JP6897418B2 - Information processing device - Google Patents

Description

The present invention relates to an information processing device.

Regarding the use of resources and services provided by the network, individual users to whom authority is assigned, the usage status of resources and services, the number of licenses for each type of resource and service, etc. are managed. As a management method for resources and services provided by the network, management may be performed in units called tenants. Users of resources and services belong to the tenant and are assigned the authority to use the resources and services within the range of the license given to the tenant to which they belong. An administrator is set for the tenant. When a new tenant is opened, the manager of the tenant sets the license in the tenant, sets the users belonging to the tenant, assigns the authority to each user, and the like.

In Patent Document 1, a tenant who has contracted to provide a service, a user who belongs to the tenant, and a role indicating a user's access authority in the licensed service are registered in a user management table, and a user for setting a role for the user. A cloud system that provides an interface and updates user management tables according to roles set for the user via the user interface is disclosed. Further, in Patent Document 2, when a user who is not authenticated by the authentication function of the service providing system requests to use the service of the service providing system, the external service (IdP or the like) that can be set for each tenant is external. A service providing system that acquires the information of the user authenticated by the service authentication function and provides the service based on the information is disclosed.

Japanese Patent No. 5814639 JP-A-2017-333339

When a new tenant is opened, the administrator has taken a lot of time and effort to individually assign the authority to each user belonging to the tenant.

An object of the present invention is to reduce the time and effort of the administrator required for the work of assigning authority to each user belonging to the tenant.

The present invention according to claim 1
A control means that controls access to a resource based on the authority to use the resource on the network,
A management means for registering and managing a user who can access the resource via the control means, and a management means.
An acquisition means for acquiring information regarding the use of an external device associated with the control means, and
Notify the user of the external device shown in the usage information and not managed by the management means that the user can be registered as a user who can access the resource via the control means. Notification means and
It is an information processing apparatus characterized by being provided with.
The present invention according to claim 2
The information processing device according to claim 1, wherein the acquisition means acquires information regarding the use of the external device when the external device is subject to access control by the control means. ..
The present invention according to claim 3
The information according to claim 2, wherein the notification means notifies the user who has used the external device before the external device is subject to access control by the control means. It is a processing device.
The present invention according to claim 4
The acquisition means acquires history information regarding the use of the external device, extracts information on the user of the external device from the history information, and obtains information on the user of the external device.
The first aspect of claim 1, wherein the notification means detects a user who has used the external device for the first time based on the information of the user, and notifies the user who has used the external device for the first time. Information processing device.
The present invention according to claim 5
The information processing device according to claim 4, wherein the acquisition means periodically acquires the history information from the external device that is the target of access control by the control means.
The present invention according to claim 6
The acquisition means acquires history information regarding the use of the external device, extracts information on the frequency of use by the user of the external device from the history information, and obtains information on the frequency of use by the user of the external device.
The information processing apparatus according to claim 1, wherein the notification means detects a user whose usage frequency is higher than a predetermined threshold value, and notifies the detected user of the user. is there.
The present invention according to claim 7
The control means is characterized in that it limits the authority of the user regarding access to the resource with respect to a user whose frequency of use of the external device falls below a threshold value set separately from the threshold value. The information processing apparatus according to 6.
The present invention according to claim 8 is
The information processing device according to claim 1, wherein the notification means notifies the user when the attributes of the user of the external device match a predetermined attribute. Is.
The present invention according to claim 9
Tenant management means that manages the control function that controls access to the resource based on the authority to use the resource on the network and the management function that manages the users who can access the resource using the control function on a tenant-by-tenant basis. When,
An acquisition means for acquiring information on the use of an external device associated with the tenant, and
It can be registered as a user who can access the resource through the control function of the tenant to the user of the external device shown in the information regarding the usage and not managed by the tenant. Notification means to notify and
It is an information processing apparatus characterized by being provided with.
The present invention according to claim 10
The information processing according to claim 9, wherein the acquisition means acquires information regarding the use of the external device when the external device is subject to access control by the control function of the tenant. It is a device.
The present invention according to claim 11
The acquisition means acquires history information regarding the use of the external device, extracts information on the user of the external device from the history information, and obtains information on the user of the external device.
The ninth aspect of the present invention, wherein the notification means detects a user who has used the external device for the first time based on the user's information, and notifies the user who has used the external device for the first time. Information processing device.

According to the invention of claim 1, the access control by the tenant is the target as compared with the configuration in which the manager of the tenant, which is the control means and the management means, assigns the authority to the user belonging to the tenant. By identifying the user of the external device and notifying the user, it is possible to reduce the time and effort of the administrator required for the work of assigning the authority.
According to the invention of claim 2, the user of the external device newly subject to access control by the tenant is compared with the configuration in which the notification is given only to the user of the external device that is already subject to access control by the tenant. It is possible to reduce the time and effort of the administrator required for the work of assigning authority to the user.
According to the invention of claim 3, access control is performed for an external device newly subject to access control by the tenant, as compared with a configuration in which only the user of the external device that is already subject to access control by the tenant is notified. It is possible to reduce the time and effort of the administrator required for the work of assigning the authority to the previous user who is the target of.
According to the invention of claim 4, the external device that is the target of access control by the tenant is the first to be compared with the configuration that notifies only the user who is already using the external device that is the target of access control by the tenant. It is possible to reduce the time and effort of the administrator required for the work of assigning authority to the user who used it.
According to the invention of claim 5, the external device which is the target of access control by the tenant periodically is compared with the configuration in which the notification is given only to the user who has already used the external device which is the target of access control by the tenant. By using the history information related to the use of the device, it is possible to reduce the time and effort of the administrator required for the work of detecting the user who used the device for the first time and assigning the authority.
According to the invention of claim 6, the frequency of use of the external device subject to access control by the tenant is higher than that of the configuration in which only the user using the external device subject to access control by the tenant is notified. It is possible to reduce the time and effort of the administrator required for the work of assigning authority to a user whose authority is larger than a predetermined threshold value.
According to the invention of claim 7, another person who wants to access the resource by maintaining the authority of the user who uses the external device less frequently as compared with the configuration in which the authority for accessing the resource is only granted. It is possible to prevent the situation in which the authority cannot be granted to the user.
According to the invention of claim 8, the user of the external device, which is the target of access control by the tenant, is compared with the configuration in which the notification is given only to the user who uses the external device, which is the target of access control by the tenant. Therefore, it is possible to reduce the time and effort of the administrator required for the work of assigning authority to a person having a predetermined attribute.
According to the invention of claim 9, the user of the external device that is the target of access control by the tenant is specified as compared with the configuration in which the tenant administrator himself assigns the authority to the user belonging to the tenant. By notifying the user, it is possible to reduce the time and effort of the administrator required for the work of assigning the authority.
According to the invention of claim 10, access control is performed for an external device newly subject to access control by the tenant, as compared with a configuration in which only the user of the external device that is already subject to access control by the tenant is notified. It is possible to reduce the time and effort of the administrator required for the work of assigning the authority to the previous user who is the target of.
According to the invention of claim 11, the external device that is the target of access control by the tenant is the first to be compared with the configuration that notifies only the user who has already used the external device that is the target of access control by the tenant. It is possible to reduce the time and effort of the administrator required for the work of assigning authority to the user who used it.

It is a figure which shows the whole structure of the information processing system of this embodiment. It is a figure explaining the multi-tenant type management system by the information processing system of this embodiment. It is a figure which shows the hardware configuration example of the computer which realizes a tenant management server, a resource provision server, a client terminal and the like. It is a figure which shows the hardware configuration example of the image forming apparatus as an example of an information device. It is a figure which shows the configuration example of a control device. It is a figure which shows the functional structure of the tenant management server. It is a figure which shows the functional structure of the resource providing server. It is a figure which shows the functional structure of a client terminal. It is a figure which shows the functional structure of the control device of the image forming apparatus shown in FIG. 4 as an example of an information device. It is a sequence diagram which shows the operation which invites a user according to the opening of a tenant. It is a sequence diagram which shows the operation which invites a user to a tenant according to the first operation of an information device by a user.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
<Overall configuration of information processing system>
FIG. 1 is a diagram showing an overall configuration of the information processing system of the present embodiment. As shown in FIG. 1, the information processing system 100 of the present embodiment includes a tenant management server 10, a resource providing server 20, a client terminal 30, and an information device 40. Each device is connected via the network 50. Further, as shown by a broken line in FIG. 1, the tenant management server 10 and the resource providing server 20 constitute a service environment for providing resources and services on the network 50, and the client terminal 30 constitutes a service environment for providing resources and services on the network 50. Configure the client environment to use. The information device 40 is included in the service environment from the viewpoint of using the function of the information device 40 as a resource that can be used on the network 50 and using the function of the information device 40 from the client terminal 30. On the other hand, the information device 40 can be an operation target device directly operated by the user via the user interface of the information device 40 itself, like the client terminal 30. Therefore, from this point of view, it is included in the client environment.

The tenant management server 10 is a server that manages the authority for the user to use the resources on the network 50, and is an example of the management means. The tenant management server 10 is a server that controls access to resources by users based on the authority to use resources on the network 50, and is an example of control means. Here, the resources on the network 50 refer to hardware, software, data, and the like that can be used by the user via the network. Here, when using a service (Web service or cloud service) provided on the network, the hardware or software used to provide the service is used. Therefore, in the present embodiment, the resources on the network 50 include the services provided by the network. Further, when the information device 40 is operated via the network 50, the function of the information device 40 is included in the resources available from the client terminal 30 on the network 50. Details of tenant and user privileges will be described later.

The resource providing server 20 is a server that provides specific resources via a network, and is an example of means for providing resources on the network 50. The resource providing server 20 includes a so-called service provider. A service provider is a server that provides services (Web services and cloud services) via a network. The service as a resource provided by the resource providing server 20 is realized, for example, by processing using an application program (Web application) used via the network 50 and an application program placed on the back end. To. Further, the service provided by the resource providing server 20 includes the provision of hardware resources such as a storage and a processor, the provision of software itself (software package), and the like.

The client terminal 30 is a terminal device that uses the service provided by the resource providing server 20 via the tenant management server 10. The client terminal 30 is, for example, a personal computer, a portable information terminal such as a tablet terminal or a smartphone, or an information terminal that can connect to the tenant management server 10 via the network 50 and use resources on the network 50. .. As described above, in order to use the resources on the network 50, in addition to using the services, hardware resources, and software packages provided by the resource providing server 20, the functions of the information device 40 are performed via the network 50. It also includes using it.

The information device 40 is an information processing device that can be connected to the network 50 used by the user, is a device other than the client terminal 30, and is managed by the tenant management server 10. The information device 40 is an example of an external device associated with the tenant management server 10 as a control means. The information device 40 itself has a user interface, and can be an operation target device directly operated by the user, like the client terminal 30. The information device 40 is realized by, for example, an office device having a communication function for connecting to the network 50. Specific examples thereof include a copier, a scanner, a fax transmitter / receiver, a printer, and a multifunction device having these functions in combination. Further, an information terminal such as a personal computer or a tablet terminal shared in the office (not individually associated with a user) may be used as the information device 40. Further, the function of the information device 40 may be used from the client terminal 30 as a resource on the network 50 managed and provided by the tenant management server 10. The information device 40 may be configured to be connected to the client terminal 30 via a LAN different from the network 50.

The network 50 is a communication network used for data communication between devices constituting the information processing system 100. The type of network 50 is not particularly limited as long as data can be transmitted and received, and may be, for example, the Internet, LAN (Local Area Network), WAN (Wide Area Network), or the like. The communication line used for data communication may be wired or wireless. Further, each device may be configured to be connected via a plurality of networks or communication lines. As described above, in the information processing system 100, the client terminal 30 and the information device 40 constituting the user environment may be connected via a LAN different from the network 50. In this case, for example, a network connecting the client environment and the service environment may be constructed by connecting a LAN (LAN router) to which the client terminal 30 and the information device 40 are connected to the network 50.

<Information processing system management function>
FIG. 2 is a diagram illustrating a multi-tenant type management method by the information processing system of the present embodiment. In the present embodiment, the tenant management server 10 manages the authority to use the resources on the network 50 by the multi-tenant type management method. A tenant is a unit that manages the use of resources on the network 50. In the multi-tenant type management method, multiple tenants are set and authority is managed for each tenant. Then, access to resources is controlled according to the license set for each tenant. Therefore, the tenant management server 10 is an example of a tenant management means having a management function and a control function.

Each tenant has a license for using the service (Web service or cloud service) provided by the resource providing server 20, a license for using the software package available via the resource providing server 20, and the information device 40. The license to use the function is set. A license is a right to use services and software packages granted to a tenant. Licenses are granted to tenants by cloud service providers and software package vendors. The license clause sets a maximum number of users.

In addition, one or more users belong to each tenant. In actual operation, the tenant can be set in association with various organizations such as a company, a department within the company, and other organizations by a usage contract or the like. In this way, it is possible to manage the above-mentioned various licenses and control the use of resources on the network 50 for each organization corresponding to the tenant. That is, the user belonging to the tenant (hereinafter referred to as the belonging user) and the license set for the tenant are the management targets managed by the tenant. An organization in which tenants are set can use resources on the network 50 in the same way that each tenant uses dedicated resources provided on separate systems.

In addition, a tenant administrator is set for each tenant, and the tenant administrator assigns roles to users belonging to the tenant. A role is a license usage right assigned to a user. The tenant administrator is a person who allows the user to belong to the tenant, sets a role for the user belonging to the tenant, and manages the belonging user and the role assigned to each belonging user. The tenant manager is a person who sets a license in the tenant. Further, the user belonging to the tenant (belonging user) is a user who is registered in association with the tenant and is permitted to use the license set in the tenant according to the assigned role. The role of each user is defined within the scope of the license set for the tenant. For example, regarding the use of a certain software package, if the number of licenses set for the tenant is 10, up to 10 affiliated users can be assigned roles to use the software package. In other words, even if there are more than 10 users belonging to this tenant, roles cannot be assigned to more than 10 users. In addition, regarding the use of a certain cloud service, if the service content that can be used is limited by the license set for the tenant, the role can be assigned to the belonging user only for the service content for which the license is set. Then, the role related to the restricted service content cannot be assigned to the belonging user.

<Hardware configuration of each device>
FIG. 3 is a diagram showing a hardware configuration example of a computer that realizes a tenant management server 10, a resource providing server 20, a client terminal 30, and the like. The computer 200 shown in FIG. 3 includes a CPU (Central Processing Unit) 201 which is a computing means, a main storage device (main memory) 202 which is a storage means, and an external storage device 203. The CPU 201 reads the program stored in the external storage device 203 into the main storage device 202 and executes it. As the main storage device 202, for example, a RAM (Random Access Memory) is used. As the external storage device 203, for example, a magnetic disk device, an SSD (Solid State Drive), or the like is used. Further, the computer 200 includes a display mechanism 204 for performing display output on the display device (display) 210, and an input device 205 for performing an input operation by the operator of the computer 200. As the input device 205, for example, a keyboard, a mouse, or the like is used. The computer 200 also includes a network interface 206 for connecting to the network 50.

The configuration of the computer 200 shown in FIG. 3 is only an example, and is not limited to the configuration example of FIG. For example, the storage device may be configured to include a non-volatile memory such as a flash memory or a ROM (Read Only Memory). Further, the specific configuration may differ depending on the application target of the tenant management server 10, the resource providing server 20, the client terminal 30, and the like. For example, when the client terminal 30 is realized by a tablet terminal or the like, a touch panel combining a touch sensor and a liquid crystal display is used as the input device 205. Further, the tenant management server 10 and the resource providing server 20 may be configured by a single computer 200 as shown in FIG. 3, or may be configured to be realized by distributed processing by a plurality of computers 200.

FIG. 4 is a diagram showing a hardware configuration example of an image forming apparatus as an example of the information device 40. The image forming apparatus 300 shown in FIG. 4 includes an image reading apparatus 310 for reading an image of a document and an image recording apparatus 320 for recording an image on a recording material. Further, the image forming apparatus 300 includes a control device 500 that controls the overall operation of the image forming apparatus 300. Further, although not particularly shown, the image forming apparatus 300 includes a user interface (UI) for accepting operation inputs from the operator of the image forming apparatus 300 and displaying various information to the operator.

The image reading device 310 is a so-called scanner that optically reads an image, and includes a reading unit 311 that reads an image and a conveying unit 312 that conveys a document.

The image recording device 320, the image forming unit 322 that forms an image on the paper P, the paper supply unit 326 that supplies the paper P to the image forming unit 322, and the paper P on which the image is formed by the image forming unit 322. It is provided with a paper ejection unit 327 for ejecting, and an inverting transport unit 328 for inverting the front and back of the paper P on which an image is formed on one surface by the image forming unit 322 and conveying the paper P again toward the image forming unit 322. There is.

FIG. 5 is a diagram showing a configuration example of the control device 500. As shown in FIG. 5, the control device 500 includes a CPU 501, a ROM 502, a RAM 503, and a storage device 504 used for storing image data, various data, and the like. Further, the control device 500 connects the image processing unit (processor) 505 that applies image processing such as color correction and gradation correction to the image represented by the image data, and the tenant management server 10 and the client terminal 30 via the network 50. It is provided with a network interface 506 for the purpose.

The CPU 501 uses the RAM 503 as a work area to execute a program read from the ROM 502. By executing the program, the CPU 501 receives, for example, a print instruction from the client terminal 30, controls the operation of the image recording device 320 including the image forming unit 322, forms an image on the paper P, and discharges the image. Further, the CPU 501 uses the network interface 506 to send and receive data to and from the tenant management server 10 and the client terminal 30 via the network 50 by executing the program.

The storage device 504 stores data related to the image of the original read by the image reading device 310 and the image received from the client terminal 30. Further, the storage device 504 stores the program as needed. As the storage device 504, for example, a magnetic disk device, an SSD (Solid State Drive), or the like is used.

<Functional configuration of tenant management server>
FIG. 6 is a diagram showing a functional configuration of the tenant management server 10. As shown in FIG. 6, the tenant management server 10 includes a user registration unit 11, a license management unit 12, a role setting unit 13, a role management unit 14, a device information acquisition unit 15, an information storage unit 16, and the like. It includes an operation screen generation unit 17 and a transmission / reception control unit 18. Information such as affiliated users, tenants, licenses, roles, etc. is stored in the information storage unit 16 in various associations. Details of each information will be described later. The functions of the user registration unit 11, the license management unit 12, the role setting unit 13, the role management unit 14, the device information acquisition unit 15, the operation screen generation unit 17, and the transmission / reception control unit 18 are, for example, in the computer 200 shown in FIG. , CPU 201 is realized by executing the program. The information storage unit 16 is realized by the main storage device 202 or the external storage device 203 in the computer 200 shown in FIG. 3, for example.

The user registration unit 11 is a registration means for registering the user belonging to the tenant. Affiliated users are set and registered for each tenant. The user registration unit 11 may register the belonging user, for example, on the condition that the user has been authenticated by an authentication server (not shown) connected to the network 50. As the authentication server, IdP (Identity Provider) may be used. The IdP is a server that authenticates the user personally. Further, in the present embodiment, a user who uses the information device 40 is registered based on the information regarding the use of the information device 40 acquired from the information device 40. Specific registration conditions and procedures for registration will be described later. The registered user information and the correspondence information between the tenant and the user to which the user belongs are stored in the information storage unit 16 as user information 164.

The license management unit 12 is a management means for managing the license set for the tenant in association with the tenant. The license is set individually for each tenant. Further, the license management unit 12 defines a role for the user belonging to each tenant to exercise the license in each tenant. The license information is stored as license information 162, and the role information is stored as role information 165 in the information storage unit 16. The license managed by the license management unit 12 is, for example, a license for using the service (Web service or cloud service) by the resource providing server 20, and a software package for using the software package provided by the resource providing server 20. A license, a license for using the function of the information device 40, and the like.

The role setting unit 13 is a setting means for setting a role for exercising the license set in the tenant for the user belonging to the tenant. The role is set within the range of the license managed by the license management unit 12. When it becomes necessary to set a role beyond the range of the license set for the tenant, it is necessary to change the license setting by the license management unit 12 to deal with it. When it becomes necessary to set a role beyond the range of licenses set for the tenant, for example, when a larger number of licenses than the set number is required due to an increase in the number of affiliated users, or when it is set. In some cases, a license with a content different from the content of the license you have is required.

The role management unit 14 is a management means for managing information related to the role. Information about the role includes, for example, setting a new role (granting the role to the belonging user), deleting the role, information for identifying the tenant who exercised the role (tenant ID), and specifying the belonging user who exercised the role. Information (user ID), operations performed when the role was exercised, information such as the date and time when the role was exercised, and the like can be mentioned.

As described above, the tenant management server 10 controls access to resources by the users belonging to the tenant based on the authority to use the resources on the network set for each tenant by the function of the license management unit 12. Further, the tenant management server 10 registers and manages users who can access resources on the network 50 by the functions of the user registration unit 11, the license management unit 12, the role setting unit 13, and the role management unit 14.

The device information acquisition unit 15 is an acquisition means for acquiring information regarding the use of the information device 40. Although the details will be described later, the information device 40 holds the contents of the executed operation (job) and the information on the execution date and time as the history information (operation history) described later. Further, when the personal authentication of the operator is performed in order to operate the information device 40, the information device 40 also includes the information of the operator who caused the information device 40 to execute each job in the history information. For example, the device information acquisition unit 15 periodically acquires this history information from the information device 40 and stores it in the information storage unit 16 as operation history information 165, which will be described later. Further, as a management system for the information device 40, a device management server (not shown) connected to the information device 40 via the network 50 may manage the operating state of the information device 40, the state of consumables, and the like. In this case, the device information acquisition unit 15 may acquire the history information from the device management server instead of the information device 40. In this way, the history information collected from the plurality of information devices 40 managed by the device management server is not individually acquired from the plurality of information devices 40 registered in the tenant of the tenant management server 10. It is possible to acquire information all at once.

In the present embodiment, the device information acquisition unit 15 sorts the history information acquired from the information device 40 in association with the tenant. A license for using the function of the information device 40 is set in the tenant. Therefore, this license associates the tenant with the information device 40. As will be described later, the history information acquired from the information device 40 includes information indicating the content of the operation of the executed information device 40 and the execution date and time, as well as identification information of the tenant, license, user, etc. related to the operation. .. Therefore, based on this history information, it is possible to identify the user who operated the information device 40, the tenant to which the user belongs, and the like.

The information storage unit 16 is a storage means for storing information used for managing the tenant. Here, the information storage unit 16 stores tenant information 161, license information 162, role information 163, user information 164, and operation history information 165 of the information device 40.
The tenant information 161 includes identification information (tenant ID) of each tenant set as a management unit of the tenant management server 10, attribute information (tenant attribute) of each tenant, and the like.
The license information 162 is created in association with the tenant in which the license is set, and includes identification information (license ID) of each license, attribute information (license attribute) of each license, and the like.
The role information 163 is created in association with the license in which the role is defined, and includes identification information (role ID) of each role and the like.
The user information 164 is created in association with the tenant to which the user belongs, and includes identification information (user ID) of each belonging user, attribute information (user attribute) of each belonging user, and the like.
The operation history information 165 includes information indicating the content of the operation, the execution date and time of the operation, the user ID of the user who performed the operation, and the tenant ID of the tenant to which the user belongs, regarding the operation (job) performed by using the information device 40. , The license ID of the license related to the information device 40 set for the tenant specified by the tenant ID and the like. Note that the device information acquisition unit 15 may acquire history information related to the operation from the information device 40, and this history information may be held in the information storage unit 16 as operation history information 165, or necessary information may be extracted from the history information. Alternatively, it may be processed and held as operation history information 165.

The operation screen generation unit 17 is a screen generation means for generating an operation screen for accepting an operation of a user belonging to the tenant. The operation screen is generated as, for example, a Web page. Further, the operation screen may be divided into an administrator operation screen for use by the tenant administrator and a user operation screen for use by the belonging user. The administrator operation screen accepts operations for, for example, the user registration unit 11, the license management unit 12, the role setting unit 13, and the role management unit 14. The administrator operation screen is generated when the tenant administrator logs in to the tenant managed by the tenant with administrator privileges, and is sent to the client terminal 30 of the tenant administrator. Further, the user operation screen accepts operations for the functions of the device information acquisition unit 15. The user operation screen is generated when a user belonging to the tenant logs in to the tenant to which he / she belongs as a user belonging to the tenant, and is sent to the client terminal 30 of the user belonging to the tenant. The operation screen sent to each client terminal 30 is displayed by the display means of the client terminal 30. When the tenant administrator or the belonging user performs an input operation or the like on the operation screen displayed on the display means of the client terminal 30, the information of the operation content is transmitted from the client terminal 30 to the tenant management server 10. Note that login is an operation for authenticating a user belonging to a tenant by using preset account information in order to use resources on the network 50 under the control of the tenant management server 10.

The transmission / reception control unit 18 is a communication means for communicating with the resource providing server 20, the client terminal 30, and the information device 40. The transmission / reception control unit 18 controls, for example, the network interface 206 shown in FIG. 3, and transmits / receives commands and data to / from the resource providing server 20, the client terminal 30, and the information device 40 via the network 50.

<Functional configuration of resource providing server>
FIG. 7 is a diagram showing a functional configuration of the resource providing server 20. As shown in FIG. 7, the resource providing server 20 includes an application execution unit 21 and a transmission / reception control unit 22. The functions of the application execution unit 21 and the transmission / reception control unit 22 are realized, for example, by the CPU 201 executing the program in the computer 200 shown in FIG.

The application execution unit 21 is an execution means for executing an application program that realizes processing related to resource provision by the resource provision server 20. For example, when the resource providing server 20 is a service provider, the application execution unit 21 executes a process related to a service (Web service or cloud service). When the resource providing server 20 is a server that provides a software package, the application execution unit 21 realizes a function as an LMS (License Management System) server that manages a license for using the software package. An LMS server is a server that confirms the validity of a software package license and grants a license to use it.

The transmission / reception control unit 22 is a communication means for communicating with the tenant management server 10, the client terminal 30, and the information device 40. The transmission / reception control unit 22 controls, for example, the network interface 206 shown in FIG. 3, and transmits / receives commands and data to / from the tenant management server 10, the client terminal 30, and the information device 40 via the network 50.

In the present embodiment, the authentication of the user who uses the resource provided by the resource providing server 20 is performed by an authentication server (IdP or the like) (not shown). Therefore, as shown in FIG. 7, the resource providing server 20 does not have a means for user authentication. However, the resource providing server 20 may be provided with an authentication means, and the individual resource providing server 20 may be configured to perform user authentication without using the authentication server.

<Functional configuration of client terminal>
FIG. 8 is a diagram showing a functional configuration of the client terminal 30. As shown in FIG. 8, the client terminal 30 includes an operation screen display unit 31, an operation reception unit 32, and a transmission / reception control unit 33. The functions of the operation screen display unit 31, the operation reception unit 32, and the transmission / reception control unit 33 are realized, for example, by the CPU 201 executing a program in the computer 200 shown in FIG.

The operation screen display unit 31 is a means for generating and displaying an operation screen for using services, software packages, functions of the information device 40, and the like provided by the resource providing server 20. The operation screen display unit 31 controls, for example, the display mechanism 204 shown in FIG. 3 and causes the display device 210 to display the operation screen. Further, the operation receiving unit 32 is a means for receiving an operation performed on the operation screen as an operation for using a service, a software package, a function of the information device 40, or the like. The operation receiving unit 32 receives, for example, an operation performed by using the input device 205 shown in FIG. As an example, when a service, a software package, a function of an information device 40, or the like is provided using WWW (World Wide Web), the functions of the operation screen display unit 31 and the operation reception unit 32 are realized by a Web browser. ..

The transmission / reception control unit 33 is a communication means for communicating with the tenant management server 10, the resource providing server 20, and the information device 40. The transmission / reception control unit 33 controls, for example, the network interface 206 shown in FIG. 3, and transmits / receives commands and data between the tenant management server 10 and the resource providing server 20 via the network 50.

<Functional configuration of information equipment>
FIG. 9 is a diagram showing a functional configuration of a control device 500 of the image forming apparatus shown in FIG. 4 as an example of the information device 40. As shown in FIG. 9, the control device 500 includes an operation control unit 510, an information holding unit 520, and a transmission / reception control unit 530. The functions of the operation control unit 510 and the transmission / reception control unit 530 are realized, for example, by the CPU 501 shown in FIG. 5 executing a program stored in the ROM 502 or the storage device 504. Further, the information holding unit 520 is realized by, for example, the RAM 503 and the storage device 504 shown in FIG.

The motion control unit 510 is a control means for controlling the motion of the image forming apparatus 10 based on a command received from the client terminal 30. Specifically, for example, it receives an image formation instruction and controls the image recording device 12 to form an image on the paper P and eject the image-formed paper P based on the image data received together with the command. ..

The information holding unit 520 is a holding means for holding the history information 521 generated in response to the operation of the image forming apparatus as the information device 40. The history information 521 is, for example, periodically transmitted to the tenant management server 10 and stored as operation history information 165 in the information storage unit 16 of the tenant management server 10.

The transmission / reception control unit 530 is a communication means for communicating with the tenant management server 10 and the client terminal 30. The transmission / reception control unit 530 transmits / receives commands and data between the tenant management server 10 and the client terminal 30 via the network interface 506 shown in FIG. 5, for example.

<Invitation to tenants based on the use of information equipment>
Next, the tenant administrator's invitation to the user to the tenant will be described. When the tenant manager sets a new tenant to provide resources to the user on the tenant management server 10, the tenant manager makes the user belong to the tenant and grants the user the authority (role) based on the license set in the tenant. In the present embodiment, the tenant management server 10 urges (invites) the user to belong to the tenant according to the usage status of the information device 40, which is a resource whose access is controlled by a license in the tenant. Specifically, for example, the tenant management server 10 notifies the client terminal 30 of the user inquiring whether or not to accept the affiliation to the tenant. Then, when the tenant management server 10 receives a response indicating consent by the user from the client terminal 30, the tenant management server 10 registers the user as a user belonging to the tenant. Then, the tenant management server 10 assigns the user to the tenant and grants the authority to use the resource according to the consent of the user.

When the information device 40 is registered in the tenant as a target (resource) of access control by a license, the history information 521 is sent from the information device 40 to the tenant management server 10 and is retained as the operation history information 165 related to the tenant. become. Based on this operation history information 165, the user registration unit 11 of the tenant management server 10 invites a user who is an operator of the information device 40 registered in the tenant and is not a user belonging to the tenant to the tenant. The invitation to the tenant is performed, for example, by notifying that the user who belongs to the tenant and can access each resource through the control function of the tenant can be registered. Therefore, the user registration unit 11 and the transmission / reception control unit 18 are examples of the notification means.

The timing of inviting the user may be the case of inviting the user when the tenant is opened or the case of inviting the user when the user operates the information device 40 registered in the tenant. Specifically, in the former case, when a tenant is opened, the device information acquisition unit 15 acquires history information 521 (operation history information 165) from the information device 40 when the information device 40 is registered in the tenant. To do. Then, the user registration unit 11 identifies a user who is not a user belonging to the tenant from the information acquired by the device information acquisition unit 15, and targets the user for the invitation. In the latter, when the user operates the information device 40, the history information 521 based on the operation by the user is stored in the information device 40. When this operation is the first operation by the user on the information device 40, the history information 521 records the information about the user for the first time. Then, when the device information acquisition unit 15 acquires the history information 521 (operation history information 165) from the information device 40, the user registration unit 11 uses the information acquired by the device information acquisition unit 15 to identify the tenant's user. Identify non-users and target them for invitation.

FIG. 10 is a sequence diagram showing an operation of inviting a user in response to the opening of a tenant. In this operation example, it is assumed that a new tenant A is opened and the user a becomes a user belonging to the tenant A. Further, as a premise, it is assumed that the user a operates the information device 40 before the tenant A is opened. That is, at this point, the user a operates the information device 40 while belonging to a tenant different from the tenant A or not belonging to any tenant.

As shown in FIG. 10, when the user a transmits a process execution instruction from the client terminal 30 and uses the information device 40 to execute the process (S1001), the information device 40 generates history information 521. Hold (S1002). The generated history information 521 is, for example, periodically sent to the device management server 70 that manages the information device 40 and stored (S1003). In the example shown in FIG. 10, the information device 40 is operated from the client terminal 30 of the user a, but the user a may directly operate the information device 40 using the user interface of the information device 40. In this case, for example, the information device 40 performs personal authentication using an employee ID card or the like to identify that the operation is performed by the user a.

When tenant A is opened on the tenant management server 10 (S1004) and the information device 40 that can be used under the control of tenant A is registered (S1005), the information device 40 is used from the device management server 70 to the tenant management server 10. Information of the person is sent (S1006). The user information of the information device 40 can be acquired from the history information 521 of the information device 40 stored in the device management server 70.

The tenant management server 10 identifies the user a based on the acquired information of the user of the information device 40, and invites the client terminal 30 of the user a to the tenant A (S1007). When the client terminal 30 consents to the user a belonging to the tenant A and the response is returned to the tenant management server 10 (S1008). The user registration unit 11 of the tenant management server 10 registers the user a as a user belonging to the tenant A (S1009). Then, the license management unit 12, the role setting unit 13, and the role management unit 14 of the tenant management server 10 assign the authority (role) to the user a according to the license set in the tenant A. After that, the user a can access the resource providing server 20 and use the resources based on the authority (role) assigned by the tenant A.

In the above operation example, the history information 521 of the information device 40 is stored in the device management server 70 and sent from the device management server 70 to the tenant management server 10. On the other hand, the tenant management server 10 may be used as the device management server 70 to manage the information device 40. Further, the device management server 70 is not provided, only the information device 40 stores the history information 521, and the tenant management server 10 acquires the history information 521 from the information device 40 and extracts the user information of the information device 40. May be.

Further, in the above operation example, when the tenant A is newly opened, the user a who is the user of the information device 40 registered as the management target in the new tenant A is invited to the tenant A. On the other hand, even if the tenant A has already been opened, when a certain information device 40 is newly registered as a management target of the tenant A, the user of the information device 40 is invited to the tenant A. You may do so. In this case, for example, in FIG. 10, a new information device 40 is registered in the existing tenant in S1005 without performing S1004.

FIG. 11 is a sequence diagram showing an operation of inviting a user to a tenant in response to the first operation of the information device 40 by the user. In this operation, it is assumed that the tenant A has already been opened and the information device 40 is registered as a management target of the tenant A. Further, it is assumed that the information device 40 has never been used by the user a so far.

As shown in FIG. 11, when the user a transmits a process execution instruction from the client terminal 30 to use the information device 40 (the first use of the information device 40 by the user a) and execute the process (S1101), The information device 40 generates and holds the history information 521 (S1102). The generated history information 521 is, for example, periodically sent to the device management server 70 that manages the information device 40 and stored (S1103). In the example shown in FIG. 11, the information device 40 is operated from the client terminal 30 of the user a, but the user a may directly operate the information device 40 using the user interface of the information device 40. In this case, for example, the information device 40 performs personal authentication using an employee ID card or the like to identify that the operation is performed by the user a.

For example, history information 521 is periodically transmitted from the device management server 70 to the tenant management server 10. Therefore, when the transmission condition (timing condition) of the history information 521 is satisfied after the operation of the information device 40 by the user a is performed, the history information 521 including the information regarding the operation of the information device 40 by the user a manages the device. It is sent from the server 70 to the tenant management server 10 (S1104).

The tenant management server 10 extracts the information of the user who has used the information device 40 for the first time from the acquired history information 521 (operation history information 165) (S1105). In this case, the information of the user a is extracted as such a user. Next, the tenant management server 10 invites the client terminal 30 of the user a to the tenant A based on the extracted information of the user a (S1106). When the client terminal 30 consents to the user a belonging to the tenant A and the response is returned to the tenant management server 10 (S1107). The user registration unit 11 of the tenant management server 10 registers the user a as a user belonging to the tenant A (S1108). Then, the license management unit 12, the role setting unit 13, and the role management unit 14 of the tenant management server 10 assign the authority (role) to the user a according to the license set in the tenant A. After that, the user a can access the resource providing server 20 and use the resources based on the authority (role) assigned by the tenant A.

In the above operation example, the history information 521 of the information device 40 is stored in the device management server 70 and sent from the device management server 70 to the tenant management server 10. On the other hand, the tenant management server 10 may be used as the device management server 70 to manage the information device 40. Further, the device management server 70 is not provided, only the information device 40 stores the history information 521, and the tenant management server 10 acquires the history information 521 from the information device 40 and extracts the user information of the information device 40. May be.

<Modification example>
In the above embodiment, when a user who is an operator of the information device 40 registered in the tenant and is not a user belonging to the tenant is detected, the user is invited to the tenant. Therefore, when a new tenant is opened and the information device 40 is registered as a management target of the tenant, all the users who have used the information device 40 up to that point are invited. In addition, the user who first operated the information device 40, which is the management target of the existing tenant, was invited as an opportunity to operate the information device 40.

On the other hand, in the first modification of the present embodiment, the user is invited to the tenant based on not only whether or not the information device 40 is used but also the frequency of use. Specifically, a threshold value is set for the usage frequency of the information device 40, and users whose usage frequency exceeds the threshold value are invited to the tenant. This threshold value may be set by various methods. For example, it may be set based on the number of times the information device 40 has been used in a fixed period, or it may be set based on the number of times the information device 40 has been used continuously at regular intervals.

Further, the first threshold value for inviting the user to the tenant is set as the first threshold value, and a second threshold value is set separately for the usage frequency of the information device 40, and the usage frequency of the information device 40 by the belonging user is the second. When the threshold value of 2 is exceeded, the authority granted to the user belonging to the tenant may be restricted. Further, when the frequency of use of the information device 40 by the belonging user falls below the second threshold value, the frequency of use is increased after notifying the belonging user that the authority of the belonging user is restricted instead of immediately limiting the authority of the belonging user. The authority may be restricted when the second threshold value is not exceeded. The first threshold value and the second threshold value may be set individually. For example, the second threshold value may be set to a value smaller than the first threshold value.

Further, in the second modification of the present embodiment, in addition to the user operating the information device 40, the user is invited to the tenant according to the attributes of the user. In this case, it is necessary to store the attribute information of the user in the server for user management or the like in advance so that the attribute information can be acquired from the user ID or the like. As the user attribute information, for example, information such as a department, a job title, and a type of business may be used. That is, in this modified example, when the user of the information device 40 specified based on the user information acquired from the history information 521 or the like is an employee belonging to a specific department, the user is invited to the tenant and other If the employee belongs to a department, control is performed such that the employee is not invited to the tenant.

Further, when the user belonging to the tenant loses the attribute that is the condition of the invitation, the authority given to the user belonging to the tenant may be restricted or the affiliation to the tenant may be cancelled. In the above example, when the user belonging to the tenant is transferred from the above-mentioned specific department, the control such as restricting the authority to use the specific service and the control such as canceling the affiliation to the tenant are performed.

Further, in the above embodiment, the authority of the user invited to the tenant is granted based on the license set for the tenant. On the other hand, the authority granted by the new tenant may be specified by taking into consideration the authority granted by the tenant to which the user already belongs. For example, among the license-based privileges set for the tenant to be invited, only the privileges that overlap with the privileges granted by the tenant to which the user already belongs may be granted to the invited user.

Although the embodiments of the present invention have been described above, the technical scope of the present invention is not limited to the above embodiments. Various changes and alternative configurations that do not deviate from the scope of the technical idea of the present invention are included in the present invention. For example, personal authentication, storage of history information 521, and the like may be replaced by another server or the like connected to the network 50. Further, this embodiment can be applied to various systems in which users and licenses can be managed for each tenant by the tenant management server 10.

10 ... Tenant management server, 11 ... User registration unit, 12 ... License management unit, 13 ... Role setting unit, 14 ... Role management unit, 15 ... Device information acquisition unit, 16 ... Information storage unit, 17 ... Operation screen generation unit, 18 ... Transmission / reception control unit, 20 ... Resource provision server, 30 ... Client terminal, 40 ... Information equipment, 50 ... Network, 161 ... Tenant information, 162 ... License information, 163 ... Role information, 164 ... User information, 165 ... Operation history Information, 500 ... Control device, 510 ... Operation control unit, 520 ... Information holding unit, 521 ... History information, 530 ... Transmission / reception control unit

Claims (11)

A control means that controls access to a resource based on the authority to use the resource on the network,
A management means for registering and managing a user who can access the resource via the control means, and a management means.
An acquisition means for acquiring information regarding the use of an external device associated with the control means, and
Notify the user of the external device shown in the usage information and not managed by the management means that the user can be registered as a user who can access the resource via the control means. Notification means and
An information processing device characterized by being equipped with. The information processing device according to claim 1, wherein the acquisition means acquires information regarding the use of the external device when the external device is subject to access control by the control means. The information according to claim 2, wherein the notification means notifies the user who has used the external device before the external device is subject to access control by the control means. Processing equipment. The acquisition means acquires history information regarding the use of the external device, extracts information on the user of the external device from the history information, and obtains information on the user of the external device.
The first aspect of claim 1, wherein the notification means detects a user who has used the external device for the first time based on the information of the user, and notifies the user who has used the external device for the first time. Information processing equipment. The information processing device according to claim 4, wherein the acquisition means periodically acquires the history information from the external device that is the target of access control by the control means. The acquisition means acquires history information regarding the use of the external device, extracts information on the frequency of use by the user of the external device from the history information, and obtains information on the frequency of use by the user of the external device.
The information processing apparatus according to claim 1, wherein the information processing means detects a user whose usage frequency is higher than a predetermined threshold value, and notifies the detected user of the user. The control means is characterized in that it limits the authority of the user regarding access to the resource with respect to a user whose frequency of use of the external device falls below a threshold value set separately from the threshold value. The information processing apparatus according to 6. The information processing device according to claim 1, wherein the notification means notifies the user when the attributes of the user of the external device match a predetermined attribute. .. Tenant management means that manages the control function that controls access to the resource based on the authority to use the resource on the network and the management function that manages the users who can access the resource using the control function on a tenant-by-tenant basis. When,
An acquisition means for acquiring information on the use of an external device associated with the tenant, and
It can be registered as a user who can access the resource through the control function of the tenant to the user of the external device shown in the information regarding the usage and not managed by the tenant. Notification means to notify and
An information processing device characterized by being equipped with. The information processing according to claim 9, wherein the acquisition means acquires information regarding the use of the external device when the external device is subject to access control by the control function of the tenant. apparatus. The acquisition means acquires history information regarding the use of the external device, extracts information on the user of the external device from the history information, and obtains information on the user of the external device.
The ninth aspect of the present invention, wherein the notification means detects a user who has used the external device for the first time based on the user's information, and notifies the user who has used the external device for the first time. Information processing equipment.

Images