US20100115608A1 - Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method - Google Patents

Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method Download PDF

Info

Publication number
US20100115608A1
US20100115608A1 US12/611,450 US61145009A US2010115608A1 US 20100115608 A1 US20100115608 A1 US 20100115608A1 US 61145009 A US61145009 A US 61145009A US 2010115608 A1 US2010115608 A1 US 2010115608A1
Authority
US
United States
Prior art keywords
user
logged
predetermined function
information
users
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/611,450
Inventor
Hiroshi Uchikawa
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Canon Inc
Original Assignee
Canon Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Canon Inc filed Critical Canon Inc
Assigned to CANON KABUSHIKI KAISHA reassignment CANON KABUSHIKI KAISHA ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: UCHIKAWA, HIROSHI
Publication of US20100115608A1 publication Critical patent/US20100115608A1/en
Priority to US13/526,190 priority Critical patent/US10061931B2/en
Priority to US16/048,718 priority patent/US20180336358A1/en
Priority to US17/366,283 priority patent/US20210334394A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • H04N1/4406Restricting access, e.g. according to user identity
    • H04N1/4426Restricting access, e.g. according to user identity involving separate means, e.g. a server, a magnetic card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/00127Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
    • H04N1/00204Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
    • H04N1/00244Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server with a server, e.g. an internet server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • H04N1/4406Restricting access, e.g. according to user identity
    • H04N1/4413Restricting access, e.g. according to user identity involving the use of passwords, ID codes or the like, e.g. PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • H04N1/4406Restricting access, e.g. according to user identity
    • H04N1/4433Restricting access, e.g. according to user identity to an apparatus, part of an apparatus or an apparatus function
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/00127Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
    • H04N1/00204Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/0008Connection or combination of a still picture apparatus with another apparatus
    • H04N2201/0034Details of the connection, e.g. connector, interface
    • H04N2201/0037Topological details of the connection
    • H04N2201/0039Connection via a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/0077Types of the still picture apparatus
    • H04N2201/0094Multifunctional device, i.e. a device capable of all of reading, reproducing, copying, facsimile transception, file transception

Definitions

  • the present invention relates to an image processing apparatus, such as a multifunction peripheral, a control method therefor, and a computer-readable storage medium storing a program for implementing the method.
  • Prior Art 1 There exists a configuration for the user session management, such that when the user logs in as a different user, all the information related to the user (for example, a user profile including a user name, a user's mail address and the like, and user authority) is completely switched (hereinafter this configuration will be referred to as Prior Art 1).
  • this configuration will be referred to as Prior Art 1.
  • the user who has logged in is automatically caused to log out (for example, see Japanese Laid-Open Patent Publication (Kokai) No. H11-25040).
  • Prior Art 2 There exists another configuration for the user session management only re-evaluating the user authority of the user information about the user who has already logged in while maintaining the user profile of the user information such as the user name, the user's mail address (hereinafter this configuration will be referred to as Prior Art 2).
  • Prior Art 2 As a re-evaluation method in this case, it is common that the user authority held by the user who has logged in later is added to the user authority held by the user who has logged in earlier.
  • FIG. 16 is a timing chart showing the user session management of Prior Art 1.
  • Reference numeral 4001 in FIG. 16 indicates a user profile including a user name, a user's mail address and the like to be actually applied in a user session.
  • Reference numeral 4002 indicates the user authority of a user who has currently logged in.
  • Reference numeral 4003 indicates login user information which an image forming apparatus stores in association with a user session to determine the contents of the user profile 4001 and the user authority 4002 .
  • FIG. 17 is a tabular form diagram showing settings for the user profiles and user authorities of users A and B to be used in FIG. 16 .
  • Prior Art 1 when a user inputs user information on a login screen at time t 401 , a process of logging in as the user A is executed. Since the user A is permitted to execute color copying in the setting information in FIG. 17 , he can execute color copying.
  • Prior Art 1 adopts the configuration in which, when a new user logs in, a user who has already logged in is caused to log out.
  • a function which can be used as a certain user cannot be used after a process of logging in as a different user is performed.
  • the user has to log in again.
  • FIG. 18 is a timing chart showing the user session management of Prior Art 2.
  • Reference numerals 6001 to 6003 in FIG. 18 indicate the same as indicated by reference numerals 4001 to 4003 in FIG. 16 . It is assumed that the settings for the user profiles and user authorities of users A and B in the example of FIG. 18 are similar to those in the example of FIG. 17 .
  • Prior Art 2 the user authority is re-evaluated so that, if an item is permitted to any of a user who has logged in earlier or a user who logs in later, the item is permitted. Therefore, it does not happen that a function which can be used as a certain user cannot be used after a process of logging in as a different user is performed, thereby improving the usability in comparison with Prior Art 1.
  • the present invention provides an image processing apparatus capable of reducing the frequency of a user's inputting work for authentication information to improve the convenience, in a system which restricts access to jobs and resources depending on a user who has logged in, a control method therefor, and a computer-readable storage medium storing a program for implementing the method.
  • an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function
  • the image processing apparatus comprising a user authentication unit adapted to perform authentication of a user, an access restriction unit adapted to restrict access to a predetermined function depending on the user the authentication of which is performed by the user authentication unit, a management unit adapted to manage user information about the user who has multiply logged in, for each login independently, a confirmation unit adapted to confirm the number of logged-in users by referring to the user information managed by the management unit when the predetermined function is to be executed, a first setting unit adapted to, when the number of the logged-in users is one as a result of the confirmation by the confirmation unit, set the logged-in user as an executor of the predetermined function, and a second setting unit adapted to, when the number of the logged-in users is two or more as a result of the confirmation by the confirmation unit, cause the user to select one of the logged
  • a control method enabling a user who has logged in to multiply log in as a different user to execute a predetermined function
  • the image processing apparatus comprising a user authentication unit adapted to perform authentication of a user, an access restriction unit adapted to restrict access to a predetermined function depending on the user the authentication of which is performed by the user authentication unit, a management unit adapted to manage at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login, and a determination unit adapted to determine whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
  • a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the method comprising a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing user information about the user who has multiply logged in, for each login independently, a confirmation step of confirming the number of logged-in users by referring to the user information managed in the management step when the predetermined function is to be executed, a first setting step of, when the number of the logged-in users is one as a result of the confirmation in the confirmation step, setting the logged-in user as an executor of the predetermined function, and a second setting step of, when the number of the logged-in users is two or more as a result of the confirmation in the confirmation step, causing the user to select one of the logged-in users to set the selected
  • a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the method comprising a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login, and a determination step of determining whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
  • a computer-readable storage medium storing a computer-readable program for implementing a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function
  • the method comprises a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing user information about the user who has multiply logged in, for each login independently, a confirmation step of confirming the number of logged-in users by referring to the user information managed in the management step when the predetermined function is to be executed, a first setting step of, when the number of the logged-in users is one as a result of the confirmation in the confirmation step, setting the logged-in user as an executor of the predetermined function, and a second setting step of, when the number of the logged-in users is two or more as a result of the confirmation in the confirmation step
  • a computer-readable storage medium storing a computer-readable program for implementing a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function
  • the method comprises a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login, and a determination step of determining whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
  • the present invention it is possible to reduce the frequency of a user's inputting work for authentication information, thus improving the convenience. Furthermore, a user can easily determine which user's user profile, among those of multiply logged-in users, a predetermined function is executed on the basis of.
  • FIG. 1 is a schematic diagram showing the configuration of a system including an image processing apparatus according to the present invention.
  • FIG. 2 is a block diagram showing the hardware configuration of the image processing apparatus.
  • FIG. 3 is a block diagram showing the software configuration of the image processing apparatus.
  • FIG. 4 is a timing chart showing user session management according to a first embodiment of the present invention.
  • FIG. 5 is a diagram showing a login screen according to the first embodiment.
  • FIG. 6 is a diagram showing a menu screen used in the first embodiment.
  • FIG. 7 is a diagram showing a login screen to be displayed when authority lacks, which is used in the first embodiment.
  • FIG. 8 is a diagram showing an execution user selection screen used in the first embodiment.
  • FIG. 9 is a flowchart showing a procedure for characteristic processing according to the first embodiment.
  • FIG. 10 is a timing chart showing user session management according to a second embodiment of the present invention.
  • FIG. 11 is a tabular form diagram showing settings for user profiles and user authorities used in FIG. 10 .
  • FIG. 12 is a diagram showing a menu screen used in the second embodiment.
  • FIG. 13 is a diagram showing a login screen to be displayed when authority lacks, which is used in the second embodiment.
  • FIG. 14 is a diagram showing an error screen used in the second embodiment.
  • FIG. 15 is a flowchart showing a procedure for processing according to the second embodiment.
  • FIG. 16 is a timing chart showing the user session management of Prior Art 1.
  • FIG. 17 is a tabular form diagram showing settings for user profiles and user authorities used in FIG. 16 .
  • FIG. 18 is a timing chart showing the user session management of Prior Art 2.
  • FIG. 1 is a schematic diagram showing the configuration of a system including an image processing apparatus according to the present invention.
  • This system is configured by a server PC (personal computer) 1000 , a user information server apparatus 1001 , a ticket issuing server apparatus 1002 , a client PC 1003 , and an image processing apparatus 1004 which are connected with each other on a network.
  • This system is a print management system which performs restriction of access by users who use the devices and restriction of execution of jobs, such as restriction of the number of prints. It should be noted that the users here include individual users, divisions, organizations and the like.
  • a system administrator utility operates so that the server PC 1000 can perform setting and management of this system.
  • the server PC 1000 can set function restriction information, more specifically access control entry (hereinafter referred to as ACE), to the user information server apparatus 1001 .
  • the user information server apparatus 1001 hold user information such as user IDs and passwords, and further hold function restriction information lists, more specifically access control lists (hereinafter referred to as ACL), which are a set of ACEs, indicating which functions are permitted to each of the users and the devices in the system.
  • ACL access control lists
  • the ticket issuing server apparatus 1002 issues a ticket on which information about available functions are described, on the basis of the ACL stored in the user information server apparatus 1001 .
  • the client PC 1003 is in an available state in this system after login is performed. Specifically, after the login is performed, it is possible to use a printer driver for the image processing apparatus 1004 on the client PC 1003 , and it is known on the server PC 1000 which user is using the client PC.
  • the image processing apparatus 1004 is, for example, a multifunctional copying machine.
  • the image processing apparatus 1004 has not only a function of copying an original paper document but also a function of printing print data sent from an external printer driver and a function of reading an original paper document and transmitting its image data to an external file server or a mail address (a send function). Furthermore, the image processing apparatus 1004 also has a function of transmitting data to another image processing apparatus so as to print the data on the another image processing apparatus to be transmitted (a remote copy function and a facsimile function) and the like.
  • an ACT 1005 is data containing information on functions which a user can execute on the image processing apparatus 1004 and function restriction information about the image processing apparatus 1004 , thus the ACT 1005 can play a role of transferring the information from a server to a device.
  • the server PC 1000 , the user information server apparatus 1001 , the ticket issuing server apparatus 1002 , and the client PC 1003 described above are connected with each other via Ethernet (registered trademark).
  • Ethernet registered trademark
  • All the connected devices of the server PC 1000 , the user information server apparatus 1001 , the ticket issuing server apparatus 1002 , and the client PC 1003 , except the image processing apparatus 1004 may be integrated into the same computer.
  • the server PC 1000 , the user information server apparatus 1001 , the ticket issuing server apparatus 1002 , and the client PC 1003 may be implemented into the image processing apparatus 1004 so that the system is configured only by the image processing apparatus 1004 .
  • FIG. 2 is a block diagram showing the hardware configuration of the image processing apparatus 1004 .
  • a controller unit 2000 performs input/output of image information or device information by being connected to a scanner 2070 , which is an image input device, or a printer 2095 , which is a image output device, while being connected to a network 1008 or a public circuit 1009 .
  • a CPU 2001 is a controller which controls the whole image processing apparatus 1004 .
  • a RAM 2002 is a system work memory used for the CPU 2001 to operate. The RAM 2002 is also an image memory for temporarily storing image data.
  • a ROM 2003 is a boot ROM, in which the boot program of the system is stored.
  • An HDD 2004 is a hard disk drive, in which system software, applications, and image data are stored.
  • An operation section I/F 2006 is an interface section interfacing with an operation section 2012 provided with a touch panel, and the operation section I/F 2006 outputs image data to be displayed on the operation section 2012 , to the operation section 2012 . Furthermore, the operation section I/F 2006 has a role of communicating information inputted from the operation section 2012 by the user of this system, to the CPU 2001 .
  • a network I/F 2010 is connected to the network 1008 to input/output information.
  • a modem 2050 is connected to the public circuit 1009 to input/output information.
  • An SRAM 2100 is a non-volatile storage medium capable of operating at a high speed.
  • An RTC 2110 is a real-time clock, and it performs processing for continuing counting time even when the controller unit 200 is not powered on.
  • the devices described above are arranged on a system bus 2007 .
  • An image bus I/F 2005 is a bus bridge which connects the system bus 2007 and an image bus 2008 , which transfers image data at a high speed, to convert a data structure of the image data.
  • the image bus 2008 is configured by a PCI bus or an IEEE1394 bus. The devices described below are arranged on the image bus 2008 .
  • An RIP 2060 is a raster image processor which develops a PDL code into a bitmap image.
  • a device I/F section 2020 connects the scanner 2070 and the printer 2095 , which are image input and output devices, and the controller unit 2000 to synchronous/asynchronous conversion of image data.
  • a scanner image processing section 2080 performs correction, processing, and editing of inputted image data.
  • a printer image processing section 2090 performs correction, resolution conversion, and the like of a printer for print output image data.
  • An image rotation section 2030 rotates image data.
  • An image compression/expansion section 2040 performs compression/expansion processing.
  • FIG. 3 is a block diagram showing the software configuration of the image processing apparatus 1004 .
  • the software is implemented into the controller unit 2000 included in the image processing apparatus. 1004 .
  • the software included in the image processing apparatus 1004 and processed by the controller unit 2000 is implemented as so-called firmware, and it is executed by the CPU 2001 .
  • a real-time OS 3001 is a real-time operating system, and it provides various resource management services and their frameworks optimized for control of an embedded system, to software operating thereon.
  • a controller platform 3002 is configured by a file system 3003 , a job/device control 3004 , a counter 3005 , and the like.
  • the file system 3003 is a mechanism for storing data which is constructed on a storage device, such as the HDD 2004 and the RAM 2002 .
  • the job/device control 3004 controls the hardware of the image processing apparatus 1004 , and it also controls jobs which use basic functions (printing, scanning, communication, image conversion, and the like) provided mainly by the hardware of the image processing apparatus 1004 .
  • the counter 3005 manages the expiration date for each application and counter values of printing and scanning, which are stored in the SRAM 2100 .
  • a system service 3006 is a module for monitoring the operation state of the image processing apparatus 1004 or downloading software or license from a software distribution server 1006 (see FIG. 2 ) via the network 1008 .
  • An application platform 3007 is middleware for causing the mechanisms of the real-time OS 3001 and the controller platform 3002 to be available from a system application 3008 or applications 3012 , 3013 and 3014 which can be added.
  • the system application 3008 is configured by application management 3009 , user session management 3010 , and access management 3011 .
  • the application management 3009 is a management module for causing the applications 3012 , 3013 and 3014 to be installed, uninstalled, activated, and stopped.
  • the user session management 3010 is a module for managing user information about a user who has been multiply logged in, for each login independently. That is, it is a module for managing user profiles and user authorities in response to login/logout by the user.
  • the access management 3011 is a security module for permitting or prohibiting access to various jobs and resources on the basis of the user authorities in the user session management 3010 .
  • the application 3012 is application software which realizes various business models using functions provided by the application platform 3007 .
  • FIG. 4 is a timing chart showing the user session management according to the first embodiment of the present invention.
  • the user session management of this embodiment is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011 .
  • Reference numerals 7001 to 7003 in FIG. 4 indicate the same as indicated by reference numerals 4001 to 4003 in FIG. 16 . It is assumed that the settings for the user profiles and user authorities of users A and B are the same as those shown in FIG. 17 .
  • a menu screen ( FIG. 6 ) is displayed on the operation section 2012 .
  • a login user display area 9005 is arranged at the lower part of a main menu 9000 in FIG. 6 , and it is displayed that a function is being executed by the user A at this time point. Since the user A is permitted to execute a color copying function in the setting information in FIG. 17 , he can execute color copying when a color copying function 9001 in FIG. 6 is selected.
  • the screen returns to the main menu 9000 .
  • the access management 3011 check the user authority of the user A to determines whether or not the user A is permitted to execute the network management function. Since the user A is prohibited to execute the network management function in the setting information in FIG. 17 , the access management 3011 notifies the user session management 3010 to that effect. In response to this, the user session management 3010 displays a login screen 9050 ( FIG. 7 ) requesting user authentication as a user permitted to execute the function.
  • the user session management 3010 changes the user profile 7001 to that of the user B as indicated by reference numeral 7021 in FIG. 4 , and the user authority 7002 to that of the user B as indicated by reference numeral 7022 in FIG. 4 .
  • information related to the user A continues to be held in the login user information 7003 without being discarded nor changed.
  • the screen returns to the main menu 9000 .
  • the access management 3011 checks the user authorities of the users A and B who have logged in to determine whether or not either one of the users are permitted to execute the color copying function. Since only the user A is permitted to execute color copying function in the setting information in FIG. 17 , the access management 3011 notifies the user session management 3010 to that effect. In response to this, the user session management 3010 changes the user profile 7001 to that of the user A as indicated by reference numeral 7023 in FIG.
  • the screen returns to the main menu 9000 .
  • the access management 3011 checks the user authorities of the users A and B who have logged in to determine whether or not either one of the users are permitted to execute the fax function. Since both users are permitted to execute the fax function in the setting information in FIG. 17 , the access management 3011 notifies the user session management 3010 to that effect. In responses to this, the user session management 3010 displays an execution user selection screen 9060 in FIG. 8 .
  • the user selects, for example, the user B as an execution user who is an executor to execute the fax function, on the execution user selection screen 9060 .
  • the user session management 3010 performs the processing as described below on the basis of information related to the user B which has been held in the login user information 7003 . That is, the user profile 7001 is changed to that of the user B as indicated by reference numeral 7025 in FIG. 4 , and the user authority 7002 is changed to that of the user B as indicated by reference numeral 7026 in FIG. 4 again.
  • it is displayed in the login user display area 9005 that the fax function is being executed by the user B, between the users A and B who have been multiply logged in.
  • FIG. 9 is a flowchart showing a procedure for the characteristic processing according to the first embodiment.
  • execution user information is determined automatically or in accordance with user selection, when a function is selected, and this processing is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011 .
  • the access management 3011 determines whether or not the number of logged-in users permitted to execute the selected function is two or more, in the next step S 122 . If the number of such users is not two or more, the user session management 3010 automatically selects the only one user permitted to execute the selected function as an execution user, in step S 123 . Then, the process proceeds to the next step S 126 .
  • the user session management 3010 displays the execution user selection screen 9060 ( FIG. 8 ) in step S 124 . Then, in the next step S 125 , a user to execute the selected function is determined on the basis of the result of the selection made by the user on the execution user selection screen 9060 . Then, the process proceeds to the next step S 126 .
  • step S 122 to step S 126 via step S 123 is the processing as described below. That is, when the number of users permitted to execute the selected function is only one, the user is automatically selected as a user to execute the selected function, without prompting reselection from a list of logged-in users, even if the number of the logged-in user is two or more.
  • step S 126 the user session management 3010 determines whether or not the execution user determined by the above procedure is the same as the current execution user. If the execution user is the same, the process immediately proceeds to step S 129 , where the application 3012 executes the selected function. If the execution user is not the same, the user session management 3010 changes the user profile to that of the determined execution user in step S 127 , and further changes the user authority to that of the determined execution user in step S 128 . Then, in step S 129 , the selected function is executed.
  • the login user display area 9005 is provided so that it is displayed which of logged-in users a predetermined function is executed by. Thereby, it is possible for the user to easily determine which user's user profile, among those of the logged-in users, an operation for executing a function is performed on the basis of.
  • the basic configuration of the second embodiment is similar to that described with reference to FIGS. 1 to 3 in the above first embodiment. A characteristic part of the second embodiment will be described below.
  • FIG. 10 is a timing chart showing user session management according to the second embodiment of the present invention.
  • the user session management of this embodiment is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011 .
  • Reference numerals 5001 to 5003 in FIG. 10 indicate the same as indicated by reference numerals 4001 to 4003 in FIG. 16 .
  • FIG. 11 is a tabular form diagram showing settings for the user profiles and user authorities of users A and B used in FIG. 10 .
  • user type information 8001 indicting the type (classification) of user is registered as a user profile, as is distinct from the example in FIG. 17 used in the first embodiment.
  • the user types include, for example, an anonymous user and a real-name user.
  • the anonymous user is a special user used by an unspecified large number of persons.
  • the anonymous user does not have user identification elements, such as username information about the name of the user and a mail address.
  • the real-name user is a user who has such user identification elements.
  • a menu screen ( FIG. 12 ) is displayed on the operation section 2012 .
  • a login user display area 9015 is arranged at the lower part of a main menu 9010 , and it is displayed that a function is being executed by the anonymous user at this time point. Since the anonymous user is permitted to execute the color copying function in setting information in FIG. 11 , he can execute a color copying function 9011 . It should be noted that login as the anonymous user may be automatically performed when the image processing apparatus 1004 is activated.
  • the screen returns to the main menu 9010 .
  • the access management 3011 checks the user authority of the anonymous user to determine whether or not the anonymous user is permitted to execute network management function. Since the anonymous user is prohibited to execute the network management function in the setting information in FIG. 11 , the access management 3011 notifies the user session management 3010 to that effect. In response to this, the user session management 3010 displays a login screen 9070 ( FIG. 13 ) requesting authentication of an authorized user.
  • the user session management 3010 changes the user profile 5001 to that of the user B as indicated by reference numeral 5021 in FIG. 10 , and changes the user authority 5002 so that all of the items, each of which has been permitted to either of the anonymous user and the user B, are changed to be “permitted” as indicated by reference numeral 5022 in FIG. 10 .
  • it is displayed in the login user display area 9015 that the function is being executed by the user B.
  • the screen returns to the main menu 9010 .
  • the access management 3011 checks the user authorities of the the currently logged-in users regarding to determine whether or not either of the users are permitted to execute the color copying function. Since the currently logged-in user is permitted to execute color copying in the user authority indicated by reference numeral 5022 in FIG. 10 , he can execute the color copying function without the need for displaying the login screen 9070 again. Furthermore, it is displayed in the login user display area 9015 that the function is being executed by the user B, without any change being made in the login user display area 9015 .
  • the screen returns to the main menu 9010 .
  • the access management 3011 checks the user authorities of the currently logged-in users to determine whether or not either of the users are permitted to execute the fax function. Since the currently logged-in user is not permitted to execute the fax function in the user authority indicated by reference numeral 5022 in FIG. 10 , it is notified to the user session management 3010 . In responses to this, the user session management 3010 displays an error screen 9080 ( FIG. 14 ) notifying that it is not possible to change the user. This is because, in the second embodiment, further authentication is prohibited when login as the real-name user has been performed. The user profile 5001 and the user authority 5002 are never changed.
  • the error screen 9080 ( FIG. 14 ) notifying that it is impossible to change the user is displayed similarly.
  • FIG. 15 is a flowchart showing a procedure for the processing according to the second embodiment.
  • This processing is processing for determining whether or not to cause authentication to be performed again depending on the user type of a logged-in user when authority lacks, and it is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011 .
  • step S 131 the access management 3011 determines whether or not the logged-in user is permitted to execute the selected function, in step S 132 . If it is determined that the user is permitted to execute the selected function, the process proceeds to step S 141 , where the application 3012 executes the selected function. On the other hand, if it is determined that the user is not permitted to execute the selected function, the user session management 3010 determines whether or not the logged-in user is an anonymous user, in step S 133 . If it is determined that the user is not an anonymous user, the process proceeds to step S 134 , where the error screen 9080 ( FIG. 14 ) is displayed.
  • step S 135 the login screen 9070 ( FIG. 13 ) is displayed.
  • step S 136 input of authentication information is received from the user. It is determined in step S 137 whether or not the received authentication information is correct. If it is not correct, the process returns to the processing of step S 135 .
  • the access management 3011 determines whether or not a newly logged-in real-name user is permitted to execute the selected function on the basis of the received authentication information in step S 138 . If the real-name user is not permitted to execute the selected function, the process returns to step S 135 .
  • the user session management 3010 overwrites the user profile with that of the newly logged-in user, in step S 139 . Then, the user authority information is merged in step S 140 , and the selected function is executed in step S 141 .
  • the present invention may also be accomplished by supplying a system or an apparatus with a storage medium in which a program code of software, which realizes the functions of either of the above described embodiments is stored, and causing a computer (or CPU or MPU) of the system or apparatus to read out and execute the program code stored in the storage medium.
  • the program code itself read from the storage medium realizes the functions of either of the above described embodiments, and therefore the program code and the storage medium in which the program code is stored constitute the present invention.
  • Examples of the storage medium for supplying the program code include a floppy (registered trademark) disk, a hard disk, a magnetic-optical disk, a CD-ROM, a CD-R, a CD-RW, a DVD-ROM, a DVD-RAM, a DVD-RW, a DVD+RW, a magnetic tape, a nonvolatile memory card, and a ROM.
  • the program may be downloaded via a network.

Abstract

An image processing apparatus capable of reducing the frequency of a user's inputting work for authentication information to improve the convenience.
When the number of the logged-in users is one, the logged-in user is set as an executor of the predetermined function, and when the number of the logged-in users is two or more, the user is caused to select one of the logged-in users to set the selected one as the executor of the predetermined function.

Description

    BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates to an image processing apparatus, such as a multifunction peripheral, a control method therefor, and a computer-readable storage medium storing a program for implementing the method.
  • 2. Description of the Related Art
  • Recently, among image processing apparatuses including a multifunction peripheral, there exist a lot of apparatuses configured to be able to restrict access to jobs and resources depending on a user who has logged in by a user authentication. In such image processing apparatuses, when a user tries to perform an operation while he has logged in, and the user does not have the authority to execute the operation, it is common that an authentication screen is displayed to prompt the user to log in as a different user having the authority.
  • There exists a configuration for the user session management, such that when the user logs in as a different user, all the information related to the user (for example, a user profile including a user name, a user's mail address and the like, and user authority) is completely switched (hereinafter this configuration will be referred to as Prior Art 1). In this case, immediately before the user logs in as the different user, the user who has logged in is automatically caused to log out (for example, see Japanese Laid-Open Patent Publication (Kokai) No. H11-25040).
  • There exists another configuration for the user session management only re-evaluating the user authority of the user information about the user who has already logged in while maintaining the user profile of the user information such as the user name, the user's mail address (hereinafter this configuration will be referred to as Prior Art 2). As a re-evaluation method in this case, it is common that the user authority held by the user who has logged in later is added to the user authority held by the user who has logged in earlier.
  • FIG. 16 is a timing chart showing the user session management of Prior Art 1.
  • Reference numeral 4001 in FIG. 16 indicates a user profile including a user name, a user's mail address and the like to be actually applied in a user session. Reference numeral 4002 indicates the user authority of a user who has currently logged in. Reference numeral 4003 indicates login user information which an image forming apparatus stores in association with a user session to determine the contents of the user profile 4001 and the user authority 4002. FIG. 17 is a tabular form diagram showing settings for the user profiles and user authorities of users A and B to be used in FIG. 16.
  • According to Prior Art 1, when a user inputs user information on a login screen at time t401, a process of logging in as the user A is executed. Since the user A is permitted to execute color copying in the setting information in FIG. 17, he can execute color copying.
  • Next, when the user attempts to execute a network management function at time t402, authentication as a user who is permitted to execute the network management function is requested because the user A is prohibited to execute the network management function. Here, when the user inputs the authentication information about the user B who is an administrator and is permitted to execute the network management function, and a process of logging in as the user B is performed, the user profile 4001 is changed to that of the user B as indicated by reference numeral 4021 in FIG. 16, and the user authority 4002 is change to that of the user B as indicated by reference numeral 4022 in FIG. 16. Then, it becomes possible for the user to execute the network management function.
  • Next, when the user attempts to execute color copying again at time t403, authentication as a user who is permitted to execute the function is requested because the user B is prohibited to execute color copying. In this case, if the user inputs again the authentication information about the user A who is permitted to execute color copying, he can execute color copying.
  • Thus, Prior Art 1 adopts the configuration in which, when a new user logs in, a user who has already logged in is caused to log out. In this configuration, since all the information related to the user is switched, there may be a case where a function which can be used as a certain user cannot be used after a process of logging in as a different user is performed. In order to enable the disabled function again, the user has to log in again. As a result, there is a problem that the user is requested to log in again and again, thereby degrading the usability.
  • FIG. 18 is a timing chart showing the user session management of Prior Art 2.
  • Reference numerals 6001 to 6003 in FIG. 18 indicate the same as indicated by reference numerals 4001 to 4003 in FIG. 16. It is assumed that the settings for the user profiles and user authorities of users A and B in the example of FIG. 18 are similar to those in the example of FIG. 17.
  • When a user inputs user information on a login screen at time t601, a process of logging in as the user A is performed. Since the user A is permitted to execute color copying in the setting information of FIG. 17, he can execute color copying.
  • When the user attempts to execute a network management function at the next time t602, authentication as a user who is permitted to execute the network management function is requested because the user A is prohibited to execute the network management function. Here, when the user inputs the authentication information about the user B who is an administrator and is permitted to execute the network management function, and a process of logging in as the user B is performed, the user profile 6001 continues to be that of the user A as indicated by reference numeral 6021 in FIG. 18. However, as for the user authority 6002, all of the items, each of which has been permitted to any of the users A and B, are changed to be “permitted” as indicated by reference numeral 6022 in FIG. 8,
  • When the user attempts to execute color copying again at the next time t603, he can execute color copying without the need for displaying the authentication screen again because the user A is permitted to execute color copying even after the user authority is changed.
  • Thus, in Prior Art 2, the user authority is re-evaluated so that, if an item is permitted to any of a user who has logged in earlier or a user who logs in later, the item is permitted. Therefore, it does not happen that a function which can be used as a certain user cannot be used after a process of logging in as a different user is performed, thereby improving the usability in comparison with Prior Art 1.
  • However, it is difficult for a user to intuitively determine whether or not the user profile including a user name, a user's mail address and the like is still the user profile of a user who has logged in earlier or is switched to the user profile of a user who has logged in later.
  • For example, it is assumed that there exists an image processing apparatus which is provided with an e-mail transmission function and which automatically sets a login user's mail address as the sender address of an outgoing mail. Suppose that, while a user has logged in this image processing apparatus as a user A, it becomes necessary to change a certain management setting item, and the user logs in again as a user B, who is an administrator, changes the management setting item, and thereafter transmits an e-mail. In this case, it is difficult to determine which of the users A and B is automatically set as the sender address. Furthermore, as a result of logging in again to change settings, there may be caused problems, such as being charged as an unintended user's print job, being set an unintended name as a fax sender name, and being referred unintended user data as a user's fixed work and personal data such as an address book.
    • SUMMARY OF THE INVENTION
  • In view of the above conventional problems, the present invention provides an image processing apparatus capable of reducing the frequency of a user's inputting work for authentication information to improve the convenience, in a system which restricts access to jobs and resources depending on a user who has logged in, a control method therefor, and a computer-readable storage medium storing a program for implementing the method.
  • It is also intended to enable a user to easily determine which user's user profile, among those of logged-in users, an operation for executing a function is performed on the basis of.
  • In a first aspect of the present invention, there is provided an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the image processing apparatus comprising a user authentication unit adapted to perform authentication of a user, an access restriction unit adapted to restrict access to a predetermined function depending on the user the authentication of which is performed by the user authentication unit, a management unit adapted to manage user information about the user who has multiply logged in, for each login independently, a confirmation unit adapted to confirm the number of logged-in users by referring to the user information managed by the management unit when the predetermined function is to be executed, a first setting unit adapted to, when the number of the logged-in users is one as a result of the confirmation by the confirmation unit, set the logged-in user as an executor of the predetermined function, and a second setting unit adapted to, when the number of the logged-in users is two or more as a result of the confirmation by the confirmation unit, cause the user to select one of the logged-in users to set the selected one as the executor of the predetermined function.
  • In a second aspect of the present invention, there is provided a control method enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the image processing apparatus comprising a user authentication unit adapted to perform authentication of a user, an access restriction unit adapted to restrict access to a predetermined function depending on the user the authentication of which is performed by the user authentication unit, a management unit adapted to manage at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login, and a determination unit adapted to determine whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
  • In a third aspect of the present invention, there is provided a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the method comprising a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing user information about the user who has multiply logged in, for each login independently, a confirmation step of confirming the number of logged-in users by referring to the user information managed in the management step when the predetermined function is to be executed, a first setting step of, when the number of the logged-in users is one as a result of the confirmation in the confirmation step, setting the logged-in user as an executor of the predetermined function, and a second setting step of, when the number of the logged-in users is two or more as a result of the confirmation in the confirmation step, causing the user to select one of the logged-in users to set the selected one as the executor of the predetermined function.
  • In a fourth aspect of the present invention, there is provided a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the method comprising a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login, and a determination step of determining whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
  • In a fifth aspect of the present invention, there is provided a computer-readable storage medium storing a computer-readable program for implementing a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, wherein the method comprises a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing user information about the user who has multiply logged in, for each login independently, a confirmation step of confirming the number of logged-in users by referring to the user information managed in the management step when the predetermined function is to be executed, a first setting step of, when the number of the logged-in users is one as a result of the confirmation in the confirmation step, setting the logged-in user as an executor of the predetermined function, and a second setting step of, when the number of the logged-in users is two or more as a result of the confirmation in the confirmation step, causing the user to select one of the logged-in users to set the selected one as the executor of the predetermined function.
  • In a sixth aspect of the present invention, there is provided a computer-readable storage medium storing a computer-readable program for implementing a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, wherein the method comprises a user authentication step of authenticating a user, an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in the user authentication step, a management step of managing at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login, and a determination step of determining whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
  • According to the present invention, it is possible to reduce the frequency of a user's inputting work for authentication information, thus improving the convenience. Furthermore, a user can easily determine which user's user profile, among those of multiply logged-in users, a predetermined function is executed on the basis of.
  • The above and other objects, features, and advantages of the invention will become more apparent from the following detailed description taken in conjunction with the accompanying drawings.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a schematic diagram showing the configuration of a system including an image processing apparatus according to the present invention.
  • FIG. 2 is a block diagram showing the hardware configuration of the image processing apparatus.
  • FIG. 3 is a block diagram showing the software configuration of the image processing apparatus.
  • FIG. 4 is a timing chart showing user session management according to a first embodiment of the present invention.
  • FIG. 5 is a diagram showing a login screen according to the first embodiment.
  • FIG. 6 is a diagram showing a menu screen used in the first embodiment.
  • FIG. 7 is a diagram showing a login screen to be displayed when authority lacks, which is used in the first embodiment.
  • FIG. 8 is a diagram showing an execution user selection screen used in the first embodiment.
  • FIG. 9 is a flowchart showing a procedure for characteristic processing according to the first embodiment.
  • FIG. 10 is a timing chart showing user session management according to a second embodiment of the present invention.
  • FIG. 11 is a tabular form diagram showing settings for user profiles and user authorities used in FIG. 10.
  • FIG. 12 is a diagram showing a menu screen used in the second embodiment.
  • FIG. 13 is a diagram showing a login screen to be displayed when authority lacks, which is used in the second embodiment.
  • FIG. 14 is a diagram showing an error screen used in the second embodiment.
  • FIG. 15 is a flowchart showing a procedure for processing according to the second embodiment.
  • FIG. 16 is a timing chart showing the user session management of Prior Art 1.
  • FIG. 17 is a tabular form diagram showing settings for user profiles and user authorities used in FIG. 16.
  • FIG. 18 is a timing chart showing the user session management of Prior Art 2.
    •  DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • The present invention will now be described in detail with reference to the drawings showing preferred embodiments thereof. It should be noted that the relative arrangement of the components, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless it is specifically stated otherwise.
    • First Embodiment <System Configuration>
  • FIG. 1 is a schematic diagram showing the configuration of a system including an image processing apparatus according to the present invention.
  • This system is configured by a server PC (personal computer) 1000, a user information server apparatus 1001, a ticket issuing server apparatus 1002, a client PC 1003, and an image processing apparatus 1004 which are connected with each other on a network. This system is a print management system which performs restriction of access by users who use the devices and restriction of execution of jobs, such as restriction of the number of prints. It should be noted that the users here include individual users, divisions, organizations and the like.
  • In the server PC 1000, a system administrator utility operates so that the server PC 1000 can perform setting and management of this system. Especially, the server PC 1000 can set function restriction information, more specifically access control entry (hereinafter referred to as ACE), to the user information server apparatus 1001. The user information server apparatus 1001 hold user information such as user IDs and passwords, and further hold function restriction information lists, more specifically access control lists (hereinafter referred to as ACL), which are a set of ACEs, indicating which functions are permitted to each of the users and the devices in the system.
  • The ticket issuing server apparatus 1002 issues a ticket on which information about available functions are described, on the basis of the ACL stored in the user information server apparatus 1001.
  • The client PC 1003 is in an available state in this system after login is performed. Specifically, after the login is performed, it is possible to use a printer driver for the image processing apparatus 1004 on the client PC 1003, and it is known on the server PC 1000 which user is using the client PC.
  • The image processing apparatus 1004 is, for example, a multifunctional copying machine. The image processing apparatus 1004 has not only a function of copying an original paper document but also a function of printing print data sent from an external printer driver and a function of reading an original paper document and transmitting its image data to an external file server or a mail address (a send function). Furthermore, the image processing apparatus 1004 also has a function of transmitting data to another image processing apparatus so as to print the data on the another image processing apparatus to be transmitted (a remote copy function and a facsimile function) and the like.
  • The three “ACT” symbols in FIG. 1 indicate an abbreviation of Access Control Token. For example, an ACT 1005 is data containing information on functions which a user can execute on the image processing apparatus 1004 and function restriction information about the image processing apparatus 1004, thus the ACT 1005 can play a role of transferring the information from a server to a device.
  • It is assumed that the server PC 1000, the user information server apparatus 1001, the ticket issuing server apparatus 1002, and the client PC 1003 described above are connected with each other via Ethernet (registered trademark). However, it is only an example of the system. All the connected devices of the server PC 1000, the user information server apparatus 1001, the ticket issuing server apparatus 1002, and the client PC 1003, except the image processing apparatus 1004, may be integrated into the same computer. Furthermore, the server PC 1000, the user information server apparatus 1001, the ticket issuing server apparatus 1002, and the client PC 1003 may be implemented into the image processing apparatus 1004 so that the system is configured only by the image processing apparatus 1004.
    • <Hardware Configuration of Image Processing Apparatus>
  • FIG. 2 is a block diagram showing the hardware configuration of the image processing apparatus 1004.
  • A controller unit 2000 performs input/output of image information or device information by being connected to a scanner 2070, which is an image input device, or a printer 2095, which is a image output device, while being connected to a network 1008 or a public circuit 1009. A CPU 2001 is a controller which controls the whole image processing apparatus 1004. A RAM 2002 is a system work memory used for the CPU 2001 to operate. The RAM 2002 is also an image memory for temporarily storing image data. A ROM 2003 is a boot ROM, in which the boot program of the system is stored. An HDD 2004 is a hard disk drive, in which system software, applications, and image data are stored.
  • An operation section I/F 2006 is an interface section interfacing with an operation section 2012 provided with a touch panel, and the operation section I/F 2006 outputs image data to be displayed on the operation section 2012, to the operation section 2012. Furthermore, the operation section I/F 2006 has a role of communicating information inputted from the operation section 2012 by the user of this system, to the CPU 2001. A network I/F 2010 is connected to the network 1008 to input/output information. A modem 2050 is connected to the public circuit 1009 to input/output information.
  • An SRAM 2100 is a non-volatile storage medium capable of operating at a high speed. An RTC 2110 is a real-time clock, and it performs processing for continuing counting time even when the controller unit 200 is not powered on. The devices described above are arranged on a system bus 2007.
  • An image bus I/F 2005 is a bus bridge which connects the system bus 2007 and an image bus 2008, which transfers image data at a high speed, to convert a data structure of the image data. The image bus 2008 is configured by a PCI bus or an IEEE1394 bus. The devices described below are arranged on the image bus 2008.
  • An RIP 2060 is a raster image processor which develops a PDL code into a bitmap image. A device I/F section 2020 connects the scanner 2070 and the printer 2095, which are image input and output devices, and the controller unit 2000 to synchronous/asynchronous conversion of image data. A scanner image processing section 2080 performs correction, processing, and editing of inputted image data. A printer image processing section 2090 performs correction, resolution conversion, and the like of a printer for print output image data. An image rotation section 2030 rotates image data. An image compression/expansion section 2040 performs compression/expansion processing.
  • <Software Configuration of Image Processing Apparatus>
  • FIG. 3 is a block diagram showing the software configuration of the image processing apparatus 1004.
  • The software is implemented into the controller unit 2000 included in the image processing apparatus. 1004. The software included in the image processing apparatus 1004 and processed by the controller unit 2000 is implemented as so-called firmware, and it is executed by the CPU 2001.
  • A real-time OS 3001 is a real-time operating system, and it provides various resource management services and their frameworks optimized for control of an embedded system, to software operating thereon.
  • A controller platform 3002 is configured by a file system 3003, a job/device control 3004, a counter 3005, and the like. The file system 3003 is a mechanism for storing data which is constructed on a storage device, such as the HDD 2004 and the RAM 2002. The job/device control 3004 controls the hardware of the image processing apparatus 1004, and it also controls jobs which use basic functions (printing, scanning, communication, image conversion, and the like) provided mainly by the hardware of the image processing apparatus 1004. The counter 3005 manages the expiration date for each application and counter values of printing and scanning, which are stored in the SRAM 2100.
  • A system service 3006 is a module for monitoring the operation state of the image processing apparatus 1004 or downloading software or license from a software distribution server 1006 (see FIG. 2) via the network 1008.
  • An application platform 3007 is middleware for causing the mechanisms of the real-time OS 3001 and the controller platform 3002 to be available from a system application 3008 or applications 3012, 3013 and 3014 which can be added. The system application 3008 is configured by application management 3009, user session management 3010, and access management 3011.
  • The application management 3009 is a management module for causing the applications 3012, 3013 and 3014 to be installed, uninstalled, activated, and stopped. The user session management 3010 is a module for managing user information about a user who has been multiply logged in, for each login independently. That is, it is a module for managing user profiles and user authorities in response to login/logout by the user. The access management 3011 is a security module for permitting or prohibiting access to various jobs and resources on the basis of the user authorities in the user session management 3010.
  • The application 3012 is application software which realizes various business models using functions provided by the application platform 3007.
    • User Session Management of First Embodiment
  • Next, the user session management of the first embodiment will be described with reference to FIG. 4.
  • FIG. 4 is a timing chart showing the user session management according to the first embodiment of the present invention.
  • The user session management of this embodiment is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011. Reference numerals 7001 to 7003 in FIG. 4 indicate the same as indicated by reference numerals 4001 to 4003 in FIG. 16. It is assumed that the settings for the user profiles and user authorities of users A and B are the same as those shown in FIG. 17.
  • When a user logs in as the user A by selecting an OK button after inputting user information configured by a username, a password and the like on the login screen (FIG. 5), at time t701, a menu screen (FIG. 6) is displayed on the operation section 2012. A login user display area 9005 is arranged at the lower part of a main menu 9000 in FIG. 6, and it is displayed that a function is being executed by the user A at this time point. Since the user A is permitted to execute a color copying function in the setting information in FIG. 17, he can execute color copying when a color copying function 9001 in FIG. 6 is selected.
  • When the user selects “Return to menu” 9002 in FIG. 6 after execution of the color copying function ends, the screen returns to the main menu 9000. After that, when the user selects a network management function 9003 in FIG. 6 at time t702, the access management 3011 check the user authority of the user A to determines whether or not the user A is permitted to execute the network management function. Since the user A is prohibited to execute the network management function in the setting information in FIG. 17, the access management 3011 notifies the user session management 3010 to that effect. In response to this, the user session management 3010 displays a login screen 9050 (FIG. 7) requesting user authentication as a user permitted to execute the function.
  • Here, when the user logs in again as the user B by inputting the authentication information about the user B on this login screen 9050 in FIG. 7, the user session management 3010 changes the user profile 7001 to that of the user B as indicated by reference numeral 7021 in FIG. 4, and the user authority 7002 to that of the user B as indicated by reference numeral 7022 in FIG. 4. However, information related to the user A continues to be held in the login user information 7003 without being discarded nor changed. At the same time, it is displayed in the login user display area 9005 that the network management function is being executed by the user B between the users A and B who have multiply logged in.
  • When the user selects “Return to menu” 9002 in FIG. 6 after execution of the network management function ends, the screen returns to the main menu 9000. After that, when the user selects the color copying function 9001 in FIG. 6 again at time t703, the access management 3011 checks the user authorities of the users A and B who have logged in to determine whether or not either one of the users are permitted to execute the color copying function. Since only the user A is permitted to execute color copying function in the setting information in FIG. 17, the access management 3011 notifies the user session management 3010 to that effect. In response to this, the user session management 3010 changes the user profile 7001 to that of the user A as indicated by reference numeral 7023 in FIG. 4 and the user authority 7002 to that of the user A as indicated by reference numeral 7024 in FIG. 4, on the basis of the information related to the user A which has been held in the login user information 7003. At the same time, it is displayed in the login user display area 9005 that the color copying function is being executed by the user A between the users A and B who have multiply logged in.
  • When the user selects “Return to menu” 9002 in FIG. 6 after execution of the color copying function ends, the screen returns to the main menu 9000. After that, when the user selects a fax function 9004 in FIG. 6 at time t704, the access management 3011 checks the user authorities of the users A and B who have logged in to determine whether or not either one of the users are permitted to execute the fax function. Since both users are permitted to execute the fax function in the setting information in FIG. 17, the access management 3011 notifies the user session management 3010 to that effect. In responses to this, the user session management 3010 displays an execution user selection screen 9060 in FIG. 8. Suppose that the user selects, for example, the user B as an execution user who is an executor to execute the fax function, on the execution user selection screen 9060. In this case, the user session management 3010 performs the processing as described below on the basis of information related to the user B which has been held in the login user information 7003. That is, the user profile 7001 is changed to that of the user B as indicated by reference numeral 7025 in FIG. 4, and the user authority 7002 is changed to that of the user B as indicated by reference numeral 7026 in FIG. 4 again. At the same time, it is displayed in the login user display area 9005 that the fax function is being executed by the user B, between the users A and B who have been multiply logged in.
  • On the other hand, if the user selects the user A as the fax function execution user on the execution user selection screen 9060, none of the contents of the user profile 7001, the contents of the user authority 7002, and the display in the login user display area 9005 is changed.
    • Characteristic Processing According to First Embodiment
  • Next, characteristic processing according to the first embodiment will be described with reference to FIG. 9.
  • FIG. 9 is a flowchart showing a procedure for the characteristic processing according to the first embodiment. In this processing, execution user information is determined automatically or in accordance with user selection, when a function is selected, and this processing is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011.
  • When a user selects a function in step S121, the access management 3011 determines whether or not the number of logged-in users permitted to execute the selected function is two or more, in the next step S122. If the number of such users is not two or more, the user session management 3010 automatically selects the only one user permitted to execute the selected function as an execution user, in step S123. Then, the process proceeds to the next step S126.
  • If the number of the logged-in users permitted to execute the selected function is two or more, the user session management 3010 displays the execution user selection screen 9060 (FIG. 8) in step S124. Then, in the next step S125, a user to execute the selected function is determined on the basis of the result of the selection made by the user on the execution user selection screen 9060. Then, the process proceeds to the next step S126.
  • In short, the processing of the flow from step S122 to step S126 via step S123 is the processing as described below. That is, when the number of users permitted to execute the selected function is only one, the user is automatically selected as a user to execute the selected function, without prompting reselection from a list of logged-in users, even if the number of the logged-in user is two or more.
  • Next, in step S126, the user session management 3010 determines whether or not the execution user determined by the above procedure is the same as the current execution user. If the execution user is the same, the process immediately proceeds to step S129, where the application 3012 executes the selected function. If the execution user is not the same, the user session management 3010 changes the user profile to that of the determined execution user in step S127, and further changes the user authority to that of the determined execution user in step S128. Then, in step S129, the selected function is executed.
    • Advantages of First Embodiment
  • According to this embodiment, it is possible to reduce the frequency of a user's inputting work for authentication information to improve the convenience, in an apparatus configured to be capable of restricting access to jobs and resources depending on a user who logs in.
  • Furthermore, the login user display area 9005 is provided so that it is displayed which of logged-in users a predetermined function is executed by. Thereby, it is possible for the user to easily determine which user's user profile, among those of the logged-in users, an operation for executing a function is performed on the basis of.
    • Second Embodiment
  • Next, a second embodiment of the present invention will be described.
  • The basic configuration of the second embodiment is similar to that described with reference to FIGS. 1 to 3 in the above first embodiment. A characteristic part of the second embodiment will be described below.
    • User Session Management of Second Embodiment
  • FIG. 10 is a timing chart showing user session management according to the second embodiment of the present invention.
  • The user session management of this embodiment is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011. Reference numerals 5001 to 5003 in FIG. 10 indicate the same as indicated by reference numerals 4001 to 4003 in FIG. 16.
  • FIG. 11 is a tabular form diagram showing settings for the user profiles and user authorities of users A and B used in FIG. 10.
  • In the example shown in FIG. 11, user type information 8001 indicting the type (classification) of user is registered as a user profile, as is distinct from the example in FIG. 17 used in the first embodiment. The user types include, for example, an anonymous user and a real-name user. The anonymous user is a special user used by an unspecified large number of persons. The anonymous user does not have user identification elements, such as username information about the name of the user and a mail address. The real-name user is a user who has such user identification elements.
  • When a user logs in as an anonymous user by selecting the OK button without inputting user information on the login screen (FIG. 5) at time t801, a menu screen (FIG. 12) is displayed on the operation section 2012. A login user display area 9015 is arranged at the lower part of a main menu 9010, and it is displayed that a function is being executed by the anonymous user at this time point. Since the anonymous user is permitted to execute the color copying function in setting information in FIG. 11, he can execute a color copying function 9011. It should be noted that login as the anonymous user may be automatically performed when the image processing apparatus 1004 is activated.
  • When the user selects “Return to menu” 9012 in FIG. 12 after execution of the color copying function ends, the screen returns to the main menu 9010. After that, when the user selects a network management function 9013 in FIG. 12 at time t802, the access management 3011 checks the user authority of the anonymous user to determine whether or not the anonymous user is permitted to execute network management function. Since the anonymous user is prohibited to execute the network management function in the setting information in FIG. 11, the access management 3011 notifies the user session management 3010 to that effect. In response to this, the user session management 3010 displays a login screen 9070 (FIG. 13) requesting authentication of an authorized user. Here, when the user logs in again as the user B by inputting the authentication information about the user B on the login screen 9070, the user session management 3010 changes the user profile 5001 to that of the user B as indicated by reference numeral 5021 in FIG. 10, and changes the user authority 5002 so that all of the items, each of which has been permitted to either of the anonymous user and the user B, are changed to be “permitted” as indicated by reference numeral 5022 in FIG. 10. At the same time, it is displayed in the login user display area 9015 that the function is being executed by the user B.
  • When the user selects “Return to menu” 9012 in FIG. 12 after execution of the network management function ends, the screen returns to the main menu 9010. After that, when the user selects the color copy function 9011 in FIG. 12 at time t803 again, the access management 3011 checks the user authorities of the the currently logged-in users regarding to determine whether or not either of the users are permitted to execute the color copying function. Since the currently logged-in user is permitted to execute color copying in the user authority indicated by reference numeral 5022 in FIG. 10, he can execute the color copying function without the need for displaying the login screen 9070 again. Furthermore, it is displayed in the login user display area 9015 that the function is being executed by the user B, without any change being made in the login user display area 9015.
  • When the user selects “Return to menu” 9012 in FIG. 12 after re-execution of the color copying function ends, the screen returns to the main menu 9010. After that, when the user selects the fax function 9014 at time t803, the access management 3011 checks the user authorities of the currently logged-in users to determine whether or not either of the users are permitted to execute the fax function. Since the currently logged-in user is not permitted to execute the fax function in the user authority indicated by reference numeral 5022 in FIG. 10, it is notified to the user session management 3010. In responses to this, the user session management 3010 displays an error screen 9080 (FIG. 14) notifying that it is not possible to change the user. This is because, in the second embodiment, further authentication is prohibited when login as the real-name user has been performed. The user profile 5001 and the user authority 5002 are never changed.
  • It should noted that: in the case of logging in as the user A, who is a real-name user, when inputting user information on the login screen (FIG. 5), and attempting to execute the network management function 9013, the error screen 9080 (FIG. 14) notifying that it is impossible to change the user is displayed similarly.
    • Characteristic Processing According to Second Embodiment
  • Next, characteristic processing according to the second embodiment will be described with reference to FIG. 15.
  • FIG. 15 is a flowchart showing a procedure for the processing according to the second embodiment. This processing is processing for determining whether or not to cause authentication to be performed again depending on the user type of a logged-in user when authority lacks, and it is executed by the CPU 2001 of the image processing apparatus 1004 as the function of the user session management 3010 and the access management 3011.
  • When a user selects a function in step S131, the access management 3011 determines whether or not the logged-in user is permitted to execute the selected function, in step S132. If it is determined that the user is permitted to execute the selected function, the process proceeds to step S141, where the application 3012 executes the selected function. On the other hand, if it is determined that the user is not permitted to execute the selected function, the user session management 3010 determines whether or not the logged-in user is an anonymous user, in step S133. If it is determined that the user is not an anonymous user, the process proceeds to step S134, where the error screen 9080 (FIG. 14) is displayed.
  • On the other hand, if it is determined that the logged-in user is an anonymous user, the process proceeds to step S135, where the login screen 9070 (FIG. 13) is displayed. In step S136, input of authentication information is received from the user. It is determined in step S137 whether or not the received authentication information is correct. If it is not correct, the process returns to the processing of step S135. On the other hand, if the received authentication information is correct, the access management 3011 determines whether or not a newly logged-in real-name user is permitted to execute the selected function on the basis of the received authentication information in step S138. If the real-name user is not permitted to execute the selected function, the process returns to step S135.
  • On the other hand, if the real-name user is permitted to execute the selected function, the user session management 3010 overwrites the user profile with that of the newly logged-in user, in step S139. Then, the user authority information is merged in step S140, and the selected function is executed in step S141.
    • Advantages according to Second Embodiment
  • Even when an anonymous user and a real-name user are synthesized as a logged-in user, advantages equal to those of the first embodiment can be obtained.
  • It is to be understood that the present invention may also be accomplished by supplying a system or an apparatus with a storage medium in which a program code of software, which realizes the functions of either of the above described embodiments is stored, and causing a computer (or CPU or MPU) of the system or apparatus to read out and execute the program code stored in the storage medium.
  • In this case, the program code itself read from the storage medium realizes the functions of either of the above described embodiments, and therefore the program code and the storage medium in which the program code is stored constitute the present invention.
  • Examples of the storage medium for supplying the program code include a floppy (registered trademark) disk, a hard disk, a magnetic-optical disk, a CD-ROM, a CD-R, a CD-RW, a DVD-ROM, a DVD-RAM, a DVD-RW, a DVD+RW, a magnetic tape, a nonvolatile memory card, and a ROM. Alternatively, the program may be downloaded via a network.
  • Further, it is to be understood that the functions of either of the above described embodiments may be accomplished not only by executing the program code read out by a computer, but also by causing an OS (operating system) or the like which operates on the computer to perform a part or all of the actual operations based on instructions of the program code.
  • Further, it is to be understood that the functions of either of the above described embodiments may be accomplished by writing a program code read out from the storage medium into a memory provided on an expansion board inserted into a computer or a memory provided in an expansion unit connected to the computer and then causing a CPU or the like provided in the expansion board or the expansion unit to perform a part or all of the actual operations based on instructions of the program code.
  • While the present invention has been described with reference to exemplary embodiments, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. The scope of the following claims is to be accorded the broadest interpretation so as to encompass all such modifications, equivalent structures and functions.
  • This application claims the benefit of Japanese Patent Application No. 2008-283306 Nov. 4, 2008, which is hereby incorporated by reference herein in its entirety.

Claims (11)

1. An image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the image processing apparatus comprising:
a user authentication unit adapted to perform authentication of a user;
an access restriction unit adapted to restrict access to a predetermined function depending on the user the authentication of which is performed by said user authentication unit;
a management unit adapted to manage user information about the user who has multiply logged in, for each login independently;
a confirmation unit adapted to confirm the number of logged-in users by referring to the user information managed by said management unit when the predetermined function is to be executed;
a first setting unit adapted to, when the number of the logged-in users is one as a result of the confirmation by said confirmation unit, set the logged-in user as an executor of the predetermined function; and
a second setting unit adapted to, when the number of the logged-in users is two or more as a result of the confirmation by said confirmation unit, cause the user to select one of the logged-in users to set the selected one as the executor of the predetermined function.
2. The image processing apparatus according to claim 1, further comprising a third setting unit adapted to, if the number of users who have been logged in as the different user is one and the one different user is permitted to execute the predetermined function, set the one different user as the executor of the predetermined function while said second setting unit does not cause the user to select one of the logged-in users, even if the number of the logged-in users is two or more as a result of the confirmation by said confirmation unit.
3. The image processing apparatus according to claim 1, further comprising a display unit adapted to, when an operation for executing the predetermined function is performed, display the username of a user who executes the predetermined function among the users who have multiply logged in.
4. An image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the image processing apparatus comprising:
a user authentication unit adapted to perform authentication of a user;
an access restriction unit adapted to restrict access to a predetermined function depending on the user the authentication of which is performed by said user authentication unit;
a management unit adapted to manage at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login; and
a determination unit adapted to determine whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
5. The image processing apparatus according to claim 4, wherein
the user type information includes at least an anonymous user who does not have user identification elements including a username and a mail address and a real-name user who has these user identification elements; and
said determination unit permits the logged-in user to log in as the different user if the logged-in user is the anonymous user, and prohibits the logged-in user to log in as the different user if the logged-in user is the real-name user.
6. The image processing apparatus according to claim 5, further comprising a synthesis unit adapted to synthesize the user information using the username of the real-name user as the username information and using information obtained by adding the user authority of the real-name user to the user authority of the anonymous user, as the user authority information.
7. The image processing apparatus according to claim 4, further comprising a display unit adapted to, when an operation for executing the predetermined function is performed, display the username of a user who executes the predetermined function among the users who have been multiply logged in.
8. A control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the method comprising:
a user authentication step of authenticating a user;
an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in said user authentication step;
a management step of managing user information about the user who has multiply logged in, for each login independently;
a confirmation step of confirming the number of logged-in users by referring to the user information managed in said management step when the predetermined function is to be executed;
a first setting step of, when the number of the logged-in users is one as a result of the confirmation in said confirmation step, setting the logged-in user as an executor of the predetermined function; and
a second setting step of, when the number of the logged-in users is two or more as a result of the confirmation in said confirmation step, causing the user to select one of the logged-in users to set the selected one as the executor of the predetermined function.
9. A control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, the method comprising:
a user authentication step of authenticating a user;
an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in said user authentication step;
a management step of managing at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login; and
a determination step of determining whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
10. A computer-readable storage medium storing a computer-readable program for implementing a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, wherein
the method comprises:
a user authentication step of authenticating a user;
an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in said user authentication step;
a management step of managing user information about the user who has multiply logged in, for each login independently;
a confirmation step of confirming the number of logged-in users by referring to the user information managed in said management step when the predetermined function is to be executed;
a first setting step of, when the number of the logged-in users is one as a result of the confirmation in said confirmation step, setting the logged-in user as an executor of the predetermined function; and
a second setting step of, when the number of the logged-in users is two or more as a result of the confirmation in said confirmation step, causing the user to select one of the logged-in users to set the selected one as the executor of the predetermined function.
11. A computer-readable storage medium storing a computer-readable program for implementing a control method for an image processing apparatus enabling a user who has logged in to multiply log in as a different user to execute a predetermined function, wherein
the method comprises:
a user authentication step of authenticating a user;
an access restriction step of restricting access to a predetermined function depending on the user the authentication of which is performed in said user authentication step;
a management step of managing at least user type information about user classification, username information about a username, and user authority information about the access restriction as user information about the user who has multiply logged in, for each login; and
a determination step of determining whether or not to permit the logged-in user to log in as the different user according to the user type information about the logged-in user.
US12/611,450 2008-11-04 2009-11-03 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method Abandoned US20100115608A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US13/526,190 US10061931B2 (en) 2008-11-04 2012-06-18 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US16/048,718 US20180336358A1 (en) 2008-11-04 2018-07-30 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US17/366,283 US20210334394A1 (en) 2008-11-04 2021-07-02 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2008283306A JP5398231B2 (en) 2008-11-04 2008-11-04 Image processing apparatus, control method therefor, and program
JP2008-283306 2008-11-04

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/526,190 Division US10061931B2 (en) 2008-11-04 2012-06-18 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method

Publications (1)

Publication Number Publication Date
US20100115608A1 true US20100115608A1 (en) 2010-05-06

Family

ID=42133104

Family Applications (4)

Application Number Title Priority Date Filing Date
US12/611,450 Abandoned US20100115608A1 (en) 2008-11-04 2009-11-03 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US13/526,190 Active 2031-06-05 US10061931B2 (en) 2008-11-04 2012-06-18 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US16/048,718 Abandoned US20180336358A1 (en) 2008-11-04 2018-07-30 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US17/366,283 Pending US20210334394A1 (en) 2008-11-04 2021-07-02 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method

Family Applications After (3)

Application Number Title Priority Date Filing Date
US13/526,190 Active 2031-06-05 US10061931B2 (en) 2008-11-04 2012-06-18 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US16/048,718 Abandoned US20180336358A1 (en) 2008-11-04 2018-07-30 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US17/366,283 Pending US20210334394A1 (en) 2008-11-04 2021-07-02 Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method

Country Status (2)

Country Link
US (4) US20100115608A1 (en)
JP (1) JP5398231B2 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611816A (en) * 2010-12-27 2012-07-25 京瓷美达株式会社 Image forming apparatus and control method for image forming apparatus
US20130347098A1 (en) * 2012-06-26 2013-12-26 Kyocera Document Solutions Inc. Image forming apparatus
CN104427200A (en) * 2013-08-30 2015-03-18 京瓷办公信息系统株式会社 Information processing apparatus and job setting method
CN104427179A (en) * 2013-08-30 2015-03-18 京瓷办公信息系统株式会社 Information processing apparatus and job setting method
US20150161407A1 (en) * 2013-12-06 2015-06-11 Ricoh Company, Ltd. Information processing apparatus and information management method
US20160171355A1 (en) * 2013-01-30 2016-06-16 Canon Kabushiki Kaisha Image forming apparatus equipped with secure print function, method of controlling the same, and storage medium
US20160299730A1 (en) * 2015-04-09 2016-10-13 Canon Kabushiki Kaisha Image output system, image processing apparatus, image output apparatus and methods therefor
CN107710130A (en) * 2015-06-23 2018-02-16 株式会社理光 Device, information processing system, information processing method and computer program product
CN110808978A (en) * 2019-10-31 2020-02-18 支付宝(杭州)信息技术有限公司 Real name authentication method and device
CN111062024A (en) * 2019-11-25 2020-04-24 泰康保险集团股份有限公司 Application login method and device
US20210073366A1 (en) * 2019-09-09 2021-03-11 Canon Kabushiki Kaisha Information processing apparatus, control method, and medium

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012137968A (en) * 2010-12-27 2012-07-19 Kyocera Document Solutions Inc Image forming apparatus
JP2012137969A (en) * 2010-12-27 2012-07-19 Kyocera Document Solutions Inc Image forming apparatus
US9251354B2 (en) * 2012-10-15 2016-02-02 Imprivata, Inc. Secure access supersession on shared workstations
JP6136576B2 (en) * 2013-05-28 2017-05-31 富士通株式会社 Application distribution apparatus, application distribution method, application distribution program, application execution apparatus, application execution method, application execution program, and application distribution system
JP6298285B2 (en) * 2013-12-17 2018-03-20 キヤノン株式会社 Information processing apparatus, control method therefor, and program
JP6217686B2 (en) * 2015-04-06 2017-10-25 コニカミノルタ株式会社 Mobile terminal, program, and communication system
JP6693435B2 (en) * 2017-02-08 2020-05-13 カシオ計算機株式会社 Authentication device and program
JP6787190B2 (en) * 2017-03-06 2020-11-18 カシオ計算機株式会社 Authentication device and program
JP6972838B2 (en) * 2017-09-25 2021-11-24 株式会社リコー Information processing system, information processing device and information processing method
JP6530831B2 (en) * 2018-02-23 2019-06-12 キヤノン株式会社 INFORMATION PROCESSING APPARATUS, CONTROL METHOD THEREOF, AND PROGRAM
JP2021089469A (en) * 2019-12-02 2021-06-10 富士フイルムビジネスイノベーション株式会社 Information processing device and program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050265744A1 (en) * 2004-05-27 2005-12-01 Hiroya Uruta Image forming apparatus and verification control method thereof
US20080201771A1 (en) * 2007-02-20 2008-08-21 Konica Minolta Business Technologies, Inc. Authentication apparatus, authentication system, authentication method, and authentication program using biometric information for authentication
US7437457B1 (en) * 2003-09-08 2008-10-14 Aol Llc, A Delaware Limited Liability Company Regulating concurrent logins associated with a single account

Family Cites Families (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3489969B2 (en) * 1997-07-09 2004-01-26 シャープ株式会社 Multi-user login / logout management method, recording medium used for implementing the method, and multi-user information processing terminal device
JPH1131019A (en) * 1997-07-10 1999-02-02 Canon Inc Information processing system, information processor, and their control method
DE10350174A1 (en) * 2002-11-29 2004-06-24 Siemens Ag Logging users onto data processing devices involves getting authentication data, deriving identity/access rights, granting access independently of starting operating system/data processing application
US7738857B2 (en) * 2003-03-28 2010-06-15 Varia Holdings Llc Wireless mobile phone with authenticated mode of operation including photo based authentication
JP2005102133A (en) * 2003-04-28 2005-04-14 Ricoh Co Ltd Image forming apparatus, and method for referring to destination information
JP4289021B2 (en) * 2003-05-22 2009-07-01 株式会社デンソー In-vehicle device and method for preventing unauthorized use of in-vehicle device
US20040260617A1 (en) * 2003-06-23 2004-12-23 Davidson Richard H. Flavor ordering system
JP2005339136A (en) * 2004-05-26 2005-12-08 Ricoh Co Ltd Image forming apparatus and authentication accounting method
JP3982520B2 (en) * 2004-06-02 2007-09-26 コニカミノルタビジネステクノロジーズ株式会社 Access management system and method, image forming apparatus, and computer program
JP4513449B2 (en) 2004-07-23 2010-07-28 村田機械株式会社 Image communication device
US8570544B2 (en) * 2004-12-15 2013-10-29 Samsung Electronics Co., Ltd. Multifunction peripheral (MFP) and a method for restricting use thereof
US7529931B2 (en) * 2004-12-23 2009-05-05 Microsoft Corporation Managing elevated rights on a network
JP4861631B2 (en) 2005-02-22 2012-01-25 株式会社リコー User authentication apparatus, image forming apparatus, user authentication method, and user authentication program
US7617530B2 (en) * 2005-04-22 2009-11-10 Microsoft Corporation Rights elevator
US20060259964A1 (en) * 2005-05-10 2006-11-16 Microsoft Corporation Applying local machine restrictions on a per-user basis
JP4211760B2 (en) * 2005-05-26 2009-01-21 コニカミノルタビジネステクノロジーズ株式会社 Information processing apparatus, management method thereof, and computer program
US20060277287A1 (en) * 2005-06-07 2006-12-07 Azaleos Corporation Maintenance and administration user interface
KR100754176B1 (en) * 2005-06-08 2007-09-03 삼성전자주식회사 Transmission list saving method in MFP and the MFP having the same function
US7788494B2 (en) * 2005-06-28 2010-08-31 Intel Corporation Link key injection mechanism for personal area networks
JP2007042015A (en) 2005-08-05 2007-02-15 Brother Ind Ltd Control system and program for peripheral electronic instrument
JP2007058589A (en) 2005-08-24 2007-03-08 Fuji Xerox Co Ltd Image forming apparatus
JP2007079684A (en) 2005-09-12 2007-03-29 Murata Mach Ltd Processor
JP2007094673A (en) 2005-09-28 2007-04-12 Ricoh Co Ltd Apparatus and use restriction program
JP4758199B2 (en) 2005-10-27 2011-08-24 株式会社リコー Network management system
JP2007286908A (en) * 2006-04-17 2007-11-01 Canon Inc Management system, its control method, computer program, and storage medium
JP2007295245A (en) 2006-04-25 2007-11-08 Ricoh Co Ltd Image forming apparatus, information processing apparatus, and information processing system
JP2007296789A (en) * 2006-05-01 2007-11-15 Konica Minolta Business Technologies Inc Job executing apparatus, job executing processing method, and job executing processing program
JP4270257B2 (en) * 2006-09-29 2009-05-27 ブラザー工業株式会社 Image forming apparatus
JP4274227B2 (en) 2006-10-26 2009-06-03 コニカミノルタビジネステクノロジーズ株式会社 Image processing apparatus and program
JP2008243066A (en) 2007-03-28 2008-10-09 Canon Inc Information processor and control method thereof
JP5094187B2 (en) * 2007-04-11 2012-12-12 キヤノン株式会社 Information processing apparatus, information processing apparatus control method, storage medium, and program
JP4479759B2 (en) * 2007-07-17 2010-06-09 コニカミノルタビジネステクノロジーズ株式会社 Image forming apparatus
JP5046816B2 (en) * 2007-09-13 2012-10-10 株式会社リコー Image processing apparatus, session management method, and session management program
JP4744503B2 (en) * 2007-11-30 2011-08-10 シャープ株式会社 Operation processing device
JP2009199253A (en) * 2008-02-20 2009-09-03 Canon Inc Printing system, print method, and printer
JP4618344B2 (en) * 2008-07-29 2011-01-26 コニカミノルタビジネステクノロジーズ株式会社 Authentication device, authentication system, authentication method, authentication program, and recording medium
JP2010061583A (en) * 2008-09-05 2010-03-18 Riso Kagaku Corp Information processing apparatus
JP4801759B2 (en) * 2009-06-30 2011-10-26 シャープ株式会社 MFP, authentication server, and system
JP5671952B2 (en) * 2010-11-05 2015-02-18 富士ゼロックス株式会社 Information processing apparatus, information processing system, and program
US9990483B2 (en) * 2014-05-07 2018-06-05 Qualcomm Incorporated Dynamic activation of user profiles based on biometric identification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7437457B1 (en) * 2003-09-08 2008-10-14 Aol Llc, A Delaware Limited Liability Company Regulating concurrent logins associated with a single account
US20050265744A1 (en) * 2004-05-27 2005-12-01 Hiroya Uruta Image forming apparatus and verification control method thereof
US7343114B2 (en) * 2004-05-27 2008-03-11 Ricoh Company, Ltd. Image forming apparatus and verification control method thereof
US20080201771A1 (en) * 2007-02-20 2008-08-21 Konica Minolta Business Technologies, Inc. Authentication apparatus, authentication system, authentication method, and authentication program using biometric information for authentication

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8505089B2 (en) 2010-12-27 2013-08-06 Kyocera Mita Corporation Image forming apparatus and control method for image forming apparatus
CN102611816A (en) * 2010-12-27 2012-07-25 京瓷美达株式会社 Image forming apparatus and control method for image forming apparatus
US9075972B2 (en) * 2012-06-26 2015-07-07 Kyocera Document Solutions Inc. Image forming apparatus
US20130347098A1 (en) * 2012-06-26 2013-12-26 Kyocera Document Solutions Inc. Image forming apparatus
US10083382B2 (en) * 2013-01-30 2018-09-25 Canon Kabushiki Kaisha Image forming apparatus equipped with secure print function, method of controlling the same, and storage medium
US20160171355A1 (en) * 2013-01-30 2016-06-16 Canon Kabushiki Kaisha Image forming apparatus equipped with secure print function, method of controlling the same, and storage medium
CN104427179A (en) * 2013-08-30 2015-03-18 京瓷办公信息系统株式会社 Information processing apparatus and job setting method
CN104427200A (en) * 2013-08-30 2015-03-18 京瓷办公信息系统株式会社 Information processing apparatus and job setting method
US20150161407A1 (en) * 2013-12-06 2015-06-11 Ricoh Company, Ltd. Information processing apparatus and information management method
US9721083B2 (en) * 2013-12-06 2017-08-01 Ricoh Company, Ltd. Information processing apparatus and information management method
US20160299730A1 (en) * 2015-04-09 2016-10-13 Canon Kabushiki Kaisha Image output system, image processing apparatus, image output apparatus and methods therefor
US9910629B2 (en) * 2015-04-09 2018-03-06 Canon Kabushiki Kaisha Image output system, image processing apparatus, image output apparatus and methods therefor
CN107710130A (en) * 2015-06-23 2018-02-16 株式会社理光 Device, information processing system, information processing method and computer program product
US10180849B2 (en) * 2015-06-23 2019-01-15 Ricoh Company, Ltd. Apparatus, information processing system, information processing method, and computer program product
US20210073366A1 (en) * 2019-09-09 2021-03-11 Canon Kabushiki Kaisha Information processing apparatus, control method, and medium
US11790063B2 (en) * 2019-09-09 2023-10-17 Canon Kabushiki Kaisha Information processing apparatus, control method, and medium
CN110808978A (en) * 2019-10-31 2020-02-18 支付宝(杭州)信息技术有限公司 Real name authentication method and device
CN111062024A (en) * 2019-11-25 2020-04-24 泰康保险集团股份有限公司 Application login method and device

Also Published As

Publication number Publication date
JP2010114504A (en) 2010-05-20
US20210334394A1 (en) 2021-10-28
US20180336358A1 (en) 2018-11-22
US10061931B2 (en) 2018-08-28
JP5398231B2 (en) 2014-01-29
US20120260333A1 (en) 2012-10-11

Similar Documents

Publication Publication Date Title
US20210334394A1 (en) Image processing apparatus, control method therefor, and computer-readable storage medium storing program for implementing the method
US9106868B2 (en) Image processing apparatus, control method therefor, and storage medium
US20070124799A1 (en) Authentication agent apparatus, authentication method, and program product therefor
US8661529B2 (en) Information processing device
US20080301814A1 (en) Information processing apparatus, information processing method, and computer-readable recording medium storing information processing program
US9117165B2 (en) Image processing system and image processing apparatus for sending image data
JP2005339136A (en) Image forming apparatus and authentication accounting method
US9477434B2 (en) Image forming apparatus, job execution system, and job execution method
US8345278B2 (en) Job processing system, job processing apparatus, and control method thereof
JP6157546B2 (en) Information processing apparatus, information processing system, information processing apparatus control method, and program
JP6993910B2 (en) Information processing equipment, its control method, and programs
JP6929987B2 (en) Image processing device, control method and program of image processing device
JP2008027391A (en) Image processing system, image processor, and program
JP2018142928A (en) Image processing device, control method therefor, and program
JP2013117986A (en) Image processing apparatus and control method therefor, and program
JP6701405B2 (en) Information processing equipment
JP7277654B2 (en) MULTI-FUNCTIONAL COPYING MACHINE, CONTROL METHOD AND PROGRAM
JP7110460B2 (en) Image processing device, control method and program
JP6498235B2 (en) Information processing apparatus, control method therefor, and program
JP2005341133A (en) Authentication charging method
JP7373414B2 (en) image forming device
JP4425708B2 (en) Image forming apparatus and authentication charging method
JP2022033937A (en) Information processing apparatus, control method of the same, and program
JP5454008B2 (en) Information processing apparatus and program
JP2010074423A (en) Data distribution system, data distribution device, data distribution method, data distribution program, and recording medium

Legal Events

Date Code Title Description
AS Assignment

Owner name: CANON KABUSHIKI KAISHA,JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:UCHIKAWA, HIROSHI;REEL/FRAME:023943/0202

Effective date: 20091211

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION