JP6993610B2 - Image processing equipment and computer programs - Google Patents

Description

The present specification relates to image processing using target image data generated by using an image sensor, and more particularly to image processing for imparting an electronic signature to an image file to be generated based on the target image data.

Conventionally, an electronic signature has been given to an image file. For example, the WEB server of Patent Document 1 processes image data received via a network to generate a PDF file, adds an electronic signature to the PDF file, and then transmits the PDF file to an external device via the network.

Japanese Unexamined Patent Publication No. 2006-101218 Japanese Patent Publication No. 2001-523844

However, for example, in the above technique, it cannot be said that the determination of whether or not to give an electronic signature is sufficiently devised. For this reason, for example, it becomes necessary to acquire an instruction from the user, which may impose a burden on the user in order to appropriately assign a digital signature.

This specification discloses a technique that can appropriately give an electronic signature without imposing a burden on the user when the electronic signature should be given.

The techniques disclosed herein have been made to solve at least a portion of the above problems and can be realized as the following application examples.

[Application Example 1] An image acquisition unit that acquires at least a part of the target image data generated by using an image sensor, which is the target image data of the target image including the image of the original, and at least the target image data. A determination unit for determining whether or not the target image includes a specific image showing at least one of the signature written on the manuscript and the imprint imprinted on the manuscript by analyzing a part of the target image. When it is determined that the specific image is included in the target image, it is determined to give a specific electronic signature to the image file to be generated based on the target image data, and the target image is described. An image processing apparatus including a signature determination unit that determines not to give the specific electronic signature to the image file when it is determined that the specific image is not included.

According to the above configuration, it is determined whether or not a specific image is included in the target image by analyzing at least a part of the target image data, and whether or not a specific electronic signature is given according to the determination. decide. As a result, when the electronic signature should be given, it can be determined to appropriately give the electronic signature without imposing a burden on the user.
[Application example 2]
The image processing apparatus according to Application Example 1.
An image processing device that determines not to give an electronic signature to the image file when the signature determination unit determines that the specific image is not included in the target image.
[Application example 3]
The image processing apparatus according to Application Example 1.
When the signature determination unit determines that the specific image is not included in the target image, the image processing determines that the image file is given an electronic signature different from the specific electronic signature. Device.
[Application example 4]
The image processing apparatus according to any one of Application Examples 1 to 3, and further.
A feature information acquisition unit that acquires feature information including a plurality of feature data indicating the features of the plurality of specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination unit that determines the corresponding feature data corresponding to the specific image in the target image,
Equipped with
The signature determination unit is an image processing device that determines to assign the specific electronic signature by using the corresponding certificate corresponding to the corresponding feature data among the plurality of certificates.
[Application example 5]
The image processing apparatus according to the application example 4, further.
A user identification unit that specifies an instruction user instructing generation of an image file based on the target image data, and a user identification unit.
An authority determination unit that determines whether or not the instructing user is the authority of the corresponding certificate by referring to the authority information indicating the authority of each of the plurality of certificates.
When the instructing user is different from the authorized person of the corresponding certificate, the permission acquisition unit for acquiring the permission to use the corresponding certificate from the authorized person, and the permission acquisition unit.
After obtaining the license, a file output unit that outputs the image file to which the specific electronic signature has been given by using the corresponding certificate, and a file output unit.
An image processing device.
[Application example 6]
The image processing apparatus according to the application example 4, further.
A user identification unit that specifies an instruction user instructing generation of an image file based on the target image data, and a user identification unit.
An authority determination unit that determines whether or not the instructing user is the authority of the corresponding certificate by referring to the authority information indicating the authority of each of the plurality of certificates.
Equipped with
The signature determination unit
When the instructing user is the authorized person of the corresponding certificate, it is determined that the specific electronic signature is given by using the corresponding certificate corresponding to the corresponding feature data.
An image processing device that determines that when the instructing user is different from the authorized person of the corresponding certificate, the specific electronic signature is given by using a predetermined certificate regardless of the corresponding feature data. ..
[Application 7]
The image processing apparatus according to the application example 4, further.
A user identification unit for specifying an instruction user instructing generation of an image file based on the target image data is provided.
When there are a plurality of the corresponding certificates, the signature determination unit refers to the authorized person information indicating the authorized person of each of the plurality of certificates, and among the plurality of corresponding certificates, the signature determination unit refers to the authorized person information. An image processing device that determines that the instructing user grants the specific electronic signature using the certificate of the authorized person.
[Application Example 8]
The image processing apparatus according to Application Example 7.
If the instructing user does not have a certificate in which the instructing user is the authorized person among the plurality of correspondence certificates, the signature determination unit will follow a predetermined priority from the plurality of correspondence certificates. An image processing device that determines to grant the particular digital signature using the certificate of choice.
[Application 9]
The image processing apparatus according to any one of Application Examples 5 to 8.
The authority of the correspondence certificate is an image processing apparatus including the owner of the correspondence certificate and a person different from the owner who has the authority to use the correspondence certificate.
[Application 10]
The image processing apparatus according to any one of Application Examples 4 to 9, further comprising:
Selection to select a usage certificate to be used from two or more available certificates when there is no corresponding feature data corresponding to the specific image in the target image among the plurality of feature data. Equipped with an instruction acquisition unit that acquires instructions from the user
The signature determination unit is selected based on the selection instruction when there is no corresponding feature data corresponding to the specific image in the target image among the plurality of feature data included in the feature information. An image processing device that determines to attach the specific electronic signature using the certificate of use.
[Application Example 11]
The image processing apparatus according to the application example 10, further.
When there is no corresponding feature data corresponding to the specific image in the target image among the plurality of feature data included in the feature information, partial image data indicating the specific image in the target image is analyzed. The feature data of the specific image in the target image, and information indicating that the feature data of the specific image in the target image and the usage certificate correspond to each other. An image processing device including an additional processing unit for adding to information.

The techniques disclosed in the present specification can be realized in various forms, for example, a multifunction device, a scanner, an image processing method, a function of these devices, or a computer program for realizing the above method. It can be realized in the form of a recording medium or the like on which the computer program is recorded.

It is a block diagram which shows the structure of the system 1000 of 1st Embodiment. It is a flowchart of the scan data generation processing of 1st Example. It is explanatory drawing of the manuscript OC and the signature PDF file. It is a block diagram which shows the structure of the system 1000b of 2nd Embodiment. It is explanatory drawing of various information stored in a non-volatile storage device 130b. It is a flowchart of the scan data generation processing of 2nd Example. It is a flowchart of a certificate selection process. It is a figure which shows an example of a selection screen WP. An example of the manuscript OCc of the third embodiment is shown. It is a flowchart of the certificate selection process of 3rd Example. It is a figure which shows an example of the manuscript OCv of a modification.

A. First Example A-1: Configuration of System 1000 Next, an embodiment will be described based on the examples. FIG. 1 is a block diagram showing a configuration of the system 1000 of the first embodiment.

The system 1000 includes a multifunction device 100 and a file server 300. The multifunction device 100 and the file server 300 are connected to the local area network NT. The multifunction device 100 and the file server 300 can communicate with each other via the local area network NT.

The multifunction device 100 includes a CPU 110 as a controller of the multifunction device 100, a volatile storage device 120 such as a DRAM, a non-volatile storage device 130 such as a hard disk and a flash memory, and a display unit 140 such as a liquid crystal display for displaying an image. It includes an operation unit 150 such as a button and a touch panel for acquiring an operation by the user, a print execution unit 160, a read execution unit 170, and an interface 190.

The print execution unit 160 executes the print process according to the control of the CPU 110. The printing process is a process of printing an image on paper (an example of a printing medium) by a predetermined method (for example, a laser method or an inkjet method). The read execution unit 170 executes the read process according to the control of the CPU 110. The scanning process is a process of generating scan data representing a scanned image by optically scanning a document such as a document using an image sensor including a photoelectric conversion element such as a CCD or CMOS.

The CPU 110 is an arithmetic unit (processor) that performs data processing. The volatile storage device 120 provides a buffer area BA that temporarily stores various intermediate data generated when the CPU 110 performs processing. The computer program PG is stored in the non-volatile storage device 130. Further, a part of the non-volatile storage device 130 is used as a key storage unit SKS and a certificate storage unit CTS. The private key SK is stored in the key storage unit SKS, and the certificate CT corresponding to the private key SK is stored in the certificate storage unit CTS.

For example, the user uses his / her own terminal device (not shown) to generate a private key SK and a public key PK corresponding to the private key SK. The user uses the terminal device to generate a certificate signing request (CSR) including the public key PK, and sends the request to a certificate authority (CA). As a result, the user obtains the encrypted data of the certificate CT signed by the certificate authority from the certificate authority. The certificate CT includes a public key PK as shown in FIG. The user decrypts the encrypted data using the private key SK and obtains the certificate CT. In this way, the pair of the private key SK and the certificate CT is acquired. Then, based on the user's operation, the private key SK and the certificate CT are stored and stored in the key storage unit SKS and the certificate storage unit CTS of the multifunction device 100.

The computer program PG may be provided, for example, stored in advance in the non-volatile storage device 130 at the time of manufacturing the multifunction device 100. Instead of this, the computer program PG may be provided in a form downloaded from a server (not shown) operated by the vendor of the multifunction device 100, or may be provided in a form recorded on a CD-ROM or the like. good.

The CPU 110 executes a control process for controlling the multifunction device 100 by executing the computer program PG. For example, the CPU 110 can control the print execution unit 160 and the read execution unit 170 to execute the print process and the read process as a part of the control process. Further, the CPU 110 can execute the scan data generation process described later as a part of the control process.

The interface 190 is an interface for performing data communication with an external device, for example, a file server 300. In this embodiment, the interface 190 is an interface for connecting to the local area network NT, specifically, a wired or wireless interface compliant with Ethernet (registered trademark) or Wi-Fi standard.

The file server 300 is a known computer including, for example, a CPU and a memory (not shown), and is, for example, a personal computer. The file server 300 is accessed from a device that can be connected to the local area network NT (for example, a multifunction device 100 or a terminal device of a user (not shown)). The file server 300 functions as a file server for storing the files used by these devices.

A-2: Scan data generation process FIG. 2 is a flowchart of the scan data generation process of the first embodiment. In the scan data generation process, for example, based on a user's instruction, a scanning execution unit 170 is used to acquire scan data generated by scanning a document, and an image file (for example, a PDF file) containing the scan data is acquired. It is a process to generate.

In S105, the CPU 110 acquires a scan data generation instruction from the user via the operation unit 150. For example, the user inputs a scan data generation instruction to the operation unit 150 with the document OC placed on the document table of the scanning execution unit 170. FIG. 3 is an explanatory diagram of the manuscript OC and the signed PDF file. FIG. 3A shows an example of the original OC. The manuscript OC is, for example, a document having a format defined by an organization (for example, a company) that uses the system 1000. The manuscript OC includes an object Ob1 such as characters and a stamping column SA. The stamp field SA may include an imprint SL stamped on the manuscript OC by the creator or approver of the manuscript OC. In the example of FIG. 3A, the stamping column SA includes the imprint SL.

In S110, the CPU 110 acquires the scan data SD. Specifically, the CPU 110 causes the reading execution unit 170 to generate the scan data SD by causing the reading execution unit 170 to read the document OC, and acquires the scan data SD from the reading execution unit 170. The scan data SD is stored in the buffer area BA of the volatile storage device 120. The scan image SI represented by the scan data SD includes an image showing the original OC. It can also be said that FIG. 3A is a diagram showing a scanned image SI.

In S115, the CPU 110 executes an analysis process for the scan data SD. Specifically, the CPU 110 identifies a partial image SAI indicating the stamped field SA in the scanned image SI. In this embodiment, the stamping column SA is arranged at a predetermined position in the original OC in a predetermined size. Therefore, in this embodiment, the CPU 110 specifies a partial image of a predetermined size at a predetermined position in the scan image SI as a partial image SAI indicating the stamp column SA. The CPU 110 analyzes the partial image data indicating the partial image SAI, and determines whether or not there is an imprint image SLI indicating the imprint SL in the partial image SAI. For example, the CPU 110 binarizes the partial image data indicating the partial image SAI using a predetermined threshold value TH1 to make a plurality of pixels in the partial image SAI different from the background pixel indicating the background and the background. It is classified into an object pixel indicating an object and an object pixel. The CPU 110 determines that the imprint image SLI is in the partial image SAI when the ratio of the object pixels is the threshold TH2 or more, and when the ratio of the object pixels is less than the threshold TH2, the CPU 110 is in the partial image SAI. It is determined that there is no imprint image SLI.

In S120, the CPU 110 determines whether or not the imprint image SLI is included in the scan image SI based on the analysis result of the scan data SD. As a result of the analysis in S115, if there is an imprint image SLI in the partial image SAI, it is determined that the imprint image SLI is included in the scanned image SI.

When the imprint image SLI is included in the scanned image SI (S120: YES), in S125, the CPU 110 generates an image file with an electronic signature using the certificate CT. In this embodiment, a signed image file (also referred to as a signed PDF file SPF) in PDF (Portable Document Format) format is generated.

FIG. 3B shows an example of a signed PDF file SPF. The signed PDF file SPF includes a scan data SD, a certificate CT, and a signature information SN. Specifically, the CPU 110 generates a PDF file PF (not shown) including the scan data SD. The CPU 110 hashes the PDF file PF using a hash function to acquire the hash value HV. Here, the algorithm of the hash function to be used is specified by the signature algorithm information included in the certificate CT. For example, "SHA (Secure Hash Algorithm) 1" and "SHA256" are used as the algorithm of the hash function. The CPU 110 encrypts the hash value HV using the user's private key SK according to the public key cryptosystem shown in the signature algorithm information included in the certificate CT. The encrypted hash value HV is the signature information SN. The CPU 110 generates a signed PDF file SPF (FIG. 3B) by storing the signature information SN and the certificate CT in the PDF file PF.

When the imprint image SLI is not included in the scanned image SI (S120: NO), in S130, the CPU 110 generates an image file without a digital signature. In this embodiment, an image file in PDF format is generated. Specifically, the PDF file PF including the above-mentioned scan data SD is generated as an image file to be finally output.

In S135, the CPU 110 transmits the generated image file to the file server 300. That is, when S125 is executed, the signed PDF file SPF is transmitted to the file server 300, and when S130 is executed, the PDF file PF is transmitted to the file server 300. The transmission of the image file is performed according to, for example, FTP. As a modification, the transmission of the image file may be executed according to another protocol such as SMTP or CIFS instead of FTP. The CPU of the file server 300 that has received the image file stores the image file in the designated folder. The image file stored in the file server 300 is used by the user.

According to the first embodiment described above, by analyzing the partial image data showing the partial image SAI of the scanned image SI, the scanned image SI includes the imprint image SLI showing the imprint SL stamped on the original OC. It is determined whether or not it is possible (S115, S120). Then, when it is determined that the imprint image SLI is included in the scanned image SI (S120: YES), the signed PDF file SPF is generated (S125). That is, in this case, it is determined to add an electronic signature to the image file to be generated based on the scan data SD. Then, when it is determined that the imprint image SLI is not included in the scanned image SI (S120: NO), a PDF file PF to which an electronic signature is not added is generated. That is, in this case, it is determined not to add the electronic signature to the image file to be generated based on the scan data SD. In this way, by analyzing a part of the scan data, it is determined whether or not the imprint image SLI is included in the scanned image SI, and whether or not to add the electronic signature is determined according to the determination. , When the electronic signature should be given, it can be decided to appropriately give the electronic signature without imposing a burden on the user. For example, since it is not necessary for the user to input an instruction as to whether or not to give an electronic signature to the image file to be generated, the problem that the electronic signature is not given to the image file to be given the electronic signature due to the omission of the user's instruction. Can be suppressed.

B. Second Example B-1. Configuration of System 1000b FIG. 4 is a block diagram showing a configuration of system 1000b of the second embodiment. The configuration of the non-volatile storage device 130b of the multifunction device 100b of the system 1000b is different from that of the first embodiment. In the non-volatile storage device 130b of the multifunction device 100b, the computer program PGb and the certificate management information CMIb are stored in the non-volatile storage device 130. Further, a part of the non-volatile storage device 130b is used as a key storage unit SKSb and a certificate storage unit CTSb. The system 1000b may include a certificate designation server 200 connected to the local area network NT. A configuration including the certificate designation server 200 will be described with reference to a modification.

FIG. 5 is an explanatory diagram of various information stored in the non-volatile storage device 130b. FIG. 5A shows a conceptual diagram of the key storage unit SKSb. As shown in FIG. 5A, a plurality of private keys SK1 to SK3 are stored in the key storage unit SKSb of the multifunction device 100.

FIG. 5B shows a conceptual diagram of the certificate storage unit CTSb. As shown in FIG. 5B, a plurality of certificates CT1 to CT3 are stored in the certificate storage unit CTSb. In this embodiment, a plurality of private keys SK1 to SK3 (FIG. 5 (A)) stored in the key storage unit SKSb and a plurality of certificates CT1 to CT3 (FIG. 5) stored in the certificate storage unit CTSb. (B)) has a one-to-one correspondence with.

Each of the private keys SK1 to SK3 and the certificates CT1 to CT3 is one file. It is assumed that the file names of the private keys SK1 to SK3 and the certificates CT1 to CT3 are the same as the code. For example, it is assumed that the file name of the private key SK1 is "SK1" and the file name of the certificate CT1 is "CT1".

For example, the pair of the private key SK1 and the certificate CT1 is acquired by the user A, and is stored and stored in the key storage unit SKSb and the certificate storage unit CTSb of the multifunction device 100. Similarly, the pair of the private key SK2 and the certificate CT2 and the pair of the private key SK3 and the certificate CT3 are acquired by the user B and the user C, respectively, and the key storage unit SKSb and the certificate of the multifunction device 100 are obtained. It is stored and saved in the storage unit CTSb. As described above, in this embodiment, the private keys SK1 to SK3 and the corresponding certificates CT1 to CT3 have a one-to-one correspondence with a plurality of users of the multifunction device 100b.

FIG. 5C shows a conceptual diagram of the certificate management information CMIb. As shown in FIG. 2C, the certificate management information CMIb includes a management table KMT, a feature data group CDG, and an authorized person table AUT.

The feature data group CDG includes a plurality of feature data CD1 to CD3. Each feature data corresponds to any of a plurality of certificates CT1 to CT3. Each feature data is image data of a binary image showing the imprint of the owner of the corresponding certificate. This binary image data is used in a scan data generation process, which will be described later, to determine whether or not the scan image includes an imprint image showing an imprint. Each of the feature data CD1 to CD3 is one file. It is assumed that the file names of the feature data CD1 to CD3 are the same as the reference numerals.

The management table KMT includes an entry EN corresponding to each certificate stored in the certificate storage unit CTSb. Each entry EN includes a user ID (for example, "USERA") which is an identifier of the user who is the owner of the certificate, a file name of the private key corresponding to the certificate (for example, "SK1"), and a certificate. It includes a file name (for example, "CT1") and a file name of feature data (for example, "CD1") described later. For example, when a set of a private key and a certificate (for example, a private key SK1 and a certificate CT1) is stored and saved in the key storage unit SKSb and the certificate storage unit CTSb, the entry EN corresponding to the certificate is used. Is recorded in the management table KMT by the administrator of the compound machine 100b.

As described above, in the certificate management information CMI, the plurality of certificates CT1 to CT3 correspond to the file names of the corresponding private keys SK1 to SK3 and the user ID (for example, "USERA") as the identification information. It is associated with the file names of the feature data CD1 to CD3.

The authorized person table AUTO is a table in which an authorized person different from the owner is recorded for each of the plurality of certificates CT1 to CT3. The authorized person of the certificate is a user who has the authority to execute the signature process using the certificate. The authorized person of the certificate includes the owner of the certificate recorded in the management table KMT and the authorized person recorded in the authorized person table AUT. In this way, the authorized person of the certificate can be specified by referring to the management table KMT and the authorized person table AUT. Therefore, the management table KMT and the authorized person table AUT constitute the authorized person information indicating the respective authorized persons of the plurality of certificates CT1 to CT3.

The certificate storage unit CTSb further stores the general-purpose certificate CTu (FIG. 5 (B)), and the key storage unit SKSb further stores the general-purpose certificate CTu and the corresponding private key SKu (FIG. 5 (FIG. 5)). A)) is stored. The general-purpose certificate CTu is, for example, a certificate shared by all users.

Other configurations of the system 1000b, for example, the configuration excluding the non-volatile storage device 130b of the multifunction device 100b, and the configuration of the file server 300 are the same as the configuration of the system 1000 of the first embodiment.

B-2: Scan data generation process In the second embodiment, the CPU 110 of the multifunction device 100b executes a scan data generation process different from the scan data generation process of FIG. 2 by executing the computer program PGb. FIG. 6 is a flowchart of the scan data generation process of the second embodiment. In the flowchart of FIG. 6, "B" is added to the end of the code of the step different from the scan data generation process of FIG. 2, and the same step as the scan data generation process of FIG. 2 has the same code as that of FIG. Is used.

In S100B, the CPU 110 executes a login process. In this embodiment, the scan data generation process is executed based on the instruction of the logged-in user, so that the user who wants to generate the image file including the scan data logs in to the multifunction device 100b. Specifically, the CPU 110 displays a login screen (not shown) on the operation unit 150 in response to a user's login request, and acquires authentication information (for example, a user ID and password) via the login screen. The CPU 110 determines whether or not to allow a specific user to log in based on the authentication information. When the login is allowed, the CPU 110 transitions to the login state of a specific user, and when the login is not allowed, the CPU 110 executes error processing. In the following, the description will be continued on the assumption that the login of the user having the user ID “USERA” in FIG. 5C is permitted.

The processing of S105 to S120 is the same as the processing of S105 to S120 of FIG. 2 of the first embodiment.

When the imprint image SLI is not included in the scanned image SI (S120: NO), in S130B, the CPU 110 uses a general-purpose certificate CTu to add an electronic signature to the image file (specifically, the image file). Generate a signed PDF file). When the signed PDF file is generated, processing proceeds to S135.

When the imprint image SLI is included in the scanned image SI (S120: YES), the CPU 110 executes the certificate selection process in S122B. The certificate selection process should be used from among a plurality of certificates CT1 to CT3 stored in the certificate storage unit CTSb by analyzing the partial image data indicating the partial image SAI including the imprint image SLI. This is the process of selecting one certificate. The certificate selection process will be described later.

In S125B, the CPU 110 generates an image file (specifically, a signed PDF file) to which an electronic signature is added using the certificate selected by the certificate selection process.

In S126B, the CPU 110 determines whether or not the logged-in user is the authorized person of the selected certificate by the certificate selection process. For example, the CPU 110 refers to the management table KMT to determine whether the logged-in user is the owner of the selected certificate. If the logged-in user is not the owner of the selected certificate, the CPU 110 refers to the authorized person table AUT to determine if the logged-in user is an authorized person different from the owner. do. If the logged-in user is the owner of the selected certificate, or if the user has a different authority than the owner, then the logged-in user is the authorized person of the selected certificate. Judged. If the logged-in user is not the owner of the selected certificate and is not an authorized person other than the owner, then the logged-in user is determined not to be the authorized person of the selected certificate. To. Thus, in this embodiment, the authorized person of the certificate includes the owner of the certificate and a person who is different from the owner and has the authority to use the certificate. As a result, it is possible to flexibly set an authorized person, not limited to the owner.

If the logged-in user is the authorized person of the selected certificate (S126B: YES), the CPU 110 proceeds to S135. If the logged-in user is not the authorized person of the selected certificate (S126B: NO), the CPU 110 proceeds to S127B.

In S127B, the CPU 110 sends a license request to the owner of the selected certificate. Specifically, the CPU 110 refers to the management table KMT to identify the user ID of the owner of the selected certificate. The CPU 110 sends a message requesting permission to use the certificate to the e-mail address of the user having the specified user ID, a URL of a WEB page for answering to input the permission to use or the permission to use the certificate, and the URL of the WEB page. Send an email containing. The e-mail address of the user who is the owner is recorded in a user information table (not shown) and stored in the non-volatile storage device 130. The WEB page for answering is a page provided by the multifunction device 100 to the user's terminal device as a WEB server. The CPU 110 can receive a user permission or disapproval notification via the WEB page.

In S128B, the CPU 110 determines whether or not the notification of permission to use the owner of the selected certificate has been received. When the notification of the license is received (S128B: YES), the CPU 110 proceeds to S135. If the usage permission notification is not received (S128B: NO), the CPU 110 suspends the process until the usage permission notification is received. While the process is interrupted, another scan data generation process or another print process can be executed.

In S135, the CPU 110 transmits the generated image file, and in this embodiment, the signed PDF file SPF to the file server 300. As a result, the signed PDF file SPF is stored in the file server 300.

According to the scan data generation process of the second embodiment described above, when it is determined that the imprint image SLI is included in the scan image SI (S120: YES), the certificate selected from the user certificates CT1 to CT3. A signed PDF file SPF with an electronic signature is generated using the document (S125B). When it is determined that the imprint image SLI is not included in the scanned image SI (S120: NO), a signed PDF file SPF with an electronic signature is generated using a general-purpose certificate CTu (S130B). .. That is, in this case, it is determined that the image file is given an electronic signature different from the electronic signature when it is determined that the imprint image SLI is included in the scanned image SI. As a result, it is possible to appropriately determine whether to assign a specific electronic signature or an electronic signature different from the specific electronic signature without imposing a burden on the user.

Further, in the scan data generation process of this embodiment, after the login process is executed in S100B, the scan data generation instruction is acquired in S105, so that the CPU 110 uses an image file (signed PDF file) based on the scan data SD. The instruction user instructing the generation of SPF) can be identified as a logged-in user. The CPU 110 refers to the authorized person information (management table KMT and authorized person table AUT) to determine whether or not the instructing user (logged-in user) is the authorized person of the selected certificate (S126B). .. Then, when the instructing user is different from the authorized person of the selected certificate (S126B: NO), the CPU 110 obtains permission to use the selected certificate from the owner who is one of the authorized persons (S127B). , S128B). Then, after obtaining the license, the signed PDF file SPF to which the digital signature has been added by using the selected certificate is output to the file server 300 (S135). As a result, it is possible to prevent the signed PDF file SPF with the digital signature using the user's certificate from being inadvertently output. For example, a signed PDF file SPF with a digital signature using a user's certificate is guaranteed to have been created by the user who is the owner of the certificate. For this reason, it is not preferable that the certificate is generated and output by an unauthorized person without the permission of the user who owns the certificate. In the scan data generation process of this embodiment, such inconvenience can be suppressed.

B-3. Certificate selection process The certificate selection process of S122B in FIG. 6 will be described. As described above, the certificate selection process is performed in the plurality of certificates CT1 to CT3 stored in the certificate storage unit CTSb by analyzing the partial image data indicating the partial image SAI including the imprint image SLI. It is a process to select one certificate to be used from.

FIG. 7 is a flowchart of the certificate selection process. In S205, the CPU 110 uses the partial image data showing the partial image SAI including the imprint image SLI to generate the feature data CDx showing the features of the imprint image SLI. Specifically, the CPU 110 binarizes the partial image data indicating the partial image SAI using a predetermined threshold value TH1 to convert a plurality of pixels in the partial image SAI into a background pixel indicating the background and a background. It is classified into object pixels that indicate objects different from the above. Binary data showing this classification result is generated as feature data CDx. The image shown by the feature data CDx is a binary image showing the shape of the imprint SL.

In S210, the CPU 110 corresponds to the registered feature data, that is, the feature data CDx generated in S205 in the feature data CD1 to CD3 included in the feature data group CDG of the certificate management information CMIb. Determine if there is data. Specifically, the CPU 110 acquires the feature data CD1 to CD3 from the non-volatile storage device 130, and obtains an image of the imprint shown by each of the feature data CD1 to CD3 and an image of the imprint shown by the feature data CDx. Compare by pattern matching. As a result, when the feature data showing the image of the same imprint as the image of the imprint shown by the feature data CDx is in the registered feature data CD1 to CD3, the feature data showing the image of the same imprint is the feature data. Feature data It is determined that the corresponding feature data corresponds to the CDx. Since the corresponding feature data corresponds to the feature data CDx indicating the features of the imprint image SLI, it can be said that the corresponding feature data is the feature data corresponding to the imprint image SLI in the scanned image SI.

If there is corresponding feature data in the registered feature data (S210: YES), in S215, the CPU 110 selects the certificate corresponding to the corresponding feature data as the certificate to be used. Specifically, the CPU 110 acquires the management table KMT from the non-volatile storage device 130, and refers to the correspondence between the feature data CD1 to CD3 described in the management table KMT and the certificates CT1 to CT3, and corresponds to the corresponding feature. Identify the certificate that corresponds to the data. The identified certificate is selected as the certificate to be used.

If there is no corresponding feature data in the registered feature data (S210: NO), in S220, the CPU 110 displays the selection screen WP on the display unit 140, and proves that the selection screen WP should be used via the selection screen WP. Get the book selection instructions. FIG. 8 is a diagram showing an example of the selection screen WP. The selection screen WP includes a message MS prompting the selection of a certificate, and buttons B1 to B3 for selecting one certificate from a plurality of selectable certificates.

In S225, the CPU 110 selects a certificate to be used based on the selection instruction acquired via the selection screen WP. As described above, in the second embodiment, when there is no corresponding feature data in the feature data CD1 to CD3, the image file is digitally signed using the certificate selected based on the selection instruction from the user. It is decided to grant. As a result, even when there is no corresponding feature data in the plurality of registered feature data CD1 to CD3, it can be determined to add an appropriate electronic signature.

In S230, the CPU 110 registers the feature data CDx of the imprint image SLI generated in S205 in association with the selected certificate. Specifically, the CPU 110 stores the feature data CDx in the non-volatile storage device 130 as one of the feature data included in the feature data group CDG. The CPU 110 records the file name of the feature data CDx in the entry EN of the selected certificate in the management table KMT (FIG. 5 (C)). As described above, in the second embodiment, when there is no corresponding feature data in the feature data CD1 to CD3, selection is made based on the feature data CDx of the imprint image SLI, the feature data CDx, and a selection instruction from the user. Information indicating that the certificate is associated with the certificate is added to the feature data group CDG and the management table KMT. As a result, it may then be determined to add a more appropriate digital signature to the signed PDF file to be generated using different scan data. For example, when another scan data of the next time includes an imprint image SLI showing the same imprint as this time, it is determined that the feature data CDx added this time is the corresponding feature data in the next certificate selection process. Will be done. As a result, in the next certificate selection process, it is determined that there is corresponding feature data in the registered feature data (S210: YES), and the certificate selected based on the user's selection instruction this time will be the next time. , Appropriately selected without getting the user's selection instructions. Since the owner of one certificate may use a plurality of types of imprints, it is permissible that a plurality of feature data are associated with one certificate.

According to the second embodiment described above, when it is determined that the imprint image SLI is included in the scanned image SI (S120: YES in FIG. 6), the certificate selection process (S122B in FIG. 6, FIG. 7). In the CPU 110, by analyzing the partial image data indicating the imprint image SLI, the corresponding feature data corresponding to the imprint image SLI in the scan image SI is determined from the plurality of feature data CD1 to CD3, and the corresponding feature data is determined. The certificate corresponding to the corresponding feature data is selected as the certificate to be used (S205, S210, S215 in FIG. 7). As a result, it can be determined that a plurality of certificates CT1 to CT3 are used properly to give an appropriate electronic signature according to the characteristics of the imprint image SLI. For example, when the scanned image SI includes an imprint image SLI showing an imprint stamped by a user who is the owner of the certificates CT1 to CT3, an electronic signature is digitally signed using the certificate owned by the user who imprinted the imprint. It can be given automatically. As a result, the burden on the user can be further reduced.

C. Third Example The configuration of the system of the third embodiment is the same as that of the system of the second embodiment. However, in the third embodiment, the certificate management information CMIb does not include the authorized person table AUT. That is, in this embodiment, the authorized person of each certificate is only the owner of each certificate.

In the scan data generation process of the third embodiment, the content of the certificate selection process of S122B in FIG. 6 is different from that of the second embodiment. Of the scan data generation processes of the third embodiment, the processes excluding the certificate selection process are the same as those of the second embodiment.

FIG. 9 shows an example of the manuscript OCc of the third embodiment. It can also be said that FIG. 9 shows the scanned image SIc of the third embodiment. The manuscript OCc includes an object Ob1 and a stamping column SAc. The stamping column SAc has a larger size in the horizontal direction than the stamping column SA of FIG. 3A, and may include a plurality of imprints. In the example of FIG. 9, the stamping column SAc includes three imprints SLa, SLb, and SLc. Therefore, in this embodiment, in the scan image SIc shown by the scan data acquired in S110 of FIG. 6, the partial image SAIc showing the stamp column SAc has a size in the lateral direction with respect to the partial image SAI of FIG. Is big. Then, the scanned image SIc may include a plurality of imprint images. In the following, as shown in FIG. 9, the partial image SAIC will be described as including three imprint images SLIa, SLIb, and SLIc.

FIG. 10 is a flowchart of the certificate selection process of the third embodiment. In S300, the CPU 110 generates one or more feature data of one or more imprint images. Specifically, the CPU 110 generates three binary data indicating the imprint images SLIa, SLIb, and SLIc as feature data CDxa to CDxc.

In S305, the CPU 110 determines whether or not there is one or more corresponding feature data corresponding to the feature data CDxa to CDxc in the registered feature data CD1 to CD3 (FIG. 5C). Similar to the second embodiment, when the feature data showing the image of the same imprint as the image of the imprint shown by the feature data CDxa is in the registered feature data CD1 to CD3, the image of the same imprint is displayed. The feature data shown is determined to be the corresponding feature data corresponding to the feature data CDxa.

If there is no corresponding feature data corresponding to any of the feature data CDxa to CDxc (S305: NO), in S320, the CPU 110 selects a general-purpose certificate CTu. Therefore, in this case, in S125B of FIG. 6, an image file with an electronic signature is generated using a general-purpose certificate CTu. Since the authorized person of the general-purpose certificate CTu is all users, the image file to which the electronic signature is given by using the general-purpose certificate CTu is immediately transmitted to the file server 300 (FIG. 6). YES in S126B, S135).

If there is one or more corresponding feature data corresponding to the feature data CDxa to CDxc (S305: YES), in S310, the CPU 110 is included in the registered feature data CD1 to CD3 (FIG. 5 (C)). , Feature data It is determined whether or not there is a plurality of corresponding feature data corresponding to CDxa to CDxc. For example, when the corresponding feature data corresponding to the feature data CDxa of the imprint image SLIa is the feature data CD1 and there is no corresponding feature data corresponding to the remaining feature data CDxb and CDxx, a plurality of corresponding feature data CDxa to CDxx are supported. It is judged that there is no corresponding feature data. When the corresponding feature data corresponding to the feature data CDxa of the imprint image SLIa is the feature data CD1 and there is no corresponding feature data corresponding to the remaining feature data CDxb and CDxc, a plurality of feature data CDxa to CDxx correspond to each other. It is judged that there is no corresponding feature data. Further, when the corresponding feature data corresponding to the feature data CDxa of the imprint image SLIa and the feature data CDxb of the imprint image SLIb are the feature data CD1 and CD2, respectively, and there is no feature data corresponding to the remaining feature data CDxc. , Feature data It is determined that there are a plurality of corresponding feature data corresponding to CDxa to CDxc.

Feature data When there is no corresponding plurality of corresponding feature data corresponding to CDxa to CDxc (S310: NO), that is, when there is only one corresponding feature data, in S335, the CPU 110 is the one. Correspondence feature Select the certificate corresponding to the data. Therefore, in this case, in S125B of FIG. 6, an image file with an electronic signature is generated using the certificate corresponding to one corresponding feature data.

When there are a plurality of corresponding feature data corresponding to the feature data CDxa to CDxc (S310: YES), in S315, the CPU 110 is included in the plurality of certificates corresponding to the plurality of supported feature data. Determine if there is a certificate that the logged-in user is the owner (authorized person). A plurality of certificates corresponding to a plurality of corresponding feature data are specified by using the management table KMT. If there is a certificate associated with the user ID of the logged-in user in the management table KMT among the corresponding plurality of certificates, the CPU 110 will be included in the corresponding plurality of certificates. Determine that the logged-in user has a certificate of ownership.

If there is a certificate in which the logged-in user is the owner among the corresponding plurality of certificates (S315: YES), in S325, the CPU 110 is the owner of the logged-in user. Select a certificate. Therefore, in this case, in S125B of FIG. 6, an image file with an electronic signature is generated using a certificate in which the logged-in user is the owner.

If there is no certificate owned by the logged-in user among the corresponding plurality of certificates (S315: NO), in S330, the CPU 110 should use the certificate according to a predetermined priority. Select. That is, one certificate having the highest predetermined priority is selected from the corresponding plurality of certificates. Therefore, in this case, in S125B of FIG. 6, an image file with an electronic signature is generated using the one certificate.

According to the third embodiment described above, when there are a plurality of certificates corresponding to a plurality of corresponding feature data, the instructing user (of the plurality of certificates) is referred to with reference to the management table KMT. In this embodiment, it is determined that the logged-in user) gives an electronic signature using the certificate of the authorized person (owner in this embodiment) (YES in S310, YES in S315, S325). .. As a result, when there are a plurality of corresponding certificates, it can be decided to grant an appropriate digital certificate. For example, if the instructing user uses a certificate that is not an authorized person, the certificate may be used without the permission of the authorized person, but if the instructing user uses a certificate that is an authorized person, such an inconvenience. Does not occur.

Further, if there is no certificate in which the instructing user is the authorized person among the corresponding plurality of certificates (S315: NO), the certificates are certified according to a predetermined priority from the corresponding plurality of certificates. Select a book (S330). As a result, even if there is no certificate in which the instructing user is the authorized person among the corresponding plurality of certificates, it can be determined to grant an appropriate digital certificate.

D. Modification example (1) As shown by the broken line in FIG. 10, when there is no certificate in which the logged-in user is the owner among the corresponding plurality of certificates (S315: NO), In S320, the CPU 110 may select a general-purpose certificate. That is, if the instructing user (the logged-in user in this modification) is different from the authorized person of the corresponding certificate, the predetermined certificate (in spite of the corresponding feature data specified in S300 to S310) In this modification, it may be decided to attach the specific electronic signature using a general-purpose certificate). In this case, the instructing user can select the appropriate certificate even if he / she is not the authorized person of the corresponding certificate. Therefore, for example, it is possible to prevent the certificate from being used without the permission of the authorized person.

(2) In each of the above embodiments, the scanned images SI and SIc include imprint images SLI and SLIa to SLIc indicating imprints SL and SLa to SLc stamped on the original OC and OCc (FIGS. 3 and 9). .. Alternatively, or in conjunction with this, the scanned image may include the signature inscribed on the manuscript. FIG. 11 is a diagram showing an example of the original OCv of the modified example. It can also be said that FIG. 11 shows the scanned image SIv of the modified example. The manuscript OCv includes an object Ob1 and a signature SG written on the manuscript OCv. Therefore, in this modification, for example, the scan image SIv shown by the scan data acquired in S110 of FIG. 2 includes a signature image SGI indicating a signature SG.

In this case, for example, the binary data of the signature image for each user is stored in the non-volatile storage device 130 as feature data. Then, for example, in S115 and S120 of FIGS. 2 and 6, the signature image is included in the scan image SIv by analyzing the entire scan data, specifically, by pattern matching using the feature data. Whether or not it is judged. Further, in S205 of FIG. 7, the binary data of the signature image SGI in the scanned image SIv is generated as feature data, and in S210, it is generated in S205 in the feature data of the signature image of the registered user. It is determined whether or not there is corresponding feature data corresponding to the feature data of the signature image SGI. The same applies to S300 and S305 of FIG. As can be seen from the above description, the imprint images SLI, SLIa to SLIc of each of the above embodiments, and the signature image SGI of this modification are examples of specific images.

(3) In the second embodiment, the instruction user instructing the generation of the image file based on the scan data SD is specified by performing the login process (S100B in FIG. 6) using the user ID input by the user. To. Instead of the login process, for example, the multifunction device 100 may display a selection screen (not shown) including a list of user IDs on the display unit 140, and acquire a user ID designation instruction via the selection screen. .. In this case, the user having the user ID specified by the designated instruction is specified as the instructed user.

(4) As shown by the broken line in FIG. 4, the system 1000b may include the certificate designation server 200. In this case, some of the scan data generation processes of each embodiment may be executed by the certificate designation server 200. For example, when the CPU 110 of the multifunction device 100 acquires the scan data in S110 of FIG. 6, it certifies the partial image data of the partial image SAI indicating the stamp column SA at the predetermined position in the scan image SI. It is transmitted to the document designation server 200. The CPU of the certificate designation server 200 executes the processes of S115, S120, and S122B of FIG. 6 using the partial image data to determine the certificate to be used. The certificate designation server 200 notifies the multifunction device 100 of the certificate to be used. Then, according to the notification, the CPU 110 of the multifunction device 100 executes the processes of S130B and S135 of FIG. 6 or S125B to S128B and S135 of FIG. In this case, the certificate designation server 200 is an example of an image processing device.

(5) The scan data generation process of FIG. 6 can be appropriately changed. For example, S126B to S128B may be omitted, and the image file generated in S125B may be immediately transmitted to the file server 300 in S135.

Further, the generation of the image file of S125B in FIG. 6 may be executed after the notification of the permission of use from the user is received in S128B (S128B: YES).

Further, when the imprint image SLI is not included in the scanned image SI (S120: NO), an image file without an electronic signature may be generated in S130B.

(6) Similarly, the certificate selection process of FIGS. 7 and 10 can be appropriately changed. For example, in the CPU 110 of FIG. 7, if there is no corresponding feature data in the registered feature data CD1 to CD3 (S210: NO), a general-purpose certificate may be selected instead of S220 to S230. good. Alternatively, in this case, before S220, the CPU 110 obtains an instruction as to whether or not to give a digital signature from the user before acquiring the certificate selection instruction, and obtains an instruction to give the electronic signature. Only in this case, the processes of S220 to S230 may be executed. Then, when the instruction not to give the electronic signature is acquired, the CPU 110 may generate the image file without giving the electronic signature.

Further, in S330 of FIG. 10, the CPU 110 selects a certificate to be used according to a predetermined priority. Instead of this, the CPU 110 may display, for example, a certificate selection screen as shown in FIG. 8 on the display unit 140, and select a certificate to be used according to a selection instruction from the user.

Further, instead of S330, the CPU 110 may determine whether or not there is a certificate in which the logged-in user has a different authority from the owner among the corresponding plurality of certificates. good. If there is a certificate in which the logged-in user has a different authority than the owner, the certificate is selected and the logged-in user has a different authority than the owner. If there is no written document, the certificate to be used may be selected according to a predetermined priority.

(7) In each of the above embodiments, the image processing apparatus that performs the scan data generation processing is the multifunction devices 100 and 100b, but it may be a single scanner. Further, the image processing device may be a terminal device such as a personal computer or a smartphone. In this case, for example, the terminal device may acquire scan data stored in advance in its own non-volatile storage device and perform scan data generation processing using the scan data. Further, the image processing device may be a file server 300. In this case, the file server 300 may, for example, acquire scan data stored in a predetermined folder and perform scan data generation processing using the scan data. In this case, the file server may be a so-called cloud server including a plurality of devices (for example, computers) capable of communicating with each other via a network.

(8) In each of the above embodiments, a part of the configuration realized by the hardware may be replaced with software, and conversely, a part or all of the configuration realized by the software may be replaced with hardware. You may do so.

(9) When a part or all of the functions of the present invention are realized by a computer program, the program is provided in a form stored in a computer-readable recording medium (for example, a non-temporary recording medium). can do. The program may be used while being stored in the same or different recording medium (computer-readable recording medium) as it was provided. The "computer-readable recording medium" is not limited to a portable recording medium such as a memory card or a CD-ROM, but is connected to an internal storage device in the computer such as various ROMs or a computer such as a hard disk drive. It may also include an external storage device.

Although the present invention has been described above based on Examples and Modifications, the above-described embodiments of the invention are for facilitating the understanding of the present invention and do not limit the present invention. The present invention may be modified or improved without departing from the spirit and claims, and the present invention includes an equivalent thereof.

100, 100b ... Complex machine, 110 ... CPU, 120 ... Volatile storage device, 130, 130b ... Non-volatile storage device, 140 ... Display unit, 150 ... Operation unit, 160 ... Print execution unit, 170 ... Reading execution unit, 190 ... Interface, 200 ... Certificate designation server, 300 ... File server, 1000, 1000b ... System, CMIb ... Certificate management information, SKS, SKSb ... Key storage unit, CTS, CTSb ... Certificate storage unit, SAIc ... Partial image, SLI, SLIa-SLIc ... Imprint image, CDx, CDxa-CDxc ... Feature data, SA, SAc ... Stamp field, OC, OCc, OCv ... Manuscript, SD ... Scan data, SG ... Signature, PG ... Computer program, SI, SIc , SIv ... scan image, CT, CT1-CT3 ... certificate, NT ... local area network, CD1-CD3 ... feature data, KMT ... management table, AUT ... authorized person table, PGb ... computer program, SL, SLa ... imprint

Claims (13)

Target image data of the target image including the image of the manuscript,
An image acquisition unit that acquires at least a part of the target image data generated by using an image sensor, and an image acquisition unit.
By analyzing at least a part of the target image data, it is determined whether or not the target image contains a specific image showing at least one of the signature written on the manuscript and the imprint stamped on the manuscript. Judgment department to judge,
A feature information acquisition unit that acquires feature information including a plurality of feature data indicating the features of the plurality of specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination unit that determines the corresponding feature data corresponding to the specific image in the target image,
Correspondence corresponding to the corresponding feature data among the plurality of certificates for the image file to be generated based on the target image data when it is determined that the specific image is included in the target image. When it is decided to give a specific electronic signature using a certificate and it is determined that the specific image is not included in the target image, the specific electronic signature is not given to the image file. The signature decision department and
A user identification unit that identifies an instruction user instructing the generation of the image file, and a user identification unit.
An authority determination unit that determines whether or not the instructing user is the authority of the corresponding certificate by referring to the authority information indicating the authority of each of the plurality of certificates.
When the instructing user is different from the authorized person of the corresponding certificate, the permission acquisition unit for acquiring the permission to use the corresponding certificate from the authorized person, and the permission acquisition unit.
After obtaining the license, a file output unit that outputs the image file to which the specific electronic signature has been given by using the corresponding certificate, and a file output unit.
An image processing device. Target image data of the target image including the image of the manuscript,
An image acquisition unit that acquires at least a part of the target image data generated by using an image sensor, and an image acquisition unit.
By analyzing at least a part of the target image data, it is determined whether or not the target image contains a specific image showing at least one of the signature written on the manuscript and the imprint stamped on the manuscript. Judgment department to judge,
A feature information acquisition unit that acquires feature information including a plurality of feature data indicating the features of the plurality of specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination unit that determines the corresponding feature data corresponding to the specific image in the target image,
When it is determined that the specific image is included in the target image, it is determined to give a specific electronic signature to the image file to be generated based on the target image data, and the target image is described. A signature determination unit that determines not to give the specific electronic signature to the image file when it is determined that the specific image is not included.
A user identification unit that identifies an instruction user instructing the generation of the image file, and a user identification unit.
With reference to the authorized person information indicating the authorized person of each of the plurality of certificates, the instructing user is the authorized person of the corresponding certificate corresponding to the corresponding feature data among the plurality of certificates. The authority judgment department that judges whether or not there is,
Equipped with
The signature determination unit
When the instructing user is the authorized person of the corresponding certificate, it is determined that the specific electronic signature is given by using the corresponding certificate corresponding to the corresponding feature data.
An image that determines that the instructing user, when different from the authorized person of the corresponding certificate, grants the particular electronic signature using a predetermined certificate, regardless of the corresponding feature data. Processing device. Target image data of the target image including the image of the manuscript,
An image acquisition unit that acquires at least a part of the target image data generated by using an image sensor, and an image acquisition unit.
By analyzing at least a part of the target image data, it is determined whether or not the target image contains a specific image showing at least one of the signature written on the manuscript and the imprint stamped on the manuscript. Judgment department to judge,
A feature information acquisition unit that acquires feature information including a plurality of feature data indicating the features of the plurality of specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination unit that determines the corresponding feature data corresponding to the specific image in the target image,
Correspondence corresponding to the corresponding feature data among the plurality of certificates for the image file to be generated based on the target image data when it is determined that the specific image is included in the target image. When it is decided to give a specific electronic signature using a certificate and it is determined that the specific image is not included in the target image, the specific electronic signature is not given to the image file. The signature decision department and
A user identification unit that specifies an instruction user instructing generation of an image file based on the target image data, and a user identification unit.
Equipped with
When there are a plurality of the corresponding certificates, the signature determination unit refers to the authorized person information indicating the authorized person of each of the plurality of certificates, and among the plurality of the corresponding certificates, the signature determination unit refers to the authorized person information. An image processing device that determines that the instructing user grants the specific electronic signature using the certificate of the authorized person . The image processing apparatus according to claim 3 .
If the instructing user does not have a certificate in which the instructing user is the authorized person among the plurality of correspondence certificates, the signature determination unit will follow a predetermined priority from the plurality of correspondence certificates. An image processing device that determines to grant the particular digital signature using the certificate of choice . The image processing apparatus according to any one of claims 1 to 4 .
The authority of the correspondence certificate is an image processing apparatus including the owner of the correspondence certificate and a person different from the owner who has the authority to use the correspondence certificate. Target image data of the target image including the image of the manuscript,
An image acquisition unit that acquires at least a part of the target image data generated by using an image sensor, and an image acquisition unit.
By analyzing at least a part of the target image data, it is determined whether or not the target image contains a specific image showing at least one of the signature written on the manuscript and the imprint stamped on the manuscript. Judgment department to judge,
A feature information acquisition unit that acquires feature information including a plurality of feature data indicating the features of the plurality of specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination unit that determines the corresponding feature data corresponding to the specific image in the target image,
An instruction acquisition unit that acquires a selection instruction from the user to select a usage certificate to be used from two or more available certificates when the corresponding feature data is not included in the plurality of feature data. ,
When it is determined that the specific image is included in the target image, it is determined to give a specific electronic signature to the image file to be generated based on the target image data, and the target image is described. A signature determination unit that determines not to give the specific electronic signature to the image file when it is determined that the specific image is not included.
Equipped with
The signature determination unit
When the corresponding feature data is included in the plurality of feature data included in the feature information, the specific is specified by using the corresponding certificate corresponding to the corresponding feature data among the plurality of certificates. Decided to give an electronic signature,
When the corresponding feature data is not included in the plurality of feature data included in the feature information, the specific electronic signature is given by using the usage certificate selected based on the selection instruction. An image processing device that determines . The image processing apparatus according to claim 6 , further
The target generated by analyzing the partial image data indicating the specific image in the target image when the corresponding feature data is not included in the plurality of feature data included in the feature information. An additional processing unit that adds the feature data of the specific image in the image and the information indicating that the feature data of the specific image in the target image corresponds to the usage certificate to the feature information. An image processing device to be equipped. The image processing apparatus according to any one of claims 1 to 7 .
An image processing device that determines not to give an electronic signature to the image file when the signature determination unit determines that the specific image is not included in the target image. The image processing apparatus according to any one of claims 1 to 7 .
When the signature determination unit determines that the specific image is not included in the target image, the image processing determines that the image file is given an electronic signature different from the specific electronic signature. Device. It ’s a computer program,
An image acquisition function that acquires at least a part of the target image data generated using an image sensor,
By analyzing at least a part of the target image data, a specific image showing at least one of the signature written on the manuscript and the imprint imprinted on the manuscript can be found in the target image indicated by the target image data. Judgment function to judge whether it is included and
A feature information acquisition function for acquiring feature information including a plurality of feature data indicating the features of a plurality of the specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination function that determines the corresponding feature data corresponding to the specific image in the target image,
Correspondence corresponding to the corresponding feature data among the plurality of certificates for the image file to be generated based on the target image data when it is determined that the specific image is included in the target image. When it is decided to give a specific electronic signature using a certificate and it is determined that the specific image is not included in the target image, the specific electronic signature is not given to the image file. The signature decision function and
A user identification function that identifies an instruction user instructing the generation of the image file, and
An authority determination function for determining whether or not the instructing user is the authority of the corresponding certificate by referring to the authority information indicating the authority of each of the plurality of certificates.
When the instructing user is different from the authorized person of the corresponding certificate, the permission acquisition function for acquiring the permission to use the corresponding certificate from the authorized person, and
A file output function that outputs the image file to which the specific electronic signature has been given by using the corresponding certificate after obtaining the license.
A computer program that makes a computer realize. It ’s a computer program,
An image acquisition function that acquires at least a part of the target image data generated using an image sensor,
By analyzing at least a part of the target image data, a specific image showing at least one of the signature written on the manuscript and the imprint imprinted on the manuscript can be found in the target image indicated by the target image data. Judgment function to judge whether it is included and
A feature information acquisition function for acquiring feature information including a plurality of feature data indicating the features of a plurality of the specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination function that determines the corresponding feature data corresponding to the specific image in the target image,
When it is determined that the specific image is included in the target image, it is determined to give a specific electronic signature to the image file to be generated based on the target image data, and the target image is described. A signature determination function that determines not to give the specific electronic signature to the image file when it is determined that the specific image is not included.
A user identification function that identifies an instruction user instructing the generation of the image file, and
With reference to the authorized person information indicating the authorized person of each of the plurality of certificates, the instructing user is the authorized person of the corresponding certificate corresponding to the corresponding feature data among the plurality of certificates. The authority judgment department that judges whether or not there is,
To the computer ,
The signature determination function is
When the instructing user is the authorized person of the corresponding certificate, it is determined that the specific electronic signature is given by using the corresponding certificate corresponding to the corresponding feature data.
A computer that determines that the instructing user, when different from the authorized person of the corresponding certificate, grants the particular electronic signature using a predetermined certificate, regardless of the corresponding feature data. program. It ’s a computer program,
An image acquisition function that acquires at least a part of the target image data generated using an image sensor,
By analyzing at least a part of the target image data, a specific image showing at least one of the signature written on the manuscript and the imprint imprinted on the manuscript can be found in the target image indicated by the target image data. Judgment function to judge whether it is included and
A feature information acquisition function for acquiring feature information including a plurality of feature data indicating the features of a plurality of the specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination function that determines the corresponding feature data corresponding to the specific image in the target image,
Correspondence corresponding to the corresponding feature data among the plurality of certificates for the image file to be generated based on the target image data when it is determined that the specific image is included in the target image. When it is decided to give a specific electronic signature using a certificate and it is determined that the specific image is not included in the target image, the specific electronic signature is not given to the image file. The signature decision function and
A user identification function for specifying an instruction user instructing generation of an image file based on the target image data, and a user identification function.
To the computer ,
When there are a plurality of the corresponding certificates, the signature determination function refers to the authorized person information indicating the authorized person of each of the plurality of certificates, and is out of the plurality of the corresponding certificates. A computer program that determines that the instructing user grants the particular electronic signature using the certificate of authority . It ’s a computer program,
An image acquisition function that acquires at least a part of the target image data generated using an image sensor,
By analyzing at least a part of the target image data, a specific image showing at least one of the signature written on the manuscript and the imprint imprinted on the manuscript can be found in the target image indicated by the target image data. Judgment function to judge whether it is included and
A feature information acquisition function for acquiring feature information including a plurality of feature data indicating the features of a plurality of the specific images and information indicating a correspondence relationship between the plurality of feature data and the plurality of certificates. ,
When it is determined that the specific image is included in the target image, by analyzing the partial image data indicating the specific image in the target image, among the plurality of feature data included in the feature information. From the feature determination function that determines the corresponding feature data corresponding to the specific image in the target image,
Selection to select a usage certificate to be used from two or more available certificates when there is no corresponding feature data corresponding to the specific image in the target image among the plurality of feature data. An instruction acquisition function that acquires instructions from the user, and
When it is determined that the specific image is included in the target image, it is determined to give a specific electronic signature to the image file to be generated based on the target image data, and the target image is described. A signature determination function that determines not to give the specific electronic signature to the image file when it is determined that the specific image is not included.
To the computer ,
The signature determination function is
When the corresponding feature data is included in the plurality of feature data included in the feature information, the specific is specified by using the corresponding certificate corresponding to the corresponding feature data among the plurality of certificates. Decided to give an electronic signature,
When the corresponding feature data is not included in the plurality of feature data included in the feature information, the specific electronic signature is given by using the usage certificate selected based on the selection instruction. A computer program that determines .

Images