JP6927277B2 - Programs and information processing equipment - Google Patents

Description

The present invention relates to a program and an information processing device.

In the system described in Patent Document 1, the ID of the user who is trying to print on the printing device before displaying the print setting reception screen on the terminal device that requests printing from the printing device in response to the user's instruction. And send a password to request authentication, refer to the received authority information along with the authentication result, and display the print setting reception screen for accepting the settings related to the functions permitted to be used among the functions of the above printing device. And accept the settings related to the functions that are allowed to be used.

In the multifunction device described in Patent Document 2, in addition to the user's access authority for resources such as applications and files, the access authority for macros that specify the combination of software parts and operating conditions that compose the application shall be set. Can be done. By giving the user access permission to the macro, resources that would not normally be used are allowed to be used within the operating conditions defined in the macro.

Patent Documents 3 and 4 describe a mechanism for permitting a guest user whose account is not registered in advance in the multifunction device to use the multifunction device. In this mechanism, a guest user who wants to use the multifunction device sends a password request email containing the email address of a legitimate user who has an account in the multifunction device as a Cc (carbon copy) address to the multifunction device. The multifunction device determines whether or not the Cc address included in the email is the address of the legitimate user registered in the device, and if it is the address of the legitimate user, the unique password for the guest user is given. Reply the PIN notification email that includes it. The guest user can use the multifunction device by inputting the password shown in the password notification email into the multifunction device.

JP-A-2007-257038 Japanese Unexamined Patent Publication No. 2009-087319 Japanese Unexamined Patent Publication No. 2015-022617 Japanese Unexamined Patent Publication No. 2015-022619

An object of the present invention is to enable a user who is not registered in a system to be given a more detailed usage right than when the user is simply given the right to use the system uniformly.

The invention according to claim 1 is a first usage permission means for a legitimate user registered in the system, and the legitimate user is allowed to use the system within the scope of the usage authority of the legitimate user. The first usage permission means for permitting the use, for an external user who is not a legitimate user of the system, within the scope of the authority for the external user, which is a range different from the scope of the authority for the legitimate user. A program that functions as a second usage permission means for permitting the use of the system, in which the identification information of the external user is registered in the directory service of the organization of the legitimate user. The range of permitting the external user to use the system is different depending on whether the system is registered or not registered in the directory service, and the identification information of the external user is the identification information of the external user. It is a communication address, and the second usage permission means is a case where the identification information of the external user is registered in the directory service and a case where the identification information is not registered in the directory service. , Temporary identification information associated with different usage privileges is transmitted to the communication address, and when the temporary identification information is input from the external user, the external user is in accordance with the usage authority associated with the temporary identification information. It is a program characterized by permitting the use of the system.

The invention according to claim 2 is a first usage permission means for a legitimate user registered in the system, and the computer is a means for permitting the legitimate user to use the system within the scope of the usage authority of the legitimate user. The first usage permission means for permitting the use, for an external user who is not a legitimate user of the system, within the scope of the authority for the external user, which is a range different from the scope of the authority for the legitimate user. A program that functions as a second usage permission means for permitting the use of the system, in which the identification information of the external user is registered in the directory service of the organization of the legitimate user. The scope of permitting the external user to use the system is different depending on whether the system is registered or not registered in the directory service. Further, the second usage permission means is used. When a usage request for the system is received, if the source of the usage request is a device on the same local network as the computer, the first usage authority associated with the device of the source is associated with the first usage authority. and having means for providing a temporary identification information, the identification information before Symbol external user, when those that are registered in the directory service, corresponding to the different second usage authorization and the first usage authorization The attached second temporary identification information is provided to the external user, and when the first temporary identification information is input from the external user, the second temporary identification information is provided according to the first usage authority. according to the second usage authorization if entered, to permit use of the system to the external user, it is a feature and to Help program a.

In the invention according to claim 3 , is the second usage permission means a function in which the function of the system selected as a usage target by the external user requires the approval of the legitimate user who has the approval authority? A means for determining whether or not the function is used, and when it is determined that the function selected for use requires approval, the authorized user who has the approval authority is requested to approve, and when the approval is obtained, the external The program according to claim or 2 , further comprising a means for adding the authority to use the function selected as the usage target to the user's usage authority.
The invention according to claim 4 is a first usage permission means for a legitimate user registered in the system, and the legitimate user is allowed to use the computer within the scope of the usage authority of the legitimate user. The first usage permission means for permitting the use, for an external user who is not a legitimate user of the system, within the scope of the authority for the external user, which is a range different from the scope of the authority for the legitimate user. A program that functions as a second usage permission means for permitting the use of the system, in which the identification information of the external user is registered in the directory service of the organization of the legitimate user. The scope of permitting the external user to use the system is different depending on whether the system is registered or not registered in the directory service, and the second usage permission means is the external. than when the identification information of the user is registered in the directory service, that is allowed to operate in a wide range towards the case where the identification information of the external user is not registered in the directory service is a program.

The invention according to claim 5 is a first usage permission means for a legitimate user registered in the system, and permits the legitimate user to use the system within the range of the usage authority of the legitimate user. The first usage permission means for the system and the system for an external user who is not a legitimate user of the system within the scope of the authority for the external user, which is a range different from the scope of the authority for the legitimate user. The second usage permission means has a second usage permission means for permitting the use of the external user, and the identification information of the external user is registered in the directory service of the organization of the legitimate user. The range of permitting the external user to use the system differs depending on the case and the case where the system is not registered in the directory service, and the identification information of the external user is the communication address of the external user. The second usage permission means has different usage privileges depending on whether the identification information of the external user is registered in the directory service or not registered in the directory service. When the associated temporary identification information is transmitted to the communication address and the temporary identification information is input from the external user, the external user is allowed to use the system according to the usage authority associated with the temporary identification information. It is an information processing device characterized by permitting.
The invention according to claim 6 is a first usage permission means for a legitimate user registered in the system, and permits the legitimate user to use the system within the range of the usage authority of the legitimate user. The first usage permission means and the system for an external user who is not a legitimate user of the system within the scope of the authority for the external user, which is a range different from the scope of the authority for the legitimate user. The second usage permission means has a second usage permission means for permitting the use of the external user, and the identification information of the external user is registered in the directory service of the organization of the legitimate user. The range of permitting the external user to use the system differs depending on the case and the case where the system is not registered in the directory service, and the second usage permission means uses the identification information of the external user. The information processing apparatus is characterized in that a wider range of operations is permitted when the identification information of the external user is not registered in the directory service than when it is registered in the directory service.

According to the invention according to claim 1 , 4, 5 or 6 , the user and the system not registered in the system are compared with the case where the external user not registered in the system is uniformly given the authority to use the system. It is possible to grant more detailed usage rights in consideration of relationships.

According to the invention of claim 1 or 5, even people who are not yet registered in the system has entered the communication address of the authorized user registered in the system, to the man given usage authorization for authorized users Can be prevented.

According to the invention of claim 2 , even a user who is not registered in the system is given a certain usage right to a user who is permitted to participate in the local network, and is a regular user who is further registered in the system. Can be given the right to use as a regular user.

According to the invention of claim 3 , higher security can be realized as compared with the method of granting all the usage rights of the legitimate user who has the approval authority to the user who is not registered in the system.

It is a figure which shows the structure of the system to which the method of 1st Embodiment is applied. It is a figure which shows the configuration example of the device management system of 1st Embodiment. It is a figure which shows the example of the information of the regular user registered in the user information DB. It is a figure which shows the example of the operation ID information which is managed by a temporary use management part. It is a figure which shows the example of the use authority for an internal guest and the use authority for an external guest. It is a figure for demonstrating the flow of device use by a guest in 1st Embodiment. In the first embodiment, it is a sequence diagram which shows the process when a guest uses a function which does not need approval. In the first embodiment, it is a sequence diagram which shows the process when a guest uses a function which needs approval. It is a figure which shows the structure of the system to which the method of 2nd Embodiment is applied. It is a figure which shows the configuration example of the device management system of 2nd Embodiment. In the second embodiment, it is a sequence diagram which shows the process when a guest uses a function which does not need approval. It is a figure which shows the display example of the web page for operation ID notification provided to the guest's mobile terminal in 2nd Embodiment.

<First Embodiment>
FIG. 1 shows an example of a system configuration to which the method of one embodiment of the present invention is applied.

The system illustrated in FIG. 1 is, for example, a system for managing the use of equipment 20 installed in an organization such as a company or a school. The device 20 to be managed is a device that provides some kind of service to the user, and has functions such as a printer, a scanner, a copying machine, a facsimile device, and a multifunction device (printer, scanner, copying machine, facsimile device, etc.). Equipment) is an example.

As shown in FIG. 1, the organization has a plurality of bases A, B, C, .... Each of the bases A, B, C, ... Is provided with a local network 30 such as a LAN (local area network). A personal computer, various servers, a device 20, and a device management system 10 are connected to the local network 30.

The device management system 10 provided at the base is an information processing system that manages the device 20 connected to the local network 30 of the base. The processing executed by the device management system 10 includes, for example, user authentication of a user who intends to use each device 20, and control of the user's use for each of the devices 20. Further, the device management system 10 may have a function of recording the usage history of each of these devices.

In the device management system 10 of the base, users who mainly use the base (among a plurality of bases in the organization) such as a person who makes the base the main residence are registered in the organization. Users who mainly use other bases in the site are not registered. The user registered in the device management system 10 inputs the registered user ID (identification information) and password into the device 20, or causes the reader attached to the device 20 to read the IC card holding the user ID and the like. As a result, the device management system 10 is certified. Then, if this authentication is passed, the device 20 can be used within the range of the user's usage authority registered in the device management system 10. On the contrary, even if the person belongs to the organization, the person who is not registered as a user in the device management system 10 of the site needs to be granted the usage authority in order to use the device in the site.

The organization is provided with a directory service 50 in which the attribute information of all the members belonging to the organization is registered. The attribute information of the member registered in the directory service 50 includes, for example, the member's name, user ID (for example, employee number), password, e-mail address, department to which the member belongs, and the like. The directory service 50 searches the information of each registered member in response to an inquiry from another information processing device (for example, the device management system 10) in the organization, and responds the search result to the information processing device of the inquiry source. do. The directory service 50 is constructed as, for example, a server compliant with LDAP (Lightweight Directory Access Protocol).

The directory service 50 is constructed for the entire organization, holds information of all members of the organization, and responds to inquiries from information processing devices at all bases in the organization. On the other hand, the device management system 10 is intended only for the bases where the device management system 10 is provided, does not manage the devices 20 of other bases, and even if it is a member of the organization, it mainly targets other bases. Authentication information and usage authority are not managed individually for users who use the system. For the device management system 10, a person who is a member of the organization but is not registered as a user in the system 10 is a "guest" like a person who is not a member of the organization. However, the device management system 10 classifies guests into members of the organization and people who do not belong to the organization by using the directory service 50, and gives usage authority according to each classification.

The directory service 50 and the device management system 10 of each base are connected via, for example, a VPN (Virtual Private Network).

FIG. 2 shows an example of the internal configuration of the device management system 10. The device management system 10 illustrated in FIG. 2 has a user information DB (database) 102, a login processing unit 104, an authority management unit 106, a usage history recording unit 108, and a temporary usage management unit 110.

The user information DB 102 is a database that stores user information of each user registered in the device management system 10. As illustrated in FIG. 3, the user information DB 102 stores authentication information such as a user ID, an e-mail address, and a password, approval authority, usage authority for the device 20, and the like. The usage authority illustrated in FIG. 3 is an example in the case where the device 20 is a multifunction device, and shows the user's authority for each of the four functions of copy, print, scan, and facsimile. For example, user "ABC1234" is only allowed black and white double-sided output for copying and printing, not scanning and faxing. Although the usage authority of four functions such as printing is shown in the figure, information on the usage authority for yet another function may be registered in the user information DB 102. The approval authority is an authority for the user (for example, the user "BCD2345") to approve the use of the device 20 to another user. A user who has the approval authority can allow other users to use the device 20 within the range of the usage authority of the user. Since the user "ABC1234" does not have the approval authority, he / she cannot approve the use of the device 20 of another person, but even if he / she has the approval authority, he / she can approve the copy in both black and white and both sides. And print only, black-and-white, single-sided or color copy / print cannot be approved, and scanning and facsimile transmission cannot be approved.

The login processing unit 104 performs login processing for a user who intends to use the device 20. For example, when a user registered in the device management system 10 inputs a user ID and password to the login screen displayed on the display device (for example, a touch panel) of the device 20, the user ID and password are changed to the device management system 10. Will be sent to. Then, the login processing unit 104 checks whether the user ID and password are registered in the user information DB 102, and if they are registered, permits the user to log in and permits the user to use the device 20. Further, in one embodiment, when the information input by the user on the login screen is not the registered user ID and password but only the e-mail address, the login processing unit 104 requests the login request for temporary use. Recognizing that there is, request the temporary use management unit 110 to process the request. In addition to logging in by manually entering the user ID and the like, the user can use an IC built-in ID card (for example, an employee ID card) conforming to a proximity wireless standard such as NFC (Near Field Communication) to the wireless communication port of the device 20. You may log in by bringing them closer. In this case, the login processing unit 104 allows the user to log in if the authentication information of the reading result of the ID card sent from the device 20 is registered in the user information DB 102. If the authentication information is not registered in the user information DB 102, the login processing unit 104 recognizes the login request as a temporary use request and requests the temporary use management unit 110 to process the request. May be good.

The authority management unit 106 permits the user logged in to the device 20 to use the device 20 within the range of the usage authority registered in the user information DB 102. That is, when the authority management unit 106 receives an authority inquiry about the function instructed to be executed by the user from the device 20, the authority information of the user in the user information DB 102 indicates whether the user has the authority to use the function. Judgment in light of. Then, when it is determined from the authority information that the user has the authority, the device 20 responds to the effect of permission to use, and when it is determined to have no authority, the device 20 responds to the effect of refusal to use. For example, if the user's usage authority registered in the user information DB 102 allows black-and-white output but not color output for the copy function of the device 20, the authority management unit 106 allows the user to make a black-and-white copy. Allows the request, but rejects the color copy request.

The usage history recording unit 108 records the usage history (log) information of each device 20.

The temporary use management unit 110 manages the temporary use of the device 20 by a user (that is, a guest user) who is not registered in the device management system 10. The temporary use management unit 110 makes an inquiry to the directory service 50, so that the guest user who requested the temporary use (hereinafter referred to as a guest) is a user who belongs to the organization (for example, when the organization is a company). Determine if you are an employee). Then, the guest who belongs to the organization is given a different usage right from the guest who does not. The inquiry unit 112 makes this inquiry. The inquiry unit 112 makes an inquiry using a protocol supported by the directory service 50, such as LDAP. In one example, the guest enters his or her email address when logging in, and the query unit 112 directories whether the email address is registered (ie, belongs to any member of the organization). Contact service 50.

The operation ID issuing unit 114 issues an operation ID, which is identification information for temporary use, to the guest. The operation ID is associated with the usage authority according to the type of guest. Further, when the guest receives approval from a user registered in the device management system 10 (hereinafter referred to as "regular user"), the operation ID is also associated with the information of the approved authority.

The operation ID management unit 116 manages the information of each operation ID, determines whether or not the operation instructed by the user to the device 20 can be used with the usage authority corresponding to the operation ID presented by the user, and determines whether or not the operation is available. Allow or deny the operation according to the result of the judgment.

FIG. 4 shows an example of operation ID information managed by the operation ID management unit 116. This information includes operation ID, related address, ID type, approver, usage authority, and expiration date.

The relevant address is the email address entered by the guest when logging in.

The ID type is a type of the operation ID, and takes a value such as an internal guest, an external guest, or approved. The ID type "in-house guest" is a user who is a member of the organization (that is, registered in the directory service 50) but is not registered in the device management system 10 (hereinafter, a user who meets this condition is referred to as an "in-house guest". This is the type of operation ID issued to the user determined to be). The ID type "external guest" is for a guest who is determined not to belong to the organization (that is, is not registered in the directory service 50) (hereinafter, a user who meets this condition is referred to as an "external guest"). The type of operation ID issued. The ID type "approved" is a type of operation ID associated with a usage authority including an authority approved by a legitimate user who has an approval authority. When an internal guest or an external guest who has been given an operation ID obtains approval from a legitimate user who has approval authority in order to use a function that cannot be used with the usage authority corresponding to the operation ID, the approval is obtained. The type of operation ID corresponding to the authority is "approved".

The approver is the identification information of the legitimate user who has approved the operation ID of the "approved" type. In this example, the e-mail address of the legitimate user is used as the identification information of the legitimate user.

The usage authority is the usage authority of the device 20 associated with the operation ID. For example, the operation ID given to the user determined to be an in-house guest as a result of the inquiry to the directory service 50 is associated with the usage authority predetermined for the in-house guest. Further, the operation ID given to the user determined to be an external guest is associated with the usage authority predetermined for the external guest.

For example, the temporary use management unit 110 has the usage authority information 202 for the internal guest and the usage authority information 204 for the external guest illustrated in FIG. 5, and the former is used as the operation ID issued to the internal guest. The latter is associated with the operation ID issued to the guest. In the example of FIG. 5, internal guests are only allowed to copy and print in black and white and both sides according to internal rules, while external guests who are visitors to the organization are allowed to copy and print in color. Will be done. Also, neither internal guests nor external guests are allowed for scanning and fax transmission. The usage rights for internal guests and external guests shown in FIG. 5 are merely examples. The contents of these usage privileges may be determined by the administrator of the device management system 10 in accordance with the security policy of the organization or base.

Further, the operation ID of "approved" is associated with a usage authority including the approved authority. In the example of FIG. 4, the user "guest1@fuji.local" who is an in-house guest is given an operation ID "2345" associated with the usage authority information 202 for the in-house guest at the time of login. After that, when the user receives approval from the legitimate user "auth@fuji.local", for example, a new operation ID "3456" with the added authority to use the functions approved by the legitimate user is given to the in-house guest. NS. For example, if a guest who has the right to use the copy / print is black-and-white / double-sided compulsory and scanning and facsimile transmission are not permitted, and the approver approves the scanning permission, the copy / print is black-and-white / double-sided compulsory and scanning is A new usage right that is permitted or not permitted for facsimile transmission is generated, and a new operation ID associated with this usage right is provided to the guest. Further, the method of issuing a new operation ID with the update of the usage authority in this way is only an example. Instead, in the operation ID information (FIG. 4), the information of the usage authority associated with the operation ID given to the guest may be updated with approval or the like.

The expiration date indicates the date and time of the expiration date of the operation ID. The operator of the device management system 10 may decide how to set the expiration date. Although this is just an example, the expiration time may be set as the end time of the business hours on the day when the operation ID is issued.

The processing flow of the present embodiment will be described with reference to FIG. 6 from the viewpoint of the user interface.

(1) On the login screen 300 displayed on the display device (touch panel) attached to the device 20, an ID field 302 for inputting an e-mail address or a user ID, a password field 304, and a login button 306 are displayed. A regular user registered in the device management system 10 inputs the registered user ID and password in the ID field 302 and the password field 304, and presses the login button 306. In addition, although not shown, the login screen 300 says, "If you are visiting, please enter your e-mail address in the e-mail address / ID field and press the login button. No password is required. Please enter your e-mail address as "." The guest enters his / her e-mail address in the ID field 302 and presses the login button 306. As a result, the login process is performed. The flow when the guest logs in will be described below.

(2) After logging in, the menu screen 310 is displayed on the display device. On the menu screen 310, icons representing various functions provided by the device 20, such as copying, scanning (sending the scan result to a specified e-mail address), and opening a shared folder, are displayed. The guest touches the icon of the function they want to use.

(3) At this point, the guest does not have the authority to use the device 20 and the device management system 10 because the authority has not yet been proved by inputting the operation ID. In this case, the operation ID input screen 320 is displayed on the display device of the device 20. If the guest has already acquired the operation ID, the operation ID is input in the operation ID input field 322 on the screen, and the operation continuation button 324 is pressed. If the usage authority corresponding to the operation ID is such that the function touched in (2) above can be used, the device 20 executes the function. Otherwise, the operation ID input screen 320 is displayed again with a message that the function cannot be used with the operation ID. If the guest has not obtained the operation ID, he / she presses the ID acquisition request button 326 in the operation ID input screen 320. Then, the request is transmitted from the device 20 to the device management system 10, and the device management system 10 generates an operation ID associated with the usage authority according to the guest type (internal guest / external guest) and operates the operation. Send an email containing the ID to the guest's email address. The guest receives the e-mail on the mobile terminal, inputs the operation ID shown in the e-mail into the operation ID input field 322, and presses the operation continuation button 324 to execute the selected function. can do. Depending on the type of guest, the use of the function selected in (2) above may not be permitted. In this case, even if the obtained operation ID is input to the operation ID input screen 320, the function cannot be used (in this case, an error is displayed on the screen).

(4) Some of the functions displayed on the menu screen 310 cannot be used in the case of a guest unless they are approved by a legitimate user who has the approval authority (in the case of a legitimate user, the function of his / her own usage authority). If it is within the range, the function can be used without approval). When the function selected by the guest in (2) above is such a function, the approval application screen 330 is displayed on the display device of the device 20. This screen includes an operation ID input field 332 and an approver email address input field 334. If the guest has not yet received approval for the function, enter the approver's e-mail address in the approver's e-mail address input field 334 and press the ID acquisition request button 338. It is usually assumed that the guest has a legitimate user to visit in the base. This is common, especially for security-sensitive companies. Therefore, in the approver's e-mail address input field 334, the e-mail address of any of the visited legitimate users may be heard and entered. When the approver's e-mail address is entered and the ID acquisition request button 338 is pressed, the device management system 10 sends an approval request e-mail to the e-mail address. When the approver who receives this e-mail performs the approval operation, the device management system 10 generates a new operation ID associated with the new usage authority to which the authority to use the function is added, and the new operation ID is generated. An e-mail displaying the operation ID is sent to the guest's e-mail address. The guest receives the e-mail on the mobile terminal, inputs the operation ID shown in the e-mail into the operation ID input field 332 in the approval application screen 330, and presses the operation continuation button 336. , Can perform the selected function.

Next, the processing flow of the present embodiment will be described in more detail with reference to the sequence diagrams shown in FIGS. 7 and 8.

FIG. 7 shows a flow when the function selected by the guest on the menu screen 310 is a function that does not require the approval of the approver.

First, the user inputs his / her user ID or e-mail address and password (in the case of a legitimate user) to the login screen 300 displayed on the console of the device 20, and presses the login button (S1). In response to this, the device 20 starts the login process (S2). That is, the device 20 transmits the information input by the user to the device management system 10 and requests the login process.

When the information input by the user includes two, a user ID or an e-mail address and a password (in the case of a legitimate user), the device management system 10 that receives this request matches the combination of the two. It is determined whether or not the user exists in the user information DB (S3). If present, the user is a legitimate user for the device management system 10. In this case, the device management system 10 may allow or deny the operation instruction from the user under the same control as before according to the information of the usage authority of the user registered in the user information DB 102. If a user that matches the combination of the entered user ID and password and the password is not found, error processing such as prompting the user to re-enter is executed. Since the processing in the case of a regular user may be the same as in the conventional case, FIG. 7 shows the flow when the user is a guest after S4.

When the information input by the user in S1 is only an e-mail address, the device management system 10 (inquiry unit 112) sends an inquiry including the e-mail address to the directory service 50. The directory service 50 checks whether or not the information of each member in the registered organization includes the e-mail address related to the inquiry, and returns the result of the presence or absence to the device management system 10. If the response to the inquiry is "(registered in the directory service 50)", the device management system 10 (temporary use management unit 110) determines that the user who logged in this time is an in-house guest, and even if it is "not". For example, it is determined that the user is an “outside guest” (S4). The temporary use management unit 110 stores the e-mail address input in S1 and the guest type (internal / external) information determined in S4 as the information of the user who is using the device 20 in a reduced manner.

After S2, the device 20 displays the menu screen 310 (S5). In the example of FIG. 7, it is assumed that the user (guest) selects the icon of the function "copy" that is not the target of the approval process on the menu screen 310. The device 20 inquires the device management system 10 whether or not it has the usage authority for the function "copy" selected by the user (S6).

In the example of FIG. 7, since the guest has never input the operation ID by the time of S6, he / she does not have the right to use any of the functions. Therefore, the device management system 10 determines that it is necessary to input the operation ID (S7). The device management system 10 instructs the device 20 to display the operation ID input screen 320 (see FIG. 6) (S8).

Since the guest has not yet obtained the operation ID, he presses the ID acquisition request button 326 on the operation ID input screen 320 (S9). The request is transmitted from the device 20 to the device management system 10. The device management system 10 generates an operation ID in response to the request (S10). Since the device management system 10 stores the guest type information of the user logged in in S1 and S2 (see S4), in S10, the generated operation ID is used with the usage authority according to the guest type (see FIG. 5). ), Registered in the operation ID information (FIG. 4) in association with information such as an e-mail address. At this time, the expiration date of the operation ID is determined, and the expiration date is registered in the operation ID information. The device management system 10 transmits an e-mail indicating the generated operation ID to the e-mail address (S11).

The device management system 10 causes the device 20 to display the operation ID input screen 320 again (S12). The guest browses the e-mail from the device management system 10 on his / her mobile terminal, and inputs the operation ID shown therein on the operation ID input screen 320 (S13). The device management system 10 obtains the usage authority information corresponding to the input operation ID from the operation ID information, determines whether or not the function "copy" currently requested by the guest is within the range of the usage authority, and ranges. If it is inside, the copy process is executed (S14). For example, if the guest is an in-house guest (see FIG. 5) whose authority is to force black-and-white / double-sided output for copying, the device 20 displays the copy setting screen by inputting the operation ID in S13. However, on the setting screen, the color setting is fixed to "black and white" and the single-sided / double-sided setting is fixed to "double-sided" and cannot be changed. The guest modifies other modifiable settings as needed and performs a copy. If the currently requested function "copy" is outside the scope of its usage authority (copying itself is not permitted), the device 20 displays an error screen including a message that the function cannot be used with the guest's authority.

When the process corresponding to the function requested by the guest is executed by the device 20, the device management system 10 records the log (history information) of the process in the usage history recording unit 108. In the log, the e-mail address input in S1 is recorded as information indicating the user who requested the processing.

With reference to FIG. 8, a flow in the case where the function selected by the guest on the menu screen 310 is a function that requires the approval of the approver is illustrated. Of this flow, the flow from the input of the e-mail address (S1) to the determination of the guest type (S4) and the display of the menu screen 310 (S5) is the same as the example of FIG. Is omitted.

It is assumed that the function selected by the guest with respect to the menu screen 310 displayed in S5 is a scanning function that requires approval (S6A). Since the guest has never input the operation ID by the time of S6A, the device management system 10 determines that the operation ID needs to be input, and the requested scan function needs to be approved. (S7A). The device management system 10 holds information indicating whether each function requires approval or is not required, and S7A makes a judgment based on this information. According to this determination, the device management system 10 instructs the device 20 to display the approval application screen 330 (see FIG. 6) (S8A). Since the guest has not obtained approval yet, enter the e-mail address of, for example, the authorized user of the visited person who has the approval authority in the approver email address input field 334 of the approval application screen 330, and click the ID acquisition request button. Press 338 (S9A). The request is transmitted from the device 20 to the device management system 10.

The device management system 10 searches the user information DB 102 (see FIG. 3) for a user corresponding to the input approver's e-mail address, and confirms whether the searched user has the approval authority (S21). If the corresponding user cannot be found, or if the user does not have the approval authority even if the user is found, an error screen prompting the input of another approver is displayed on the device 20. Further, even if the approver input by the user has the approval authority, if the approver does not have the usage authority for the function selected by the user in S6A, the same error screen is displayed on the device 20.

If the input approver is determined to be appropriate in S21, the device management system 10 sends an e-mail requesting approval to the e-mail address of the approver (S22). For this e-mail, for example, "<Guest e-mail address entered in S1> requires approval of the right to use the scanning function of the multifunction device. Please access the following URL to perform the approval process. A message such as "" and a URL (Uniform Resource Locator) for approval processing are included. This URL is the URL of the approval web page generated by the device management system 10 for approval of the approval request. When the approver accesses the URL from his / her terminal, a login page is provided, and when the user ID and password are entered for the login page, the approval web page is provided. When the approver presses the approval button shown on the page (S23), the device management system 10 generates an operation ID, and the operation ID is used as a usage authority including the scanning authority requested and approved by the guest. It is registered in the operation ID information (FIG. 4) in association with (S24). At this time, the usage authority associated with the operation ID is the addition of the scanning authority to the usage authority according to the type of the guest. The device management system 10 transmits an e-mail indicating the generated operation ID to the e-mail address (S11). The processing after S11 is the same as the example of FIG.

As described above, in the present embodiment, the device management system 10 refers to the directory service 50 to determine whether the guest type is internal (belonging to the organization) or external (not belonging). , Grant the guest the usage authority according to the determined type. Further, in the present embodiment, the guest can use a specific function only after receiving approval from an authorized approver.

In the example of FIG. 7, when the type of the logged-in guest is known (S4), the operation ID is not yet provided to the guest, and the guest operates after instructing the function to be used on the menu screen 310 (S6). IDs were provided (S8-S11). However, such a flow is just an example. For example, when the guest type is selected in S4, the device management system 10 may generate an operation ID associated with the usage authority according to the type and send it to the guest's e-mail address. In this case, the guest can input the operation ID received at the time of S4 to the operation ID input screen 320 displayed on the device 20 in S8.

In the above example, the guest user is made to enter an e-mail address, and an e-mail for notifying the operation ID is sent to the e-mail address, but the use of such an e-mail is only an example. The guest user may be asked to enter a communication address other than the e-mail address. For example, the guest user may be made to enter the mobile phone number instead of the e-mail, and the guest user may be notified of the operation ID by using another notification means such as a short message service that uses the mobile phone number as the communication address. ..

<Second Embodiment>
FIG. 9 shows an example of a system configuration to which the method of this embodiment is applied. In FIG. 9, the same elements as those shown in FIG. 1 are designated by the same reference numerals, and the description thereof will be omitted.

In this embodiment, the local network 30 in the base is provided with a wireless AP (access point) 40. The guest connects to the wireless AP40 from a mobile terminal 60 such as a smartphone by wireless communication compliant with a wireless LAN standard such as Wi-Fi (trademark) and participates in the local network 30. In order to wirelessly connect to the wireless AP40 from the mobile terminal 60, information on the SSID (Service Set Identifier) and encryption key (password) of the wireless AP40 is required, and the guest can use this information at the destination of the visit in the base. It shall be informed by a legitimate user. Conversely, the guest here is a person who is trusted by the base or organization so that the SSID and encryption key of the wireless AP40 can be taught, for example, collaborating with members of other bases in the same organization or the organization. An example is a collaborator outside the organization.

The device management system 10 prepares a URL for accepting an operation ID issuance request for using the device 20, and when a guest accesses the URL, provides a web page for accepting ID issuance. However, this access is only accepted from within the same local network 30 (subnet) as the device management system 10. Those who access from the same local network 30 have received some trust from the base in that they are allowed to participate in the local network 30 (for example, they are taught the SSID and encryption key of the wireless AP40). It can be said that there is a person. In this embodiment, the operation ID is issued only to such a person. Whether or not the access to the URL is from within the same local network 30 (subnet) is determined by, for example, the MAC of the access source terminal (for example, mobile terminal 60) from the device management system 10 by ARP (Address Resolution Protocol) or the like. Media Access Control) Judgment should be made based on whether or not the address can be acquired.

FIG. 10 shows the configuration of the device management system 10 in this embodiment. The device management system 10 of FIG. 10 is obtained by adding an ID request receiving unit 111 to the device management system 10 of the first embodiment shown in FIG.

The ID request reception unit 111 provides a web page for accepting ID issuance, and receives an ID request from a user for the web page. Here, the ID request reception unit 111 confirms whether or not the terminal (for example, the mobile terminal 60) that has accessed the web page for receiving the ID issuance is on the same local network 30, and confirms whether or not the terminal is on the same local network 30. If it is above 30, it responds to the web page for accepting ID issuance. When the web browser of the mobile terminal 60 displays the web page for accepting the ID issuance and the guest presses the ID issuance request button displayed on the web page, the web browser sends the ID issuance request to the device management system 10. NS. The ID request receiving unit 111 receives the ID issuing request and transmits the ID request receiving unit to the operation ID issuing unit 114A. If the access to the ID issuance acceptance web page is not from within the same local network 30, the ID request reception unit 111 does not respond to the ID issuance acceptance web page, and instead operates because it is outside the network. It responds with an error page indicating that the ID cannot be provided.

When the operation ID issuing unit 114A receives an ID issuing request from a guest via the ID request receiving unit 111, the operation ID is associated with a predetermined initial usage authority (hereinafter referred to as "initial usage authority"). To generate. Then, the web page displaying the operation ID is returned to the requesting web browser. The initial usage authority is predetermined to be given to the request to the ID request receiving unit 111. For example, only black-and-white copying is permitted, and other functions such as printing and scanning via the network are allowed. It is a low-level authority such as not allowing any authority. The content of the initial usage authority may be determined by the administrator of the device management system 10 according to the security policy and set in the device management system 10.

When the operation ID issuing unit 114A receives an authority upgrade request from a guest, if the guest is an in-house guest, the operation ID issuing unit 114A assigns an operation ID associated with a higher authority content usage authority predetermined for the in-house guest. Provide to the guest (or upgrade the initial usage authority corresponding to the original operation ID to the authority content for the in-house guest). Whether or not the guest requesting the authority upgrade request is an in-house guest is determined by asking the guest to input the user information and authentication information (password, etc.) registered in the directory service 50 of the organization. That is, when the inquiry unit 112 inquires the directory service 50 whether the user information and the authentication information input in response to this request are surely registered, and receives a reply to the effect that the user information and the authentication information are registered, the guest is the guest. Is determined to be an in-house guest. If the response from the directory service 50 is "not registered", the guest is an external guest, and the external guest is not allowed to upgrade the usage authority in the authority upgrade request.

Further, as in the first embodiment, the operation ID issuing unit 114A has added a process for expanding the guest usage authority (for example, an authority for an approved function) when approval is received from a legitimate user who has an approval authority. (Provide a new operation ID to the guest) is executed.

An example of the processing flow in this embodiment is shown with reference to FIG.

First, when the user (guest) enters the base, the user (guest) connects his / her mobile terminal 60 to the wireless AP40 in the base. Then, the web browser of the mobile terminal 60 accesses the web page for accepting ID issuance, which is known from the authorized user of the visited destination, and requests the acquisition of the operation ID (S101).

The device management system 10 determines whether or not the mobile terminal 60 that has accessed the web page for accepting ID issuance is in the same local network 30 (same subnet). Then, when it is determined that the network is in the same local network 30, an operation ID associated with the predetermined initial usage authority is generated (S102), and a web page displaying the operation ID is addressed to the mobile terminal 60. (S103). Further, the device management system 10 creates an entry for the operation ID in the operation ID information (see FIG. 4), and registers the information of the initial usage authority in the entry.

FIG. 12 shows a display example of the web page 400 for this operation ID notification. On this web page 400, the operation ID value "1234" and the explanation "black and white copy only" of the contents of the initial usage authority are displayed.

It is assumed that the guest displays the menu screen 310 (see FIG. 6) on the display device (touch panel) of the device 20, and presses, for example, the icon of the scan function in the menu screen 310 (see FIG. 6) (S104). The device 20 asks the device management system 10 if it may perform the selected scanning function. Since the device management system 10 has not logged in as a regular user or input an operation ID from the guest operating the device 20, the device management system 10 determines that the guest does not have the right to use the device 20 and determines that the guest does not have the operation ID. The input screen 320 is displayed on the display device of the device 20 (S105).

Here, it is assumed that the guest inputs, for example, the operation ID obtained earlier and displayed on the screen of the mobile terminal 60 (S106). The device management system 10 that has received the operation ID from the device 20 collates the content of the usage authority corresponding to the operation ID with the function (scan) that the guest has requested to use earlier (S107). Since the operation ID obtained by the guest at this point is associated with the initial operation authority (“black and white copy only”) acquired in S103, it is determined in S107 that the scan authority is not available. In this case, the device management system 10 instructs the device 20 to display the employee authentication screen (S108). Although not shown, the employee authentication screen has a user ID input field and a password input field, and if the guest is a member of an organization (for example, the company that owns the base), the input fields are displayed. , Enter the user ID and password registered in the organization (directory service 50) (S109).

When the device management system 10 acquires the user ID and password entered by the guest from the device 20, the inquiry unit 112 determines whether or not the user corresponding to the user ID and password pair is registered in the directory service 50. Inquire (S110). If registered, the guest is a member (employee) of the organization and is classified as an in-house guest. When the answer from the directory service 50 to this inquiry indicates that it is "registered", the device management system 10 has a new operation ID associated with the predetermined usage authority for the in-house guest. Is generated (S111), and the operation ID is notified to the web browser of the mobile terminal 60 (S112). This notification may be performed, for example, by updating the content of the operation ID notification web page provided to the guest mobile terminal 60 by the device management system 10 in S103 to display the new operation ID. .. For example, if the web page for notification of the operation ID is configured to periodically inquire the URL of the page for the update or not, and if there is an update, the updated web page is acquired, the new operation ID is displayed. The web page will be displayed on the mobile terminal 60. As another example, an update button is provided on the operation ID notification web page, and when the guest presses the update button, an update request is sent to the device management system 10 and a new operation ID is sent from the device management system 10. The displayed web page may be responded to. FIG. 12 illustrates a web page 410 displaying a new operation ID after the authority upgrade.

The new operation ID generated in S111 may be displayed on the display device of the device 20.

After S109, the device management system 10 displays the operation ID input screen 320 again (S113). When the guest inputs the new operation ID obtained in S112 on the operation ID input screen 320 and presses the operation continuation button 324 (see FIG. 6), the operation ID is transmitted from the device 20 to the device management system 10. (S114). The device management system 10 checks the usage authority corresponding to the operation ID, and the scanning function required by the examination is permitted (in this example, the usage authority of the in-house guest includes the scanning authority). When it is found that the device 20 is executed, the device 20 is permitted to execute the scanning function (S115).

The main configuration and processing of the second embodiment have been described above. In this second embodiment as well, as in the first embodiment, some of the functions provided by the device 20 may require the approval of a legitimate user who has the approval right when used by the guest. The processing of the device management system 10 when the guest selects a function requiring such approval on the menu screen 310 (see FIG. 6) may be basically the same as that of the first embodiment. The difference is that in the first embodiment, the operation ID associated with the authority after approval is notified to the guest's e-mail address, whereas in this second embodiment, the web page for operation ID notification is similar to S103. The point is to notify in the form of (or display on the display device of the device 20).

As described above, in the second embodiment, a guest operating a terminal participating in the same local network 30 as the device management system 10 is given a low-level initial usage right, and such a guest is given. Among them, those corresponding to in-house guests are given a higher level of usage authority upon request. As a result, the guest will use the device 20 with authority according to the type of external or internal.

In the first and second embodiments described above, the guest is authorized to use the device 20 for each function, but instead, the same usage authority as the approver has when the approver approves. May be given to the guest.

Further, in the first and second embodiments, it is said that whether or not approval by a regular user is required for guest use is predetermined for each function, but this is only an example. Instead, if the function requested by the guest is not limited to a specific function and the usage authority corresponding to the operation ID entered by the guest does not allow the use, obtain approval from a legitimate user. May make the feature available to guests.

The device management system 10 illustrated above is realized by causing a computer to execute a program representing the functions of the system. Here, the computer is, for example, hardware such as a microprocessor such as a CPU, a memory (primary storage) such as a random access memory (RAM) and a read-only memory (ROM), an HDD (hard disk drive), or an SSD (solid state drive). A controller that controls a fixed storage device such as), various I / O (input / output) interfaces, a network interface that controls connection to a network such as a local area network, etc. are connected via, for example, a bus. It has a circuit configuration. Further, on the bus, for example, via an I / O interface, a portable non-volatile recording of various standards such as a disk drive for reading and / or writing to a portable disk recording medium such as a CD or DVD, or a flash memory. A memory reader / writer for reading and / or writing to the medium may be connected. A program in which the processing contents of each functional module illustrated above are described is stored in a fixed storage device via a recording medium such as a CD or DVD, or via a communication means such as a network, and is installed in a computer. By reading the program stored in the fixed storage device into RAM and executing it by a microprocessor such as a CPU, the functional module group illustrated above is realized.

10 device management system, 20 devices, 30 local network, 50 directory service, 60 mobile terminals, 102 user information DB, 104 login processing section, 106 authority management section, 108 usage history recording section, 110 temporary usage management section, 111 ID request Reception department, 112 inquiry department, 114, 114A operation ID issuing department, 116 operation ID management department.

Claims (6)

Computer,
A first usage permission means for a legitimate user registered in a system, and a first usage permission means for permitting the legitimate user to use the system within the range of the usage authority of the legitimate user.
A second use that allows an external user who is not a legitimate user of the system to use the system within the scope of authority for the external user, which is a range different from the scope of authority for the legitimate user. Permit means,
It is a program that functions as
The second usage permission means may be a case where the identification information of the external user is registered in the directory service of the organization of the legitimate user, or a case where the identification information is not registered in the directory service. , The range of permitting the external user to use the system is different .
The identification information of the external user is a communication address of the external user, and is
The second usage permission means has different usage privileges depending on whether the identification information of the external user is registered in the directory service or not registered in the directory service. When the associated temporary identification information is transmitted to the communication address and the temporary identification information is input from the external user, the external user is allowed to use the system according to the usage authority associated with the temporary identification information. to approve,
It features and to Help program that. Computer,
A first usage permission means for a legitimate user registered in a system, and a first usage permission means for permitting the legitimate user to use the system within the range of the usage authority of the legitimate user.
A second use that allows an external user who is not a legitimate user of the system to use the system within the scope of authority for the external user, which is a range different from the scope of authority for the legitimate user. Permit means,
It is a program that functions as
The second usage permission means may be a case where the identification information of the external user is registered in the directory service of the organization of the legitimate user, or a case where the identification information is not registered in the directory service. , The range of permitting the external user to use the system is different.
Further, the second usage permission means is
When a usage request for the system is received, if the source of the usage request is a device on the same local network as the computer, the first usage authority associated with the device of the source is associated with the first usage authority. It has a means to provide temporary identification information of
Identification information before Symbol external user, wherein if those listed in the directory service, the first second second temporary the identification information external user that associates the use authority which is different from the use authority When the first temporary identification information is input from the external user, the first usage authority is followed, and when the second temporary identification information is input, the second usage authority is specified. To allow the external user to use the system according to
It features and to Help program that. The second usage permission means is
A means for determining whether or not the function of the system selected as a usage target by the external user is a function that requires the approval of the legitimate user who has the approval authority.
When it is determined that the function selected as the usage target requires approval, the authorized user who has the approval authority is requested to approve, and when the approval is obtained, the usage authority of the external user is determined. A means to add the authority to use the above-mentioned function selected as the usage target, and
The program according to claim 1 or 2, further comprising. Computer,
A first usage permission means for a legitimate user registered in a system, and a first usage permission means for permitting the legitimate user to use the system within the range of the usage authority of the legitimate user.
A second use that allows an external user who is not a legitimate user of the system to use the system within the scope of authority for the external user, which is a range different from the scope of authority for the legitimate user. Permit means,
It is a program that functions as
The second usage permission means may be a case where the identification information of the external user is registered in the directory service of the organization of the legitimate user, or a case where the identification information is not registered in the directory service. , The range of permitting the external user to use the system is different.
The second usage permission means has a wider range when the identification information of the external user is not registered in the directory service than when the identification information of the external user is registered in the directory service. allow operation, program. A first usage permission means for a legitimate user registered in the system, and a first usage permission means for permitting the legitimate user to use the system within the range of the usage authority of the legitimate user. ,
A second use that allows an external user who is not a legitimate user of the system to use the system within the scope of authority for the external user, which is a range different from the scope of authority for the legitimate user. Permits and
Have,
The second usage permission means may be a case where the identification information of the external user is registered in the directory service of the organization of the legitimate user, or a case where the identification information is not registered in the directory service. , The range of permitting the external user to use the system is different .
The identification information of the external user is a communication address of the external user, and is
The second usage permission means has different usage privileges depending on whether the identification information of the external user is registered in the directory service or not registered in the directory service. When the associated temporary identification information is transmitted to the communication address and the temporary identification information is input from the external user, the external user is allowed to use the system according to the usage authority associated with the temporary identification information. to approve,
An information processing device characterized by this. A first usage permission means for a legitimate user registered in the system, and a first usage permission means for permitting the legitimate user to use the system within the range of the usage authority of the legitimate user. ,
A second use that allows an external user who is not a legitimate user of the system to use the system within the scope of authority for the external user, which is a range different from the scope of authority for the legitimate user. Permits and
Have,
The second usage permission means may be a case where the identification information of the external user is registered in the directory service of the organization of the legitimate user, or a case where the identification information is not registered in the directory service. , The range of permitting the external user to use the system is different.
The second usage permission means has a wider range when the identification information of the external user is not registered in the directory service than when the identification information of the external user is registered in the directory service. Allow operation,
An information processing device characterized by this.

Images