JP7059716B2 - Authentication system - Google Patents

Description

The present invention relates to an authentication method, an authentication device and an authentication system.

In recent years, due to enhanced security, on-demand printing has been adopted in which when a document is printed from a user terminal, it is once stored in a printer or an MFP (Multi-Function Printer) and printed by operating a device. In addition, on-demand printing can further prevent information leakage by printing after logging in to the device.

For example, Patent Document 1 discloses an output system that can simplify the procedure for outputting the input data from the output device.
However, for example, the on-demand printing of Patent Document 1 does not change the authentication method according to the device, and depending on the installation location of the device, it may be preferable to add the authentication procedure or it may be redundant, and the installation location. An authentication method according to the above has been desired.

An object of the present invention is to enhance security by an authentication method according to a place where a device is placed.

In order to solve the above-mentioned problems, the authentication system of the present invention is used.
An authentication system including an authentication device, an output device that outputs a job, and an output control device that controls the output device.
The authentication device is
A receiving unit that receives the first authentication information received by the output device, and
A first authentication unit that executes user authentication based on the first authentication information received by the receiving unit, and a first authentication unit.
A determination unit that determines whether or not a second authentication information is required based on the position information of the output device, and a determination unit.
When it is determined that the second authentication information is required, a transmission unit that transmits security information for requesting the output device to input the second authentication information, and a transmission unit.
A second authentication unit that receives the second authentication information from the output device and executes user authentication based on the second authentication information.
It has a position information of the output device, the first authentication information, and a security information holding unit that holds the stages of the authentication method in association with each other.
The output device is
It has an input receiving unit that accepts inputs of the first authentication information and the second authentication information.
The output control device is
It has a job storage unit that stores the first authentication information in association with the job.
The stage of the authentication method is a first authentication method in which the first authentication is performed by the first authentication information, and a second authentication method in which the second authentication is performed by the second authentication information after the first authentication. Information that specifies one of an authentication method and a third authentication method that requires the input of a third authentication information in the output of the job in addition to the first authentication and the second authentication.
The security information includes information requesting the input of the third authentication information in the output of the job.
The input receiving unit shall prompt the input of the third authentication information before outputting the job.

According to the present invention, security can be enhanced by an authentication method according to the place where the device is arranged.

It is a figure explaining the configuration example of the printing system which concerns on this embodiment. It is a figure explaining the hardware configuration example of the computer system which concerns on this embodiment. It is a figure explaining the hardware configuration example of the MFP which concerns on this embodiment. It is a figure explaining an example of the processing block of the authentication server which concerns on this embodiment. It is a figure explaining an example of the processing block of the information server which concerns on this embodiment. It is a figure explaining an example of the processing block of the MFP which concerns on this embodiment. It is a figure explaining an example of the processing block of the print server which concerns on this embodiment. It is a flowchart explaining the operation example of the login process by the MFP. It is a flowchart explaining the operation example of the user authentication processing by the MFP. It is a flowchart explaining the operation example of the job printing process by the MFP. It is a sequence diagram explaining the operation example that UserA prints a job in a private room of UserA. It is a figure explaining an example of the security information of the MFPA in the private room of UserA stored in the information server. It is a sequence diagram explaining the operation example that UserB prints a job in a private room of UserA. It is a sequence diagram explaining the operation example that UserZ prints a job in a private room of UserA. It is a sequence diagram explaining the operation example that UserA prints a job in a public space. It is a sequence diagram explaining the case where a job cannot be printed in a public space. It is a figure explaining the configuration example of the location management system to which the authentication method is applied.

Hereinafter, embodiments will be described with reference to the drawings. For the sake of clarity, the following description and drawings have been omitted or simplified as appropriate. In each drawing, components and corresponding parts having the same configuration or function are designated by the same reference numerals, and the description thereof will be omitted.

Embodiment 1.
<System configuration>
FIG. 1 is a diagram illustrating a configuration example of a printing system according to the present embodiment. In the print system 1, one or more MFPs 10, a user terminal 20, an authentication server 30, an information server 40, a print server 50, and a wireless communication device 60 are connected to a network N1 such as a LAN (Local Area Network) or the Internet. The configuration is shown as an example.

The MFP 10 is an example of an output device. The MFP 10 has a means of wireless communication or a means of wired communication. The MFP 10 is an image forming apparatus that performs processing related to image forming, such as a multifunction device, a copier, a scanner, a printer, and a laser printer.
The MFP 10 is provided with a job list from the print server 50. Further, the MFP 10 acquires the job selected by the user from the job list from the print server 50 and prints it.

The user terminal 20 is an example of a terminal device. The user terminal 20 can be realized by an information processing device (computer system) equipped with a general OS (Operating System) or the like. The user terminal 20 has a means of wireless communication or a means of wired communication. The user terminal 20 is a terminal that can be operated by a user, such as a computer, a personal computer (PC), a tablet PC, or a notebook PC. Further, the user terminal 20 may be a mobile terminal. The mobile terminal has a means of wireless communication or a means of wired communication. The mobile terminal is a terminal that can be carried (movable) by the user, such as a smartphone, a mobile phone, a tablet PC, or a notebook PC.

The authentication server 30 is an example of a second authentication unit (second authentication device). The authentication server 30 receives a login request from the user terminal 20, MFP 10, and the like, and performs user authentication (second authentication process).
The information server 40 is an example of a first authentication unit (first authentication device). The information server 40 receives a user authentication request from the user terminal 20, MFP 10, and the like, and performs user authentication (first authentication process) based on the user information (for example, user ID). Further, the information server 40 retains and manages information (for example, security level) for setting an authentication method when the user uses the MFP 10 or the user terminal 20.

The print server 50 is an example of a print control device. The print server 50 accepts job input from the user terminal 20 or the like by uploading a job using a Web page, sending a job using e-mail, or the like. The print server 50 may store the accepted job in the external storage or the database, or may store it in the internal storage or the database. Further, the print server 50 provides a job list and jobs to the MFP 10.

The wireless communication device 60 is a device that performs wireless communication with a wireless tag or the like according to a predetermined wireless communication standard.

In the present embodiment, an embodiment of the authentication method according to the embodiment of the present invention will be described in the above-mentioned configuration example of the printing system. In the present specification, the device is a device that requests user authentication from the information server 40, and is, for example, an output device such as an MFP 10 or a terminal device such as a user terminal 20.

For the authentication method, for example, each of the following steps is executed.
-The device accepts the input of the first authentication information (first acceptance step).
-The information server 40 receives the first authentication information from the device and executes user authentication based on the first authentication information (first authentication step). Further, the information server 40 determines whether or not the second authentication information is required based on the location information of the device (determination step), and if it is determined that the second authentication information is required, the information server 40 determines whether or not the second authentication information is required. The security information for requesting the input of the second authentication information is transmitted (transmission step).
-The device receives the security information and accepts the input of the second authentication information (second acceptance step).
-The authentication server 30 receives the second authentication information from the device and executes user authentication based on the second authentication information (second authentication step).

<Hardware configuration>
The user terminal 20, the authentication server 30, the information server 40, and the print server 50 of FIG. 1 are realized by, for example, a computer system having a hardware configuration as shown in FIG. FIG. 2 is a diagram illustrating an example of hardware configuration of a computer system according to the present embodiment.

The computer system 100 shown in FIG. 2 includes an input device 101, a display device 102, an external I / F 103, a RAM (Random Access Memory) 104, a ROM (Read Only Memory) 105, a CPU (Central Processing Unit) 106, and a communication I /. It includes an F107, an HDD (Hard Disk Drive) 108, and the like, and each is connected to each other by a bus B.

The input device 101 is, for example, a keyboard, a mouse, or a touch panel, and is used for a user to input each operation signal. The display device 102 is, for example, a display, and displays a processing result by the computer system 100.

The communication I / F 107 is an interface for connecting the computer system 100 to the network N1. As a result, the computer system 100 can perform data communication via the communication I / F 107.

The HDD 108 is a non-volatile storage device that stores programs and data. The stored programs and data include, for example, an OS that is basic software that controls the entire computer system 100, application software that provides various functions on the OS, and the like. The HDD 108 manages the stored programs and data by a predetermined file system and / or a DB (database).

The external I / F 103 is an interface with an external device. The external device includes a recording medium 103a and the like. As a result, the computer system 100 can read and / or write to the recording medium 103a via the external I / F 103. The recording medium 103a includes a flexible disk, a CD (Compact Disk), a DVD (Digital Versatile Disk), an SD memory card (SD Memory card), a USB memory (Universal Serial Bus memory), and the like.

The ROM 105 is a non-volatile semiconductor memory (storage device) capable of holding programs and data even when the power is turned off. The ROM 105 stores programs and data such as BIOS (Basic Input / Output System), OS settings, and network settings that are executed when the computer system 100 is started. The RAM 104 is a volatile semiconductor memory (storage device) that temporarily holds programs and data.

The CPU 106 is an arithmetic unit that realizes control and functions of the entire computer system 100 by reading programs and data from a storage device such as the ROM 105 and the HDD 108 onto the RAM 104 and executing processing.

The user terminal 20, the authentication server 30, the information server 40, and the print server 50 of FIG. 1 according to the present embodiment can realize various processes as described later by the hardware configuration of the computer system 100.

FIG. 3 is a diagram illustrating a hardware configuration example of the MFP according to the present embodiment. The MFP 10 shown in FIG. 3 includes a controller 201, an operation panel 202, an external I / F 203, a communication I / F 204, a printer 205, a scanner 206, and the like.

The controller 201 includes a CPU 211, a RAM 212, a ROM 213, an NVRAM 214, an HDD 215, and the like. The ROM 213 stores various programs and data. The RAM 212 temporarily holds programs and data. NVRAM 214 stores, for example, setting information and the like. Further, the HDD 215 stores various programs and data.

The CPU 211 realizes control and functions of the entire MFP 10 by reading programs, data, setting information, etc. from the ROM 213, NVRAM 214, HDD 215, etc. onto the RAM 212 and executing processing.

The operation panel 202 includes an input unit for receiving input from the user and a display unit for displaying.
The external I / F 203 is an interface with an external device. The external device includes a recording medium 203a and the like. As a result, the MFP 10 can read and / or write to the recording medium 203a via the external I / F 203. The recording medium 203a includes an IC card, a flexible disk, a CD, a DVD, an SD memory card, a USB memory, and the like.

The communication I / F 204 is an interface for connecting the MFP 10 to the network N1. As a result, the MFP 10 can perform data communication via the communication I / F 204.

The printer 205 is a printing device for printing print data on paper. The scanner 206 is a scanning device for reading image data from a document. The MFP 10 according to the present embodiment can realize various processes as described later by the above hardware configuration.

<Software configuration>
<< Authentication server 30 >>
The authentication server 30 according to the present embodiment is realized by, for example, the processing block shown in FIG. FIG. 4 is a diagram illustrating an example of a processing block of the authentication server according to the present embodiment.

The authentication server 30 realizes an authentication receiving unit 31, an authentication information holding unit 32, an authentication unit 33, and an authentication result output unit 34 by executing a program.

The authentication receiving unit 31 receives the authentication information acquired by the device by the user's operation. At this time, the authentication receiving unit 31 acquires device information (for example, an address that specifies a destination during communication) that identifies the device that has received the authentication information from the user. The authentication receiving unit 31 receives the authentication information via, for example, the communication I / F 107.
The authentication information is a second authentication information for user authentication (second authentication) by the authentication server 30, and is, for example, a user ID and a password.

The authentication information holding unit holds the user ID and password in association with the device information.
The authentication unit 33 refers to the user authentication information holding unit 32, authenticates the user using the authentication information and the device information, and generates an authentication result (for example, authentication completed, authentication not possible).
The authentication result output unit 34 outputs the authentication result to the device. The authentication result output unit 34 transmits the authentication result via, for example, the communication I / F 107.

<< Information server 40 >>
The information server 40 according to the present embodiment is realized by, for example, the processing block shown in FIG. FIG. 5 is a diagram illustrating an example of a processing block of an information server according to the present embodiment.

The information server 40 realizes a user information receiving unit 41, a security information holding unit 42, a security information acquisition unit 43, a security information output unit 45, and a location information acquisition unit 48 by executing a program.

The user information receiving unit (receiving unit) 41 receives the user information acquired by the device by the user's operation. At this time, the user information receiving unit 41 acquires the device information of the device that has received the user information. The user information receiving unit 41 receives user information via, for example, the communication I / F 107.
The user information is information that identifies a user who uses the device, and is, for example, a user ID. Further, the user information is the first authentication information for user authentication (first authentication) by the information server 40.

The security information holding unit 42 holds the device information and the user ID in association with the security level.
The device information is information that identifies the device.

The security level is information for setting an authentication method (stage of the authentication method) for authenticating the user, and indicates, for example, whether or not the user is requested to input the second authentication information when using the device. As the authentication method, for example, the following different levels can be set.
・ A level that does not require additional authentication and allows you to log in with your user ID.
・ A level at which you can log in after authenticating your user ID and password.
-A level that requires a separate password for certain operations and processes after logging in by authenticating the user ID and password.
-The level at which login is not permitted.

The security level is preferably set in advance for each user for each device location information (for example, installation location). The security information holding unit 42 may hold the user and the security level in association with each other, for example, for each device. At that time, it is preferable to set a security level for each user according to the location information of the device for each device. Thereby, by acquiring the security level, it becomes possible to determine the necessity of additional authentication (for example, the second authentication step) based on the location information of the device.

The security information acquisition unit 43 reads the security level associated with the user from the security information holding unit using the user information and the device information, and generates security information based on the security level.
The security information acquisition unit 43 performs user authentication (first authentication step, first authentication unit) as to whether or not the security information holding unit 42 has a security level associated with the user ID. Further, the security information acquisition unit 43 analyzes the authentication method based on the position information (for example, device information) of the device by acquiring the security level, and determines whether or not the second authentication information is required. (Judgment step, judgment unit). Further, the security information acquisition unit 43 generates security information based on the security level. For example, if the security information acquisition unit 43 cannot acquire the security level, it generates security information based on the highest security level, and if it is determined that the second authentication information is required, the security information acquisition unit 43 is second to the device. Generate security information to request the input of authentication information.

The security information output unit (transmission unit) 45 outputs the acquired security information to the device. The security information output unit 45 transmits security information via, for example, the communication I / F 107.

The position information acquisition unit 48 acquires the position information of the movable device. In the present embodiment, the position information acquisition unit 48 may not be provided, and the details will be described in the third embodiment.

<< MFP10 >>
The MFP 10 according to the present embodiment is realized by, for example, the processing block shown in FIG. FIG. 6 is a diagram illustrating an example of a processing block of the MFP according to the present embodiment.

By executing the program, the MFP 10 executes an input reception unit 11, a display control unit 12, an output unit 13, a user information transmission unit 14, a security information acquisition unit 15, an authentication information transmission unit 16, an authentication result acquisition unit 17, and a job list acquisition. The unit 18 and the job acquisition unit 19 are realized.
In FIG. 6, the authentication server 30, the information server 40, and the print server 50 are shown on the right side of the figure, and the input / output with each server is shown. The left side in the figure represents input / output with the user.

The input receiving unit 11 receives inputs by user operations such as touch panel contact operation and keyboard input operation. For example, the input receiving unit 11 receives input from the user information on security and authentication such as a user ID and password, and information on processing of the MFP 10 (for example, information on a job output (paper output) from the MFP 10). The MFP 10 may accept input of user information from the operation panel 202, or may accept user information read from a recording medium 203a such as a magnetic card or an IC card via an external I / F 203.

The display control unit 12 displays the information to be notified to the user on the operation panel 202. For example, the determination unit 35 updates the job to be deleted from the job list and displays the updated job list after acquiring the job from the print server 50 and determining that the job is to be printed without causing the user to select the job from the job list.
The output unit 13 prints the acquired job. The output unit 13 outputs the job to, for example, the printer 205.

The user information transmission unit 14 is a first authentication information transmission unit that transmits user information (first authentication information) such as a user ID to the information server 40.
The security information acquisition unit 15 acquires security information from the information server 40 and controls the authentication process based on the security information.
The authentication information transmission unit 16 is a second authentication information transmission unit that transmits authentication information (second authentication information) such as a user ID (also referred to as a user name) and a password to the authentication server 30.
The authentication result acquisition unit 17 acquires the authentication result from the authentication server 30.

The job list acquisition unit 18 sends the user ID to the print server 50, and acquires the job list associated with the user ID from the print server 50.
The print job acquisition unit 19 requests the print server 50 to acquire a job, and acquires the job from the print server 50.

The security information transmission unit 14, the security information acquisition unit 15, the authentication information transmission unit 16, the authentication result acquisition unit 17, the job list acquisition unit 18, and the print job acquisition unit 19 may include, for example, the information server 40 via the communication I / F 204. Communicates with the authentication server 30 or the print server 50.

<< User terminal 20 >>
Regarding the user terminal 20, among the processing blocks included in the MFP 10 shown in FIG. 6, the user terminal 20 has an input reception unit 11, a display control unit 12, an output unit 13, a user information transmission unit 14, and a security information acquisition unit 15. , The authentication information transmission unit 16 and the authentication result acquisition unit 17 are realized by the same processing block.
Since the functional block is the same as that of the MFP 10, the configuration diagram and the description thereof will be omitted.

<< Print server 50 >>
The print server 50 according to the present embodiment is realized by, for example, the processing block shown in FIG. 7. FIG. 7 is a diagram illustrating an example of a processing block of a print server according to the present embodiment.

By executing the program, the print server 50 executes a print job receiving unit 51, a print job analysis unit 52, a print job attribute storage unit 53, a user job list acquisition unit 54, a job transmission unit 55, a user information acquisition unit 56, and printing. The job storage unit 57 is realized.

The print job receiving unit 51 receives a job from a user terminal 20 or the like by uploading a job using a Web page or the like. For example, the print job receiving unit 51 transmits a Web page used for uploading a job to a user terminal 20 or the like. The print job receiving unit 51 may receive a job from the user terminal 20 or the like by uploading the job using the application.

The print job analysis unit 52 converts the received job into a print language if necessary, and acquires the print attribute of the job.
The print job attribute storage unit 53 stores the job and the print attribute of the job in the job storage unit in association with the user ID. At this time, the print job attribute saving unit 53 confirms whether the device is specified as the print attribute of the job to be saved. When the device is specified, the print job attribute storage unit 53 adds the information indicating that the device is specified printing and the device specification information for specifying the device to the print attribute.

The user information acquisition unit 56 acquires a user ID from the MFP 10 as an example of user information.
The user job list acquisition unit 54 acquires the job list associated with the acquired user ID from the print job storage unit 57 and sends it to the MFP 10.
The job transmission unit 55 transmits the job for which the acquisition request has been made to the MFP 10.
The print job storage unit 57 stores jobs and print attributes in association with the user ID.

<Details of processing>
Hereinafter, an operation example of the processing of the printing system 1 according to the present embodiment will be described.
<< Authentication process from MFP10 >>
FIG. 8 is a flowchart illustrating an operation example of the login process by the MFP. Further, an operation example of the information server 40 is shown in the dotted line.
The input receiving unit 11 of the MFP 10 receives the input of the user ID from any user (S11). The user information transmitting unit 14 transmits the user information including the user ID received by the input receiving unit 11 to the information server 40 (S12). The user information may include, for example, device information that identifies the MFP 10 in addition to the user ID.

In the information server 40, the user information receiving unit 41 receives user information (S21). The security information acquisition unit 43 uses the user information and the device information to read the security level associated with the device information and the user ID with reference to the security information holding unit 42, and creates security information based on the security level. (S22). The security information output unit 45 transmits the security information to the MFP 10 (S23).

The security information acquisition unit 15 acquires security information based on the security level from the information server 40 (S13).
The security information acquisition unit 15 executes the user authentication process (S14). When the user is authenticated by the authentication server 30 (YES in S15), the security information acquisition unit 15 performs a login process (for example, unlocking the operation panel) (S16). The display control unit 12 displays the authentication result (login permission) on the operation panel 202 (S17). On the other hand, if the user is not authenticated (NO in S15), the display control unit 12 displays the authentication error on the operation panel 202 (S17).

Here, the user authentication process will be described with reference to FIG.
FIG. 9 is a flowchart illustrating an operation example of the user authentication process by the MFP. Further, an operation example of the authentication server 30 is shown in the dotted line.
The security information acquisition unit 15 determines whether or not the password needs to be input based on the security information (S31), and if the password needs to be input (YES in S31), causes the display control unit 12 to input the authentication information. Instruct the screen display.

The input receiving unit 11 accepts the input of the password (S32).
The user information transmission unit 14 transmits the authentication information to the authentication server 30 (S33). Here, the presence or absence of the password differs depending on the authentication method according to the security level of the authentication information. For example, in the authentication method that requires a password, the user ID and the password are used as authentication information, and in the authentication method that does not require a password, only the user ID is used as the authentication information.

In the authentication server 30, the authentication receiving unit 31 receives the authentication information (S41). The authentication unit 32 authenticates the user with reference to the authentication information storage unit 32 (S42).
The authentication information holding unit 32 holds, for example, a user ID, a password, device designation information, an e-mail address, and printing authority as items as authentication information of each user. The device designation information is information for designating a device for performing device designation printing. The user information can also be set with contents that can be set by a normal authentication server such as AD (Active Directory) or LDAP (Lightweight Directory Access Protocol).

The authentication unit 32 performs user authentication for determining whether the user ID and password received as authentication information exist in the authentication information holding unit 32.
If the user ID and password exist in the authentication information holding unit 32, the authentication unit 32 determines that the user authentication is successful (authentication OK). If the user ID and password do not exist in the user information, the authentication server 30 determines that the user authentication has failed (authentication NG).

Further, the authentication unit 32 may acquire the printing authority associated with the user ID when the user authentication is successful. The authentication result output unit 35 transmits the authentication result to the MFP 10 (S43). If the user authentication is successful, the authentication result output unit 35 can also transmit the print authority together with the authentication result.

In the MFP 10, the authentication result acquisition unit 17 receives the authentication result from the authentication server 30 (S34). If the user authentication is successful, the authentication result acquisition unit 17 receives the print authority together with the authentication result.

<< Job output processing from MFP10 >>
FIG. 10 is a flowchart illustrating an operation example of the job printing process by the MFP. Further, an operation example of the print server 50 is shown in the dotted line.
After allowing the user to log in, the MFP 10 starts the job output process.
The job list acquisition unit 18 acquires user information and security information from the security information acquisition unit 15, sends a user ID that has succeeded in user authentication to the print server 50, and acquires a job list associated with the user ID (S51). ).

At this time, in the print server 50, the user information acquisition unit 56 receives the user ID from the MFP 10 (S61). The user job list acquisition unit 54 acquires the job list associated with the acquired user ID from the print job storage unit 57, and transmits the acquired job list to the MFP 10 (S62).
The job list acquired by the job list acquisition unit 18 of the MFP 10 is, for example, a table in which the name of the job (for example, the document name) associated with the user ID is shown. The job list represents a list of jobs that can be acquired from the print server 50 by a user who has succeeded in user authentication.

In the MFP 10, the display control unit 12 displays the job list acquired by the job list acquisition unit 18 on the operation panel 202, and prompts the user to select a job (S52). The input receiving unit 11 accepts a job selection from the user and notifies the job list acquisition unit 18 of the selected job (S53).
The job list acquisition unit 18 refers to the security level (or print authority), and when authentication is required to print the selected job (YES in S54), the display control unit 12 prompts the user to enter the password. It controls and acquires the password received by the input reception unit 11 (S55). If the entered password is not authenticated (NO in S56), the job list acquisition unit 18 ends the process.

When authentication is not required for printing the selected job (NO in S54) and when the password for printing the job is authenticated (YES in S56), the job acquisition unit 19 is transmitted from the print server 50. The selected job is acquired, and the output unit 13 discharges the paper from the printer 205 (S57). At this time, in the print server 50, the job transmission unit 55 accepts the selected job, acquires the job from the print job storage unit 57, and transmits it to the MFP 10 (S63).

Next, the outline of a specific operation example will be described with reference to FIGS. 11 to 16.
FIG. 11 is a sequence diagram illustrating an operation example in which UserA prints a job in a private room of UserA. FIG. 12 is a diagram illustrating an example of the security information (authority information table) of the MFPA in the private room of UserA stored in the information server.

In FIG. 12, the private authority (Private) is an authentication method for logging in with the first authentication of the user ID, and the office authority (Office) is the second authentication with the user name and password after the first authentication of the user ID. Use the authentication method to log in. Further, although not shown in FIG. 12, for public authority (Public), in addition to the first authentication and the second authentication, a password (third authentication information) is input in a predetermined process (for example, printing a job). Is the required authentication method. If the user is not held by the security information holding unit 42, it is premised that the public authority is set.

The MFPA (an example of the MFP 10) acquires security information from the information server 40 at the time of login. When UserA inputs (logs in) a user ID to the MFPA (S81), the MFPA sends the user ID (UserA) and device information (MFPA) to the information server 40 (S82). The information server 40 refers to the security information of the MFPA, confirms that UserA has private authority, and returns the security information to the MFPA (S83). After that, the MFPA confirms that the authority is private, and without requesting the user to input additional information such as a password, permits the user to log in to the authentication server 30 (S84) and logs in (S85).

After that, as in normal on-demand printing, the MFPA acquires the job list from the print server 50 (S86, S87), displays the job list on the operation panel (S88), and the user selects a job (S89). , The selected job is acquired from the print server (S90, S91), and the paper is ejected (S93). At this time, if the job has a password, the MFPA prints it with deemed authentication (S92).

FIG. 13 is a sequence diagram illustrating an operation example in which User B prints a job in a private room of User A.
When the UserB performs printing with the MFPA in the private room of the UserA, the MFPA first sends the user ID (UserB) and the device information (MFPA) to the information server 40 (S82). The information server 40 confirms the security information of the MFPA of FIG. 12, confirms that UserB has office authority over the MFPA, and returns the security information to the MFPA (S83). After that, since the MFPA has office authority, it presents a password input screen to the user (S94) and prompts the user to input the password. When the password is entered (S95), the MFPA passes the entered password and the user name to the authentication server 30 (S84), obtains login permission, and logs in (S85). After that, printing is performed in the same flow as in FIG.

FIG. 14 is a sequence diagram illustrating an operation example in which UserZ prints a job in a private room of UserA.
When UserB performs printing with the MFPA in the private room of UserA, the MFPA first sends a user ID (UserZ) and device information (MFPA) to the information server 40 (S82). The information server 40 confirms the security information of the MFPA of FIG. 12, confirms that UserZ is not set in the security information, and returns the security information to which the public authority is granted (S83). After that, since the MFPA has public authority, it presents a password input screen to the user (S94) and prompts the user to input the password. When the password is entered (S95), the MFPA passes the entered password and the user name to the authentication server (S84), obtains login permission, and logs in (S85).

After logging in, the MFPA acquires the job list from the print server 50 (S86, S87) and displays the job list on the operation panel (S88). When the user selects a job (S89), the MFPA displays the password input screen for the selected job (S96) and prompts the user to input the password (S97). The MFPA sends the user name and the selected job to the print server 50 (S90), and acquires the corresponding job (S91). Printing is performed and the paper is ejected together with the password of the job selected at the time of printing (S92, S93).

FIG. 15 is a sequence diagram illustrating an operation example in which UserA prints a job in a public space. Here, the description is made on the premise that the information server 40 does not hold the security information associated with the MFPZ.
When the UserA prints on the MFPZ in the public space, the MFPZ first receives the input of the user ID (S81), and sends the user ID (UserA) and the device information (MFPZ) to the information server 40 (S82). .. The information server 40 confirms that the security information of the MFPZ does not exist, and returns the security information to which the public authority is given to UserA (S83). After that, printing is performed in the same flow as the sequence shown in FIG.

FIG. 16 is a sequence diagram illustrating a case where a job cannot be printed in a public space. FIG. 16 shows an operation example when printing in a public space is restricted when a password is not set for the job.
When UserA prints on the MFPZ in a public space, the MFPAZ first sends a user ID (UserA) and device information (MFPZ) to the information server 40 (S82). The information server 40 confirms that the security information of the MFPZ does not exist, and returns the security information to which the public authority is given to UserA (S83). After that, since the MFPZ has public authority, it presents a password input screen to the user (S94) and prompts the user to input the password. When the password is entered (S95), the MFPZ passes the entered password and the user name to the authentication server (S84), obtains login permission, and logs in (S85).

After logging in, the MFPZ acquires the job list from the print server 50 (S86, S87), presents the job list on the operation panel (S88), and prompts the user to select a job. When a job is selected (S89), the MFPZ displays on the operation panel that printing cannot be performed in the public space if a password has not been set for the selected job (S98).

The authentication server 30 and the information server 40 of FIG. 1, or the authentication server 30, the information server 40, and the print server 50 may be integrated into one computer. Further, the authentication server 30, the information server 40, and the print server 50 may be distributed to a plurality of computers.

Further, at least a part of the functions of the authentication server 30, the information server 40, and the print server 50 may be provided in the MFP 10. For example, the printing system 1 in FIG. 1 deletes at least a part of the authentication server 30, the information server 40, and the print server 50 by providing the MFP 10 with at least a part of the functions of the authentication server 30, the information server 40, and the print server 50. It may be configured.

Further, the MFP 10 according to the present embodiment displays the jobs included in the job list when, for example, the job list submitted by the user is provided after the user logs in. At this time, the MFP 10 is a job that satisfies a predetermined rule, for example, among the jobs included in the job list, such as a device-designated printing job in which the own machine is designated as a device, as in the technique disclosed in Patent Document 1. May be configured to select. The MFP 10 may be configured to acquire from the print server 50 and print the job selected by the own machine or the job selected by the user.

As described above, in the present embodiment, when setting the security level depending on the print location in on-demand printing, the security level setting depending on the location at each print location is associated with the device and the user. make it happen. For example, the MFP and the user are linked, the stage of the authentication method is set for the linked user, and the highest authentication method is set for the MFP to which no one is linked. Then, printing can be performed by a simple authentication method in a place recognized as a private space by the user who uses the device, and the procedure of the authentication method increases as the space becomes public.

As a result, it is possible to improve the security effect in a place where there is a high possibility of mistaken printing job or information leakage, and on the other hand, it is possible to reduce the troublesome authentication in a place where there is no such concern. For example, the authentication method is based on the location of the device, such as a private space for the user (for example, his / her own examination room such as a hospital), an office-like space (for example, a hospital medical office), or a public space (for example, a hospital waiting area). Authentication can be performed by changing the stage (number of times).

Embodiment 2.
In the above embodiment, the case where the device is the MFP 10 has been described, but the same authentication method can be applied to the user terminal 20 as well.
When the user terminal 20 receives a login request (user information, for example, user ID and password input) from the user, the login process is the same as the operation example of FIG. 8, and the user authentication process is the same as the operation example of FIG. The explanation is omitted. The security level (authentication method stage) depends on the location (device location information) where the user terminal 20 is installed, for example, whether it is a mobile terminal or not, and whether it is a shared PC or an individual PC. It is preferable to set it for each user.
According to the present embodiment, the security at the time of login can be managed for the user terminal 20 by performing the authentication process based on the stage of the authentication method according to the security level.

Embodiment 3.
In the present embodiment, an embodiment in which the authentication method according to the embodiment of the present invention is applied to a position management system in which a device is managed by a wireless tag will be described.
FIG. 17 is a diagram illustrating a configuration example of a location management system to which an authentication method is applied. The MFP 10, the user terminal 20, the authentication server 30, and the information server 40 shown in FIG. 17 are the same as those in the first embodiment. Further, in FIG. 17, the authentication server 30 and the information server 40 are represented as an authentication device 70 composed of one device.

The position management system 300 includes a wireless tag 310, a wireless communication device 320, a conversion device 330, and a management device 340. Further, the position management system 300 includes a user terminal 350 and an IMES (Indoor Messaging System) transmitter 360.
Further, the conversion device 330, the management device 340, the user terminal 350, the authentication device 70, the MFP 10, and the user terminal 20 are communicably connected via a network N such as the Internet or a telephone line network.

The wireless tag 310 is a device to be attached to each managed item whose position such as an installation place or a storage place is managed. In the present embodiment, the wireless tag 310 can be attached to a device such as the MFP 10 or the user terminal 20. When an article to which the wireless tag 310 is attached is moved, the wireless tag 310 measures the radio field strength of the wireless communication received from the wireless communication device 320 and obtains information (radio wave strength information) regarding the measured radio wave strength. It is transmitted to the conversion device 330.

Further, when the article to which the wireless tag 310 is attached is moved, the wireless tag 310 acquires position information such as latitude and longitude information from the IMES transmitter 360 and GPS (Global Positioning System). More specifically, the wireless tag 310 acquires position information from the IMES transmitter 360 indoors, and acquires position information outdoors based on radio waves received from GPS.

The wireless communication device 320 is a device that performs wireless communication with a wireless tag 310 or the like according to a predetermined wireless communication standard. A plurality of wireless communication devices 320 are installed in a room or floor (also referred to as an area) where items to be managed are installed or stored, and radio waves for wireless communication are transmitted within a predetermined range around each predetermined time. I'm sending. Here, the predetermined wireless communication standards include, for example, various wireless communications such as Zigbee (registered trademark), RFID (Radio Frequency Identifier), Bluetooth (registered trademark), infrared rays, Wi-Fi (registered trademark), and ultrasonic waves. Standards can be used.

The conversion device 330 is an information processing device that receives radio wave strength information and position information such as latitude and longitude information from the wireless tag 310. Further, the conversion device 330 converts the radio field strength information received from the wireless tag 310 into position information. Then, the conversion device 330 transmits the position information converted from the radio wave strength information and the position information such as latitude and longitude information to the management device 340.

The management device 340 is a storage device or an information processing device that manages the position information received from the conversion device 330 and the position information according to the IMES standard acquired from the IMES transmitter 360. The management device 340 also manages information on a map of a room or floor where articles to be managed are installed or stored, and in response to a request from the authentication device 70 or the user terminal 350, the above-mentioned 2 Information about the type of location information and the map is transmitted to the requesting authentication device 70 or the user terminal 350.

In the configuration example of FIG. 17, in the authentication device 70, the position information acquisition unit 48 of the information server 40 acquires the position information of the device to which the wireless tag 310 is attached from the management device 340, and the acquired position information is used as security information. It is configured to output to the acquisition unit 43.
The security information holding unit 42 divides the area where the device is installed into a plurality of areas based on the usage status such as a private space, an office-like space, and a public space, and each of the divided areas is combined with a user. It may be held in association with the security level. At this time, the security information holding unit 42 may divide a plurality of areas in correspondence with the room or floor of the information related to the map transmitted from the management device 340.

When the security information acquisition unit 43 determines that the terminal (movable terminal) has the wireless tag 310 attached to the user terminal 20 or the MFP 10 based on the device information, the location information acquisition unit 48 determines the location information. And acquire the security level using the location information.

According to this embodiment, it is possible to select an authentication method based on location information even for a mobile device.

Other embodiments.
In each of the above embodiments, the case where the security level is set (managed) for each user has been described as an example, but it is also possible to manage the security level for each group to which the user belongs.

When the above-mentioned authentication method is realized by a program that causes a computer to execute a process (instruction group), the program is
The first reception process in which the device accepts the input of the first authentication information,
The first authentication process that receives the first authentication information from the device and executes user authentication based on the first authentication information,
Judgment processing to determine whether or not the second authentication information is required based on the location information of the device,
When it is determined that the second authentication information is required, the transmission process of transmitting the security information for requesting the device to input the second authentication information, and the transmission process.
The second reception process that receives the security information and accepts the input of the second authentication information,
It has a second authentication process of receiving the second authentication information from the device and executing user authentication based on the second authentication information.
Here, for example, the first reception process and the second reception process are executed by the device, the first authentication process, the determination process, and the transmission process are executed by the information server 40, and the second authentication process is the authentication server. Run at 30.

Further, the authentication process and the login process executed by the authentication server 30 and the information server 40 may be configured to be executed by each device (for example, the MFP 10 and the user terminal 20). For example, the authentication information holding unit 32 and the security information holding unit 42 are installed in a place where each device can refer to, and each device reads out the authentication information and the security information and performs an authentication process or a login process (for example, the first authentication process described above). , Judgment process, second authentication process) may be executed.

According to each of the above embodiments, it is possible to enhance security by an authentication method according to the place where the device is arranged. For example, in on-demand printing, printing can be performed by a simple authentication method in a place recognized as a private space, and the procedure of the authentication method can be increased as the space becomes public. In addition, by managing the user authentication method for each MFP on the server, it is possible to set the stage of the authentication method for each user.

Although the invention made by the present inventor has been specifically described above based on the embodiment, it is said that the present invention is not limited to the above embodiment and can be variously modified without departing from the gist thereof. Not to mention.

10 MFP
11 Input reception unit 12 Display control unit 13 Output unit 14 User information transmission unit 15 Security information acquisition unit 16 Authentication information transmission unit 17 Authentication result acquisition unit 20 User terminal 30 Authentication server 40 Information server 41 User information reception unit 42 Security information retention unit 43 Security information acquisition unit 45 Security information output unit 50 Print server 60 Wireless communication device 70 Authentication device

Japanese Unexamined Patent Publication No. 2014-056438

Claims (3)

An authentication system including an authentication device, an output device that outputs a job, and an output control device that controls the output device.
The authentication device is
A receiving unit that receives the first authentication information received by the output device , and
A first authentication unit that executes user authentication based on the first authentication information received by the receiving unit, and a first authentication unit.
A determination unit that determines whether or not a second authentication information is required based on the position information of the output device , and a determination unit.
When it is determined that the second authentication information is required, a transmission unit that transmits security information for requesting the output device to input the second authentication information, and a transmission unit.
A second authentication unit that receives the second authentication information from the output device and executes user authentication based on the second authentication information.
It has a position information of the output device, the first authentication information, and a security information holding unit that holds the stages of the authentication method in association with each other.
The output device is
It has an input receiving unit that accepts inputs of the first authentication information and the second authentication information.
The output control device is
It has a job storage unit that stores the first authentication information in association with the job.
The stage of the authentication method is a first authentication method in which the first authentication is performed by the first authentication information, and a second authentication method in which the second authentication is performed by the second authentication information after the first authentication. Information that specifies one of an authentication method and a third authentication method that requires the input of a third authentication information in the output of the job in addition to the first authentication and the second authentication.
The security information includes information requesting the input of the third authentication information in the output of the job.
The input receiving unit prompts the input of the third authentication information before outputting the job.
Authentication system. The job is a print job.
The authentication system according to claim 1. The first authentication method can be logged in with a user ID, and can be logged in.
In the second authentication method, login is possible after confirming the user ID and password.
The third authentication method requires the input of a password separately after the second authentication.
The authentication system according to claim 1 or 2.

Images