JP7031140B2 - Information processing equipment, information processing systems, information processing methods and programs - Google Patents

Description

The present invention relates to an information processing apparatus, an information processing system, an information processing method and a program.

In recent years, as an authentication method for authenticating a user, authentication technologies such as wireless authentication using an IC card that does not require an operation such as password input and face authentication that authenticates based on the user's face image have become widespread. .. In wireless authentication technology, for example, short-range wireless authentication such as RFID (Radio Frequency Identification) is used, and an object to which a short-range wireless tag (RFID tag) is attached or a user who wears the tag from the neck is transmitted by radio waves. A detection technique has been proposed. Regarding such an authentication technique, a technique for granting a plurality of types of authority to a single authentication ID is disclosed (see Patent Document 1).

However, among the authentication techniques, image authentication based on the user's face image takes time in the authentication process, and in Patent Document 1, when image authentication is adopted as the authentication method, all the functions are used until the image authentication is completed. There was a problem that it was not possible and the waiting time of the user was long and the convenience was lacking.

The present invention has been made in view of the above, and is an information processing device, an information processing system, and an information processing method capable of enabling some applications without completing a specific time-consuming authentication. And the purpose is to provide the program.

In order to solve the above-mentioned problems and achieve the object, the present invention includes a plurality of authentication units that perform a plurality of types of authentication to the user, and a start operation for invoking a specific application by the operation unit. When input, the specific part that specifies the authentication required to start the specific application and the specific part that refers to the authentication setting information to which the authentication that requires permission to start is assigned to each application are referred to. When the authentication is permitted by the authentication unit that performs the authentication specified by the unit, the display control unit that displays the activation unit that starts the specific application and the icon for starting each application on the display unit, respectively. When all the authentications assigned by the authentication setting information to the application corresponding to the icon are permitted, the display control unit has the first brightness of the display unit. If at least one of the authentications is not permitted, the display unit is displayed with a second brightness lower than the first brightness, and the display control unit displays the above. Of the authentications assigned by the authentication setting information to a specific application, at least a part of the authentications are not permitted, so that the icon of the specific application is displayed on the display unit with the second brightness. In the case where it is displayed, when the activation operation is input by the operation unit, information indicating the state of the partial authentication is displayed on the display unit, and the authentication setting information is used for the specific application. When all the assigned authentications are permitted, the display of the information indicating the status of the partial authentication is canceled , and the display control unit performs the above-mentioned when the processing of the partial authentication is being executed. When the activation operation is input by the operation unit, the display unit is characterized by displaying information indicating that the partial authentication process is being executed as information indicating the state of the partial authentication. And.

According to the present invention, some apps can be used without completing a specific time-consuming authentication.

FIG. 1 is a diagram showing an example of a configuration of an information processing system according to an embodiment. FIG. 2 is a diagram showing an example of the detection range of the RFID tag reader and the detection range of the human body detection sensor. FIG. 3 is a diagram showing an example of the hardware configuration of the image forming apparatus according to the embodiment. FIG. 4 is a diagram showing an example of a software configuration of the image forming apparatus according to the embodiment. FIG. 5 is a diagram showing an example of the configuration of the functional block of the image forming apparatus according to the embodiment. FIG. 6 is a diagram showing an example of user information according to the embodiment. FIG. 7 is a diagram showing another example of user information according to the embodiment. FIG. 8 is a diagram showing an example of authentication setting information according to the embodiment. FIG. 9 is a diagram showing an example of a home screen displayed on the image forming apparatus according to the embodiment. FIG. 10 is a diagram showing an example of a home screen displayed on the image forming apparatus according to the embodiment. FIG. 11 is a flowchart showing an example of the wireless authentication process of the image forming apparatus according to the embodiment. FIG. 12 is a flowchart showing an example of the image authentication process of the image forming apparatus according to the embodiment. FIG. 13 is a diagram for explaining an example of image authentication. FIG. 14 is a flowchart showing an example of the authentication process of the image forming apparatus according to the embodiment. FIG. 15 is a sequence diagram showing an example of an error screen display process indicating that the image authentication process is being executed. FIG. 16 is a diagram showing an example of an error screen indicating that the image authentication process is being executed. FIG. 17 is a sequence diagram showing an example of display processing of an error screen indicating an image authentication failure. FIG. 18 is a diagram showing an example of an error screen indicating an image authentication failure. FIG. 19 is a sequence diagram showing an example of an error screen display process for prompting image authentication. FIG. 20 is a diagram showing an example of an error screen prompting image authentication.

Hereinafter, embodiments of the information processing apparatus, information processing system, information processing method, and program according to the present invention will be described in detail with reference to the drawings. Further, the present invention is not limited to the following embodiments, and the components in the following embodiments include those easily conceived by those skilled in the art, substantially the same, and so-called equivalent ranges. Is included. Further, various omissions, substitutions, changes and combinations of components can be made without departing from the gist of the following embodiments.

(Configuration of information processing system)
FIG. 1 is a diagram showing an example of a configuration of an information processing system according to an embodiment. The configuration of the information processing system 100 according to the present embodiment will be described with reference to FIG. 1.

As shown in FIG. 1, the information processing system 100 includes an image forming apparatus 101 and an RFID tag 105 possessed by a user 106.

The image forming apparatus 101 is, for example, an image forming apparatus such as an MFP (Multifunction Peripheral), a copying machine, a printer, a fax machine, or a scanner device, and is an example of the "information processing apparatus" of the present invention. Here, the MFP is a multifunction device having at least two functions of a copy function, a printer function, a scanner function, and a fax function. The image forming apparatus 101 identifies a wireless tag ID or the like from a camera 102 that captures an image and an RFID tag 105 (an example of a wireless tag) within a predetermined range (for example, a wireless detection range 202 shown in FIG. 2 described later). The RFID tag reader 103 for receiving the information of the above and the human body detection sensor 104 for detecting the user and the like are provided. Here, RFID is a technique for performing short-range wireless communication using electromagnetic waves, radio waves, or the like between an RFID tag 105 that stores specific information such as a wireless tag ID and an RFID tag reader 103. This is an example of wireless communication.

The camera 102 is, for example, an image pickup device installed so that the captured image includes a user 106 who uses the image forming device 101.

The RFID tag reader 103 is, for example, a device that, when the RFID tag 105 is a passive tag, radiates radio waves into a predetermined detection range (radio detection range 202) described later and receives specific information from the RFID tag 105. When the RFID tag 105 receives the radio wave radiated from the RFID tag reader 103, the RFID tag 105 operates using the received radio wave as electric power, and transmits specific information such as a radio tag ID stored in advance to the RFID tag reader 103. As the RFID tag reader 103, for example, a RFID tag reader 103 having a frequency used in the 920 [MHz] band and a transmission output of 250 [mW] or less can be adopted. When a plurality of RFID tags 105 are present within the detection range, the RFID tag reader 103 can receive specific information such as a wireless tag ID from each RFID tag 105.

Here, the passive tag is a tag for RFID that operates using radio waves from an RFID tag reader as an energy source, and does not require a built-in battery. The antenna of the passive tag reflects a part of the radio wave from the RFID tag reader, and returns information such as the radio tag ID on the reflected wave. Since the intensity of this reflection is very small, the passive tag has a shorter communication distance than the active tag that transmits radio waves by the power of its own device, but it is inexpensive and operates almost permanently.

The human body detection sensor 104 is a pyroelectric sensor or the like that detects a human body such as a user 106.

FIG. 2 is a diagram showing an example of the detection range of the RFID tag reader and the detection range of the human body detection sensor. The detection range of the RFID tag reader 103, the detection range of the human body detection sensor 104, and the like will be described with reference to FIG.

FIG. 2 shows the sensor detection range 201 of the human body detection sensor 104, the wireless detection range 202 of the RFID tag reader 103, and the image authentication range 203 of the camera 102 when viewed from the upper surface of the image forming apparatus 101.

In the example of FIG. 2, the human body detection sensor 104 is installed on the front side (lower side of FIG. 2) of the image forming apparatus 101, and the fan-shaped sensor detection is performed on the front surface of the image forming apparatus 101 (downward in FIG. 2). Range 201 is formed. The sensor detection range 201 of the human body detection sensor 104 targets a range of, for example, about 2 [m] from the image forming apparatus 101, and when a person (user 106 or the like) enters the sensor detection range 201, the human body is detected. The presence of a person is detected by the sensor 104, and the operation of the camera 102 and the RFID tag reader 103 is started.

Further, the image forming apparatus 101 has an RFID tag reader 103 such as a patch antenna inside, and a fan-shaped wireless detection range 202 is formed on the front surface (downward in FIG. 2) of the image forming apparatus 101. Has been done. Even if the wireless detection range 202 of the RFID tag reader 103 has a detection performance of, for example, about 2 [m] from the image forming apparatus 101, the communication function deteriorates due to the proximity of the RFID tag 105 and the user 106. Actually, the detection range is about 1 [m]. The radio detection range 202 is formed by radiating radio waves by the RFID tag reader 103 in order to receive predetermined information (for example, radio tag ID) from the RFID tag 105. Then, when the user 106 having the RFID tag 105 enters the radio detection range 202, the specific information stored in the RFID tag 105 is automatically transmitted to the image forming apparatus 101.

Further, FIG. 2 shows an image authentication range 203, which is an image pickup range in which face authentication is possible from an image captured by the camera 102.

In the present embodiment, the image forming apparatus 101 stores information indicating a user registered in advance as described later, and the wireless tag ID received from the RFID tag 105 and the storage unit of the image forming apparatus 101 are stored in advance. The RFID tag 105 is authenticated (hereinafter, may be referred to as "wireless authentication") based on the information indicating the registered user. Further, the image forming apparatus 101 can be used, for example, as a face image of the user 106 included in the image captured by the camera 102 and the feature information of the user's face registered in advance in the storage unit of the image forming apparatus 101 described later. Based on this, the user 106 captured in the image is authenticated (hereinafter, may be referred to as "image authentication"). Further, when wireless authentication and image authentication are permitted, the image forming apparatus 101 includes information indicating a user corresponding to the RFID tag 105 to which wireless authentication is permitted, and information indicating a user to which image authentication is permitted. Based on the above, login authentication (hereinafter, may be referred to as "device authentication") that permits the use of the image forming apparatus 101 of the user 106 is performed. For example, when the user of the RFID tag 105 to which wireless authentication is permitted and the user to which image authentication is permitted are the same user, the image forming apparatus 101 logs in to the image forming apparatus 101 of the user. Allow (permit use).

As described above, the image forming apparatus 101 is permitted to perform both authentication using the RFID tag 105 and image authentication using the face image captured by the camera 102, and the RFID tag is permitted to be wirelessly authenticated. When the 105 user and the user who is permitted to perform image authentication are the same user, the user's login is permitted (use is permitted). As a result, according to the image forming apparatus 101 according to the present embodiment, the user 106 of the image forming apparatus 101 only possesses the RFID tag 105 and authenticates the authentication method using the captured image such as image authentication. It becomes possible to improve the accuracy of.

The system configuration in FIG. 1 is just an example. For example, FIG. 1 shows an image forming apparatus 101 as an example of an information processing apparatus, but the present invention is not limited to this, and the information processing apparatus is a PC having a user authentication function similar to that of the image forming apparatus 101. (Personal Computer), a tablet terminal, a smartphone, a game machine, a video conferencing device, or the like.

Further, the camera 102, the RFID tag reader 103, the human body detection sensor 104, and the like may be externally attached.

Further, the RFID tag 105 may be an RFID active tag, a semi-active tag, or the like. The RFID tag 105 is an example of a wireless tag. The wireless tag may be a wireless terminal that communicates by a short-range wireless method different from RFID (for example, Bluetooth (registered trademark) Low Energy (hereinafter referred to as “BLE”), NFC (Near Field Communication), etc.). good. Further, instead of the wireless tag, a mobile terminal or the like equipped with the wireless tag or the like may be used.

Further, the image authentication uses an image of the user, but is not limited to this, and various authentications for authenticating the user by using the characteristic information indicating the characteristics of the user's living body. It may be a method (eg, fingerprint authentication, iris authentication, vein authentication, etc.).

(Hardware configuration of image forming device)
FIG. 3 is a diagram showing an example of the hardware configuration of the image forming apparatus according to the embodiment. The hardware configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

As shown in FIG. 3, the image forming apparatus 101 includes a main body 310 that realizes various image forming functions such as a copy function, a scanner function, a fax function, and a printer function, and an operation unit 330 that accepts user operations. , Equipped with. Here, accepting a user's operation is a concept including accepting information (including a signal indicating a coordinate value of a screen) input according to the user's operation.

The main body 310 and the operation unit 330 are connected to each other so as to be able to communicate with each other via a dedicated communication path 350. As the communication path 350, for example, a USB (Universal Serial Bus) standard can be used, but the communication path 350 is not limited to this, and may be any standard regardless of whether it is wired or wireless. The main body 310 operates according to the operation received by the operation unit 330. Further, the main body 310 can also communicate with an external device such as a client PC, and can perform an operation according to an instruction received from the external device.

<Hardware configuration of the main unit>
As shown in FIG. 3, the main body 310 includes a CPU (Central Processing Unit) 311, a ROM (Read Only Memory) 312, a RAM (Random Access Memory) 313, a storage 314, and a communication I / F (Interface) 315. It has a connection I / F 316, an engine unit 317, a human body detection sensor 318, and a system bus 319.

The CPU 311 comprehensively controls the operation of the main body 310. The CPU 311 controls the operation of the entire main body 310 by executing a program stored in the ROM 312, the storage 314, or the like with the RAM 313 as a work area (work area). For example, the CPU 311 controls the operation of the engine unit 317 in order to realize various functions such as the above-mentioned copy function, scanner function, fax function, and printer function.

The ROM 312 is, for example, a non-volatile memory that stores a BIOS (Basic Input / Output System) executed when the main body 310 is started, various settings, and the like. The RAM 313 is a volatile memory used as a work area or the like of the CPU 311. The storage 314 is, for example, a non-volatile storage device that stores an OS (Operating System), an application program, various data, and the like. The storage 314 is composed of, for example, an HDD (Hard Disk Drive) or an SSD (Solid State Drive).

The communication I / F 315 is a network interface for connecting the main body 310 to the network 360 and communicating with an external device connected to the network 360. The connection I / F 316 is an interface for communicating with the operation unit 330 via the communication path 350.

The engine unit 317 is hardware that performs general-purpose information processing and processing other than communication in order to realize functions such as a copy function, a scanner function, a fax function, and a printer function. The engine unit 317 includes, for example, a scanner unit that scans and reads an image of a document, a plotter unit that prints on a sheet material such as paper, and a fax unit that performs fax communication. The engine unit 317 may include a finisher for sorting printed sheet materials, or a specific option such as an ADF (Auto Document Feeder) for automatically feeding documents.

The human body detection sensor 318 is a sensor that detects a human body (user) within the detection range (sensor detection range 201 shown in FIG. 2) around the image forming apparatus 101. The human body detection sensor 318 is composed of, for example, a pyroelectric sensor or the like. The human body detection sensor 318 corresponds to the human body detection sensor 104 shown in FIG.

The system bus 319 is a transmission line that connects the above-mentioned components to each other and transmits an address signal, a data signal, various control signals, and the like.

<Hardware configuration of the operation unit>
As shown in FIG. 3, the operation unit 330 includes a CPU 331, a ROM 332, a RAM 333, a flash memory 334, a communication I / F 335, an operation panel 336, a connection I / F 337, and an external connection I / F 338. It has a short-range wireless communication device 339, a camera 340, and a system bus 341.

The CPU 331 comprehensively controls the operation of the operation unit 330. The CPU 331 controls the operation of the entire operation unit 330 by executing a program stored in the ROM 332, the flash memory 334, or the like with the RAM 333 as a work area (work area). For example, the CPU 331 realizes various functions such as displaying information (image) corresponding to the input received from the user on the operation panel 336.

The ROM 332 is, for example, a non-volatile memory that stores a BIOS executed when the operation unit 330 is started, various settings, and the like. The RAM 333 is a volatile memory used as a work area or the like of the CPU 331. The flash memory 334 is, for example, a non-volatile storage device that stores an OS, an application program, various data, and the like.

The communication I / F 335 is a network interface for connecting the operation unit 330 to the network 360 and communicating with an external device connected to the network 360.

The operation panel 336 accepts various inputs according to the user's operation and displays various information (for example, information according to the accepted operation, information indicating the operation status of the image forming apparatus 101, setting information, etc.). It is a device having an input function and a display function. The operation panel 336 is composed of, for example, a liquid crystal display device (LCD: Liquid Crystal Display) equipped with a touch panel function. The operation panel 336 is not limited to the liquid crystal display device, and may be composed of, for example, an organic EL (Electro-Luminence) display device equipped with a touch panel function. Further, the operation panel 336 may be provided with an operation unit such as a hardware key or a display unit such as a lamp in addition to or in place of the touch panel function.

The connection I / F 337 is an interface for communicating with the main body 310 via the communication path 350. The external connection I / F 338 is an interface such as USB for connecting an external device.

The short-range wireless communication device 339 is a short-range wireless device for communicating with a wireless tag within a predetermined range (radio detection range 202 shown in FIG. 2) by short-range wireless communication. The short-range wireless communication device 339 includes, for example, the RFID tag reader 103 shown in FIG. 1 and receives specific information from the RFID tag 105 or the like that returns a response to the radiated radio wave. The short-range wireless communication device 339 may be a short-range wireless device that performs short-range wireless communication such as BLE or NFC described above.

The camera 340 is an imaging device that captures an image within a predetermined imaging range (image authentication range 203 shown in FIG. 2). The camera 340 corresponds to the camera 102 shown in FIG.

The system bus 341 is a transmission line that connects the above-mentioned components to each other and transmits an address signal, a data signal, various control signals, and the like.

(Software configuration of image forming device)
FIG. 4 is a diagram showing an example of a software configuration of the image forming apparatus according to the embodiment. The software configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

As shown in FIG. 4, the main body 310 of the image forming apparatus 101 includes an application layer 411, a service layer 412, and an OS layer 413. The substance of the application layer 411, the service layer 412, and the OS layer 413 is various software stored in the ROM 312, the storage 314, or the like. By executing these software (programs) by the CPU 311, various functions of the main body 310 are provided.

The application layer 411 is an application for operating hardware resources to provide a predetermined function (hereinafter, may be simply referred to as an "application"). Examples of the application include a copy application for providing a copy function, a scanner application for providing a scanner function, a fax application for providing a fax function, a printer application for providing a printer function, and the like.

The service layer 412 is software that intervenes between the application layer 411 and the OS layer 413 and provides an interface for using the hardware resources included in the main body 310 to the application of the application layer 411. Specifically, the service layer 412 provides a function of receiving an operation request for a hardware resource and arbitrating the operation request. Examples of the operation request received by the service layer 412 include a request for reading by a scanner and a request for printing by a plotter.

The interface function by the service layer 412 is provided not only to the application layer 411 of the main body 310 but also to the application layer 431 of the operation unit 330. That is, the application layer 431 of the operation unit 330 can also realize a function using the hardware resource of the main body 310 (for example, the engine unit 317) via the interface function of the service layer 412 of the main body 310.

The OS layer 413 is basic software (operating system) for providing basic functions for controlling the hardware included in the main body 310. The service layer 412 converts hardware resource usage requests from various applications into commands that can be interpreted by the OS layer 413 and passes them to the OS layer 413. Then, when the command is executed by the OS layer 413, the hardware resource operates according to the request of the application.

As shown in FIG. 4, the operation unit 330 of the image forming apparatus 101 includes an application layer 431, a service layer 432, and an OS layer 433. The application layer 431, the service layer 432, and the OS layer 433 included in the operation unit 330 are also the same as those on the main body 310 side in terms of the hierarchical structure. However, the functions provided by the application of the application layer 431 and the types of operation requests that the service layer 432 can accept are different from those of the main body 310 side.

The application layer 431 may be software for operating the hardware resources included in the operation unit 330 to provide a predetermined function, but is mainly a UI for performing operations and displays related to the functions provided in the main body 310. (User Interface) function is provided. Further, the application of the application layer 431 provides an authentication function using the short-range wireless communication device 339 included in the operation unit 330, the camera 340, and the like.

In this embodiment, the software of the OS layer 413 on the main body 310 side and the software of the OS layer 433 on the operation unit 330 side are different from each other in order to maintain the independence of the functions. That is, the main body 310 and the operation unit 330 operate independently of each other by different operating systems. For example, Linux (registered trademark) can be used as the software of the OS layer 413 on the main body 310 side, and Android (registered trademark) can be used as the software of the OS layer 433 on the operation unit 330 side.

As described above, in the image forming apparatus 101 of the present embodiment, since the main body 310 and the operation unit 330 operate in different operating systems, the communication between the main body 310 and the operation unit 330 is within a common device. It is not communication between processes, but communication between different devices. This corresponds to an operation (command communication) of transmitting information received by the operation unit 330 (operation instruction content from the user) to the main body 310, an operation of the main body 310 transmitting information to the operation unit 330, and the like. Here, the function of the main body 310 can be used by the operation unit 330 performing command communication to the main body 310. Further, the information transmitted from the main body 310 to the operation unit 330 includes, for example, the execution status of the operation in the main body 310, the contents set on the main body 310 side, and the like. Further, in the present embodiment, since the power supply to the operation unit 330 is performed from the main body 310 via the communication path 350, the power control of the operation unit 330 is separated from the power control of the main body 310 (independently). Can be done.

(Structure of functional block of image forming apparatus)
FIG. 5 is a diagram showing an example of the configuration of the functional block of the image forming apparatus according to the embodiment. The configuration of the functional block of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

<Structure of functional blocks of the main body>
As shown in FIG. 5, the main body 310 of the image forming apparatus 101 includes a human body detecting unit 501, a power state control unit 502, an image forming unit 503, a storage unit 504, an inter-device communication unit 505, and an external communication unit. 507 and.

The human body detection unit 501 is a functional unit that detects a person (user 106 in the example of FIG. 1) within the sensor detection range 201 around the image forming apparatus 101 by using the human body detection sensor 318. The human body detection unit 501 is realized by, for example, a program that operates on the CPU 311 shown in FIG. When the human body detection unit 501 detects a person within the sensor detection range 201, the human body detection unit 501 notifies the power state control unit 502 of the detection information, and further, the wireless communication unit via the inter-device communication unit 505 and the communication path 350. Notify 511 and the image authentication unit 515.

The power state control unit 502 is a functional unit that controls the power state of the main body 310 and the operation unit 330. The power state control unit 502 is realized by, for example, a program operated by the CPU 311 shown in FIG. When the image forming apparatus 101 is not used for more than a preset time, the power state control unit 502 puts the image forming apparatus 101 into a power saving state in which power consumption is less than that in a normal state in which image forming processing can be performed. Migrate. In the power saving state, the power consumption can be reduced by, for example, stopping the functions of the operation unit 330 and the engine unit 317 of the main body 310. Further, when the power state control unit 502 receives a notification of detection information for detecting a person from the human body detection unit 501 while the image forming apparatus 101 is in the power saving state, the main body 310 is operated normally from the power saving state. Return to a possible normal state. Further, the power state control unit 502 returns the operation unit 330 from the power saving state to the normal state by notifying the operation unit 330 of the return command via the inter-device communication unit 505 and the communication path 350.

The image forming unit 503 is a functional unit that executes various image forming functions (for example, a printer function, a copy function, a scanner function, a fax function, etc.) included in the image forming apparatus 101. The image forming unit 503 is realized by, for example, a program operated by the engine unit 317 shown in FIG. 3 and the CPU 311 shown in FIG.

The storage unit 504 is a functional unit that stores various information such as user information A506 including information indicating a user of the image forming apparatus 101 registered in advance. The storage unit 504 is realized by, for example, a program running on the RAM 313 shown in FIG. 3, the storage 314, and the CPU 311 shown in FIG.

The inter-device communication unit 505 is a functional unit that communicates data with the operation unit 330 (inter-device communication unit 519 described later) via the communication path 350. The inter-device communication unit 505 is realized by, for example, a connection I / F 316 shown in FIG. 3 and a program operated by the CPU 311 shown in FIG.

The external communication unit 507 is a functional unit that connects the main body 310 to the network 360 and communicates with an external device connected to the network 360. The external communication unit 507 is realized by, for example, a communication I / F 315 shown in FIG. 3 and a program operated by the CPU 311 shown in FIG.

The human body detection unit 501, the power state control unit 502, the image forming unit 503, the storage unit 504, the inter-device communication unit 505, and the external communication unit 507 of the main body 310 shown in FIG. 5 conceptually show the functions. Therefore, it is not limited to such a configuration. For example, a plurality of functional units shown as independent functional units in the main body 310 shown in FIG. 5 may be configured as one functional unit. On the other hand, the function of one functional unit in the main body 310 shown in FIG. 5 may be divided into a plurality of functions and configured as a plurality of functional units.

Further, a part or all of the human body detection unit 501, the power state control unit 502, and the image forming unit 503 of the main body 310 are not programs that are software, but are FPGA (Field-Programmable Gate Array) or ASIC (Application Specific Integrated Circuit). It may be realized by a hardware circuit such as.

<Structure of functional block of operation unit>
As shown in FIG. 5, the operation unit 330 of the image forming apparatus 101 includes a wireless communication unit 511, a wireless authentication unit 512 (an example of an authentication unit, an example of a first authentication unit), an image pickup unit 513, and characteristic information. An extraction unit 514, an image authentication unit 515 (an example of an authentication unit, an example of a second authentication unit), an authentication unit 516, a user information management unit 517, a storage unit 518, an inter-device communication unit 519, and the like. It has an external communication unit 521, an application activation management unit 522 (specific unit, activation unit), a display control unit 523, and a display unit 524.

The wireless communication unit 511 is a functional unit that receives specific information from a wireless tag within a predetermined range (for example, the wireless detection range 202 shown in FIG. 2) by short-range wireless communication using the short-range wireless communication device 339. be. When the wireless communication unit 511 receives the detection information of detecting a person from the human body detection unit 501, the wireless communication unit 511 radiates radio waves in order to receive specific information from the wireless tag. The wireless communication unit 511 is realized by, for example, a program that operates on the short-range wireless communication device 339 shown in FIG. 3 and the CPU 331 shown in FIG. The radio communication unit 511 receives specific information such as a radio tag ID from the RFID tag 105 within the radio detection range 202 shown in FIG. 2 formed by radiating radio waves. When a plurality of RFID tags 105 are present in the radio detection range 202, the wireless communication unit 511 can receive specific information such as a wireless tag ID from each RFID tag 105.

The wireless authentication unit 512 is a functional unit that authenticates a wireless tag that has transmitted specific information based on the specific information received by the wireless communication unit 511 and the user information registered in advance. The wireless authentication unit 512 is realized by, for example, a program running on the CPU 331 shown in FIG. The wireless authentication unit 512 is based on the wireless tag ID of the RFID tag 105 received by the wireless communication unit 511 and the user information registered in advance (for example, the user information a520 and the user information A506 described later). , The RFID tag 105 is authenticated (wireless authentication) (an example of the first authentication). The wireless authentication unit 512 permits authentication of the RFID tag 105 when the wireless tag ID of the RFID tag 105 received by the wireless communication unit 511 is included in the user information registered in advance. Further, the wireless authentication unit 512 outputs information indicating the user of the RFID tag 105 that has been authorized for authentication to the authentication unit 516. In addition, since the wireless authentication unit 512 holds information indicating the user of the RFID tag 105 that has been authorized for authentication, it may be output to the storage unit 518 and stored. Further, when the wireless authentication unit 512 receives the wireless tag IDs from the plurality of RFID tags 105 by the wireless communication unit 511, the wireless authentication unit 512 sequentially performs wireless authentication for the plurality of wireless tag IDs and holds the result of the wireless authentication. It should be.

The image pickup unit 513 is a function unit that captures an image using the camera 340. The image pickup unit 513 is realized by, for example, a program that operates on the CPU 331 shown in FIG. The image pickup unit 513 captures an image of the user 106 in front of the image forming apparatus 101 by capturing an image in front of the image forming apparatus 101.

When the image captured by the image pickup unit 513 includes a face image, the feature information extraction unit 514 has a function of extracting the face image and the feature information of the face image (an example of the feature information indicating the user's characteristics). It is a department. The feature information extraction unit 514 is realized by, for example, a program running on the CPU 331 shown in FIG. The feature information of the face image includes, for example, information such as the shape and relative position of each part such as the contour of the face, eyes, nose, chin, and cheekbone. As a method for detecting a face image in a captured image by such a feature information extraction unit 514, a face detection method based on a known Haar-like feature can be applied.

The image authentication unit 515 is a functional unit that authenticates a user included in the image captured by the image pickup unit 513 based on the image captured by the image pickup unit 513 and the user information registered in advance. .. The image authentication unit 515 is realized by, for example, a program that operates on the CPU 331 shown in FIG. The image authentication unit 515 has feature information of the user's face image extracted by the feature information extraction unit 514 from the image captured by the image pickup unit 513, and user information registered in advance (for example, user information described later). Based on a520, user information A506, etc.), authentication of the user included in the captured image (image authentication) (an example of the second authentication) is performed. The image authentication unit 515 permits authentication of the user included in the captured image when one feature information corresponding to the feature information of the face image extracted by the feature information extraction unit 514 is included in the pre-registered user information. do. Further, the image authentication unit 515 outputs information indicating a user who has permitted authentication to the authentication unit 516. In addition, since the image authentication unit 515 holds the information indicating the user who has permitted the authentication, it may be output to the storage unit 518 and stored.

In the present embodiment, the image authentication unit 515 may perform image authentication of the user by using a known face authentication technique (see, for example, Japanese Patent Application Laid-Open No. 2015-35178). Further, the image authentication unit 515 uses various known image authentication methods (for example, for example) to authenticate the user based on the characteristic information indicating the characteristics of the user's living body included in the image captured by the image pickup unit 513. The user may be authenticated by fingerprint authentication, iris authentication, vein authentication, etc.).

The authentication unit 516 performs login authentication (device authentication) of the user based on the information indicating the user whose authentication is permitted by the wireless authentication unit 512 and the information indicating the user whose authentication is permitted by the image authentication unit 515. ) Is a functional unit that performs. The authentication unit 516 is realized by, for example, a program running on the CPU 331 shown in FIG. When the user of the wireless tag (RFID tag 105) authorized by the wireless authentication unit 512 and the user authorized by the image authentication unit 515 are the same user, the authentication unit 516 uses the same user. The use of the image forming apparatus 101 of the person is permitted. As a preferred example, when the authentication unit 516 matches the identification information of the user of the wireless tag whose authentication is permitted by the wireless authentication unit 512 and the identification information of the user whose authentication is permitted by the image authentication unit 515. , The user is permitted to use the image forming apparatus 101.

On the other hand, as a specific example of the case where the identification information of the user of the wireless tag authorized by the wireless authentication unit 512 and the identification information of the user authorized by the image authentication unit 515 do not match, the RFID tag A user having the 105 passes around the image forming apparatus 101 and does not have the RFID tag 105, but a user having the “user characteristic information” of FIG. 6 described later registered is the image forming apparatus 101. This is the case when you are in front of you. In this case, the authentication unit 516 does not allow login.

The case where the user identification information obtained from the wireless authentication unit 512 and the user identification information obtained from the image authentication unit 515 match is only when the two identification information completely match. However, it may be included that the two identification information can be determined to be substantially the same user identification information. For example, the user identification information obtained from the image authentication unit 515 is an 8-digit employee ID, and the user identification information obtained from the wireless authentication unit 512 is a 10-digit login with two characters added to the employee ID. If it is an ID, it may be determined that the two identification information match. As described above, when the user identification information obtained from the wireless authentication unit 512 and the user identification information obtained from the image authentication unit 515 are the identification information related to the same user, the authentication unit 516 sets the same. It may allow the user to use the image forming apparatus 101.

The user information management unit 517 is a functional unit that manages the user information a520 stored in the storage unit 518. The user information management unit 517 is realized by, for example, a program running on the CPU 331 shown in FIG.

The storage unit 518 is a functional unit that stores various information such as user information a520 including information indicating a user of the image forming apparatus 101 and authentication setting information described later. The storage unit 518 is realized, for example, by a program running on the RAM 333 shown in FIG. 3, the flash memory 334, and the CPU 331 shown in FIG.

The inter-device communication unit 519 is a functional unit that communicates data with the main body 310 (inter-device communication unit 505) via the communication path 350. The inter-device communication unit 519 is realized by, for example, a connection I / F 337 shown in FIG. 3 and a program operated by the CPU 331 shown in FIG.

The external communication unit 521 is a functional unit that connects the operation unit 330 to the network 360 and communicates with an external device connected to the network 360. The external communication unit 521 is realized by, for example, a communication I / F 335 shown in FIG. 3 and a program operated by the CPU 331 shown in FIG.

The application start management unit 522 changes the display mode of the application icon on the home screen displayed on the display unit 524, and when the application icon is pressed, determines whether or not the application corresponding to the application icon can be started and starts the application. If it is not possible, it is a functional part that displays an error screen. The application activation management unit 522 is realized by, for example, a program running on the CPU 331 shown in FIG.

The display control unit 523 is a functional unit that controls the display operation of the screen of the display unit 524. The display control unit 523 is realized by, for example, a program that operates on the CPU 331 shown in FIG.

The display unit 524 is a functional unit that displays various data on the screen according to the control by the display control unit 523. The display unit 524 is realized by the display function (liquid crystal display device or the like) of the operation panel 336 shown in FIG.

The wireless communication unit 511, wireless authentication unit 512, imaging unit 513, feature information extraction unit 514, image authentication unit 515, authentication unit 516, user information management unit 517, and storage unit 518 of the operation unit 330 shown in FIG. The inter-device communication unit 519, the external communication unit 521, the application activation management unit 522, the display control unit 523, and the display unit 524 conceptually show the functions, and are not limited to such a configuration. .. For example, a plurality of functional units illustrated as independent functional units in the operation unit 330 shown in FIG. 5 may be configured as one functional unit. On the other hand, the operation unit 330 shown in FIG. 5 may divide the function of one functional unit into a plurality of functions and configure the operation unit 330 as a plurality of functional units. For example, the function of specifying the authentication that requires permission to start the application for which the startup operation has been performed, which is the function of the application startup management unit 522 described later, is defined as the "specific unit", and the application that is the target of the start operation. The function for activating the application may be set as a "startup unit", and the application activation management unit 522 may be divided into a plurality of function units.

In addition, the wireless communication unit 511, wireless authentication unit 512, imaging unit 513, feature information extraction unit 514, image authentication unit 515, authentication unit 516, user information management unit 517, application activation management unit 522, and display control of the operation unit 330. Part or all of part 523 may be realized by a hardware circuit such as FPGA or ASIC instead of a program which is software.

Further, each functional unit included in the main body 310 and the operation unit 330 of the image forming apparatus 101 is not limited to being included in the main body 310 or the operation unit 330 in the configuration as shown in FIG. For example, in the example shown in FIG. 5, the authentication unit 516 is included in the operation unit 330, but the present invention is not limited to this, and the authentication unit 516 may be included in the main body 310. In this case, the wireless authentication unit 512 notifies the authentication unit 516 of the authentication result of the wireless authentication unit 512 (for example, information indicating a user whose authentication is permitted) via the communication path 350. Similarly, the image authentication unit 515 notifies the authentication unit 516 of the authentication result of the image authentication unit 515 (for example, information indicating a user who is authorized to authenticate) via the communication path 350. Further, the authentication unit 516 authenticates the user (device authentication) based on the authentication result of the wireless authentication unit 512 and the authentication result of the image authentication unit 515 received via the communication path 350. Further, for example, in the example shown in FIG. 5, the human body detection unit 501 is included in the main body 310, but the present invention is not limited to this, and the configuration may be included in the operation unit 330.

(Structure of user information)
FIG. 6 is a diagram showing an example of user information according to the embodiment. FIG. 7 is a diagram showing another example of user information according to the embodiment. The data structure of the user information a520 stored in the storage unit 518 of the operation unit 330 will be described with reference to FIGS. 6 and 7.

The user information a520 shown in FIG. 6 is an example of user information registered in advance. In the example of FIG. 6, the user information a520 includes a "user number", a "name", an "email address", a "login ID", a "login password", a "wireless tag ID", and "user characteristic information". Information such as "is included.

The "user number" is, for example, a serial number assigned when the information of each user is registered in the user information a520, an identification number unique to each user's data, or the like, and is a user. This is an example of unique identification information (user identification information). Further, the "user number" may be user identification information such as an employee ID.

The "name" is the name of the user. The "email address" is the user's email address. The "login ID" and "login password" are examples of authentication information for the user to log in to the image forming apparatus 101.

The "wireless tag ID" is identification information such as a tag ID indicating the RFID tag 105 transmitted by the RFID tag 105 possessed by each user, and is represented by, for example, an 8-digit number. The "wireless tag ID" is an example of specific information transmitted from the RFID tag 105, and the specific information may include information other than numbers, for example, user identification information and the like. ..

"User feature information" is feature information about the user's face of the image forming apparatus 101, such as the shape and relative position of each part such as the contour of the face, eyes, nose, chin, and cheekbone. Is. The data format of the "user characteristic information" shown in FIG. 6 is an example, and may be any format. "User characteristic information" needs to be acquired in advance for each user and registered in the user information a520.

In the user information a520 shown in FIG. 6, for example, when the data type is "data 2", the user number is "101002", the name is "Jiro Yamada", and the e-mail address is "bbb@bbb.cc". The login ID is "yamada_jiro", the login password is "abcdef", the wireless tag ID is "00535213", and the user's characteristic information is "{56,111, -3, ..., -120, 47, 208}". Yes, each information is associated and stored.

For example, about 300 to 1800 user information a520 as shown in FIG. 6 can be stored in the storage unit 518 of the operation unit 330. For example, the user information management unit 517 of the operation unit 330 stores at least a part of the user information A506 stored in the storage unit 504 of the main body 310 as the user information a520 in the storage unit 518 of the operation unit 330. I will do it. As a result, the wireless authentication unit 512 and the image authentication unit 515 read out the user information a520 stored in the storage unit 518 of the operation unit 330 faster than the user information A506 stored in the storage unit 504 of the main body 310. Will be able to.

In addition to or instead of the user information a520, the storage unit 518 may store the user information 601 and 602 shown in FIG. 7. The user information 601 shown in FIG. 7A includes the above-mentioned "wireless tag ID" and a "user ID" which is an example of identification information (user identification information) unique to each user. It is associated and remembered. The wireless authentication unit 512 can authenticate the RFID tag 105 (wireless authentication) if there is at least the information shown in the user information 601. For example, when the wireless tag ID of the RFID tag 105 received by the wireless communication unit 511 is included in the user information 601, the wireless authentication unit 512 permits the authentication of the RFID tag 105, and the authentication is permitted to the RFID tag 105. The corresponding user ID is output to the authentication unit 516 or the like.

In the user information 602 shown in FIG. 7B, the "user ID" and the above-mentioned "characteristic information of the user" are stored in association with each other. The image authentication unit 515 can authenticate the user (image authentication) included in the image if there is at least the information included in the user information 602. For example, when the user information 602 includes one feature information corresponding to the feature information of the user's face image extracted by the feature information extraction unit 514, the image authentication unit 515 of the user included in the image. Authentication is permitted, and the user ID of the user for whom authentication is permitted is output to the authentication unit 516 or the like.

Further, the user information a520 and the user information 601 and 602 shown in FIGS. 6 and 7 are both tabular information, but the information is not limited to this, and the values of the fields are associated with each other. The information may be in any format as long as it can be managed.

(Authentication setting information and application icon on the home screen)
FIG. 8 is a diagram showing an example of authentication setting information according to the embodiment. The data structure of the authentication setting information 700 stored in the storage unit 518 of the operation unit 330 will be described with reference to FIG.

The authentication setting information 700 shown in FIG. 8 is an example of authentication setting information registered in advance, and either wireless authentication or image authentication is required when starting each application having the operation unit 330 as a function. It is information indicating whether or not. In the example of FIG. 8, the authentication setting information 700 includes information such as "application type", "wireless authentication", and "image authentication".

The "application type" is information indicating the type of the application such as the name of the application. "Wireless authentication" is information indicating whether or not permission for wireless authentication is required when starting the corresponding application. "Image authentication" is information indicating whether or not permission for image authentication is required when starting the corresponding application.

In the authentication setting information 700 shown in FIG. 8, for example, an application whose application type is "App A" has a low density of "unnecessary" for wireless authentication and "unnecessary" for image authentication (for example, toner remaining amount vi). It is shown to be a jet or clock app, etc.). In addition, an application whose application type is "App B" is an application with medium sensitivity (for example, the user's paper information is only handled) with "necessary" for wireless authentication and "unnecessary" for image authentication. It is shown that it is a copy application or a scanner application that does not handle confidential information in the image forming apparatus 101). Also, for apps whose app type is "App C", use a highly sensitive app that requires wireless authentication "required" and image authentication "required" (for example, a device setting app for administrators or a personal account). It is shown that it is an application that uses the box function or the pull print function.

As in the authentication setting information 700 shown in FIG. 8 above, each application of the image forming apparatus 101 is appropriately assigned the required authentication according to the confidentiality. That is, wireless authentication and image authentication are not required for all applications, and the necessity of permission for each authentication is set based on the sensitivity. As a result, for example, an application that does not require image authentication and can be started only with the permission of wireless authentication can be started only with the permission of wireless authentication without performing image authentication, which takes longer than wireless authentication. Can be improved. Further, for example, when the authentication setting information 700 is information that can be edited by the administrator, it is possible to change the assignment of the required authentication type as the confidentiality of the application changes.

The authentication setting information 700 shown in FIG. 8 is information in a table format, but the information is not limited to this, and any format of information can be used as long as the values of each field can be associated and managed. You may.

Further, the authentication setting information 700 shown in FIG. 8 is information indicating which authentication is required, wireless authentication or image authentication, and the types of authentication required by each application are wireless authentication and image. It is not limited to authentication, and the types of authentication are not limited to two types. For example, in addition to wireless authentication and image authentication, password authentication, voiceprint authentication, palm shape authentication, or at least one of the above-mentioned fingerprint authentication, iris authentication, vein authentication, etc., is required to activate each application. It may be assigned by the authentication setting information 700.

9 and 10 are diagrams showing an example of a home screen displayed on the image forming apparatus according to the embodiment, respectively. An example of a home screen in which an application icon for starting each application is displayed will be described with reference to FIGS. 9 and 10. The home screen 801 shown in FIG. 9 and the home screen 802 shown in FIG. 10 are screens displayed on the display unit 524.

The home screens 801 and 802 shown in FIGS. 9 and 10 show an example of a screen for activating each application included in the image forming apparatus 101, and here, three applications A, B, and C are shown. It is assumed that the home screen displays an icon for starting an application (hereinafter, may be referred to as an "application icon").

In the home screen 801 shown in FIG. 9, it is assumed that wireless authentication is permitted for the user who intends to use the screen, and the image authentication is not permitted. In this case, since the application A and the application B do not require permission for image authentication, they can be started respectively when only the wireless authentication is permitted, and the application icon 901 of the application A and the application icon 902 of the application B are displayed. , It is displayed as a normal brightness (first brightness) icon to indicate that each application can be started. On the other hand, since the application C requires permission for both wireless authentication and image authentication, it cannot be started when only wireless authentication is permitted, and the application icon 903 of the application C cannot be started. In order to indicate that, it is displayed as a semi-brightness (grayout, inactive display) (second brightness) icon whose brightness is lower than the normal brightness. When the application icon 903 displayed in the half-bright state is pressed in this way, an error screen indicating the reason why the application cannot be started is displayed. Here, the semi-luminance does not necessarily mean the brightness of half of the normal brightness, but indicates that the brightness is at least lower than the normal brightness as described above. The display processing of this error screen will be described later with reference to FIGS. 15 to 20.

Here, as a method of making the app icon half-bright, for example, the saturation or lightness of the RGB value of the image of the app icon is reduced, and the image of the app icon is displayed with a transparent gray filter. , A method of storing another image in which the saturation or brightness of the RGB value of the image of the application icon is lowered and displaying the other image can be mentioned.

Next, the home screen when the image authentication is permitted following the wireless authentication permission is the home screen 802 shown in FIG. 10. In this case, since the state of image authentication does not affect the application A and the application B, they can be started at least in the state where the wireless authentication is permitted, and the application icon 901 of the application A and the application icon 902 of the application B are It remains displayed as a normal brightness icon to indicate that each app is ready to launch. On the other hand, since the application C requires the permission of both the wireless authentication and the image authentication, it can be started in the state where the image authentication is permitted following the permission of the wireless authentication, and the application icon 903 of the application C is displayed. , The display switches from the state of the half-brightness icon to the state of the normal-brightness icon.

In this way, it is possible to determine whether or not to start each application based on the display mode of the application icon for starting each application, and if the application icon is pressed in a state where it cannot be started, an error screen is displayed. Since it is displayed and the current authentication status is clearly shown (described later), the usability of the application can be further improved.

In the home screen 801 shown in FIG. 9, an example is shown in which a non-startable application icon (application icon 903 in FIG. 9) is displayed together with an application name (“application C”) so as to be half-bright. Not limited to. That is, only the icon portion of the application icon (circular icon portion in FIG. 9) may be set to half-luminance, and the application name may be left as normal brightness. As a result, the user can grasp what kind of application is provided regardless of whether it can be started or not, and can determine whether or not to start the application corresponding to each application icon. Can be done.

(Flow of wireless authentication processing)
FIG. 11 is a flowchart showing an example of the wireless authentication process of the image forming apparatus according to the embodiment. The flow of the wireless authentication process of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG. 11. In FIG. 11, the wireless communication unit 511 will be described as radiating radio waves for receiving specific information from the wireless tag.

<Step S101>
First, the wireless communication unit 511 receives identification information (radio tag ID) from a wireless tag (RFID tag 105) within a predetermined range (for example, the wireless detection range 202 shown in FIG. 2). When the wireless communication unit 511 receives the identification information (step S101: Yes), the process proceeds to step S102, and when the information cannot be received (step S101: No), the reception is performed again.

<Step S102>
The wireless authentication unit 512 authenticates the wireless tag (RFID tag 105) that has transmitted the identification information based on the identification information (radio tag ID) received by the wireless communication unit 511 and the user information registered in advance. Specifically, the wireless authentication unit 512 authenticates the RFID tag 105 based on the wireless tag ID of the RFID tag 105 received by the wireless communication unit 511 and the user information a520 or the user information A506 registered in advance (). Wireless authentication). When the wireless tag ID of the RFID tag 105 received by the wireless communication unit 511 is included in the user information a520 or the user information A506, the wireless authentication unit 512 permits the authentication of the RFID tag 105. Further, the wireless authentication unit 512 does not allow the authentication of the RFID tag 105 when the wireless tag ID received by the wireless communication unit 511 is not included in the user information a520 or the user information A506. Then, the process proceeds to step S103.

<Step S103>
When the authentication of the RFID tag 105 is permitted as a result of the wireless authentication by the wireless authentication unit 512 (when the authentication result is "OK") (step S103: Yes), the process proceeds to step S104. On the other hand, when the authentication of the RFID tag 105 is not permitted (when the authentication result is not "OK") (step S103: No), the process returns to step S101 and the same process is repeated.

<Step S104>
The wireless authentication unit 512 identifies the user such as information (for example, "user number" or "user ID") indicating the user of the RFID tag 105 for which authentication is permitted (authentication result is "OK"). Information) is output to the authentication unit 516. At this time, the wireless authentication unit 512 provides the authentication unit 516 with the identification information of the user of the RFID tag 105 that has permitted the authentication and the information indicating that the authentication has been permitted (the authentication result is "OK"). It may be output. Further, in step S103 described above, when the authentication is not permitted, the wireless authentication unit 512 outputs information indicating that the authentication is not permitted (the authentication result is "NG") to the authentication unit 516. You may.

By the operation of the above steps S101 to S104, the wireless authentication process is executed by the image forming apparatus 101.

(Flow of image authentication process)
FIG. 12 is a flowchart showing an example of the image authentication process of the image forming apparatus according to the embodiment. FIG. 13 is a diagram for explaining an example of image authentication. The flow of the image authentication process of the image forming apparatus 101 according to the present embodiment will be described with reference to FIGS. 12 and 13.

<Step S201>
The image pickup unit 513 uses the camera 340 to take an image toward the front image pickup range (for example, the image authentication range 203 shown in FIG. 2), and acquires the captured image. An example of the captured image acquired at this time is shown in FIG. 13 (a). The captured image 1001 shown in FIG. 13A includes a user 1002 in front of the image forming apparatus 101. As described above, the camera 340 is installed so that the user 1002 in front of the image forming apparatus 101 is included in the captured image 1001. Then, the process proceeds to step S202.

<Step S202>
The feature information extraction unit 514 detects a face image (face image) from the captured image acquired by the image pickup unit 513. An example of the face image detected at this time is shown in FIG. 13 (b). The feature information extraction unit 514 extracts parts such as the contour 1004 of the user's face, the eyes 1005, and the nose 1006 from the captured image 1001 captured by the camera 340, and uses, for example, a known pattern matching technique or the like. It is used to detect the user's face image 1003. Then, the process proceeds to step S203.

<Step S203>
When the face image 1003 is detected from the captured image 1001 by the feature information extraction unit 514 (step S203: Yes), the process proceeds to step S204. On the other hand, when the face image 1003 is not detected from the captured image 1001 by the feature information extraction unit 514 (step S203: No), the process returns to step S201 and the same process is repeated.

<Step S204>
The feature information extraction unit 514 extracts the feature information of the face image from the detected face image. The image authentication unit 515 performs authentication (image authentication) using the feature information of the extracted face image. In addition, various known face recognition techniques (for example, refer to the above-mentioned Japanese Patent Application Laid-Open No. 2015-35178) can be applied to the image recognition process. Here, only an outline will be described with respect to an example.

For example, the "user feature information" of the user information a520 and the user information A506 includes facial contours, eyes, nose, chin, etc. acquired in advance for each user who is permitted to use the image forming apparatus 101. It also contains information such as the shape and relative position of each part such as the cheekbone. Further, the feature information extraction unit 514 detects the face image 1003 included in the captured image 1001 acquired by the image pickup unit 513, and extracts the user's feature information from the detected face image 1003. The image authentication unit 515 compares the user feature information extracted by the feature information extraction unit 514 with each of the user information a520 or the "user feature information" of the user information A506, and includes the captured image 1001. It is determined whether or not the user is a user registered in the user information a520 or the user information A506. When the image authentication unit 515 determines that the user included in the captured image 1001 is a user registered in the user information a520 or the user information A506, the image authentication unit 515 permits the authentication of the user included in the captured image 1001. do. On the other hand, when the image authentication unit 515 determines that the user included in the captured image 1001 is not a user registered in the user information a520 or the user information A506, the image authentication unit 515 authenticates the user included in the captured image 1001. not allowed. Then, the process proceeds to step S205.

<Step S205>
As a result of image authentication by the image authentication unit 515, when the authentication of the user is permitted (when the authentication result is "OK") (step S205: Yes), the process proceeds to step S206. On the other hand, when the authentication of the user is not permitted (when the authentication result is not "OK") (step S205: No), the process returns to step S201 and the same process is repeated.

<Step S206>
The image authentication unit 515 provides information indicating a user who has permitted authentication (authentication result is "OK") (for example, user identification information such as "user number" and "user ID"). Output to the authentication unit 516. At this time, the image authentication unit 515 outputs to the authentication unit 516 information indicating that the authentication has been permitted (the authentication result is "OK") together with the identification information of the user who has permitted the authentication. There may be. Further, in step S205 described above, the image authentication unit 515 outputs information indicating that the authentication is not permitted (the authentication result is "NG") to the authentication unit 516 when the authentication is not permitted. You may.

By the operation of the above steps S201 to S206, the image authentication process is executed by the image forming apparatus 101.

(Authentication processing of image forming apparatus)
FIG. 14 is a flowchart showing an example of the authentication process of the image forming apparatus according to the embodiment. The flow of the authentication process of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG. At the start of the authentication process shown in FIG. 11, it is assumed that the image forming apparatus 101 is controlled to the above-mentioned power saving state by the power state control unit 502.

<Step S401>
When a person is detected within the detection range around the image forming apparatus 101 (for example, the sensor detection range 201 shown in FIG. 2) by the human body detection unit 501 of the main body 310 (step S401: Yes), the process proceeds to step S402. .. When the human body detection unit 501 detects a person, the human body detection unit 501 notifies the power state control unit 502 of the detection information, and further, the radio authentication unit 512 and the image authentication unit 515 via the inter-device communication unit 505 and the communication path 350. Notify to. When a person is not detected (step S401: No), the human body detection unit 501 continues the human detection operation.

<Step S402>
The power state control unit 502 of the main body 310 cancels the power saving state of the main body 310 and the operation unit 330. For example, the power state control unit 502, for the operation unit 330, notifies the operation unit 330 of the return command via the inter-device communication unit 505 and the communication path 350, so that the operation unit 330 is normally moved from the power saving state. Return to the state. As a result, the wireless authentication process of the wireless authentication unit 512 shown in FIG. 11 and the image authentication process by the image authentication unit 515 shown in FIG. 12 can be executed. Then, the process proceeds to step S403.

<Step S403>
The wireless communication unit 511 and the wireless authentication unit 512 of the operation unit 330 execute, for example, the wireless authentication process as shown in FIG. Here, when the user 106 having the RFID tag 105 enters the sensor detection range 201 shown in FIG. 2, is detected by the human body detection unit 501, and then further enters the radio wave detection range 202, the wireless communication unit 511 enters. The radiated radio waves enable wireless communication between the wireless communication unit 511 and the RFID tag 105.

Here, when the wireless authentication unit 512 permits the authentication of the RFID tag 105 by the wireless authentication process, the information indicating that the processing result of the wireless authentication process is "OK" and the use of the RFID tag 105 for which the authentication is permitted It is assumed that the identification information of the person (for example, the "user number" shown in FIG. 6) is output to the authentication unit 516. On the other hand, when the wireless authentication unit 512 does not allow the authentication of the RFID tag 105 by the wireless authentication process, the wireless authentication unit 512 shall output the information indicating that the processing result of the wireless authentication process is "NG" to the authentication unit 516. Then, the process proceeds to step S405.

<Step S404>
The image pickup unit 513, the feature information extraction unit 514, and the image authentication unit 515 of the operation unit 330 execute, for example, an image authentication process as shown in FIG. Here, when the image authentication unit 515 permits the authentication of the user included in the captured image by the image authentication process, the information indicating that the processing result of the image authentication process is "OK" and the use for which the authentication is permitted. It is assumed that the identification information of the person (for example, the "user number" shown in FIG. 6) is output to the authentication unit 516. On the other hand, when the image authentication unit 515 does not allow the authentication of the user included in the captured image by the image authentication process, the image authentication unit 515 outputs information indicating that the processing result of the image authentication process is "NG" to the authentication unit 516. It shall be. Then, the process proceeds to step S405.

<Step S405>
When the wireless authentication process and the image authentication process are completed, the authentication unit 516 is "OK" (permitted) as a result of the wireless authentication process based on the information output from the wireless authentication unit 512 and the image authentication unit 515. , It is determined whether or not the result of the image authentication process is "OK" (permission). When both the result of the wireless authentication process and the result of the image authentication process are "OK" (permission) (step S405: Yes), the process proceeds to step S406. On the other hand, if either the result of the wireless authentication process or the result of the image authentication process is not "OK" (permitted) (step S405: No), the process proceeds to step S408.

<Step S406>
In the authentication unit 516, is the user of the RFID tag 105 whose wireless authentication process is "OK" in step S403 and the user whose image authentication process is "OK" in step S404 are the same user? Judge whether or not. For example, the authentication unit 516 determines whether or not the user identification information output from the wireless authentication unit 512 and the user identification information output from the image authentication unit 515 match. When the user identification information output from the wireless authentication unit 512 and the user identification information output from the image authentication unit 515 match (step S406: Yes), the process proceeds to step S407. On the other hand, if the user identification information output from the wireless authentication unit 512 and the user identification information output from the image authentication unit 515 do not match (step S406: No), the process proceeds to step S408.

<Step S407>
When the authentication unit 516 determines that the user identification information output from the wireless authentication unit 512 and the user identification information output from the image authentication unit 515 match, the user's image forming apparatus 101 is reached. Allow login. As a result, the user can use the image forming apparatus 101. Then, the authentication process is terminated.

<Step S408>
The power state control unit 502 releases the power saving state of the main body 310 and the operation unit 330 in step S402 (that is, after the human body detection unit 501 detects a person), and then a predetermined time (for example, 5 minutes). Determines whether or not has passed. Further, the operation unit 330 determines whether or not there is an operation input from the user (user 106) for the above-mentioned predetermined time. If there is no operation input from the user and a predetermined time has elapsed (step S408: Yes), the process proceeds to step S409. On the other hand, if there is an operation input from the user, or if the predetermined time has not elapsed (step S408: No), the process returns to steps S403 and S404, and the same process is repeated.

<Step S409>
The power state control unit 502 shifts the main body 310 and the operation unit 330 to the power saving state. For example, the power state control unit 502 may save the operation unit 330 from the normal state by notifying the operation unit 330 of the operation unit 330 via the inter-device communication unit 505 and the communication path 350. Move to the state.

By the operation of the above steps S401 to S409, the authentication process is executed by the image forming apparatus 101. If both wireless authentication and image authentication are permitted in step S407, in principle, all applications can be started. However, in the present embodiment, as described above in FIG. 8, the authentication setting information 700 defines the type of authentication that requires permission according to the machine density for each application, and if the application has not so high machine density, the authentication type is defined. If some authentication (for example, wireless authentication) is permitted, the application can be started. As a result, it is possible to improve the usability of the application by making it possible to use some applications even if the specific authentication that takes time is not completed.

(Error screen display processing when starting the application)
Next, with reference to FIGS. 15 to 20, when the application icon is pressed, an operation of displaying an error screen when the application cannot be started due to the authentication status will be described.

FIG. 15 is a sequence diagram showing an example of an error screen display process indicating that the image authentication process is being executed. FIG. 16 is a diagram showing an example of an error screen indicating that the image authentication process is being executed. A display process for displaying an error screen indicating that the image authentication process is being performed when the application icon is pressed will be described with reference to FIGS. 15 and 16. It is assumed that the application icons of the application A, the application B, and the application C are displayed on the home screen displayed on the display unit 524, respectively.

<Step S501>
It is assumed that the user 106 approaches the image forming apparatus 101 in order to use the image forming apparatus 101 and enters the sensor detection range 201.

<Step S502>
The human body detection unit 501 of the main body 310 detects the user 106 who has entered the sensor detection range 201.

<Steps S503 and S504>
The human body detection unit 501 notifies the wireless authentication unit 512 and the image authentication unit 515 of the operation unit 330 via the inter-device communication unit 505 and the communication path 350 with the detection information indicating that the user 106 has been detected.

<Step S505>
Upon receiving the detection information, the image authentication unit 515 starts the image authentication process as shown in FIG. 12, for example, for the user 106.

<Step S506>
When the user 106 enters the wireless detection range 202, the wireless communication unit 511 of the operation unit 330 receives the identification information (radio tag ID) from the wireless tag (RFID tag 105).

<Step S507>
The wireless authentication unit 512 executes, for example, a wireless authentication process as shown in FIG.

<Step S508>
When the RFID tag 105 is authenticated by the wireless authentication process, the wireless authentication unit 512 indicates information indicating that the processing result of the wireless authentication process is "OK" and the user of the RFID tag 105 for which the authentication is permitted. Information (for example, user identification information such as the "user number" shown in FIG. 6) is output to the authentication unit 516.

<Step S509>
When the authentication unit 516 receives the information indicating that the processing result of the wireless authentication process is "OK" and the information indicating the user from the wireless authentication unit 512, the processing result of the wireless authentication process is "OK". Information indicating that is sent to the application activation management unit 522.

<Step S510>
When the application activation management unit 522 receives the information indicating that the processing result of the wireless authentication process is "OK" and confirms that the image authentication process is still being executed, the authentication stored in the storage unit 518 is performed. Refer to the setting information 700 to identify an application that cannot be started unless image authentication is permitted. For example, in the example of the authentication setting information 700 shown in FIG. 8, the applications that cannot be started unless image authentication is permitted are "app C" and "app X". However, since only the application icons of the applications A to C are handled here, the application activation management unit 522 specifies "application C" as an application that cannot be started unless image authentication is permitted.

In addition, the application activation management unit 522 also identifies an application that can be activated only with the permission of wireless authentication. For example, in the example of the authentication setting information 700 shown in FIG. 8, the applications that can be started only by the permission of wireless authentication are "app A" and "app B". However, in reality, "App A" can be started without permission of wireless authentication, but the application activation management unit 522 can start "App A" and "App B" only with permission of wireless authentication. To identify.

Then, since the application activation management unit 522 cannot activate the "application C" because the image authentication process is being executed, the application icon corresponding to the "application C" is half-brightened (grayed out, inactive display). A display command to be displayed as an icon of is sent to the display control unit 523. In addition, since the application activation management unit 522 can activate "App A" and "App B" because wireless authentication is permitted, the application icons corresponding to "App A" and "App B" are usually set respectively. A display command to be displayed as a brightness icon is sent to the display control unit 523.

<Step S511>
The display control unit 523 displays the application icon of "App C" on the home screen displayed on the display unit 524 in half-brightness according to the received display command, and displays the application icons of "App A" and "App B". Each is displayed at normal brightness (see FIG. 9).

<Step S512>
Next, the image authentication process is still being executed, and the user 106 presses and operates the application icon of "App C" displayed in half brightness among the application icons displayed on the display unit 524. do.

<Step S513>
The application activation management unit 522 refers to the authentication setting information 700, and specifies that the authentication that requires permission to activate the pressed "application C" is the wireless authentication and the image authentication. The application startup management unit 522 determines that the application icon of the pressed "application C" is an icon displayed in half-brightness, so that the "application C" cannot be started, and the image authentication process is performed. When it is confirmed that the application is being executed, for example, a display command for displaying at least an error screen 851 (an example of information indicating the authentication status) indicating that the image authentication process is being executed as shown in FIG. 16 is displayed. It is sent to the control unit 523. In the error screen 851 shown in FIG. 16, image authentication is expressed as "face authentication". Further, when the "Cancel" button on the error screen 851 is pressed, the activation of "App C" can be canceled.

<Step S514>
The display control unit 523 causes the display unit 524 to display the error screen 851 according to the received display command. In this way, by displaying an error screen indicating that the image authentication process is being executed, the user 106 grasps the reason why the application corresponding to the pressed application icon (here, "application C") cannot be started. You can take measures such as keeping your face facing the camera 340 so that the image authentication process ends normally.

<Step S515>
When the image authentication unit 515 permits the authentication of the user 106 included in the captured image by the image authentication process, the information indicating that the processing result of the image authentication process is "OK" and the user whose authentication is permitted are obtained. The indicated information (for example, user identification information such as the "user number" shown in FIG. 6) is output to the authentication unit 516.

<Step S516>
When the authentication unit 516 receives the information indicating that the processing result of the image authentication process is "OK" and the information indicating the user from the image authentication unit 515, the processing result of the image authentication process is "OK". Information indicating that is sent to the application activation management unit 522.

<Step S517>
When the authentication unit 516 determines that the user identification information output from the wireless authentication unit 512 and the user identification information output from the image authentication unit 515 match, the user's image forming apparatus 101 is reached. Allow login.

<Step S518>
When the application activation management unit 522 receives the information indicating that the processing result of the image authentication process is "OK", the application activation management unit 522 sends a release command for canceling the display of the error screen 851 to the display control unit 523.

<Step S519>
The display control unit 523 cancels the display of the error screen 851 on the display unit 524 according to the received release command.

<Step S520>
The application activation management unit 522 has received the information indicating that the processing result of the image authentication process is "OK", so that the application corresponding to the application icon pressed in step S512 can be activated. Judgment is made, and an activation command is sent to the application (referred to as application 550 in the example of FIG. 15).

<Step S521>
The application 550 is started according to the start command.

<Step S522>
The user 106 performs a print start operation, for example, in order to use the print function of the activated application 550.

<Steps S523 to S525>
The application 550 starts the printing process according to the printing start operation, and transmits the print job to the main body 310 via the inter-device communication unit 519 and the communication path 350. The image forming unit 503 of the main body 310 performs a printing operation based on the received print job.

By the flow of the above steps S501 to S525, the error screen indicating that the image authentication process is being executed when the application icon displayed at half brightness is pressed while the image authentication process is being executed is performed.

In the sequence diagram of FIG. 15, after the image authentication process is completed, the application corresponding to the pressed application icon is automatically started without reoperation by the user 106, but this is limited to this. It's not something. That is, after the display of the error screen is canceled after the image authentication process is completed, the application icon of the target application is switched to the normal brightness on the home screen, and it is determined by the user 106 that the application can be started, the user 106 The application may be started by the operation of pressing the application icon again by.

FIG. 17 is a sequence diagram showing an example of display processing of an error screen indicating an image authentication failure. FIG. 18 is a diagram showing an example of an error screen indicating an image authentication failure. With reference to FIGS. 17 and 18, a display process for displaying an error screen indicating that the image authentication has failed when the application icon is pressed when the image authentication has failed will be described. It is assumed that the application icons of the application A, the application B, and the application C are displayed on the home screen displayed on the display unit 524, respectively.

<Steps S601 to S611>
Each process of steps S601 to S611 is the same as each process of steps S501 to S511 shown in FIG.

<Step S612>
The image authentication unit 515 assumes that the image authentication has failed in the image authentication process. For example, in the image authentication unit 515, when the face image of the user 106 is not detected by the feature information extraction unit 514, or the feature information of the face image of the user 106 extracted by the feature information extraction unit 514 is the user information. If it is not registered in a520 or user information A506, it is treated as a failure of image authentication.

<Step S613>
The image authentication unit 515 sends an authentication result including the fact that the image authentication has failed to the application activation management unit 522.

<Step S614>
Next, it is assumed that the user 106 presses and operates the application icon of "application C" displayed in half-luminance among the application icons displayed on the display unit 524.

<Step S615>
The application activation management unit 522 refers to the authentication setting information 700, and specifies that the authentication that requires permission to activate the pressed "application C" is the wireless authentication and the image authentication. The application startup management unit 522 determines that the corresponding application cannot be started because the application icon of the pressed "application C" is an icon displayed in half-brightness, and the image authentication process fails. After confirming that, for example, a display command for displaying at least an error screen 852 (an example of information indicating the authentication status) indicating that the image authentication process has failed as shown in FIG. 18 is sent to the display control unit 523. .. In the error screen 852 shown in FIG. 18, image authentication is expressed as "face authentication". Further, when the "Cancel" button on the error screen 852 is pressed, the activation of "App C" can be canceled.

<Step S616>
The display control unit 523 causes the display unit 524 to display the error screen 852 according to the received display command. In this way, by displaying an error screen indicating that the image authentication process has failed, the user 106 can grasp the reason why the application corresponding to the pressed application icon (here, "application C") cannot be started. Then, it is possible to take measures such as turning one's face toward the camera 340 so that the image authentication process is performed again.

According to the flow of the above steps S601 to S616, an error screen indicating that the image authentication process has failed when the application icon displayed at half brightness is pressed in the state where the image authentication process has failed is displayed.

FIG. 19 is a sequence diagram showing an example of an error screen display process for prompting image authentication. FIG. 20 is a diagram showing an example of an error screen prompting image authentication. A display process for displaying an error screen indicating that the image authentication process has not been performed will be described with reference to FIGS. 19 and 20. It is assumed that the application icons of the application A, the application B, and the application C are displayed on the home screen displayed on the display unit 524, respectively.

<Steps S701 to S704>
Each process of steps S701 to S704 is the same as each process of steps S501 to S504 shown in FIG.

<Step S705>
When the user 106 enters the wireless detection range 202, the wireless communication unit 511 of the operation unit 330 receives the identification information (radio tag ID) from the wireless tag (RFID tag 105).

<Step S706>
The wireless authentication unit 512 executes, for example, a wireless authentication process as shown in FIG.

<Step S707>
When the RFID tag 105 is authenticated by the wireless authentication process, the wireless authentication unit 512 indicates information indicating that the processing result of the wireless authentication process is "OK" and the user of the RFID tag 105 for which the authentication is permitted. Information (for example, user identification information such as the "user number" shown in FIG. 6) is output to the authentication unit 516.

<Step S708>
When the authentication unit 516 receives the information indicating that the processing result of the wireless authentication process is "OK" and the information indicating the user from the wireless authentication unit 512, the processing result of the wireless authentication process is "OK". Information indicating that is sent to the application activation management unit 522.

<Step S709>
When the application activation management unit 522 receives the information indicating that the processing result of the wireless authentication process is "OK" and confirms that the image authentication process has not been executed yet, the authentication stored in the storage unit 518 is performed. Refer to the setting information 700 to identify an application that cannot be started unless image authentication is permitted. For example, in the example of the authentication setting information 700 shown in FIG. 8, the applications that cannot be started unless image authentication is permitted are "app C" and "app X". However, since only the application icons of the applications A to C are handled here, the application activation management unit 522 specifies "application C" as an application that cannot be started unless image authentication is permitted.

In addition, the application activation management unit 522 also identifies an application that can be activated only with the permission of wireless authentication. For example, in the example of the authentication setting information 700 shown in FIG. 8, the applications that can be started only by the permission of wireless authentication are "app A" and "app B". However, in reality, "App A" can be started without permission of wireless authentication, but the application activation management unit 522 can start "App A" and "App B" only with permission of wireless authentication. To identify.

Then, since the application activation management unit 522 cannot start the "application C" because the image authentication process is being executed, the application icon corresponding to the "application C" is half-brightened (grayed out, inactive display). A display command to be displayed as an icon of is sent to the display control unit 523. In addition, since the application activation management unit 522 can activate "App A" and "App B" because wireless authentication is permitted, the application icons corresponding to "App A" and "App B" are usually set respectively. A display command to be displayed as a brightness icon is sent to the display control unit 523.

<Step S710>
The display control unit 523 displays the application icon of "App C" on the home screen displayed on the display unit 524 in half-brightness according to the received display command, and displays the application icons of "App A" and "App B". Each is displayed at normal brightness (see FIG. 9).

<Step S711>
Next, the image authentication process has not been executed yet, and the user 106 presses the application icon of "App C" displayed in half brightness among the application icons displayed on the display unit 524. It shall be assumed that it was done.

<Step S712>
The application activation management unit 522 refers to the authentication setting information 700, and specifies that the authentication that requires permission to activate the pressed "application C" is the wireless authentication and the image authentication. The application startup management unit 522 determines that the application icon of the pressed "application C" is an icon displayed in half-brightness, so that the "application C" cannot be started, and the image authentication process is performed. After confirming that it has not been executed yet, for example, a display command for displaying an error screen 853 (an example of information indicating the authentication status) indicating that at least the image authentication process has not been performed as shown in FIG. 20 is displayed. It is sent to the display control unit 523. In the error screen 853 shown in FIG. 20, image authentication is expressed as "face authentication". Further, when the "confirmation" button of the error screen 853 is pressed, the display of the error screen 853 can be canceled.

<Step S713>
The display control unit 523 causes the display unit 524 to display the error screen 853 according to the received display command. In this way, by displaying an error screen indicating that the image authentication process has not been performed, the user 106 grasps the reason why the application corresponding to the pressed application icon (here, "application C") cannot be started. You can take measures such as keeping your face facing the camera 340 so that the image authentication process is executed.

<Step S714>
When the image authentication unit 515 receives the detection information and the feature information extraction unit 514 extracts the feature information of the face image from the captured image, the image authentication process for the user 106, for example, as shown in FIG. (Specifically, steps S204 to S206) are started.

<Step S715>
When the image authentication unit 515 permits the authentication of the user 106 included in the captured image by the image authentication process, the information indicating that the processing result of the image authentication process is "OK" and the user for which the authentication is permitted are obtained. The indicated information (for example, user identification information such as the "user number" shown in FIG. 6) is output to the authentication unit 516.

<Step S716>
When the authentication unit 516 receives the information indicating that the processing result of the image authentication process is "OK" and the information indicating the user from the image authentication unit 515, the processing result of the image authentication process is "OK". Information indicating that is sent to the application activation management unit 522.

<Step S717>
When the authentication unit 516 determines that the user identification information output from the wireless authentication unit 512 and the user identification information output from the image authentication unit 515 match, the user's image forming apparatus 101 is reached. Allow login.

<Step S718>
When the application activation management unit 522 receives the information indicating that the processing result of the image authentication processing is "OK", the application icon displayed as a half-brightness icon on the home screen (here, "application C"). A half-brightness release command for canceling the half-brightness state of the corresponding application icon) and displaying it as a normal brightness icon is sent to the display control unit 523. If the error screen 853 is still displayed on the display unit 524 at this point, the application activation management unit 522 sends a release command for canceling the display of the error screen 853 to the display control unit 523. May be.

<Step S719>
The display control unit 523 cancels the half-brightness state of the application icon (here, the application icon corresponding to "App C") displayed as the half-brightness icon on the home screen according to the received half-brightness release command. Displayed as a normal brightness icon.

<Step S720>
When the user 106 confirms that the application icon of "App C", which was in the half-brightness state, has changed to the normal brightness state on the home screen displayed on the display unit 524, the user 106 presses the application icon. ..

<Step S721>
The application activation management unit 522 refers to the authentication setting information 700, identifies that the authentications that require permission to activate the pressed "application C" are wireless authentication and image authentication, and either authentication is used. After confirming that it is permitted, a start command is sent to the application 550 corresponding to the application icon of "App C".

<Step S722>
The application 550 is started according to the start command.

According to the flow of steps S701 to S722 above, an error screen display process indicating that the image authentication process is not performed when the application icon displayed in half brightness is pressed while the image authentication process is not executed. Is done.

As described above, the authentication setting information (for example, the authentication setting information 700 shown in FIG. 8) defines the type of authentication that requires permission according to the sensitivity of each application, even if the application is not so high in sensitivity. For example, if some authentication (for example, wireless authentication) is permitted, the application can be started. As a result, it is possible to improve the usability of the application by making it possible to use some applications even if the specific authentication that takes time is not completed. In particular, an app that does not require image authentication and can be started only with the permission of wireless authentication can be started only with the permission of wireless authentication without performing image authentication, which takes longer than wireless authentication, so the waiting time until the application is started. Can be shortened.

In addition, the display mode of the application icon on the home screen for starting the application is changed depending on the state of each authentication (for example, permission, failure, authentication processing is in progress, and authentication processing has not been executed yet). It is supposed to be. For example, if all the authentications required to start the app are not permitted, the half-brightness app icon is displayed, and if all are permitted, the normal-brightness app icon is displayed. It is supposed to be. This allows the user to determine whether each application can be started or cannot be started.

In addition, when the application icon in the half-brightness display state indicating that it cannot be started is pressed, the authentication status that requires permission (for example, the authentication is being performed, the authentication has failed, and the authentication process is being executed). An error screen (an example of information indicating the authentication status) indicating the status of authentication is displayed. As a result, the user can understand the reason why the application corresponding to the pressed application icon cannot be started, and can take measures such that the necessary authentication process is permitted.

(Supplement to the embodiment)
In the above-described embodiment, the main body 310 and the operation unit 330 operate independently of each other in different operating systems, but the present invention is not limited to this, and for example, the main body 310 and the operation unit 330 May be in the form of operating on the same operating system.

Further, in the above-described embodiment, when at least one of the functional units of the image forming apparatus 101 is realized by executing a program, the program is provided by being incorporated in a ROM or the like in advance. Further, the program executed by the image forming apparatus 101 according to the above-described embodiment is a file in an installable format or an executable format, such as a CD-ROM (Computer Disc Read Only Memory), a flexible disk (FD), or a CD-. It may be configured to be recorded and provided on a computer-readable recording medium such as R (Compact Disk-Recordable) or DVD (Digital Versaille Disc). Further, the program executed by the image forming apparatus 101 of the above-described embodiment may be stored on a computer connected to a network such as the Internet and provided by downloading via the network. Further, the program executed by the image forming apparatus 101 of the above-described embodiment may be configured to be provided or distributed via a network such as the Internet. Further, the program executed by the image forming apparatus 101 of the above-described embodiment has a module configuration including at least one of the above-mentioned functional units, and the CPU 311 or the CPU 331 stores the above-mentioned storage as the actual hardware. By reading a program from a device (for example, ROM 312, ROM 332, storage 314, flash memory 334, etc.) and executing the program, each of the above-mentioned functional units is loaded and generated on the main storage device (for example, RAM 313, RAM 333, etc.). It has become so.

100 Information information system 101 Image forming device 102 Camera 103 RFID tag reader 104 Human body detection sensor 105 RFID tag 106 User 201 Sensor detection range 202 Wireless detection range 203 Image authentication range 310 Main unit 311 CPU
312 ROM
313 RAM
314 storage 315 communication I / F
316 connection I / F
317 Engine unit 318 Human body detection sensor 319 System bus 330 Operation unit 331 CPU
332 ROM
333 RAM
334 Flash memory 335 Communication I / F
336 Operation panel 337 Connection I / F
338 External connection I / F
339 Near field communication device 340 Camera 341 System bus 350 Communication path 360 Network 411 App layer 412 Service layer 413 OS layer 431 App layer 432 Service layer 433 OS layer 501 Human body detection unit 502 Power status control unit 503 Image formation unit 504 Storage unit 505 Inter-device communication unit 506 User information A
507 External communication unit 511 Wireless communication unit 512 Wireless authentication unit 513 Imaging unit 514 Feature information extraction unit 515 Image authentication unit 516 Authentication unit 517 User information management unit 518 Storage unit 518 Inter-device communication unit 520 User information a
521 External communication unit 522 App startup management unit 523 Display control unit 524 Display unit 550 App 601 and 602 User information 700 Authentication setting information 801 and 802 Home screen 851 to 853 Error screen 901 to 903 App icon 1001 Captured image 1002 User 1003 Face image 1004 Contour 1005 Eye 1006 Nose

Japanese Unexamined Patent Publication No. 2015-127893

Claims (4)

Multiple authentication units that perform multiple types of authentication for users,
When a start operation for starting a specific application is input by the operation unit, the authentication setting information to which the authentication that requires permission for start is assigned to each application is referred to, and the specific application is started. With a specific part that identifies the authentication required for
When the authentication is permitted by the authentication unit that performs the authentication specified by the specific unit, the activation unit that starts the specific application and the activation unit.
A display control unit that displays an icon for starting each application on the display unit,
Equipped with
The display control unit displays the icon on the display unit with the first brightness when all the authentications assigned by the authentication setting information to the application corresponding to the icon are permitted. If at least one of all the authentications is not permitted, the display unit is displayed with a second brightness lower than the first brightness.
In the display control unit, at least a part of the authentications assigned by the authentication setting information to the specific application is not permitted, so that the icon of the specific application is the second. When the activation operation is input by the operation unit in the case of being displayed on the display unit with the brightness of the above, information indicating the state of the partial authentication is displayed on the display unit, and the specific application is displayed. On the other hand, when all the authentications assigned by the authentication setting information are permitted, the display of the information indicating the status of some of the authentications is canceled .
When the activation operation is input by the operation unit while the partial authentication process is being executed, the display control unit performs the partial authentication as information indicating the state of the partial authentication. An information processing device that displays information indicating that the process of is being executed on the display unit. An information processing system that authenticates users
A plurality of authentication units that perform a plurality of types of authentication to the user, and
When a start operation for starting a specific application is input by the operation unit, the authentication setting information to which the authentication that requires permission for start is assigned to each application is referred to, and the specific application is started. With a specific part that identifies the authentication required for
When the authentication is permitted by the authentication unit that performs the authentication specified by the specific unit, the activation unit that starts the specific application and the activation unit.
A display control unit that displays an icon for starting each application on the display unit,
Have,
The display control unit displays the icon on the display unit with the first brightness when all the authentications assigned by the authentication setting information to the application corresponding to the icon are permitted. If at least one of all the authentications is not permitted, the display unit is displayed with a second brightness lower than the first brightness.
In the display control unit, at least a part of the authentications assigned by the authentication setting information to the specific application is not permitted, so that the icon of the specific application is the second. When the activation operation is input by the operation unit in the case of being displayed on the display unit with the brightness of the above, information indicating the state of the partial authentication is displayed on the display unit, and the specific application is displayed. On the other hand, when all the authentications assigned by the authentication setting information are permitted, the display of the information indicating the status of some of the authentications is canceled .
When the activation operation is input by the operation unit while the partial authentication process is being executed, the display control unit performs the partial authentication as information indicating the state of the partial authentication. An information processing system that displays information indicating that the processing of is being executed on the display unit . Multiple authentication steps that perform multiple types of authentication for each user,
When a start operation for starting a specific application is input by the operation unit, the authentication setting information to which the authentication that requires permission for start is assigned to each application is referred to, and the specific application is started. With specific steps to identify the required authentication for
If the specified authentication is granted, the launch step to launch the specific application and
A display control step for displaying an icon for starting each application on the display unit, and
Have,
In the display control step,
When all the authentications assigned by the authentication setting information are permitted to the application corresponding to the icon, the icon is displayed on the display unit with the first brightness, and at least of all the authentications. If any of the authentications is not permitted, the display unit is displayed with a second brightness lower than that of the first brightness.
Of the authentications assigned by the authentication setting information to the specific application, at least a part of the authentications are not permitted, so that the icon of the specific application is displayed with the second brightness. When the activation operation is input by the operation unit, information indicating the state of the partial authentication is displayed on the display unit, and the authentication setting information is displayed for the specific application. If all the authentications assigned by are permitted, the display of the information indicating the status of some of the authentications is canceled .
When the activation operation is input by the operation unit while the partial authentication process is being executed, the partial authentication process is being executed as information indicating the state of the partial authentication. An information processing method for displaying information indicating a certain condition on the display unit . On the computer
Multiple authentication steps that perform multiple types of authentication for each user,
When a start operation for starting a specific application is input by the operation unit, the authentication setting information to which the authentication that requires permission for start is assigned to each application is referred to, and the specific application is started. With specific steps to identify the required authentication for
If the specified authentication is granted, the launch step to launch the specific application and
A display control step for displaying an icon for starting each application on the display unit, and
To execute,
In the display control step,
When all the authentications assigned by the authentication setting information are permitted to the application corresponding to the icon, the icon is displayed on the display unit with the first brightness, and at least of all the authentications. If any of the authentications is not permitted, the display unit is displayed with a second brightness lower than that of the first brightness.
Of the authentications assigned by the authentication setting information to the specific application, at least a part of the authentications are not permitted, so that the icon of the specific application is displayed with the second brightness. When the activation operation is input by the operation unit, information indicating the state of the partial authentication is displayed on the display unit, and the authentication setting information is displayed for the specific application. If all the authentications assigned by are permitted, the display of the information indicating the status of some of the authentications is canceled .
When the activation operation is input by the operation unit while the partial authentication process is being executed, the partial authentication process is being executed as information indicating the state of the partial authentication. A program for displaying information indicating the existence on the display unit .

Images