JP5978857B2 - Information processing apparatus and program - Google Patents

Description

  The present invention relates to an information processing apparatus, an information processing server, an image processing apparatus, an information processing system, and a program.

  An individual comprising a mobile robot having a communication function and a plurality of authentication service providing servers connected to a network, and performing user authentication on the authentication service providing server based on the user's biometric information acquired by the mobile robot to identify the user In the authentication system, the mobile robot accumulates the authentication results from the authentication service providing server, calculates the evaluation value of the authentication result, and if the evaluation value falls below a preset reference threshold, A technique for switching is known (see, for example, Patent Document 1).

JP 2006-11650 A

  An object of the present invention is to increase the possibility of performing processing related to the introduction of an authentication method in accordance with the actual situation of operation in the own device.

The invention described in claim 1 includes definition information storage means for storing definition information defining an authentication method used for authentication of an operator for each of a plurality of operations performed by the own device, Based on the frequency at which one operation indicated by the frequency information stored in the frequency information storage means and frequency information storage means for storing frequency information indicating the frequency at which each of the plurality of operations has been performed, is performed, An evaluation unit that evaluates the introduction of each of a plurality of operators of one authentication method defined for the one operation in the definition information stored in the definition information storage unit, and an evaluation result by the evaluation unit If at least one of the plurality of operators satisfies a predetermined criterion as indicating that the one authentication method should be introduced, at least the operator And processing means for performing a process of generating introduction information is recommended to introduce the authentication method of the operator to the the one person, said processing means, the evaluation result by the evaluation means, the one to the own device A process of generating the introduction information that recommends that the one authentication method be introduced to the own device when a predetermined criterion relating to the plurality of operators that indicates that the authentication method should be introduced is satisfied. It is an information processing apparatus characterized by performing .
The invention described in claim 2 includes definition information storage means for storing definition information defining an authentication method used for authentication of an operator for each of a plurality of operations performed by the own device, Based on the frequency at which one operation indicated by the frequency information stored in the frequency information storage means and frequency information storage means for storing frequency information indicating the frequency at which each of the plurality of operations has been performed, is performed, Evaluation means for performing evaluation on holding of one authentication method defined for the one operation in the definition information stored in the definition information storage means, and processing means for performing processing based on an evaluation result by the evaluation means And when the evaluation result by the evaluation means satisfies a predetermined criterion indicating that the one authentication method should not be retained, the processing means An information processing apparatus characterized by generating information that recommends not holding the authentication method.
The invention according to claim 3 has a function of storing, in the definition information storage means, definition information defining an authentication method used for authentication of an operator for each of a plurality of operations performed by the own device in the computer. A function of storing frequency information indicating the frequency at which each of the plurality of operations has been performed by the own apparatus in the frequency information storage unit, and one operation indicated by the frequency information stored in the frequency information storage unit. A function for evaluating the introduction of each of a plurality of operators of one authentication method defined for the one operation in the definition information stored in the definition information storage unit based on evaluation results of ability to perform the evaluation, predetermined as indicating the fact to be introduced an authentication method to at least one operator among the plurality of operator criteria Functions when, the allowed and a function of performing a process of generating introduction information is recommended to introduce the authentication method the one to at least one operator, the function of performing the processing, to perform the evaluation satisfying When the evaluation result of the above satisfies the criteria related to the plurality of operators set in advance as indicating that the one authentication method should be introduced into the own device, the one authentication method is introduced into the own device. Is a program that performs a process of generating the introduction information that recommends .
According to a fourth aspect of the present invention, there is provided a function for storing definition information defining an authentication method used for authentication of an operator in a definition information storage means for each of a plurality of operations performed by the own device; The frequency information storage means stores frequency information indicating the frequency of each of the plurality of operations performed, and the frequency at which one operation indicated by the frequency information stored in the frequency information storage means is performed. Based on the evaluation result by the function for performing the evaluation on the retention of the one authentication method defined for the one operation in the definition information stored in the definition information storage unit, and the function for performing the evaluation A function that performs processing, and in the function that performs the processing, an evaluation result by the function that performs the evaluation is based on a predetermined basis indicating that the one authentication method should not be retained. If satisfying, an information processing apparatus characterized by generating information that recommends not holding the authentication method of the one.

According to the first aspect of the present invention, compared to the case where the present configuration is not provided, there is a higher possibility that it is possible to recommend that an authentication method in accordance with the actual situation of operation in the own device be introduced into the own device .
According to the third aspect of the present invention, it is possible to recommend that it is recommended to introduce an authentication method in line with the actual situation of the operation in the own device, as compared with the case where this configuration is not provided.

It is the figure which showed the structural example of the image processing apparatus with which embodiment of this invention is applied. It is the figure shown about the image processing system in 1st Embodiment. It is the figure which showed an example of the score increase / decrease definition used in 1st Embodiment. It is the figure which showed an example of the operation history used in 1st Embodiment. It is the figure which showed an example of the score information produced | generated in 1st Embodiment. It is the figure which showed an example of the screen which notifies recommendation information in 1st Embodiment. It is the figure which showed an example of the screen which notifies recommendation information in 1st Embodiment. It is a block diagram showing an example of functional composition of an image processing device in a 1st embodiment. It is the figure which showed the hardware structural example of the recommendation server in 1st Embodiment. It is the block diagram which showed the function structural example of the recommendation server in 1st Embodiment. 3 is a flowchart illustrating an operation example of the image processing apparatus according to the first embodiment. It is the flowchart which showed the operation example of the recommendation server in 1st Embodiment. It is the figure which showed an example of the score increase / decrease definition used in 2nd Embodiment. It is the figure which showed an example of the operation history used in 2nd Embodiment. It is the figure which showed an example of the score information produced | generated in 2nd Embodiment. It is the block diagram which showed the function structural example of the image processing apparatus in 2nd Embodiment. 10 is a flowchart illustrating an operation example of the image processing apparatus according to the second embodiment. It is the example which showed an example of a response | compatibility with the value which increases / decreases the score of each authentication method when the operation is performed.

Embodiments of the present invention will be described below in detail with reference to the accompanying drawings.
FIG. 1 is a diagram illustrating a hardware configuration example of an image processing apparatus 10 to which the exemplary embodiment is applied.
As illustrated, the image processing apparatus 10 includes a CPU (Central Processing Unit) 11, a RAM (Random Access Memory) 12, a ROM (Read Only Memory) 13, an HDD (Hard Disk Drive) 14, and an operation panel 15. An image reading unit 16, an image forming unit 17, and a communication interface (hereinafter referred to as “communication I / F”) 18.

The CPU 11 implements each function described later by loading various programs stored in the ROM 13 and the like into the RAM 12 and executing them.
The RAM 12 is a memory used as a working memory for the CPU 11.
The ROM 13 is a memory that stores various programs executed by the CPU 11.
The HDD 14 is, for example, a magnetic disk device that stores image data read by the image reading unit 16 and image data used for image formation in the image forming unit 17.
The operation panel 15 is, for example, a touch panel that displays various types of information and receives operation inputs from a user.

  The image reading unit 16 reads an image recorded on a recording medium such as paper. Here, the image reading unit 16 is, for example, a scanner, and a CCD method in which reflected light with respect to light irradiated from a light source to a document is reduced by a lens and received by a CCD (Charge Coupled Devices), or an LED light source is sequentially irradiated to a document It is preferable to use a CIS system in which reflected light with respect to the received light is received by a CIS (Contact Image Sensor).

The image forming unit 17 forms an image on a recording medium. Here, the image forming unit 17 is, for example, a printer, and forms an image by transferring the toner attached to the photosensitive member to a recording medium to form an image, or ejecting ink onto the recording medium. An ink jet type may be used.
The communication I / F 18 transmits / receives various information to / from other devices via the network.

By the way, such an image processing apparatus 10 may be shared by a plurality of users. In such a case, use of the image processing apparatus 10 is performed so that only an authorized user can use the image processing apparatus 10. In some cases, user authentication may be performed.
The authentication method in this user authentication includes knowledge authentication based on information that only the person can know, such as a password, property authentication based on the property of the person such as an IC card, There is biometric authentication based on physical characteristics. Further, from the viewpoint of a storage method of information to be collated with input information, there are local authentication in which information to be collated is stored in its own apparatus, LDAP authentication in which information to be collated is stored in a Lightweight Directory Access Protocol (LDAP) server, and the like. As described above, there are various authentication methods, but one authentication method is generally introduced into one image processing apparatus 10.

On the other hand, if an authentication method different from the already introduced authentication method is adopted, there may be a case where advantages as a whole such as reduction of operation steps are expected, but it is rare that individual users can recognize it.
An authentication method that is a merit for one user may be a demerit for another user, but it is not easy to switch authentication methods because there is no means for identifying the corresponding user. For example, a user who wants to perform LDAP authentication company-wide because a plurality of image processing apparatuses are used, and a user who has a greater disadvantage that the image processing apparatus cannot be used during maintenance of the LDAP server because only one image processing apparatus is used. May exist. There may be a user who wants to enter a PIN (Personal Identification Number) because a signature is used when sending an e-mail, and a user who does not want to enter a PIN because only copying is performed.
Further, changing or introducing the authentication method uniformly for the entire organization also imposes a burden on the switching of the authentication method in that the burden on the information registration work of the IC card for the administrator is large.

  Therefore, in the present embodiment, an authentication method that can be installed in the image processing apparatus 10 and an operation that is made efficient by performing the authentication method (for example, the operation amount is reduced by performing the authentication method). Operation) or an operation necessary for implementing the authentication method (for example, an operation that triggers the introduction of the authentication method), and a combination of the associated authentication method and operation Set the evaluation value. When an operation associated with a certain authentication method is performed, the recommendation score of the authentication method in the image processing apparatus 10 on which the operation is performed or the recommendation score of the authentication method for the user who performed the operation Is changed based on the evaluation value.

Further, when the recommendation score (hereinafter, simply referred to as “score”) of the authentication method is changed in this way, it is conceivable to perform the following processing based on the changed score.
(1) A process of presenting a combination of an authentication method whose score exceeds a threshold and the image processing apparatus 10 or the user to the administrator, and prompting the corresponding image processing apparatus 10 or user to introduce the authentication method.
(2) A process of selecting an authentication method with a high score among an authentication method for inputting a PIN and an authentication method for not inputting a PIN when a user performs authentication with an IC card.
In the following, a mode for performing the process (1) will be described as a first embodiment, and a mode for performing the process (2) will be described as a second embodiment.

[First Embodiment]
In the first embodiment, the image processing apparatus 10 currently verifies the user ID and password input from the operation panel 15 with the user ID and password stored in the own apparatus (hereinafter referred to as “local”). "Password authentication"). On the other hand, in addition to the local password authentication, the image processing apparatus 10 is input with an authentication method (hereinafter referred to as “IC card authentication”) by collating information recorded on the IC card with information stored in advance. It is possible to install an authentication method (hereinafter referred to as “LDAP authentication”) by comparing the stored information with the information stored in the LDAP server, and these authentication methods can be used together in the image processing apparatus 10. .

  In this situation, the first embodiment recommends that the image processing apparatus 10 introduce IC card authentication or LDAP authentication, or recommends that the user introduce IC card authentication or LDAP authentication. To do.

FIG. 2 is a diagram illustrating the image processing system according to the first embodiment.
As shown in the figure, this image processing system is configured by connecting image processing apparatuses 10 a and 10 b as an example of an information processing apparatus and a recommendation server 30 as an example of an information processing server via a network 80. Has been. Although the image processing apparatuses 10a and 10b are shown in the figure, they are referred to as the image processing apparatus 10 when it is not necessary to distinguish them. In the figure, two image processing apparatuses 10 are shown, but only one image processing apparatus 10 may be provided, or three or more image processing apparatuses 10 may be provided.

Here, each image processing apparatus 10 stores a user's operation history in association with a user ID, and this operation history is acquired by the recommendation server 30.
Further, it is assumed that IC card authentication can be introduced into each image processing apparatus 10 by connecting an IC card reader as described above.
Furthermore, as described above, it is assumed that LDAP authentication can be introduced into each image processing apparatus 10 by performing additional settings. When LDAP authentication is introduced, the mail address of each user can be acquired from the LDAP server and used.

  On the other hand, in the present embodiment, it is assumed that five users use this image processing system, as shown. Hereinafter, these five users will be described as user A, user B, user C, user D, and user E.

First, an outline of processing for recommending an authentication method in the first embodiment will be described. Here, the image processing apparatuses 10a and 10b are referred to as image processing apparatuses X and Y, respectively, and two types of operations for password processing and e-mail address input are considered as operations for the image processing apparatuses X and Y. To do.
When the image processing apparatuses X and Y are installed, first, a definition of a value to increase or decrease the score of each authentication method when an operation is performed on each image processing apparatus (hereinafter referred to as “score increase / decrease definition”). Set.
FIG. 3 is a diagram showing an example of such a score increase / decrease definition.
As shown in the figure, in this score increase / decrease definition, a value for increasing / decreasing the IC card authentication score and a value for increasing / decreasing the LDAP authentication score are defined for each operation. Specifically, since IC card authentication has the advantage of saving the trouble of inputting a user ID and password, it is defined that 1 is added to the IC card authentication score when a password is input as an operation. Further, since the mail address can be acquired from the LDAP server when the LDAP server is started for the LDAP authentication, it is defined that 1 is added to the LDAP authentication score when the mail address is input as an operation. .

In this state, when the image processing apparatuses X and Y operate for a certain period and the operation history of each user is accumulated, the recommendation server 30 acquires the operation history from the image processing apparatuses X and Y.
FIG. 4 is a diagram illustrating an example of an operation history acquired by the recommendation server 30. (A) shows the operation history acquired from the image processing apparatus X, and (b) shows the operation history acquired from the image processing apparatus Y. For example, it is shown that the user A has not entered a password or an email address in the image processing apparatus X, and has entered a password 30 times in the image processing apparatus Y, but has not entered a mail address. . In addition, it is shown that the user B has entered the password and the e-mail address five times in the image processing apparatus X, and the password has been entered 20 times in the image processing apparatus Y and the e-mail address has been entered five times. ing.

Next, the recommendation server 30 calculates a score for recommendation of the authentication method. Specifically, from the score increase / decrease definition shown in FIG. 3 and the operation history shown in FIGS. 4A and 4B, the score of each authentication method in the image processing device X and each score in the image processing device Y The score of the authentication method and the score of each authentication method in the image processing apparatuses X and Y are calculated.
FIG. 5 is a diagram showing an example of information indicating such a score (hereinafter referred to as “score information”). Here, the score information is a score table in a table format, but may be information in other formats.
In the figure, IC (X), IC (Y), and IC (X + Y) are the IC card authentication score in the image processing apparatus X, the IC card authentication score in the image processing apparatus Y, and the image processing apparatuses X and Y, respectively. IC card authentication score is shown. LDAP (X), LDAP (Y), and LDAP (X + Y) are respectively the LDAP authentication score in the image processing apparatus X, the LDAP authentication score in the image processing apparatus Y, and the LDAP authentication score in the image processing apparatuses X and Y. Shows the score.

After that, the recommendation server 30 generates information related to the recommendation of the authentication method (hereinafter referred to as “recommendation information”) based on the score information shown in FIG. Here, it is assumed that recommendation information indicating the priority order of recommendations is generated.
The priority of this recommendation can be considered as follows.
The first priority is a priority of an image processing apparatus to which a certain authentication method is to be introduced. This is determined by comparing the score of the authentication method for each image processing apparatus.
The second priority order is a priority order of users who should introduce a certain authentication method. This is determined by comparing the scores of that authentication scheme for each user.
The third priority order is a priority order of a combination of a user, an image processing apparatus, and an authentication method when each user uses each authentication method in each image processing apparatus. For example, a recommendation such as “IC card authentication should be introduced to the image processing apparatus X for the user A” corresponds. This is determined by comparing scores for each authentication method for each image processing apparatus for each user.

In the following, the generation of recommendation information indicating these priorities will be described by taking the first priority and the second priority among these three priorities as an example.
First, generation of recommendation information indicating the first priority will be described.
In the score information shown in FIG. 5, an IC card authentication score for each image processing apparatus and an LDAP authentication score for each image processing apparatus are shown in a thick solid line frame. Accordingly, the priority order of the image processing apparatus to which IC card authentication is to be introduced is the order of the image processing apparatus Y and the image processing apparatus X, and the priority order of the image processing apparatus to which LDAP authentication is to be introduced is the image processing apparatus. Recommendation information indicating that the device X and the image processing device Y are in this order is generated.

  FIG. 6 is a diagram showing an example of a screen for notifying the administrator of recommendation information generated in this way. Here, the threshold for recommending the authentication method is set to “30”. However, in actuality, considering the introduction cost of the IC card reader and the installation cost of the LDAP server, for example, the threshold for recommending IC card authentication is “50”, and the threshold for recommending LDAP authentication is “100”. It is preferable to change the threshold value.

  Here, although the recommendation information indicating the priority order is generated and notified for each authentication method, the recommendation information indicating the priority order may be generated and notified without distinguishing the authentication method. Specifically, IC card authentication is introduced into the image processing apparatus Y, IC card authentication is introduced into the image processing apparatus X, LDAP authentication is introduced into the image processing apparatus X, and LDAP authentication is introduced into the image processing apparatus Y. Recommendation information indicating that the priority is higher in the order of introduction may be generated and notified.

Next, generation of recommendation information indicating the second priority will be described.
In the score information shown in FIG. 5, the IC card authentication score for each user and the LDAP authentication score for each user are shown in a thick dashed frame. As a result, the priority order of users who should introduce IC card authentication is the order of user C, user D, user A, user B, and user E, and the priority order of users who should introduce LDAP authentication is Recommendation information indicating the order of C, user D, user B, users A and E (the priority order of user A and user E is the same) is generated.

  FIG. 7 is a diagram showing an example of a screen for notifying the administrator of recommendation information generated in this way. Here, the threshold for recommending the authentication method is set to “20”.

Next, the configuration of each device in the first embodiment will be described.
FIG. 8 is a block diagram illustrating a functional configuration example of the image processing apparatus 10.
As illustrated, the image processing apparatus 10 includes an authentication unit 21, a processing control unit 22, an operation history storage unit 23, and a transmission unit 24.

  The authentication unit 21 authenticates the user by determining whether the combination of the user ID and password input by the user from the operation panel 15 is included in the combination of the user ID and password stored in advance.

  The process control unit 22 controls processes performed by the image reading unit 16, the image forming unit 17, and the like. In particular, in the first embodiment, the image reading unit 16 controls scan-to-mail processing in which an image is read from a medium such as paper and the image is transmitted to a specified mail address.

  The operation history storage unit 23 stores a history of operations (operation history) accepted by the authentication unit 21 or the processing control unit 22. Specifically, as shown in FIG. 4, the authentication unit 21 accepts an input operation of a user ID and a password, so this operation is stored as a password input, and the processing control unit 22 performs mail in scan-to-mail processing. Since an address input operation is accepted, this operation is stored as an e-mail address input. In the present embodiment, an operation history is used as an example of frequency information indicating the frequency of operation, and an operation history storage unit 23 is provided as an example of frequency information storage means for storing frequency information.

  When there is an operation history acquisition request from the recommendation server 30, the transmission unit 24 transmits, to the recommendation server 30, the operation history stored since the previous operation history transmission among the operation histories stored in the operation history storage unit 23. To do. In the present embodiment, a transmission unit 24 is provided as an example of a transmission unit that transmits frequency information.

  These functional units are realized by cooperation of software and hardware resources. Specifically, the CPU 11 reads and executes a program for realizing the authentication unit 21, the processing control unit 22, and the transmission unit 24 from the HDD 14 into the RAM 12, for example, so that these functional units are realized. The operation history storage unit 23 is realized by the HDD 14, for example.

FIG. 9 is a diagram illustrating a hardware configuration example of the recommendation server 30.
As shown in the figure, the recommendation server 30 includes a CPU 31 that is a calculation means, a main memory 32 and an HDD 33 that are storage means. Here, the CPU 31 executes various types of software such as an OS (Operating System) and applications, and realizes functions described below. The main memory 32 is a storage area for storing various software and data used for executing the software, and the HDD 33 is a storage area for storing input data for various software, output data from the various software, and the like.
Further, the recommendation server 30 includes a communication I / F 34 for performing communication with the outside, a display mechanism 35 including a video memory and a display, and an input device 36 such as a keyboard and a mouse.

FIG. 10 is a block diagram illustrating a functional configuration example of the recommendation server 30.
As illustrated, the recommendation server 30 includes a receiving unit 41, an operation history storage unit 42, a score increase / decrease definition storage unit 43, a score calculation unit 44, a score information storage unit 45, and a recommendation information generation unit 46. I have.

  The receiving unit 41 receives the operation history transmitted by the transmitting unit 24 of the image processing apparatus 10. In the present embodiment, a receiving unit 41 is provided as an example of a receiving unit that receives frequency information.

  The operation history storage unit 42 stores the operation history received by the receiving unit 41 from the image processing apparatus 10.

  The score increase / decrease definition storage unit 43 stores the score increase / decrease definition shown as an example in FIG. In the present embodiment, score increase / decrease definition is used as an example of definition information defining an authentication method for an operation, and a score increase / decrease definition storage unit 43 is provided as an example of definition information storage means for storing definition information. ing.

  The score calculation unit 44 calculates a score using the operation history stored in the operation history storage unit 42 and the score increase / decrease definition stored in the score increase / decrease definition storage unit 43, and the score illustrated in FIG. Generate information. In the present embodiment, a score calculation unit 44 is provided as an example of an evaluation unit that performs evaluation related to introduction of an authentication method.

  The score information storage unit 45 stores score information including the score calculated by the score calculation unit 44.

  Based on the score information stored in the score information storage unit 45, the recommendation information generation unit 46 generates the recommendation information illustrated in FIG. 6 and FIG. In the present embodiment, recommendation information is used as an example of introduction information related to introduction of an authentication method, and a recommendation information generation unit 46 is provided as an example of a generation unit that generates introduction information.

  These functional units are realized by cooperation of software and hardware resources. Specifically, these functional units are realized by the CPU 31 reading a program that realizes the receiving unit 41, the score calculating unit 44, and the recommendation information generating unit 46 from, for example, the HDD 33 into the main memory 32 and executing it. Further, the operation history storage unit 42, the score increase / decrease definition storage unit 43, and the score information storage unit 45 are realized by the HDD 33, for example.

Next, the operation of the first embodiment will be described.
FIG. 11 is a flowchart illustrating an operation example when the image processing apparatus 10 stores the operation history.
As shown in the figure, in the image processing apparatus 10, the authentication unit 21 first determines whether or not a password has been input from the operation panel 15 (step 101). In the first embodiment, since password input is assumed as an operation for the image processing apparatus 10, it is determined here whether or not a password has been input. The ID is also entered together.
If it is determined that the password has not been input, the authentication unit 21 continues to wait for the password in step 101. However, if it is determined that the password has been input, the authentication unit 21 determines that the input password has been entered. An authentication process for determining whether the ID is stored in advance is performed (step 102), and it is determined whether the authentication is successful (step 103).
As a result, if it is determined that the authentication is not successful, the process ends. If it is determined that the authentication is successful, the authentication unit 21 operates the operation history stored in the operation history storage unit 23 (FIG. 4). 1), 1 is added to the number of times the password has been input (step 104).

Thereafter, the control shifts to the process control unit 22, and the process control unit 22 displays a menu screen on the operation panel 15 (step 105). Then, it is determined whether or not scan to mail processing is selected on the menu screen (step 106).
If it is determined that the scan-to-mail process is selected, the process control unit 22 receives the mail address input from the operation panel 15 (step 107). The image reading unit 16 and the communication I so that the image reading unit 16 performs the scan-to-mail process in which the image is read from a medium such as paper and the communication I / F 18 transmits the image to the mail address received in Step 107. / F18 is controlled (step 108). Further, the process control unit 22 adds 1 to the number of times the mail address is input in the operation history (see FIG. 4) stored in the operation history storage unit 23 (step 109).
On the other hand, when it is determined that the scan-to-mail process has not been selected, the process control unit 22 performs the other selected processes (for example, printing, copying, etc.), the image reading unit 16, the image forming unit 17, etc. Is controlled (step 110).

FIG. 12 is a flowchart illustrating an operation example when the recommendation server 30 generates recommendation information based on the operation history.
As shown in the figure, in the recommendation server 30, first, the receiving unit 41 receives operation histories from the plurality of image processing apparatuses 10 (step 301). For example, when the recommendation server 30 makes an operation history transmission request to the plurality of image processing apparatuses 10, the transmission unit 24 transmits the operation history to the recommendation server 30 in the plurality of image processing apparatuses 10. Should receive this. The operation history received by the receiving unit 41 is stored in the operation history storage unit 42 in a form that is added to the already stored operation history.

  Next, the score calculation unit 44 is based on the operation history (see FIG. 4) stored in the operation history storage unit 42 and the score increase / decrease definition (see FIG. 3) stored in the score increase / decrease definition storage unit 43. A score that is an evaluation value as to whether or not each authentication method should be introduced is calculated for each image processing apparatus 10 for each user (step 302). Note that score information including the calculated score is stored in the score information storage unit 45.

Next, the recommendation information generation unit 46 performs the following processing for each image processing apparatus 10. That is, the recommendation information generation unit 46 pays attention to a score of a certain authentication method (score within one thick solid line frame in FIG. 5) for a certain image processing apparatus (step 303), and whether the score exceeds the threshold Th1. It is determined whether or not (step 304). If the score exceeds the threshold Th1, the recommendation information generating unit 46 indicates that the introduction of the authentication method is beneficial to the image processing apparatus 10 (for example, the operation efficiency as shown in FIG. 6 is improved). Is included in the recommendation information (step 305), and the process proceeds to step 306.
On the other hand, if it is determined in step 304 that the score does not exceed the threshold Th1, the process proceeds to step 306 without including information indicating that the introduction of the authentication method is beneficial to the image processing apparatus 10 in the recommendation information. .
Thereafter, the recommendation information generation unit 46 determines whether there is another combination of the image processing apparatus 10 and the authentication method (step 306), and if there is another combination, repeats the processing of steps 303 to 305.

If there is no other combination of the image processing apparatus 10 and the authentication method, the recommendation information generating unit 46 performs the following processing for each user. That is, the recommendation information generating unit 46 pays attention to a score of a certain authentication method (a score within one frame of a thick broken line in FIG. 5) for a certain user (step 307), and determines whether the score exceeds the threshold Th2. Determination is made (step 308). If the score exceeds the threshold Th2, the recommendation information generating unit 46 indicates that the introduction of the authentication method is beneficial to the user (for example, the operational efficiency as shown in FIG. 7 is improved). Information) is included in the recommendation information (step 309), and the process proceeds to step 310.
On the other hand, when it is determined in step 308 that the score does not exceed the threshold Th2, the process proceeds to step 310 without including information indicating that the introduction of the authentication method is beneficial to the user in the recommendation information.
Thereafter, the recommendation information generating unit 46 determines whether there is another combination of the user and the authentication method (step 310), and if there is another combination, the processing of steps 307 to 309 is repeated.

  Although the recommendation information is generated by the above processing, when the display of the recommendation information is requested by the user, in the recommendation server 30, the display mechanism 35 displays the recommendation information as shown in FIGS.

  In the first embodiment, the information indicating that the operation efficiency is improved by introducing a new authentication method is shown as the recommendation information. However, the present invention is not limited to this. For example, it may be information that recommends that a new authentication method be simply introduced without appealing the merit of introducing a new authentication method, or the cost that should be borne by introducing a new authentication method. It may be information. That is, the recommendation information can be generally referred to as information related to the introduction of the authentication method.

Further, in the first embodiment, when the score of a certain authentication method in a certain image processing device exceeds the threshold value Th1, recommendation information for recommending that the authentication method is introduced into the image processing device is generated. However, it is not limited to this. Generally, when an evaluation result of whether or not an authentication method should be introduced into each of a plurality of image processing apparatuses satisfies a predetermined standard indicating that the authentication method should be introduced into the image processing apparatus Alternatively, such recommendation information may be generated.
Furthermore, in the first embodiment, when the score of a certain authentication method of a certain user exceeds the threshold Th2, recommendation information for recommending that the user introduce the authentication method is generated. This is not a limitation. In general, when the evaluation result of whether or not an authentication method should be introduced to each of a plurality of users satisfies a predetermined standard indicating that the authentication method should be introduced to the user, It may be that the recommendation information is generated.

  In the first embodiment, the recommendation information related to the introduction of the authentication method for the image processing apparatus 10 and the recommendation information related to the introduction of the authentication method for the user are displayed as separate independent information, but this is not restrictive. For example, the former recommendation information may be displayed first, and when the recommended authentication method is newly introduced, the latter recommendation information may be displayed with respect to the newly introduced authentication method.

  Furthermore, in the first embodiment, the recommendation server 30 generates the recommendation information based on the operation histories received from the plurality of image processing apparatuses 10, but the operation histories stored in the image processing apparatus 10 Based on this, the image processing apparatus 10 itself may generate recommendation information. In that case, the function units of the score calculation unit 44, the score increase / decrease definition storage unit 43, the score calculation unit 44, the score information storage unit 45, and the recommendation information generation unit 46 of the recommendation server 30 are provided in the image processing apparatus 10, and these functions are provided. The unit generates recommendation information using the operation history stored in the operation history storage unit 23.

[Second Embodiment]
In the second embodiment, in IC card authentication, whether to enter a PIN is selected according to a user operation.
In an IC card, a certificate may be stored in an area that cannot be accessed without entering a PIN. Since authentication using this certificate is a combination of ownership authentication and knowledge authentication, the authentication strength is high. Therefore, for a user who frequently uses a service that cannot be used unless the recognition strength is high, an IC card authentication requesting PIN input (hereinafter referred to as “PIN authentication”) is executed. On the other hand, when the PIN is not input, the authentication strength is low by reading the accessible area (CardID) without inputting the PIN, but it is possible to identify the user. Therefore, for a user who frequently uses a service that can be used even if the recognition strength is low, IC card authentication that does not require a PIN input (hereinafter referred to as “PINless authentication”) is selected.

Hereinafter, an overview of processing for determining which of authentication with PIN and authentication without PIN in the second embodiment will be described. Here, as an operation on the image processing apparatus 10, copying is considered as an example of an operation that can be performed even when the recognition strength is low, and facsimile transmission is considered as an example of an operation that cannot be performed unless the recognition strength is high.
When the image processing apparatus 10 is installed, first, a definition of a value (score increase / decrease definition) for increasing or decreasing the score of each authentication method when an operation is performed on the image processing apparatus 10 is set.
FIG. 13 is a diagram showing an example of such a score increase / decrease definition.
As shown in the figure, in this score increase / decrease definition, a value for increasing / decreasing the score for authentication with PIN and a value for increasing / decreasing the score for authentication without PIN are defined for each operation. Specifically, when a copy that can be used even if the recognition strength is low is performed as an operation, 1 is added to the score for authentication without PIN, and 1 is subtracted from the score for authentication with PIN. Further, when a facsimile transmission that cannot be used unless the authentication strength is high is performed as an operation, 1 is added to the authentication score with PIN, and 1 is subtracted from the authentication score without PIN.

In this state, the image processing apparatus 10 operates for a certain period and the operation history of each user is accumulated in the image processing apparatus 10.
FIG. 14 is a diagram illustrating an example of an operation history accumulated in the image processing apparatus 10. For example, it is shown that user A has made 65 copies and facsimile transmission 10 times, and user B has made 5 copies and facsimile transmission 75 times.

Next, the image processing apparatus 10 calculates a score for determining which of authentication with PIN and authentication without PIN is selected. Specifically, the score of user A and the score of user B are calculated from the score increase / decrease definition shown in FIG. 13 and the operation history shown in FIG.
FIG. 15 is a diagram illustrating an example of information (score information) indicating such a score. Here, the score information is a score table in a table format, but may be information in other formats.
In the figure, PIN indicates a score for authentication with PIN, and NO-PIN indicates a score for authentication without PIN.
For user A, the score for authentication with PIN is “−55”, and the score for authentication without PIN is “55”. For user B, the score for authentication with PIN is “70”, and the score for authentication without PIN is “−70”.
Accordingly, when the threshold is “50”, authentication without PIN is selected for user A, and authentication with PIN is selected for user B.

Next, the configuration of the apparatus in the second embodiment will be described.
FIG. 16 is a block diagram illustrating a functional configuration example of the image processing apparatus 10.
As illustrated, the image processing apparatus 10 as an example of an information processing apparatus includes an authentication unit 21, a processing control unit 22, and an operation history storage unit 23. Further, it includes a score increase / decrease definition storage unit 25, a score calculation unit 26, a score information storage unit 27, and an authentication method determination unit 28.

  The authentication unit 21 authenticates the user by determining whether the information input from the IC card reader is included in the information stored in advance. In the present embodiment, an authentication unit 21 is provided as an example of an authentication unit that authenticates an operator.

  The process control unit 22 controls processes performed by the image reading unit 16, the image forming unit 17, and the like. In particular, in the second embodiment, the image reading unit 16 reads an image from a medium such as paper and prints the image on another medium, and the image reading unit 16 reads from the medium such as paper. The image or communication I / F 18 controls a facsimile transmission process in which an image received from a terminal device (not shown) is transmitted to a designated destination via a public line.

  The operation history storage unit 23 stores a history of operations accepted by the process control unit 22 (operation history). Specifically, as shown in FIG. 14, the processing control unit 22 accepts an operation for instructing copying and an operation for instructing facsimile transmission. When the former operation is accepted, the operation is stored as a copy. When the latter operation is accepted, this operation is stored as facsimile transmission.

  The score increase / decrease definition storage unit 25 stores the score increase / decrease definition shown as an example in FIG. In the present embodiment, score increase / decrease definition is used as an example of definition information that defines an authentication method for an operation, and a score increase / decrease definition storage unit 25 is provided as an example of definition information storage means for storing definition information. ing.

  The score calculation unit 26 calculates a score using the operation history stored in the operation history storage unit 23 and the score increase / decrease definition stored in the score increase / decrease definition storage unit 25, and the score shown in FIG. Generate information. In the present embodiment, the score calculation unit 26 is provided as an example of an evaluation unit that performs evaluation related to the introduction of the authentication method.

  The score information storage unit 27 stores score information including the score calculated by the score calculation unit 26.

  The authentication method determination unit 28 determines an authentication method based on the score information stored in the score information storage unit 27 and informs the authentication unit 21 and the processing control unit 22 of the determined authentication method.

  These functional units are realized by cooperation of software and hardware resources. Specifically, the CPU 11 reads the program that realizes the authentication unit 21, the processing control unit 22, the score calculation unit 26, and the authentication method determination unit 28 from, for example, the HDD 14 into the RAM 12 and executes them, thereby realizing these functional units. Is done. Further, the operation history storage unit 23, the score increase / decrease definition storage unit 25, and the score information storage unit 27 are realized by the HDD 14, for example.

Next, the operation of the second embodiment will be described.
FIG. 17 is a flowchart illustrating an operation example of the image processing apparatus 10.
As shown in the figure, in the image processing apparatus 10, the authentication unit 21 first determines whether or not user information recorded on the IC card is input from the IC card reader (step 151).
If it is determined that the user information has not been input, the authentication unit 21 continues to wait for input of the user information in step 151. If it is determined that the user information has been input, the authentication unit 21 has received the input. An authentication process is performed to determine whether the user information is stored in advance (step 152). This authentication process is a process for reading a CardID without a PIN and identifying a user. Then, the authentication unit 21 determines whether the authentication is successful (step 153).

  As a result, if it is determined that the authentication is not successful, the process ends. If it is determined that the authentication is successful, the authentication method determination unit 28 is included in the score information stored in the score information storage unit 27. It is determined whether or not the user's score exceeds the threshold Th (step 154). If the score exceeds the threshold Th, the fact that the PIN input should be requested is returned to the authentication unit 21, and the authentication unit 21 requests the PIN input and accepts the input PIN (step 155). Then, the authentication unit 21 determines whether or not the input PIN is stored in advance for the user (step 156).

  If it is determined that the input PIN is not pre-stored for the user, the process ends, but if it is determined that the input PIN is pre-stored for the user. Then, the control moves to the process control unit 22, and the process control unit 22 displays a menu screen on the operation panel 15 (step 157). If the authentication method determination unit 28 determines in step 154 that the user's score included in the score information stored in the score information storage unit 27 does not exceed the threshold Th, the PIN input is not requested. Control is transferred to the process control unit 22, and the process control unit 22 displays a menu screen on the operation panel 15 (step 157).

Thereafter, the process control unit 22 determines what process is selected on the menu screen (step 158).
If it is determined that the copy process has been selected, the process control unit 22 reads the image so that the image reading unit 16 reads the image from the medium and the image forming unit 17 performs the copy process of printing the image on another medium. The unit 16 and the image forming unit 17 are controlled (step 159). Further, the process control unit 22 adds 1 to the number of times of copying in the operation history (see FIG. 14) stored in the operation history storage unit 23 (step 160).
On the other hand, if it is determined that the facsimile transmission process has been selected, the processing control unit 22 receives the image read from the medium by the image reading unit 16 or the image received by the communication I / F 18 via the public line. The image reading unit 16 and the communication I / F 18 are controlled so as to perform facsimile transmission processing (step 161). Further, the process control unit 22 adds 1 to the number of times facsimile transmission has been performed in the operation history (see FIG. 14) stored in the operation history storage unit 23 (step 162).

Finally, the score calculation unit 26 is based on the operation history (see FIG. 14) stored in the operation history storage unit 23 and the score increase / decrease definition stored in the score increase / decrease definition storage unit 25 (see FIG. 13). Then, a score, which is an evaluation value as to whether or not each authentication method should be introduced, is calculated for each image processing apparatus 10 for each user (step 163). The score information including the calculated score is stored in the score information storage unit 27.
If it is determined in step 158 that a process other than the copy process and the facsimile transmission process has been selected, the process control unit 22 performs another selected process (for example, scanning, printing, etc.) although not shown. As described above, the image reading unit 16, the image forming unit 17, and the like are controlled, and the process is terminated.

That is, in the second embodiment, if the user identified in step 152 is a user with a high score for authentication with PIN (a user who often uses services that cannot be used unless the authentication strength is high), the PIN input is performed. Prompt.
On the other hand, if the user identified in step 152 is a user with a small PIN authentication score (a user who frequently uses a service that can be used even if the authentication strength is low, such as copying), the user is not prompted to enter the PIN. Transition to the menu screen. In some cases, such a user may only want to identify the user for copy usage aggregation.

  In the second embodiment, when the score of a certain user's authentication method exceeds the threshold Th, the user is authenticated using the authentication method. However, the present invention is not limited to this. In general, when an evaluation result of whether or not an authentication method should be introduced to each of a plurality of users satisfies a predetermined standard indicating that the authentication method should be introduced to the user, the user is You may authenticate using the authentication method.

[Other embodiments]
Next, modifications to the first embodiment and the second embodiment will be described as other embodiments.
First, it can be considered that the introduction cost of equipment is also included in the score and threshold value.
For example, since the introduction of an IC card requires a card cost, the threshold may be increased.
In addition, for example, since vein authentication costs a device for reading veins, the image processing apparatus 10 is recommended for the first time when there are 50 or more users who have an introduction merit, or a score of a user who has an introduction merit. You may employ | adopt the structure which recommends for the first time when the total value of becomes 1000 or more. Generally speaking, a plurality of users determined in advance as an evaluation result indicating whether or not an authentication method should be introduced into each of a plurality of users indicates that the authentication method should be introduced into the image processing apparatus 10. In other words, it may be recommended that the authentication method be introduced into the image processing apparatus 10 when the criteria regarding the above are satisfied. In other words, the criterion that the number of users in the above example is 50 or more and the total value of the user's scores is 1000 or more is an example of the criterion regarding a plurality of predetermined users.

Conversely, if a user who has been able to authenticate using a plurality of authentication methods continues to hold an authentication method with a low merit, it may be a burden.
First, for example, in the case of vein authentication, the more registered users, that is, the more vein data, the longer it takes to authenticate the input vein data against the registered vein data. It is desirable to discard unnecessary user vein data. Therefore, the image processing apparatus 10 may reversely recommend that the user who has shifted to the IC card authentication or the LDAP authentication cannot perform the vein authentication.
Secondly, for example, if a user who has migrated to IC card authentication does not perform local password authentication, in order to reduce the information that should be remembered and reduce the security risk of using the device in a brute force attack It is better to delete the user ID and password. Therefore, the image processing apparatus 10 may make a reverse recommendation to disable local password authentication.
These reverse recommendations may be performed not when the score is determined to be greater than or equal to the threshold value but when the score is determined to be equal to or less than the threshold value. In this case, not only a positive evaluation value is given to the operation reduced by the authentication method, but also an authentication method with a weak merit among a plurality of authentication methods (in the first example, vein authentication, in the second example, local authentication) It is recommended to give a negative evaluation value for the operation to be authenticated in (password authentication).

Further, when performing the recommendation, the image processing apparatus 10 may not only display the combination of the authentication method and the user as shown in FIG. 7, but also provide a means for easily completing the user's registration work.
For example, when there are two users (user A and user C) who are recommended to install an IC card, as many wizards for registration as the number of users may be displayed as follows.
That is, it is assumed that the image processing apparatus 10 displays “Do you want to register the IC card as it is?” And the administrator selects “Yes”. Then, the image processing apparatus 10 displays “Please hold the IC card of the user A”. When the administrator calls the user A and holds the IC card, the image processing apparatus 10 The card has been registered. "Is displayed. Subsequently, the image processing apparatus 10 displays “Please hold the IC card of the user C”, and when the administrator calls and holds the user C, the image processing apparatus 10 reads “ The card has been registered. "Is displayed.

Furthermore, it is conceivable to consider the operation status and position information of the plurality of image processing apparatuses 10.
For example, if the same user uses a plurality of image processing apparatuses 10, it is effective to shift to the LDAP integrated authentication environment. At this time, whether or not they are the same user may be determined based on whether or not the user IDs input to the image processing apparatus 10 are the same.
Further, when the image processing devices X and Y are installed adjacent to each other and the user A uses the image processing devices X and Y at the same frequency, the score is set to the threshold only by the operation history of the image processing device X. Even if it does not exceed, if the sum of the operation histories of the image processing apparatuses X and Y exceeds the threshold value, it may be recommended that the vein reader should be introduced only by the image processing apparatus X.

  In addition, as a process based on the score information stored in the score information storage unit 45 in the first embodiment or the score information stored in the score information storage unit 27 in the second embodiment, a recommendation information generation unit 46 is used. In addition to the process of generating recommendation information and the process of authenticating the user by the authentication unit 21, various processes are conceivable. In this sense, the recommendation information generation unit 46 according to the first embodiment and the authentication unit 21 according to the second embodiment are examples of a processing unit that performs processing based on the evaluation result.

Here, merits and demerits contributing to the score of each authentication method will be described.
Local password authentication has the merit of being able to be introduced at low cost, but has the disadvantage of requiring much time for authentication.
IC card authentication (without PIN) has the advantage that the authentication operation is easy, but the authentication strength is slightly low (authentication is successful with a stolen card) and the introduction cost (card issuance cost) is somewhat. There is a demerit that it is expensive.
IC card authentication (with PIN) has the advantage that the authentication strength is high (authentication is not successful with a stolen card as it is), but has the disadvantage that the introduction cost (card issuance cost) is slightly high.
Biometric authentication has the advantage of high authentication strength, the advantage of easy authentication operation, and the advantage of not forgetting information and objects necessary for authentication, but the demerit that the introduction cost is slightly high, There is a demerit that an error is likely to occur compared to other authentication methods.
For LDAP authentication, it is possible to acquire information (email address, etc.) from the LDAP server and use it, or to register when multiple image processing apparatuses 10 are installed because only one registration is required. However, there is a demerit that the labor of authentication is large, and there is a demerit that the introduction cost is high and expertise is required for construction of the LDAP server.

  FIG. 18 shows an example of correspondence between an operation and a value that increases or decreases the score of each authentication method when the operation is performed, which is derived from the above considerations of merits and demerits. This correspondence example includes the score increase / decrease definition shown in FIG. 3 and the score increase / decrease definition shown in FIG. Specifically, the score shown in FIG. 3 is extracted from FIG. 18 by extracting the part where the password input line and the mail address input line intersect with the IC card authentication (with PIN) column and the LDAP authentication column. It is an increase / decrease definition. In FIG. 3, since the IC card authentication does not distinguish between the presence of PIN and the absence of PIN, “IC card authentication (with PIN)” is simply expressed as “IC card authentication”. Also, from FIG. 18, the score of FIG. 13 is obtained by extracting a portion where a copy line and a facsimile transmission line intersect with an IC card authentication (with PIN) column and an IC card authentication (without PIN) column. It is an increase / decrease definition. In FIG. 13, since both authentication methods are IC card authentication, “IC card authentication (with PIN)” is expressed as “PIN authentication”, and “IC card authentication (without PIN)” is “without PIN”. “Authentication”.

FIG. 18 includes operations other than those employed as operations for the image processing apparatus 10 in the first embodiment and the second embodiment.
For example, a password change by an administrator is included as an operation. This is an operation for indicating that man-hours due to the user forgetting the password and maintenance man-hours for maintaining the authentication strength have been taken.
In addition, an authentication failure due to an input operation error is included as an operation.
Further, the use of a plurality of image processing apparatuses 10 is included as an operation. This is an operation for indicating that the introduction cost of the reader device increases.

  In this correspondence example, not only “+1” and “0” but also “+2” and “−1” are set as values for increasing or decreasing the score of each authentication method. This can be said to have weighted the value to increase or decrease the score according to the operation and the authentication method. However, weighting is not necessarily performed, and only “+1” and “0” may be set. In this case, if “+1” is set for an operation and an authentication method, it can be said that the authentication method is defined for the operation. If “0” is set, it can be said that the authentication method is not defined for the operation.

  The program for realizing the present embodiment can be provided not only by communication means but also by storing it in a recording medium such as a CD-ROM.

DESCRIPTION OF SYMBOLS 10 ... Image processing apparatus, 21 ... Authentication part, 22 ... Processing control part, 23 ... Operation history storage part, 24 ... Transmission part, 25 ... Score increase / decrease definition storage part, 26 ... Score calculation part, 27 ... Score information storage part, 28 ... Authentication method determination unit, 30 ... Recommendation server, 41 ... Reception unit, 42 ... Operation history storage unit, 43 ... Score increase / decrease definition storage unit, 44 ... Score calculation unit, 45 ... Score information storage unit, 46 ... Recommendation information generation Part, 80 ... network

Claims (4)

Definition information storage means for storing definition information defining an authentication method used for operator authentication for each of a plurality of operations performed by the own device;
A frequency information storage means for storing frequency information indicating a frequency at which each of the plurality of operations is performed in the device;
Based on the frequency at which one operation indicated by the frequency information stored in the frequency information storage means is performed, the definition information stored in the definition information storage means is defined for the one operation. An evaluation means for evaluating the introduction of each of the plurality of operators of one authentication method;
When the evaluation result by the evaluation means satisfies a predetermined criterion indicating that the one authentication method should be introduced to at least one operator of the plurality of operators, the at least one Processing means for performing processing for generating introduction information that recommends that the one authentication method be introduced to a human operator ,
The processing means, when the evaluation result by the evaluation means satisfies the criteria related to the plurality of operators predetermined as indicating that the one authentication method should be introduced into the own apparatus, An information processing apparatus that performs processing for generating the introduction information that recommends introduction of an authentication method . Definition information storage means for storing definition information defining an authentication method used for operator authentication for each of a plurality of operations performed by the own device;
A frequency information storage means for storing frequency information indicating a frequency at which each of the plurality of operations is performed in the device;
Based on the frequency at which one operation indicated by the frequency information stored in the frequency information storage means is performed, the definition information stored in the definition information storage means is defined for the one operation. An evaluation means for evaluating the retention of one authentication method;
Processing means for performing processing based on an evaluation result by the evaluation means;
With
The processing means recommends not to hold the one authentication method when the evaluation result by the evaluation means satisfies a predetermined standard indicating that the one authentication method should not be held. An information processing apparatus characterized by generating information. On the computer,
A function for storing definition information defining an authentication method used for authentication of an operator in a definition information storage unit for each of a plurality of operations performed by the own device;
A function of storing in the frequency information storage means frequency information indicating the frequency at which each of the plurality of operations has been performed on the device itself;
Based on the frequency at which one operation indicated by the frequency information stored in the frequency information storage means is performed, the definition information stored in the definition information storage means is defined for the one operation. A function to evaluate the introduction of each of a plurality of operators of one authentication method;
When the evaluation result by the function for performing the evaluation satisfies a predetermined standard indicating that the one authentication method should be introduced to at least one operator of the plurality of operators, Realizing a function to generate introduction information that recommends introduction of the one authentication method to at least one operator ,
In the function of performing the processing, when the evaluation result by the function of performing the evaluation satisfies a criterion related to the plurality of operators predetermined as indicating that the one authentication method should be introduced into the own device, A program for performing a process of generating the introduction information that recommends that the one authentication method be introduced into the own apparatus . A function for storing definition information defining an authentication method used for authentication of an operator in a definition information storage unit for each of a plurality of operations performed by the own device;
A function of storing in the frequency information storage means frequency information indicating the frequency at which each of the plurality of operations has been performed on the device itself;
Based on the frequency at which one operation indicated by the frequency information stored in the frequency information storage means is performed, the definition information stored in the definition information storage means is defined for the one operation. A function to evaluate the maintenance of a single authentication method;
A function of performing processing based on an evaluation result by the function of performing the evaluation;
With
The function for performing the processing does not retain the one authentication method when the evaluation result by the function for performing the evaluation satisfies a predetermined standard indicating that the one authentication method should not be retained. An information processing apparatus characterized by generating information that recommends this.

Images