JP5601110B2 - Image forming apparatus, authentication apparatus, image forming system, and program - Google Patents

Description

The present invention relates to an image forming apparatus, an authentication apparatus, an image forming system, and a program, and more particularly to an image forming apparatus, an authentication apparatus, and an image forming apparatus that execute an image forming process through an authentication process based on information stored in a portable storage medium. The present invention relates to a system and a program.

  In an image forming apparatus having at least one application function of a printer function, a copy function, a facsimile function, and a scanner function, a portable storage such as a magnetic card or an IC (Integrated Circuit) card from the viewpoint of ensuring information security. Only when the authenticity is confirmed using the identification information stored in the medium, the application function provided by the image forming apparatus and the setting change function for changing the basic setting of the application function and the setting of the device main body are executed. What is allowed has been developed.

  In such an image forming apparatus, generally, the authority to execute the setting change function is given only to the administrator. That is, the identification information stored in the portable storage medium is made different between the administrator and the general user who executes only the application function. In many cases, a portable storage medium storing identification information for general users (hereinafter referred to as an authentication card for general users) and a portable storage medium storing identification information for administrators (hereinafter referred to as an authentication card for administrators). Are prepared separately from each other. Therefore, when an administrator wants to use the image forming apparatus as a general user, he / she has an administrator authentication card and a general user authentication card and uses them separately. It becomes complicated.

  In order to prevent complication of storage and management of authentication cards, for example, in the authentication device described in Japanese Patent Application Laid-Open No. 2007-141172, correspondence between user identification information and operation mode information to which usage authority is to be given is supported. In addition, by registering in the authentication table in advance, even when performing authentication processing for devices with multiple operation modes, the identification information as a general user and the identification information as an administrator are stored in a single authentication card. It is possible to do.

  However, in the above authentication device, when both identification information as a general user and identification information as an administrator are stored in one authentication card, it is determined whether to authenticate as a general user or as an administrator. A guide screen required by the user is displayed. For this reason, there is a risk that the owner of the authentication card is a person who has the authority as an administrator and leaks from the guide screen to a third party, and the authentication card is misused.

The present invention has been made in view of the above circumstances, and even when both identification information as a general user and identification information as an administrator are stored in one authentication card, the owner of the authentication card An object of the present invention is to provide an image forming apparatus, an authentication apparatus, an image forming system, and a program that can reduce the risk that a person who has authority as an administrator leaks to a third party.

An image forming apparatus of the present invention that solves the above-described problems and achieves the object is an image forming apparatus that permits execution of a predetermined function through an authentication process for acquiring information stored in a portable storage medium and performing authentication. An operation unit having a plurality of input keys, identification information stored in the portable storage medium, and key operation designation information for designating key operation contents in the operation unit are acquired from the portable storage medium. An authentication information acquisition unit that performs authentication, an authentication condition in which the identification information and the key operation specification information are associated with each other, and function specification information in which the key operation specification information and a function that should be permitted to execute are associated with each other. an authentication condition storage unit stored, the authentication process with the key operation designation information and the authentication condition specified based during key operation results for definitive the operation section until the predetermined time passes since the start When the identification information acquired in response Tagged identification information and the authentication information obtaining unit match, execution of the key operation result function associated with the function designation information and key operation specifying information is specified based on Allows, when said key operation based on the result acquired by the authentication information acquiring unit and the identification information associated with the authentication condition and the key operation designation information identified identification information does not match, or the key operation An authentication unit that prohibits the use of the image forming apparatus when the identification information is not associated with the key operation designation information specified based on the result and the authentication condition .

The authentication apparatus of the present invention is a wired or wireless connection to the images forming apparatus, a portable storage preparative information stored in the medium obtained to a predetermined in the image forming apparatus through an authentication process for authenticating an authentication device that permits execution of the function, the operation unit and the key operation designation information for designating the key operation contents of the portable storage medium identification information stored in the in the operating unit having an input key for multiple An authentication information acquisition unit for acquiring information from the portable storage medium, an authentication condition in which the identification information and the key operation designation information are associated with each other, and the key operation designation information and the image formation to be permitted to be executed an authentication condition storage unit which function designation information function and are associated with each other in the device is stored, based on the key operation result between definitive the operating portion of the from the authentication processing is started until a predetermined time has elapsed When the identification information acquired by the associated identification information in the authentication condition and the key operation designation information to be constant the authentication information acquiring unit are matched, and the key operation specifying information is specified based on the key operation result the function sends an execution permission command functions associated with the specified information to the image forming apparatus, wherein the associated identification information in the authentication condition and the key operation specifying information is specified based on the key operation result authentication when the acquired identification information in the information acquisition unit does not match, or when the identification information in the authentication condition and the key operation specifying information is specified based on the key operation result is not associated with the use of the image forming apparatus And an authentication unit that sends a use disapproval instruction that disallows to the image forming apparatus.

The program of the present invention includes an operation unit having a plurality of input keys and an authentication information acquisition unit for acquiring information stored in the portable storage medium, and stores information in the portable storage medium. The identification information stored in the portable storage medium and the key operation content at the operation unit are specified in the computer that controls the image forming apparatus that permits the execution of the predetermined function through the authentication process for acquiring and authenticating A key operation designation information to be acquired from the portable storage medium by the authentication information acquisition unit, an authentication condition in which the identification information and the key operation designation information are associated with each other, and the key operation designation information from the function designation information function and should be allowed to run are associated with each other previously stored authentication condition storage unit, and a function of reading and the function designation information and the authentication condition, the certification In the key operation result key operation specifying information is specified based on and the identification information associated with the authentication condition the authentication information acquiring section between definitive the operation section until the elapse of the predetermined from the process is the start time when the acquired identification information match, permit the execution of the key operation result to the function associated with the function designation information and key operation designation information specified based, it is specified based on the key operation result that when key operation specifying information and said identification information associated with the authentication condition and the obtained identification information in the authentication information obtaining unit does not match, or the key operation specifying information is specified based on the key operation result When the identification information is not associated with the authentication condition, the function of disabling the use of the image forming apparatus is realized.

Another program of the present invention includes an authentication device having an operation unit having a plurality of input keys and an authentication information acquisition unit for acquiring information stored in a portable storage medium, and wired to the authentication device. and an image forming apparatus connected or wirelessly connected, the execution of the predetermined function of the portable storage medium information stored in the in the image forming apparatus through the acquisition to the authentication process for authenticating by the authenticating device A function of acquiring, from the portable storage medium, identification information stored in the portable storage medium and key operation designation information for designating key operation contents in the operation unit in a computer that controls the permitted image forming system; , The authentication condition in which the identification information and the key operation designation information are associated with each other, and the key operation designation information and the function of the image forming apparatus that should be permitted to correspond to each other From vignetting function designation information pre-stored authentication condition storage unit, the authentication condition and the function designation information and the function of reading, the authentication process is definitive between from the start until a predetermined time elapses the operating unit When the key operation designation information specified based on the key operation result at the time, the identification information associated with the authentication condition, and the identification information acquired by the authentication information acquisition unit match, based on the key operation result sends an execution permission command functions associated with the function designation information and key operation designation information specified in the image forming apparatus, corresponding with the key operation specifying information is specified based on the key operation result and the authentication condition when Tagged identification information and the acquired identification information with the authentication information obtaining unit does not match, or the key operation designation information before and specified based on the key operation result When the identification information in the authentication condition is not associated with, to realize a function for sending to the image forming apparatus to use prohibition command to disallow use of the image forming apparatus.

In the image forming apparatus , the authentication apparatus, the image forming system , and the program according to the present invention, even when the identification information of each of the general user and the administrator is stored in one portable storage medium, the key operation is performed by the general user and the administrator. If the contents are differentiated in advance, authentication can be performed without displaying a guide screen for requesting whether to authenticate as a general user or as an administrator. For this reason, compared with the case where the above guide screen is displayed at the time of authentication, the risk that the owner of the portable storage medium is a person having the authority as an administrator can be reduced. it can.

FIG. 1 is a functional block diagram schematically showing the image forming apparatus according to the first embodiment of the present invention. FIG. 2 is a conceptual diagram showing an example of information stored in the portable storage medium shown in FIG. FIG. 3 is a plan view schematically showing an operation panel unit in the image forming apparatus shown in FIG. FIG. 4 is a functional block diagram schematically showing a control unit in the image forming apparatus shown in FIG. FIG. 5 is a sequence diagram schematically showing an example of authentication processing by the image forming apparatus shown in FIG. FIG. 6 is a sequence diagram schematically showing another example of the authentication process by the image forming apparatus shown in FIG. FIG. 7 is a sequence diagram schematically showing still another example of the authentication processing by the image forming apparatus shown in FIG. FIG. 8 is a conceptual diagram showing another example of information stored in the portable storage medium shown in FIG. FIG. 9 is a sequence diagram schematically showing still another example of the authentication processing by the image forming apparatus shown in FIG. FIG. 10 is a functional block diagram schematically showing an example of the image forming system of the present invention.

  Hereinafter, embodiments of an image forming apparatus, an image forming system, and a program according to the present invention will be described in detail with reference to the drawings.

(First embodiment)
FIG. 1 is a functional block diagram schematically showing the image forming apparatus according to the first embodiment of the present invention. An image forming apparatus 1A shown in FIG. 1 is a multi-function machine having a plurality of image forming functions realized by a plurality of application functions, specifically, a network printer function, a copier function, and a facsimile function. The image forming apparatus 1A includes an operation panel unit 11, a scanner unit 12, a copy unit 13, a transmission / reception unit 14, a control unit 15, a main storage unit 16, an auxiliary storage unit 17, and an authentication information acquisition unit 18. The image forming apparatus 1A also includes a plurality of portable storage media 2 in which information for authentication is stored. However, each portable storage medium 2 is held by the user of the image forming apparatus 1A.

  The operation panel unit 11 includes an instruction signal, setting information related to the execution contents of the setting change function of the image forming apparatus 1A (hereinafter referred to as setting change information), and setting information related to the execution conditions of the application function (hereinafter referred to as job setting information). ) Etc. for the user to input directly. Therefore, the operation panel unit 11 is configured by using an operation unit 111 having a transparent patch panel, a plurality of button keys, and the like, and a flat display panel such as a liquid crystal display panel, and displays a predetermined input screen, various messages, and the like. And a display unit 112 for displaying. Setting change information input from the operation panel unit 11 is stored in the main storage unit 16, and job setting information is stored in the auxiliary storage unit 17.

  The scanner unit 12 includes an image reading unit (not shown) having a linear image sensor, for example. The scanner unit 12 may include an auto seed feeder (not shown) that conveys the document at a constant speed so that the image reading unit reads the document, if necessary. The scanner unit 12 operates under the control of the control unit 15 to form each of image data of a document to be printed, image data of a document to be stored in a document, and image data of a document to be transmitted by facsimile. it can. The image data formed by the scanner unit 12 is stored in the auxiliary storage unit 17.

  The copy unit 13 includes, for example, a photosensitive drum on which an electrostatic latent image is formed, a latent image forming unit that forms an electrostatic latent image on the photosensitive drum, and a toner supply unit that supplies toner onto the photosensitive drum. A printing paper feed unit, a predetermined number of paper discharge trays for placing printed products in a set (unit), and a transport unit for transporting the printed products onto the paper discharge table (both not shown) Z). Instead of the photosensitive drum, the latent image forming unit, and the toner supply unit, at least one inkjet nozzle and an ink supply unit that supplies ink to the nozzle may be included. The copying unit 13 operates under the control of the control unit 15 and performs printing based on the image data stored in the auxiliary storage unit 17 and job setting information for specifying printing conditions.

  The transmission / reception unit 14 is connected to a computer network and receives image data of a document to be printed by the copy unit 13 and job setting information for specifying the printing conditions, facsimile transmission, facsimile reception, and the like. The transmission / reception unit 14 operates under the control of the control unit 15.

  The control unit 15 is based on control information stored in the main storage unit 16, control information such as setting change information, job setting information input from the operation unit 111, job setting information received by the transmission / reception unit 114, and the like. The operation of the display unit 112, the scanner unit 12, the copy unit 13, and the transmission / reception unit 14 is controlled. The operation of the authentication information acquisition unit 18 is also controlled. Furthermore, an authentication process is performed.

  The main memory unit 16 is configured by using a semiconductor memory element such as a RAM (Random Access Memory) and a ROM (including a rewritable type). The main storage unit 16 includes a control information storage unit 161 that stores control information that defines the operation of the control unit 15 and control information such as setting change information, and an authentication condition storage unit 162 that stores authentication conditions and the like. Have.

  The auxiliary storage unit 17 is configured using, for example, a hard disk drive. The auxiliary storage unit 17 stores job setting information input from the operation unit 111, image data formed by the scanner unit 12, image data received by the transmission / reception unit 14, job setting information received by the transmission / reception unit 14, and the like. The

  The authentication information acquisition unit 18 is configured using, for example, a contact type or non-contact type card reader. The authentication information acquisition unit 18 operates under the control of the control unit 15, reads information stored in the portable storage medium 2, and sends the information to the control unit 15. For example, an IC card or a magnetic card is used as the portable storage medium 2.

  In the image forming apparatus 1A including the above-described components, when the authenticity of the user is confirmed by the authentication process, a predetermined application function or setting change function can be executed. Since the image forming apparatus 1A is characterized by the above-described authentication processing, the authentication processing will be described in detail below with reference to FIGS.

  FIG. 2 is a conceptual diagram showing an example of information stored in the portable storage medium 2 shown in FIG. As shown in FIG. 2, the portable storage medium 2 includes a “card ID” as card identification information 21 indicating that the portable storage medium 2 is a storage medium used for authentication in the image forming apparatus 1A. Account information 22 and 23 set in advance for each user type are stored.

  The account information 22 is account information for general users. The account information 22 includes a “login user ID” as the user information 22a, a “login password” as the password 22b, and a user performs at the authentication unit 111 at the time of authentication. Information of each “selection operation button”, which is key operation designation information 22c for designating the key operation content to be performed, is included. Further, the account information 23 is account information for an administrator, and the account information 23 includes a “login user ID” as user information 23a and a password 23b for each user, as with the account information 22 described above. Each information of “login password” and “selection operation button” which is key operation designation information 23c is included.

  The user information 22a, 23a and the passwords 22b, 23b can be set for each user or can be set for each user type. User types can be broadly classified into “general users” and “managers”, and “general users” and “managers” can be subdivided as necessary. Hereinafter, the card identification information 21, the user information 22a and 23a, and the passwords 22b and 23b are collectively referred to as “identification information”.

  The key operation designation information 22c and 23c can be arbitrarily set for each of one or a plurality of functions to which the use authority is given to the holder of the portable storage medium 2. For example, key code information corresponding to a predetermined number of key operations in the operation unit 111 is used as the key operation designation information 22c and 23c.

  Since the two types of account information 22 and 23 are stored in the portable storage medium 2, the owner of the portable storage medium 2 performs a predetermined key operation corresponding to the key operation designation information 22c and 23c at the time of authentication. By doing so, a predetermined application function of the image forming apparatus 1A can be executed as a general user, and a setting change function of the image forming apparatus 1A can be executed as an administrator.

  Here, the key operation corresponding to the key operation designation information 22c, 23c will be specifically described with reference to FIG. The “key operation” in the present invention is not limited to the operation of the button keys, but includes the operation of keys set on the transparent touch panel according to the content of the input screen displayed on the display unit. A key to be operated is called an input key.

  FIG. 3 is a plan view schematically showing the operation panel unit 11 in the image forming apparatus 1A shown in FIG. As shown in FIG. 3, the operation panel unit 11 has a numeric keypad 111a composed of numeric keys 0 to 9, a “#” key and a “./*” key, and an application function to be executed. A function selection key group 111b is provided, and the function selection key group 111b includes function selection keys FK for copy, fax (facsimile), printer, and scanner. Further, the operation panel unit 11 includes a clear / stop key 111c for instructing to stop or interrupt the operation of the application function, a start key 111d for instructing to start the operation of the application function, clearing of setting information, and an image forming apparatus. A reset / preheat key 111e for instructing preheating of 1A, an initial setting key 111f for performing initial setting of the image forming apparatus 1A, and a logout key 111g for instructing logout by the user are also provided. These keys are all button keys, and each key is distributed around the display unit 112 to constitute the operation unit 111.

  Since the key operation designation information 22c shown in FIG. 2 is “non-set”, when the owner of the portable storage medium 2 executes a predetermined application function of the image forming apparatus 1A as a general user, for example, a copy function, Any key in section 111 must not be pressed during authentication. Since the key operation designation information 23c is “#”, when the owner of the portable storage medium 2 executes the setting change function of the image forming apparatus 1A as an administrator, the “#” key in the operation unit 111 is pressed. Must be pressed during authentication.

  In the authentication condition storage unit 162 of the image forming apparatus 1A, an authentication condition in which the above-described identification information and key operation designation information are associated with each other, and key operation designation information and a function that should be permitted to be associated with each other are associated with each other. Function specification information is stored. The control unit 15 is based on the identification information and key operation designation information acquired by the authentication information acquisition unit 18, the authentication conditions and function designation information stored in the authentication condition storage unit 162, and the key operation result on the operation panel unit 11. Perform authentication processing.

  Specifically, when the identification information associated with the key operation designation information specified based on the key operation result on the operation panel unit 11 matches the identification information acquired by the authentication information acquisition unit 18, The control unit 15 permits the execution of the function associated with the key operation designation information specified based on the operation result. On the other hand, when the identification information associated with the key operation designation information specified based on the key operation result on the operation panel unit 11 and the identification information acquired by the authentication information acquisition unit 18 do not match, or the operation panel unit 11 does not permit the use of the image forming apparatus 1A when the identification information is not associated with the key operation designation information specified based on the key operation result at 11.

  The control unit 15 has various processing units or control units as shown in FIG. 4 in order to realize each application function and setting change function, and to realize the above-described authentication processing.

  FIG. 4 is a functional block diagram schematically showing a control unit in the image forming apparatus 1A shown in FIG. As illustrated in FIG. 4, the control unit 15 includes an input information processing unit 151, an application function control unit 152, a setting change control unit 153, a display control unit 154, a transmission / reception control unit 155, and an authentication processing control unit 156.

  The input information processing unit 151 includes an instruction signal, job setting information, and function change setting information input from the operation panel unit 11 (see FIG. 1), and an instruction signal, job setting information, and function change received by the transmission / reception unit 14. Setting information or the like is distributed to a predetermined unit in the control unit 15 according to the content and type. Specifically, the instruction signal and job setting information related to the application function of the image forming apparatus 1A are distributed to the application function control unit 152, and the instruction signal and function change setting information related to the setting change function in the image forming apparatus 1A are set change. Assign to the control unit 153. In addition, instruction signals and information related to image display on the display unit 112 are distributed to the display control unit 154, and key code information generated by key operation of the operation panel unit 11 at the time of authentication is distributed to the authentication processing control unit 156.

  The application function control unit 152 controls the operation of the scanner unit 12, the copy unit 13, or the transmission / reception unit 14 based on an instruction signal or job setting information input from the operation panel unit 11. The setting change control unit 153 relates to information related to application functions in the control information storage unit 161 (see FIG. 1) and settings of the device main body based on the instruction signal and function change setting information input from the operation panel unit 11. Update information. The display control unit 154 controls the operation of the display unit 112 (see FIG. 1) based on the instruction signal and job setting information input from the operation panel unit 11 or according to the instruction signal from the authentication processing control unit 156. To do. The transmission / reception processing unit 155 controls the operation of the transmission / reception unit 14.

  The authentication processing control unit 156 controls the operation of the authentication information acquisition unit 18, and also includes identification information and key operation designation information acquired from the portable storage medium 2 by the authentication information acquisition unit 18, and key operations on the operation panel unit 11. The authentication process described above is performed based on the key code information generated by the input information processing unit 151 and the authentication condition and function designation information stored in the authentication condition storage unit 162 (see FIG. 1). . In order to perform operation control and authentication processing of the authentication information acquisition unit 18, the authentication processing control unit 156 includes an authentication information acquisition control unit 156a and an authentication unit 156b. The authentication information acquisition control unit 156a acquires the identification information and the key operation designation information from the portable storage medium 2 by controlling the operation of the authentication information acquisition unit 18, and sends these pieces of information to the authentication unit 156b. The authentication unit 156b controls the operation of the authentication information acquisition control unit 156a and performs an authentication process. Hereinafter, the authentication process in the image forming apparatus 1A will be specifically described with reference to FIGS.

  FIG. 5 is a sequence diagram schematically showing an example of authentication processing by the image forming apparatus 1A shown in FIG. In the sequence shown in FIG. 5, when the image forming apparatus 1 </ b> A is turned on or a logout signal indicating that the logout key 111 g (see FIG. 3) is pressed is received from the input information processing unit 151 to the authentication processing control unit 156. It is started when it is distributed to (see FIG. 4). In the following description relating to the sequence, it is assumed that the portable storage medium 2 is an IC card and the authentication information acquisition unit 18 is a non-contact card reader. In addition, key operation guidance that guides the user to perform key operations on the operation unit 111 with images and sounds during the authentication processing period is not performed.

  In the sequence shown in FIG. 5, first, the authentication unit 156b sends an operation start instruction signal Ss1 for instructing operation start to the authentication information acquisition control unit 156a, and a message display for instructing display of a predetermined guide message on the display unit 112. The authentication unit 156b sends the instruction signal Sm1 to the display control unit 154. The authentication information acquisition control unit 156a that has received the operation start instruction signal Ss1 sends an operation start command Cs to the authentication information acquisition unit 18, and the authentication information acquisition unit 18 that has received this operation start command Cs has detected whether an IC card has been detected. The IC card monitoring step S1 for determining whether or not is started. The display control unit 154 that has received the message display instruction signal Sm1 sends a display command Cd1 of a predetermined guide message to the display unit 112, and the display unit 112 that has received the display command Cd1 receives the IC card from the authentication information acquisition unit. A guide message Gm1 that prompts the user to hold the screen 18 is displayed.

  When the user holds the IC card over the authentication information acquisition unit 18, the authentication information acquisition unit 18 detects the IC card. The authentication information acquisition unit 18 that has detected the IC card sends a detection signal Sd indicating the detection of the IC card to the authentication information acquisition control unit 156a, and the authentication information acquisition control 156a that has received the detection signal Sd A reading command Cr for instructing reading of the identification information and all key operation designation information is sent to the authentication information acquisition unit 18. Upon receiving the read command Cr, the authentication information acquisition unit 18 reads all identification information Wid and all key operation designation information Wik from the IC card, and sends these information Wid and Wik to the authentication information acquisition control unit 156a. Upon receiving the information Wid and Wik, the authentication information acquisition control unit 156a stores the information Wid and Wik in the auxiliary storage unit 17 (see FIG. 1) and authenticates the authentication processing start request Ra for requesting the start of the authentication processing. Send to section 156b.

  Upon receiving the authentication processing start request Ra, the authentication unit 156b sends a message display instruction signal Sm2 for instructing display of a predetermined guide message on the display unit 112 to the display control unit 154. Further, the authentication information acquisition control unit 156a receives an identification information extraction request Rs1 for requesting extraction of identification information corresponding to the key operation result in the operation unit 111 performed between the start of the authentication processing sequence and the elapse of a predetermined time. send.

  The display control unit 154 that has received the message display instruction signal Sm2 sends a display command Cd2 of a predetermined message to the display unit 112, and the display unit 112 that has received this display command Cd2 notifies the user that authentication processing is being performed. The guide message Gm2 to be displayed is displayed.

  Further, the authentication information acquisition control unit 156a that has received the identification information extraction request Rs1 extracts the identification information Id1 corresponding to the key operation result in the operation unit 111 from the information Wid and Wik stored in the auxiliary storage unit 17. The identification information extraction step S2a is performed, and the extracted identification information is sent to the authentication unit 156b. Here, it is assumed that there is no key operation on the operation unit 111 from the start of the authentication processing sequence until a predetermined time has elapsed. Therefore, the authentication information acquisition control unit 156a extracts the identification information when there is no key operation from all the identification information Wid stored in the auxiliary storage unit 17 and sends it to the authentication unit 156b. That is, the “card ID” as the card identification information 21 shown in FIG. 2, the “login user ID” as the user information 22a, and the “login password” as the password 22b are extracted and used as the identification information Id1. The data is sent to the authentication unit 156b. The identification information Id1 corresponds to identification information for general users.

  Upon receiving the identification information Id1, the authentication unit 156b reads out the authentication condition when no key operation is performed on the operation unit 111 during authentication from the authentication conditions stored in the authentication condition storage unit 162 (see FIG. 1). An authentication processing step S3a for comparing the identification information in the authentication condition with the identification information Id1 is performed. In addition, based on the comparison result in the authentication processing step S3a, a determination step S4a for determining whether or not the authentication is successful is performed.

  When it is determined in the determination step S4a that the authentication has not been successful, that is, when the identification information in the above-described authentication condition does not match the identification information Id1, the authentication unit 156b displays a predetermined guide message on the display unit 112. Is sent to the display control unit 154. Upon receiving the message display instruction signal Sm3, the display control unit 154 sends a display command Cd3 for a predetermined message to the display unit 112, and the display unit 112 that has received the display command Cd3 notifies the user that the authentication has failed. After the guide message Gm3 is displayed for a predetermined time, the above-described guide message Gm1 is displayed again.

  On the other hand, when it is determined in the determination step S4a that the authentication is successful, that is, when the identification information in the authentication condition matches the identification information Id1, the authentication unit 156b is stored in the authentication condition storage unit 162. A function that should be allowed to be executed when there is no key operation on the operation unit 111 at the time of authentication is extracted from the function designation information, and an operation start instruction signal for instructing the operation start of the function is transmitted. Specifically, an operation start instruction signal Ss2 for instructing the operation start of the copy function is sent to the application function control unit 152. In addition, an operation stop instruction signal Se instructing to stop the operation of the authentication information acquisition unit 18 is sent to the authentication information acquisition control unit 156a. Further, a message display instruction signal Sm4 for instructing display of a predetermined guide message on the display unit 112 is sent to the display control unit 154.

  Upon receiving the operation start instruction signal Ss2, the application function control unit 152 performs an activation process step S5 for activating the application function corresponding to the identification information Id1 that has been successfully authenticated. Specifically, an activation process step for activating the copy function is performed. The authentication information acquisition control unit 156a that has received the operation stop instruction signal Se sends an operation stop command Ce to the authentication information acquisition unit 18, and the authentication information acquisition unit 18 that has received this operation stop command Ce detects the IC card. A monitoring end processing step S6 is performed to end the operation. Upon receiving the message display instruction signal Sm4, the display control unit 154 sends a display command Cd4 for a predetermined message to the display unit 112, and the display unit 112 that has received this display command Cd4 can execute the copy function. A guide message Gm4 that informs the user of this fact is displayed.

  Next, another example of authentication processing by the image forming apparatus 1A will be described in detail with reference to FIG. FIG. 6 is a sequence diagram schematically showing another example of the authentication processing by the image forming apparatus 1A shown in FIG. Among the signals, commands, requests, steps, and components of the image forming apparatus shown in FIG. 6, those common to the signals, commands, requests, steps, or components shown in FIG. 5 are used in FIG. The same reference numerals as those used will be given, and the description thereof will be omitted.

  In the sequence shown in FIG. 6, the # key is operated by the operation unit 111 from the start of the sequence until a predetermined time elapses, and the # key code information is transmitted by the operation unit 111. Step S10 is performed. Note that there is no key operation guide for guiding the operation of the # key to the user with images and sounds.

  The key code information I # sent from the operation unit 111 is sent to the authentication unit 156b via the input information processing unit 151 (see FIG. 4). Upon receipt of the key code information I #, the authentication unit 156b requests extraction of identification information corresponding to the key operation result indicating that the # key has been operated when the authentication processing start request Ra is received from the authentication information acquisition control unit 156a. The identification information extraction request Rs11 is sent to the authentication information acquisition control unit 156a.

  Upon receiving the authentication information extraction request Rs11, the authentication information acquisition control unit 156a extracts the identification information corresponding to the key operation result in the operation unit 111 from the information Wid and Wik stored in the auxiliary storage unit 17. Step S2b is performed, and the extracted identification information Id11 is sent to the authentication unit 156b. Since the # key has been operated on the operation unit 111, the authentication information acquisition control unit 156 a selects “card ID” as the card identification information 21 shown in FIG. 2 from all the identification information Wid stored in the auxiliary storage unit 17. Each of the “login user ID” as the user information 23a and the “login password” that is the password 23b is extracted and sent to the authentication unit 156b as the identification information Id11. The identification information Id11 corresponds to identification information for an administrator.

  Upon receiving the identification information Id11, the authentication unit 156b reads out the authentication condition when the # key is operated by the operation unit 111 during authentication from the authentication conditions stored in the authentication condition storage unit 162 (see FIG. 1). Authentication processing step S3b for comparing the identification information in the authentication condition with the identification information Id11 is performed. In addition, based on the comparison result in the authentication processing step S3b, a determination step S4b for determining whether or not the authentication is successful is performed.

  When it is determined in the determination step S4b that the authentication is successful, that is, when the identification information in the authentication condition matches the identification information Id11, the authentication unit 156b specifies the function stored in the authentication condition storage unit 162 From the information, a function that should be allowed to be executed when the # key is operated by the operation unit 111 at the time of authentication is extracted, and an operation start instruction signal for instructing an operation start of the function is transmitted. Specifically, an operation start instruction signal Ss11 for instructing the setting change control unit 153 to start the operation of the setting change function is sent. In addition, the authentication unit 156b sends an operation stop instruction signal Se instructing to stop the operation of the authentication information acquisition unit 18 to the authentication information acquisition control unit 156a. Further, a message display instruction signal Sm11 for instructing display of a predetermined guide message on the display unit 112 is sent to the display control unit 154.

  Receiving the operation start instruction signal Ss11, the setting change control unit 153 performs an activation process step S11 that activates the setting change function. The authentication information acquisition control unit 156a that has received the operation stop instruction signal Se sends an operation stop command Ce to the authentication information acquisition unit 18, and the authentication information acquisition unit 18 that has received this operation stop command Ce detects the IC card. A monitoring end processing step S6 is performed to end the operation. Upon receiving the message display instruction signal Sm11, the display control unit 154 sends a display instruction Cd11 for a predetermined message to the display unit 112, and the display unit 112 that has received this display command Cd11 can execute the setting change function. A guide message for notifying the user of the fact, for example, a guide message Gm11 for notifying the transition to the administrator mode is displayed.

  Next, still another example of the authentication process by the image forming apparatus 1A will be described in detail with reference to FIG. FIG. 7 is a sequence diagram schematically showing still another example of the authentication processing by the image forming apparatus 1A shown in FIG. Of the signals, commands, requests, steps, and components of the image forming apparatus shown in FIG. 7, those common to the signals, commands, requests, steps, or components shown in FIG. 5 are used in FIG. The same reference numerals as those used will be given, and the description thereof will be omitted.

  In the sequence shown in FIG. 7, the copy key code information sending step in which the copy key is operated by the operation unit 111 and the key code information Ic of the copy key is sent by the operation unit 111 from the start of the sequence until a predetermined time elapses. S12 is performed. The key code information Ic sent from the operation unit 111 is sent to the authentication unit 156b via the input information processing unit 151 (see FIG. 4). The authentication unit 156b that has received the key code information Ic, when receiving the authentication processing start request Ra from the authentication information acquisition control unit 156a, identifies that the identification information corresponding to the key operation result that the copy key has been operated is extracted. An information extraction request Rs12 is sent to the authentication information acquisition control unit 156a.

  Upon receiving the identification information extraction request Rs12, the authentication information acquisition control unit 156a extracts, from the information Wid and Wik stored in the auxiliary storage unit 17, identification information when the copy key is operated by the operation unit 111 during authentication. An identification information extraction step S2c is performed. However, since the identification information corresponding to the copy key operation is not included in the information Wid and Wik, an extraction failure signal Sf indicating that the extraction of the identification information has failed is sent to the authentication unit 156b.

  Upon receiving the extraction failure signal Sf, the authentication unit 156b sends a message display instruction signal Sm12 for instructing display of a predetermined guide message on the display unit 112 to the display control unit 154, and receives the message display instruction signal Sm12. 154 sends a display instruction Cd12 of a predetermined message to the display unit 112. The display unit 112 that has received the display command Cd12 displays the guide message Gm12 for notifying the user that the authentication information has not been acquired for a predetermined time, and then redisplays the above-described guide message Gm1.

  In the authentication processing control unit 156 that performs the above-described authentication processing, the authentication information acquisition control unit 156a and the authentication unit 156b are realized by one or a plurality of computers. The program executed by the authentication processing control unit 156 has a module configuration corresponding to each of the authentication information acquisition control unit 156a and the authentication unit 156b. As actual hardware, at least one processor stores control information. The program is read from the unit 161 (see FIG. 1) and executed. As a result, each of the authentication information acquisition control unit 156a and the authentication unit 156b is loaded and generated on a storage device such as the main storage unit 16 (see FIG. 1).

  In the image forming apparatus 1A that performs the authentication process by the authentication process control unit 15, even when the identification information of each of the general user and the administrator is stored in one portable storage medium 2, the general user and the administrator can perform authentication. By making the contents of the key operations different in advance, authentication can be performed without displaying on the display unit 112 a guide screen for requesting whether to authenticate as a general user or as an administrator. For this reason, compared with the case where the above guide screen is displayed on the display unit 112 at the time of authentication, there is a risk that the owner of the portable storage medium 2 is a person who has authority as an administrator. Can be reduced.

  Further, only for the authority to use the setting change function for which it is desired to set information security at a high level, a predetermined key operation is requested at the time of authentication. Therefore, the general user executes the function of the image forming apparatus 1A with a simple operation procedure. It is possible. Further, for example, key operations to be performed at the time of authentication can be set for each user type. Therefore, even when the image forming apparatus 1A is shared by many users, it should be stored in the authentication condition storage unit 162 (see FIG. 1). The amount of information can be made relatively small, and as a result, information security can be set to a high level with relatively little effort.

(Second Embodiment)
The image forming apparatus of the present invention can be configured to require key operation on the operation panel unit at the time of authentication of each of a general user and an administrator.

  FIG. 8 is a conceptual diagram showing another example of information stored in the portable storage medium 2 shown in FIG. As shown in FIG. 8, the portable storage medium 2 can store “authorization selection code” information as the key operation designation information 22c and 23c. The “authorization selection code” information is information for designating the pressing order of a plurality of keys on the operation unit 111 (see FIG. 1), and is set for each function for which execution permission is requested or for each user type. The authentication process when the “authorization selection code” information is stored in the portable storage medium 2 is performed in the same sequence as that shown in FIGS. 5 to 7 except that the key operation required at the time of authentication is different. Is called.

  FIG. 9 is a sequence diagram schematically showing still another example of the authentication process by the image forming apparatus 1A shown in FIG. Of the signals, commands, requests, steps, and components of the image forming apparatus shown in FIG. 9, those common to the signals, commands, requests, steps, or components shown in FIG. 5 are used in FIG. The same reference numerals as those used will be given, and the description thereof will be omitted.

  In the sequence shown in FIG. 9, the numeric keys “3”, “4”, “2”, and “5” are operated in this order on the operation unit 111 from the start of the sequence until a predetermined time elapses. The numeric key code information sending step S20 in which the operation unit 111 sends the key code information In of these numeric keys is performed. Note that no key operation guide is provided for guiding the operation and operation sequence of each numeric key to the user with images and sounds.

  The key code information In sent from the operation unit 111 is sent to the authentication unit 156b via the input information processing unit 151 (see FIG. 4). Upon receiving the key code information In, the authentication unit 156b receives the authentication process start request Ra from the authentication information acquisition control unit 156a, and receives the numeric keys “3”, “4”, “2”, and “5”. Are sent to the authentication information acquisition control unit 156a as an identification information extraction request Rs21 for extracting the identification information corresponding to the key operation result that is operated in this order.

  Upon receipt of the identification information extraction request Rs21, the authentication information acquisition control unit 156a extracts the identification information corresponding to the key operation result in the operation unit 111 from the information Wid and Wik stored in the auxiliary storage unit 17. Step S2d is performed, and the extracted identification information is sent to the authentication unit 156b. At this time, the authentication information acquisition control unit 156a extracts the identification information when the key operation is performed from all the identification information Wid stored in the auxiliary storage unit 17, and sends the identification information to the authentication unit 156b. That is, the “card ID” as the card identification information 21 shown in FIG. 8, the “login user ID” as the user information 22a, and the “login password” as the password 22b are extracted and used as the identification information Id21. The data is sent to the authentication unit 156b. The identification information Id21 is identification information for general users.

  Upon receiving the identification information Id21, the authentication unit 156b authenticates the authentication conditions when each of the numeric keys is operated by the operation unit 111 during authentication from among the authentication conditions stored in the authentication condition storage unit 162 (see FIG. 1). And authentication processing step S3d for comparing the identification information in the authentication condition with the identification information Id21 is performed. In addition, based on the comparison result in the authentication processing step S3d, a determination step S4d for determining whether or not the authentication is successful is performed.

  When it is determined in the determination step S4d that the authentication is successful, that is, when the identification information in the authentication condition matches the identification information Id21, the authentication unit 156b specifies the function specified in the authentication condition storage unit 162. From the information, an application function that should be allowed to be executed when each numeric key is operated by the operation unit 111 at the time of authentication is extracted, and an operation start instruction signal for instructing the operation start of the function is sent to the application function control unit 152. Send to. Specifically, an operation start instruction signal Ss21 for instructing operation start of all application functions is sent to the application function control unit 152. In addition, an operation stop instruction signal Se instructing to stop the operation of the authentication information acquisition unit 18 is sent to the authentication information acquisition control unit 156a. Further, a message display instruction signal Sm21 for instructing display of a predetermined guide message on the display unit 112 is sent to the display control unit 154.

  Upon receiving the operation start instruction signal Ss21, the application function control unit 152 performs an activation process step S21 for activating all application functions. The authentication information acquisition control unit 156a that has received the operation stop instruction signal Se sends an operation stop command Ce to the authentication information acquisition unit 18, and the authentication information acquisition unit 18 that has received this operation stop command Ce detects the IC card. A monitoring end processing step S6 is performed to end the operation. Upon receiving the message display instruction signal Sm21, the display control unit 154 sends a display command Cd21 of a predetermined message to the display unit 112, and the display unit 112 that has received this display command Cd11 can execute all application functions. A guide message Gm21 for notifying the user of the fact is displayed.

  When the numeric keys “5”, “6”, “7”, and “8” are operated in this order on the operation unit 111 during authentication, the “card” as the card identification information 21 shown in FIG. “ID”, “login user ID” as user information 23a, and “login password” as password 23b are extracted as identification information by authentication information acquisition control unit 156a and sent to authentication unit 156b. Since this identification information corresponds to the identification information for the administrator, execution of the setting change function is permitted. If a key operation other than those described above is performed during authentication, authentication fails.

  As described above, when the image forming apparatus is configured to require a key operation on the operation panel unit at the time of authentication of each of the general user and the administrator, the information security is higher than that of the image forming apparatus described in the first embodiment. Therefore, even if the portable storage medium 2 is picked up by a third party, the risk of misuse of the portable storage medium 2 is reduced.

(Third embodiment)
FIG. 10 is a functional block diagram schematically showing an example of the image forming system of the present invention. The image forming system 3 illustrated in FIG. 10 includes an image forming apparatus 1B and an authentication device 31. The image forming system 3 also includes a plurality of portable storage media 2 in which information for authentication is stored. However, each portable storage medium 2 is held by the user of the image forming system 3. The image forming apparatus 1B has a configuration in which the authentication information acquisition unit 18 and the authentication condition storage unit 162 are omitted from the image forming apparatus 1A illustrated in FIG. 1, and thus description of each component is omitted here.

  The authentication device 31 includes an operation panel unit 310, an authentication information acquisition unit 320, a transmission / reception unit 330, a control unit 340, and a storage unit 350. In addition, the operation panel unit 310 includes an operation unit 311 and a display unit 312. Among these components, the operation panel unit 310 and the authentication information acquisition unit 320 have the same configuration as the operation panel unit 11 or the authentication information acquisition unit 18 illustrated in FIG.

  The transmission / reception unit 330 is wired or wirelessly connected to the transmission / reception unit 14 of the image forming apparatus 1B, and transmits information acquired from the portable storage medium 2 and various instruction signals and commands according to the authentication result. . In the image forming system 3, the transmission / reception unit 330 and the transmission / reception unit 14 are wirelessly connected.

  The control unit 340 controls operations of the display unit 312, the authentication information acquisition unit 320, and the transmission / reception unit 330 based on a control program stored in the storage unit 350, information input from the operation unit 311, and the like. In order to perform this control, the control unit 340 includes an input information processing unit 341, a display control unit 342, an authentication processing control unit 343, and a transmission / reception control unit 344. In addition, the authentication processing control unit 343 includes an authentication information acquisition control unit 343a and an authentication unit 343b.

  The input information processing unit 341 distributes key code information generated by key operation of the operation panel unit 310 during authentication to the authentication processing control unit 343. The display control unit 342 controls the operation of the display unit 312 to display various guide messages on the display unit 312. The authentication process control unit 343 performs the same control as the authentication process control unit 156 shown in FIG. The authentication information acquisition control unit 343a performs control and processing similar to the authentication information acquisition control unit 156a illustrated in FIG. 4, and the authentication unit 343b performs control and processing similar to the authentication unit 156b illustrated in FIG. Then, the transmission / reception control unit 344 controls the operation of the transmission / reception unit 330.

  The memory | storage part 350 is comprised using semiconductor memory elements, such as RAM and ROM (a rewritable type is included), for example. The storage unit 350 includes a control information storage unit 351 that stores a control program that defines the operation of the control unit 340, and an authentication condition storage that stores the authentication condition and function designation information described in the first embodiment. Part 352.

  The authentication device 31 having the above-described components is stored in the information acquired by the authentication information acquisition unit 320 from the portable storage medium 2, the key operation result in the operation unit 311 at the time of authentication, and the authentication condition storage unit 352. Based on the authentication conditions and function designation information, the authentication process is performed in the same sequence as the sequence described in the first embodiment. Therefore, the technical effect similar to the technical effect described in the first embodiment or the technical effect described in the second embodiment is also obtained by the image forming system 3.

  In the authentication processing control unit 343 that performs the above-described authentication processing, the authentication information acquisition control unit 343a and the authentication unit 343b are realized by one or a plurality of computers. The program executed by the authentication processing control unit 343 has a module configuration corresponding to each of the authentication information acquisition control unit 343a and the authentication unit 343b. As actual hardware, at least one processor stores control information. The program is read from the unit 351 and executed. As a result, each of the authentication information acquisition control unit 343a and the authentication unit 343b is loaded and generated on a storage device such as the storage unit 350.

  The image forming apparatus, the image forming system, and the program of the present invention have been described with reference to the embodiment. However, the present invention is not limited to the above embodiment, and various modifications other than those described above. , Decoration, combination, etc. are possible. In particular, various modifications, decorations, combinations, and the like are possible for the configuration of the image forming apparatus and the authentication apparatus and the authentication processing sequence.

DESCRIPTION OF SYMBOLS 1A, 1B Image forming apparatus 11 Operation panel part 18 Authentication information acquisition part 156b Authentication part 162 Authentication condition memory | storage part 2 Portable storage medium 3 Image forming system 31 Authentication apparatus 310 Operation panel part 320 Authentication information acquisition part 343b Authentication part 352 Authentication conditions Memory

Japanese Patent No. 4194616

Claims (8)

An image forming apparatus that permits execution of a predetermined function through an authentication process for acquiring information stored in a portable storage medium and performing authentication,
An operation unit having a plurality of input keys;
An authentication information acquisition unit for acquiring identification information stored in the portable storage medium and key operation designation information for designating key operation contents in the operation unit from the portable storage medium;
An authentication condition storage unit in which authentication conditions in which the identification information and the key operation designation information are associated with each other, and function designation information in which the key operation designation information and a function to be permitted to execute are associated with each other are stored When,
The key operation designation information specified based on the key operation result in the operation unit from the start of the authentication process to the elapse of a predetermined time, the identification information associated with the authentication condition, and the authentication information acquisition when the acquired identification information is matched with parts permits the execution of the key operation result function associated with the function designation information and key operation designation information identified on the basis of, on the basis of the key operation result key operation designating information is specified based on the time and the identification information acquired by the associated identification information and the authentication information obtaining unit with the authentication condition and the key operation designation information specified does not match, or the key operation result And when the identification information is not associated with the authentication condition, an authentication unit that prohibits the use of the image forming apparatus,
An image forming apparatus comprising:   The image forming apparatus according to claim 1, wherein the key operation designation information is key code information corresponding to a predetermined key operation. The key operation designation information, the image forming apparatus according to claim 1, characterized in that it comprises an information indicating that none of the keys of the operation unit is not operated. A display for displaying an image;
A display control unit for controlling the operation of the display unit;
Further comprising
Wherein the display control unit, when the obtained identification information the associated identification information in the authentication condition and the key operation specifying information is specified based on the key operation results in the authentication information acquiring unit does not match, the authentication The image forming apparatus according to claim 1, wherein an image for informing the user that the image has failed is displayed on the display unit. An authentication apparatus that is wired or wirelessly connected to an image forming apparatus, and that permits execution of a predetermined function in the image forming apparatus through an authentication process that acquires and stores information stored in a portable storage medium. ,
An operation unit having a plurality of input keys;
An authentication information acquisition unit for acquiring identification information stored in the portable storage medium and key operation designation information for designating key operation contents in the operation unit from the portable storage medium;
Authentication conditions in which the identification information and the key operation designation information are associated with each other, and function designation information in which the key operation designation information and the function of the image forming apparatus to be permitted to execute are associated with each other are stored. An authentication condition storage unit,
The key operation designation information specified based on the key operation result in the operation unit from the start of the authentication process to the elapse of a predetermined time, the identification information associated with the authentication condition, and the authentication information acquisition When the identification information acquired by the unit matches, the key operation specifying information specified based on the key operation result and the function execution permission command associated with the function specifying information are sent to the image forming apparatus, Identified when the key operation designation information specified based on the key operation result and the identification information associated with the authentication condition do not match the identification information acquired by the authentication information acquisition unit, or based on the key operation result When the identification information is not associated with the key operation designation information to be used and the authentication condition, a use non-permission command for disabling use of the image forming apparatus is issued. An authentication unit for sending the forming apparatus,
An authentication device comprising: An authentication device according to claim 5;
The image forming apparatus;
An image forming system comprising: An authentication comprising an operation unit having a plurality of input keys and an authentication information acquisition unit for acquiring information stored in the portable storage medium, and performing authentication by acquiring information stored in the portable storage medium A computer that controls an image forming apparatus that permits execution of a predetermined function through processing,
A function of acquiring identification information stored in the portable storage medium and key operation designation information for designating key operation contents in the operation unit from the portable storage medium by the authentication information acquisition unit;
Authentication condition storage in which authentication conditions in which the identification information and the key operation designation information are associated with each other, and function designation information in which the key operation designation information and a function to be permitted to execute are associated with each other are stored in advance A function for reading out the authentication condition and the function designation information from the unit;
The key operation designation information specified based on the key operation result in the operation unit from the start of the authentication process to the elapse of a predetermined time, the identification information associated with the authentication condition, and the authentication information acquisition when the acquired identification information is matched with parts permits the execution of the key operation result function associated with the function designation information and key operation designation information identified on the basis of, on the basis of the key operation result key operation designating information is specified based on the time and the identification information acquired by the associated identification information and the authentication information obtaining unit with the authentication condition and the key operation designation information specified does not match, or the key operation result And when the identification information is not associated with the authentication condition, a function for disallowing the use of the image forming apparatus,
A program that realizes An operation unit having a plurality of input keys, an authentication apparatus having an authentication information acquisition unit for acquiring information stored in a portable storage medium, and an image forming apparatus connected to the authentication apparatus by wire or wireless connection provided, a computer for controlling an image forming system that allows execution of a predetermined function of the information stored in the portable storage medium by the image forming apparatus through the acquisition to the authentication process for authenticating by the authentication device,
A function of acquiring identification information stored in the portable storage medium and key operation designation information for designating key operation contents in the operation unit from the portable storage medium;
Authentication conditions in which the identification information and the key operation designation information are associated with each other, and function designation information in which the key operation designation information and the function of the image forming apparatus to be allowed to execute are associated with each other in advance. A function of reading out the authentication condition and the function designation information from the authentication condition storage unit,
The key operation designation information specified based on the key operation result in the operation unit from the start of the authentication process to the elapse of a predetermined time, the identification information associated with the authentication condition, and the authentication information acquisition when the acquired identification information match in part sends an execution permission command functions associated with the function designation information and key operation specifying information is specified based on the key operation result to the image forming apparatus, wherein Identified when the key operation designation information specified based on the key operation result and the identification information associated with the authentication condition do not match the identification information acquired by the authentication information acquisition unit , or based on the key operation result in the case where the identification information is not associated with the authentication condition and the key operation designation information, the image utilization prohibition command to disallow use of the image forming apparatus And a function to be sent to the forming apparatus,
A program that realizes

Images