JP6959571B2 - Printing system and printing equipment - Google Patents

Description

The present invention relates to a printing system and a printing apparatus .

Cloud printing is known, which is a printing operation in which a print job is transmitted from a mobile device to a cloud server, and an MFP (Multi Functions Peripheral) receives a print job from the cloud server and prints the print job (see Patent Document 1).

In addition, there is a mode in which authentication printing is performed in combination with cloud printing. In other words, when the printer downloads the print job uploaded to the server and prints the print job, it authenticates that the user who wants the printer to print is a registered user registered in advance on the server, and legitimately. If you are an authenticated user, allow the printer to print the print job. Note that the authentication printing can also be performed in a form in which a print job is transmitted from the client terminal to the printer without going through a server on the cloud.

Japanese Unexamined Patent Publication No. 2016-175314

Here, printers installed in places where an unspecified number of people gather (for example, hotel lobbies, stores, airport lounges, company visitor spaces, etc.) are used only by those who are in the vicinity of the printer. Imagine a case where you try to improve the service by admitting.
The above-mentioned authenticated printing maintains security by permitting the registered user to print, and the registered user can receive the printing service even from a remote location of the printer using the Internet. However, the security of limiting the user to registered users and the advantages of authentication printing that the user can be anywhere, conversely make it difficult to realize the above case.

The present invention has been made in view of the above-mentioned problems, and provides a printing system and a printing device capable of allowing an unspecified user in the vicinity of the printing device to use the printing device.

One aspect of the present invention is a printing system including a printing device, a wireless communication terminal, and a server, and the printing device transmits a beacon signal including authentication information having a defined validity period. The wireless communication terminal includes a beacon transmitting unit and a printing unit that executes printing based on print data received from the server, and the wireless communication terminal includes a beacon receiving unit that receives the beacon signal and the received beacon signal. A request transmission for transmitting a print request including the print data and the authentication information stored in the storage unit to the server in response to the input print instruction and the storage unit that stores the authentication information. The server includes an authentication unit that determines the validity of the print request based on the authentication information included in the print request received from the wireless communication terminal, and the authentication unit determines that the print request is valid. It includes a print data transmission unit that transmits the print data included in the print request to the printing apparatus.

According to this configuration, the wireless communication terminal can receive the beacon signal when it is located within a limited range where the beacon signal transmitted by the printing device can reach. Then, the wireless communication terminal that has received the beacon signal can transmit the authentication information included in the beacon signal to the server as a print request together with the print data. The server determines the validity of the print request based on the authentication information included in the print request transmitted from the wireless communication terminal. At this time, since the validity period of the authentication information is set, as a result, the print request transmitted from the wireless communication terminal currently existing in the vicinity of the printing device is authenticated (determined to be valid). .. Therefore, by transmitting the print data included in the print request determined to be valid to the printing device, the printing device can print from the wireless communication terminal currently existing in the vicinity of itself (printing device). Perform data-based printing. That is, according to the present invention, only a user (a user of a wireless communication terminal) who is in the vicinity of the printing device can use the printing device. Further, the user who can use the printing device in this way does not have to be a pre-registered user.

The individual devices constituting such a system are also established as inventions.
That is, a beacon transmitting unit that transmits a beacon signal including authentication information having a defined validity period, and a print data receiving unit that receives print data whose validity has been authenticated based on the authentication information from an external server. It is possible to grasp a printing device including a printing unit that executes printing based on the received print data.
In addition, a beacon receiving unit that receives a beacon signal including authentication information for which a valid period is defined, a storage unit that stores the authentication information included in the received beacon signal, and an input print instruction are received. Therefore, it is possible to grasp a wireless communication terminal including a request transmission unit that transmits a print request including the print data and the authentication information stored in the storage unit to an external server.

Further, one aspect of the present invention is a printing system including a printing device and a wireless communication terminal, and the printing device emits a beacon signal including authentication information having a defined validity period. The wireless communication terminal includes a transmitting unit, an authentication unit that determines the validity of a print request received from the wireless communication terminal, and a printing unit that executes printing based on print data received from the wireless communication terminal. Stores the beacon receiving unit that receives the beacon signal, the storage unit that stores the authentication information included in the received beacon signal, the print data in response to the input print instruction, and the storage unit. A request transmission unit for transmitting a print request including the said authentication information to the printing apparatus is provided, and the authentication unit includes the print request based on the authentication information included in the received print request. The printing unit determines the effectiveness of the above, and the printing unit executes printing based on the print data included in the printing request determined to be valid by the authentication unit.

According to this configuration, the wireless communication terminal can receive the beacon signal when it is located within a limited range where the beacon signal transmitted by the printing device can reach. Then, the wireless communication terminal that has received the beacon signal can transmit the authentication information included in the beacon signal to the printing device as a print request together with the print data. The printing device determines the validity of the printing request based on the authentication information included in the printing request transmitted from the wireless communication terminal. At this time, since the validity period of the authentication information is set, as a result, the print request transmitted from the wireless communication terminal currently existing in the vicinity of the printing device is authenticated (determined to be valid). .. Therefore, by printing based on the print data included in the print request determined to be valid, the printing device can use the print data whose source is the wireless communication terminal currently existing in the vicinity of itself (printing device). Perform based printing. That is, according to the present invention, the printing device can be used only by a user (a user who operates a wireless communication terminal) in the vicinity of the printing device. Further, the user who can use the printing device in this way does not have to be a pre-registered user.

The individual devices constituting such a system are also established as inventions.
That is, a beacon transmitting unit that transmits a beacon signal including authentication information having a defined validity period, and a print request receiving unit that receives a print request including print data and the authentication information from an external wireless communication terminal. Based on the authentication unit that determines the validity of the print request based on the received authentication information included in the print request, and the print data included in the print request that is determined to be valid by the authentication unit. It is possible to grasp a printing unit that executes printing and a printing device including the printing unit.
In addition, a beacon receiving unit that receives a beacon signal including authentication information for which a valid period is defined, a storage unit that stores the authentication information included in the received beacon signal, and an input print instruction are received. Therefore, it is possible to grasp a wireless communication terminal including a request transmission unit that transmits a print request including print data and the authentication information stored in the storage unit to an external printing device.

Further, one aspect of the present invention is the printing system including a printing device and a wireless communication terminal, and the request transmission unit of the wireless communication terminal is via a server capable of communicating with the printing device via a network. The print request may be transmitted to the printing device.
According to this configuration, the print request can be sent to the printing device while maintaining the security of communication by using the communication path between the server and the printing device secured on the network.

Further, one aspect of the present invention is that the beacon transmitting unit of the printing device is a beacon communication unit capable of receiving a beacon signal transmitted from another printing device, and the printing device receives the beacon signal by the beacon communication unit. Based on the beacon signal, the number of other printing devices in the vicinity and the distance from other printing devices in the vicinity are detected, and a beacon signal including the authentication information is transmitted according to the detected number and distance. It may be further provided with an adjusting unit for adjusting the radio field strength for the purpose.
According to this configuration, the printing device itself can appropriately adjust the radio field strength of the transmitted beacon signal according to the number of printing devices installed in a relatively narrow range and the distance between the printing devices.

The technical idea according to the present invention is realized by something other than a printing device, a wireless communication terminal, a printing system (and a server). For example, a method corresponding to a process (process) executed by each of these printing devices, wireless communication terminals, and printing systems (and even a server), a program that causes a computer to execute each method, and a computer-readable computer that stores each program. Each storage medium also holds as an invention.

The figure which shows typically the configuration example of a system. The figure which shows typically the configuration example of each of a wireless communication terminal and a printer. The figure which shows each function which a server has by a block. The figure which shows an example of the advertisement packet. The flowchart which shows the print request processing by the wireless communication terminal of 1st Embodiment. The flowchart which shows the print request relay processing by the server of 1st Embodiment. The figure which shows the other configuration example of the system schematically. The flowchart which shows the print request processing by the wireless communication terminal of 2nd Embodiment. The flowchart which shows the printing process by the printer of 2nd Embodiment. A flowchart showing a radio wave strength adjustment process.

Hereinafter, embodiments of the present invention will be described with reference to each figure. It should be noted that each figure is merely an example for explaining the present embodiment.

1. 1. Outline explanation of device configuration:
FIG. 1 schematically shows a configuration example of a printing system 10 including a wireless communication terminal 20 and a printer 30. The wireless communication terminal 20 corresponds to various mobile devices such as a laptop personal computer (PC), a mobile phone, a smartphone, and a tablet terminal. The wireless communication terminal 20 will be referred to as a terminal 20 below. The printer 30 corresponds to the printing apparatus of the present invention. The printer 30 is a device having at least a printing function, and may be a multifunction device having various functions such as a copying function and a facsimile function in addition to the printing function.

As a preferred example, the printer 30 is installed in a place where an unspecified number of people gather (for example, a hotel lobby, a store, an airport lounge, a visitor space in a company, etc.). Therefore, the terminal 20 is possessed by people who visit the place where such a printer 30 is installed.

The printing system 10 further includes a server 40. The server 40 is a server capable of providing services to each user through a network 50 (for example, a communication network including the Internet). For example, the server 40 is realized as a part (virtual server) of a cloud environment that provides a cloud service. The server 40 may be called a cloud server. Alternatively, the server 40 may be a physical server.

FIG. 2 schematically shows the configurations of the terminal 20 and the printer 30 included in the printing system 10.
In the example of FIG. 2, the terminal 20 includes a control unit 21, a storage unit 22, a display unit 23, an operation reception unit 24, a network interface (NWIF) 25, a beacon communication IF 26, and the like. The control unit 21 is configured to include, for example, one or more ICs having a CPU 21a, a ROM 21b, a RAM 21c, and the like, and other memories as appropriate. In the control unit 21, the CPU 21a controls the behavior of the terminal 20 by executing arithmetic processing according to the program stored in the ROM 21b or the like using the RAM 21c or the like as a work area. The control unit 21 is equipped with the application A as a kind of such a program.

The storage unit 22 is a storage means for storing authentication information and the like included in the beacon signal, as will be described later. The storage unit 22 may be a part of the memory of the control unit 21. The display unit 23 is a means for displaying visual information, and is composed of, for example, a liquid crystal display (LCD), an organic EL display, or the like. The display unit 23 may be configured to include a display and a drive circuit for driving the display. The operation receiving unit 24 is a means for receiving an operation by a user, and is realized by, for example, a physical button, a touch panel, a mouse, a keyboard, or the like. Of course, the touch panel may be realized as one function of the display unit 23. Further, the display unit 23 and the operation reception unit 24 can be referred to as an operation panel or the like.

The NWIF 25 is an IF for connecting to the network 50 and communicating with the outside according to a predetermined network communication protocol. The terminal 20 can be connected to the network 50 by wire or wirelessly via the NWIF 25. However, considering that the terminal 20 is a mobile device, the NWIF 25 is preferably wirelessly connected to the network 50. The NWIF 25 connects to the network 50 via a general mobile phone network, or connects to the network 50 by connecting to an access point (not shown) connected to the network 50 by a Wi-Fi method.

The beacon communication IF26 is an IF capable of executing wireless communication with low power consumption as compared with wireless communication such as the Wi-Fi method. Here, it is assumed that the beacon communication IF26 can execute wireless communication (BLE communication) conforming to the communication standard of Bluetooth Low Energy (BLE: Bluetooth (registered trademark) Low Energy). The communication standard to which the beacon communication IF26 conforms may be a Bluetooth communication standard of Bluetooth 3.0 or earlier.

In the example of FIG. 2, the printer 30 includes a control unit 31, a printing unit 32, a display unit 33, an operation receiving unit 34, a NWIF35, a beacon communication IF36, and the like. The control unit 31 is configured to include, for example, one or more ICs having a CPU 31a, a ROM 31b, a RAM 31c, and the like, and other memories as appropriate. In the control unit 31, the CPU 31a controls the behavior of the printer 30 by executing arithmetic processing according to the program (furware) stored in the ROM 31b or the like using the RAM 31c or the like as a work area.

The printing unit 32 is a mechanism that executes printing based on print data under the control of the control unit 31. The printing method adopted by the printing unit 32 is various, such as an inkjet method and an electrophotographic method. As for the description of the display unit 33 and the operation reception unit 34, the description of the display unit 23 and the operation reception unit 24 shall apply mutatis mutandis.

The NWIF 35 is an IF for connecting to the network 50 and communicating with the outside according to a predetermined network communication protocol. The printer 30 can be connected to the network 50 by wire or wirelessly via the NWIF 35. Specifically, the NWIF 35 is connected to the network 50 by connecting to an access point (not shown) connected to the network 50 by wire or wireless (Wi-Fi method).

The beacon communication IF36 is an IF capable of executing wireless communication with low power consumption as compared with wireless communication such as the Wi-Fi system. Here, it is assumed that the beacon communication IF36 can execute BLE communication in the same manner as the beacon communication IF26 of the terminal 20. The range exemplified by the reference numeral “BR” in FIG. 1 is the beacon reachable range BR reached by the beacon signal transmitted by the beacon communication IF36. In the example of FIG. 1, one terminal 20 (terminal 20a) is in the beacon reachable range BR, and the other terminal 20 (terminal 20b) is outside the beacon reachable range BR. Therefore, in the example of FIG. 1, only the terminal 20a among the terminals 20a and 20b can receive the beacon signal transmitted by the printer 30. The communication standard to which the beacon communication IF36 conforms may be a Bluetooth communication standard of Bluetooth 3.0 or earlier.

FIG. 3 shows each function of the server 40 in a block diagram. In the server 40, each function of the communication unit 41, the authentication information generation unit 42, the authentication unit 43, the storage unit 44, and the like is realized by the cooperation of the hardware and the software. However, in the present embodiment, the device that realizes each of these functions is not limited to the server 40. Each of these functions will be described later.

2. Beacon transmission by printer:
The beacon communication IF36 of the printer 30 transmits (broadcasts) a beacon signal at regular time intervals by BLE communication under the control of the control unit 31.
FIG. 4 is an example of the advertisement packet ADP transmitted by the beacon communication IF36 by the BLE communication. The advertisement packet ADP is a specific example of a beacon signal. In FIG. 4, the header and the like of the advertisement packet ADP are omitted. As shown in FIG. 4, the advertisement packet ADP includes a source address D1, individual identification information D2, authentication information D3, signal strength value D4, and the like.

The source address D1 is the Bluetooth device address of the printer 30 that is the source of the advertisement packet ADP. The individual identification information D2 is identification information for uniquely identifying the printer 30 that is the source of the advertisement packet ADP, and is, for example, a MAC (Media Access Control) address. The individual identification information D2 may be referred to as a printer ID or the like. The signal strength value D4 is a value representing the received signal strength at a position separated by a predetermined reference distance. The advertisement packet ADP may further include the name (printer name) of the printer 30 that is the source of the advertisement packet ADP.

The authentication information D3 is authentication information having a defined validity period, and is generated by the authentication information generation unit 42. In FIG. 3, the server 40 has an authentication information generation unit 42, so that the authentication information D3 is generated by the server 40. However, in the present embodiment, the main body that generates the authentication information D3 may be either the server 40 or the printer 30. That is, the control unit 31 of the printer 30 may realize the authentication information generation unit 42 as one of its functions.

In the configuration in which the server 40 has the authentication information generation unit 42, the authentication information D3 generated by the authentication information generation unit 42 is transmitted to the printer 30 via the network 50 by the communication unit 41 of the server 40. The control unit 31 of the printer 30 causes the beacon communication IF36 to transmit the advertisement packet ADP including the authentication information D3 transmitted from the server 40 in this way. On the other hand, in the configuration in which the printer 30 has the authentication information generation unit 42 (the control unit 31 functions as the authentication information generation unit 42), the control unit 31 (authentication information generation unit 42) generates the authentication information. The advertisement packet ADP including D3 is transmitted to the beacon communication IF36.
The following are some methods for generating authentication information by the authentication information generation unit 42.

Generation method 1:
The authentication information generation unit 42 generates a random character string for each n (n is a positive real number) minutes, and uses this as the authentication information D3. Further, the authentication information generation unit 42 stores the authentication information D3 for the past m (m is a positive real number). Each time the authentication information generation unit 42 generates one authentication information D3, the authentication information generation unit 42 deletes one of the oldest authentication information D3 among the m stored authentication information D3s. As a result, m authentication information D3s are always stored. That is, the m authentication information D3 currently stored is the authentication information D3 within the valid period. For example, if n = 1 and m = 10, n × m = 10 minutes is the time from the generation of one authentication information D3 to the deletion, that is, the validity period of one authentication information D3. Become.

Generation method 2:
The authentication information generation unit 42 encrypts the date and time information indicating the current date and time (year, month, day, and time) by a predetermined encryption method every n minutes, and the encrypted information is referred to as the authentication information D3. do. Further, the authentication information generation unit 42 validates the period from the current date and time to a predetermined time (a predetermined time longer than n minutes) for the authentication information D3 generated based on the current date and time. Set as.

Generation method 3:
The authentication information generation unit 42 combines, for example, every n minutes with date and time information indicating the current date and time and a hash value obtained by inputting the date and time information into a predetermined hash function, and combines this with the authentication information. Let it be D3. When the authentication information generation unit 42 generates a hash value, the date and time information is input to the keyed hash function together with the key (key data) to generate a hash value (keyed hash value) that is difficult to tamper with. Further, the authentication information generation unit 42 receives the authentication information D3, which is a combination of the current date and time and the hash value with the key, from the current date and time to a predetermined time (a predetermined time longer than n minutes). Set the period as the valid period.

Generation method 4:
The authentication information generation unit 42 combines, for example, every n minutes with date and time information indicating the current date and time and an electronic signature for the date and time information, and sets this as authentication information D3. The authentication information generation unit 42 generates an electronic signature for the date and time information by electronically signing the current date and time with a private key for electronic signature. It is possible to verify whether or not the electronic signature is valid (signature verification) by using the public key paired with the private key. Further, the authentication information generation unit 42 sets the period from the current date and time to a predetermined time (a predetermined time longer than n minutes) for the authentication information D3 in which the current date and time and the electronic signature are combined. Set as the validity period.

Regardless of which of the generation methods 1 to 4 is adopted, the advertisement packet ADP transmitted by the beacon communication IF36 of the printer 30 is generated by the authentication information generation unit 42, and is the latest at that time. Authentication information D3 is included. In terms of realizing the transmission of the advertisement packet ADP, it can be said that the control unit 31 and the beacon communication IF36 function as a beacon transmission unit that transmits a beacon signal including the authentication information D3 having a defined validity period.

3. 3. Print request by terminal:
On the terminal 20 side, the control unit 21 repeatedly receives the beacon signal (advertisement packet ADP) repeatedly transmitted by the printer 30 as described above via the beacon communication IF26. That is, the control unit 21 scans the advertisement packet for the signal recognizable via the beacon communication IF26, and receives the advertisement packet ADP transmitted by the BLE communication from the surrounding device. When the control unit 21 recognizes, for example, specific information indicating an advertisement packet defined by the BLE communication format in the header of the signal recognized via the beacon communication IF26, the control unit 21 may receive the advertisement packet ADP. can.

It can be said that the control unit 21 of the terminal 20 and the beacon communication IF26 function as a beacon receiving unit in that the advertisement packet ADP transmitted by the printer 30 is received in this way. Of course, the terminal 20 may receive the advertisement packet ADP from each of the plurality of peripheral printers 30.

The control unit 21 stores the combination of the individual identification information D2 and the authentication information D3 (further, the printer name, etc.) included in the advertisement packet ADP received from the printer 30 via the beacon communication IF26 in the storage unit 22. .. When the control unit 21 stores the information contained in such an advertisement packet ADP in the storage unit 22, the information that is already stored in the storage unit 22 and is the new information that is currently to be stored. The information common to the corresponding printers 30 (information common to the individual identification information D2) may be overwritten with the new information.

FIG. 5 is a flowchart showing a print request process executed by the control unit 21 of the terminal 20 according to the application A.
The control unit 21 determines whether or not the print instruction has been accepted (step S100), and if it determines that the print instruction has been accepted (“Yes” in step S100), proceeds to step S110. That is, when the user inputs a print instruction for an arbitrarily selected file (a file expressing a print target such as text, a photo, or CG) via the operation reception unit 24, the control unit 21 prints the file. Accept instructions. For example, the user of the terminal 20 selects a photo taken by the smartphone (terminal 20) and inputs a print instruction of the photo.

In step S110, the control unit 21 causes the display unit 23 to display the printer list based on the information stored in the storage unit 22. Specifically, the control unit 21 reads out information that identifies the printer 30 such as the individual identification information D2 of the printer 30 and the printer name stored in the storage unit 22, and displays the read information in a list format. Is generated, and this printer list is displayed on the display unit 23.

In step S120, the control unit 21 selects the printer 30 to execute printing. That is, the user selects the printer 30 (individual identification information D2 indicating each printer 30 or the printer name) by operating the operation reception unit 24 from the printer list displayed on the display unit 23. The control unit 21 selects the printer 30 according to such a selection by the user (recognizes the selection result of the printer 30 by the user).

In step S130, the control unit 21 reads the individual identification information D2 and the authentication information D3 of the printer 30 selected in step S120 from the storage unit 22. In addition, the control unit 21 appropriately performs known image processing on the file related to the print instruction for which acceptance is recognized in step S100 to generate print data. The file itself related to the print instruction may be referred to as print data. Then, the control unit 21 transmits the print data and the individual identification information D2 and the authentication information D3 of the printer 30 selected in the read step S120 from the NWIF 25 to the server 40 via the network 50. The print data transmitted to the server 40 in step S130, the individual identification information D2 of the printer 30, and the authentication information D3 are collectively referred to as a print request. The print request may further include information other than these (various commands required for printing execution).
This completes the print request process (FIG. 5).

At the point of executing such step S130, the control unit 21 and the NWIF 25 make a print request including the print data and the authentication information D3 stored in the storage unit 22 in response to the input print instruction to the server 40. It can be said that it functions as a request transmitter to send to.

4. Authentication and printing:
FIG. 6 shows a print request relay process executed by the server 40 by a flowchart.
The server 40 (communication unit 41) determines whether or not the print request has been accepted via the network 50 (step S200), and if it determines that the print request has been accepted (“Yes” in step S200), proceeds to step S210. move on. That is, upon receiving the print request transmitted in step S130 (FIG. 5) by the terminal 20, the server 40 performs the processing of step S210 or less based on the print request. The storage unit 44 of the server 40 temporarily stores the print request.

In step S210, the server 40 (authentication unit 43) performs an authentication process based on the authentication information D3 (hereinafter, target authentication information) included in the print request. The authentication process is a process for determining the validity of a print request. As described above, there are various methods for generating the authentication information D3. Here, specific examples of the authentication process (authentication processes 1 to 4) will be described in correspondence with the generation methods 1 to 4 that can be adopted for generating the authentication information D3.

Authentication process corresponding to generation method 1 1:
The authentication unit 43 determines whether or not the target authentication information matches any of the m authentication information currently stored by the authentication information generation unit 42. Then, if the target authentication information matches any of the m authentication information currently stored, it is determined that the target authentication information is valid, that is, the print request having the target authentication information is valid. .. On the other hand, if the target authentication information does not match any of the m authentication information currently stored, it is determined that the target authentication information is invalid, that is, the print request having the target authentication information is invalid. do.

Authentication process 2: corresponding to the generation method 2:
The authentication unit 43 decrypts the target authentication information by a decryption method corresponding to the encryption method used by the authentication information generation unit 42 for encrypting the date and time information. Then, if the current date and time is within the valid period corresponding to the date and time information obtained by the decoding (the period from the date and time obtained by the decoding to the elapse of the predetermined time), the print request is determined to be valid. do. On the other hand, if the current date and time is not within the valid period corresponding to the date and time information obtained by the decoding, the print request is determined to be invalid. For example, the date and time information obtained by decrypting the target authentication information is 13:00 on August 1, 2017, the predetermined time is 10 minutes, and the authentication process (step S210) is currently being executed. If the date and time of is 13:07 on August 1, 2017, the current date and time will be in the valid period "from 13:00 on August 1, 2017 to 13:10 on August 1, 2017". Therefore, it is determined that the print request is valid.

Authentication process corresponding to the generation method 3:
The authentication unit 43 decomposes the target authentication information into date and time information and a hash value with a key. Then, the date and time information obtained by the decomposition is input to the keyed hash function together with the key used when the authentication information generation unit 42 generates the keyed hash value to generate the keyed hash value. Then, the generated hash value with a key and the hash value with a key obtained by decomposing the target authentication information match, and the current date and time is the valid period corresponding to the date and time information obtained by the decomposition (the relevant). If it is within the period from the date and time obtained by disassembly to the elapse of the predetermined time), it is determined that the print request is valid. On the other hand, if the current date and time is not within the valid period corresponding to the date and time information obtained by the decomposition, or even within the valid period, if the hash values with keys do not match, the print request is determined to be invalid. do. According to the authentication process 3, if the date and time information included in the target authentication information has been tampered with (falsification to a date and time newer than the actual date and time when the target authentication information was generated), the key Illegal print requests can be invalidated because the hash values with are not matched.

Authentication process corresponding to the generation method 4:
The authentication unit 43 decomposes the target authentication information into date and time information and an electronic signature. Then, the date and time information and the electronic signature obtained by the decomposition are verified by the authentication information generation unit 42 using the private key used for the electronic signature and the public key of the pair, and whether or not the electronic signature is valid. To judge. Then, as a result of signature verification, it is determined to be valid, and the current date and time is a valid period corresponding to the date and time information obtained by decomposing the target authentication information (the predetermined time from the date and time obtained by the decomposition). If it is within the elapsed period), it is determined that the print request is valid. On the other hand, if the current date and time is not within the valid period corresponding to the date and time information obtained by the decomposition, or even if it is within the valid period, if it is determined that the signature verification is invalid, the print request is invalid. judge. According to the authentication process 4, if the date and time information included in the target authentication information has been tampered with (falsification to a date and time newer than the actual date and time when the target authentication information was generated), the signature Since it is determined to be unreasonable in the verification, an illegal print request can be invalidated.

As described above, the authentication information generation unit 42 that generates the authentication information D3 is a part of either the server 40 or the printer 30. In the configuration in which the server 40 has the authentication information generation unit 42, the authentication unit 43 of the server 40 stores various information used, stored, and set when the authentication information generation unit 42 generates the authentication information D3. With reference to this, the authentication process (step S210) can be easily performed. On the other hand, in the configuration in which the printer 30 has the authentication information generation unit 42, the authentication unit 43 of the server 40 provides the information necessary for executing the authentication process (step S210) to the printer 30 (authentication information generation unit 42). ) Need to be obtained. Therefore, in the present embodiment, in the configuration in which the printer 30 has the authentication information generation unit 42, the server 40 synchronizes with the authentication information generation unit 42 of the printer 30 via the network 50, and the authentication information generation unit 42. The information possessed by the 42 is acquired and stored in the storage unit 44 for appropriate use. The information possessed by the authentication information generation unit 42 referred to here is m authentication information D3 currently stored in the configuration in which the generation method 1 is adopted. Further, in the configuration in which the generation method 2 is adopted, the decoding method, the key (key required for decoding) and the validity period (the length of a predetermined time), and in the configuration in which the generation method 3 is adopted, the hash function. In a configuration in which the key, valid period (length of predetermined time), and generation method 4 are adopted, the public key and valid period (length of predetermined time) paired with the private key are determined by the authentication information generation unit 42. Corresponds to the information you have.

When the authentication unit 43 succeeds in the authentication in the authentication process of step S210, that is, when it is determined that the print request is valid, the authentication unit 43 proceeds from the branch of step S220 (“Yes” in step S220) to step S230.

In step S230, the server 40 (communication unit 41) transmits the print data included in the print request to the printer 30 designated by the print request. The print request includes the individual identification information D2 of the printer 30. That is, the printer 30 indicated by the individual identification information D2 is the printer 30 designated by the print request. The communication unit 41 transmits the print data included in the print request to the printer 30 indicated by the individual identification information D2 included in the print request via the network 50. This ends the print request relay process (FIG. 6). In terms of executing step S230, it can be said that the server 40 (communication unit 41) functions as a print data transmission unit that transmits the print data included in the print request determined to be valid by the authentication unit 43 to the printer 30.

The control unit 31 of the printer 30 receives the print data transmitted from the server 40 via the network 50 via the NWIF 35. The received print data is print data whose validity has been authenticated based on the authentication information D3 transmitted by itself in the advertisement packet ADP. It can be said that the control unit 31 and the NWIF 35 function as the print data receiving unit in that such print data is received from the server 40. Then, the control unit 31 causes the print unit 32 to execute printing based on the received print data as described above. Of course, the control unit 31 can cause the print unit 32 to perform printing based on the print data after appropriately converting the print data into a format that can be interpreted by the print unit 32.

On the other hand, if the authentication is not successful in the authentication process of step S210, that is, if the print request is determined to be invalid, the authentication unit 43 skips step S230 from the branch of step S220 (“No” in step S220). , The print request relay process (FIG. 6) is completed. If the server 40 does not execute step S230, the server 40 may end the print request relay processing (FIG. 6) after executing the error processing of step S240 as shown in FIG. As error processing, the server 40 transmits, for example, a message (error message) indicating that the print request is invalid to the terminal 20 that sends the print request via the network 50. In addition, the server 40 erases invalid print requests from the storage unit 44. In the terminal 20 that has received the error message, the control unit 21 causes the display unit 23 to display the error message. As a result, the user of the terminal 20 who receives the error message recognizes that printing corresponding to his / her own printing instruction is not executed.

5. summary:
As described above, according to the present embodiment, the printer 30 is a beacon transmitter (31, 36) that transmits a beacon signal (advertisement packet ADP) including the authentication information D3 whose validity period is determined, and the server 40. A printing unit 32 that executes printing based on the received print data is provided. Further, the terminal 20 has a beacon receiving unit (21, 26) for receiving the advertisement packet ADP, a storage unit 22 for storing the authentication information D3 included in the received advertisement packet ADP, and a storage unit 22 according to the input print instruction. , A request transmission unit (21, 25) for transmitting a print request including the print data and the authentication information D3 stored in the storage unit 22 to the server 40. Further, the server 40 is included in the authentication unit 43 that determines the validity of the print request based on the authentication information D3 included in the print request received from the terminal 20, and the print request that is determined to be valid by the authentication unit 43. It includes a print data transmission unit (41) that transmits print data to the printer 30.

According to this configuration, the terminal 20 owned by the user can receive the advertisement packet ADP when it is located in the limited beacon reachable range BR where the advertisement packet ADP transmitted by the printer 30 can reach. Then, the terminal 20 that has received the advertisement packet ADP transmits the authentication information D3 included in the advertisement packet ADP to the server 40 as a print request together with the print data. The server 40 determines the validity of the print request (executes the authentication process) based on the authentication information D3 included in the print request transmitted from the terminal 20.

At this time, since the authentication information D3 has a valid period of a limited short time (for example, several minutes or several tens of minutes), the print request accompanied by the old authentication information D3 whose validity period has expired is invalid. Is determined. For example, a user who receives the advertisement packet ADP of the printer 30 on the terminal 20 when he / she is near the printer 30 installed in the store returns to his / her home, and after that, the authentication included in the received advertisement packet ADP. It is assumed that a print request accompanied by the information D3 is transmitted from the terminal 20 to the server 40 via the Internet. In most cases, such a print request is determined to be invalid because the authentication information D3 has already expired. That is, the use of the printer 30 by the terminal 20 (for example, the terminal 20b) located at a remote location of the printer 30 is substantially prohibited. Further, unlike the conventional authentication printing, the printer is not permitted to be used only by the pre-registered user, but the printer 30 is used if the user (terminal 20) has the currently valid authentication information D3. Available. Therefore, the printer 30 can be used only by the user who is in the vicinity of the printer 30 (the terminal 20 (for example, the terminal 20a) which is in the vicinity of the printer 30), and is used for unauthorized use by a user in a remote place or for authentication. Unauthorized use by falsifying information D3 can be eliminated.

6. Second embodiment:
The embodiments described so far are referred to as first embodiments for convenience. Hereinafter, a second embodiment according to the present invention will be described. Regarding the second embodiment, matters different from those of the first embodiment will be described. The biggest difference between the second embodiment and the first embodiment is that the printer 30 is the execution body of the authentication process instead of the server 40.

FIG. 7 schematically shows a configuration example of the printing system 10. FIG. 7 is basically the same as FIG. 1, but shows the printing system 11 and the access point (AP) 60 for convenience of explanation of the second embodiment. It should be noted that AP60 does not exist even in FIG. The printing system 11 is composed of a printer 30 and a terminal 20 (terminal 20a) within the beacon reachable range BR of the printer 30. That is, a part of the printing system 10 (a configuration that does not include the server 40) is expressed as the printing system 11.

FIG. 8 is a flowchart showing a print request process executed by the control unit 21 of the terminal 20 according to the application A in the second embodiment. Steps S300 to S320 are the same as steps S100 to S120 (FIG. 5).

In step S330, the control unit 21 reads the individual identification information D2 and the authentication information D3 of the printer 30 selected in step S320 from the storage unit 22. In addition, the control unit 21 appropriately performs known image processing on the file related to the print instruction for which acceptance is recognized in step S300 to generate print data. Then, the control unit 21 transmits the print data and the authentication information D3 of the printer 30 selected in the read step S320 from the NWIF 25 to the printer 30 selected in the step S320 via the network 50. That is, the control unit 21 transmits a print request (print request including print data and authentication information D3) to the printer 30 indicated by the read individual identification information D2 via the network 50. This completes the print request process (FIG. 8).

The print request transmitted from the terminal 20 in step S330 is directly transmitted to the printer 30 without going through the server 40 on the network 50. Here, the first embodiment can be said to be a kind of cloud printing because the print data uploaded from the terminal 20 to the server 40 is downloaded from the server 40 to the printer 30 and printed. In cloud printing, since the printer 30 used for cloud printing is registered in the server 40 in advance, the server 40 and the printer 30 recognize each other and pass through a network 50 or a local area network (LAN) between them. It can be said that a communication path is formed. On the other hand, the second embodiment does not correspond to cloud printing because the print data is directly transmitted from the terminal 20 to the printer 30. In such a second embodiment, it is necessary to secure a communication path from the unspecified terminal 20 to the printer 30.

As shown in FIG. 7, the printer 30 is connected to the AP60 that connects the network 50 and the LAN. That is, the AP60 forms the LAN, and the printer 30 participates in the LAN. The AP60 may be called a router. On the other hand, the terminal 20 needs to communicate with the printer 30 in the LAN via the network 50 in a situation where the terminal 20 does not participate in the LAN formed by the AP 60. In order to realize this, the setting in the AP 60 is set so that the access to the printer 30 from outside the LAN is not restricted. With such a setting, it is possible to transmit print data from the terminal 20 to the printer 30 via the network 50 (not via the server 40).

FIG. 9 shows a flowchart of the printing process executed by the printer 30 in the second embodiment.
The control unit 31 of the printer 30 determines whether or not the print request has been accepted via the NWIF35 (step S400), and if it determines that the print request has been accepted (“Yes” in step S400), proceeds to step S410. That is, when the terminal 20 receives the print request transmitted in step S330 (FIG. 8), the printer 30 performs the processing of step S410 or less based on the print request.

In step S410, the control unit 31 performs the authentication process based on the authentication information D3 (target authentication information) included in the print request. In the second embodiment, the printer 30 (control unit 31) executes the authentication process, and the content of the authentication process is as described in the first embodiment (step S210 in FIG. 6). In the second embodiment, the control unit 31 of the printer 30 instead of the server 40 realizes the functions of the authentication information generation unit 42 and the authentication unit 43 (FIG. 3). The control unit 31 proceeds from the branch of step S420 (“Yes” in step S420) to step S430 when the authentication is successful in the authentication process of step S410, that is, when the print request is determined to be valid.

In step S430, the control unit 31 causes the print unit 32 to perform printing based on the print data included in the print request. This ends the printing process (FIG. 9). On the other hand, if the authentication is not successful in the authentication process of step S410, that is, if the print request is determined to be invalid, the control unit 31 skips step S430 from the branch of step S420 (“No” in step S420). , The printing process (FIG. 9) is completed. When the control unit 31 does not execute step S430, as shown in FIG. 9, the control unit 31 may end the printing process (FIG. 9) after executing the error processing of step S440. As an error process, the control unit 31 transmits an error message indicating that the print request is invalid to the terminal 20 that sends the print request via the network 50. In addition, the control unit 31 erases the invalid print request from the memory.

According to the second embodiment, the printer 30 has a beacon transmitter (31, 36) for transmitting a beacon signal (advertisement packet ADP) including authentication information D3 having a defined validity period, and print data. And the print request receiving unit (31, 35) that receives the print request including the authentication information D3 from the terminal 20, and the validity of the print request is determined based on the authentication information D3 included in the received print request. It includes an authentication unit 43 (control unit 31) and a printing unit 32 that executes printing based on print data included in a print request determined to be valid by the authentication unit. Further, the terminal 20 stores a beacon receiving unit (21, 26) that receives a beacon signal (advertisement packet ADP) including the authentication information D3 and a storage unit that stores the authentication information D3 included in the received advertisement packet ADP. 22 and a request transmission unit (21, 25) for transmitting a print request including print data and authentication information D3 stored in the storage unit 22 to the printer 30 in response to the input print instruction. Be prepared. Therefore, as in the first embodiment, the printer 30 can be used only by the user who is in the vicinity of the printer 30 (the terminal 20 (for example, the terminal 20a) which is in the vicinity of the printer 30), and the user in a remote place can use the printer 30. It is possible to eliminate the unauthorized use by the printer and the unauthorized use by falsifying the authentication information D3.

7. Other embodiments:
As a modification of the second embodiment, the request transmission unit (21, 25) of the terminal 20 may transmit a print request to the printer 30 via a server 40 that can communicate with the printer 30 through the network 50. That is, in the second embodiment as well as in the first embodiment, the print request is once transmitted from the terminal 20 to the server 40. Further, the terminal 20 causes the server 40 to transmit the print request to the printer 30. Since the printer 30 executes the authentication process to the last, in the modified example, the server 40 simply receives the print request sent from the terminal 20 to the printer 30 and passes the print request to the printer 30 as it is. be. According to such a modification, the print request by the terminal 20 can be transmitted to the printer 30 while maintaining the security of communication by using the communication path between the server 40 and the printer 30 secured on the network 50. can. That is, in the AP60 as described above, it is not necessary to make a setting that does not impose restrictions on access to the printer 30 from outside the LAN.

Although only one printer 30 connected to the network 50 is shown in FIGS. 1 and 7, a case where a plurality of printers 30 are installed in a relatively close range (for example, a plurality of printers 30 in a corner of a hotel lobby). The case where the printer 30 is installed) can also be assumed. In such a case, if the beacon reach BRs of the plurality of printers 30 overlap, interference of the beacon signals and communication problems may occur, and the terminal 20 may not be able to normally receive the beacon signals from the printers 30. In view of such a situation, each printer 30 may repeatedly execute the radio wave intensity adjusting process at appropriate time intervals.

FIG. 10 shows a flow chart of a radio wave intensity adjusting process executed by the control unit 31 of one printer 30. Regarding the description of FIG. 10, the printer 30 that executes the radio wave intensity adjusting process is referred to as the main printer 30 for convenience.
In step S500, the control unit 31 scans the advertisement packet for the signal recognizable via the beacon communication IF36 for a predetermined time, thereby performing BLE communication from another peripheral printer 30 (hereinafter, peripheral printer). Receives the advertisement packet ADP transmitted in. When the control unit 31 recognizes, for example, specific information indicating an advertisement packet defined by the BLE communication format in the header of the signal recognized via the beacon communication IF36, the control unit 31 may receive the advertisement packet ADP. can.

In step S510, the control unit 31 detects the number of peripheral printers and the distance between itself (main printer 30) and the peripheral printers based on the result of the scan in step S500. For example, how many peripheral printers the control unit 31 received the advertisement packet ADP from, that is, based on the individual identification information D2 included in each of the advertisement packet ADPs that were successfully received as a result of the scan in step S500. It is possible to detect how many peripheral printers exist.

Further, the control unit 31 detects the distance from the peripheral printer of the source of the advertisement packet ADP based on the advertisement packet ADP for each peripheral printer (for each individual identification information D2).
For example, the control unit 31 has a reception signal strength [RSSI (Received Signal Strength Indication)] of the advertisement packet ADP when the beacon communication IF36 receives the advertisement packet ADP, and a signal strength value D4 included in the advertisement packet ADP (FIG. FIG. Compare with 4). Then, the control unit 31 detects the distance from the peripheral printer of the transmission source of the advertisement packet ADP based on the result of the comparison. In this case, the detected distance may be a specific distance such as several meters or several centimeters. For example, if RSSI ≥ D4, the distance from itself (main printer 30) is within a predetermined reference distance ("" If RSSI <D4, it may be determined that the distance exceeds the reference distance (“far distance”).

Further, the control unit 31 may detect the distance to the peripheral printer as follows. For example, the control unit 31 stores in advance a table in the RAM 31c or the like that defines the correspondence between the distance between the source of the advertisement packet ADP and the side receiving the advertisement packet ADP and the reception signal strength RSSI of the advertisement packet ADP. I will do it. Then, by reading the distance corresponding to the received signal strength RSSI when the beacon communication IF36 receives the advertisement packet ADP with reference to the table, the distance to the peripheral printer of the transmission source of the advertisement packet ADP is detected. ..

In step S520, the control unit 31 adjusts the radio wave intensity of the advertisement packet ADP transmitted from the beacon communication IF36 according to the detection result of step S510. For example, the control unit 31 weakens the radio wave intensity from the current setting when the number of peripheral printers whose distance from itself (main printer 30) is within the reference distance is equal to or greater than the predetermined reference number. This completes the radio field strength adjustment process. The control unit 31 of the printer 30 that executes such radio wave strength adjustment processing is based on the beacon signal (advertisement packet ADP) received by the beacon communication unit (36), the number of other printers 30 in the vicinity, and the surroundings. It can be said that it functions as an adjusting unit that detects the distance from the printer 30 and adjusts the radio wave strength for transmitting the advertisement packet ADP according to the detected number and distance. Then, according to such a configuration, the radio field strength of the beacon signal transmitted by the printer 30 is appropriately adjusted according to the number of printers 30 installed in a relatively narrow range and the distance between the printers 30. Problems such as beacon signal interference can be avoided.

Further, in the above-described embodiment, an example in which the CPU (processor) executes each process has been described. Here, in the present specification, the CPU may be composed of one or a plurality of CPUs, or may be composed of one or a plurality of integrated circuits [for example, an ASIC (Application Specific Integrated Circuit)]. Further, the CPU may be composed of a combination of one or a plurality of CPUs and one or a plurality of integrated circuits.

10, 11 ... Printing system, 20 ... Wireless communication terminal (terminal), 21 ... Control unit, 21a ... CPU, 21b ... ROM, 21c ... RAM, 22 ... Storage unit, 23 ... Display unit, 24 ... Operation reception unit, 25 ... NWIF, 26 ... Beacon communication IF, 30 ... Printer, 31 ... Control unit, 31a ... CPU, 31b ... ROM, 31c ... RAM, 32 ... Printing unit, 33 ... Display unit, 34 ... Operation reception unit, 35 ... NWIF, 36 ... Beacon communication IF, 40 ... Server, 42 ... Authentication information generation unit, 43 ... Authentication unit, 50 ... Network, 60 ... AP, ADP ... Advertisement packet, D2 ... Individual identification information, D3 ... Authentication information, D4 ... Signal strength value

Claims (5)

A printing system that includes a printing device, a wireless communication terminal, and a server.
The printing device includes a beacon transmitting unit that transmits a beacon signal including authentication information for which a valid period is defined, and a printing unit that executes printing based on print data received from the server.
The wireless communication terminal includes a beacon receiver for receiving the beacon signal, a storage unit for storing the authentication information included in the beacon signal received in response to the inputted print instruction, print data, A request transmission unit for transmitting a print request including the authentication information stored in the storage unit to the server is provided.
The server includes an authentication unit that determines the validity of the print request based on the authentication information included in the print request received from the wireless communication terminal, and the print request that is determined to be valid by the authentication unit. A print data transmission unit that transmits the included print data to the printing apparatus is provided .
The beacon transmitting unit is a beacon communication unit capable of receiving a beacon signal transmitted from another printing device.
The printing device detects the number of other printing devices in the vicinity and the distance from other printing devices in the vicinity based on the beacon signal received by the beacon communication unit, and according to the detected number of printing devices and the distance. A printing system further comprising an adjusting unit for adjusting a radio wave intensity for transmitting a beacon signal including the authentication information. A beacon transmitter that emits a beacon signal containing authentication information with a defined validity period,
A print data receiver that receives print data whose validity has been authenticated based on the authentication information from an external server, and
A printing unit that executes printing based on the received print data is provided .
The beacon transmitting unit is a beacon communication unit capable of receiving a beacon signal transmitted from another printing device.
Based on the beacon signal received by the beacon communication unit, the number of other printing devices in the vicinity and the distance from other printing devices in the vicinity are detected, and the authentication information is generated according to the detected number and distance. A printing apparatus characterized in that it further includes an adjusting unit for adjusting the radio field strength for transmitting the included beacon signal. A printing system that includes a printing device and a wireless communication terminal.
The printing device includes a beacon transmitting unit that transmits a beacon signal including authentication information having a defined validity period, an authentication unit that determines the validity of a print request received from the wireless communication terminal, and the wireless communication terminal. It is equipped with a printing unit that executes printing based on the print data received from.
The wireless communication terminal includes a beacon receiver for receiving the beacon signal, a storage unit for storing the authentication information included in the beacon signal received in response to the inputted print instruction, print data, A request transmission unit for transmitting a print request including the authentication information stored in the storage unit to the printing device is provided.
The authentication unit determines the validity of the print request based on the authentication information included in the received print request.
The printing unit executes printing based on the printing data included in the printing request determined to be valid by the authentication unit .
The beacon transmitting unit is a beacon communication unit capable of receiving a beacon signal transmitted from another printing device.
The printing device detects the number of other printing devices in the vicinity and the distance from other printing devices in the vicinity based on the beacon signal received by the beacon communication unit, and according to the detected number of printing devices and the distance. A printing system further comprising an adjusting unit for adjusting a radio wave intensity for transmitting a beacon signal including the authentication information. The printing system according to claim 3 , wherein the request transmitting unit transmits the printing request to the printing device via a server capable of communicating with the printing device via a network. A beacon transmitter that emits a beacon signal containing authentication information with a defined validity period,
A print request receiving unit that receives a print request including print data and the authentication information from an external wireless communication terminal, and a print request receiving unit.
An authentication unit that determines the validity of the print request based on the authentication information included in the received print request.
A printing unit that executes printing based on the printing data included in the printing request determined to be valid by the authentication unit is provided .
The beacon transmitting unit is a beacon communication unit capable of receiving a beacon signal transmitted from another printing device.
Based on the beacon signal received by the beacon communication unit, the number of other printing devices in the vicinity and the distance from other printing devices in the vicinity are detected, and the authentication information is generated according to the detected number and distance. A printing apparatus characterized in that it further includes an adjusting unit for adjusting the radio field strength for transmitting the included beacon signal.

Images