore, as shown in FIG. 11C, a copy-protection copy-forgery-inhibited pattern, that is, a fine dot such as the background of the document, is added, and when the document is copied, a “Confidential” In some cases, a function that makes a character string appear is adopted.

  Whether or not such a security document is included in the print job is determined using a known OCR (Optical Character Reader) technique when the print job is image data (raster data). . That is, it is determined whether or not a security-related keyword (Confidential, confidential, secret, confidential) is included in the header or footer. If any security-related keyword is included, it is determined as a security document. To do.

  For a watermark as shown in FIG. 11B, it is determined whether or not a keyword related to security is included by using the method described in Japanese Patent Laid-Open No. 2001-127976. Further, for the copy-forgery-inhibited pattern as shown in FIG. 11C, it is determined whether or not a security-related keyword is included by using the method described in Japanese Patent Laid-Open No. 2006-121200.

  As described above, when at least one of the copy-prevention copy-forgery-inhibited pattern and the watermark is added to the print document included in the target print job, it is determined that relatively high security is required.

  Further, not only the header and footer but also the OCR technology is used to determine whether or not the appearance frequency and the number of appearances of security-related keywords (for example, confidential) included in the entire document character satisfy a predetermined condition. If the condition is satisfied, it may be determined that the target print job is a security document.

  As described above, when a predetermined number or more of character strings related to security are assigned to the print document included in the target print job, it is determined that relatively high security is required.

  Further, when a print job is generated to print out various files, the file attribute of the print source (for example, when printing a PDF (Portable Document Format) file, as an attribute of the PDF file) Whether or not the document is a security document may be determined based on whether or not the password is set to be requested when the file is opened.

  As described above, when a predetermined security attribute is given to the print target data, it is determined that relatively high security is required.

  Again referring to FIG. 9, if it is determined that the document is not a security document (NO in step S26), password image authentication is executed (step S28). Specifically, the authentication method selection unit 30 instructs the password image authentication unit 34 to execute password image authentication. Password image authentication will be described later.

  On the other hand, when it is determined that the security printing function is not selected (NO in step S12), the process proceeds to step S32. If it is determined in step S18 that there is no security print job for the selected ID (NO in step S18), the process also proceeds to step S32. In step S32, the normal print job is printed out. Then, the process ends (END).

  If it is determined that there is no ID selection (NO in step S16), the process ends (END). For example, when the Stop button or the like is pressed, the security printing process is terminated.

  In contrast, if the passwords are not the same in step S20 (NO in step S20), the process proceeds to step S30. If it is determined in step S22 that the password image authentication function is not on, that is, it is off (NO in step S22), the process proceeds to step S30.

  If it is determined in step S24 that it is not within two hours from the previous authentication (NO in step S24), the process proceeds to step S30. With this process, the expiration date of the password image can be set to 2 hours, and security can be ensured.

  In this example, the time is 2 hours as an example, but is not limited to this time, and can be arbitrarily set in consideration of security. It is also possible to determine whether or not it is the same day, or it may be determined based on whether or not a predetermined condition is satisfied by providing a past authentication time as a history. However, in this embodiment, when the print job is a security document as will be described later, the password image authentication function is turned off to ensure security. Therefore, the expiration date of the password image shown in step S24 It is not necessary to define.

  If it is determined in step S26 that the document is a security document (YES in step S26), the process proceeds to step S30. With this processing, when the print job is a security document, it is possible to ensure security by turning off the password image authentication function. In step S30, password authentication is executed (step S30).

<Password authentication process>
FIG. 12 is a flowchart showing the password authentication process shown in step S30 of FIG. FIG. 13 is a diagram showing an example of changes in the contents of the authentication table when the password authentication process shown in FIG. 12 is executed.

  Referring to FIG. 12, first, a password input screen is displayed (step S40). Specifically, the password authentication unit 32 displays a password input screen on the operation panel 19 in response to an instruction from the authentication method selection unit 30.

  FIG. 10B shows an example of password input screen 308 according to Embodiment 1 of the present invention. Referring to FIG. 10B, here, a case where an input field 304 for inputting a password using a software keyboard screen is provided together with a display of “Please enter a password” is shown. . The user inputs the password registered by himself / herself in the input field 304 using the screen of the software keyboard.

  FIG. 10C shows a case where the password is entered in the input field 304 using the screen of the software keyboard. Then, the execution button 306 is pressed. Thereby, password authentication processing is started.

  Referring again to FIG. 12, it is then determined whether or not a password has been input (step S42). Specifically, the password authentication unit 32 determines whether or not the password is input in the input field 304 and the execution button 306 is pressed on the password input screen 308 described above.

  If it is determined that a password has been input (YES in step S42), it is then determined whether authentication is OK (step S44). Specifically, the password authentication unit 32 determines whether or not the password input in the input field 304 matches the password registered in the authentication table. If they match, it is determined that the authentication is OK.

  If it is determined that the authentication is OK (YES in step S44), a printout is made (step S46). Specifically, a security print job is executed, and the printer unit 18 develops image data included in the job and prints it on paper.

  Then, the fact that the authentication has been successful is notified (step S48). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has been successful.

  Next, a password image is displayed (step S50). The password authentication unit 32 instructs the password image setting unit 38 to set a password image. The password image setting unit 38 arbitrarily sets one password image from a plurality of password images and outputs the password image to the password authentication unit 32. Then, the password authentication unit 32 displays the password image set by the password image setting unit 38 on the operation panel 19. The password image can be displayed for a predetermined period, for example, about 1 second, and can be deleted, or can be deleted at any timing of the user.

  FIG. 10 (D) shows a case where a password image according to the first embodiment of the present invention is displayed. Referring to FIG. 10D, here, a case where the image object 310 is displayed as “your password image” is displayed together with the display of “authenticated successfully”. The image object is registered as an authentication key used in password image authentication described later.

  Referring to FIG. 12 again, next, the password image and the authentication time are stored, and the password image authentication function is set to ON (step S52). Specifically, the password authentication unit 32 sets the displayed image object as a password image, sets the time when authentication is successful as the authentication time, turns on the password image authentication function, and sets the authentication table of the authentication data storage unit 36. Register in the corresponding ID field. Then, the process ends (END).

  On the other hand, if it is determined in step S42 that no password has been entered (NO in step S42), a notification that authentication has failed is sent (step S54). In step S44, even if the authentication is NG (NO in step S44), the fact that the authentication has failed is notified (step S54). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has failed. With this processing, the CPU 10 can ensure security by prohibiting the use of the functions of the MFP 20 for a user who has failed authentication.

Then, the process ends (END).
Referring to FIG. 13A, here, in correspondence with the user ID “Alice”, the password is “Ow8gcA”, the password image is “none”, the password authentication function is “off”, and the authentication time is “off”. 08/12/14 17:03:15 ”is registered.

  Then, referring to FIG. 13B, next, in correspondence with the user ID “Bob”, the password is “wQ9DspX”, the password image is “present (image object 310 in FIG. 10)”, and the password authentication function The case where ON / OFF is registered as “ON” and the authentication time is registered as “09/1/7 11:20:34” is shown.

  In accordance with this registration process, an image authentication process described later is executed. In this example, it is assumed that a plurality of security print jobs are received.

<Password image authentication process>
FIG. 14 is a flowchart showing the password image authentication process shown in step S28 of FIG. FIG. 15 is a diagram showing an example of a processing screen for password image authentication processing shown in step S28 of FIG. FIG. 16 is a diagram showing an example of changes in the contents of the authentication table when the password image authentication process shown in FIG. 14 is executed.

  Referring to FIG. 14, first, a password image selection screen is displayed (step S60). Specifically, the password image authentication unit 34 displays a password image selection screen on the operation panel 19 in response to an instruction from the authentication method selection unit 30.

  FIG. 15A is an example of an ID selection screen 300 according to the first embodiment of the present invention, similar to FIG. 10A described above. Referring to FIG. 15A, here, a case where six registration IDs registered as described above are displayed is shown. The user specifies an item corresponding to his / her ID (user name in this example) via the touch panel.

  As an example, a case where a registration ID item 302 displayed as a user name “Bob” is provided is described, and in this example, a case where the “Bob” is designated will be described.

  FIG. 15 (B) is a diagram illustrating an example of a password image selection screen according to the first embodiment of the present invention. Referring to FIG. 15B, a plurality of image objects are displayed here, and the user is prompted to input his / her registered password image. Then, the user inputs his registered password image via the touch panel.

  And a password image authentication process is started by inputting a password image.

  Referring again to FIG. 14, it is next determined whether or not a password image has been input (step S62). Specifically, the password image authentication unit 34 determines whether or not a password image has been input on the above-described password image selection screen.

  If it is determined that a password image has been input (YES in step S62), it is then determined whether authentication is OK (step S64). Specifically, the password image authentication unit 34 determines whether or not the input password image matches the password image registered in the authentication table. If they match, it is determined that the authentication is OK.

  If it is determined that the authentication is OK (YES in step S64), a printout is made (step S66). Specifically, a security print job is executed, and the printer unit 18 develops image data included in the job and prints it on paper.

  Then, the fact that the authentication is successful is notified (step S68). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has been successful.

  FIG. 15C is a diagram illustrating a case where password image authentication is successful. Referring to FIG. 15C, “authenticated successfully” is displayed here. This display notifies the user that the authentication was successful.

  With this configuration, security is ensured by password authentication processing, and at the time of the second authentication, it is possible to execute authentication simply by executing password image authentication, which is provided for the convenience of the user.

  The plurality of image objects displayed together with the registered password image are provided in advance, but any image object can be used. Moreover, it is not restricted to what was provided previously, You may acquire by a download and you may make it a user register from the outside.

  Again referring to FIG. 14, next, the authentication time is updated and stored (step S70). Specifically, the password image authentication unit 34 registers the time when the authentication is successful as the authentication time in the corresponding ID item column of the authentication table. That is, the authentication time is updated. Then, the process ends (END). By updating the authentication time, it becomes possible to restart the expiration date of the password image.

  On the other hand, when it is determined in step S64 that the authentication is NG (NO in step S64), the fact that the authentication has failed is notified (step S72). Specifically, the password image authentication unit 34 notifies the CPU 10 that the authentication has failed. With this processing, the CPU 10 can ensure security by prohibiting authentication using a password image for a user who has failed authentication.

  Next, the password image information is erased (step S74). Specifically, the password image authentication unit 34 instructs the authentication data storage unit 36 to delete the password image information. This is because password image authentication is a simple authentication processing method, and therefore, a malicious third party may repeatedly try to input a password image and pass authentication.

  Referring to FIG. 16A, here, in correspondence with the user ID “Alice”, the password is “Ow8gcA”, the password image is “none”, the password authentication function is “off”, and the authentication time is “off”. 08/12/14 17:03:15 ”is registered. Corresponding to the user ID “Bob”, the password is “wQ9DspX”, the password image is “present” (image object 310 in FIG. 10), the password authentication function is turned on / off, and the authentication time is “09/1”. / 7 11:20:34 "is shown.

  A case where password image authentication processing is executed for the user ID “Bob” will be described.

  Referring to FIG. 16B, here, a case is shown where the information in the authentication table is updated when the authentication is OK. The difference from FIG. 16A is that the authentication time is registered as “09/1/7 11:35:14” corresponding to the user ID “Bob”. The other points are the same.

  Referring to FIG. 16C, here, a case where the information in the authentication table is updated when authentication is NG is shown. Specifically, the case where the password image is erased corresponding to the user ID “Bob”, the password image authentication function on / off flag is set to off, and the authentication time is erased is shown.

  When the authentication process is executed again by this process, only the password authentication is valid, so that the process can enhance security.

  In the flowchart of FIG. 14 described above, when the password image authentication fails, the CPU 10 is notified of the authentication failure and the password image information is deleted. It is also conceivable that the image is forgotten and authentication fails. In such a case, password authentication can be executed again.

  In the above-described embodiment, the configuration in which authentication is performed using an image (password image) is illustrated. However, a simple password (for example, two characters or less) having fewer characters than the original password is used instead of the image. Simple authentication may be performed. Also in this case, the number of key inputs by the user can be reduced, which is convenient for the user.

<Operation and effect of the present embodiment>
As is apparent from the flowchart described above, in MFP 100 according to the present embodiment, prior printing is performed for a plurality of print jobs in which the same password (authentication information) is registered in association with a normal password authentication method. A simpler password image authentication method for the subsequent print job is validated on the condition that the authentication based on the normal password authentication method for the job succeeds. On the other hand, if relatively high security is determined to be required for the subsequent print job, even if authentication based on normal password authentication method is successful, the password image authentication method for a subsequent print job Is not activated.

  When this password image authentication method is prohibited, the contents related to password image authentication as shown in FIG. 10D are not displayed on the operation panel 19. In addition, as shown in FIGS. 15A to 15C, the contents related to password image authentication are not displayed on the operation panel 19, and the authentication information (password image) related to password image authentication via the operation panel 19 is displayed. Is not accepted.

  By performing such processing, only password authentication with a relatively high security level is valid for a print job that is a security document, and a security level is relatively high for a print job for a normal document that is not a security document. High password authentication and password image authentication with relatively high user convenience are used in combination. Thereby, the improvement of a user's convenience and the subject of ensuring security can be made compatible.

  In addition, if it is determined that relatively high security is required based on the substance of the print job, the password image authentication method is not validated, so that necessary security can be ensured.

<Modification 1 of Embodiment 1>
Next, a modification of authentication processing in MFP 20 according to the first embodiment of the present invention will be described.

  FIG. 17 is a flowchart showing password image authentication processing according to the first modification of the first embodiment of the present invention. Referring to FIG. 17, the difference from the flowchart of FIG. 14 is that steps S76 and S30 are executed instead of steps S72 and S74, respectively.

  Specifically, if no password image is input in step S62 (NO in step S62), or if authentication is NG in step S64 (NO in step S64), the password image information is deleted (NO in step S64) (step S64). Step S76). Specifically, the password image authentication unit 34 instructs the authentication data storage unit 36 to delete the password image information. This is because password image authentication is a simple authentication processing method, and a malicious third party may repeatedly try to input a password image and pass authentication. Next, password authentication is executed (step S30). Then, the process ends.

  Password authentication is the same as that described in the flowchart of FIG. In this case, when password authentication is successful, a new password image can be registered by setting and registering a password image again, which is convenient for the user.

  In the above description, the password image setting unit 38 arbitrarily sets one password image from a plurality of images. However, the user may set a password image based on his / her will. Good.

<Modification 2 of Embodiment 1>
Next, still another modification of authentication processing in MFP 20 according to the first embodiment of the present invention will be described.

  FIG. 18 is a flowchart showing password authentication processing according to the second modification of the first embodiment of the present invention. FIG. 19 is a diagram showing an example of a security printing processing screen according to the second modification of the first embodiment of the present invention.

  Referring to FIG. 18, the processing after step S48 is different from the flowchart of FIG. Specifically, after the authentication is successful, a password image setting screen is displayed (step S56). The password authentication unit 32 requests the password image setting unit 38 for a plurality of password images that can be set. The password image setting unit 38 outputs a plurality of settable password images to the password authentication unit 32. Then, the password authentication unit 32 displays a plurality of settable password images output by the password image setting unit 38 on the operation panel 19.

  Next, it is determined whether the target print job is a security document (step S26). Specifically, the security document detection unit 39 determines whether the document is a security document based on the substantial contents of the print document included in the print job to be printed (step S26). If it is determined that the document is not a security document (NO in step S26), it is determined whether or not a password image has been selected (step S57). Specifically, the password authentication unit 32 determines whether or not there is an instruction to input a password image from the user on the password image setting screen.

  If a password image is selected (YES in step S57), the selected password image and authentication time are stored, and the password image authentication function is set to ON (step S58). Specifically, the password authentication unit 32 sets the selected image object as a password image, sets the time when authentication is successful as the authentication time, turns on the password image authentication function, and sets the authentication table of the authentication data storage unit 36. Register in the corresponding ID field. Then, the process ends (END).

  On the other hand, if it is determined that the document is a security document (YES in step S26), or if no password image has been selected (NO in step S57), password authentication unit 32 stores authentication data storage unit 36. The password image authentication function is not stored in the authentication table, and the password image authentication function is set to OFF (step S59).

  Referring to FIG. 19A, here, a case where six registration IDs registered as described above are displayed is shown. The user specifies an item corresponding to his / her ID (user name in this example) via the touch panel.

  As an example, a case where a registration ID item 302 displayed as a user name “Bob” is provided is described, and in this example, a case where the “Bob” is designated will be described.

Referring to FIG. 19B, here, a description is given of an example of the password input screen 308 as described above.
Here, a case where an input field 304 for inputting a password using a screen of a software keyboard is provided together with a display of “Please enter a password” is shown. The user inputs the password registered by himself / herself in the input field 304 using the screen of the software keyboard. Then, the password is input into the input field 304 using the screen of the software keyboard, and the execute button 306 is pressed. Thereby, password authentication processing is started.

  Referring to FIG. 19C, here, a case where a plurality of object images that can be registered are displayed is displayed together with the display of “Authenticated, please determine your password image”. Has been.

  The user can determine a password image based on his / her intention from the object image.

  Then, the image object determined (designated) as the password image is registered as an authentication key used in password image authentication described later.

  With this configuration, the user can arbitrarily determine the password image, so that the user's favorite image can be determined, and convenience is improved.

  Here, by selecting the “do not use” button 331, the password authentication unit 32 does not store the password image and the authentication time in the authentication table of the authentication data storage unit 36, and turns off the password image authentication function. Set to. With this configuration, when the user does not want to use the password image, the function can be set off, and the convenience for the user is improved.

  In FIG. 10D, it is also possible to set the password image authentication function to OFF by providing a “do not use” button 331 and selecting the button.

  In the present example, the password image is presented after the password authentication is successful. However, it is also possible to present the password image before password authentication as in the password setting. In this case, authentication with a password image may be validated when password authentication is successful.

[Embodiment 2]
In the first embodiment described above, the configuration for providing password authentication based on the original password assigned to the print job and simpler password image authentication is illustrated for the security print job. In contrast, the second embodiment of the present invention described below exemplifies a configuration in which normal authentication and simpler authentication are set in advance in the print job generation stage. However, even in such a configuration, it is prohibited to set simpler authentication in advance based on the substantial contents of the print document included in the print job, thereby improving user convenience and security. The problem of ensuring

  That is, both the first authentication method (normal password authentication method) and the second authentication method (simple password authentication method) simpler than the first authentication method are set for the print job. Is possible.

  In the following description, for a print job, a password consisting of a predetermined number of characters (for normal authentication), a simple password (for simple authentication) consisting of a smaller number of characters (in the following example, 2 characters), and The structure which can set is illustrated. That is, the normal password authentication method and the simple password authentication method differ in at least one level of authentication accuracy (security level) and user convenience (usability).

  Note that, as in the first embodiment, simpler authentication may be performed using an image. In this case, the associated image itself or a number designating the image is assigned to the print job.

  FIG. 20 is a configuration diagram showing an overview of the information processing system 1A according to the second embodiment of the present invention. Referring to FIG. 20, here, a configuration in which PC 100A, which is a typical example of a terminal device, and MFP 20A are connected via LAN 17 is shown. The difference from the information processing system 1 according to the first embodiment shown in FIG. 1 is that when image data created on an application executed on the PC 100A is transmitted to the MFP 20A as a print job, “ Information indicating “simple password” and “on / off of simple password authentication function” is provided.

  If the “simple password authentication function” is set to “on” when the MFP 20A receives a secure print job to which “simple password” is assigned from the PC 100A, the MFP 20A performs simple authentication in addition to authentication based on a normal password. Also enable password-based authentication. In this case, when the user inputs a correct password or a correct simple password, a print process based on the print job is executed.

  Note that although a configuration in which one PC is connected to the LAN 17 as a terminal device will be described, the number of these is not limited to one, and it is sufficient that there is at least one or more. Further, not limited to a LAN, a WAN or the like may be used.

<Hardware configuration>
Since the hardware configuration of MFP 20A according to the second embodiment of the present invention is the same as that of FIG. 2 described above, detailed description will not be repeated. In addition, the hardware configuration of PC 100A according to the second embodiment of the present invention is the same as that in FIG. 3 described above, and thus detailed description will not be repeated.

<Functional configuration for generating print jobs>
Next, a functional configuration for generating a print job transmitted to the MFP 20A by the PC 100A will be described.

  FIG. 21 is a functional block diagram provided by a print driver executed in PC 100A according to the second embodiment of the present invention. Referring to FIG. 21, the print driver executed by PC 100A provides a print job generation unit 252, a setting reception unit 254, a password reception unit 256, and a security function determination unit 258.

  The setting reception unit 254 displays a GUI (Graphical User Interface) screen for receiving various print settings on the display unit 206 (FIG. 3) using a library provided by the operating system (OS), and the like. The user accepts various settings according to the operation of the input unit 209 (FIG. 3) such as a keyboard and a mouse. That is, the setting reception unit 254 corresponds to a print setting unit that performs settings related to printing in accordance with a user operation.

  The print job generation unit 252 receives print target image data created on an application executed on the PC 100A and generates a print job. More specifically, the print job generation unit 252 generates a print job according to various settings received by a setting reception unit 254 described later. When a security print job is generated, the print job generation unit 252 gives a password received by the password reception unit 256, a simple password, information indicating on / off of the simple password function, and the like.

  As described above, the print job generation unit 252 corresponds to a generation unit that generates a print job from print target data in accordance with the contents set by the setting reception unit 254 that is a print setting unit.

  Based on the setting received by the setting receiving unit 254, the password receiving unit 256 displays a GUI screen or the like for receiving a password as necessary on the display unit 206 (FIG. 3), and the user uses a keyboard, a mouse, and the like. The input unit 209 (FIG. 3) accepts various settings according to the operation. More specifically, the password accepting unit 256 accepts inputs of “user ID”, “password”, and “simple password” in principle when security printing is instructed. However, as will be described later, when the security function is enabled for image data to be printed, the simple authentication is disabled. That is, the input of “simple password” is prohibited.

  As described above, the password receiving unit 256 receives the authentication information (password) related to the normal password authentication method and the authentication information (simple password) related to the simple password authentication method.

  The security function determination unit 258 determines whether or not the security function is enabled as a print setting, and notifies the password reception unit 256 of the determination result.

  That is, the setting accepting unit 254 and the password accepting unit 256 correspond to an authentication setting unit, and the security function determination unit 258 corresponds to a determination unit that determines whether relatively high security is required for a print job. . Further, the security function determination unit 258 also functions as a prohibition unit that prohibits setting of a password image authentication method for a print job when it is determined that relatively high security is required for any print job. To do. More specifically, acceptance of a simple password by the password accepting unit 256 is prohibited.

<Print job generation processing>
Next, a procedure for generating a print job transmitted from the PC 100A to the MFP 20A will be described.

  FIG. 22 is a flowchart showing a procedure of print job generation processing in PC 100A according to the second embodiment of the present invention. FIG. 23 is a diagram showing an example of an authentication information registration screen when executing security printing displayed on the display unit 206 of the PC 100A according to the second embodiment of the present invention. 24 and 25 are views showing print setting screens 41 and 42 for setting more detailed contents of the print setting screen 40A shown in FIG. FIG. 26 shows print setting screen 40A displayed on display unit 206 of PC 100A according to the second embodiment of the present invention.

  Referring to FIG. 22, first, CPU 201 (FIG. 3) of PC 100A determines whether or not the printer driver has been activated (step S2). Specifically, the CPU 201 determines whether or not there has been a printer driver activation instruction using a mouse or a keyboard. If the CPU 201 determines that the printer driver has been activated, then the CPU 201 performs printing as shown in FIG. A setting screen is displayed (step S3).

  In the print setting screen 40 shown in FIG. 5, an item button 116 relating to the setting of the output method is displayed so as to be selectable. By specifying the item button 116, the user can select “normal printing”, “ It is possible to execute an operation for changing the setting of various output methods such as “security printing”. In the second embodiment, a case where security printing is set as an output method setting item using a mouse as a pointing device will be described.

  Referring to FIG. 22 again, next, CPU 20 determines whether or not a security printing function is selected (step S4). Specifically, the CPU 20 can determine whether or not the setting item of the output method on the print setting screen 40 is designated as security printing using the mouse.

  If it is determined in step S4 that the security printing function is selected (YES in step S4), the CPU 20 next determines whether or not the security function is enabled (step S9). In the present embodiment, “validation of security function” is set so that (a) a character string such as “Confidential” or “secret” indicating that the document is to be concealed in the header or footer is given. (B) a character string indicating the security document is set to be embedded in the background of the document as a watermark, and (c) a character string indicating the security document is set as a copy-preventing copy-forgery-inhibited pattern. It has been, etc.

  The print setting screen 40A shown in FIG. 23 is displayed when the “stamp / page printing” tab related to the print output setting is designated on the print setting screen 40 shown in FIG. This print setting screen 40A can be set to print additional information in addition to the print output size and the image to be printed. Specifically, for example, a check box 142 relating to setting of copy protection (copy protection) is shown, and the user prints additional information for preventing copy by designating the check box 142. It is possible to do that. In addition, a check box 144 related to a setting for embedding various character strings as a watermark is shown. By specifying the check box 144, the user can output a print with a watermark added to the print target image. Can be performed. As the character string to be embedded as the watermark, character strings such as “urgent”, “circulation”, “collection”, and “restriction of duplication” are facilitated in advance, and after the user designates the check box 144, Any of the character strings displayed in a list on these pre-down menus can be designated using a mouse which is a pointing device.

  In the present embodiment, as an example, the following description will be given on the assumption that the user has designated the check box 142 regarding copy prevention. When the user specifies the check box 142 and then specifies the item button 143, a print setting screen as shown in FIGS. 24 and 25 is displayed.

  A print setting screen 41A shown in FIG. 24 accepts contents to be printed as copy protection. Also, the print setting screen 41B shown in FIG. 25 accepts a method of printing a character string or the like for preventing copying. Note that the display contents are switched to the print setting screen 41B by designating the “compositing method” tab on the print setting screen 41A shown in FIG. 24 using a mouse or keyboard as a pointing device, while FIG. In the print setting screen 41B shown, the display contents are switched to the print setting screen 41A by designating the tab of “print item” with a mouse or keyboard as a pointing device.

  In the print setting screen 41A shown in FIG. 24, the contents to be printed as copy protection include, for example, “character string”, “date / time”, “serial number”, “copy number”, and “job number”. Item 146 is shown selectable. By designating a check box associated with each item, the corresponding item is set to be printed. The example shown in FIG. 24 shows a case where the character string “copy” is set to be printed. Further, on the print setting screen 41A, the position to be printed and its angle can be designated as the arrangement of the character strings.

  In addition, the print setting screen 41B shown in FIG. 25 shows a radio button 148 for enabling the setting for suppressing unauthorized copying and a radio button 149 for enabling the setting for printing the character pattern. When the radio button 148 is designated, a copy-preventing copy-forgery-inhibited pattern is added to the original printed paper medium, and when the original is copied, characters indicating that copying is prohibited are set to rise. The On the other hand, when the radio button 149 is designated, a character string is overlaid and printed as a designated watermark on a printed paper medium as an original.

  When the radio button 148 is designated, items 150 such as “effect when illegal copying”, “overlapping”, “background pattern”, and “character and background color” can be designated. When the radio button 149 is designated, items 152 such as “overlay” and “character and background color” can be designated.

  If the setting intended to enhance some security such as the above-described copy prevention is made, it is determined that the security function is enabled.

  Referring to FIG. 22 again, if it is determined that the security function is not activated (NO in step S9), CPU 20 then displays registration screen 124A as shown in FIG. (Step S5-1).

  Referring to FIG. 26A, in registration screen 124A, input field 126 for entering a user ID and input for entering a password registered as authentication information used when executing security printing. A case where a field 128 and an input field 129 for inputting a simple password are provided is shown. This registration screen 124A is typically displayed by specifying an item button 143 after checking the check box 142 in the print setting screen 40A shown in FIG.

  Using the keyboard or the like, the user inputs a user ID into the input field 126, inputs a password into the input field 128, and inputs a simple password into the input field 129 (if necessary). The simple password is not an indispensable input item, and is input only when the user desires simple authentication.

  In the lower area of the registration screen 124A, a “set” item button 130 and a “cancel” item button 132 are provided. When the user designates the item button 130 with a mouse or the like as a pointing device, it is set as authentication information in secure printing. On the other hand, by designating the “cancel” button 132, it is possible to end the processing without setting authentication information on the security printing registration screen.

  Referring to FIG. 22 again, if it is determined that the security function is enabled (YES in step S9), CPU 20 next displays registration screen 124B as shown in FIG. (Step S5-2).

  Referring to FIG. 26B, the registration screen 124B is different from the registration screen 124A shown in FIG. 26A in that an input field 129 for inputting a simple password is grayed out. Is different. That is, when the security function for the target print job is enabled, acceptance of a simple password is prohibited so that simple authentication is not set. In other words, entry of a simple password is prohibited. As the input field 129 is grayed out, the “simple password” character associated with the input field 129 is also grayed out. In other words, the display unit 206 does not display the content related to acceptance of authentication information related to the simple password authentication method.

  Also in this registration screen 124B, the user inputs the user ID into the input field 126 and the password into the input field 128 using a keyboard or the like. In the lower area of the registration screen 124B, a “set” item button 130 and a “cancel” item button 132 are provided. When the user designates the item button 130 with a mouse or the like as a pointing device, it is set as authentication information in secure printing.

  The determination that the security function is enabled may be made on the condition that a character string is set in the header or footer and / or a character string is set as a watermark. However, it may be a condition that a specific character string (for example, Confidential or copy prohibition) is set. That is, it is determined that relatively high security is required when security-related content is set by the print setting.

  Furthermore, when a specific file attribute (for example, PDF (Portable Document Format) regarding security) is set in the print target file, it may be determined that relatively high security is required.

  FIG. 26B illustrates a grayed-out configuration as an example of processing for prohibiting the input of a simple password. However, the input field itself may not be displayed, or a simple password may be displayed. When trying to input, a message such as “The simple password cannot be set because the watermark function has already been set!” May be displayed so that the simple password setting is not accepted. That is, when the user tries to input authentication information (simple password) related to the simple password authentication method, the display unit 206 is notified that input of the authentication information is prohibited.

  Referring to FIG. 22 again, next, CPU 20 determines whether or not there is an input of a user ID and a password (step S6). Specifically, the determination is made based on whether or not there is input in the input fields 126 and 128 on the registration screen 124A or 124B and the item button of “setting” is designated.

  If it is determined in step S6 that the user ID and password are input (YES in step S6), the CPU 201 next sets authentication information (step S7). If the simple password is not set, the simple password authentication function is set to off.

  Next, it is determined whether or not a print job is transmitted (step S8). Specifically, the determination is made based on whether or not the user has designated the print button 120 with the mouse or the like as a pointing device on the print setting screen 40 in FIG. If specified, a print job is transmitted from the PC 100A to the MFP 20A, and the process is terminated (END). At this time, the authentication information (user ID, authentication password, simple password, simple password authentication function on / off) set in step S7 is given to the print job.

<Functional configuration that provides simple authentication>
Next, when MFP 20A receives a security print job from PC 100A, password authentication and / or simple password authentication is selectively executed based on the password and / or simple password assigned to the print job. The configuration will be described. Briefly describing this authentication process, when a simple password is set (or when the simple password authentication function is set to ON), the MFP 20A performs a normal authentication process based on a password and a simple password. The printing of the target print job is started on the condition that one of the simple authentication processes based on the above is successful. On the other hand, when the simple password is not set (or when the simple password authentication function is set to off), only normal authentication processing based on the password is provided in the MFP 20A. The printing of the target print job is started on the condition that it succeeds.

  FIG. 27 is a functional block diagram of authentication processing unit 4A of MFP 20A according to the second embodiment of the present invention. Referring to FIG. 27, authentication processing unit 4A includes an authentication method selection unit 30, a password authentication unit 32, and a simple password authentication unit 35.

  The authentication method selection unit 30 selects authentication processing in the password authentication unit 32 or simple authentication processing in the simple password authentication unit 35. The password authentication unit 32 performs password authentication in accordance with an input instruction from the user. The simple password authentication unit 35 executes simple image authentication in accordance with an input instruction from the user. Here, the password authentication unit 32 and the password image authentication unit 34 correspond to an authentication processing unit that executes an authentication process based on an authentication method set for a target print job based on input authentication information.

<Print job print output processing>
FIG. 28 is a flowchart showing a security printing process in MFP 20A according to the second embodiment of the present invention. FIG. 29 is a diagram showing an example of a security printing process screen according to the second embodiment of the present invention.

  Referring to FIG. 28, first, CPU 10 determines whether or not the security printing function has been selected. It is determined whether or not the security printing function is selected by executing a predetermined operation on an operation key provided on the operation panel 19 (not shown) (step S112).

  If it is determined that the security printing function is selected (YES in step S112), it is determined whether there is a security printing job (step S114). Specifically, the authentication method selection unit 30 determines whether a secure print job corresponding to the specified ID stored in the RAM 8 has been received.

  If it is determined that there is a security print job (YES in step S114), an ID selection screen is displayed (step S116). Specifically, the authentication method selection unit 30 described with reference to FIG. 27 acquires the user ID assigned to each of the currently received security print jobs and displays it on the operation panel 19 as an ID selection screen.

  FIG. 29A shows an example of an ID selection screen according to the second embodiment of the present invention. Referring to FIG. 29A, here is shown a case where six or more security print jobs have already been received and six registration IDs assigned to these print jobs are displayed. Yes. The user specifies an item corresponding to his / her ID (user name in this example) via the touch panel.

  Again referring to FIG. 28, it is next determined whether or not there is ID selection (step S118). Specifically, the authentication method selection unit 30 determines whether or not an item corresponding to the ID has been designated on the ID selection screen described above.

  Next, when it is determined that there is ID selection (YES in step S118), it is determined whether or not the simple password authentication function is set to on (step S120).

  If the simple password authentication function is set to ON (YES in step S120), a password input screen that allows normal password authentication and simple password authentication is displayed (step S122).

  FIG. 29B shows an example of a password input screen according to the second embodiment of the present invention. Referring to FIG. 29B, here, a message “Please enter a password” and a message “A simple password may be used.” Are displayed. Furthermore, the case where the input column 330 which inputs a password or a simple password using the screen of a software keyboard is provided is shown. The user enters the password or simple password registered in the input field 330 by using the screen of the software keyboard. When the user presses the execute button 306, the authentication process is started.

  Referring to FIG. 28 again, it is next determined whether or not a password has been input (step S124). Specifically, the password authentication unit 32 (FIG. 27) and the simple password authentication unit 35 (FIG. 27) press the execute button 332 when the password is input to the input field 330 on the password input screen shown in FIG. Judgment by whether or not.

  If it is determined that the password has been input (YES in step S124), it is then determined whether authentication is OK (step S126). Specifically, the password authentication unit 32 determines whether the password input in the input field 330 matches the password included in the authentication information assigned to the target print job. At the same time, the simple password authentication unit 35 determines whether the password input in the input field 330 matches the simple password included in the authentication information assigned to the target print job. Then, in either one of the password authentication unit 32 and the simple password authentication unit 35, if they match, it is determined that the authentication is OK.

  If it is determined that the authentication is OK (YES in step S126), a printout is made (step S128). Specifically, a security print job is executed, and the printer unit 18 develops image data included in the job and prints it on paper.

  Then, the fact that the authentication is successful is notified (step S130). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has been successful.

  If the simple password authentication function is set to OFF (NO in step S120), a password input screen that allows only normal password authentication is displayed (step S132).

  FIG. 29C shows another example of the password input screen according to the second embodiment of the present invention. Referring to FIG. 29 (C), here, unlike FIG. 29 (B), the message “You can use a simple password” is not displayed. Only the message is displayed. Furthermore, the case where the input column 330 which inputs a password using the screen of a software keyboard is provided is shown. The user inputs the password registered in the input field 330 using the screen of the software keyboard. When the user presses the execute button 306, the authentication process is started.

  Referring again to FIG. 28, it is next determined whether or not a password has been input (step S134). Specifically, the password authentication unit 32 (FIG. 27) makes a determination based on whether or not the password has been input in the input field 330 and the execution button 332 has been pressed on the password input screen shown in FIG.

  If it is determined that a password has been input (YES in step S134), it is then determined whether authentication is OK (step S136). Specifically, the password authentication unit 32 determines whether the password input in the input field 330 matches the password included in the authentication information assigned to the target print job. Then, the password authentication unit 32 determines that the authentication is OK if they match.

  If it is determined that the authentication is OK (YES in step S136), a printout is made (step S128). Thereafter, the process of step S130 is executed.

  On the other hand, when it is determined that the security printing function is not selected (NO in step S112), the process proceeds to step S138. If it is determined that there is no security print job (NO in step S114), the process proceeds to step S138. In step S138, the normal print job is printed out. Then, the process ends (END).

  On the other hand, if it is determined that there is no ID selection (NO in step S118), the process ends (end). For example, when the Stop button or the like is pressed, the security printing process is terminated.

  On the other hand, when it is determined in step S124 or step S134 that there is no password input (NO in step S124 or NO in step S134), the process proceeds to step S140. If the authentication is NG in step S126 or S136 (NO in step S126 or NO in step S136), the process also proceeds to step S140. In step S140, the fact that the authentication has failed is notified (step S140). Then, the process ends (END).

  In the second embodiment described above, the configuration for prohibiting the input of the simple password is illustrated when the security function is enabled. However, a configuration that changes the security strength of the password is adopted. Also good. For example, when the security function is disabled, the password is a password of two or more characters. On the other hand, when the security function is enabled, a larger number of characters (for example, The password may be a password of 4 characters or more.

<Operation and effect of the present embodiment>
As is apparent from the above-described flowchart, in the PC 100A according to the present embodiment, a normal password (authentication information) associated with a normal password authentication method and a simple password authentication method are generated for the generated security print job. It is possible to register a simple password (authentication information) having a shorter number of characters in association with.

  Accordingly, the normal password authentication method and the simple password authentication can be used in combination according to the contents to be printed, and thereby both the improvement of user convenience and the security can be achieved. .

  In addition, when a security printing function is set for a document to be printed, only a normal password authentication method is allowed, so that necessary security can be ensured.

<Modification 1 of Embodiment 2>
In the above-described second embodiment, the configuration in which the normal password authentication and the simple password authentication are provided in parallel in the MFP 20A if the simple password authentication function related to the print job is set to ON is illustrated. On the other hand, from the viewpoint of improving security, only normal password authentication is permitted at the first authentication even if the simple password authentication function is set to ON for the target print job. In the second and subsequent authentications, if the simple password authentication function is set to ON for the target print job, both normal password authentication and simple password authentication are permitted.

<Hardware configuration>
Since the hardware configuration of MFP 20B according to the first modification of the second embodiment of the present invention is the same as that of FIG. 2 described above, detailed description will not be repeated. In addition, the hardware configuration of PC 100B according to the first modification of the second embodiment of the present invention is the same as that in FIG. 3 described above, and thus detailed description will not be repeated.

<Functional configuration for generating print jobs>
Since the functional configuration of PC 100B according to the first modification of the second embodiment of the present invention is the same as that in FIG. 21 described above, detailed description will not be repeated.

<Print job generation processing>
Since the contents of the print job generation process in PC 100B according to the first modification of the second embodiment of the present invention are the same as those in the flowchart shown in FIG. 22, detailed description thereof will not be repeated.

<Functional configuration that provides simple authentication>
Next, when the MFP 20B receives a security print job from the PC 100B, password authentication and / or simple password authentication is selectively executed based on the password and / or simple password assigned to the print job. The configuration will be described.

  FIG. 30 is a functional block diagram of authentication processing unit 4B of MFP 20B according to the first modification of the second embodiment of the present invention. Referring to FIG. 30, authentication processing unit 4B includes an authentication method selection unit 30, a password authentication unit 32, a simple password authentication unit 35, and an authentication data storage unit 37.

  The authentication method selection unit 30 selects authentication processing in the password authentication unit 32 or simple authentication processing in the simple password authentication unit 35. The password authentication unit 32 performs password authentication in accordance with an input instruction from the user. The simple password authentication unit 35 executes simple image authentication in accordance with an input instruction from the user. The authentication data storage unit 37 has an authentication table in which authentication data used for authentication is stored.

  FIG. 31 is a diagram showing an example of an authentication table stored in the authentication data storage unit 37 shown in FIG. Referring to FIG. 31, the authentication table includes, as registration items, a user ID, a password, a simple password, on / off of a simple password authentication function, and an authentication time. Specifically, the case where “Alice”, “Bob”, “Charlie”, “David”, “Erik”, and “Fred” are registered as user IDs is shown.

  As an example, corresponding to the user ID “Alice”, the password is “Ow8gcA”, the simple password is “be”, the password image authentication function is on / off “off”, and the authentication time is “08/12/14 17:03: The case where it is registered as “15” is shown. As will be described later, ON / OFF of the simple password authentication function is a flag for determining whether or not to execute simple password authentication. The authentication time is used to determine the elapsed time since the previous authentication.

  As another example, in correspondence with the user ID “Bob”, the password is “wQ9DspX”, the simple password is “ao”, the password image authentication function is “on”, and the authentication time is “09/1/7”. 11:20:34 "is shown.

<Print job print output processing>
FIG. 32 is a flowchart showing a security printing process in MFP 20B according to the first modification of the second embodiment of the present invention.

  Referring to FIG. 32, first, CPU 10 determines whether or not the security printing function has been selected. It is determined whether or not the security printing function is selected by executing a predetermined operation on an operation key provided on the operation panel 19 (not shown) (step S112).

  If it is determined that the security printing function has been selected (YES in step S112), an ID selection screen is displayed (step S142). Specifically, the authentication method selection unit 30 described with reference to FIG. 30 reads the authentication table (FIG. 31) stored in the authentication data storage unit 37 and registers the ID registered on the operation panel as an ID selection screen. 19 is displayed. At this time, the operation panel 19 displays an ID selection screen as shown in FIG.

  Next, it is determined whether or not there is ID selection (step S144). Specifically, the authentication method selection unit 30 determines whether or not an item corresponding to the ID has been designated on the ID selection screen described above.

  Then, when it is determined that there is ID selection (YES in step S144), it is determined whether there is a security print job for the selected ID (step S146). Specifically, the authentication method selection unit 30 determines whether a secure print job corresponding to the specified ID stored in the RAM 8 has been received.

  If the authentication method selection unit 30 determines that there is a security print job for the selected ID (YES in step S146), the simple password authentication function for the security print job is set to ON next. It is determined whether or not (step S148). Specifically, it is determined whether the simple password authentication function is turned on as the authentication information given to the security print job.

  Further, when the simple password authentication function for the security print job is set to ON (YES in step S148), it is determined whether both the password and the simple password are the same (step S150). Specifically, the password set as the authentication information in the security print job matches the password in the authentication table stored in the authentication data storage unit 37 corresponding to the user ID selected above, Whether the simple password set as the authentication information in the security print job matches the simple password in the authentication table stored in the authentication data storage unit 37 corresponding to the user ID selected above. Judging.

  If it is determined that both the password and the simple password are the same (YES in step S150), it is next determined whether the simple password authentication function is on (step S152). Specifically, the authentication method selection unit 30 checks the on / off flag of the password image authentication function of the corresponding ID in the authentication table.

  If it is determined that the password image authentication function is on (YES in step S152), it is determined whether it is within 2 hours from the previous authentication (step S154). Specifically, the authentication method selection unit 30 refers to the authentication time of the corresponding ID in the authentication table and determines whether it is within 2 hours from the previous authentication based on the comparison with the current time.

  If it is determined that it is within 2 hours from the previous authentication (YES in step S154), simple password authentication is executed (step S156). Specifically, the authentication method selection unit 30 instructs both the password authentication unit 32 and the simple password authentication unit 35 to execute the authentication process.

  On the other hand, if it is determined that the security printing function is not selected (NO in step S112), the process proceeds to step S160. If it is determined in step S146 that there is no security print job for the selected ID (NO in step S146), the process also proceeds to step S160. In step S160, the normal print job is printed out. Then, the process ends (END).

  On the other hand, if it is determined that there is no ID selection (NO in step S144), the process ends (END). For example, when the Stop button or the like is pressed, the security printing process is terminated.

  On the other hand, if the simple password authentication function for the target security print job is not set to ON in step S148 (NO in step S148), the process proceeds to step S158. In step S150, if the password or the simple password is not the same (NO in step S150), the process also proceeds to step S158. If it is determined in step S152 that the simple password function is off (NO in step S152), the process also proceeds to step S158. In Step S154, when it is determined that it is not within two hours from the previous authentication (NO in Step S154), the process proceeds to Step S158. In step S158, normal password authentication is executed (step S158).

<Normal password authentication processing>
FIG. 33 is a flowchart showing the normal password authentication process shown in step S158 of FIG. FIG. 34 is a diagram showing an example of changes in the contents of the authentication table when the password authentication process shown in FIG. 33 is executed.

  Referring to FIG. 33, first, a password input screen allowing only normal password authentication is displayed (step S170). Specifically, the password authentication unit 32 displays a password input screen on the operation panel 19 in response to an instruction from the authentication method selection unit 30. At this time, a password input screen as shown in FIG.

  Next, it is determined whether or not a password has been input (step S172). Specifically, the password authentication unit 32 determines whether or not the password is input in the input field 330 and the execution button 332 is pressed on the password input screen.

  If it is determined that a password has been input (YES in step S172), it is then determined whether authentication is OK (step S174). Specifically, the password authentication unit 32 determines whether or not the password input in the input field 330 matches the authentication password assigned to the target security print job. If they match, it is determined that the authentication is OK.

  If it is determined that the authentication is OK (YES in step S174), a printout is made (step S176). Specifically, a security print job is executed, and the printer unit 18 develops image data included in the job and prints it on paper.

  Then, the fact that the authentication is successful is notified (step S178). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has been successful.

  Next, the authentication information (user ID, authentication password, simple password, simple password authentication function on / off) assigned to the target security print job is stored in the corresponding ID item column of the authentication table (step S180). ). That is, the authentication information is updated. Next, the authentication time is updated and stored (step S182). Specifically, the time is stored in the authentication time column of the corresponding ID in the authentication table. Then, the process ends (END). By updating the authentication time, the expiration date of the simple password can be restarted.

  On the other hand, when it is determined in step S172 that the password has not been input (NO in step S172), the fact that the authentication has failed is notified (step S184).

In step S174, even if the authentication is NG (NO in step S174), the fact that the authentication has failed is notified (step S184). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has failed. With this processing, the CPU 10 can ensure security by prohibiting the use of the function of the MFP 20B for a user who has failed authentication. Then, the process ends (END)
Referring to FIG. 34A, here, the password is “Ow8gcA”, the simple password is “be”, the simple password authentication function is “off”, and the authentication time is “off”, corresponding to the user ID “Alice”. The case where it is registered as “08/12/14 17:03:15” is shown.

  Next, referring to FIG. 34 (B), next to the user ID “Bob”, the password is “wQ9DspX”, the simple password is “ao”, the password authentication function is “on”, the authentication time Is registered as “09/1/7 11:20:34”.

<Simple password authentication process>
FIG. 35 is a flowchart showing the simple password authentication process shown in step S156 of FIG. FIG. 36 is a diagram showing an example of changes in the contents of the authentication table when the simple password authentication process shown in FIG. 35 is executed.

  Referring to FIG. 35, first, a password input screen permitting normal password authentication and simple password authentication is displayed (step S190). Specifically, the password authentication unit 32 and the simple password authentication unit 35 display a password input screen on the operation panel 19 in response to an instruction from the authentication method selection unit 30. At this time, a password input screen as shown in FIG.

  Next, it is determined whether or not a password has been input (step S192). Specifically, the password authentication unit 32 and the simple password authentication unit 35 determine whether or not the password has been input and the execution button 332 has been pressed on the above-described password input screen.

  If it is determined that a password has been input (YES in step S192), it is then determined whether authentication is OK (step S194). Specifically, the password authentication unit 32 determines whether the password input in the input field 330 matches the password registered in the authentication table. At the same time, the simple password authentication unit 35 determines whether or not the password input in the input field 330 matches the simple password registered in the authentication table. Then, in either one of the password authentication unit 32 and the simple password authentication unit 35, if they match, it is determined that the authentication is OK.

  If it is determined that the authentication is OK (YES in step S194), a printout is made (step S196). Specifically, a security print job is executed, and the printer unit 18 develops image data included in the job and prints it on paper.

  Then, the fact that the authentication is successful is notified (step S198). Specifically, the password authentication unit 32 notifies the CPU 10 that the authentication has been successful.

  Next, the authentication time is updated and stored (step S200). Specifically, the time is stored in the authentication time column of the corresponding ID in the authentication table. Then, the process ends (END). By updating the authentication time, the expiration date of the simple password can be restarted.

  On the other hand, when it is determined in step S192 that the password has not been input (NO in step S192), the fact that the authentication has failed is notified (step S202). In step S194, if the authentication is NG (NO in step S194), the fact that the authentication has failed is notified (step S202). Specifically, the password authentication unit 32 or the simple password authentication unit 35 notifies the CPU 10 that the authentication has failed. With this processing, the CPU 10 can ensure security by prohibiting the use of the function of the MFP 20B for a user who has failed authentication.

  Next, the authentication information related to the simple password authentication stored in the corresponding ID item column of the authentication table is invalidated (step S204). Specifically, for the corresponding ID in the authentication table, the simple password is cleared (changed to none), the simple password authentication function is set to “off”, and the authentication time is cleared (changed to none). Then, the process ends (END).

  By updating the authentication table in this way, the next simple password authentication is invalidated. That is, by this processing, it is possible to ensure security by prohibiting the use of the simple password authentication function in the MFP 20B for the user who has failed authentication.

  Referring to FIG. 36A, here, in correspondence with the user ID “Alice”, the password is “Ow8gcA”, the simple password is “be”, and the authentication time is “08/12/14 17:03:15”. "Is registered. Also, the case where the password is registered as “wQ9DspX”, the simple password is “ao”, and the authentication time is “09/1/7 11:20:34” corresponding to the user ID “Bob” is shown. Yes.

  A case where normal password authentication or simple password authentication for a security print job is executed for the user ID “Bob” will be described.

  Referring to FIG. 36B, here, a case is shown where the information in the authentication table is updated when the authentication is OK. A difference from FIG. 38A is that the authentication time is registered as “09/1/7 11:35:14” corresponding to the user ID “Bob”. The other points are the same.

  Referring to FIG. 36C, here, a case where the information in the authentication table when the authentication is NG is updated is shown. Specifically, the case where the simple password information is erased and the simple password authentication function is changed to “off” corresponding to the user ID “Bob” is shown. In this case, the authentication time is also deleted.

<Operation and effect of this modification>
According to this modification, both of the operational effects in the first and second embodiments described above can be exhibited.

<Other forms>
In the above-described first and second embodiments and modifications thereof, the configuration using a normal password and authentication information (password image or simple password) used for simpler authentication has been exemplified. The present invention may be applied as authentication processing in which a password is relatively simple in authentication combined with a circuit) card or authentication combined with a password and biometrics (fingerprint authentication or retina authentication).

  In the above-described first and second embodiments and the modifications thereof, the configuration in which the print job is transmitted between the PC and the MFP has been exemplified. However, a relay device such as a print server is interposed between the PC and the MFP. It may be. In this case, this relay apparatus may provide a part of the functions of the PC and / or MFP according to the above-described embodiment.

  It is also possible to provide a program that causes a computer to function for each unit that controls the above-described apparatus, and executes control as described in the above flow. Such a program is stored in a computer-readable recording medium such as a flexible disk attached to the computer, a CD-ROM (Compact Disk-Read Only Memory), a ROM (Read Only Memory), a RAM (Random Access Memory), and a memory card. And can be provided as a program product. Alternatively, the program can be provided by being recorded on a recording medium such as a hard disk built in the computer. A program can also be provided by downloading via a network.

  The program may be a program module that is provided as part of an operating system (OS) of a computer and that calls necessary modules in a predetermined arrangement at a predetermined timing to execute processing. In that case, the program itself does not include the module, and the process is executed in cooperation with the OS. A program that does not include such a module can also be included in the program according to the present invention.

  The program according to the present invention may be provided by being incorporated in a part of another program. Even in this case, the program itself does not include the module included in the other program, and the process is executed in cooperation with the other program. Such a program incorporated in another program can also be included in the program according to the present invention.

  The provided program product is installed in a program storage unit such as a hard disk and executed. The program product includes the program itself and a recording medium on which the program is recorded.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is shown not by the above description of the embodiments but by the scope of claims, and is intended to include all modifications within the meaning and scope equivalent to the scope of claims.

  1, 1A information processing system, 4, 4A, 4B authentication processing unit, 12 network card, 14 modem, 16 scanner unit, 18 printer unit, 19 operation panel, 20, 20A, 20B MFP, 30 authentication method selection unit, 32 password Authentication unit, 34 Password image authentication unit, 35 Simple password authentication unit, 36 Authentication data storage unit, 37 Authentication data storage unit, 38 Password image setting unit, 39 Security document detection unit, 100, 100A PC (personal computer), 201 CPU, 203 internal bus, 205 display control unit, 206 display unit, 209 input unit, 211 HDD, 212 RAM, 213 ROM, 215 CD-ROM drive, 217 FDD drive, 252 print job generation unit, 254 setting reception Appendix, 256 Password accepting unit, 258 Security function determining unit.

Claims (17)

Authentication processing means capable of providing both a first authentication method and a second authentication method that is simpler than the first authentication method;
A determination means for determining whether relatively high security is required for the target print job;
A prohibiting unit that prohibits the authentication processing unit from providing the second authentication method for the print job when it is determined that relatively high security is required for the target print job; Prepared ,
The authentication processing unit succeeds in authenticating a preceding print job based on the first authentication method for a plurality of print jobs in which the same authentication information is registered in association with the first authentication method. And providing means for providing the second authentication method for subsequent print jobs,
In the case where it is determined that relatively high security is required for the subsequent print job, the prohibiting unit is configured to execute the authentication for the subsequent print job even if the authentication based on the first authentication method is successful. An information processing apparatus including means for prohibiting provision of the second authentication method . A display means for displaying an authentication screen;
The information processing apparatus according to claim 1 , wherein the prohibiting unit does not display content related to the second authentication method on the display unit. An input unit for receiving authentication information input by the user;
The information processing apparatus according to claim 1 , wherein the prohibiting unit does not accept authentication information related to the second authentication method by the input unit. The determination unit determines that relatively high security is required when at least one of a copy-prevention copy-forgery-inhibited pattern and a watermark is added to a print document included in a target print job. Item 4. The information processing apparatus according to any one of Items 1 to 3 . The determination unit determines that relatively high security is required when a predetermined number or more of character strings related to security are assigned to a print document included in a target print job. The information processing apparatus according to any one of to 4 . An authentication setting unit capable of setting both a first authentication method and a second authentication method that is simpler than the first authentication method for a print job;
Determining means for determining whether relatively high security is required for the print job;
And a prohibiting unit that prohibits the authentication setting unit from setting the second authentication method for the print job when it is determined that relatively high security is required for the print job. Information processing device. Print setting means for performing settings related to printing according to user operations;
Generating means for generating the print job according to the contents set by the print setting means;
The print setting means includes means for receiving authentication information related to the first authentication method and authentication information related to the second authentication method;
The information processing apparatus according to claim 6 , wherein the prohibiting unit prohibits acceptance of authentication information related to the second authentication method by the print setting unit. The print setting means further includes means for displaying a screen for performing settings related to the printing,
The information processing apparatus according to claim 7 , wherein the prohibiting unit does not display content related to acceptance of authentication information related to the second authentication method on a screen for performing settings related to the printing. The print setting means further includes means for displaying a screen for performing settings related to the printing,
The prohibition means, when the user tries to input authentication information according to the second authentication method,
The information processing apparatus according to claim 7 , which notifies on the screen that input of the authentication information is prohibited. The information according to any one of claims 7 to 9 , wherein the determination unit determines that relatively high security is required when security-related content is set by the print setting unit. Processing equipment. The determination unit, when a predetermined security attributes to the data from which to generate the print job is assigned, it is determined that a relatively high security is required, any of claims 6-10 The information processing apparatus according to item 1. The information processing apparatus according to any one of claims 6 to 11 , wherein all the means are provided by execution of a printer driver. Wherein the first authentication method and the second authentication method, authentication accuracy and user convenience of the at least one of the levels are different, the information processing apparatus according to any one of claims 1 to 12. A method for executing an authentication process using an information processing apparatus, comprising the following steps executed by the information processing apparatus:
Providing a first authentication method;
Determining whether relatively high security is required for the target print job;
When it is determined that relatively high security is not required for the target print job, in addition to the first authentication method, a second simpler method than the first authentication method can be used. Providing an authentication method;
The provision of the second authentication method is prohibited when it is determined that relatively high security is required for the target print job ,
In the step of providing the second authentication method, the first authentication method for a preceding print job with respect to a plurality of print jobs in which the same authentication information is registered in association with the first authentication method. Provided that the second authentication method for subsequent print jobs is provided, provided that authentication based on
In the step of prohibiting the provision of the second authentication method, if it is determined that relatively high security is required for the subsequent print job, the authentication based on the first authentication method is successful. also, provision of the second authentication method for that subsequent print job Ru is inhibited, a method of performing the authentication process. A method of setting an authentication method using an information processing device, comprising the following steps executed by the information processing device, wherein the following steps:
Setting a first authentication method for the print job;
Determining whether relatively high security is required for the print job;
When it is determined that relatively high security is not required for the print job, the print job is simpler than the first authentication method in addition to the first authentication method. Setting a second authentication method,
A method of setting authentication processing, comprising: prohibiting setting of the second authentication method for a print job when it is determined that relatively high security is required for the print job. An authentication processing program executed by a computer including a processor, wherein the authentication processing program
Authentication processing means capable of providing both a first authentication method and a second authentication method that is simpler than the first authentication method;
A determination means for determining whether relatively high security is required for the target print job;
Function as prohibiting means for prohibiting the authentication processing means from providing the second authentication method for the print job when it is determined that relatively high security is required for the target print job. then,
The authentication processing unit succeeds in authenticating a preceding print job based on the first authentication method for a plurality of print jobs in which the same authentication information is registered in association with the first authentication method. Provided that the second authentication method for a subsequent print job,
In the case where it is determined that relatively high security is required for the subsequent print job, the prohibiting unit is configured to execute the authentication for the subsequent print job even if the authentication based on the first authentication method is successful. It prohibits provision of the second authentication method, the authentication processing program. An authentication processing program executed by a computer including a processor, wherein the authentication processing program
An authentication setting unit capable of setting both a first authentication method and a second authentication method that is simpler than the first authentication method for a print job;
Determining means for determining whether relatively high security is required for the print job;
In a case where it is determined that relatively high security is required for the print job, the authentication setting unit is caused to function as a prohibiting unit that prohibits the setting of the second authentication method for the print job. Authentication processing program.

Images