JP6164154B2 - Authentication information management system, image forming apparatus, processing method thereof, and program - Google Patents

Description

  The present invention relates to an authentication information management system, an image forming apparatus, and a processing method and program for registering and managing authentication information.

In recent years, with the heightened awareness of security in offices, security related to multifunction devices, which are information input / output units, has been required, and the concept of “authentication” has been applied to multifunction devices like PCs. It was.
An authentication system for using this multifunction machine often uses an IC card.
Therefore, it is necessary to associate and manage user information including the user name of the user who uses the IC card and the card information of the IC card.

  Conventionally, the administrator has registered user information and card information in the authentication table in order to perform this association. However, in recent years, each user can also register card information from a multifunction peripheral. It has come to be.

  Also, when using authentication using an IC card, if the user forgets the IC card, the user cannot log in to the multifunction device. Therefore, the multifunction device is also provided with authentication for entering a user ID and password.

However, every time the multifunction device is used, the user has to input a user ID and password, which reduces convenience, so a guest IC card (temporary card) that is lent when the IC card is forgotten ) To request authentication.
Patent Document 1 is disclosed as a mechanism for registering this temporary card from a multifunction peripheral.

JP 2012-158176 A

However, when registering a temporary card, it is necessary to create and register a card list for identifying the temporary card, which may be troublesome to manage such as maintaining the card list.
Since there are various systems in a company and a lot of management is required, it is required in actual operation to reduce the management in the MFP as much as possible.

  In addition, when authentication information is stored in each multifunction device and authentication is performed by the multifunction device, various information such as normally used IC cards, temporary IC cards, and user information necessary for authentication must be managed. Therefore, the management load is further increased.

  Therefore, an object of the present invention is to provide a mechanism that simplifies the registration work of a reading object and makes the management of authentication information more efficient.

An image forming apparatus comprising storage means for storing user information including purpose of achieving, the user identification information and the password entered in the information processing apparatus of the present invention, the user identification information in response to operation of the user User information receiving means for receiving user information including a password; reading means for reading an object to be read; if the user information received by the user information receiving means matches the user information stored in the storage means, the reading or the object to be read to temporarily use a read object read by means, display means for normally displaying a use reading object and the possible specification screen type or, designated by the designation screen as the object to be read by the type that is to be managed, and the identification information obtained the object to be read by reading by the reading means and the user information Characterized in that it comprises a registration means for registering the authentication information correlating.

  ADVANTAGE OF THE INVENTION According to this invention, the registration operation | work of a multiple reading target object can be simplified and management of authentication information can be made efficient.

It is a system configuration diagram showing an example of a configuration of an authentication information management system It is a block diagram which shows an example of the hardware constitutions of the information processing apparatus applicable to client PC100. 2 is a block diagram illustrating an example of a hardware configuration of a multifunction machine 300. FIG. It is a figure which shows the functional block of each apparatus in this system. It is a flowchart of a user information registration process. It is a flowchart of IC card registration processing 1. It is a flowchart of IC card registration processing 2. It is a flowchart of IC card registration processing 3. It is a flowchart of an IC card authentication process. It is a flowchart of the deletion process of an authentication table. It is a data figure which shows an example of a setting file. It is a data figure which shows an example of a password management table. It is a data figure which shows an example of a normal card | curd authentication table. It is a data figure which shows an example of a temporary card authentication table. It is a data figure which shows an example of a temporary card management table. It is an image figure which shows an example of a card information registration tool screen. It is an image figure which shows an example of an IC card authentication screen. It is an image figure which shows an example of an IC card information registration screen. It is an image figure which shows an example of an IC card registration dialog. It is an image figure which shows an example of an IC card detection success dialog It is an image figure which shows an example of an IC card detection success dialog (temporary card fixation). It is an image figure which shows an example of an IC card registration success dialog It is a figure which shows the functional block diagram in this invention It is a flowchart of IC card registration processing 3 in a 2nd embodiment. 10 is a flowchart of IC card authentication processing in the second embodiment. It is an image figure which shows an example of a temporary card registration authentication error dialog

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. First, the first embodiment will be described.

FIG. 1 is a system configuration diagram showing an example of a configuration of an authentication information management system using a multifunction peripheral 300 (image forming apparatus) according to the present invention, a card reader 500 provided in the multifunction peripheral 300, and a client PC 100.
In the present embodiment, a table for managing authentication information is stored in the MFP 300, but a table may be stored in an authentication server (not shown).

  As shown in FIG. 1, the system according to the present embodiment has a configuration in which a multifunction machine 300 and a client PC 100 are connected via a local area network (LAN) 400. Note that communication via the Internet is not limited to the local network.

The client PC 100 is installed with a management tool (card information registration tool) communicable with the MFP 300. When the management tool is activated, the user name (user identification information) of the user who has logged in to the client PC 100 is changed. Accepted by management tools via the operating system. This user name is displayed on the screen of the management tool, and input of information for registration from the user is accepted. For example, an e-mail address, a card registration password, and information on a multifunction peripheral as a registration destination.
The management tool can be rephrased as an application that operates on the client PC 100 and inputs user information and a password.
The client PC 100 acquires the input user ID, card registration password, and the like (acquisition of user information), and transmits it to the designated multifunction device 300.

When the MFP 300 receives the user information, the MFP 300 stores the user information and the registration date and time in a temporarily stored password management table (FIG. 12).
Then, the MFP 300 receives the user name and password (card registration password) on the IC card registration screen, and determines whether there is a record that matches the password management table. When there is a matching record, the IC card is read, and the table corresponding to the type is obtained by associating the card ID of the IC card and the user information of the record with the type selected by the user (for example, usually, temporary). To remember.

  Hereinafter, the hardware configuration of the information processing apparatus applicable to the client PC 100 shown in FIG. 1 will be described with reference to FIG.

  In FIG. 2, reference numeral 2001 denotes a CPU that comprehensively controls each device and controller connected to the system bus 2004. Further, the ROM 2003 or the external memory 2011 is necessary to realize a BIOS (Basic Input / Output System) or an operating system program (hereinafter referred to as an OS) which is a control program of the CPU 2001, and a function executed by each server or each PC. Various programs are stored.

  Reference numeral 2002 denotes a RAM that functions as a main memory, work area, and the like of the CPU 2001. The CPU 2001 implements various operations by loading a program or the like necessary for execution of processing from the ROM 2003 or the external memory 2011 to the RAM 2002 and executing the loaded program.

  An input controller 2005 controls input from a keyboard (KB) 2009 or a pointing device such as a mouse (not shown). A video controller 2006 controls display on a display device such as a CRT display (CRT) 2010. In FIG. 2, although described as CRT2010, the display may be not only a CRT but also other display such as a liquid crystal display. These are used by clients as needed.

  A memory controller 2007 is connected to the hard disk (HD), flexible disk (FD), or PCMCIA card slot for storing a boot program, various applications, font data, user files, editing files, various data, etc. via an adapter. The access to the external memory 2011 such as a compact flash (registered trademark) memory is controlled.

  A communication I / F controller 2008 is connected to and communicates with an external device via a network (for example, the LAN 400 shown in FIG. 1), and executes communication control processing in the network. For example, communication using TCP / IP is possible.

  Note that the CPU 2001 enables display on the CRT 2010 by executing outline font rasterization processing on a display information area in the RAM 2002, for example. Further, the CPU 2001 enables a user instruction with a mouse cursor (not shown) on the CRT 2010.

  Various programs that operate on hardware (for example, a program as a card information registration tool) are recorded in the external memory 2011 and are executed by the CPU 2001 by being loaded into the RAM 2002 as necessary.

Next, the hardware configuration of the multifunction machine 300 as the image forming apparatus of the present invention will be described with reference to FIG.
FIG. 3 is a block diagram illustrating a hardware configuration example of the multifunction machine 300.

  In FIG. 3, a controller unit 5000 is connected to a scanner 5015 functioning as an image input device and a printer 5014 functioning as an image output device, and a local area network such as the LAN 400 shown in FIG. By connecting to a public line (WAN) such as ISDN, image data and device information are input and output.

As shown in FIG. 3, the controller unit 5000 includes a CPU 5001, a RAM 5006, a ROM 5002, an external storage device (hard disk drive (HDD)) 5007, a network interface (Network I / F) 5003, a modem (Modem) 5004, an operation unit interface ( Operation unit I / F) 5005, external interface (external I / F) 5009, image bus interface (IMAGE BUS I / F) 5008, raster image processor (RIP) 5010, printer interface (printer I / F) 5011, scanner interface (Scanner I / F) 5012, an image processing unit 5013, and the like.
A CPU 5001 is a processor that controls the entire system.

A RAM 5006 is a system work memory for the CPU 5001 to operate, and is a program memory for recording a program and an image memory for temporarily storing image data.
The ROM 5002 stores a system boot program and various control programs.

  An external storage device (hard disk drive HDD) 5007 stores various programs for controlling the system, image data, and the like. Various tables are also stored. An example of the table is shown in FIGS. In addition, a setting file (FIG. 11) read by the program is also stored. An example of the setting file is shown in FIG.

  An operation unit interface (operation unit I / F) 5005 is an interface unit with the operation unit (UI) 5018, and outputs image data to be displayed on the operation unit 5018 to the operation unit 5018.

The operation unit I / F 5005 serves to transmit information (for example, user information) input by the system user from the operation unit 5018 to the CPU 5001. Note that the operation unit 5018 includes a display unit having a touch panel, and various instructions can be given by a user pressing (touching with a finger or the like) a button displayed on the display unit.
A network interface (Network I / F) 5003 is connected to a network (LAN) and inputs / outputs data.
A modem (MODEM) 5004 is connected to a public line and inputs / outputs data such as FAX transmission / reception.

  An external interface (external I / F) 5009 is an interface unit that accepts external inputs such as USB, IEEE 1394, printer port, and RS-232C. In the present embodiment, a card reader for reading an IC card required for authentication is used. 500 is connected.

  Then, the CPU 5001 can control reading of information from the IC card by the card reader 500 via the external I / F 5009, and can acquire information read from the IC card. Note that the storage medium is not limited to an IC card, and any storage medium that can identify a user may be used. In this case, identification information for identifying the user is stored in the storage medium. This identification information may be a production number of the storage medium or a user code given by the user within the company. The above devices are arranged on the system bus.

On the other hand, an image bus interface (IMAGE BUS I / F) 5008 is a bus bridge that connects a system bus 5016 and an image bus 5017 that transfers image data at high speed and converts a data structure.
The image bus 5017 is configured by a PCI bus or IEEE1394. The following devices are arranged on the image bus 5017.
A raster image processor (RIP) 5010 develops, for example, vector data such as a PDL code into a bitmap image.

  A printer interface (printer I / F) 5011 connects the printer 5014 and the controller unit 5000, and performs synchronous / asynchronous conversion of image data.

  A scanner interface (scanner I / F) 5012 connects the scanner 5015 and the controller unit 5000, and performs synchronous / asynchronous conversion of image data.

  An image processing unit 5013 corrects, processes, and edits input image data, and performs printer correction, resolution conversion, and the like on print output image data. In addition to this, the image processing unit 5013 performs rotation of image data and compression / decompression processing such as JPEG for binary image data and JBIG, MMR, MH for binary image data.

  A scanner 5015 connected to the scanner I / F 5012 illuminates an image on paper as a document and scans it with a CCD line sensor, thereby converting it into an electrical signal as raster image data. The original paper is set on the tray of the original feeder, and when the apparatus user gives a reading start instruction from the operation unit 5018, the CPU 5001 gives an instruction to the scanner, and the feeder feeds the original paper one by one to read the original image. I do.

  A printer 5014 connected to the printer I / F 5011 is a part that converts raster image data into an image on paper. The method is an electrophotographic method using a photosensitive drum or a photosensitive belt, and ink is supplied from a micro nozzle array. There is an ink jet method for ejecting and printing an image directly on a sheet, but any method may be used. The printing operation is started in response to an instruction from the CPU 5001. The printer 5014 has a plurality of paper feed stages so that different paper sizes or different paper orientations can be selected, and has a paper cassette corresponding thereto.

  An operation unit 5018 connected to the operation unit I / F 5005 includes a liquid crystal display (LCD) display unit. A touch panel sheet is affixed on the LCD and displays a system operation screen. When a displayed key is pressed, the position information is transmitted to the CPU 5001 via the operation unit I / F 5005. The operation unit 5018 includes, for example, a start key, a stop key, an ID key, a reset key, and the like as various operation keys.

Here, the start key of the operation unit 5018 is used when starting a document image reading operation. There are green and red LEDs in the center of the start key, and indicates whether or not the start key can be used depending on the color. The stop key of the operation unit 5018 serves to stop the operation being performed. The ID key of the operation unit 5018 is used when inputting the user ID of the user. The reset key is used when initializing settings from the operation unit 5018.

  A card reader 500 connected to the external I / F 5009 reads information stored in an IC card (for example, Sony FeliCa (registered trademark)) under the control of the CPU 5001, and reads the read information to the external I / F 5009. The CPU 5001 is notified via F5009.

Next, each functional block of each device in this system will be described with reference to the functional block diagram of FIG. Each function is executed by the CPU, and detailed processing executed by each function will be described with reference to the flowcharts of FIGS.
First, functional units of the client PC 100 will be described.

  The print data generation unit 150 on the client PC 100 can generate print data (job) based on the data received from the application program, and can transmit the print data to the MFP 300 or the like.

  The user information acquisition unit 151 on the client PC 100 has a function of acquiring information (user name, display name, etc.) of a user who has logged in to the client PC.

A multifunction device search unit 152 on the client PC 100 searches for a multifunction device on the network, and identifies a multifunction device that transmits user information and a password input by the user.
The UI control unit 153 on the client PC 100 displays user information acquired by the user information acquisition unit and controls a screen for inputting a card registration password.

  The multifunction device communication unit 154 on the client PC 100 transmits user information including a user name and a card registration password to the multifunction device 300. In addition, the transmission result from the multifunction device 300 is received.

Next, functional units of the multifunction machine 300 will be described.
The IC card reader control unit 250 on the multifunction device 300 acquires card information (manufacturing number and the like) held over the card reader 500.

The authentication table management unit 251 on the multifunction device 300 manages the password management table (FIG. 12), the normal card authentication table (FIG. 13), and the temporary card authentication table (FIG. 14) in the multifunction device 300.
The authentication unit 252 on the multi-function device 300 permits the use of the multi-function device by using the user information when the overall control of the authentication system and the authentication are successful.

  The client PC communication unit 253 on the MFP 300 receives a user information registration request transmitted from the client PC 100. The registration result is transmitted to the client PC 100.

  The temporary card management unit 254 on the multifunction peripheral 300 refers to the temporary card management table managed in the multifunction peripheral, and counts the number of cards that are to be registered continuously registered as temporary cards. Also, a card that has been continuously registered as a temporary card for a certain number of times is determined to be a temporary card.

Hereinafter, the processing in the system of the present embodiment will be described in more detail with reference to the flowcharts of FIGS.
In addition, about each step, CPU of each apparatus performs a process.

  In this embodiment, the user transmits user information and password information from the PC used by the user to the multifunction machine to be used. The user information acquisition unit automatically acquires login user information to prevent impersonation, and the multifunction device to be registered is one in which the multifunction device search unit searches for a multifunction device on the network in advance. Will be described.

  First, the user information registration process in the embodiment of the present invention will be described with reference to FIG. FIG. 5 is a flowchart of the user information registration process.

  In step S100, the user information acquisition unit 151 of the client PC 100 acquires user information (user name and display name) of the user who has logged in to the client PC.

  In step S101, the UI control unit 153 of the client PC 100 displays a card information registration tool screen shown in FIG. The user information acquired in step S100 is displayed on the card information registration tool screen shown in FIG. It also has additional information such as an email address 1602 and input items for a card registration password 1603. On this card information registration tool screen, the user receives an e-mail address and a card registration password. Further, in response to pressing of the search button 1604, device information of the multifunction peripheral 300 that can register user information is received and displayed. That is, when an application as a management tool is executed, an example of processing for acquiring user identification information of a logged-in user who has logged in to the client PC 100 by the application and displaying the user identification information in an unchangeable manner is shown. .

  In step S102, the UI control unit 153 of the client PC 100 determines whether the registration button 1605 on the card information registration tool screen has been pressed. If pressed, the process proceeds to step S103.

  When the registration button is pressed, the MFP communication unit 154 acquires data displayed and input on the card information registration tool screen. That is, an example of processing for acquiring user information including user identification information and a password is shown.

In step S103, the MFP communication unit 154 of the client PC 100 transmits a user information registration request to the MFP 300 using the data displayed / input on the card information registration tool screen. In other words, an example of a process for transmitting user information to the multifunction peripheral is shown.
For the destination MFP, device information (IP address, device name, etc.) obtained by the MFP searching unit 152 searching for the MFP on the network in advance is used.

  The user information registration request includes a user name, an e-mail address, and a card registration password. It is preferable that at least the user name and the card registration password are included.

In step S104, the client PC communication unit 253 of the MFP 300 receives the user information registration request transmitted in step S103. That is, an example of processing for receiving user information from the client PC 100 is shown.
In step S105, the authentication table management unit 251 of the MFP 300 acquires a password management table (FIG. 12) managed in the MFP.

  In step S106, the authentication table management unit 251 of the MFP 300 determines whether the user name included in the user information registration request received in step S104 exists in the password management table acquired in step S105. When it exists, it progresses to step S107, and when it does not exist, it progresses to step S108.

In step S108, the authentication table management unit 251 of the MFP 300 registers the user information acquired in step S104 in the password management table acquired in step S105. That is, an example of processing for managing received user information is shown.
In step S109, the MFP communication unit 154 of the client PC 100 of the MFP 300 transmits the user information registration result to the client PC 100.
In step S110, the MFP communication unit 154 of the client PC 100 receives the user information registration result transmitted from the MFP 300.

  In step S111, the UI control unit 153 of the client PC 100 displays the user information registration result received in step S110 on the card information registration tool screen shown in FIG. 16, and the process ends. Specifically, a registration completion display is performed.

  Next, the IC card registration process in the embodiment of the present invention will be described with reference to FIGS. FIG. 6 is a flowchart of the IC card registration process 1.

The processing of the MFP 300 is described as being executed by an application that operates on the MFP 300, but may be operated on the platform of the MFP 300.
In step S200, the authentication unit 252 of the MFP 300 displays the IC card authentication screen shown in FIG. 17 on the touch panel of the MFP.

In step S201, the authentication unit 252 of the MFP 300 determines whether the IC card information registration button 1701 on the IC card authentication screen illustrated in FIG. 17 has been pressed. If pressed, the process proceeds to step S202.
In step S202, the authentication unit 252 of the multifunction device 300 displays the IC card information registration screen in FIG. 18 on the touch panel that is the operation unit of the multifunction device 300.

  In the IC card information registration screen, an input of a user name 1801 and a password 1802 corresponding to the card registration password is received by a user operation, and the input information is displayed. That is, an example of processing for receiving user information including user identification information and a password is shown.

In step S203, the authentication unit 252 of the MFP 300 determines whether the user confirmation button 1803 on the IC card authentication screen illustrated in FIG. 18 has been pressed. If pressed, the process proceeds to step S204.
In step S204, the authentication table management unit 251 of the multifunction device 300 acquires a password management table (FIG. 12) managed in the multifunction device.

In step S205, whether the authentication table management unit 251 of the MFP 300 includes the user name and password input in the IC card information registration screen (FIG. 18) in the password management table (FIG. 12) acquired in step S204. Judging. When it exists, it progresses to step S207, and when it does not exist, it progresses to step S206.
In step S206, the authentication unit 252 of the MFP 300 displays an IC card registration error screen (not shown) and ends the process.
In step S207, the authentication table management unit 251 of the MFP 300 acquires the user information of the user searched in step S205.

  In step S208, the authentication unit 252 of the MFP 300 displays the IC card registration dialog shown in FIG. While the dialog is being displayed, the card reader 500 connected to the multifunction device 300 is in a card reading state. Specifically, the IC card reader control unit 250 makes a reading state by making a polling start request to the card reader 500.

  That is, the process of step S208 is performed when the user information received on the IC card information registration screen (FIG. 18) matches the user information managed by the password in the password management table (FIG. 12). 3 shows an example of a process for displaying a registration screen for determining the type of the item.

  In step S <b> 209, the IC card reader control unit 250 of the multifunction device 300 determines whether or not the IC card is held over the card reader 500 connected to the multifunction device 300. If it is detected that the IC card is held up, the process proceeds to step S211. If it is not detected, the process proceeds to step S210. When the IC card is held over, the information (manufacturing number, etc.) stored in the IC card is read. That is, an example of processing for reading an object to be read such as an IC card is shown.

In step S210, the authentication unit 252 of the MFP 300 determines whether the “cancel” button displayed on the IC card registration dialog shown in FIG. 19 has been pressed. If pressed, the process is interrupted, and the process returns to step S202.
In step S <b> 211, the IC card reader control unit 250 of the MFP 300 acquires card information of the IC card held over the card reader 500.

  In this embodiment, the user information is acquired in step S207 and the card information is acquired in step S211. However, the IC card is read first, the input of the user ID and password is accepted, and the user information is acquired. It may be a procedure.

In step S <b> 212, the temporary card management unit 254 of the multifunction device 300 acquires the temporary card management table of FIG. 15 managed in the multifunction device 300.
In step S213, the authentication table management unit 251 of the MFP 300 acquires the setting file illustrated in FIG. 11 managed in the MFP.

In step S214, the authentication table management unit 251 of the MFP 300 determines the setting value of the temporary card registration mode 1104 described in the setting file acquired in step S213. This setting value is a setting for determining whether or not an IC card that has been continuously registered as a temporary card for a certain number of times or more is unconditionally regarded as a temporary card. If the set value is “fixed”, the process proceeds to step S215, and if it is “selected”, the process proceeds to step S217.
Since the default value is held as “selection”, if the card information is acquired in step S211, the process proceeds to step S217.

In step S215, the temporary card management unit 254 of the MFP 300 determines whether or not the temporary card management table (FIG. 15) acquired in step S212 includes the card information acquired in step S211. That is, an example of processing for determining whether or not a reading target object is a reading target to be registered as a temporary type according to a history (history information) registered as a temporary type is shown.
If card information is included, the process proceeds to step S216. If card information is not included, the process proceeds to step S218.

  In step S216, the temporary card management unit 254 of the MFP 300 compares the counter value 1501 of the card information in step S215 with the temporary card fixed count number 1105 included in the setting file (FIG. 11) acquired in step S213. .

  If the fixed count number of the temporary card is smaller than the counter of the card, it is determined whether the card is a normal card or a temporary card and it is not determined yet, and the process proceeds to step S217. If the counter of the card is equal to or greater than the fixed count of the temporary card, it is determined that the card is a temporary card, and the process proceeds to step S218. That is, it shows an example of processing for determining whether or not a reading object is registered as a temporary object according to the number of times of registration.

  Note that once a card is registered as a temporary card, the temporary card fixed count number 1105 is set to “1” when the card is operated as a temporary card at the time of subsequent registration.

  In step S217, the authentication unit 252 of the multifunction device 300 displays the IC card detection success dialog shown in FIG. 20 on the touch panel of the multifunction device. User information U2001 and card information U2002 to be registered are displayed on the dialog, and buttons (temporary card button U2003 and normal card button U2004) for selecting the type of card to be registered exist. It is assumed that the user cannot press the OK button U2005 unless pressing any card type button.

  In this IC card detection success dialog, selection of a button for registering the read IC card as a temporary card or as a normal card is accepted by a user operation. That is, an example of processing for selecting normal or temporary is shown.

  In step S218, the authentication unit 252 of the multifunction device 300 displays the IC card detection success dialog (temporary card fixation) shown in FIG. 21 on the touch panel of the multifunction device. User information and card information to be registered are displayed on the dialog. Further, a button in a state where the temporary card button 2101 is pressed is displayed, and a button 2102 in a state where the normal card button cannot be pressed (for example, grayed out) is displayed.

  In the case of step S218, since it is registered as a temporary card, it may be stored in the memory that it is selected as a temporary card, and a button for selecting the type of card to be registered may not be displayed. That is, the IC card registered via this dialog is registered in a state where it is automatically determined as a temporary card.

  Next, the IC card registration process following FIG. 6 will be described with reference to FIG. FIG. 7 is a flowchart of the IC card registration process 2.

  In step S300, the authentication unit 252 of the MFP 300 selects the card type in the IC card detection success dialog shown in FIG. 20 or the IC card detection success dialog shown in FIG. It is then determined whether or not the “OK” button has been pressed. If the button has been pressed, the process proceeds to step S302. If the button has not been pressed, the process proceeds to step S301.

  In step S301, whether or not the authentication unit 252 of the MFP 300 has pressed the “Cancel” button on the IC card detection success dialog shown in FIG. 20 or the IC card detection success dialog (temporary card fixing) shown in FIG. Judging. If pressed, the process returns to step S202.

In step S302, whether the authentication unit 252 of the MFP 300 has pressed the “normal card” button in the IC card detection success dialog shown in FIG. 20 or the IC card detection success dialog (temporary card fixing) shown in FIG. It is determined whether or not the “temporary card” button is pressed. If the “normal card” button is pressed, the process proceeds to step S303, and if the “temporary card” button is pressed, the process proceeds to step S305.
In the IC card detection success dialog (temporary card fixation) shown in FIG. 21, the “Temporary card” button is pressed, and the process proceeds to step S305.

  In step S303, the authentication unit 252 of the MFP 300 determines that the type of card to be registered is a normal card, and sets the card type to “normal card”.

In step S305, the authentication unit 252 of the MFP 300 determines that the type of card to be registered is a temporary card, and sets the card type to “temporary card”.
In step S <b> 306, the authentication table management unit 251 of the multifunction device 300 acquires the normal card authentication table of FIG. 13 managed in the multifunction device 300.

In step S307, the authentication table management unit 251 of the MFP 300 determines whether the card information acquired in step S211 is registered in the normal card authentication table (FIG. 13). If registered, the process proceeds to step S308. If not registered, the process proceeds to step S309. Here, any registered user name may be used.
In step S308, the authentication table management unit 251 of the MFP 300 deletes the card information searched in step S307.
In step S309, the authentication table management unit 251 of the multifunction device 300 acquires the temporary card authentication table of FIG. 14 managed in the multifunction device.

  In step S310, the authentication table management unit 251 of the MFP 300 determines whether the card information acquired in step S211 is registered in the temporary card authentication table (FIG. 14). If it is registered, the process proceeds to step S311. If it is not registered, the process proceeds to step S400. Note that any user name registered here may be used.

  In step S311, the authentication table management unit 251 of the MFP 300 deletes the card information searched in step S310. By performing the processing from step S307 to step S311, even if the IC card to be registered has already been registered with another user, the IC card becomes the IC card of the user who newly performed the registration processing. Here, it is handled in the same way as regular cards and temporary cards, but only temporary cards are allowed to be overwritten, and normal cards are not assumed to be used again. It may be an error.

  Next, the IC card registration process following FIG. 7 will be described with reference to FIG. FIG. 8 is a flowchart of the IC card registration process 3.

  In step S400, the authentication table management unit 251 of the MFP 300 determines the card type set in step S303 or step S304. If the card type is a regular card, the process proceeds to step S401, and if the card type is a temporary card, the process proceeds to step S406.

In step S401, the authentication table management unit 251 of the MFP 300 registers the user name information input on the IC card information registration screen (FIG. 18) in the normal card authentication table (FIG. 13) acquired in step S306. Judge whether or not. If registered, the process proceeds to step S402, and if not registered, the process proceeds to step S403. Here, any registered card information may be used.
In step S402, the authentication table management unit 251 of the MFP 300 deletes the user information searched in step S401.

  In step S403, the authentication table management unit 251 of the MFP 300 associates the user information acquired in step S207 and the card information acquired in step S211 with the normal card authentication table (FIG. 13) to authenticate the normal card. Register as information. That is, an example of a control process for storing authentication information in which user information and identification information of a reading object are associated with each other as the type (normal) reading object determined on the registration screen illustrated in FIG. is there.

  In this embodiment, after deleting the user information in step S402, the user information and the card information are registered in step S403. However, the process may be executed in the reverse procedure.

In step S404, the authentication table management unit 251 of the MFP 300 registers the user name information input on the IC card information registration screen (FIG. 18) in the temporary card authentication table (FIG. 14) acquired in step S309. Judge whether or not. If it is registered, the process proceeds to step S405. If it is not registered, the process proceeds to step S406. Here, any registered card information may be used.
In step S405, the authentication table management unit 251 of the MFP 300 deletes the user information searched in step S405.

  In step S406, the authentication table management unit 251 of the MFP 300 associates the temporary card authentication table (FIG. 14) with the user information acquired in step S207 and the card information acquired in step S211 to authenticate the temporary card. Register as information. That is, it shows an example of a control process for storing authentication information in which user information and identification information of a reading object are associated with each other as a type (temporary) reading object determined on the registration screen shown in FIG. is there.

  In this embodiment, after deleting the user information in step S405, the user information and the card information are registered in step S406. However, the process may be executed in the reverse procedure.

  It should be noted that the processing from step S401 to step S402 and step S404 to step S405 allows one user to operate with one normal card and one temporary card. A normal card may be configured to allow multiple registrations.

  In step S407, the temporary card management unit 254 of the multifunction peripheral 300 adds 1 to the counter information of the card in the temporary card management table (FIG. 15). If the card information is not stored in the temporary card authentication table (FIG. 14), the card number is registered and the counter is set to 1. Note that the temporary card registration history is retained, and the counter information is counted up by referring to the temporary card registration history even when the card information is automatically deleted from the temporary card authentication table (FIG. 14). It may be.

  In step S408, the authentication table management unit 251 of the multifunction machine 300 deletes the user information in the password management table (FIG. 12) because the card registration is successful. That is, it is assumed that the card registration password can be used only once.

  In step S409, the authentication unit 252 of the MFP 300 displays the IC card registration success dialog shown in FIG. 22 on the touch panel of the MFP. In the case of a card registered as a temporary card, the expiration date 2201 is also described on the dialog. The expiration date can be arbitrarily set by the administrator, such as one day.

  In the present embodiment, the “keyboard authentication” button is provided on the IC card authentication screen of FIG. 17, but the keyboard authentication is normally used as an IC card for maintenance by an administrator or the like. Authentication shall be executed by authentication.

Next, the IC card authentication process will be described with reference to FIG. FIG. 9 is a flowchart of the IC card authentication process.
In step S <b> 500, the authentication unit 252 of the multifunction device 300 displays the IC card authentication screen illustrated in FIG. 17 on the touch panel of the multifunction device 300.
In step S501, the IC card reader control unit 250 of the multifunction device detects that the IC card is held over the card reader 500 connected to the multifunction device.

In step S <b> 502, the IC card reader control unit 250 of the multifunction device 300 acquires card information read from the IC card held over the card reader 500.
In step S503, the authentication table management unit 251 of the multi-function peripheral 300 acquires a normal card management table (FIG. 13) managed by the multi-function peripheral 300.

In step S504, the authentication table management unit 251 of the multifunction machine 300 determines whether the card information acquired in step S502 is included in the normal card authentication table (FIG. 13) acquired in step S503. If card information is included, the process proceeds to step S505. If card information is not included, the process proceeds to step S508.
In step S505, the authentication table management unit 251 of the MFP 300 acquires the user information searched in step S504.

In step S506, the authentication unit 252 of the MFP 300 logs in to the MFP 300 using the user information acquired in step S505. At the time of login, the user information is set in the area for storing the login information to enter the login state, and various functions of the multifunction device 300 can be executed.
For example, it is possible to display a list of print jobs stored in the MFP 300 owned by the logged-in user and execute printing.

In step S507, the authentication table management unit 251 of the MFP 300 updates the last login date 1301 of the record in the normal card authentication table (FIG. 13) corresponding to the user information searched in step S504, and ends the process. To do.
In step S508, the authentication table management unit 251 of the multifunction device 300 acquires a temporary card management table managed in the multifunction device.

In step S509, the authentication table management unit 251 of the MFP 300 determines whether or not the temporary card authentication table (FIG. 14) acquired in step S508 includes the card information acquired in step S502. If card information is included, the process proceeds to step S501. If card information is not included, the process proceeds to step S513.
In step S510, the authentication table management unit 251 of the MFP 300 acquires the user information searched in step S509.

  In step S511, the authentication unit 252 of the MFP 300 logs in to the MFP using the user information acquired in step S510. At the time of login, the user information is set in the area for storing the login information to enter the login state, and various functions of the multifunction device 300 can be executed.

In step S512, the authentication table management unit 251 of the MFP 300 updates the last login date 1401 of the record of the temporary card authentication table (FIG. 14) corresponding to the user information searched in step S509, and ends the process. To do.
In step S513, the authentication unit 252 of the multifunction device 300 displays an IC card authentication error screen (not shown) on the touch panel of the multifunction device 300, and the process ends.

  Next, an authentication table deletion process will be described with reference to FIG. FIG. 10 is a flowchart of authentication table deletion processing.

The deletion process of the authentication table is periodically executed, for example, when the date is changed, and the deletion process of the table record is performed according to the number of valid days of each table.
In step S <b> 600, the authentication table management unit 251 of the multifunction device 300 acquires a setting file managed by the multifunction device 300.
In step S <b> 601, the authentication table management unit 251 of the multifunction device 300 acquires a password management table (FIG. 12) managed by the multifunction device 300.

In step S602, the authentication table management unit 251 of the MFP 300 registers the registration date and time 1201 of the password management table (FIG. 12) acquired in step S601 and the “password” set in the setting file (FIG. 11) acquired in step S600. The information of the management table validity period 1101 "is compared, and the user information that has passed the validity period is deleted. Note that the validity period of 0 means that the deletion is performed at the timing when this process is run.
In step S <b> 603, the authentication table management unit 251 of the multifunction device 300 acquires the normal card authentication table (FIG. 13) managed by the multifunction device 300.

In step S604, the authentication table management unit 251 of the MFP 300 is set in the last login date 1301 of the normal card authentication table (FIG. 13) acquired in step S603 and the setting file (FIG. 11) acquired in step S600. The information of “normal card authentication table validity period 1102” is compared, and the user information whose validity period has expired is deleted. Note that the validity period of 14 means that a record that is 14 days from the last login date and time is deleted at the timing when this process is executed.
In step S605, the authentication table management unit 251 of the multifunction device 300 acquires a temporary card authentication table (FIG. 14) managed by the multifunction device 300.

  In step S606, the authentication table management unit 251 of the multi-function peripheral 300 uses the “temporary card authentication” set in the last login date 1401 of the temporary card authentication table (FIG. 14) acquired in step S605 and the setting file acquired in step S600. The information of the table valid period 1103 "is compared, and the user information that has passed the valid period is deleted. Note that the validity period of 1 means that a record that is one day after the last login date and time is deleted at the timing when this process is executed.

Next, a functional block diagram according to the present invention will be described with reference to FIG. 4 is a functional block diagram in the above-described embodiment.
FIG. 23 is described as a functional block diagram of an authentication information management system including an information processing apparatus and an image forming apparatus that manages authentication information.

First, functional blocks of the information processing apparatus will be described.
The acquisition unit 2301 is a functional unit that acquires user information including user identification information and a password.
The transmission unit 2302 is a functional unit that transmits user information to the image forming apparatus.

  When the application is executed, the user information display unit 2303 acquires the user identification information of the logged-in user of the information processing apparatus by the application, and displays the user identification information in an unchangeable manner.

The transmission unit 2302 is a functional unit that transmits, to the image forming apparatus, user information including a password input by the user on the application screen and user identification information displayed on the user information display unit 2303.
Note that the information processing apparatus stores an application for inputting user information and a password.

Next, functional blocks of the image forming apparatus will be described.
A receiving unit 2304 is a functional unit that receives user information from the information processing apparatus.
The management unit 2305 is a functional unit that manages user information received by the reception unit 2304.
The user information receiving unit 2306 is a functional unit that receives user information including user identification information and a password.
The reading unit 2307 is a functional unit that reads and controls a reading object.

  When the user information received by the user information receiving unit 2306 matches the user information managed by the management unit 2305, the display unit 2308 displays a registration screen for determining the type of the reading object read by the reading unit 2307. It is a functional part to do. The type is a type indicating normal or extraordinary.

  The storage unit 2309 stores and controls authentication information in which user information and identification information of a reading object obtained by reading by the reading unit 2307 are associated with each other as a reading object of the type determined on the registration screen. Part.

  The determination unit 2310 is a functional unit that determines whether the reading object read by the reading unit 2307 is a reading object to be registered as a temporary type according to a history registered as a temporary type.

In addition, when it is determined that the reading object read by the reading unit 2307 is a reading object to be registered as a temporary object, the storage unit 2309 stores the user information and the reading unit as a temporary type reading object. This is a functional unit that stores and controls authentication information that is associated with identification information of an object to be read obtained by reading in 2307.
Further, the history in which the reading object is registered with the temporary type is the number of times of registration with the temporary type.
The determination unit 2310 is a functional unit that determines whether the object is a reading target to be registered as a temporary object according to the number of registrations.
The selection unit 2311 is a functional unit that selects normal or temporary on the registration screen.

  Further, when the type determined according to the selection by the selection unit 2311 is normal, the storage unit 2309 associates the user information with the identification information of the reading object obtained by reading by the reading unit 2307. When the storage control is performed on the first management table that manages the normal reading object and the type determined according to the selection by the selection unit 2311 is temporary, the user information and the reading unit 2307 read the information. This is a functional unit that controls the storage of the authentication information that is associated with the identification information of the reading object obtained in this manner on the second management table that manages the temporary reading object.

  The deletion unit 2312 matches the user information received by the user information reception unit 2306 and the user information managed by the management unit 2305, and the user information and the identification information of the reading object obtained by reading by the reading unit 2307 Is a functional unit that deletes the authentication information managed by the management unit 2305 when the storage unit 2309 stores and controls the authentication information associated with. In addition, when the reading object is read by the reading unit 2307 and it is determined that the reading object is of a normal type according to the authentication information stored in the storage unit 2309, it corresponds to the identification information of the reading object. It is a functional unit that deletes authentication information including identification information of a reading object registered as a temporary type related to user identification information to be attached.

  As described above, according to the present embodiment, it is possible to simplify the registration work of an object to be read such as an IC card and to improve the management of authentication information.

  Further, it is possible to select and register a normal reading object or a temporary reading object, thereby improving convenience and improving management efficiency. By performing management separately depending on whether the object is a normal reading object or a temporary reading object, the management can be made more efficient.

Furthermore, since it is possible to prevent a user from impersonating and registering an object to be read, it is possible to prevent registration fraud while simplifying the registration work, and to improve management efficiency and management load. It becomes possible.
It should be noted that the configuration and contents of the various data described above are not limited to this, and it goes without saying that the various data and configurations are configured according to the application and purpose.

Next, a second embodiment will be described.
Note that the description of the same configuration and processing as in the first embodiment will be omitted.

  In the second embodiment, it is possible to simplify the registration work, further improve the efficiency of management of authentication information, and enhance security. For example, even if a user borrows a temporary card and uses it, another user picks up the normal card and tries to log in to the MFP 300. Do not allow. In addition, when a temporary card is being used and a regular card is held over, the information on the temporary card can be easily deleted by holding the temporary card. It becomes possible to improve efficiency.

  Furthermore, if a user who borrows a temporary card thinks that he has forgotten his / her normal card and later finds out that he / she has a normal card and returns the temporary card, he / she can again use the card from the client PC without the temporary card. By performing registration processing and instructing normal card registration in the multifunction device 300, the temporary card information registered in the multifunction device 300 is automatically deleted, and login with the normal card becomes possible. It is possible to eliminate the management of the card information by the card and improve the management of the authentication information.

Hereinafter, characteristic processing of the present embodiment will be described with reference to FIGS.
FIG. 24 is a flowchart corresponding to FIG. 8 of the first embodiment. Each step is executed by the CPU 5001. The process added as the second embodiment in FIG. 24 is a process of deleting a registered temporary card when registering a normal card.

  In step S700, the authentication table management unit 251 of the MFP 300 registers the user name information input on the IC card information registration screen (FIG. 18) in the temporary card authentication table (FIG. 14) acquired in step S309. Judge whether or not. If it is registered, the process proceeds to step S701. If it is not registered, the process proceeds to step S408.

  In step S701, the authentication table management unit 251 of the MFP 300 deletes the user information searched in step S700. This is because the temporary card is held over and registered, and it is determined that the temporary card is no longer necessary, so it is deleted. For example, when a user borrows a temporary card but notices that he / she has a regular card and returns the temporary card on the day of borrowing, the temporary card is deleted without taking the administrator's trouble. be able to.

  FIG. 25 is a flowchart corresponding to FIG. 9 of the first embodiment. Each step is executed by the CPU 5001. The added process in FIG. 25 is a process for deleting a registered temporary card when a normal card is held over for login.

  In step S800, the authentication table management unit 251 of the multifunction peripheral 300 acquires a temporary card authentication table (FIG. 14) managed in the multifunction peripheral.

  In step S801, the authentication table management unit 251 of the MFP 300 matches the temporary card authentication table (FIG. 14) acquired in step S800 with card information corresponding to the user name in the user information acquired in step S505 (the user name matches). It is determined whether or not the card information of the temporary card to be registered). If it is registered, the process proceeds to step S802. If it is not registered, the process proceeds to step S506.

  In step S802, the authentication table management unit 251 of the MFP 300 acquires the last login date 1401 registered in the user information searched in step S801, and determines whether or not the last login date and time using the temporary card has been implemented today. to decide. Whether it was implemented today is determined based on the system date and time managed in the MFP 300.

  If the last login date and time of the temporary card is today, the process proceeds to step S804. If not, the process proceeds to step S803. Here, it is determined by whether or not the last login of the temporary card is today, but this may be changed according to the use situation or environment, and it is set in the setting file in FIG. Determined by the number of days (may be hours). It may be set to force true.

  In step S803, the authentication table management unit 251 of the MFP 300 deletes the user information (temporary card information) retrieved in step S801 from the temporary card authentication table (FIG. 14). This is because the reason for the temporary card issuance is that the normal card is forgotten, and the normal card is held today. That is, it is determined that the temporary card is no longer necessary.

  In step S804, a temporary card registered authentication error dialog (FIG. 26) is displayed on the touch panel of the multi-function apparatus 300. While the dialog is being displayed, the card reader 500 connected to the multifunction device 300 is in a card reading state. Specifically, the IC card reader control unit 250 makes a reading state by making a polling start request to the card reader 500. This is because the fact that the normal card was held over even though the temporary card was used on the same day was determined that the normal card may be illegally used. However, since it cannot always be said that the card is illegally used, it is determined that the card is not illegally used by holding the temporary card when the error is displayed, and the temporary card information can be easily deleted in the normal login flow. Let it continue.

  In step S805, the IC card reader control unit 250 of the multifunction device 300 holds a card (temporary card) with the card information registered in the user information searched in step S801 on the card reader 500 connected to the multifunction device 300. It is judged whether it was done. If it is detected that the temporary card is held, the process proceeds to step S807. If not detected, the process proceeds to step S806.

  In step S806, the authentication unit 252 of the MFP 300 determines whether the “authentication cancel” button displayed on the temporary card registered authentication error dialog shown in FIG. 26 has been pressed. If the button is pressed, the continuation of the authentication process related to login is stopped, and the process returns to step S500. In this case, the authentication is not performed. However, if there is no temporary card, the normal card information may be locked because the possibility of unauthorized use is high. When the normal card is locked, it can be used by registering the normal card again.

  In step S807, the authentication table management unit 251 of the MFP 300 deletes the user information retrieved in step S801 from the temporary card authentication table (FIG. 14).

In step S808, a temporary card deletion success dialog (not shown) is displayed on the touch panel of the MFP 300.
In step S809, the authentication unit 252 of the MFP 300 determines whether an “OK” button on the temporary card deletion success dialog (not shown) displayed in step S808 has been pressed. If the button is pressed, the process proceeds to step S506 and the login process is continued.

Accordingly, authentication information can be efficiently managed while continuing the login process, and for example, management can be facilitated even in a company or department without an administrator.
In particular, when operating using a plurality of types of cards such as a normal card and a temporary card, it is effective to easily delete the registered temporary card when the normal card is held over.

As described above, according to the present embodiment, it is possible to simplify the registration work of an object to be read such as an IC card and to improve the management of authentication information.
In particular, in the second embodiment, it is possible to increase the efficiency of management of authentication information while improving security.

  Further, as in the first embodiment, it is possible to select and register a normal reading object or a temporary reading object, thereby improving convenience and improving management efficiency. By performing management separately depending on whether the object is a normal reading object or a temporary reading object, the management can be made more efficient.

Furthermore, since it is possible to prevent a user from impersonating and registering an object to be read, it is possible to prevent registration fraud while simplifying the registration work, and to improve management efficiency and management load. It becomes possible.
It should be noted that the configuration and contents of the various data described above are not limited to this, and it goes without saying that the various data and configurations are configured according to the application and purpose.

Although one embodiment has been described above, the present invention can take an embodiment as, for example, a system, apparatus, method, program, or recording medium, and specifically includes a plurality of devices. The present invention may be applied to a system including a single device. For example, various tables are stored in the multifunction device 300 and realized in the multifunction device 300. However, various tables are stored in a server or a management device that is another casing, and communication between the multifunction device 300 and the server is performed. The configuration may be such that the authentication information registration is deleted.
Further, an information processing apparatus (an apparatus different from the client PC 100) may be connected to the multifunction machine 300, and the information processing apparatus may control the login of the multifunction machine 300. In this case, if the information processing apparatus determines that the authentication has been successful and issues a login command from the information processing apparatus to the multifunction peripheral 300, the multifunction peripheral 300 becomes usable.

  Moreover, the program in this invention is a program which can perform the processing method of the flowchart shown in FIGS. 5-10 and FIGS. 24-25, and the storage medium of this invention is FIGS. A program capable of being executed by the computer in the processing method of FIG. 25 is stored. In addition, the program in this invention may be a program for every processing method of each apparatus of FIGS. 5-10 and FIGS.

  As described above, a recording medium that records a program that implements the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by executing the reading.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium storing the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, silicon A disk, solid state drive, or the like can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (operating system) operating on the computer based on an instruction of the program is actually It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the processing and the processing is included.

  Furthermore, after the program read from the recording medium is written to the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is based on the instructions of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  Further, the present invention may be applied to a system composed of a plurality of devices or an apparatus composed of a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

Furthermore, by downloading and reading a program for achieving the present invention from a server, database, etc. on a network using a communication program, the system or apparatus can enjoy the effects of the present invention.
In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

100 client PC
300 MFP 400 LAN
500 card reader

Claims (11)

An image forming apparatus comprising storage means for storing user information including user identification information and password inputted by the information processing apparatus,
User information receiving means for receiving user information including user identification information and a password in accordance with a user operation ;
Reading means for reading an object to be read;
If the user information received by the user information receiving means matches the user information stored in the storage means, the reading object read by the reading means is used as a reading object to be temporarily used, or Display means for displaying a designation screen that can designate the type of reading object to be used ;
Register authentication information in which the user information and the identification information of the reading object obtained by reading by the reading unit are associated with each other so that the reading object is managed by the type specified on the designation screen an image forming apparatus comprising: a registration means for. History management means for managing history information of identification information of the reading object registered as the reading object to be temporarily used by the registration means;
When the reading object read by the reading unit is identified as a reading object to be temporarily used according to the history information, the user information and the reading object to be temporarily used are The image forming apparatus according to claim 1, wherein authentication information associated with identification information of the reading object obtained by reading by the reading unit is registered. If the reading object read by the reading means is identified as a reading object that is temporarily used, the display means reads the reading object that temporarily uses the reading object on the designation screen. The image forming apparatus according to claim 2, wherein control is performed such that a type to be an object is designated. First deletion means for deleting authentication information registered by the registration means at a set timing corresponding to the type.
The image forming apparatus according to claim 1, further comprising: By registering authentication information in which the user information and identification information of the reading object obtained by reading by the reading unit are associated with each other so that the registration unit normally uses the reading object, Second deletion means for deleting authentication information including identification information corresponding to the user information registered as a reading object to be temporarily used
The image forming apparatus according to claim 1, further comprising: In order to log in to the image forming apparatus, when the reading object is read by the reading unit and the identification information of the reading object is registered as a reading object to be normally used, the user information is temporarily used. Deletion means for deleting authentication information registered as a read object to be read
The image forming apparatus according to claim 1, further comprising: An authentication information management system including an information processing apparatus and an image forming apparatus that manages authentication information ,
The information processing apparatus includes:
Obtaining means for obtaining user information including user identification information and a password;
Transmitting means for transmitting the user information to the image forming apparatus;
With
The image forming apparatus includes:
Receiving means for receiving the User chromatography The information from the information processing apparatus,
Storage means for storing user information received by the receiving means;
User information receiving means for receiving user information including user identification information and a password in accordance with a user operation ;
Reading means for reading an object to be read;
If the user information received by the user information receiving means matches the user information stored in the storage means, the reading object read by the reading means is used as a reading object to be temporarily used, or Display means for displaying a designation screen that can designate the type of reading object to be used ;
Wherein as the reading object with the specified type in the specified screen is managed, it registers the authentication information associating the identification information of the object to be read obtained by reading the user information and the reading means An authentication information management system comprising: a registration unit configured to perform registration . A processing method of an image forming apparatus including a storage unit that stores user information including user identification information and a password input by an information processing apparatus,
The image forming apparatus is
A user information receiving step for receiving user information including user identification information and a password in accordance with a user operation ;
A reading step for reading a reading object;
If the user information received in the user information reception step matches the user information stored in the storage means, the reading object read in the reading step is used as a reading object to be temporarily used, or A display step for displaying a designation screen on which the type of reading object to be used can be designated ;
Register authentication information that associates the user information with the identification information of the reading object obtained by reading in the reading step so that the reading object is managed with the type specified on the designation screen And a registration step for performing the processing. An authentication information management system processing method including an information processing device and an image forming apparatus that manages authentication information,
The information processing apparatus is
An acquisition step of acquiring user information including user identification information and a password;
Transmitting the user information to the image forming apparatus;
The image forming apparatus includes:
A receiving step of receiving the User chromatography The information from the information processing apparatus,
A storage control step for storing and controlling the user information received in the reception step;
A user information receiving step for receiving user information including user identification information and a password in accordance with a user operation ;
A reading step for reading a reading object;
When the user information received in the user information reception step matches the user information stored in the storage control step, the reading object read in the reading step is temporarily used as a reading object, A display step for displaying a designation screen on which a type of reading object to be normally used can be designated ;
Wherein as the reading object with the specified type in the specified screen is managed, it registers the authentication information associating the identification information of the object to be read obtained by reading the user information and the reading step And a registration step for performing the processing. A program for an image forming apparatus including a storage unit for storing user information including user identification information and a password input by an information processing apparatus,
The image forming apparatus
User information receiving means for receiving user information including user identification information and a password in accordance with a user operation ;
Reading means for reading an object to be read;
If the user information received by the user information receiving means matches the user information stored in the storage means, the reading object read by the reading means is used as a reading object to be temporarily used, or Display means for displaying a designation screen that can designate the type of reading object to be used ;
Register authentication information in which the user information and the identification information of the reading object obtained by reading by the reading unit are associated with each other so that the reading object is managed by the type specified on the designation screen A program characterized by functioning as a registration means. A program of an authentication information management system including an information processing apparatus and an image forming apparatus that manages authentication information,
The information processing apparatus;
Obtaining means for obtaining user information including user identification information and a password;
Function as a transmission means for transmitting the user information to the image forming apparatus;
The image forming apparatus;
Receiving means for receiving the User chromatography The information from the information processing apparatus,
Storage means for storing user information received by the receiving means;
User information receiving means for receiving user information including user identification information and a password in accordance with a user operation ;
Reading means for reading an object to be read;
If the user information received by the user information receiving means matches the user information stored in the storage means, the reading object read by the reading means is used as a reading object to be temporarily used, or Display means for displaying a designation screen that can designate the type of reading object to be used ;
Wherein as the reading object with the specified type in the specified screen is managed, it registers the authentication information associating the identification information of the object to be read obtained by reading the user information and the reading means A program characterized by functioning as a registration means.

Images