JP5983846B2 - Information processing system, image forming apparatus, processing method thereof, and program - Google Patents

Description

  The present invention relates to an information processing system, an image forming apparatus, a processing method, and a program for restricting the use of an object to be read such as an IC card.

  In recent years, as security consciousness in offices has increased, security related to multifunction peripherals serving as information input / output units has been required, and the concept of authentication has been applied to multifunction peripherals as well as PCs.

  Here, for authentication, an authentication method using an IC card is preferred in the market because of its high usability. In general, this system uses an IC card authentication server that manages association between a card number and user information.

By using this IC card authentication, functions (transmission function, etc.) operated from the touch panel of the multifunction device can be implemented only by a user holding the IC card registered in the authentication server, and security is maintained. It was.
For output, a storage print is often used in which a job is temporarily stored in a multifunction peripheral or a server and output at the time of user login.

That is, by combining the IC card authentication and the storage print, it is possible to easily increase the security for the overall functions of the multifunction machine.
Also, the mechanism of Patent Document 1 is disclosed in order to further enhance security by combining IC card authentication and storage printing.

JP 2012-058902 A

  In the storage print using an IC card, if the IC card is lost and picked up by another person, the person who picked up the IC card can use the multifunction device, and the print data of the other person can be printed. There was a problem that it would end up.

As for the mechanism of Patent Document 1, re-authentication necessity information indicating whether or not re-authentication is required at the time of printing is stored in the print data list information, and the print data selected by the user is again displayed. If the authentication is required, the IC card is again held over the user who has logged in to the printing apparatus.
Therefore, even in the mechanism of Patent Document 1, it is difficult to maintain security when the IC card is lost.

SUMMARY OF THE INVENTION An object of the present invention is to provide a user-friendly mechanism that prevents an unauthorized operation on a job even when an object to be read is lost.

An information processing system for achieving the object of the present invention is an information processing system capable of outputting a job, wherein a job password storage means for storing a job password for controlling the output of the job, and a reading target Login execution means for executing login by one of an authentication method of a first authentication method by reading an object and a second authentication method different from authentication by reading the object to be read; and the login execution means When login is executed according to the first authentication method, control is performed so as to be output by accepting the input of the job password, and when login is executed according to the second authentication method, JP further comprising an output control means for controlling to output without receiving an input of a job password To.

According to the present invention, even when an object to be read is lost, an unauthorized operation on a job can be prevented and a user-friendly mechanism can be provided .

1 is a system configuration diagram illustrating an example of a configuration of an information processing system 2 is a block diagram illustrating an example of a hardware configuration of an information processing apparatus applicable to the client PC 100, the IC card authentication server 200, and the mail servers 600 and 700. FIG. 2 is a block diagram illustrating an example of a hardware configuration of a multifunction machine 300. FIG. FIG. 4 is a block diagram illustrating an example of a hardware configuration of a mobile terminal 800 It is a figure which shows the functional block diagram of an information processing system 10 is a flowchart of job reception processing from a client PC 100. It is a flowchart of an IC card authentication process. It is a flowchart of job output processing It is a flowchart of job output processing 10 is a flowchart of processing when a user's IC card in a state of lock Lv1 is held over the multifunction device 300. It is a figure which shows an example of the data of an authentication table. It is a figure which shows an example of the data of a setting file It is a figure which shows an example of the data of a job management table It is an image figure which shows an example of an IC card authentication screen. It is an image figure showing an example of a job list screen It is an image figure which shows an example of a job output password input screen It is an image figure which shows an example of a lockout Lv1 transition notification screen. It is an image figure which shows an example of lockout Lv1 screen. It is an image figure which shows an example of a lockout Lv2 transition notification screen. It is an image figure which shows an example of lockout Lv2 screen. It is a flowchart of an IC card authentication process in the second embodiment. It is a flowchart of the keyboard authentication process in 2nd Embodiment. 10 is a flowchart of job output processing according to the second embodiment. It is a figure which shows an example of the data of the job management table in 2nd Embodiment. It is a figure which shows the functional block diagram in this invention

[First Embodiment]
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 shows a multifunction device 300 (image forming apparatus) according to the present invention, a card reader 500 provided in the multifunction device 300, an IC card authentication server 200, a client PC 100, a mail server 600, a portable terminal 800 (a portable terminal, a portable phone). Is a system configuration diagram showing an example of the configuration of an information processing system using the

  In this embodiment, a print job will be described as an example. However, as long as the data is specified by the MFP 300, a scan job (data including scan settings and storage destinations for scanning), or It may be document data stored in the multifunction device 300. In this case, the document data is called a job. For example, even when a list of user's document data is displayed and transmitted by e-mail, a job password may be generated and input to enable operation. In other words, it can be paraphrased as an information processing system for managing jobs. Hereinafter, a description will be given based on an example of printing.

  As shown in FIG. 1, the system of this embodiment has a configuration in which an IC card authentication server 200, a multifunction peripheral 300, a client PC 100, and mail servers 600 and 700 are connected via a local area network (LAN) 400. Yes. Further, it is configured to be able to communicate with the portable terminal 800 via the Internet.

  When the MFP 300 receives a print job from the client PC 100, the print job is stored in the MFP 300. When logging in to the MFP 300 using an IC card, a print job list is displayed and designation of a print job to be printed is accepted. When the MFP 300 issues a print instruction to the print job, a password (key) for outputting the print job is generated, and a password mail is transmitted to the mail address of the user who has output the print job.

  The user accepts the password described in the notification mail by the MFP 300, and if it matches, the printing is executed. If the password does not match (when the password does not match a predetermined number of times), the IC card is locked (IC Because the card may be lost and used by unauthorized users). Then, a password for unlocking is generated. The generated unlock password is sent to the mail address of the user who has output the print job. Using this unlock password and the IC card, the lock can be released.

  In this embodiment, the IC card authentication server 200 authenticates the IC card, but it is also possible to store the IC card authentication table in the multifunction device 300 and allow the multifunction device 300 to perform authentication. is there. Accordingly, the authentication process may be performed by any device.

  Further, the IC card authentication server 200 is configured to perform keyboard authentication (a form in which a user ID and a password are entered for authentication) in the multifunction device 300.

  Hereinafter, the hardware configuration of the information processing apparatus applicable to the client PC 100, the IC card authentication server 200, and the mail servers 600 and 700 shown in FIG. 1 will be described with reference to FIG.

  In FIG. 2, reference numeral 2001 denotes a CPU that comprehensively controls each device and controller connected to the system bus 2004. Further, the ROM 2003 or the external memory 2011 is necessary to realize a BIOS (Basic Input / Output System) or an operating system program (hereinafter referred to as an OS) which is a control program of the CPU 2001, and a function executed by each server or each PC. Various programs are stored.

  Reference numeral 2002 denotes a RAM that functions as a main memory, work area, and the like of the CPU 2001. The CPU 2001 implements various operations by loading a program or the like necessary for execution of processing from the ROM 2003 or the external memory 2011 to the RAM 2002 and executing the loaded program.

  An input controller 2005 controls input from a keyboard (KB) 2009 or a pointing device such as a mouse (not shown). A video controller 2006 controls display on a display device such as a CRT display (CRT) 2010. In FIG. 2, although described as CRT2010, the display may be not only a CRT but also other display such as a liquid crystal display. These are used by clients as needed.

  A memory controller 2007 is connected to the hard disk (HD), flexible disk (FD), or PCMCIA card slot for storing a boot program, various applications, font data, user files, editing files, various data, etc. via an adapter. The access to the external memory 2011 such as a compact flash (registered trademark) memory is controlled.

  A communication I / F controller 2008 is connected to and communicates with an external device via a network (for example, the LAN 400 shown in FIG. 1), and executes communication control processing in the network. For example, communication using TCP / IP is possible.

  Note that the CPU 2001 enables display on the CRT 2010 by executing outline font rasterization processing on a display information area in the RAM 2002, for example. Further, the CPU 2001 enables a user instruction with a mouse cursor (not shown) on the CRT 2010.

  Various programs that operate on the hardware are recorded in the external memory 2011, and are executed by the CPU 2001 by being loaded into the RAM 2002 as necessary.

Next, the hardware configuration of the controller unit that controls the multifunction peripheral 300 as the information processing apparatus of the present invention will be described with reference to FIG.
FIG. 3 is a block diagram illustrating a hardware configuration example of the multifunction machine 300.

  In FIG. 3, a controller unit 5000 is connected to a scanner 5015 functioning as an image input device and a printer 5014 functioning as an image output device, and a local area network such as the LAN 400 shown in FIG. By connecting to a public line (WAN) such as ISDN, image data and device information are input and output.

As shown in FIG. 3, the controller unit 5000 includes a CPU 5001, a RAM 5006, a ROM 5002, an external storage device (hard disk drive (HDD)) 5007, a network interface (Network I / F) 5003, a modem (Modem) 5004, an operation unit interface ( Operation unit I / F) 5005, external interface (external I / F) 5009, image bus interface (IMAGE BUS I / F) 5008, raster image processor (RIP) 5010, printer interface (printer I / F) 5011, scanner interface (Scanner I / F) 5012, an image processing unit 5013, and the like.
A CPU 5001 is a processor that controls the entire system.

A RAM 5006 is a system work memory for the CPU 5001 to operate, and is a program memory for recording a program and an image memory for temporarily storing image data.
The ROM 5002 stores a system boot program and various control programs.
An external storage device (hard disk drive HDD) 5007 stores various programs for controlling the system, image data, and the like.

  An operation unit interface (operation unit I / F) 5005 is an interface unit with the operation unit (UI) 5018, and outputs image data to be displayed on the operation unit 5018 to the operation unit 5018.

The operation unit I / F 5005 serves to transmit information (for example, user information) input by the system user from the operation unit 5018 to the CPU 5001. Note that the operation unit 5018 includes a display unit having a touch panel, and various instructions can be given by a user pressing (touching with a finger or the like) a button displayed on the display unit.
A network interface (Network I / F) 5003 is connected to a network (LAN) and inputs / outputs data.
A modem (MODEM) 5004 is connected to a public line and inputs / outputs data such as FAX transmission / reception.

  An external interface (external I / F) 5009 is an interface unit that accepts external inputs such as USB, IEEE 1394, printer port, and RS-232C. In the present embodiment, a card reader for reading an IC card required for authentication is used. 500 is connected.

  Then, the CPU 5001 can control reading of information from the IC card by the card reader 500 via the external I / F 5009, and can acquire information read from the IC card. Note that the storage medium is not limited to an IC card, and any storage medium that can identify a user may be used. In this case, identification information for identifying the user is stored in the storage medium. This identification information may be a production number of the storage medium or a user code given by the user within the company. The above devices are arranged on the system bus.

On the other hand, an image bus interface (IMAGE BUS I / F) 5008 is a bus bridge that connects a system bus 5016 and an image bus 5017 that transfers image data at high speed and converts a data structure.
The image bus 5017 is configured by a PCI bus or IEEE1394. The following devices are arranged on the image bus 5017.
A raster image processor (RIP) 5010 develops, for example, vector data such as a PDL code into a bitmap image.

  A printer interface (printer I / F) 5011 connects the printer 5014 and the controller unit 5000, and performs synchronous / asynchronous conversion of image data.

  A scanner interface (scanner I / F) 5012 connects the scanner 5015 and the controller unit 5000, and performs synchronous / asynchronous conversion of image data.

  An image processing unit 5013 corrects, processes, and edits input image data, and performs printer correction, resolution conversion, and the like on print output image data. In addition to this, the image processing unit 5013 performs rotation of image data and compression / decompression processing such as JPEG for binary image data and JBIG, MMR, MH for binary image data.

  A scanner 5015 connected to the scanner I / F 5012 illuminates an image on paper as a document and scans it with a CCD line sensor, thereby converting it into an electrical signal as raster image data. The original paper is set on the tray of the original feeder, and when the apparatus user gives a reading start instruction from the operation unit 5018, the CPU 5001 gives an instruction to the scanner, and the feeder feeds the original paper one by one to read the original image. I do.

  A printer 5014 connected to the printer I / F 5011 is a part that converts raster image data into an image on paper. The method is an electrophotographic method using a photosensitive drum or a photosensitive belt, and ink is supplied from a micro nozzle array. There is an ink jet method for ejecting and printing an image directly on a sheet, but any method may be used. The printing operation is started in response to an instruction from the CPU 5001. Note that the printer unit 5014 has a plurality of paper feed stages so that different paper sizes or different paper orientations can be selected, and has a paper cassette corresponding thereto.

  An operation unit 5018 connected to the operation unit I / F 5005 includes a liquid crystal display (LCD) display unit. A touch panel sheet is affixed on the LCD and displays a system operation screen. When a displayed key is pressed, the position information is transmitted to the CPU 5001 via the operation unit I / F 5005. The operation unit 5018 includes, for example, a start key, a stop key, an ID key, a reset key, and the like as various operation keys.

Here, the start key of the operation unit 5018 is used when starting a document image reading operation. There are green and red LEDs in the center of the start key, and indicates whether or not the start key can be used depending on the color. Further, the stop key of the operation unit 5018 functions to stop the operation being performed. The ID key of the operation unit 5018 is used when inputting the user ID of the user. The reset key is used when initializing settings from the operation unit 5018.

  A card reader 500 connected to the external I / F 5009 reads information stored in an IC card (for example, Sony FeliCa (registered trademark)) under the control of the CPU 5001, and reads the read information to the external I / F 5009. The CPU 5001 is notified via F5009.

  FIG. 4 is a block diagram illustrating a hardware configuration example of the mobile terminal 800.

  The mobile terminal of this embodiment shows a case where it is applied to, for example, a mobile terminal device of an IS-95 (Interim Standard 95) based CDMA (Code Division Multiple Access) or LTE mobile terminal. However, the communication system is not limited to the CDMA system, and may be any of PDC (Personal Digital Cellular), PHS (Personal Handyphone System), GSM (Registered Trademark) system widely used in Europe, and the like.

  A mobile terminal 800 includes an antenna 4001 (including an external antenna 4001a and a GPS antenna 4001b), a GPS receiving unit 4002, a transmitting / receiving unit 4013, a modem unit (that is, including a baseband processing unit) 4003, an audio processing unit 4004, and a microphone 4005. , A receiver 4006, a control unit 4010, a main display unit 4008, a sub display unit 4009, an LED unit 4014, a vibrator unit 4015, and an operation unit 4007.

The control unit 4010 controls the entire portable terminal, and includes, for example, a microprocessor, a ROM (Read Only Memory) 4011a, a RAM (Random Access Memory) 4011b, and the like. Control. The RAM 4011b stores information to be transmitted, received information, phone book data (for example, data for 999 memory dials), etc. temporarily or until an erase / change operation is performed. . In addition to the RAM and ROM, an HDD (hard disk) is also provided.
The GPS receiver 4002 receives radio waves from three or more GPS satellites (not shown) and calculates the current position of the mobile terminal.

  The main display unit 4008 is composed of a color liquid crystal display device, DMD (digital mirror device), organic EL display device, PDP (plasma display panel), etc., and information to be notified, character information, current time information, image Displays various details such as information.

The sub display unit 4009 includes various color display devices such as a color liquid crystal display device, an organic EL display device, and a DMD (digital mirror device). Display simple information.
The LED unit 4014 is composed of a semiconductor element that emits light when a voltage is applied, and the semiconductor element is lit and blinks according to information to be notified.
The vibrator unit 4015 includes a motor and a weight with a biased center of gravity attached to the motor shaft, and generates vibration according to information to be notified.

  The operation unit 4007 is a flexible key used when setting various functions in combination with other keys and buttons, moves the cursor vertically and horizontally, scrolls the display contents in that direction in order, and sets the volume. Contact keys used for calling and memory dialing, redialing and kanji conversion, e-mail keys operated when using the e-mail function, and OK keys operated when determining or confirming the selected item , Power ON / OFF, call termination / end key used when answering on hold, incoming keypad, numeric keypad used for entering phone numbers and characters, used to display the Internet connection function display screen WEB key to be used, and a start key to be used for making and receiving calls. In addition, the structure which arrange | positions and displays the soft key corresponding to various keys on a touch panel may be sufficient like the recent portable terminal.

  Radio waves transmitted from the base station are received by the transmission / reception unit 4013 via the antenna 4001 and demodulated by the modem unit 4003. The audio information demodulated by the modem unit 4003 is supplied to the audio processing unit 4004, subjected to predetermined processing by the audio processing unit 4004 under the control of the control unit 4010, and then subjected to electro-acoustic conversion by the receiver 4006. And output as audio.

  Also, the received data demodulated by the modem unit 4003 is supplied to the control unit 4010. This received data is composed of control data, character data, etc. (for example, the other party's telephone number) and image data, etc., and is supplied to the main display unit 4008 and the sub display unit 4009 as necessary and displayed as character information or image information. In some cases, the LED unit 4014 is supplied to the LED unit 4014 to turn on / blink as incoming call information, the vibrator unit 4015 is supplied to vibrate as incoming call information, or stored in the RAM 4011b. The control data of the received data includes incoming information of voice communication (including the caller's telephone number), incoming information of e-mails and text messages transmitted by the SMS bearer (short message bearer) method, etc. Is also included.

  The input information is stored in the RAM 4011b as necessary via the control unit 4010 and supplied to the modem unit 4003 as transmission data. The modem unit 4003 modulates the supplied audio signal and transmission data, and then transmits the modulated signal and the transmission data from the antenna 4001a via the transmission / reception unit 4013.

  Next, with reference to the functional block diagram of FIG. 5, each functional block of each device in the present system (this embodiment) will be described. Each function is executed by the CPU, and detailed processing executed by each function will be described with reference to the flowcharts of FIGS.

The system according to the embodiment of the present invention has a configuration in which a client PC 100, an IC card authentication server 200, and a multifunction peripheral 300 are connected via a predetermined communication medium (LAN) 400 capable of bidirectional communication. In addition, the IC card authentication server 200 and the multi-function device 300 can transmit mail to the portable terminal 800 via the mail servers 600 and 700. Further, a card reader 500 is connected to the multifunction device 300.
Since the operation flow between the respective functions will be described later, an explanation of functional block diagrams described in various terminals will be given here.
First, functional units of the client PC 100 will be described.

The print data generation unit 150 on the client PC 100 can generate print data (job) based on the data received from the application program, and can transmit the print data to the MFP 300 or the like.
Next, functional units of the IC card authentication server 200 will be described.

  The MFP communication unit 250 on the IC card authentication server 200 transmits and receives an authentication request, job output error count information, and unlock password information with the MFP 300.

  The authentication table management unit 251 on the IC card authentication server 200 accesses an authentication table managed in the IC card authentication server, searches for user information associated with the card number or the user name and password requested for authentication, and performs authentication. Returns the result. Also, the count information of the job output password is managed for each user, and when the input of the job output password is wrong for the number of times designated in advance, the user information is locked out.

The unlock password generation unit 252 on the IC card authentication server 200 generates an unlock password for the locked out user at an arbitrary timing.
The mail transmission unit 253 on the IC card authentication server 200 has a function of transmitting an unlock password to the mail address of the user's mobile terminal.
Next, functional units of the multifunction machine 300 will be described.
A job receiving unit 351 on the multifunction device 300 receives print data (job) transmitted from the print data generation unit of the client PC 100.

The job storage unit 352 on the multifunction device 300 has a function of storing the job received by the job reception unit in the HDD 5007 in the multifunction device 300. At this time, information in the job is analyzed, and various bibliographic information such as a file name and a user name are extracted and stored in the job management table.
The job search unit 353 on the multi-function peripheral 300 acquires job list information associated with the user from the job management table.
In response to an output instruction from the user, the job output unit 354 on the multifunction device 300 outputs the user's job stored in the HDD 5007 in the multifunction device 300.
The card reader control unit 355 on the multifunction machine 300 acquires card information (manufacturing number) held over the card reader 500.

The authentication server communication unit 356 on the MFP 300 transmits an authentication request with the IC card authentication server 200, job output password error count information, and unlock password information.
The authentication unit 357 on the multi-function device 300 permits the use of the multi-function device using the user information when control of the entire authentication system and authentication are successful.
The display control unit 358 on the MFP 300 generates a print screen of the MFP based on the user information after successful login.

  A job output password generation unit 359 on the multifunction peripheral 300 randomly generates a job output password when the user selects a job on the print screen and presses the print button.

  The mail transmission unit 360 on the multifunction device 300 has a function of transmitting the password generated by the job output password generation unit 359 to the mail address of the user's mobile terminal.

The job output password confirmation unit 361 on the MFP 300 has a function of determining whether the job output password input by the user matches the password generated by the job output password generation unit 359.
A functional unit of the mobile terminal 800 will be described.

  The mail receiving unit 851 receives a mail transmitted from the IC card authentication server 200 or the multifunction device 300 via the mail servers 600 and 700. The display control unit 852 controls display of mail and various data.

  Note that the functional units in the present embodiment are functional units in a print control system that includes a multifunction peripheral as a printing apparatus and an IC card authentication server 200 as an authentication apparatus. Note that the IC card authentication server 200 may be configured to be included in the multifunction peripheral 300, and thus this function unit may be a function included in the print control system.

Hereinafter, the processing in the system of the present embodiment will be described in more detail with reference to the flowcharts of FIGS.
In addition, about each step, CPU of each apparatus performs a process.
First, a process for receiving a job from the client PC 100 in the embodiment of the present invention will be described with reference to FIG.

  In step S <b> 100, the job reception unit 351 of the multifunction peripheral 300 receives the job generated and transmitted by the print data generation unit 150 of the client PC 100. If a job is received, the process proceeds to step S101.

  In step S <b> 101, the job storage unit 352 of the multifunction device 300 stores the job received in step S <b> 100 in the HDD of the multifunction device 300. Note that a configuration may be employed in which a print server (not shown) is provided and jobs are stored in the print server.

  In step S102, the job storage unit 352 of the MFP 300 analyzes the job stored in step S101, and extracts various bibliographic information (job information) such as a file name and a user name.

  In step S103, the job storage unit 352 of the multifunction device 300 registers the various bibliographic information extracted in step S103 in the job management table managed in the multifunction device. This job management table (FIG. 13) is used to centrally manage job information temporarily stored in the multifunction peripheral, and is updated as needed.

  Next, an IC card authentication process in the embodiment of the present invention will be described with reference to FIG. In this embodiment, IC card authentication will be described. Needless to say, in addition to IC card authentication, authentication can be performed by inputting a user name and a password.

In step S200, the authentication unit 357 of the MFP 300 displays an IC card authentication screen (FIG. 14). At this time, the card reader is in a card reading state, and the card event including the card information is transmitted to the card reader control unit 355 when the user holds the card over the card reader.
In step S <b> 201, the card reader control unit 355 of the multifunction machine 300 receives the card event transmitted from the card reader 500.

In step S202, the authentication unit 357 of the MFP 300 acquires a card number from the card event acquired in step S201. Although the card number is used in the present embodiment, the card number is not limited as long as it is a unique identification number.
In step S <b> 203, the authentication server communication unit 356 of the MFP 300 transmits an authentication request including a card number to the IC card authentication server 200.
In step S204, the MFP communication unit 250 of the IC card authentication server 200 receives the authentication request transmitted in step S203.

  In step S205, the authentication table management unit 251 of the IC card authentication server 200 acquires an authentication table (FIG. 11) managed by the IC card authentication server 200.

In step S206, the authentication table management unit 251 of the IC card authentication server 200 determines whether or not the card number acquired in step S204 is registered in the authentication table (FIG. 11) acquired in step S205. If the card number is registered (searched), the process proceeds to step S208, and if not registered, the process proceeds to step S207.
In step S207, the authentication table management unit 251 of the IC card authentication server 200 generates authentication NG result data because the card has not been registered.

  In step S208, the authentication table management unit 251 of the IC card authentication server 200 acquires user information (user name, mail address, etc.) that is a record (for example, 1100) corresponding to the card number 1105 searched in step S206.

In step S209, if the lock information 1101 of the user information acquired in step S208 is locked (LOCKED Lv1 / Lv2), the authentication table management unit 251 of the IC card authentication server 200 proceeds to step S211 and must be locked. If (UNLOCKED), the process proceeds to step S210.
In step S210, the authentication table management unit 251 of the IC card authentication server 200 generates authentication OK result data including user information associated with the card.

  In step S211, the authentication table management unit 251 of the IC card authentication server 200 confirms the information determined to be locked in step S209. Assume that there are two levels of lock levels, Lv1 and Lv2. If it is Lv1, it is assumed that the user can release the lock by inputting the unlock password from the multifunction machine. Here, when the lock release password is mistaken a plurality of times (predetermined number), the lock level of the user is Lv2. In the case of Lv2, since it can be determined that there is a high possibility that the card has been stolen, the user cannot release the lock with confidence, and asks the administrator to release the lock. If the lock level of the user is Lv1, the process proceeds to step S213, and if it is Lv2, the process proceeds to step S212.

  That is, as described later, if the job output password does not match a predetermined number of times in step S315 (TRUE in step S404), the IC card may be used illegally, so the lock information is set to Lock Lv1, Make it impossible to use IC cards easily. Here, since there is a possibility that the IC card is not used illegally, an unlock password is transmitted by e-mail in step S214, which will be described later, so that the IC card can be unlocked. However, when the password for unlocking the IC card is wrong a plurality of times, the job output password and the unlock password are wrong for a predetermined number of times. Therefore, the lock cannot be released unless it is set to Lv2 and requested by the administrator.

  In step S212, the authentication table management unit 251 of the IC card authentication server 200 generates authentication result data including information indicating that the card is the lock Lv2.

  In step S213, the unlock password generation unit 252 of the IC card authentication server 200 generates a password for unlocking the card, and stores it in the unlock password 1102 in the user information acquired in step S208. That is, when the user is in the lock Lv1 (when the job output password is mistaken a predetermined number of times), the unlock password is generated every time the user holds the card. As a result, unauthorized unlocking of the IC card is reduced, and security can be improved. That is, if the received job password does not match the generated job password according to the determination in step S315, which will be described later, a cancellation password for generating a cancellation password for reusing the reading object whose use is restricted Generation processing.

  In step S214, the mail transmission unit 253 of the IC card authentication server 200 transmits the unlock password generated in step S213 to the mail address (transmission destination) of the mobile terminal 800. The mail address 1106 of the user's mobile terminal 800 is included in the user information acquired in step S208. Note that it may be an email address assigned to an individual user instead of the email address of the mobile terminal 800. This is because, in recent years, an environment has been established in which an email sent to an individual email address of an employee used in a company can be viewed on a portable terminal.

In the present embodiment, the system is such that the password can be confirmed using e-mail, but a configuration in which the password can be confirmed from the browser using the Web system may be used.
In step S215, the mail receiving unit 851 of the portable terminal 800 receives the mail transmitted in step S214 via the mail servers 600 and 700.
In step S216, the display control unit 852 of the portable terminal 800 displays the mail received in step S215, that is, the unlock password.
In step S217, the authentication table management unit 251 of the IC card authentication server 200 generates authentication result data indicating that the card is the lock Lv1.
In step S218, the MFP communication unit 250 of the IC card authentication server 200 transmits the authentication result to the MFP.
In step S219, the authentication server communication unit 356 of the MFP 300 receives the authentication result transmitted in step S218.

  In step S220, the authentication unit 357 of the MFP 300 analyzes the authentication result received in step S219. If the authentication is OK, the process proceeds to step S221. If the authentication is not OK, the process proceeds to step S222.

  In step S221, the authentication unit 357 of the multifunction device 300 logs in to the multifunction device 300 using the authentication result received in step S219. The login to the MFP 300 is controlled so that the functions in the MFP 300 can be used by storing user information included in the authentication result in the login information area. That is, it is a login process for logging in according to authentication by reading the reading object. Here, when there is a login by IC card authentication, information for identifying login with the IC card (for example, flag) is stored in the login information.

  In step S222, the authentication unit 357 of the MFP 300 analyzes the authentication result received in step S219. If it is lock Lv1, the process proceeds to step S500, and if it is not lock Lv1, the process proceeds to step S223.

In step S223, the authentication unit of the multifunction peripheral analyzes the authentication result received in step S219. If it is the lock Lv2, the process proceeds to step S224, and if it is other than the lock Lv2 (that is, the card is not registered or the user is invalid), the process proceeds to step S225.
In step S224, the display control unit 358 of the multifunction peripheral 300 displays the lockout Lv2 screen (FIG. 20) and ends the process.
In step S225, since the display control unit 358 of the multifunction peripheral 300 has not been authenticated, an IC card authentication error screen (not shown) is displayed, and the process ends.

  Next, job output processing according to the embodiment of the present invention will be described with reference to FIGS.

  In step S300, the job search unit 353 of the multifunction device 300 acquires job one information of the logged-in user stored in the HDD of the multifunction device 300 from the job management table (FIG. 13). More specifically, a list of jobs with the same user name 1301 is acquired from the user information of the login user.

  In step S301, the display control unit 358 of the MFP 300 displays the job list information acquired in step S301 on the job list screen (FIG. 15). By selecting a job to be printed on the screen and pressing a print button by the user's operation, an arbitrary job can be output from the operated multifunction device 300.

  In step S302, the display control unit 358 of the MFP 300 determines whether the print button on the screen has been pressed. If the print button is pressed, the process proceeds to step S307. If the print button is not pressed, the process proceeds to step S303.

In step S303, the display control unit 358 of the MFP 300 determines whether the delete button on the screen has been pressed. If the delete button has been pressed, the process proceeds to step S304. If the delete button has not been pressed, the process proceeds to step S302.
In step S304, the display control unit 358 of the multifunction peripheral 300 acquires the job list selected on the screen.
In step S305, the job storage unit 352 of the MFP 300 deletes the job (print data) selected in step S304 from the HDD of the MFP.
In step S306, the job search unit 353 of the MFP 300 updates the job management table (FIG. 13) managed in the MFP.

  In step S307, the job output password generation unit 359 of the MFP 300 generates a job output password. Note that this job output password is managed in the memory for each MFP, and is generated every time the print button is pressed. The job output password may be generated every time the job is saved. That is, the password generation timing may be any. In other words, it is job password generation processing for generating a job password for controlling a job.

In step S <b> 308, the mail transmission unit 360 of the MFP 300 transmits the job output password generated in step S <b> 307 to the mail address (transmission destination) of the portable terminal 800. The email address of the user's mobile terminal 800 is included in the user information acquired in step S219.
In step S309, the mail receiving unit 851 of the mobile terminal 800 receives the mail transmitted in step S308.
In step S310, the display control unit 852 of the portable terminal 800 displays the mail received in step S309, that is, the job output password.

  In step S311, the display control unit 358 of the MFP 300 displays a job output password input screen (FIG. 16). It is assumed that the user inputs the job output password that has arrived at the mobile terminal 800 on the input screen. The mobile terminal 800 and the MFP 300 may be configured to communicate with each other and input. That is, it is a job password acceptance process for accepting a job password in response to an operation on the job.

  In step S312, the display control unit 358 of the MFP 300 determines whether the OK button on the screen has been pressed. If OK is pressed, the process proceeds to step S315. If not, the process proceeds to step S313.

  In step S313, the display control unit 358 of the MFP 300 determines whether or not a cancel button on the screen has been pressed. If the cancel button is pressed, the process proceeds to step S314. If the cancel button is not pressed, the process proceeds to step S312.

  In step S314, the job output password generation unit 359 of the MFP 300 discards the job output password information generated in step S307 and managed in the MFP. Proceed to step S300.

  In step S315, the job output password confirmation unit 361 of the MFP 300 determines whether the job output password generated in step S307 matches the password input on the job output password input screen in step S311. If the passwords match, the process proceeds to step S317, and if they do not match, the process proceeds to step S316.

  In step S316, the job output password generation unit 359 of the MFP 300 discards the job output password information generated in step S307 and managed in the MFP. Proceed to step S400.

  In step S317, the job output password generation unit 359 of the MFP 300 discards the job output password information generated in step S307 and managed in the MFP.

  In step S318, the authentication server communication unit 356 of the MFP 300 transmits a job output password error count clear request to the IC card authentication server 200 because the job output passwords match.

  In step S319, the MFP communication unit 250 of the IC card authentication server 200 receives the output password error count clear request transmitted in step S318. The clear request includes information such as a user name and a card number that can specify a record.

  In step S320, the authentication table management unit 251 of the IC card authentication server 200 extracts the user information from the data received in step S319, and searches the user table from the authentication table (FIG. 11). The job output password error count 1104 of the user is set to 0, and the process ends.

In step S321, the job output unit 354 of the multifunction device 300 acquires the job data (print data) selected in step S301 from the HDD of the multifunction device and outputs it. That is, in step S315, if the received job output password matches the generated job output password, this is processing for permitting control over the job.
In this embodiment, an example in which printing is executed has been described, but the same control is performed for output as a job preview display. In other words, job output includes printing execution, preview display, job transfer to another apparatus, and the like.
In step S322, the job output unit 354 of the multifunction device 300 deletes the job data output in step S321 from the HDD of the multifunction device.
In step S323, the job search unit 353 of the MFP 300 updates the job management table (FIG. 13) managed in the MFP.

In step S400, the authentication server communication unit 356 of the MFP 300 transmits a job output password error count-up request. The count-up request includes information that can specify a record, such as a user name and a card number.
In step S401, the MFP communication unit of the authentication server receives the output password error count-up request transmitted in step S400.

In step S402, the authentication table management unit 251 of the IC card authentication server 200 extracts the user information from the data received in step S401, and searches the user table from the authentication table (FIG. 11). The user's job output password error count 1104 is incremented by “+1”.
In step S403, the authentication table management unit 251 of the IC card authentication server 200 acquires a setting file (FIG. 12) held in the multifunction peripheral.

  In step S404, the authentication table management unit 251 of the IC card authentication server 200 compares the value of the job output password error count threshold 2101 in the setting file acquired in step S403 with the job output password error count of the searched user. To do. If they match, the process proceeds to step S405, and if they do not match, the process proceeds to step S406. That is, if the output password is incorrect a predetermined number of times, the process proceeds to step S405.

  In step S405, the authentication table management unit 251 of the IC card authentication server 200 changes the lock information 1101 of the user information acquired in step S402 to lock Lv1. That is, in the determination in step S315, if the received job password does not match the generated job password, the use restriction process restricts the use of the reading object. Further, it is a process of setting a flag (Lv1) indicating that the release is performed by inputting the release password.

In step S406, the authentication table management unit 251 of the IC card authentication server 200 generates a lockout result for the user. The lockout result includes a result indicating whether or not the user is locked out due to an input error of the job output password. For example, lock Lv1 is included.
In step S407, the MFP communication unit 250 of the IC card authentication server 200 transmits the lockout result generated in step S406 to the MFP.
In step S408, the authentication server communication unit 356 of the MFP 300 receives the lockout result transmitted in step S407.

  In step S409, the display control unit 358 of the multifunction peripheral 300 analyzes the lockout result received in step S408. If it is the lock Lv1, the process proceeds to step S411, and if it is not the lock Lv1, the process proceeds to step S410.

  In step S410, the display control unit 358 of the MFP 300 displays a job output password error screen (not shown), and proceeds to step S307 to prompt the user to input the job output password again.

  In step S411, the display control unit 358 of the MFP 300 displays the lockout Lv1 transition notification screen (FIG. 17). That is, it is a notification process for notifying that the use of the reading object is restricted when the received job password does not match the generated job password.

  In step S412, the authentication unit 357 of the MFP 300 forcibly logs out and ends the process. Logout is performed by deleting the information in the login information area.

  Next, a process when the user's IC card in the lock Lv1 state is held over the multifunction device 300 in the embodiment of the present invention will be described using FIG.

  In step S500, the display control unit 358 of the MFP 300 displays the lockout Lv1 screen (FIG. 18). Here, on the screen of FIG. 18, the input of the unlock password transmitted by mail is accepted. That is, it is a cancellation password reception process for receiving a cancellation password.

  In step S501, the display control unit 358 of the MFP 300 determines whether the OK button on the screen of FIG. 18 has been pressed. If the OK button has been pressed, the process proceeds to step S506, and if not, the process proceeds to step S502.

  In step S502, the display control unit 358 of the MFP 300 determines whether a cancel button on the screen has been pressed. If the cancel button is pressed, the process proceeds to step S503, and if not, the process proceeds to step S501.

In step S503, the authentication server communication unit 356 of the MFP 300 transmits a lock release password discard request. The discard request includes identification information (card number or user name) for specifying the user information record.
In step S504, the MFP communication unit 250 of the IC card authentication server 200 receives the unlock password discard request transmitted in step S503.

  In step S505, the authentication table management unit 251 of the IC card authentication server 200 acquires identification information from the request received in step S504, and searches for corresponding user information from the authentication table (FIG. 11). The unlock password information of the retrieved user information is discarded, and the process is terminated.

In step S506, the authentication server communication unit 356 of the MFP 300 transmits the input unlock password and identification information (card number or user name) for identifying the user information.
In step S507, the MFP communication unit 250 of the IC card authentication server 200 receives the unlock password and identification information transmitted in step S506.

  In step S508, the authentication table management unit 251 of the IC card authentication server 200 extracts user information from the authentication table (FIG. 11) from the identification information received in step S507, and the received unlock password and the extracted user information. It is determined whether or not the unlock passwords 1102 match. If they match, the process proceeds to step S509, and if they do not match, the process proceeds to step S512.

  In step S509, the authentication table management unit 251 of the IC card authentication server 200 discards the unlock password 1102 of the user information acquired in step S508. That is, when the received release password matches the generated release password, the release processing is to release the restriction on the use of the reading object.

  In step S510, the authentication table management unit 251 of the IC card authentication server 200 changes the unlock password error count 1103 of the user information acquired in step S508 to “0”.

  In step S511, the authentication table management unit 251 of the IC card authentication server 200 changes the lock information 1101 of the user information acquired in step S508 to Unlock.

  In step S512, the authentication table management unit 251 of the IC card authentication server 200 discards the unlock password 1102 of the user information acquired in step S508. Thereafter, a new unlock password is generated and stored in the unlock password 1102. Then, the unlock password is transmitted to the user's email address. In this embodiment, a new password is generated once the unlock password is wrong, but this is not a limitation. If a complicated password that cannot be guessed is used, a certain level of security can be ensured, so that it is possible not to generate a password every time. The same applies to the job output passwords in steps S307 and S308.

In step S513, the authentication table management unit 251 of the IC card authentication server 200 increments the unlock password error count 1103 of the user information acquired in step S508 by “+1” because the input of the unlock password is incorrect.
In step S514, the authentication table management unit 251 of the IC card authentication server 200 acquires a setting file (FIG. 12) held in the multifunction peripheral.

  In step S515, the authentication table management unit 251 of the IC card authentication server 200 uses the unlock password error count threshold value (1202) in the setting file (FIG. 12) acquired in step S514, and the user information acquired in step S508. Compare unlock password error counts. If they match, the process proceeds to step S516, and if they do not match, the process proceeds to step S517. The case where they coincide with each other means that the input of the unlock password has been made a wrong number of times. In this case, since there is a high possibility that the IC card has been unlocked illegally, the IC card can only be unlocked by an administrator.

  In step S516, the authentication table management unit 251 of the IC card authentication server 200 changes the lock information 1101 of the user information acquired in step S508 to the lock Lv2. That is, it is a use restriction process that restricts the use so that the use restriction by the user who owns the reading object cannot be removed when the accepted release password does not match the generated release password. Further, it is a process of setting a flag (Lv2) indicating that the release is not performed by inputting the release password.

In step S517, the authentication table management unit 251 of the IC card authentication server 200 generates a user lockout result. This lockout result stores lock information of current user information (Unlock / Lock Lv1 / Lock Lv2). If the lock information is Unlock, the user information necessary for login is also set because the IC card is unlocked.
In step S518, the MFP communication unit 250 of the IC card authentication server 200 transmits the lockout result generated in step S517 to the MFP.
In step S519, the authentication server communication unit 356 of the MFP 300 receives the lockout result transmitted in step S518.

In step S520, the display control unit 358 of the MFP 300 analyzes the lockout result received in step S519. If it is Unlock, the process proceeds to step S521, and if it is not Unlock, the process proceeds to step S523.
In step S521, the display control unit 358 of the MFP 300 displays a lock release success screen (not shown).

  In step S522, the authentication unit 357 of the multifunction device 300 logs in to the multifunction device 300 using the user information acquired in step S519, and proceeds to step S300. For login, the MFP can be used by setting user information in the login information area of the MFP 300.

  In step S523, the display control unit 358 of the MFP 300 analyzes the lockout result received in step S519. If it is the lock Lv1, the process proceeds to step S524.

In step S524, the display control unit 358 of the MFP 300 displays an unlock password error screen (not shown), and the process proceeds to step S500. That is, the process proceeds to a process for inputting the unlock password again.
In step S525, the display control unit 358 of the MFP 300 displays the lockout Lv2 transition notification screen (FIG. 19), and proceeds to step S200.

Note that the authentication table of FIG. 11 is stored in the IC card authentication server 200. The setting file of FIG. 12 is stored in the IC card authentication server 200. Further, it is assumed that the job management table in FIG. However, all the data may be stored in the multi-function device 300, or each data may be stored in another server. Therefore, it goes without saying that it can be realized if data is stored and managed as a system.
14 to 20 may be configured to display a screen transmitted from an external device (for example, a server).

[Second Embodiment]
Next, a second embodiment will be described. The description of the same configuration as that of the first embodiment will be omitted. That is, the system configuration, hardware configuration, and the like are the same as those in the first embodiment.
The second embodiment will be described with reference to FIGS.

  FIG. 21 is a flowchart corresponding to FIG. 7 which is a flowchart of the IC card authentication process. FIG. 21 is a flowchart in which step S600 is added to the flowchart of FIG.

  In step S600, the authentication unit 357 of the MFP 300 detects whether or not the keyboard authentication button displayed on the IC card authentication screen (FIG. 14) has been pressed. If the button has been pressed, the process proceeds to step S700 in FIG. 23. If the button has not been pressed, the process proceeds to step S201.

FIG. 22 is a flowchart of the keyboard authentication process.
In step S700, the authentication unit 357 of the MFP 300 displays a keyboard authentication screen (not shown).
In step S701, the authentication unit 357 of the MFP 300 detects whether an IC card authentication button displayed on a keyboard authentication screen (not shown) has been pressed.
If the button has been pressed, the process proceeds to step S200. If the button has not been pressed, the process proceeds to step S702.

In step S702, the authentication unit 357 of the MFP 300 detects that a login button displayed on a keyboard authentication screen (not shown) is pressed. In this keyboard authentication screen, a user ID and a password are input by a user operation. If the login button has been pressed, the process proceeds to step S703. The process waits until it is pressed.
In step S703, the authentication server communication unit 356 of the MFP 300 transmits an authentication request including the user name and password input on the keyboard authentication screen to the IC card authentication server 200. Note that the authentication request may be transmitted to another server (for example, a directory server).

In step S704, the MFP communication unit 250 of the IC card authentication server 200 receives the authentication request transmitted in step S703.
In step S705, the authentication table management unit 251 of the IC card authentication server 200 acquires an authentication table (FIG. 11) managed by the IC card authentication server 200.

  In step S706, whether the user name acquired in step S704 is registered in the authentication table (FIG. 11) acquired by the authentication table management unit 251 of the IC card authentication server 200 in step S705 and the passwords match. Determine whether it is correct. If the user name and password are correct (if searched), the process proceeds to step S707, and if not correct, the process proceeds to step S708.

In step S707, the authentication table management unit 251 of the IC card authentication server 200 acquires user information (user name, mail address, etc.) that is a record (for example, 1100) that matches the user name and password searched in step S706.
In step S708, the authentication table management unit 251 of the IC card authentication server 200 generates authentication NG result data because the user name is not registered or the password is incorrect.
In step S709, the MFP communication unit 250 of the IC card authentication server 200 transmits an authentication result to the MFP.

In step S710, the authentication server communication unit 356 of the MFP 300 receives the authentication result transmitted in step S709.
In step S711, the authentication unit 357 of the MFP 300 analyzes the authentication result received in step S710. If the authentication is OK, the process proceeds to step S712. If the authentication is not OK (for example, authentication NG or error), the process proceeds to step S713.

  In step S712, the authentication unit 357 of the multifunction device 300 logs in to the multifunction device 300 using the authentication result received in step S710. That is, an example of a process of logging in according to the authentication that can verify the identity is shown.

The login to the MFP 300 is controlled so that the functions in the MFP 300 can be used by storing user information included in the authentication result in the login information area. Further, here, when there is a login by keyboard authentication, information (for example, a flag) for identifying the login with the keyboard is stored in the login information. This makes it possible to determine whether login has been performed using an IC card or login by keyboard authentication.
When logged in, the process proceeds to FIG.

In the authentication according to the present embodiment, an authentication table may be stored in the multifunction device 300 and the multifunction device 300 may execute an authentication process. Further, an authentication form (IC card authentication or keyboard authentication) may be stored in the IC card authentication server 200.
In step S713, since the display control unit 358 of the MFP 300 has not been authenticated, a keyboard authentication error screen (not shown) is displayed, and the process ends.

Next, job output processing will be described with reference to FIG. FIG. 23 is a flowchart corresponding to FIG. 8 which is a flowchart of the job output process. FIG. 8 is a flowchart in which steps S800 and S801 are added.
In addition, description of step S300-step S302 which is the process after login is abbreviate | omitted, and it demonstrates from step S800.

In step S800, after logging in, when a job is selected on the job list screen and the print button is pressed, the job output password generation unit 359 of the MFP 300 determines whether the login method is IC card authentication or keyboard authentication. Judge whether or not. Whether the authentication mode is IC card authentication or keyboard authentication is determined using the identification information (flag) stored as login information in step S221 or step S712.
In the case of IC card authentication, the process proceeds to step S307, and in the case of keyboard authentication, the process proceeds to step S321. That is, when logging in by keyboard authentication, the job output password is not generated because the identity can be confirmed.

  As described above, in step S321, the selected job data (print data) is acquired from the HDD of the multifunction peripheral and output. That is, it shows an example of a process for permitting output control for a job without accepting an input of a job password when logged in with authentication capable of identity verification.

  In step S801, the security level (sensitivity, etc.) of the selected job is referred to the job management table shown in FIG. 24 to determine whether the job has a high security level. If the job has a high security level (a job whose security flag 2401 is “1”), the process proceeds to step S307. If the job has a low security level (a job whose security flag 2401 is “0”), the process proceeds to step S321. Move. When a plurality of jobs are selected, if the selected job includes a job with a high security level, the process proceeds to step S307.

  As a result, even if the authentication is based on the IC card authentication, if the sensitivity of the job to be printed is low, a job output password is not generated, and the mechanism is easy to use.

  Although the configuration using keyboard authentication has been described in the present embodiment, it goes without saying that fingerprint authentication or vein authentication may be used. In other words, it can be paraphrased as authentication that enables identity verification.

[Other Embodiments]
In the first embodiment and the second embodiment, the job output password is generated when the print button is pressed. However, the job output password is generated when the job is stored, and the job management table is generated. The structure memorize | stored in (FIG. 13, FIG. 24) may be sufficient.
In this case, when the keyboard authentication described in the second embodiment is performed, the job output password is deleted and printing is executed. Alternatively, the job output password may be ignored and printing may be executed.
Further, the job output password may be a password assigned by the printer driver of the client PC 100. In other words, any configuration may be used as long as the job output password is stored corresponding to the print instruction or the job instructed to print.

  Next, a functional block diagram according to the present invention will be described with reference to FIG. Note that the functional blocks in FIG. 5 are functional block diagrams in the above-described embodiment.

First, a functional block diagram in the case where the above-described embodiment has a function as an information processing system for managing jobs will be described using 2500.
The job password storage unit 2501 is a functional unit that stores a job password for controlling job output.
A login unit 2502 is a functional unit that logs in in accordance with authentication by reading an object to be read such as an IC card.

The job password receiving unit 2503 is a functional unit that receives a job password in response to an operation on a job.
The use restriction unit 2504 is a functional unit that restricts the use of the reading object when the job password received by the job password reception unit 2503 and the job password stored in the job password storage unit 2501 do not match.

  The permission unit 2505 is a functional unit that permits output control for a job when the job password received by the job password receiving unit 2503 matches the job password stored in the job password storage unit 2501.

Further, the login unit 2502 is a functional unit that logs in according to authentication that enables identity verification.
Further, the permission unit 2505 is a functional unit that permits output control for a job without accepting an input of a job password when login is performed with authentication capable of identifying the user.

  When the job password received by the job password receiving unit 2503 and the job password stored in the job password storage unit 2501 do not match, the cancellation password generation unit 2506 reads the object whose use is restricted by the use restriction unit 2504 It is a functional part that generates a release password for reusing the password.

The cancellation password receiving unit 2507 is a functional unit that receives the cancellation password.
The cancellation unit 2508 is a functional unit that cancels the restriction on the use of the reading object when the cancellation password received by the cancellation password reception unit 2507 matches the cancellation password generated by the cancellation password generation unit 2506.

Further, the use restriction unit 2504 uses the password so that the release unit 2508 cannot release the restriction when the release password received by the release password reception unit 2507 and the release password generated by the release password generation unit 2506 do not match. This is a function unit to be restricted.
In addition, when the job passwords do not match, the usage restriction unit 2504 sets a flag indicating that the reading object is read and released by inputting the release password, and when the release password does not match, the use restriction unit 2504 sets the reading object. Is a functional unit that sets a flag indicating that the password is not canceled by inputting the cancellation password. This is a functional unit that restricts the use of an object to be read when a job password or a release password is input a predetermined number of times.

  The transmission unit 2509 is a functional unit that transmits the job password or the cancellation password to the transmission destination of the user corresponding to the reading object.

  Next, a functional block diagram in the case where the above embodiment is provided with a function as an image forming apparatus including a reading unit will be described using 2510.

The job management unit 2511 is a functional unit that manages jobs.
The job password storage unit 2512 is a functional unit that stores a job password for controlling job output.

The login unit 2513 is a functional unit that logs in in accordance with the authentication by reading the reading object.
The job password receiving unit 2514 is a functional unit that receives a job password in response to an operation on a job.
If the job password received by the job password reception unit 2514 and the job password stored in the job password storage unit 2512 do not match, the notification unit 2515 notifies the fact that the use of the reading object is restricted. It is.

  As described above, according to the present embodiment, it is possible to prevent an unauthorized operation on a job even when the reading object is lost, and to prevent an unauthorized use of the reading object.

Further, security can be ensured even when a reading object (for example, an IC card) is lost in reservation printing.
In particular, by using the job output password and the unlock password, unauthorized use of the IC card can be prevented, and security can be improved as a result.
Furthermore, it is possible to construct a highly convenient system because the lock can be released from the multifunction device while enhancing the security.
In addition, when authentication is performed with a high-security authentication mode (for example, keyboard authentication), a highly convenient system can be constructed by eliminating the need for a job output password.

  It should be noted that the configuration and contents of the various data described above are not limited to this, and it goes without saying that the various data and configurations are configured according to the application and purpose.

  Although one embodiment has been described above, the present invention can take an embodiment as, for example, a system, apparatus, method, program, or recording medium, and specifically includes a plurality of devices. The present invention may be applied to a system including a single device.

  Moreover, the program in this invention is a program which can perform the processing method of the flowchart shown in FIGS. 6-10 and FIGS. 21-23, and the storage medium of this invention is FIGS. 6-10, FIG. A program capable of being executed by the computer in the processing method of FIG. 23 is stored. The program according to the present invention may be a program for each processing method of each apparatus shown in FIGS.

  As described above, a recording medium that records a program that implements the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by executing the reading.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium storing the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, silicon A disk, solid state drive, or the like can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (operating system) operating on the computer based on an instruction of the program is actually It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the processing and the processing is included.

  Furthermore, after the program read from the recording medium is written to the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is based on the instructions of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  Further, the present invention may be applied to a system composed of a plurality of devices or an apparatus composed of a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

Furthermore, by downloading and reading a program for achieving the present invention from a server, database, etc. on a network using a communication program, the system or apparatus can enjoy the effects of the present invention.
In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

100 client PC
200 IC card authentication server 300 MFP 400 LAN
500 card reader 600 mail server 700 mail server 800 portable terminal 201 CPU
301 CPU

Claims (14)

An information processing system that can output a job,
Job password storage means for storing a job password for controlling the output of the job;
Login execution means for executing login by one of an authentication method of a first authentication method by reading a reading object and a second authentication method different from the authentication by reading the reading object ;
When login is executed by the login execution unit according to the first authentication method, control is performed so as to be output by accepting the input of the job password, and login is executed according to the second authentication method. In this case, an information processing system comprising: output control means for controlling the job password so that the job password is output without being accepted . 2. The display control unit according to claim 1, further comprising a display control unit configured to control to display an input screen for accepting an input of a job password when the login execution unit performs login according to the first authentication method. The information processing system described. When the job password received by the login execution unit by the first authentication method is different from the job password stored in the storage unit, the login password is used for authentication in the login execution unit. Usage restriction means for restricting the use of reading objects
The information processing system according to claim 1, further comprising: For the use in front Symbol utilization restriction means is available for limited read object again, and release the password generating means for generating a release password,
A cancellation password receiving means for receiving the cancellation password;
By the release password accepting unit receives a release password generated by the release password generation means, according to claim 3, characterized in that it comprises further a releasing means for releasing the restriction of the use of the object to be read Information processing system. The cancellation password generation unit generates the cancellation password when the job password that has received the input does not match the job password stored in the job password storage unit.
The information processing system according to claim 4. A release password accepted in the release password accepting unit, wherein when a release password cancel password generated by the generating means does not match, the use restriction means, control to prevent the release of restriction by the release password limit The information processing system according to claim 4 or 5 , wherein: When the job passwords do not match, the use restriction unit reads a reading object and sets a flag indicating that the object is to be released by inputting the release password. The information processing system according to claim 6 , wherein a flag indicating that the reading and release password is not canceled is set. 8. The information processing system according to claim 4 , further comprising: a transmission unit configured to transmit the job password or the release password to a transmission destination of a user corresponding to the reading object. The usage restriction unit, when the inputted predetermined different jobs password number and job password that is stored in the storage means, to limit the use of the read object used in the authentication at the login execution unit The information processing system according to any one of claims 3 to 8 , wherein the information processing system is characterized in that: An image forming apparatus capable of outputting a job,
Job password storage means for storing a job password for controlling the output of the job;
Login execution means for executing login by one of an authentication method of a first authentication method by reading a reading object and a second authentication method different from the authentication by reading the reading object ;
When login is executed by the login execution unit according to the first authentication method, control is performed so as to be output by accepting the input of the job password, and login is executed according to the second authentication method. In this case, the image forming apparatus includes: an output control unit that performs control so that the job password is output without receiving the input . An information processing system capable of outputting a job , the processing method of the information processing system comprising job password storage means for storing a job password for controlling the output of the job,
The information processing system is
A login execution step of executing login by one of an authentication method of a first authentication method by reading a reading object and a second authentication method different from the authentication by reading the reading object ;
When login is executed in accordance with the first authentication method in the login execution step, control is performed so as to be output by accepting the input of the job password, and login is executed in accordance with the second authentication method. In this case, the processing method of the information processing system includes an output control step of controlling the job password so that the job password is output without being accepted . An image forming apparatus capable of outputting a job, and a processing method of an image forming apparatus including job password storage means for storing a job password for controlling the output of the job,
The image forming apparatus includes:
A login execution step of executing login by one of an authentication method of a first authentication method by reading a reading object and a second authentication method different from the authentication by reading the reading object ;
When login is executed in accordance with the first authentication method in the login execution step, control is performed so as to be output by accepting the input of the job password, and login is executed in accordance with the second authentication method. A processing method for an image forming apparatus , comprising: an output control step for controlling the job password so that the job password is output without being accepted . An information processing system capable of outputting a job, a program executable by an information processing system including job password storage means for storing a job password for controlling the output of the job ,
The information processing system;
Login execution means for executing login by one of an authentication method of a first authentication method by reading a reading object and a second authentication method different from the authentication by reading the reading object ;
When login is executed by the login execution unit according to the first authentication method, control is performed so as to be output by accepting the input of the job password, and login is executed according to the second authentication method. In this case, the program functions as output control means for controlling the output so that the job password is output without being accepted . An image forming apparatus capable of outputting a job, and a program executable by the image forming apparatus including a job password storage unit that stores a job password for controlling the output of the job ,
The image forming apparatus;
Login execution means for executing login by one of an authentication method of a first authentication method by reading a reading object and a second authentication method different from the authentication by reading the reading object ;
When login is executed by the login execution unit according to the first authentication method, control is performed so as to be output by accepting the input of the job password, and login is executed according to the second authentication method. In this case, the program functions as output control means for controlling the output so that the job password is output without being accepted .

Images