JPWO2004053665A1 - Information processing device, control device, storage device guard device, program - Google Patents

Abstract

An information processing device that can display information on the screen as text, images, video, or a combination of these, human sensors that detect the presence or absence of people, and screen processing that conceals information displayed on the screen Control means having at least a function to perform, control activation means for activating screen processing by the control means when the presence of a user using the information processing apparatus is sensed via the human sensor, and the control Authentication means for authenticating that a person who intends to use the information processing apparatus in a state where screen processing by the means is an authorized user, and after the authentication by the authentication means is completed, Control release means for releasing the screen processing by the control means is provided.

Description

  The present invention relates to an apparatus for executing a security function represented by a so-called screen saver function such as a computer.

In order to prevent burn-in of a display connected to a computer or the like, a program that erases the screen or displays a predetermined animation or the like when there has been no access for a certain time is often installed in the computer or the like. Such a thing is generally called a “screen saver”. In addition, it is also known that when a screen saver attempts to return to a normal state, a password input is required and the screen saver cannot be canceled unless the correct password is input (for example, Japanese Patent Application Laid-Open No. 09-297676). See). By adding a password lock function to the screen saver, it is possible to prevent a person other than the authorized user from accessing the computer when the user is absent.
However, in the existing screen saver module, the screen saver is not activated until a predetermined waiting time elapses. Also, you have to go through several steps to manually activate the screen saver. That is, a complicated operation is required to activate the screen saver at a timing desired by the user. The above is a problem particularly when an emergency occurs and the user has to hurry up and get up. If the user leaves the seat without activating the screen saver with much trouble, the person other than the user can freely access the computer until the standby time elapses, and security cannot be ensured.
The present invention focuses on the above-mentioned problems for the first time, and aims to enable a security function represented by a screen saver to be activated when necessary without complicated operations.

In view of the above problems, in the present invention, as shown in FIG. 18, the sensor means 10 for detecting the presence / absence of a person and a predetermined condition on the condition that the sensor means 10 detects the absence of the user. A control unit 11 for starting execution of a security function, an authentication unit 13 for authenticating that a person who has returned with the security function by the control unit 11 activated is a valid user, An information processing apparatus including a control release unit 14 that releases the security function by the control unit 11 after the authentication by the authentication unit 13 is completed is configured. That is, when a user's presence / absence is sensed and the user leaves the seat, the predetermined security function is activated immediately, and the security function is already activated in order to cancel the security function. Is a system that requires user authentication. With such a configuration, when the user leaves the seat, the security in absence can be ensured without performing complicated operations one by one.
Various security functions realized by the present invention are conceivable. Typical examples thereof are prevention of unauthorized browsing of information stored in a personal computer or the like and prevention of unauthorized operation on the personal computer or the like. Therefore, the control means 11 can execute, as a security function, a process of concealing information displayed on the screen of the display or a process of rejecting an operation by a person other than the authorized user. It can be said that it is preferable. As shown in FIG. 10, in an information processing apparatus capable of displaying information on a display screen as characters, images, video, or a combination thereof, sensor means 10 for detecting the presence or absence of a person and display on the screen The control means 11 having at least a function of performing screen processing for concealing information and the absence of the user who uses the information processing apparatus, in other words, that the user has left the information processing apparatus. A control activation unit 12 that activates screen processing by the control unit 11 when sensed via the sensor unit 10 and a screen processing by the control unit 11 are activated and the information processing apparatus is used. Authentication means 13 for authenticating that the person who has the right authority is a user having a legitimate authority, and the control means 11 after the authentication by the authentication means 13 is completed. If the control canceling means 14 for canceling the screen processing is provided, the screen processing by the control means 11 is activated when the user leaves the seat, and the content of the information, even if the user himself does not perform a complicated operation. Can be concealed. And in the state where the screen processing is activated, it is possible to display the information again after releasing the screen processing after authenticating that the user having the right authority has returned, Deterrence can secure security. Note that screen processing refers to executing screen display processing or screen erasure processing for hiding information displayed on the screen.
Similarly, an information processing apparatus capable of executing various information processings has at least a function of performing sensor processing 10 for detecting presence / absence of a person and reservation processing for retaining acceptance of an operation for executing information processing. A control means 11; a control activation means 12 for activating a reservation process by the control means 11 when the absence of a user using the information processing apparatus is sensed via the sensor means 10; and the control means 11 Authentication means 13 for authenticating that the person who intends to use the information processing apparatus is a valid user, and after the authentication by the authentication means 13 is completed. Even if the control canceling means 14 for canceling the reservation process by the control means 11 is provided, it is possible for a user to perform the operation without compromising the user himself / herself. You can ensure the security and deter unauthorized access. Information processing refers to a concept that generally includes browsing or viewing of information, creation, change, storage, transmission / reception, execution of various programs, and the like.
As another example of the security function realized by the present invention, a storage device that can store various items (the storage device referred to here is a concept including all fixtures that can store items, for example, a desk (Including drawers, wagons, lockers, cabinets, bags, etc.) can be prevented from being opened or closed by a third party. At this time, the control means 11 executes a function for ensuring security related to opening and closing of the storage tool, and the control release means 14 performs the control when the authentication by the authentication means 13 is completed. An operation signal for releasing the security function is transmitted to the means 11. The security function executed by the control means 11 is a situation where a user having a legitimate authority is away from the user, in other words, a situation where the user is away from the storage device, This is a process for preventing the storage tool from being opened and closed. More specifically,
(1) Processing for physically suppressing the opening and closing of the storage device (locking, energization such as an electric fence, etc.), or
(2) Processing to be issued when an unauthorized operation on the storage device is detected (notifying the user or others, warning for intimidating unauthorized persons, etc.)
Corresponds to this. The specific configuration of the control unit 11 depends on the content of the security function executed by the control unit. If this is the case, it is possible to prevent others from illegally taking out or browsing the items in the storage device while the user is away from their seats. It is possible to safely store and store confidential documents and other articles that are desired to be kept out of the eyes of the person in the storage device. The control means may be incorporated in the storage tool, but may be detachable from the storage tool. If it is detachable from the storage tool, the user can arbitrarily attach it to the desk drawer or bag used by the user to improve security.
Further, as shown in FIG. 19, the sensor means 10 for detecting the presence or absence of a person and the locking device provided in the storage device capable of storing various articles are used for locking or unlocking. A signal transmitting unit 15 capable of transmitting an operation signal; and an authenticating unit 13 for authenticating that a person who has returned after leaving the user is an authorized user. An operation signal for locking the locking device is transmitted when the user's absence is detected through the sensor means 10 and the authentication of the locking device is completed after authentication by the authentication means 13 is completed. A simple security system can be similarly constructed by configuring an information processing apparatus that transmits an operation signal for locking. When the locking device is in an unlocked state only while receiving an operation signal for unlocking (when the operation signal for unlocking cannot be received, it shifts to the locked state). When the signal transmission means 15 senses the user's absence through the sensor means 10, the transmission of the operation signal is stopped, and then the authentication means 13 authenticates the authorized user. Occasionally, transmission of the operation signal is resumed.
In addition, as shown in FIG. 11, the information processing apparatus capable of executing the above-described screen processing and / or reservation processing locks or unlocks the locking device provided in the storage device capable of storing various articles. It is also preferable to include a signal transmission means 15 that can transmit an operation signal for performing the above. The signal transmitting unit 15 transmits an operation signal for locking the locking device when the absence of a user who uses the information processing device is sensed via the sensor unit 10, and It is assumed that an operation signal for unlocking the locking device is transmitted after the authentication by the authenticating means 13 is completed. In this case, it is possible to protect not only digital information stored in a personal computer or the like, but also “analog” information such as documents stored in the storage device.
As shown in FIG. 20, at least one of the fact that the user authentication by the authentication means 13 has failed or the fact that the user has not performed user authentication by the authentication means 13 has been detected. In this case, if it is further provided with an unauthorized access information output means 16 for generating and outputting information relating to the fact, information relating to an illegal act by a third party for a personal computer or a storage device is transmitted to a required destination. Thus, it becomes possible to report the fact of fraud and to accumulate information on the fraud and refer to it after the fact. Incidentally, the failure of user authentication by the authentication means 13 means that acquisition of user identification information for identifying a user having a legitimate authority fails. When the authentication unit 13 performs user authentication in a mode of accepting input of user identification information by the user, it is normal to regard that the user authentication has failed with a predetermined number of input errors.
Further, in the existing screen saver module, it is necessary to move the mouse or press a key in order to display a password input dialog for canceling the screen saver on the screen. This operation has no meaning other than stopping the screen saver and displaying the input dialog, and is only troublesome for the user. In turn, when the authentication means 13 senses some approach through the sensor means 10, it gives an instruction to prompt the user to input user identification information for identifying a user having a legitimate authority. If the input is accepted, the above operation can be omitted.
Alternatively, the authentication unit 13 is wirelessly communicated with a predetermined storage device possessed by the user and storing user identification information for identifying the user, and the user identification information is obtained from the predetermined storage device. Can be made more user-friendly by omitting the input operation of the user identification information by the user himself / herself. The predetermined storage device generally refers to a device having a function of storing user identification information and a function of wirelessly transmitting stored user identification information. For example, RFID (Radio Frequency IDentification; card shape or tag shape) (A recognition method for recording or reading information using electromagnetic waves) and a portable information processing terminal equipped with a wireless communication device, a mobile phone terminal, and the like.

FIG. 1 is a hardware resource configuration diagram of an information processing apparatus according to an embodiment of the present invention.
FIG. 2 is a functional block diagram of the information processing apparatus in the embodiment.
FIG. 3 is a diagram illustrating a screen displaying information.
FIG. 4 is a diagram illustrating screen processing by the control means.
FIG. 5 is a diagram illustrating an instruction (input dialog display) that prompts the authentication means to input user identification information.
FIG. 6 is a flowchart showing a processing procedure in the embodiment.
FIG. 7 is a diagram schematically showing an information processing apparatus according to an embodiment of the present invention.
FIG. 8 is a hardware resource configuration diagram of the information processing apparatus in the embodiment.
FIG. 9 is a flowchart showing a processing procedure in the embodiment.
FIG. 10 is a diagram for explaining the configuration of the present invention.
FIG. 11 is a diagram for explaining the configuration of the present invention.
FIG. 12 is a diagram schematically showing an information processing apparatus according to an embodiment of the present invention.
FIG. 13 is a hardware resource configuration diagram of the information processing apparatus in the embodiment.
FIG. 14 is a flowchart showing a processing procedure in the embodiment.
FIG. 15 is a diagram schematically showing an information processing apparatus according to an embodiment of the present invention.
FIG. 16 is a hardware resource configuration diagram of the information processing apparatus in the embodiment.
FIG. 17 is a flowchart showing a processing procedure in the embodiment.
FIG. 18 is a diagram for explaining the configuration of the present invention.
FIG. 19 is a diagram for explaining the configuration of the present invention.
FIG. 20 is a diagram for explaining the configuration of the present invention.
FIG. 21 is a circuit configuration diagram of sensor means in which a human sensor and a distance sensor are combined.
FIG. 22 is a timing chart illustrating the operation of the sensor means.
FIG. 23 is a diagram schematically showing an information processing apparatus (system) in one embodiment of the present invention.
FIG. 24 is a hardware resource configuration diagram of the storage device guard apparatus in the same embodiment.
FIG. 25 is a hardware resource configuration diagram of the control device in the embodiment.
FIG. 26 is a flowchart showing a processing procedure in the embodiment.
FIG. 27 is a flowchart showing a processing procedure in the embodiment.
FIG. 28 is a hardware resource configuration diagram of the computer in the embodiment.
FIG. 29 is a hardware resource configuration diagram of the control device in the same embodiment.
FIG. 30 is a circuit diagram showing an example of a power supply circuit of the storage device guard apparatus.
FIG. 31 is a diagram schematically showing the information processing apparatus (system) in the embodiment.
FIG. 32 is a view showing the storage device guard apparatus in the same embodiment.
FIG. 33 is a perspective view showing the storage device guard apparatus in the same embodiment.
FIG. 34 is a perspective view of a main part showing a setting key and a dip switch.
FIG. 35 is a perspective view showing the main part of the setting key and the DIP switch.
FIG. 36 is a longitudinal sectional view of a main part showing a setting key and a dip switch.
FIG. 37 is a horizontal sectional view of an essential part showing a setting key and a dip switch.
FIG. 38 is a horizontal sectional view of an essential part showing a setting key and a dip switch.
FIG. 39 is a hardware resource configuration diagram of the storage device guard apparatus in the same embodiment.
FIG. 40 is a diagram for explaining the configuration of the present invention.
FIG. 41 is a diagram schematically showing an information processing apparatus (system) in one embodiment of the present invention.
FIG. 42 is a hardware resource configuration diagram of the control device (printing control mechanism) in the embodiment.
FIG. 43 is a flowchart showing a processing procedure in the embodiment.
FIG. 44 is a flowchart showing a processing procedure in the embodiment.

<First Embodiment> An embodiment of the present invention will be described below with reference to the drawings. For example, as shown in FIG. 1, the information processing apparatus in this embodiment is connected via a processor 1a, a main memory 1b, an auxiliary storage device 1c, a display 1d, a display control device 1e, and an input / output interface 1h. Including hardware resources such as the input device 1f and human sensor 1g, and information such as existing personal computers, workstations, PDAs (Personal Digital Assistants), etc., as information, characters, images, video, or a combination thereof It is constructed so that it can be displayed on the screen and various information processing can be executed. The auxiliary storage device 1c is a hard disk drive, a flash memory, an optical disk drive such as a DVD-ROM, or the like. It may be a disk drive of the type. The display control device 1e generates a video chip 1e1 (or graphics chip), image data, etc. having a function of generating image data to be displayed based on a drawing instruction received from the processor 1a and sending it to the display 1d. It can be configured using a known device such as a video memory 1e2 (Video RAM) which plays a role of temporarily storing. The input device 1f is used by a user to perform operation input, and is represented by a keyboard, a mouse, a track pad, and the like. The human sensor 1g serves as sensor means 10 that detects whether or not a person is present in a predetermined area near the information processing apparatus. As the human sensor 1g, various types of sensors can be employed. The passive IR sensor that detects infrared rays emitted from the human body is a typical human sensor 1g, but it does not prevent the use of a sensor other than the passive IR sensor. However, the sensor means 10 may detect the presence or absence of a person by photographing the surrounding area with a camera and analyzing the image.
Usually, a program to be executed by the processor 1a is stored in the auxiliary storage device 1c, and when the program is executed, it is read from the auxiliary storage device 1c into the main memory 1b and decoded by the processor 1a. Then, the hardware resources described above are operated according to the program so that the functions as the control means 11, the control activation means 12, the authentication means 13, and the control release means 14 shown in FIG.
The control means 11 has a function of performing screen processing for concealing information displayed on the screen, and a function of performing reservation processing to reserve acceptance of an operation for executing information processing. The control means 11 can be configured using, for example, a known screen saver module program. By starting the screen saver module program, the currently displayed screen is concealed and operation acceptance is reserved. In addition, while showing the display screen of the information on the display 1d in FIG. 3, the state which hidden the display screen as shown in FIG. 3 is illustrated in FIG. Incidentally, as one aspect of the screen processing by the control means 11, it is conceivable to turn off the display 1d, in other words, to turn off the display 1d.
When the control activation means 12 senses through the human sensor 1g that the user currently using the information processing apparatus has left his / her seat, in other words, the user has left the information processing apparatus. Then, the screen processing and reservation processing by the control means 11 are started. For example, the control activation unit 12 counts the elapsed time since the human sensor 1g no longer detects the presence of the user, and when the elapsed time exceeds a predetermined timeout time, the user leaves the seat. Judgment is made and control by the control means 11 is started.
The authenticating means 13 authenticates that the person who intends to use the information processing apparatus is a user who has a legitimate authority in a state where the reservation of screen processing and operation acceptance by the control means 11 is activated. To do. This authentication is performed, for example, in such a manner that a person who intends to use the information processing apparatus is requested to input user identification information for identifying a user having a legitimate authority. User identification information relating to a user having a legitimate authority is stored in a required storage area of the main memory 1b or the auxiliary storage device 1c or a predetermined computer (not shown) connected to the information processing device so as to be communicable. It is stored in advance in a required storage area of the main memory or the auxiliary storage device (in plain text or encrypted), and is compared with the user identification information input via the input device 1f at the time of authentication. In the present embodiment, a user ID and / or password is input as user identification information via the input device 1f. The user ID and / or password may be the same as or different from that in the user account of the user currently using the information processing apparatus. However, the user identification information is not necessarily a user ID and a password. Therefore, for example, biometric authentication may be performed using biometric data (for example, fingerprint, voice print, handwriting, retina pattern, iris pattern, blood vessel pattern, etc.) based on the user's physical characteristics as user identification information. . In this case, an apparatus used for inputting biometric data is provided in advance in the information processing apparatus. Of course, the authentication unit 13 may perform authentication using a plurality of methods in combination.
Further, when the authentication means 13 is in a state where the screen processing and reservation processing by the control means 11 are activated and some approach is detected via the human sensor 1g, it is legitimate for the person. It is preferable that an instruction for prompting input of user identification information for identifying a user having a proper authority is given and the input is accepted. An instruction for prompting input of user identification information is given in a form through screen display, voice output, and other various user interfaces. In the present embodiment, a dialog D for requesting input of a user ID and / or password as user identification information is displayed on the display 1d and the input is accepted. FIG. 5 illustrates a dialog display requesting input of a user ID and / or password.
The control cancellation unit 14 cancels the screen processing and reservation processing by the control unit 11 after the authentication by the authentication unit 13 is completed. In the present embodiment, by canceling the screen saver function based on the screen saver program, the screen displaying the information is recovered, and the acceptance of the operation is resumed.
However, the function of each part of the control means 11, the control starting means 12, the authentication means 13, and the control release means 14 is shared by a plurality of apparatuses, and it does not prevent the information processing apparatus from being established by cooperating with each other.
Here, the sensor means 10 will be supplemented. Passive IR sensors and the like detect the presence of moving objects by detecting the displacement of the moving object. Therefore, when a user is performing a work with little movement of the body or taking a break, the presence of the passive IR sensor is detected. It cannot be detected stably. As a method of coping with such a problem, it is conceivable to configure the sensor means 10 that combines two sensors, a passive IR sensor (pyroelectric human sensor) and a distance sensor (reflective type). The former detects the movement of the user's body or other objects within the detection range. The latter detects the presence of the user's body and other objects within the detection range. FIG. 21 shows a circuit configuration example of the sensor means 10 combining these sensors, and FIG. 22 shows a timing chart for explaining the operation of the sensor means 10. The passive IR sensor outputs ON (HI) when it detects a moving object, and the distance sensor outputs ON when it detects the presence of an object. Basically, if the output of the passive IR sensor or the output of the distance sensor is ON, it can be determined that the user is present. When both the output of the passive IR sensor and the output of the distance sensor are OFF (LO), it can be determined that the user has left the seat. However, it is preferable that the output of the sensor means 10 indicates that the user is present until the predetermined hold time elapses after the outputs of both sensors are turned off. That is, the flip-flop in FIG. 21 holds the (HI) state indicating that the user is present until the hold time elapses, and enters the (LO) state that indicates that the user has left after the hold time has elapsed. Can be switched. However, it does not prevent the hold time from being set to zero. Thus, a condition for determining that this user or a non-user has returned after detecting the user's absence is that the output of the passive IR sensor and the output of the distance sensor are both turned ON. It is unlikely that the passive IR sensor will not detect the movement of the user or a non-user returning to the original seat, and unless the distance sensor is used in combination, This is because the user returning to the seat cannot be identified.
As described above, the sensor means 10 is not limited to the one using the human sensor 1g. As a special example, there is an aspect in which a sensor is provided in furniture or furniture used by a user. As a specific example, it is conceivable to provide a sensor for detecting static electricity, temperature, etc. derived from the human body on the top of the desk, or to provide a pressure sensitive sensor on the seat or back of the chair. Even in such a case, it goes without saying that the information processing apparatus is configured to be able to receive a signal output from the sensor via a wire or wirelessly.
Hereinafter, the procedure of processing executed by the information processing apparatus according to this embodiment will be described with reference to the flowchart of FIG. When it is detected via the human sensor 1g that the user using the information processing apparatus has left the seat (step S1), the screen processing by the control means 11 is started (step S2), and the control means 11 The reservation process by is started (step S3). Thus, when the screen processing and the reservation processing by the control means 11 are activated and when it is sensed through the human sensor 1g that several persons have approached the information processing apparatus (step S4), An instruction for prompting the user to input user identification information for identifying a user having a legitimate authority is given (step S5), and the input of the user identification information is accepted (step S6). As already described, in the present embodiment, in step S5, the user ID and / or password input dialog D as the user identification information is displayed on the screen of the display 1d, and the user ID using the input device 1f and / Or accept password input. When the input of the user identification information by the person is completed (step S7), the user authentication is performed by comparing the input user identification information with the user identification information relating to the user having a legitimate authority stored in advance. When it is possible to authenticate that the person who intends to use the information processing apparatus is a user having a legitimate authority (step S8), the screen processing by the control means 11 is canceled (step S9), and the control means 11 The reservation process by is canceled (step S10). In step S8, when it is not possible to authenticate that the user has a legitimate authority, the user is prompted again for user identification information. Incidentally, although not shown in FIG. 6, when the input dialog D is displayed and the input of the user ID and password is awaited (steps S5 and S6), the predetermined time-out time is not entered and the input is not performed. When the time has elapsed or when the “Cancel” button arranged in the input dialog D is clicked, the input dialog D is deleted and the screen saver is activated. That is, the above-described steps S2 and S3 are performed. You may make it return a process to a step.
According to the present embodiment, the human sensor 1g as the sensor means 10 for detecting the presence or absence of a person, and the predetermined security function, that is, the screen processing and the condition that the human sensor 1g detects that the user is away. And / or control means 11 for starting execution of reservation processing, and authentication means 13 for authenticating that the person who has returned with the security function by the control means 11 activated is a user having a legitimate authority, In addition, since the information processing apparatus including the control release unit 14 that releases the security function by the control unit 11 after the authentication by the authentication unit 13 is completed, the user does not have to perform complicated operations. When the user leaves, the security function by the control means 11 is activated. And, in the state that the security function is activated, in order to release it after authenticating that a user with a legitimate authority has returned, it is possible to prevent unauthorized access by others and ensure security. Become.
An information processing apparatus capable of displaying information on the screen of the display 1d as characters, images, video, or a combination thereof, a human sensor 1g which is sensor means 10 for detecting the presence or absence of a person, and information displayed on the screen Control means 11 having at least a function of performing screen processing for concealing, and a screen by the control means 11 when the absence of the user using the information processing apparatus is detected via the human sensor 1g Control activation means 12 for activating the process, and authentication for authenticating that the person who intends to use the information processing apparatus in a state where the screen processing by the control means 11 is activated is a valid user Because it includes the means 13 and the control release means 14 for releasing the screen processing by the control means 11 after the authentication by the authentication means 13 is completed. Without the user himself to perform complicated operations, the user can conceal the contents of the information to start the screen processing by the control unit 11 when leaving the seat. And in the state where the screen processing is activated, it is possible to display the information again by releasing the screen processing after authenticating that the user with the right authority has returned, and unauthorized information browsing by others It is possible to prevent security and ensure security.
Similarly, an information processing apparatus capable of executing various types of information processing includes at least a human sensor 1g that detects the presence or absence of a person and a reservation processing that reserves acceptance of an operation for executing information processing. Control means 11 having, control activation means 12 for activating reservation processing by the control means 11 when the presence of a user using the information processing apparatus is sensed via the human sensor 1g, and the control Authentication means 13 for authenticating that a person who intends to use the information processing apparatus is a user having a legitimate authority in a state where reservation processing by means 11 is activated, and authentication by the authentication means 13 is completed Since the control release means 14 for releasing the reservation process by the control means 11 is provided, the user can leave the seat without performing complicated operations. Acceptance of the operation is retained by the control unit 11 when it is. Then, after authenticating that a user having a legitimate authority has returned, the reservation for accepting the operation is canceled, thereby preventing unauthorized access by others and ensuring security.
Further, the authentication means 13 gives an instruction for prompting the person to input user identification information for identifying a user having a legitimate authority when some approach is detected through the human sensor 1g. Since the input is accepted, troublesome operations such as stopping the screen saver, pressing a key for displaying the input dialog D, and moving the mouse can be omitted.
Therefore, the information processing apparatus according to the present embodiment is suitable for use in a situation where an unspecified person can reach. In particular, it can be suitably used in rental booths where business persons can drop in and use at any time, so-called Internet cafes, comics cafes and the like.
<Second Embodiment> The second embodiment to be described below is a state in which a screen saver is activated on the information processing apparatus 1, that is, in a state where the screen processing and the reservation processing are activated. As a method for authenticating that the person who intends to use the apparatus 1 is a user having a legitimate authority, the user possesses beforehand as schematically shown in FIG. 7 instead of the input of user identification information by the user himself / herself. The user identification information is wirelessly received from a predetermined storage device M. Hereinafter, the difference from the first embodiment will be mainly described.
In this embodiment, an RFID tag is used as the predetermined storage device M. An RFID tag is a recording medium that can read and rewrite information without contact by wireless communication. As an RFID system, an electromagnetic induction system (a system that communicates with an RFID tag while supplying power to the RFID tag using electromagnetic induction action), a microwave system (a system that communicates with an RFID tag using a microwave band) An optical method (a method for communicating with an RFID tag using a light wave such as infrared rays) and the like can be mentioned, but there is no particular limitation as to which method is adopted. Incidentally, in order to prevent misplacement, it is preferable that the predetermined storage device M can be worn on the user like a badge, for example. However, the predetermined storage device M is not limited to the RFID tag, and a portable information processing terminal having a wireless communication function, particularly a mobile phone terminal equipped with a data communication transceiver such as Bluetooth (registered trademark) is predetermined. The storage device M is not hindered. And the user identification information for identifying the user who possesses this is memorize | stored in such a predetermined storage device M.
On the other hand, the information processing apparatus 1 according to the present embodiment, for example, as shown in FIG. In addition to hardware resources such as the connected input device 1f and human sensor 1g, a wireless communication device 1i for performing wireless communication with the predetermined storage device M is also included. A specific mode of the wireless communication device 1i depends on a mode of a predetermined storage device M possessed by the user. For example, when the predetermined storage device M is an electronic induction type RFID tag, it includes a coil (antenna) for inducing an induced voltage in the induction coil in the RFID tag. When the storage device M is an optical RFID tag, an infrared device for performing infrared communication with the RFID tag is included.
Usually, a program to be executed by the processor 1a is stored in the auxiliary storage device 1c, and when the program is executed, it is read from the auxiliary storage device 1c into the main memory 1b and decoded by the processor 1a. Then, the hardware resources described above are operated according to the program so that the functions as the control means 11, the control activation means 12, the authentication means 13, and the control release means 14 shown in FIG. Since the control means 11, the control activation means 12, and the control release means 14 can be configured in the same manner as in the first embodiment, description thereof is omitted here. The authentication means 13 is in a state in which the reservation of screen processing and operation acceptance by the control means 11 is activated, and the person who intends to use the information processing apparatus 1 is a user who has a legitimate authority. Certify. In this authentication, user identification information is acquired from a predetermined storage device M possessed by a person who intends to use the information processing apparatus 1 and is compared with user identification information for identifying a user having a legitimate authority. It is carried out in the mode of doing. User identification information related to a user having a legitimate authority is a predetermined computer (not shown) connected to a required storage area of the main memory 1b or the auxiliary storage device 1c or to be communicable with the information processing device 1. Stored in a required storage area of the main memory or auxiliary storage device (in plain text or encrypted). The authentication unit 13 performs wireless communication with the predetermined storage device M using the wireless communication device 1 i and receives user identification information stored in the predetermined storage device M.
However, the functions of each part of the control means 11, the control activation means 12, the authentication means 13, and the control release means 14 are shared by a plurality of devices, and these do not interfere with the establishment of the information processing device 1 by cooperation. .
If it is assumed that the predetermined storage device M exists with the user, detecting the presence / absence of the predetermined storage device M is synonymous with detecting the presence / absence of the user. Therefore, the sensor means 10 that detects the presence or absence of a person and the authentication means 13 that performs user authentication may share the same hardware resources. That is, the sensor means 10 is not configured using the human sensor 1g, but the sensor means 10 is configured using a wireless communication device 1i for performing wireless communication with a predetermined storage device M, It can be assumed that the user does not exist when communication with the storage device M is interrupted, and the user exists when communication is established. At this time, the predetermined storage device M and the wireless communication device 1i are elements constituting the sensor means 10 and the authentication means 13 according to the present invention. Further, the human sensor 1g is not necessary.
Hereinafter, the procedure of processing executed by the information processing apparatus 1 in the present embodiment will be described with reference to the flowchart of FIG. When the sensor means 10 senses that the user using the information processing apparatus 1 has left the seat (step S11), the screen processing by the control means 11 is started (step S12), and the reservation by the control means 11 is reserved. The process is started (step S13). Thus, in the state where the screen processing and reservation processing by the control means 11 are activated, let's establish wireless communication with a predetermined storage device M possessed by a person who intends to use the information processing apparatus 1. And When wireless communication is established with a predetermined storage device M (step S14), user identification information stored in the predetermined storage device M is acquired (step S15), and stored in advance with the acquired user identification information. The user authentication is performed by comparing with the user identification information related to the user who has the proper authority. When it is possible to authenticate that the person who intends to use the information processing apparatus 1 is a user having a legitimate authority (step S16), the screen processing by the control means 11 is canceled (step S17), and the control means 11 is released (step S18). If it is determined in step S16 that the user is not authorized, the screen processing and control processing are not canceled and the screen saver is activated. That is, the above steps are performed. The process returns to the stage of S12 and step S13.
According to the present embodiment, the human sensor 1g serving as the sensor means 10 that detects the presence or absence of a person, and the predetermined security function, that is, the screen processing and the condition that the human sensor 1g detects that the user is away. And / or control means 11 for starting execution of reservation processing, and authentication means 13 for authenticating that the person who has returned in a state where the security function by the control means 11 is activated is a valid user. In addition, since the information processing apparatus 1 including the control release unit 14 that releases the security function by the control unit 11 after the authentication by the authentication unit 13 is completed, the user can perform operations without complicated operations. When the user leaves the seat, the security function by the control means 11 is activated. And, in the state that the security function is activated, in order to release it after authenticating that a user with a legitimate authority has returned, it is possible to prevent unauthorized access by others and ensure security. Become.
An information processing apparatus 1 capable of displaying information on the screen of the display 1d as characters, images, video, or a combination thereof is displayed on a screen with a human sensor 1g as sensor means 10 for detecting the presence or absence of a person. The control means 11 having at least a function of performing screen processing for concealing information, and the control means 11 when the absence of the user using the information processing apparatus 1 is sensed via the human sensor 1g. The control activation means 12 that activates the screen processing by the control means 11, and the person who intends to use the information processing apparatus 1 in the state in which the screen processing by the control means 11 is activated is a valid user. The authentication means 13 for authenticating, and the control cancellation | release means 14 which cancels | releases the screen process by the said control means 11 after the authentication by the said authentication means 13 is completed shall be comprised. Therefore, without the user himself to perform complicated operations, the user can conceal the contents of the information to start the screen processing by the control unit 11 when leaving the seat. And in the state where the screen processing is activated, it is possible to display the information again by releasing the screen processing after authenticating that the user with the right authority has returned, and unauthorized information browsing by others It is possible to prevent security and ensure security.
Similarly, the information processing apparatus 1 capable of executing various types of information processing includes a human sensor 1g that detects the presence or absence of a person and a function of performing reservation processing that reserves acceptance of an operation for executing information processing. Control means 11 having at least; control activation means 12 for activating reservation processing by the control means 11 when the presence of a user using the information processing apparatus 1 is sensed via the human sensor 1g; By the authentication means 13 for authenticating that the person who intends to use the information processing apparatus 1 is a user having a legitimate authority in the state where the reservation process by the control means 11 is activated, and the authentication means 13 Since the control release means 14 for releasing the reservation process by the control means 11 after the authentication is completed is provided, the user can perform a complicated operation without performing a complicated operation by the user himself / herself. Acceptance of the operation is retained by the control unit 11 when leaving the seat. Then, after authenticating that a user having a legitimate authority has returned, the reservation for accepting the operation is canceled, thereby preventing unauthorized access by others and ensuring security.
Further, the authentication means 13 performs wireless communication with a predetermined storage device M that is stored by the person who intends to use the information processing apparatus 1 and stores user identification information for identifying the person, Since the user identification information is obtained from the storage device M and compared with the user identification information for identifying a user having a legitimate authority, there is no need for the user himself to input the user identification information. It will be easier for you.
Therefore, the information processing apparatus 1 according to the present embodiment is suitable for use under a situation where an unspecified person can reach. In particular, it can be suitably used in rental booths where business persons can drop in and use at any time, so-called Internet cafes, comics cafes and the like.
<Third Embodiment> In the present embodiment, in addition to the information processing apparatus 1 having an information display function and an information processing function, a storage device 2 capable of storing and storing various articles is disposed, and these are used by the user It is intended to be used. The storage tool 2 is a concept that includes all furniture that can store articles, and includes, for example, desk drawers, wagons, lockers, cabinets, bags, and the like. The user can store and store writing instruments, valuables, articles such as documents and books in the storage tool 2. In addition, the storage device 2 is provided with a locking device 2a. Needless to say, it is possible to prevent the articles stored in the storage device 2 from being taken out by being locked by the locking device 2a. Then, as schematically shown in FIG. 12, the locking device 2a of the storage device 2 and the information processing device 1 are connected by wire or wireless so that signals can be exchanged. The information processing device 1 can transmit an operation signal to the locking device 2a of the storage tool 2 to perform locking or unlocking. Hereinafter, the difference from the first embodiment will be mainly described.
For example, as shown in FIG. 13, the information processing apparatus 1 in this embodiment is connected via a processor 1a, a main memory 1b, an auxiliary storage device 1c, a display 1d, a display control device 1e, and an input / output interface 1h. In addition to the hardware resources such as the input device 1f and the human sensor 1g, a signal interface 1j for transmitting an operation signal to the locking device 2a of the storage device 2 is also included. The specific mode of the signal interface 1j depends on the mode of connection between the information processing device 1 and the locking device 2a of the capable tool. That is, when the information processing device 1 and the locking device 2a are connected by wire, an RS-232C, USB (Universal Serial Bus) or other wired signal interface can be adopted, and the information processing device 1 and the locking device 2a For wireless connection, a so-called wireless LAN (Local Area Network), a data communication transceiver such as Bluetooth (registered trademark), or other wireless signal transmission devices can be employed. As in the first embodiment, the human sensor 1g serves as sensor means 10 that detects whether or not a person is present in a predetermined area near the information processing apparatus 1.
Usually, a program to be executed by the processor 1a is stored in the auxiliary storage device 1c, and when the program is executed, it is read from the auxiliary storage device 1c into the main memory 1b and decoded by the processor 1a. Then, the above hardware resources are operated according to the program so that the functions as the control means 11, the control activation means 12, the authentication means 13, the control release means 14 and the signal transmission means 15 shown in FIG. ing. Since the control means 11, the control activation means 12, the authentication means 13, and the control release means 14 can be configured in the same manner as in the first embodiment, description thereof is omitted here. The signal transmission means 15 transmits an operation signal to the locking device 2a of the storage tool 2 using the function of the signal interface 1j and its device driver. The signal transmission means 15 transmits an operation signal for locking the locking device 2a when the absence of the user using the information processing apparatus 1 is detected via the sensor means 10, and the authentication means After the authentication by 13 is completed, an operation signal for unlocking the locking device 2a is transmitted. That is, when the user leaves the seat, the storage device 2 is locked to prevent others from taking out the articles stored in the storage device 2, and when a user having a valid authority appears after that, After the user is authenticated by the authentication means 13, the lock of the storage tool 2 is released, and the article can be taken into and out of the storage tool 2 again.
However, the functions of each part of the control means 11, the control activation means 12, the authentication means 13, the control release means 14, and the signal transmission means 15 are shared by a plurality of devices, and the information processing device 1 is established by their cooperation. Does not prevent you from doing.
Hereinafter, the procedure of processing executed by the information processing apparatus 1 in the present embodiment will be described with reference to the flowchart of FIG. When it is detected via the human sensor 1g that the user using the information processing apparatus 1 leaves the seat (step S1), the screen processing by the control means 11 is activated (step S2), and the control means 11 is started (step S3). Also, before or after Steps S2 and S3, an operation signal for locking the locking device 2a of the storage tool 2 is transmitted to the locking device 2a (Step S21). As a result, the storage tool 2 is locked. Thus, when the screen processing and the reservation processing by the control means 11 are activated, and it is sensed through the human sensor 1g that several persons have approached the information processing apparatus 1 (step S4), An instruction for prompting the person to input user identification information for identifying a user having a legitimate authority is given (step S5), and the input of the user identification information is accepted (step S6). As already described, in the present embodiment, in step S5, the user ID and / or password input dialog D as the user identification information is displayed on the screen of the display 1d, and the user ID using the input device 1f and / Or accept password input. When the input of the user identification information by the person is completed (step S7), the user authentication is performed by comparing the input user identification information with the user identification information relating to the user having a legitimate authority stored in advance. When it is possible to authenticate that the person who intends to use the information processing apparatus 1 is a user having a legitimate authority (step S8), the screen processing by the control means 11 is canceled (step S9), and the control means 11 is released (step S10). Also, before and after Step S9 and Step S10, an operation signal for unlocking the locking device 2a of the storage tool 2 is transmitted to the locking device 2a (Step S22). As a result, the storage tool 2 is unlocked. In step S8, when it is not possible to authenticate that the user has a legitimate authority, the user is prompted again for user identification information. Incidentally, although not shown in FIG. 6, when the input dialog D is displayed and the input of the user ID and password is awaited (steps S5 and S6), the predetermined time-out time is not entered and the input is not performed. When the time has elapsed or when the “Cancel” button arranged in the input dialog D is clicked, the input dialog D is deleted and the screen saver is activated. That is, the above-described steps S2 and S3 are performed. You may make it return a process to a step.
According to the present embodiment, the human sensor 1g as the sensor means 10 for detecting the presence or absence of a person and the locking device 2a provided in the storage device 2 capable of storing various articles are locked or unlocked. Signal transmitting means 15 capable of transmitting an operation signal for performing the operation, and authentication means 13 for authenticating that the person who has returned after leaving the user is a legitimate authority, The transmission means 15 transmits an operation signal for locking the locking device 2a when the user's absence is detected via the human sensor 1g, and the authentication by the authentication means 13 is completed. Since the information processing device 1 is configured to transmit an operation signal for unlocking the locking device 2a later, another person illegally takes out or browses the article in the storage device 2 while the user is away from the seat. Do Door can be suppressed. Accordingly, it is possible to safely store and store valuable documents that may be stolen and confidential documents and other articles that are desired to be prevented from being seen by others in the storage device 2.
Since the lock device 2a that is locked or unlocked in response to the operation signal provided from the information processing device 1 is provided and the storage device 2 that can store various articles is configured, the storage device 2 can be used easily. Various articles can be preserved.
In particular, in the present embodiment, the information processing apparatus 1 having an information display function and an information processing function locks or unlocks the locking device 2a provided in the storage device 2 that can store various articles. Signal transmission means 15 capable of transmitting an operation signal for detecting the absence of the user who uses the information processing apparatus 1 via the sensor means 10. Sometimes, an operation signal for locking the locking device 2a is transmitted, and an operation signal for unlocking the locking device 2a is transmitted after the authentication by the authentication means 13 is completed. Thus, it is possible to protect digital information stored in the information processing apparatus 1 and information such as documents stored in the storage device at the same time.
In addition, it goes without saying that the effects described in the first embodiment can also be achieved. The information processing apparatus 1 and the storage tool 2 in the present embodiment are suitable for use under a situation where an unspecified person can reach. In particular, it can be suitably used in rental booths where business persons can drop in and use at any time, so-called Internet cafes, comics cafes and the like.
<Fourth Embodiment> In the fourth embodiment to be described, the screen saver is activated on the information processing apparatus 1, that is, the screen process and the reservation process are activated, as in the second embodiment. As a method for authenticating that the person who intends to use the information processing apparatus 1 is a valid user, instead of inputting the user identification information by the user himself / herself, FIG. As shown, the user identification information is wirelessly received from a predetermined storage device M possessed in advance by the user. Hereinafter, the difference from the second embodiment and the third embodiment will be mainly described.
In this embodiment, an RFID tag is used as the predetermined storage device M. An RFID tag is a recording medium that can read and rewrite information without contact by wireless communication. The RFID method is not particularly limited. Incidentally, in order to prevent misplacement, it is preferable that the predetermined storage device M can be worn on the user like a badge, for example. However, the predetermined storage device M is not limited to the RFID tag, and a portable information processing terminal having a wireless communication function, particularly a mobile phone terminal equipped with a data communication transceiver such as Bluetooth (registered trademark) is predetermined. The storage device M is not hindered. And the user identification information for identifying the user who possesses this is memorize | stored in such a predetermined storage device M.
Further, in addition to the information processing apparatus 1 having an information display function and an information processing function, a storage tool 2 capable of storing and storing various articles is provided, and these are both used by the user. As shown in FIG. 15, the locking device 2a of the storage tool 2 and the information processing device 1 are connected by wire or wireless so that signals can be exchanged. The information processing device 1 can transmit an operation signal to the locking device 2a of the storage tool 2 to perform locking or unlocking.
For example, as shown in FIG. 16, the information processing apparatus 1 in this embodiment is connected via a processor 1a, a main memory 1b, an auxiliary storage device 1c, a display 1d, a display control device 1e, and an input / output interface 1h. In addition to hardware resources such as the input device 1f, the human sensor 1g, and the wireless communication device 1i, a signal interface 1j for transmitting an operation signal to the locking device 2a of the storage device 2 is included. The specific mode of the signal interface 1j depends on the mode of connection between the information processing device 1 and the locking device 2a of the capable tool. That is, when the information processing device 1 and the locking device 2a are connected by wire, the RS-232C, USB, or other wired signal interface 1j can be adopted, and the information processing device 1 and the locking device 2a are connected wirelessly. In this case, a so-called wireless LAN, a data communication transceiver such as Bluetooth (registered trademark), or other wireless signal transmission devices can be employed (at this time, the wireless communication device 1i and the signal interface 1j are the same). Does not prevent you).
Usually, a program to be executed by the processor 1a is stored in the auxiliary storage device 1c, and when the program is executed, it is read from the auxiliary storage device 1c into the main memory 1b and decoded by the processor 1a. Then, the above hardware resources are operated according to the program so that the functions as the control means 11, the control activation means 12, the authentication means 13, the control release means 14 and the signal transmission means 15 shown in FIG. ing. Since the control means 11, the control activation means 12, the authentication means 13, and the control release means 14 can be configured in the same manner as in the second embodiment, description thereof is omitted here. The signal transmission means 15 transmits an operation signal to the locking device 2a of the storage tool 2 using the function of the signal interface 1j and its device driver. The signal transmission means 15 transmits an operation signal for locking the locking device 2a when the absence of the user using the information processing apparatus 1 is detected via the sensor means 10, and the authentication means After the authentication by 13 is completed, an operation signal for unlocking the locking device 2a is transmitted. That is, when the user leaves the seat, the storage device 2 is locked to prevent others from taking out the articles stored in the storage device 2, and when a user having a valid authority appears after that, After the user is authenticated by the authentication means 13, the lock of the storage tool 2 is released, and the article can be taken into and out of the storage tool 2 again.
However, the functions of each part of the control means 11, the control activation means 12, the authentication means 13, the control release means 14, and the signal transmission means 15 are shared by a plurality of devices, and the information processing device 1 is established by their cooperation. Does not prevent you from doing.
Hereinafter, the procedure of processing executed by the information processing apparatus 1 in the present embodiment will be described with reference to the flowchart of FIG. When the sensor means 10 senses that the user using the information processing apparatus 1 has left the seat (step S11), the screen processing by the control means 11 is started (step S12), and the reservation by the control means 11 is reserved. The process is started (step S13). Also, before or after Steps S12 and S13, an operation signal for locking the locking device 2a of the storage tool 2 is transmitted to the locking device 2a (Step S23). As a result, the storage tool 2 is locked. Thus, in the state where the screen processing and reservation processing by the control means 11 are activated, let's establish wireless communication with a predetermined storage device M possessed by a person who intends to use the information processing apparatus 1. And When wireless communication is established with a predetermined storage device M (step S14), user identification information stored in the predetermined storage device M is acquired (step S15), and stored in advance with the acquired user identification information. The user authentication is performed by comparing with the user identification information related to the user who has the proper authority. When it is possible to authenticate that the person who intends to use the information processing apparatus 1 is a user having a legitimate authority (step S16), the screen processing by the control means 11 is canceled (step S17), and the control means 11 is released (step S18). Also, before and after Step S17 and Step S18, an operation signal for unlocking the locking device 2a of the storage tool 2 is transmitted to the locking device 2a (Step S22). As a result, the storage tool 2 is unlocked. If it is determined in step S16 that the user is not authorized, the screen processing and control processing are not canceled and the screen saver is activated. That is, the above steps are performed. The process returns to the stage of S12 and step S13.
According to the present embodiment, the human sensor 1g as the sensor means 10 for detecting the presence or absence of a person and the locking device 2a provided in the storage device 2 capable of storing various articles are locked or unlocked. Signal transmitting means 15 capable of transmitting an operation signal for performing the operation, and authentication means 13 for authenticating that the person who has returned after leaving the user is a legitimate authority, The transmission means 15 transmits an operation signal for locking the locking device 2a when the user's absence is detected via the human sensor 1g, and the authentication by the authentication means 13 is completed. Since the information processing device 1 is configured to transmit an operation signal for unlocking the locking device 2a later, another person illegally takes out or browses the article in the storage device 2 while the user is away from the seat. Do Door can be suppressed. Accordingly, it is possible to safely store and store valuable documents that may be stolen and confidential documents and other articles that are desired to be prevented from being seen by others in the storage device 2.
Since the lock device 2a that is locked or unlocked in response to the operation signal provided from the information processing device 1 is provided and the storage device 2 that can store various articles is configured, the storage device 2 can be used easily. Various articles can be preserved.
In particular, in the present embodiment, the information processing apparatus 1 having an information display function and an information processing function locks or unlocks the locking device 2a provided in the storage device 2 that can store various articles. Signal transmission means 15 capable of transmitting an operation signal for detecting the absence of the user who uses the information processing apparatus 1 via the sensor means 10. Sometimes, an operation signal for locking the locking device 2a is transmitted, and an operation signal for unlocking the locking device 2a is transmitted after the authentication by the authentication means 13 is completed. Thus, it is possible to protect digital information stored in the information processing apparatus 1 and information such as documents stored in the storage device at the same time.
In addition, it goes without saying that the effects described in the second embodiment can also be achieved. The information processing apparatus 1 and the storage tool 2 in the present embodiment are suitable for use under a situation where an unspecified person can reach. In particular, it can be suitably used in rental booths where business persons can drop in and use at any time, so-called Internet cafes, comics cafes and the like.
<Fifth Embodiment> The information processing apparatus 3 according to the present embodiment is configured with keeping in mind the overall security of the workspace used by the user. Hereinafter, the difference from the first to fourth embodiments will be mainly described.
As shown in FIG. 23, the information processing apparatus 3 in the present embodiment is a system having a control device 4 and at least one storage device guard device 5 as main elements. The control device 4 is installed in a work space in which furniture such as a desk and a chair, a computer 6 having an information display function and an information processing function, and the like are arranged. The storage device guard device 5 is provided in the storage device 2 such as a desk drawer, a cabinet, a wagon, a locker, or a user's bag according to the user's preference. The storage device guard device 5 is preferably detachable from the storage device 2.
For example, as shown in FIG. 24, the storage device supervision device 5 detects when a person has operated the storage device 2, and when the detection unit 51 detects an operation by some person. A reporting unit 52 for reporting, and an operation signal receiving unit 53 for receiving an operation signal for releasing the reporting function of the reporting unit 52 are provided. Since the storage device guard device 5 of the present embodiment is arranged and used in the storage device 2, an optical sensor 5 a that detects a light wave incident from outside the storage device 2 is mounted on the sensing unit 51. That is, the sensing unit 51 senses that the storage tool 2 has been opened by detecting a light wave incident on the storage tool 2 when the storage tool 2 is opened by some hand. However, the sensor element mounted on the sensing unit 51 is not limited to the optical sensor 5a. Thus, for example, a vibration sensor that detects vibrations caused by the operation of several persons, an inclination sensor that detects inclination, or a pressure-sensitive sensor provided along with a drawer or door that closes the storage space of the storage device 2 (such as a drawer or door). When a door or the like is opened or closed, a change in pressure received from these drawers or doors is detected, and a distance sensor (a distance that changes depending on whether the storage device 2 is opened or closed) is detected. If the drawer is pulled out, there is no object between the sensor and the ceiling), and others can be employed.
The reporting unit 52 transmits a signal for reporting that an operation has been applied to the storage device 2 by some person, or transmits an alarm for threatening a person who has operated the storage device 2. The reporting unit 52 of the present embodiment includes a device for reporting, for example, a light emitting device 5b that emits light and / or a voice output device 5c that outputs and reports a voice, and the devices 5b and 5c described above. And a control circuit 5d for controlling. These are normally driven by a battery, but the alarm is issued when the sensing unit 51 senses an operation on the storage device 2, more specifically, the optical sensor 5 a of the sensing unit 51 is outside the storage device 2. This is when an incident light wave is detected. Note that once the sensing unit 51 senses an operation on the storage device 2, it may be continuously issued or may be issued only while the light sensor 5 a of the sensing unit 51 is detecting a light wave. Good. It is also possible to issue a report for a certain time from the start of the report. Incidentally, when the sensing unit 51 is a solar cell, it is possible to make a report using light waves that are incident when the storage tool 2 is opened as energy.
The operation signal receiving unit 53 receives an operation signal by wire or wireless. An operation signal is provided from the control device 4. In the present embodiment, the radio transceiver 5e having a function of receiving an operation signal transmitted by radio from the control device 4 plays a role of the operation signal receiving unit 53. The wireless transceiver 5e is connected to the control circuit 5d of the reporting unit 52. When the control circuit 5d of the reporting unit 52 receives an operation signal for canceling the security function via the operation signal receiving unit 53, the control circuit 5d performs the operation for canceling the security function without performing the reporting operation. In a case where no signal is received, a notification operation is performed only when an operation on the storage device 2 by some person is detected through the sensing unit 51. That is, while the operation signal for cancellation is transmitted from the control device 4 and is received by the operation signal receiving unit 53, the alarm unit 52 detects that the sensing unit 51 detects an operation on the storage device 2. There is no notification. However, the operation signal receiving unit 53 is a wired communication interface, and does not hinder the aspect in which the storage device guard device 5 and the control device 4 are connected by wire.
FIG. 30 is a principle circuit diagram showing a circuit for supplying the power of the battery E to the load Z, that is, the control circuit 5d, the light emitting device 5b, the audio output device 5c, the wireless transceiver 5e, etc. in the storage device guard apparatus 5. is there. A semiconductor switch (for example, a field effect transistor, a bipolar transistor, a thyristor, etc.) 5h is arranged on the circuit, and power supply to the load Z can be controlled through ON / OFF of the semiconductor switch 5h. In the illustrated example, an n-channel MOSFET 5h is used as a switch. The light sensor 5a when not receiving light acts as a large resistance. When the optical sensor 5a is not receiving light, the drain-source of the MOSFET 5h serving as a semiconductor switch is cut off, and the voltage applied to the load Z becomes zero. When the optical sensor 5a receives light, a current flows from the optical sensor 5a, the gate-source voltage of the MOSFET 5h increases, and the drain-source becomes conductive. As a result, a voltage is applied to the load Z. Thus, the storage device guard device 5 of the present embodiment is configured to supply power to the reporting unit 52 and the operation signal receiving unit 53 when the optical sensor 5 detects a light wave. The extension is planned.
Generally speaking, the storage device guarding device 5 including the sensing unit 51, the reporting unit 52, and the operation signal receiving unit 53 has a security function (that is, a security function that suppresses the operation of the storage device 2 by a person other than the authorized user). It functions as the control means 11 shown in FIG. 18 for executing the unauthorized operation detection and notification function.
On the other hand, as shown in FIG. 25, for example, the control device 4 includes a human sensor 4a for detecting the presence or absence of a user or other person, a wireless transceiver 4b for performing wireless communication with the storage device guard device 5, and a user. A display device 4c (light emitting device or display such as an LED) for displaying some kind of sign, etc., an input device 4d (typically a key input device) that accepts an operation input by a user, and a computer 6 wired or wirelessly The hardware resources such as the communication interface 4e for connecting with are controlled by the control circuit 4f. However, a processor (not shown) that operates the hardware resources by decoding the program stored in the memory 4g may be mounted. Normally, the control device 4 operates with power supplied from the outside. However, when the communication interface is USB, IEEE1394, or the like, the control device 4 can be supplied with power from the computer 6 via the communication interface 4e. . It is also conceivable that the control device 4 and the computer 6 are communicably connected by power line (or power line) communication. That is, when the control device 4 and the computer 6 are provided with a power line modem as the communication interfaces 4e and 6g and are connected to the power line via the power line modem, the same light is supplied while receiving power from the power line. The control device 4 and the computer 6 can communicate with each other via a line. Thus, the control device 4 functions as the sensor means 10, the authentication means 13, and the control release means 14 shown in FIG.
The sensor means 10 detects the presence or absence of a person in the work space where the control device 4 is installed. It is possible to sense the presence or absence of the user via the sensor means 10. In the present embodiment, the human sensor 4a similar to that in the first embodiment is used as the sensor means 10. In addition, as supplementarily described in the first embodiment, it is possible to prevent the human sensor 4a from being used in combination with a distance sensor or the like. Incidentally, when the control device 4 and the computer 6 are communicably connected, information regarding the output of the sensor means 10 may be transmitted to the computer 6 one by one.
The authentication means 13 authenticates that the person who has returned after leaving the user is a user having a legitimate authority. That is, when the human sensor 4a is used as the sensor means 10, the human sensor 4a itself cannot determine whether the person appearing in the workspace is a user or a person other than the user. This is done by user authentication. The user authentication is performed, for example, in such a manner that a user who returns to the workspace is requested to input user identification information for identifying a user having a legitimate authority. User identification information relating to a user having a legitimate authority is stored in the main unit of the computer 6 connected to the control device 4 or a storage device such as a memory 4g mounted in the control circuit 4f, or to the control device 4 in a communicable manner. It is stored in advance in a required storage area of the memory 6b or the auxiliary storage device 6c (in plain text or encrypted), and is compared with the user identification information input via the input device 4d at the time of authentication. . In the present embodiment, a pass code is input as user identification information via the input device 4d. However, the user identification information is not necessarily a passcode. Thus, for example, biometric authentication may be performed using biometric data based on the user's physical characteristics as user identification information. In this case, a device used for inputting biometric data is provided in the control device 4 in advance. The authentication unit 13 may perform authentication using a plurality of methods in combination.
Further, when the authentication means 13 senses some approach through the human sensor 4a, the authentication means 13 gives an instruction for prompting the person to input user identification information for identifying a user having a legitimate authority. It is preferable to accept the input. An instruction for prompting input of user identification information is given in a form through screen display, voice output, and other various user interfaces. In the present embodiment, a sign that prompts the user to input user identification information (for example, LED emission, blinking, etc.) in a manner that appeals to the person's vision via the display device 4c and receives the input. It is said. Further, if the control device 4 is equipped with a voice output device (not shown), it is possible to output a voice prompting the user identification information to be input via the voice output device.
The control release unit 14 releases the predetermined security function started to be executed by the control unit 11 on the condition that the sensor unit 10 detects the absence of the user after the authentication by the authentication unit 13 is completed. As already described, in this embodiment, the storage device guard device 5 provided in the storage device 2 serves as the control means 11 that executes a security function related to opening and closing of the storage device 2. Therefore, in order to cancel the security function started to be executed by the storage device guarding device 5, it is necessary to input an operation signal indicating the release to the storage device guard device 5. The control canceling means 14 uses the function of the wireless transceiver 4b, and transmits an operation signal for canceling the security function to the storage device guarding device 5 when the user authentication processing by the authenticating means 13 is successful.
The basic processing procedure executed by the control device 4 and the storage device guard device 5 in this system will be described with reference to the flowcharts shown in FIGS. As shown in FIG. 26, when the presence of the user is sensed via the human sensor 4a, the control device 4 releases the security function toward the storage device guard device 5. The operation signal is continuously transmitted (step S25). Then, when it is detected via the human sensor 4a that the user has left the seat (step S26), transmission of an operation signal for canceling the security function is stopped (step S27), whereby the storage device supervision device 5 is stopped. Start the security function. After the user leaves the control device 4, in other words, in a state where the security function by the storage device guard device 5 is activated, and the human sensor 4 a indicates that some person has approached the information processing device 3. (Step S28), the user is instructed to input user identification information for identifying a user having a legitimate authority (step S29), and the input of the user identification information is accepted (step S30). ). As already described, in the present embodiment, in step S30, a sign in a mode appealing to the person's vision is output via the display device 4c to prompt the user to input user identification information, and the input device 4d. Accepts passcode input using. When the input of the user identification information by the person is completed (step S31), the input user identification information and the user identification information relating to the authorized user stored in the control device 4 (or the computer 6) in advance To perform user authentication. When it is possible to authenticate that the person who appears in the workspace is a user having a legitimate authority (step S32), the security function by the storage device guard apparatus 5 is released. That is, transmission of an operation signal for canceling the security function is started (step S33). If it is determined in step S32 that the user is not authorized, the user identification information is prompted again.
The storage device guard device 5 executes a security function related to the opening / closing of the storage device 2, but the execution is performed only while an operation signal for canceling the security function provided by the control device 4 is not received. It is done. As shown in FIG. 27, when the sensing unit 51 in the storage device guarding device 5 senses an operation on the storage device 2 and the operation signal receiving unit 53 cannot receive an operation signal from the control device 4 (step S34, In step S35), the reporting unit 52 issues a report (step S36). On the other hand, even if the sensing unit 51 senses an operation on the storage device 2, if the operation signal receiving unit 53 can receive the operation signal, no alarm is issued. That is, the storage device guard device 5 starts executing the security function related to the opening and closing of the storage device 2 on the condition that the human sensor 4a as the sensor means 10 provided in the control device 4 detects that the user is away. The execution is canceled by the control canceling means 14 provided in the control device 4.
Next, the computer 6 that is communicably connected to the control device 4 will be described. The computer 6 is constructed such that information can be displayed on the screen as characters, images, video or a combination thereof, as well as an existing personal computer, workstation, PDA, etc., and various information processing can be executed. Is done. The computer 6 is not an essential component in the present system, but can execute processing to be described later in cooperation with the control device 4. For example, as shown in FIG. 28, the computer 6 includes a control device 4 in addition to hardware resources such as a processor 6a, a main memory 6b, an auxiliary storage device 6c, a display 6d, a display control device 6e, and an input device 6f. A communication interface 6g for connecting by wire or wireless is also included. A specific mode of the communication interface 6g depends on a mode of connection between the control device 4 and the computer 6. That is, when the control device 4 and the computer 6 are connected by wire, RS-232C, USB, IEEE1394 or other wired signal interfaces can be used. When the control device 4 and the computer 6 are connected wirelessly, A so-called wireless LAN, a transceiver for data communication such as Bluetooth (registered trademark), or other wireless signal transmission devices can be employed.
Normally, a program to be executed by the processor 6a is stored in the auxiliary storage device 6c, and when the program is executed, it is read from the auxiliary storage device 6c into the main memory 6b and decoded by the processor 6a. Then, the hardware resources described above are operated according to the program, and the functions as the control means 11, the control activation means 12, and the control release means 14 shown in FIG. 10 are exhibited.
The control means 11 has a function of performing screen processing for concealing information displayed on the screen, and a function of performing reservation processing to reserve acceptance of an operation for executing information processing. The control means 11 can be configured using, for example, a known screen saver module program. By starting the screen saver module program, the currently displayed screen is concealed and operation acceptance is reserved. Incidentally, as one aspect of the screen processing by the control means 11, it is conceivable to turn off the power of the display 6d, in other words, to turn off the display 6d.
When the control device 4 senses that the user currently using the computer 6 has left the workspace, the control activation unit 12 activates the security process, that is, the screen process and the reservation process by the control unit 11. . When the control device 4 (the control circuit 4f or the processor thereof) in the present embodiment detects that the user is away via the human sensor 4a, the control device 4 transmits information indicating that fact to the computer 6 via the communication interface 4e. To do. When this is received via the communication interface 6g, the control activation means 12 activates the control by the control means 11. The control activation unit 12 is mainly a program.
The control cancellation unit 14 cancels the screen processing and reservation processing by the control unit 11 when a user having a valid authority returns to the work space. The control device 4 (the control circuit 4f or processor thereof) in the present embodiment indicates that when the authentication means 13 authenticates that the person who has returned after leaving the user is an authorized user. Information is transmitted to the computer 6 via the communication interface 4e. When this is received via the communication interface 6g, the control canceling means 14 cancels the screen saver function based on the screen saver program, thereby recovering the screen displaying the information and restarting the acceptance of the operation. The control release means 14 is also mainly a program.
However, it does not prevent the computer 6 from being provided with authentication means 13 for executing user authentication. At this time, the authentication means 13 authenticates that the person who has returned to the workspace is a valid user in a state in which the reservation of screen processing and operation acceptance by the control means 11 is activated. . This authentication is performed, for example, in such a manner that a person who appears in the workspace is requested to input user identification information for identifying a user having a legitimate authority. User identification information relating to a user having a legitimate authority is a predetermined information processing terminal (not shown) connected to a required storage area of the main memory 6b or the auxiliary storage device 6c or to be communicable with the computer 6. Is stored in advance in a required storage area of the main memory or auxiliary storage device (in plain text or encrypted), and is compared with the user identification information input via the input device 6f at the time of authentication. . Further, if the control device 4 is configured so that information relating to the output of the sensor means 10 mounted on the control device 4 is provided from the control device 4, the authentication means 13 in the computer 6 performs screen processing and reservation processing by the control means 11. In the state where the computer is activated, when an approach of some person is detected through the sensor means 10, an instruction for prompting the person to input user identification information can be given. An instruction for prompting input of user identification information is given in a form through screen display, voice output, and other various user interfaces. For example, it is possible to display a dialog D for requesting input of user identification information on the display 6d and accept the input.
When each of the control device 4 and the computer 6 is provided with authentication means 13 and each can perform user authentication, the security function related to the storage device 2 is released using the authentication means 13 on the control device 4 side, and the computer The security function (screen processing, reservation processing) according to 6 can be canceled using the authentication means 13 on the computer 6 side. Alternatively, when user authentication is performed using the authentication means 13 on either one side, both security functions may be canceled. The control device 4 and the computer 6 can interchange information regarding success or failure of user authentication via the communication interfaces 4e and 6g. Further, when the authentication unit 13 is provided on the computer 6 side, the authentication unit 13 is not necessarily provided on the control device 4 side (and the input device 4d needs to be mounted on the control device 4). Absent). In this case, user authentication is performed using the computer 6 in order to release the security function by the storage device guard device 5. When the user authentication is successful in the authentication means 13 on the computer 6 side, information indicating that fact is transmitted to the control device 4 side, and the control device 4 (the control circuit 4f or processor thereof) that has received this information transmits the information to the control device 4 side. An operation signal for canceling is transmitted toward. In other words, the control device 4 and the computer 6 cooperate to form an “information processing device” according to claim 1 or a “control device” according to claim 11. Become.
The usage forms of the storage device guard device 5 and the control device 4 of this embodiment are shown in FIGS. 23, 31 and 32. FIG. FIG. 23 shows a basic form in which the storage device guard device 5, the control device 4 and the computer 6 are used in combination. When the storage device 2 is operated without following the procedure for authenticating a user having a legitimate authority, a notification is issued. In addition, access to the computer 6 by a person other than a user having a legitimate authority is disabled. That is, the security of the storage device 2 and the security of the computer 6 are simultaneously protected. FIG. 31 shows a form excluding the storage device guard device 5. In this form, only the security of the computer 6 is protected. When valuables or secret documents are not stored in the storage tool 2 or when the storage tool 2 itself does not exist, it may be used in the form shown in FIG. Moreover, FIG. 32 is a form using only the storage device guard apparatus 5. In this form, regardless of whether or not the user has a legitimate authority, a notification is always issued when the storage tool 2 is operated. In this way, it is possible to simply protect the security of the storage device 2 using only the storage device guard device 5.
From here, the supplementary description regarding the storage device guard apparatus 5 will be given. There may be a plurality of storage device guarding devices 5 in a predetermined work space. When the plurality of storage device guard devices 5 are used by a specific user or user group, it is not always necessary to distinguish the wireless transmission path between each of the storage device guard devices 5 and the control device 4. In particular, if the security functions of all the storage device guarding devices 5 may be released at the same time, the operation signal transmitted from the control device 4 to each storage device guarding device 5 can be shared. However, if the security of only a part of the storage device guarding devices 5 can be released, it is necessary to allocate a separate channel for communication between each storage device guarding device 5 and the control device 4. The same applies to the case where there are a plurality of control devices 4 in a predetermined work space and there is a storage device guard device 5 associated with each control device 4. The multiplexing method used by the wireless transceivers mounted on the storage device guard device 5 and the control device 4 is not particularly limited, but a wireless transmission path between each storage device guard device 5 and the control device 4 (with a separate channel). An identifier must be given (to assign). Said identifier is memorize | stored in the control apparatus 4 and the storage device guard apparatus 5, respectively. For example, the dip switch 7 mounted on the storage device guard device 5 is operated to determine an identifier (particularly a several digit number) to be given to the storage device guard device 5 and the same identifier is input via the input device 4d. Are input to the control device 4 and stored in the memory 4g mounted on the control device 4.
Hereinafter, specific examples will be described. As shown in FIG. 33, the storage device guard apparatus 5 in this example is a circuit board 5i on which hardware resources such as an optical sensor 5a, a control circuit 5d, a light emitting device 5b, an audio output device 5c, and a radio transceiver 5e are mounted. Is covered with a cover 9, and the dip switch 7 is also mounted on the circuit board 5i. At least a part of the optical sensor 5a and the light emitting device 5b is exposed to the outside. The dip switch 7 is connected to the control circuit 5d or the radio transceiver 5e, and parameters set by the dip switch 7 are referred to by the control circuit 5d or the radio transceiver 5e. For example, an operation signal that is transmitted from the control device 4 and received by the wireless transceiver 5e includes an identifier that identifies the wireless transmission path (this is an identifier that identifies the storage device guard device 5 that is the destination of the operation signal). In this case, the control circuit 5d or the wireless transceiver 5e compares the identifier included in the operation signal with the parameter set by the DIP switch 7, and determines whether to accept or ignore this operation signal. . That is, an identifier for associating the control device 4 with the storage device guard device 5 is set by the dip switch 7.
An opening 91 through which the setting key 8 can be inserted is formed in the cover 9 of the storage device guard device 5. The setting key 8 is used to assign a predetermined identifier to one or a plurality of storage device guard devices 5, that is, to set a predetermined parameter in the dip switch 7 mounted on the storage device guard device 5. Is. A parameter defined by the setting key 8 can be set in the dip switch 7 by inserting the setting key 8 through the opening 91 and engaging the tip thereof with the operation unit 71 of the dip switch 7.
More specifically, the dip switch 7 in the illustrated example is a slide dip switch 7 having a plurality of operation units 71 that slide. As shown in FIGS. 33 and 34, the DIP switch 7 is provided so as to face the opening 91 formed in the cover 9, and the setting key 8 into which each operation part 71 is inserted from the opening 91 is inserted. It is arranged in a direction that is displaced substantially along the direction. Each of the arranged operation units 71 can be positioned at one of two positions nearer to the opening 91 and farther from the opening 91. Any one of the binary values of HI / LO can be set for each operation unit 71, and a parameter having the number of bits equal to the number of the operation units 71 can be set for the entire DIP switch 7. Note that all the operation units 71 are positioned on the side close to the opening 91 in the initial state (for example, at the time of shipment). Then, it engages with the setting key 8 inserted through the opening 91 and is displaced in a direction away from the opening 91.
The setting key 8 is a thin plate-like body made of, for example, resin, and an engagement edge 81 and a retracting groove 82 are formed at the tip thereof. The engaging edge 81 engages with the operation portion 71 when the setting key 8 is inserted from the opening 91 and displaces it to a required position. It is provided at a site corresponding to the operation unit 71 to be targeted. The retraction groove 82 prevents the operation unit 71 from being displaced by avoiding interference with the operation unit 71 when the setting key 8 is inserted, and an operation not to be operated among the plurality of operation units 71. Provided at a site corresponding to the portion 71. The dimension of the retraction groove 82 in the depth direction (a direction parallel to the insertion direction of the setting key 8) is equal to or exceeds the stroke size of the operation unit 71 in the switch. In the illustrated example, the groove is a bottomed groove that does not penetrate the front and back of the setting key 8, but the front and back of the setting key 8 may be penetrated.
When starting to use the storage device guarding device 5, a user who wants to set parameters in the dip switch 7 grasps the base end portion of the setting key 8 and inserts it into the cover 9 through the opening 91. Then, the engaging edge 81 provided at the distal end hits or comes into contact with one or a plurality of operation parts 71. Then, by pushing inward as it is, the operation portion 71 engaged with the engagement edge 81 receives an operation force and is displaced in a direction away from the opening 91. On the other hand, the position of the operation unit 71 that has entered the retreat groove 82 is not changed. This state is shown in FIGS. 35 to 37. Thereafter, the setting key 8 is removed from the opening 91, and the parameter setting operation is completed. Needless to say, when the same parameter is to be set in a plurality of storage device guarding devices 5, the above-described operation may be performed for each of the storage device guarding devices 5.
Incidentally, in the illustrated example, a guide member 92 for guiding the setting key 8 is provided between the periphery of the opening 91 formed in the cover 9 and the dip switch 7. A pair of protrusions 93 are protruded from the surface of the guide member 92. The separation distance between the pair of protrusions 93 is substantially equal to the dimension of the setting key 8 in the width direction (direction perpendicular to the insertion direction). Thus, both sides of the setting key 8 are slid with respect to the protrusions 93 (and the surface of the setting key 8 is slid with respect to the surface of the guide member 92). The distal end portion can be appropriately entered toward the operation portion 71 of the dip switch 7. Further, the setting key 8 inserted through the opening 91 does not advance too far and the operation unit 71 that has entered the retreat groove 82 is not operated, so that the setting key 8 further enters at a certain position. It is also preferable to provide a stopper 94 that suppresses the above.
Open the cover 9 if you want to reset another parameter to the switch 7 that has already been set, if you want to return the switch 7 to its initial state, or if you have lost the setting key 8. Or the operation unit 71 may be directly operated.
Further, the control device 4 may be provided with a dip switch (not shown) and an opening (not shown) similar to those provided in the storage device guard device 5. If it does so, the setting key 8 applied with respect to the storage device guard apparatus 5 can also be applied to the control apparatus 4, and the same parameter, ie, the identifier which matches both can be set to both.
As described above, a mechanical switch 7 having a plurality of operation units 71 and each operation unit 71 being individually operated, a cover 9 that shields the switch 7 from the outside, and the cover 9 are formed. A switch setting mechanism comprising an opening 91 and a setting key 8 that can be inserted from the opening 91 and engage a tip portion with the operation portion 71 of the switch. An engagement edge 81 that engages the operation unit 71 and displaces the operation unit 71 to a required position is provided at a site corresponding to the operation unit 71 to be operated, and a site corresponding to the operation unit 71 that should not be operated. A retraction groove 82 for avoiding interference with the operation unit 71 is provided, and the user can set a plurality of operation units 71 (positions) at once by inserting the setting key 8 through the opening 91. Features a switch setting mechanism Because you are, the work of setting the parameters to the switch 7 can easily run, burden as compared with operating the respective operating portions 71 of the switch 7 one by one becomes insignificant. This is particularly effective in the operation of setting a plurality of dip switches 7 in the same state, such as when the same identifier is set for each of a plurality of setting target devices (the storage device guard device 5 and / or the control device 4). Demonstrate. That is, it is possible to quickly set the plurality of switches 7 to the same state using the same setting key 8. In addition, since the switch 7 can be protected by the cover 9, there is no fear that the switch operation unit 71 is erroneously operated.
In the example shown in FIGS. 33 to 37, one dip switch device 7 having a plurality of operation units 71 corresponds to the “mechanical switch” mentioned here. However, a combination of a plurality of switch devices (each having at least one operation unit) does not prevent the “mechanical switch” referred to here. Further, the switch is not limited to a slide switch in which the operation unit 71 slides. Therefore, for example, a lever switch or a toggle switch that swings the operation unit, a push switch that protrudes and retracts the operation unit, or the like can be employed.
Further, in the illustrated dip switch 7, each operation unit 71 is positioned at one of the two positions nearer to the opening 91 and farther from the opening 91, so that it is pushed and displaced by the engaging edge 81 of the setting key 8. The operation unit 71 to be surely slides to a position farther from the opening 91. Accordingly, the engagement edges 81 provided on the setting key 8 and corresponding to the individual operation units 71 to be operated are aligned in a line in the width direction of the setting key 8. However, it is also possible to employ a switch that can set the operation unit 71 at three or more positions (that is, variations of values set by each operation unit 71 are three or more). In such a case, as shown in FIG. 38, the engagement edge 81 provided on the setting key 8 corresponds to the setting position (parameter set by each operation unit 71) for each corresponding operation unit 71. Thus, it may be shifted to different parts along the insertion direction of the setting key 8.
Thereby, the multiplexing of the transmission path between each storage device guard device 5 and the control device 4 becomes possible. In particular, the exchange of operation signals between a plurality of control devices 4 used by different users and the storage device guarding devices 5 associated with the control devices 4 is appropriately performed without interference. That is, when a user performs user authentication via the control device 4 used by himself / herself in a situation where the storage device guarding devices 5 used by a plurality of users are mixed in the workspace, An operation signal is provided only to the storage device guarding device 5 being used, and its security function is released. The storage device guarding device 5 used by other users still keeps the security function. In this way, security can be ensured for each user in a workspace shared by a plurality of users. Further, the control device 4 can store the identifier assigned to each storage device guard device 5 and the user identification information in association with each other. Thereby, after the user authentication by the authentication means 13, the control apparatus 4 can selectively cancel | release the storage device guard apparatus 5 relevant to the authenticated user.
The storage device guarding device 5 is preferably formed to have a shape resembling that of other articles, or provided with a function as another article. In particular, it is formed into a shape similar to an article that is not unnatural even when stored in the storage tool 2, that is, an article used together with the stationery or the storage tool 2, or the function as the control means 11 is provided to such an article. It is preferable to provide it. For example, the appearance of the file or box for storing documents, writing instruments or other stationery, partitions for partitioning the storage space of the storage device 2, or the like is formed, or the sensing unit 51, notification is given to these articles. The storage device guard apparatus 5 is configured by mounting various devices as elements of the unit 52 and the operation signal receiving unit 53. As a result, for example, it is difficult for a person who performs an illegal act to find the storage device guard device 5 provided in the storage device 2, or the user can store the storage device guard device 5 in a file, a box, or other article during normal times. Can be used as a practical use. In the example shown in FIG. 33, the outer shape of the storage device guard device 5 is shaped like a file folder by a cover 9 made of resin, for example.
The security function executed by the storage device guard device 5 serving as the control means 11 is released only while the operation signal for release provided by the control device 4 is received. That is, while the user is present, the control device 4 continuously transmits an operation signal for release. However, as another aspect, the control device 4 transmits an operation signal for activating the security function of the storage device guard device 5 when the user's absence is detected, and the user having the proper authority returns. It is also possible to transmit an operation signal for canceling the security function of the storage device guard device 5 when it has been authenticated. The storage device guard device 5 in this case starts execution of the security function when receiving an operation signal for activation, and performs security when receiving an operation signal for release while the security function is being executed. Stop function. Information about whether the security function is currently being executed (the user is away) or whether the function is to be stopped (the user is present) is the storage device guard device. 5 (memory (not shown) mounted in). That is, when one of the operation signals is received by the operation signal receiving unit 53, the held state is switched according to the content of the operation signal. The control circuit of the reporting unit 52 executes the reporting operation when the sensing unit 51 senses an operation on the storage device 2 and the current state is a state in which the security function should be executed with reference to the memory. To do.
It is also possible to provide the reporting unit 52 on the control device 4 side instead of the storage device guard device 5 side. The notification unit provided in the control device 4 is in a state in which a notification can be issued from when the sensor means 10 detects the user's absence until the authentication means 13 authenticates the return of the authorized user. I'm left. Therefore, when the storage device guarding device 5 senses an operation on the storage device 2 via the sensing unit 51, the storage device guard device 5 transmits information indicating the fact using the function of the wireless transceiver 5e. When the reporting unit of the control device 4 receives the information transmitted from the storage device guarding device 5, the reporting unit performs reporting in the form of light emission, sound output, or the like. In this case, the storage device guard device 5 and the control device 4 cooperate to form the control means 11 that executes the security function.
The storage device guard device 5 serving as the control means 11 described above detects an operation on the storage device 2 by some person, and issues a notification when the person who performed the operation is considered to be someone other than the authorized user. It was something to do. In contrast to this, it is also conceivable to provide the storage device guard device 5 with a mechanism for directly preventing the storage device 2 from opening and closing. For example, a locking mechanism that is controlled by the control circuit 5 d and physically prevents the storage device 2 from being opened and closed is mounted on the storage device guard device 5. As the locking mechanism referred to herein, an embodiment in which it is difficult to open and close the storage device 2 by expanding like a balloon, or a mode in which a lock bolt member for suppressing the opening and closing of the storage device 2 is driven, Etc. At this time, when the control circuit 5d receives the operation signal for releasing the security function, in other words, the operation signal for unlocking via the operation signal receiving unit 53, the control circuit 5d contracts the balloon included in the locking mechanism. Alternatively, the lock bolt member is driven to allow the container 2 to be opened and closed. On the contrary, when it becomes impossible to receive the operation signal for canceling the security function, the control circuit 5d inflates the balloon of the locking mechanism or drives the lock bolt member to lock the storage tool 2. That is, the storage device guard device 5 serving as the control means 11 executes a security function called locking instead of issuing a report. In the above case, the sensing unit 51 for sensing an operation on the storage tool 2 may not necessarily be mounted.
However, when the operation signal for releasing the security function cannot be received, but when the operation signal for starting the security function (transmitted from the control device 4) is received, the balloon or lock of the locking mechanism is received. It is good also as what locks by driving a bolt member. In this case, the radio transceiver 4b of the control device 4 functions as the “signal transmitting means” described in claims 6 or 7, and the storage device guard device 5 corresponds to the “locking device”. It becomes.
By the way, as a means to implement the security function, an energizing device (such as an electric fence) that prohibits human operation by applying voltage to the part touched by the finger of the person who wants to operate the storage device 2 is implemented instead of the locking mechanism. May be. Even if it is such, opening and closing of the storage tool 2 can be suppressed.
Instead of the storage device guarding device 5, the control device 4 may control the storage device 2 incorporating the locking device described in the third to fourth embodiments. In this case, the wireless transceiver of the control device 4 serves as a signal transmission means 15 that transmits an operation signal to the locking device 2a of the storage tool 2. Then, an operation signal for locking the locking device 2a is transmitted when the user's absence is detected via the sensor means 10, and after the authentication by the authentication means 13 is completed, the unlocking of the locking device 2a is performed. An operation signal for performing is transmitted. That is, when the user leaves the seat, the storage device 2 is locked to prevent others from taking out the articles stored in the storage device 2, and when a user having a valid authority appears after that, After the user is authenticated by the authentication means 13, the lock of the storage tool 2 is released, and the article can be taken into and out of the storage tool 2 again. In this embodiment, it can be seen that the storage device guarding device 5 having a locking function is incorporated in the storage device 2 as the locking device according to claim 6 or 7. Alternatively, the locking device 2a incorporated in the storage tool 2 can be regarded as the “control unit 11” described in claims 1 or 4.
In addition, it is preferable to configure the system so that when the storage device guard device 5 senses an unauthorized operation on the storage device 2, information on the fact that the unauthorized operation has occurred can be acquired. For example, when an operation signal for canceling the security function is not received, when the operation of the storage device 2 by some person is detected through the detection unit 51, the control circuit 5d of the notification unit 52 performs an unauthorized operation. It is assumed that the information indicating that it has been transmitted is transmitted to the control device 4 using the function of the wireless transceiver 5e. It can be said that when the storage device guard device 5 senses the fact that the operation of the storage device 2 has been performed without user authentication by the authentication means 13, it reports that fact in the form of a radio signal.
On the other hand, an unauthorized access information output means 16 for generating and outputting information on fraud facts shown in FIG. 20 is provided in the control device 4 or the computer 6 connected to the control device 4. Here, the output of information is a concept that encompasses display on a display screen, printout, transmission of information to the outside, writing to a memory, hard disk drive, or other storage device. The specific configuration of the unauthorized access information output means 16 is in accordance with the output mode of information related to the unauthorized fact. In the present embodiment, for example, it is assumed that the control device 4 plays a role as the unauthorized access information output unit 16. In other words, when the information indicating that the unauthorized operation has been performed is received from the storage device guarding device 5 via the wireless transceiver 4b, the control circuit 4f (or the processor) of the control device 4 indicates the fact of the unauthorized operation. Information is generated, written to the memory 4g mounted on the control device 4, transmitted to the computer 6 via the communication interface 4e, and further connected to the computer 6 via an electric communication line. The information is transmitted to a predetermined information processing terminal (not shown) to be transmitted (address information indicating the information processing terminal as a transmission destination is usually the memory 4g of the control device 4 or the main memory 6b of the computer 6). (Or stored in advance in the auxiliary storage device 6c), etc. To run the output of. The information generated and output by the unauthorized access information output unit 16 includes, for example, information indicating the storage tool 2 that has been illegally operated, information indicating the date and time when the unauthorized operation was performed, and the like. However, the unauthorized access information output means 16 is not prevented from being provided in the computer 6. That is, the control circuit 4f of the control device 4 that has received information indicating that an unauthorized operation has been performed from the storage device guard device 5 notifies the computer 6 via the communication interface 4e. Then, the processor 6a of the computer 6 that has received the notification generates information on the fact of the illegal operation based on the program and displays it on the display 6d in a required storage area of the main memory 6b or the auxiliary storage device 6c. The data is output in such a manner that it is written or transmitted to a predetermined information processing terminal that is communicably connected to the computer 6 via an electric communication line.
In addition, it is desirable that the unauthorized access information output unit 16 can generate and output information on the fact even when the user authentication by the authentication unit 13 fails.
According to the present embodiment, the human sensor 4a serving as the sensor means 10 that detects the presence or absence of a person, and the predetermined security function, that is, the screen processing and the condition that the human sensor 4a detects that the user is away. And / or control means 11 for starting execution of reservation processing, and authentication means 13 for authenticating that the person who has returned with the security function by the control means 11 activated is a user having a legitimate authority, Since the information processing apparatus 3 (system) including the control release unit 14 that releases the security function by the control unit 11 after the authentication by the authentication unit 13 is completed, the user does not have to perform complicated operations. When the user leaves the seat, the security function by the control means 11 is activated. And, in the state that the security function is activated, in order to release it after authenticating that a user with a legitimate authority has returned, it is possible to prevent unauthorized access by others and ensure security. Become.
The storage device supervising device 5 serving as the control means 11 executes a function for ensuring security related to the opening and closing of the storage device 2, and the control release means 14 has completed authentication by the authentication means 13. Since the operation signal for releasing the security function is transmitted to the control means 11 when the user is out of the seat, the other person illegally takes out the article in the storage device 2 while the user is away from the seat. Or you can deter browsing, so you can safely store and store valuable documents that might be stolen or confidential documents or other items that you want to avoid seeing by others in the storage device 2. It becomes.
Since the storage device guard device 5 as the control means 11 is detachable from the storage device 2, the user can arbitrarily attach it to the desk drawer, cabinet, locker, bag, etc. used by the user, Improvements can be made.
Sensor means 10 for detecting the presence or absence of a person, and signal transmission means for transmitting an operation signal for locking or unlocking the locking device provided in the storage device 2 capable of storing various articles. 15 and authentication means 13 for authenticating that the person who has returned after leaving the user is an authorized user, and the signal transmitting means 15 detects that the user is away from the sensor. An operation signal for locking the locking device is transmitted when detected via the means 10, and an operation signal for unlocking the locking device is transmitted after the authentication by the authentication means 13 is completed. A simple security system can be similarly constructed by configuring the information processing apparatus 3 to perform. In addition, when the locking device is in the unlocked state only while receiving the operation signal for unlocking (shifts to the locked state when the operation signal for unlocking cannot be received), When the signal transmission means 15 senses that the user is away via the sensor means 10, the transmission of the operation signal is stopped, and then the authentication means 13 authenticates the user who has the right authority. The transmission of the operation signal can be resumed.
When at least one of the fact that the user authentication by the authentication means 13 has failed or the fact that the operation on the storage device 2 has been performed without user authentication by the authentication means 13 is detected, Since the unauthorized access information output means 16 for generating and outputting information is further provided, information on the unauthorized acts by a third party for the computer 6 and the storage device 2 is transmitted to a required destination to report the fact of the unauthorized acts. Or information about fraudulent acts can be stored and referred to later.
In addition, it goes without saying that the effects described in the first to fourth embodiments can also be achieved.
However, the present embodiment is not limited to the aspect described in detail above, and the specific configuration of each part can be variously modified. First, the aspects of the sensor means 10 and the authentication means 13 are not limited to those described above. As already described in the third or fourth embodiment, when authenticating that a person who appears in the workspace after leaving the user is an authorized user, the user's own input of user identification information is accepted. Instead, the user identification information stored in a predetermined storage device M possessed in advance by the user may be acquired. As the predetermined storage device M, an RFID tag, a portable information processing terminal having a wireless communication function, or the like can be employed. Then, for example, as shown in FIG. 29, a wireless communication device 4h for acquiring user identification information by wireless communication from a storage device M possessed by the user is mounted on the control device 4. The specific mode of the wireless communication device 4h is in accordance with the mode of the predetermined storage device M possessed by the user. For example, when the predetermined storage device M is an electronic induction type RFID tag, it includes a coil (antenna) for inducing an induced voltage in the induction coil in the RFID tag. When the storage device M is an optical RFID tag, an infrared device for performing infrared communication with the RFID tag is included. Alternatively, it may be a data communication transceiver such as Bluetooth (registered trademark) for communicating with a portable information processing terminal. The wireless communication device 4h for exchanging user identification information with the predetermined storage device M and the radio transceiver 4b for exchanging signals with the storage device guard device 5 may be separate from each other. It may be the same. In addition, if it is assumed that the predetermined storage device M exists with the user, detecting the presence / absence of the predetermined storage device M is synonymous with detecting the presence / absence of the user. Accordingly, the sensor means 10 that detects the presence or absence of a person and the authentication means 13 that performs user authentication may share the same hardware resources. That is, the sensor means 10 is configured using the wireless communication device 4h for performing wireless communication with the predetermined storage device M, and there is no user when communication with the predetermined storage device M is interrupted. It can be assumed that the user exists when communication is established. At this time, since the predetermined storage device M and the wireless communication device 4h are elements of the sensor means 10 and the authentication means 13 according to the present invention, it is not necessary to mount the human sensor 4a and the input device 4d on the control device 4. . Of course, the input device 4d (not shown in FIG. 29) is mounted, authentication using the storage device M such as an RFID tag, and the user himself / herself, such as a passcode, via the input device 4d. You may comprise so that the authentication which inputs identification information can be selectively implemented. Then, even if the storage device M is not owned, the user authentication is performed by inputting the passcode, the security function (unauthorized operation detection and reporting function) related to the storage device 2, and the security related to the computer 6 It becomes a system that can cancel functions (screen processing, reservation processing).
Furthermore, as shown in FIG. 39, a wireless communication device 5f for acquiring user identification information from the storage device M possessed by the user may be mounted on the storage device guard device 5. At this time, the user authentication process can be executed not by the control device 4 but by the storage device guard device 5. As already described, the storage device guard apparatus 5 includes hardware resources such as the optical sensor 5a, the light emitting device 5b and / or the audio output device 5c, the control circuit 5d, and the like shown in FIG. It plays the role of the control means 11 (the sensing part 51, the alerting | reporting part 52) which performs the security function which concerns on 2. FIG. In addition, the control circuit 5d (which may be a microcomputer. A program decoded and executed by the microcomputer may be stored in the memory 5g below) controls the wireless communication device 5f. Thus, user identification information is exchanged with a predetermined storage device M possessed by the user. On the other hand, user identification information relating to a user having a legitimate authority is stored in advance in a required storage area of the memory 5g to which the control circuit 5d is bus-connected. Thus, the control circuit 5d compares the user identification information read from the predetermined storage device M with the user identification information related to the authorized user stored in the memory 5g, and possesses the storage device M. It is determined whether or not the person who performs this is a valid user. When it is determined that the owner of the storage device M is a valid user, the security function related to the storage device 2 is released. That is, even if the sensing unit 51 senses an operation on the storage tool 2, the light emitting device 5b and / or the audio output device 5c does not issue a report.
The control circuit 5d communicates with the storage device M intermittently or continuously via the wireless communication device 5f (the timing at which user identification information is acquired from the storage device M can be changed as appropriate). The stored user identification information is acquired, and it is confirmed step by step that the owner is a user with a valid authority. When it becomes impossible to receive the user identification information related to the user having a legitimate authority, the execution of the security function related to the storage device 2 is started assuming that the user has left his / her seat. On the other hand, when the user identification information related to the user having a legitimate authority can be received, the security function related to the storage device 2 is canceled assuming that the user has returned or is present. That is, the sensor means 10 is configured using a wireless communication device 5f for performing wireless communication with a predetermined storage device M. At this time, the wireless communication device 5f and the control circuit 5d that compares the user identification information are elements of the authentication unit 13 according to the present invention. In addition, the control circuit 5d that controls the light emitting device 5b and the audio output device 5c serves as a control release unit 14 that releases the security function. In such a case, since the security function can be activated / released without using the control device 4, it can be used independently without being combined with the control device 4.
In addition, a plurality of control devices 4 are arranged in their respective work spaces corresponding to a plurality of users, and computers 6 to which these control devices 4 are connected are connected to each other via an electric communication line. In such a case, it becomes possible to transmit information regarding the presence / absence of a certain user sensed via the sensor means 10 mounted on the control device 4 to the computer 6 of another user. At this time, the computer 6 also exhibits a function as a current status information transmitting means for transmitting information on the current status of the user who uses the computer 6 to other users based on the program. A user's computer 6 usually has a destination address for transmitting information to the other user's computer 6 (may be an address indicating the computer 6 itself used by another user, or information for other users). Is stored in the main memory 6b or the auxiliary storage device 6c. When a user's absence is detected via the sensor means 10, information indicating that the user has left is transmitted to the destination address stored by the user, thereby informing other users. To do. In addition, when the authentication means 13 confirms the return of a user who has a legitimate authority, information indicating that the user has returned is sent to the destination address stored by the user so that other users can be notified. Inform.
<Sixth Embodiment> In a sixth embodiment, which will be described subsequently, an information processing apparatus (system) 30 capable of controlling the printing process in which the computer 6 causes the printer P to output hard copies of documents, charts, images, etc. will be described. In general offices, rental booths, Internet cafes, etc., a plurality of people often share the printer P. When a user attempts to print a document, chart, image, or the like generated using the computer 6, the print job is transmitted from the computer 6 to the printer P. The printer P that has received the print job outputs a document, a diagram, an image, etc. in a hard copy according to the contents of the print job. However, since there is a physical distance between the computer 6 used by the user and the printer P that performs hard copy output, there is a printer P after the user sends a print job from the computer 6. There may be a time lag before arriving at the location. If the printing operation in the printer P is executed before the arrival of the user, the hard copy is kept in contact with a third party until the user arrives. This is never preferable from the viewpoint of confidentiality protection. In order to solve the above-described problem, in the present embodiment, a system 30 is constructed in which a user's desired hard copy is output from the printer P after the user arrives at a location where the printer P is located.
The information processing apparatus (system) 30 according to the present embodiment temporarily stores print information including information defining a document, a chart, an image, etc., which are hard-copy output from the printer P, as shown in the configuration explanatory diagram of FIG. Accumulating means 401 for accumulating, authenticating means 402 for authenticating a user appearing in the vicinity of the printer P, and browsing by a user authenticated by the authenticating means 402 out of print information accumulated in the accumulating means 401 Includes a print control mechanism including control means 403 for extracting print information that is permitted and outputting the hard copy to the printer P.
Usually, the computer 6 used by the user has application software for creating or downloading data such as documents, charts and images from an external computer (not shown) connected through a telecommunication line, and a printer. Printer P driver software for controlling P is installed in advance. On the computer 6, the application software and the printer P driver software cooperate to convert data such as documents, charts, and images to be printed into appropriate print information for causing the printer P to print. The print information includes at least information defining a document, a chart, an image, and the like, and information defining a printing mode such as paper size, number of printed sheets, single-sided printing or double-sided printing. The print information is described in a format that can be interpreted by the printer P that actually performs printing. The computer 6 generates print information and transmits the print information to the printer P, thereby causing the printer P to output a hard copy of contents such as a desired document, chart, and image. At this time, instead of immediately inputting print information to the printer P, the print information is temporarily stored in the storage unit 401 and the print operation is started. After the user is authenticated, print information related to the user is input to the printer P to perform hard copy output.
As shown in FIG. 41, the system 30 includes a computer 6 used by each user, a control device 40 connected to the computer 6 via an electric communication line, and at least a connection to the control device 40. One printer P is a main component.
The computer 6 is the same as that in the fifth embodiment, and is arranged in a work space where the user performs work. As described above, the computer 6 is preinstalled with application software for creating or downloading data such as documents, charts, and images, and printer P driver software for controlling the printer P. In addition, each computer 6 is accompanied by the control device 4 and the storage device guard device 5 described in the fifth embodiment, and the system 3 capable of ensuring the security of the computer 6 itself and the security of the storage device 2 is provided for each computer 6. Configured in the workspace.
For example, as shown in FIG. 42, the control device 40 includes a processor 40a, a main memory 40b, an auxiliary storage device 40c, an input device 40d (typically a key input device) that accepts an operation input by a user, a computer 6 and a printer. It has hardware resources such as a communication interface 40e for connecting to P by wire or wirelessly. The input device 40d is a device for acquiring user identification information for identifying a user who appears in the vicinity of the printer P, and accepts the input operation when the user identification information is input by the user's own hand. When user identification information stored in a predetermined storage device M possessed by the user is acquired instead of input by the user's own hand, the user identification information is read from the storage device M by wireless communication. A wireless communication device (not shown) may be mounted on the control device 40. The communication interface 40e is, for example, a network interface card (NIC) for connecting to the computer 6 via a telecommunication line such as a LAN or a wide area network (WAN), USB for connecting to the printer P, IEEE 1394, or traditional A serial port for connecting a typical printer P. However, the printer P may be connected to a telecommunication line such as a LAN or WAN, and the telecommunication line may be interposed between the control device 40 and the printer P.
The input device 40d or a wireless communication device (not shown) should be provided in the vicinity of the printer P. On the other hand, other hardware resources are not necessarily present near the printer P. Therefore, the input device 40d or a wireless communication device (not shown) is connected to the control device 40 main body on which other hardware resources are mounted so as to be communicable by wire or wirelessly, and the control device 40 main body is separated from the printer P. It is also possible to arrange them.
Usually, a program to be executed by the processor 40a is stored in the auxiliary storage device 40c. When the program is executed, the program is read from the auxiliary storage device 40c into the main memory 40b and decoded by the processor 40a. Then, the above hardware resources are operated in accordance with the program so as to exhibit a function as a print control mechanism including the storage unit 401, the authentication unit 402, and the control unit 403 shown in FIG.
The storage unit 401 is configured using a required storage area of the main memory 40b or the auxiliary storage device 40c, and stores print information provided from the computer 6.
The authentication unit 402 authenticates the user by acquiring user identification information for identifying the user who appears in the vicinity of the printer P via the input device 40d or a wireless communication device (not shown).
The control unit 403 extracts print information that is allowed to be viewed by the user authenticated by the authentication unit 402 from the print information stored in the storage unit 401, and transmits the print information to the printer P for printing. Let the action take place.
The procedure of basic processing executed by the control device 40 in the system 30 will be described with reference to the flowcharts shown in FIGS. 43 and 44. As shown in FIG. 43, the control device 40 waits for print information sent from the computer 6 via the electric communication line (step S37). Incidentally, an address (for example, an IP address) for designating the control device 40 as a node on a telecommunication line such as a LAN or WAN is assigned in advance to the control device 40 (the communication interface 40e thereof). The computer 6 transmits print information with the address as a destination according to the printer P driver software or the like. From the computer 6, it appears that the control device 40 exists on the telecommunication line as a virtual printer P or print server. When the control apparatus receives the print information via the communication interface 40e such as a NIC, the control apparatus temporarily accumulates the print information in the main memory 40c or the auxiliary storage device 40c as the accumulation unit 401 (step S38). The print information transmitted from the computer 6 and received by the control device 40 is usually in accordance with a known protocol such as an SMB / CIFS (Server Message Block / Common Internet File System) protocol. When the SMB / CIFS protocol or the like is adopted, the print information includes an identifier (computer name) that identifies the computer 6 that issued the print information, an identifier (user account) that identifies the logged-in user who is using the computer 6, etc. Attached to. In the control device 40, the information such as the computer name and the user account is associated with the print information and stored in the main memory 40b or the auxiliary storage device 40c. As a result, the control device 40 can know which user is responsible for the individual print information stored in the control device 40.
In parallel with the above processing, as shown in FIG. 44, the control device 40 accepts the input of user identification information using the input device 40d by the user appearing in the vicinity of the printer P, or in the vicinity of the printer P. The user identification information stored in the storage device M possessed by the appearing user is read and acquired via the wireless communication device (step S39). Thereafter, the user who appears in the vicinity of the printer P is authenticated based on the acquired user identification information (step S40). More specifically, in the authentication step 40, the acquired user identification information is compared with the computer name, user account, etc. associated with the stored print information, and whether there is a corresponding relationship. Judge whether or not. However, the user identification information acquired in step S39 may not always be directly compared with the computer name, user account, etc. associated with the print information received in step S37. In such a case, table information in which user identification information is associated with a computer name or a user account (that is, table information for converting user identification information into a computer name or a user account, etc., not shown). The information is stored in advance in the main memory 40b or the auxiliary storage device 40c, and the user identification information is compared with the computer name or the user account after referring to the table information in the authentication step S40. Of course, when the user identification information and the computer name and user account associated with the print information can be directly compared, for example, when the user identification information is the user account itself, the table information is not necessary. is there.
When the user identification information received or acquired is compared with the computer name, user account, etc. associated with the print information and there is a corresponding relationship, the print information appears in the vicinity of the printer P. A print job by a user, that is, a print job that the user is allowed to view. Accordingly, appropriate print information associated with the computer name, user account, etc. corresponding to the user identification information is extracted (step S41) and transmitted to the printer P (step S42).
According to the present embodiment, the storage unit 401 that temporarily stores print information transmitted from the computer 6 to the printer P, the authentication unit 402 that authenticates a user who appears in the vicinity of the printer P, and the storage unit 401. A print control mechanism including a control unit 403 for extracting print information permitted to be viewed by a user authenticated by the authentication unit 402 from the print information stored in the printer P and outputting the hard copy to the printer P. Since the information processing apparatus (system) 30 is configured, a document, chart, image, or the like is output from the printer P before the user who sent the print job using the computer 6 arrives at a place where the printer P is located. Can be effectively avoided.
In addition, the present system 30 can be constructed by providing a control device 40 that embodies the print control mechanism on the telecommunication line on which the existing computer 6 and printer P are arranged. Can be suitably used in rental booths, Internet cafes, offices where a relatively small number of companies gather, and the like.
However, the present embodiment is not limited to the aspect described in detail above, and the specific configuration of each part can be variously modified. In particular, the user identification information input to the control device 4 when the security function of the control device 4 that protects the computer 6 and the storage device 2 is canceled and the user authentication by the control device 40 that controls the printing process of the printer P are performed. In this case, it is desirable that the user identification information input to the control device 40 coincides. In order to make these two coincide, for example, one of user identification information relating to a user having a legitimate authority held in the control device 4 and user identification information described in table information held in the control device 40 Is matched with the other.
The control device 4 that protects the computer 6 and the storage device 2 and the control device 40 that controls the printing process of the printer P may be shared. That is, the control device 40 is mounted with the human sensor 4a, the wireless transceiver 4b for performing wireless communication with the storage device guard device 5, the display device 4c, etc. Functions as the means 13 and the control release means 14 may also be provided.
The print control mechanism included in the system 30 includes a storage unit 401 and an authentication unit 402 that are shared by a plurality of users, and the computer 6 arranged in each work space has a special control for controlling print processing. I did not play a role. However, the function of the storage unit 401 may be assigned to each computer 6 instead of the control device 40. To supplement this case, the computer 6 is installed with a program that functions as the storage unit 401 that temporarily stores print information in the main memory 6b or the auxiliary storage device 6c in conjunction with the printer P driver. Even if the user tries to start a print job using the computer 6, print information related to the print job is not immediately sent to the telecommunication line, but is temporarily stored on the computer 6. Thereafter, the user goes to a place where the printer P is located and inputs the user identification information for identifying himself / herself to the control device 40 or reads the user identification information stored in a predetermined storage device M possessed by the user. . The control device 40 that has acquired the user identification information transmits it to the computer 6 connected via the telecommunication line. The computer 6 that has received the user identification information provided by the control device 40 executes user authentication based on the user identification information, and determines whether or not to send the print information stored therein to the printer P. . When it is determined that the print information stored in itself can be transmitted, the computer 6 transmits the print information to the printer P, and outputs it to a hard copy. In this example, each computer 6 plays the role of the storage means 401 and the control means 403, and the computer 6 and the control device 40 cooperate to play the role of the authentication means 402.
Alternatively, the control device 40 that has acquired the user identification information performs user authentication based on the user identification information, and instructs the control device 40 to send print information to the computer 6 used by the authenticated user. You may make it transmit. Receiving the command, the computer 6 transmits the print information stored in the computer 6 to the printer P, and outputs it to a hard copy. In this example, each computer 6 plays the role of the storage means 401.
The present invention is not limited to the embodiment described in detail above. In particular, the present invention can be applied not only to the personal computer 6, workstation or PDA but also to, for example, a DVD player, a hard disk video recorder, a video game machine, and the like.
The specific configuration of each other part and the processing procedures shown in the flowcharts of FIGS. 6, 9, 14, 17, 17, 26, 27, 43 and 44 are the same as those in the above embodiment. The present invention is not limited, and various modifications can be made without departing from the spirit of the present invention.

  According to the present invention described in detail above, it is possible to construct an information processing apparatus that can activate a security function represented by a screen saver when necessary without complicated operations.

Claims (22)

Sensor means for detecting the presence or absence of a person;
Control means for starting execution of a predetermined security function on the condition that the sensor means detects the absence of the user;
Authentication means for authenticating that the person who has returned in the state where the security function by the control means is activated is a user having a legitimate authority;
An information processing apparatus comprising: control release means for releasing a security function by the control means after authentication by the authentication means is completed. In an information processing apparatus capable of displaying information on a screen of a display as a character, image, video or a combination thereof,
Sensor means for detecting the presence or absence of a person;
Control means having at least a function of performing screen processing for concealing information displayed on the screen;
Control activation means for activating screen processing by the control means when the absence of a user using the information processing apparatus is sensed via the sensor means;
Authentication means for authenticating that the person who intends to use the information processing apparatus in a state where screen processing by the control means is activated is a user having a legitimate authority;
An information processing apparatus comprising: control release means for releasing screen processing by the control means after authentication by the authentication means is completed. In an information processing apparatus capable of executing various information processing,
Sensor means for detecting the presence or absence of a person;
Control means having at least a function of performing reservation processing to reserve acceptance of an operation for executing information processing;
Control activation means for activating reservation processing by the control means when the absence of a user using the information processing apparatus is sensed via the sensor means;
Authentication means for authenticating that a person who intends to use the information processing apparatus is a user having a legitimate authority in a state where reservation processing by the control means is activated;
An information processing apparatus comprising: a control release unit that releases reservation processing by the control unit after authentication by the authentication unit is completed. The control means executes a function for ensuring security related to opening and closing of a storage tool capable of storing various articles,
2. The information processing according to claim 1, wherein the control release unit transmits an operation signal for releasing the security function to the control unit when authentication by the authentication unit is completed. 3. apparatus. The information processing apparatus according to claim 4, wherein the control unit is detachable from the storage tool. Sensor means for detecting the presence or absence of a person;
Signal transmitting means capable of transmitting an operation signal for locking or unlocking the locking device provided in the storage device capable of storing various articles;
An authentication means for authenticating that the person who has returned after leaving the user is an authorized user,
The signal transmitting means transmits an operation signal for locking the locking device when the user's absence is detected via the sensor means, and the lock is performed after the authentication by the authentication means is completed. An information processing apparatus that transmits an operation signal for unlocking the apparatus. It further comprises signal transmission means capable of transmitting an operation signal for locking or unlocking the locking device provided in the storage device capable of storing various articles,
The signal transmission means transmits an operation signal for locking the locking device when the absence of a user using the information processing apparatus is sensed via the sensor means, and the authentication means The information processing device according to claim 2 or 3, wherein an operation signal for unlocking the locking device is transmitted after the authentication by is completed. When at least one of the fact that the user authentication by the authentication unit has failed or the fact that an operation on the storage device has been performed without user authentication by the authentication unit is detected, information on the fact is generated. The information processing apparatus according to claim 1, 2, 3, 4, 5, 6, or 7, further comprising unauthorized access information output means for outputting the information. The authentication means gives an instruction to prompt the user to input user identification information for identifying a user having a legitimate authority when detecting the approach of some person through the sensor means, and accepts the input The information processing apparatus according to claim 1, 2, 3, 4, 5, 6, 7, or 8. The authentication means wirelessly communicates with a predetermined storage device possessed by a person who intends to use the information processing apparatus and stores user identification information for identifying the person, and user identification is performed from the predetermined storage apparatus. Claims 1, 2, 3, 4, 5, 5, wherein information is obtained and compared with user identification information for identifying a user having a legitimate authority. Item 6. The information processing device according to item 7, item 7, item 8 or item 9. The information processing device according to claim 1, 2 or 3 is configured, and
Sensor means for detecting the presence or absence of a person;
An authentication means for authenticating that the person who has returned after leaving the user is an authorized user;
A control apparatus comprising at least control release means for releasing a predetermined security function started to be executed by the control means on the condition that the sensor means detects that the user has left the seat after the authentication by the authentication means is completed. For configuring the information processing apparatus according to claim 4,
A function for ensuring security related to opening and closing of a storage device capable of storing various articles can be executed, and when an operation signal for releasing a security function transmitted from the control release means is received, the function Comprising at least control means for stopping
A storage device guard device configured to be detachable from the storage device. The information processing device according to claim 4 is used to configure the information processing device,
A function for ensuring security related to opening and closing of a storage device capable of storing various articles can be executed, and when an operation signal for releasing a security function transmitted from the control release means is received, the function A storage device comprising at least control means for stopping the operation. It is used together with the information processing device according to claim 6 or 7,
A storage device that includes a locking device that is locked or unlocked in response to an operation signal provided by the information processing apparatus, and that can store various articles. The information processing apparatus according to claim 1, 2, or 3, wherein the computer is at least
An authentication means for authenticating that the person who has returned after leaving the user is a user having a legitimate authority; and
A program that causes a predetermined security function started to be executed by the control unit on the condition that the sensor unit detects the absence of the user as a control release unit that cancels after the authentication by the authentication unit is completed. The control means executes a function for ensuring security related to opening and closing of a storage tool capable of storing various articles,
16. The program according to claim 15, wherein the control canceling unit transmits an operation signal for canceling the security function to the control unit when the authentication by the authenticating unit is completed. . An information processing apparatus according to claim 2 is configured, wherein the information processing apparatus is
Control means having at least a function of performing screen processing for concealing information displayed on the screen;
Control activation means for activating screen processing by the control means when the absence of the user using the information processing apparatus is detected via the sensor means;
Authentication means for authenticating that a person who intends to use the information processing apparatus is a user having a legitimate authority in a state in which the screen processing by the control means is activated; and
A program that functions as a control cancellation unit that cancels the screen processing by the control unit after the authentication by the authentication unit is completed. An information processing apparatus according to claim 3, wherein the information processing apparatus is
A control means having at least a function of performing reservation processing to reserve acceptance of an operation for executing information processing;
Control activation means for activating reservation processing by the control means when the absence of the user using the information processing apparatus is sensed via the sensor means;
An authenticating means for authenticating that a person who intends to use the information processing apparatus is a user having a legitimate authority in a state in which the reservation process by the control means is activated; and
A program that functions as a control release unit that releases reservation processing by the control unit after authentication by the authentication unit is completed. Furthermore, the information processing apparatus is made to function as a signal transmission unit that can transmit an operation signal for locking or unlocking the locking device provided in the storage device capable of storing various articles. And
The signal transmission unit transmits an operation signal for locking the locking device when the absence of a user using the information processing device is detected via the sensor unit, and the authentication The program according to claim 17 or 18, wherein an operation signal for unlocking the locking device is transmitted after the authentication by the means is completed. The authentication means gives an instruction to prompt the user to input user identification information for identifying a user having a legitimate authority when detecting the approach of some person through the sensor means, and accepts the input 20. The program according to claim 15, 16, 17, 18, or 19. The authentication means wirelessly communicates with a predetermined storage device possessed by a person who intends to use the information processing apparatus and stores user identification information for identifying the person, and user identification is performed from the predetermined storage apparatus. Claims 15, 16, 17, 18, 18, or 19 for obtaining information and comparing it with user identification information identifying a user having a legitimate authority. Item 20. The program according to item 20. The computer controls a printing process that causes a printer to output a document, a diagram, an image, etc. in a hard copy,
Storage means for temporarily storing print information including information defining a document, a chart, an image, etc. that are hard-copy output from the printer;
Authentication means for authenticating a user who appears in the vicinity of the printer;
Print control comprising: control means for extracting, from the print information stored in the storage means, print information that is permitted to be viewed by a user authenticated by the authentication means, and causing the printer to output a hard copy. Information according to claim 1, 2, 3, 4, 5, 6, 7, 8, 9, or 10, including the mechanism Processing equipment.

Images