WO2004022350A1 - プリンタ及び印刷システム、並びに、データ受信装置及びデータ送受信システム - Google Patents
プリンタ及び印刷システム、並びに、データ受信装置及びデータ送受信システム Download PDFInfo
- Publication number
- WO2004022350A1 WO2004022350A1 PCT/JP2003/009280 JP0309280W WO2004022350A1 WO 2004022350 A1 WO2004022350 A1 WO 2004022350A1 JP 0309280 W JP0309280 W JP 0309280W WO 2004022350 A1 WO2004022350 A1 WO 2004022350A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- printer
- public key
- data
- predetermined number
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
- G06F21/608—Secure printing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
Definitions
- the present invention relates to a printer and a printing system, and a data receiving device and a data transmitting and receiving system. More particularly, the present invention relates to a printer and a printing system that ensure the security of data transmitted to the printer and the data receiving device, and a data receiving device and a data receiving device. It relates to a data transmission / reception system. Background technology
- the printer unconditionally prints the print data sent from the print client, even if the printer is not installed in the place intended by the user, the print is performed as it is. It will be.
- the IP address which is an address on the network, may not be changed. The transmitted print data will be printed. Such a situation is undesirable for a user who wants to secure print data.
- the printer sends the print data sent from the print client If printing is performed by the printer, the printer will print even print data from a print client to which the printer does not originally have authority to print. In this case, it is not possible to limit the print clients that can print with the printer, which is also undesirable. In particular, given that there may be users who send large amounts of print data with improper intent, it is necessary to set some printing restrictions.
- a printer used in one department of a company may be moved to another department and used again.
- the necessity of a technique for preventing print data from a print client from being printed on the printer side has been recognized (see Japanese Patent Application Laid-Open No. H11-31314).
- Some printers include a certificate for authenticating the printer itself. However, if such a printer is to be discarded, the certificate built into the printer must be securely deleted. However, if the printer cannot be printed just by changing the location of the printer, the printer can be destroyed more safely.
- the present invention has been made in view of the above-mentioned problems, and a print system that secures print data and printer security by restricting print data that can be printed based on information on the location of the printer is provided.
- the purpose is to provide.
- a printer is a printer for processing print data, A printer position information obtaining unit for obtaining printer position information for specifying a place where the printer is installed,
- a first printer position information acquisition unit that acquires printer position information from the printer position information acquisition unit and uses this as first printer position information
- a public key generation unit that generates a public key using a passphrase including at least the first printer position information and a predetermined number
- a print data receiving unit that receives the print data encrypted with the public key; and, upon receiving the print data, obtains printer position information from the printer position information obtaining unit.
- a second printer position information acquisition section A second printer position information acquisition section
- a secret key generation unit that generates a secret key using the passphrase including at least the second printer position information and the predetermined number
- a method of controlling a printer that processes print data includes acquiring printer position information for specifying a location where the printer is installed from a printer position information acquisition unit, Using the first printer position information as
- Using the private key comprises decrypting the print data received by the print data receiving section ( According to another aspect of the present invention, there is provided a printing system comprising at least one printer and at least one print client connected to the printer via a network.
- the printer is
- a first printer position information acquisition unit that acquires printer position information from the printer position information acquisition unit and uses this as first printer position information
- a public key generation unit that generates a public key using a passphrase including at least the first printer position information and a predetermined number
- the print client The print client,
- a print data generation unit that generates print data for printing by the printer; a print data transmission unit that encrypts the print data with the public key, and transmits the encrypted print data to the printer.
- the printer further comprises:
- a print data receiving unit that receives print data transmitted from the print client and encrypted with the public key
- a second printer position information obtaining unit that obtains printer position information from the printer position information obtaining unit when the print data is received, and uses the printer position information as second printer position information;
- a secret key generation unit that generates a secret key using the passphrase including at least the second printer position information and the predetermined number
- a data receiving device for processing data comprises:
- Data receiving device position for specifying the location where the data receiving device is installed
- a data receiving device position information acquisition unit for acquiring location information
- a first data receiving device position information acquiring unit that acquires data receiving device position information from the data receiving device position information acquiring unit and uses this as first data receiving device position information;
- a public key generation unit that generates a public key using a passphrase including at least
- a data receiving unit that receives the data encrypted with the public key
- a second data receiving device position information acquiring unit that, when receiving the data, acquires data receiving device position information from the data receiving device position information acquiring unit and uses the data receiving device position information as second data receiving device position information;
- a secret key generation unit that generates a secret key using the passphrase including at least the second data receiving device position information and the predetermined number;
- a data transmission / reception system comprising: at least one data reception device; and at least one data transmission device connected to the data reception device via a network.
- the data receiving device receives the data from the base station.
- a data receiving device position information obtaining unit for obtaining data receiving device position information for specifying a place where the data receiving device is installed
- a first data receiving device position information acquiring unit that acquires data receiving device position information from the data receiving device position information acquiring unit and uses this as first data receiving device position information;
- a public key generation unit that generates a public key using a passphrase including at least
- the data transmission device includes
- a data generating unit that generates data for performing processing in the data receiving device; a data transmitting unit that encrypts the data with the public key and transmits the encrypted data to the data receiving device;
- the data receiving device further comprises:
- a data receiving unit that receives data encrypted with the public key transmitted from the data transmitting device
- a second data receiving device position information acquiring unit that, when receiving the data, acquires data receiving device position information from the data receiving device position information acquiring unit and uses the data receiving device position information as second data receiving device position information;
- a secret key generation unit that generates a secret key using the passphrase including at least the second data receiving device position information and the predetermined number;
- FIG. 1 is a diagram illustrating an example of a configuration of a printing system according to the first embodiment of the present invention
- FIG. 2 is a diagram illustrating an example of a hardware configuration of a printer according to the first embodiment of the present invention
- FIG. 3 is a diagram illustrating an example of a configuration of a print client according to the first embodiment of the present invention.
- FIG. 4 is a diagram illustrating print data using a public key and a secret key according to the first embodiment of the present invention.
- FIG. 5 is a flowchart illustrating a public key request process executed by the print client according to the first embodiment of the present invention.
- FIG. 6 is a diagram showing an example of a configuration of a public key table provided in the print client according to the first embodiment of the present invention
- FIG. 7 is a diagram (part 1) showing a part of a flowchart for explaining a public key transmission process executed by the printer according to the first embodiment of the present invention.
- FIG. 8 is a view (part 2) showing a part of a flowchart for explaining a public key transmission process executed by the printer according to the first embodiment of the present invention.
- FIG. 9 shows a print request process executed by the print client according to the first embodiment of the present invention. Diagram showing a flowchart explaining the process
- FIG. 10 is a flowchart illustrating a print execution process executed by the printer according to the first embodiment of the present invention.
- FIG. 11 is a diagram showing a part of a flowchart illustrating a public key transmission process executed by the printer according to the second embodiment of the present invention.
- FIG. 12 is a diagram showing an example of a configuration of a random number table provided in the printer according to the second embodiment of the present invention.
- FIG. 13 is a flowchart illustrating a print request process executed by the print client according to the second embodiment of the present invention.
- FIG. 14 is a diagram illustrating an example of a configuration of print transmission data transmitted from a print client to a printer in the second embodiment of the present invention.
- FIG. 15 is a flowchart illustrating a print execution process executed by the printer according to the second embodiment of the present invention.
- FIG. 16 is a flowchart illustrating a public key request process executed by the print client according to the third embodiment of the present invention.
- FIG. 17 is a diagram illustrating an example of a configuration of a public key table included in a print client according to the third embodiment of the present invention.
- FIG. 18 is a view (part 1) showing a part of a flowchart for explaining a public key transmission process executed by the printer according to the third embodiment of the present invention.
- FIG. 19 is a view (part 2) showing a part of a flowchart for explaining a public key transmission process executed by the printer according to the third embodiment of the present invention.
- FIG. 20 is a diagram illustrating an example of a configuration of a random number table provided in the printer according to the third embodiment of the present invention.
- FIG. 21 is a flowchart illustrating a print request process executed by the print client according to the third embodiment of the present invention.
- FIG. 22 is a diagram illustrating an example of a configuration of print transmission data transmitted from a print client to a printer in the third embodiment of the present invention.
- FIG. 23 is a flowchart illustrating a print execution process executed by the printer according to the third embodiment of the present invention.
- FIG. 24 is a diagram (part 1) showing a part of a flowchart for explaining a print request process executed by a print client according to the fourth embodiment.
- FIG. 25 is a diagram (part 2) showing a part of a flowchart for explaining a print request process executed by a print client according to the fourth embodiment.
- FIG. 26 is a diagram (part 1) showing a part of a flow chart for explaining a print execution process executed by the printer according to the fourth embodiment.
- FIG. 27 is a diagram (part 2) showing a part of a flow chart for explaining a print execution process executed by the printer according to the fourth embodiment.
- FIG. 28 is a diagram (part 3) showing a part of a flowchart explaining the print execution process executed by the printer according to the fourth embodiment.
- FIG. 29 is a conceptual diagram illustrating encryption and decryption of print data using a public key and a secret key in the fifth embodiment of the present invention.
- FIG. 30 is a flowchart illustrating a public key request process executed by the print client according to the fifth embodiment of the present invention.
- FIG. 31 is a diagram showing an example of a configuration of a public key table provided in a print client according to a fifth embodiment of the present invention.
- FIG. 32 is a diagram (part 1) showing a part of a flowchart illustrating a public key transmission process executed by the printer according to the fifth embodiment of the present invention.
- FIG. 33 is a diagram (part 2) showing a part of a flowchart for explaining a public key transmission process executed by the printer according to the fifth embodiment of the present invention.
- FIG. 34 is a flowchart illustrating a print request process executed by the print client according to the fifth embodiment of the present invention.
- FIG. 35 is a flowchart illustrating a print execution process performed by the printer according to the fifth embodiment of the present invention.
- FIG. 36 is a flowchart illustrating a public key request process executed by the print client according to the sixth embodiment of the present invention.
- FIG. 37 is a diagram illustrating an example of a configuration of a public key table included in a print client according to the sixth embodiment of the present invention.
- FIG. 38 shows a print request executed by the print client according to the sixth embodiment of the present invention.
- FIG. 6 is a diagram showing a flowchart for explaining processing.
- FIG. 39 is a diagram (part 1) showing a part of a flowchart for explaining the print request processing executed by the print client according to the present embodiment.
- FIG. 40 is a diagram (part 2) showing a part of a flowchart for explaining a print request process executed by the print client according to the present embodiment.
- FIG. 41 is a diagram (part 1) showing a part of a flowchart for explaining print execution processing executed by the printer according to the present embodiment.
- FIG. 42 is a diagram (part 2) showing a part of a flowchart for explaining the print execution process executed by the printer according to the present embodiment.
- FIG. 43 is a view (part 3) showing a part of a flowchart for explaining the print execution processing executed by the printer according to the present embodiment.
- FIG. 44 is a diagram illustrating an example in which an algorithm and additional information are transmitted from a printer to a print client instead of a random number (when a predetermined number is transmitted from a print client to a printer).
- FIG. 45 is a diagram showing a modification of FIG. 44 (when an algorithm and additional information are transmitted from a print client to a printer).
- FIG. 46 is a diagram showing another modification of FIG. 44 (when transmitting additional information without transmitting an algorithm from the print client to the printer). Preferred embodiment
- the printing system generates a public key by using at least printer position information indicating a position where a printer is installed, causes the print client to acquire the public key, and allows the print client to perform printing.
- the print data is encrypted using the obtained public key and transmitted as print transmission data generated.
- the printer that has received the print transmission data generates a secret key using at least the printer position information at that time when receiving the print transmission data.
- the printer When the print transmission data is decrypted with the secret key, the printer generates the secret key. Only printing is performed.
- FIG. 1 is a block diagram illustrating a hardware configuration of a printing system according to the present embodiment.
- the printing system includes print clients 20 and 22 connected to the network 10 and printers 30 and 32 also connected to the network 10.
- the network 10 is configured by the Internet using a TCP / IP (transmission control protocol / internet protocol).
- the mode of the network 10 is not limited to the Internet, and may be configured by, for example, a LAN such as an Ethernet network * or a mixture of the Internet and the LAN.
- the print clients 20 and 22 are composed of, for example, various computers called host computers and personal computers.
- the print clients 20 and 22 generate print transmission data obtained by encrypting the print data with the public key, and transmit the print transmission data to the printers 30 and 30 via the network 10.
- the number of print clients connected to the network 10 is arbitrary, and may be one or more.
- the print client is not limited to a computer, and may be, for example, a digital camera that needs to print a captured image, or a content server that stores print image data as content.
- the printers 30 and 32 are so-called network printers.
- the printers 30 and 32 receive print transmission data from the print client 20 and / or the print client 22 and include the print transmission data at least including printer position information.
- Passphrase and this A secret key is generated by using the random numbers held in the printers 30 and 32, and the print transmission data is decrypted with the secret key. If the print transmission data can be decrypted, printing based on the print transmission data is performed. If the print transmission data cannot be decrypted, printing based on the print transmission data is performed. Absent.
- the printers 30 and 32 are directly connected to the network 10, and each of the printers 30 and 32 has a unique network address. Therefore, the print clients 20 and 22 can transmit the print transmission data to the printer 30 or 32 by designating the network address.
- printers 30 and 32 are directly connected to the network 10 in FIG. 1, the printers 30 and 32 may be connected via a printer server. Also, the number of printers connected to the network 10 is arbitrary, and may be one or more.
- FIG. 2 is a block diagram for explaining the internal configuration of the printer 30.
- the internal configuration of the printer 32 is the same as that of the printer 30.
- the printer 30 includes a CPU (Central Processing Unit) 40, a RAM (Random Access Memory) 42, and a ROM (Read Only Memory) 44. These are connected to each other via an internal bus 46. Further, a communication interface 48 is connected to the internal bus 46, and the printer 30 is connected to the network 10 via the communication interface 48. Further, an interface 50 is connected to the internal bus 46, and a print engine 52 is connected to the interface 50.
- a CPU Central Processing Unit
- RAM Random Access Memory
- ROM Read Only Memory
- a position detecting section 54 is connected to the internal bus 46.
- the position detecting section 54 has a function of specifying the position where the printer 30 is installed.
- it is configured by a GPS (global positioning system), and the latitude, longitude, and altitude of the position where the printer 30 is installed can be specified.
- the accuracy of GPS is said to be about ⁇ 10 m for latitude, longitude and altitude.
- the position detecting section 54 is not limited to the configuration using the GPS.
- the printer 30 when the printer 30 is connected to the network 10 by wireless and AN, the printer 30 is accommodated.
- the position of the printer 30 may be specified based on the wireless base station in use.
- the position of the printer 30 may be specified using a mobile communication technology such as a PHS (Personal Handyphone System).
- a hard disk 58 is connected to the internal bus 46 via an interface 56.
- the hard disk 58 functions as a rewritable nonvolatile storage device.
- FIG. 3 is a block diagram for explaining the internal configuration of the print client 20.
- the internal configuration of the print client 22 is the same as that of the print client 20.
- the print client 20 includes a computer main body 60 and a display 62.
- the computer main body 60 includes a CPU 64, a RAM 66, and a ROM 68, which are connected to each other via an internal bus 70. Further, a communication interface 72 is connected to the internal bus 70, and a print client 20 is connected to the network 10 via the communication interface 72. ⁇
- an interface 74 is connected to the internal bus 70, and a hard disk 76 which is a mass storage device is connected to the interface 74.
- the hard disk 76 functions as a rewritable nonvolatile storage device.
- An interface 78 is connected to the internal bus 70, and the above-described display 62 is connected to the internal bus 70 via a cable 80 extending from the interface 78.
- the print client 20 obtains the public key of the printer 30 from the printer 30 in advance, for example.
- this public key It is performed via the network 10. That is, the printer 30 confirms whether or not the print client 20 that has requested the transmission of the public key has the right authority, and notifies the own public key only when the printer client 20 has the right authority.
- This public key is released by the printer 30 using a passphrase including at least printer position information indicating the position where the printer 30 is installed, and a random number generated and held by the printer 30.
- Generated by key cryptography That is, the printer 30 has a function of holding random numbers used by public key cryptography.
- the generated private key is destroyed. That is, in general public key cryptography, a public key and a secret key are generated at the same time. For this reason, in the present embodiment, even when a private key is generated when a public key is generated, the private key is destroyed. Thus, when the installation location of the printer 30 is moved, the data for print transmission encrypted with the public key generated before the movement is set so that it cannot be decrypted by the printer 30 after the movement. It is.
- the public key of the printer 30 need not necessarily be notified to the print client 20 via the network 10. For example, if the user of the print client 20 has a legitimate authority, the user can go to the place where the printer 30 is installed and operate the printer 30.
- the public key of the printer 30 may be obtained by operating the mouth panel. In this case, the user may record the public key of the printer 30 on a recording medium such as a flexible disk and have the print client 20 read this.
- the user of the print client 20 creates print data DO5, which is data to be printed, and designates the printer 30 to the print client 20 to perform printing. Instruct.
- the print client 20 encrypts the print data D O5 using the public key of the printer 30 acquired in advance, and generates print transmission data D 10.
- the print data D05 indicates the original print data necessary for performing printing by driving the print engine 52 by the printer 30.
- the print transmission data D10 may include data other than the print data D05 shown in FIG.
- the printer 30 that has received the print transmission data D10, as shown in FIG.
- the received print transmission data D 10 is temporarily stored in RAM 42.
- the printer 30 decrypts the encrypted print transmission data D10 using the secret key. That is, the printer 30 generates a secret key by public key cryptography using a passphrase including at least printer position information and a random number generated and held by the printer 30.
- the printer 30 determines whether or not the print transmission data D10 has been successfully decrypted. If the print transmission data D 10 can be decrypted, printing is performed based on the print data D 05 obtained by decoding the print transmission data D 10, and if the decryption cannot be performed, Printing is not performed. '
- FIG. 5 is a flowchart illustrating a public key request process executed by the print clients 20 and 22.
- This public key request process is a process realized by the CPU 64 reading and executing a public key request program stored in the ROM 68 or the hard disk 76 of the print client.
- the public key request process is started and executed when the user inputs an instruction to start a process for requesting a public key to the print client. In the following, the process will be described on the assumption that the print client 20 requests a public key from the printer 30.
- the print client 20 connects to the printer 30 (step S100).
- the print client 20 establishes a connection between the print client 20 and the printer 30 by designating the network address of the printer 30. Further, in the present embodiment, a connection between the print client 20 and the printer 30 is established after securing security by SSL (Secure Socket Layer) communication or the like.
- SSL Secure Socket Layer
- the print client 20 transmits the authentication information to the printer 30 (step S102).
- a print client is used as the authentication information. It uses a combination of a print client ID and password to specify the password. Therefore, the print client 20 transmits the print client ID and the password to the printer 30.
- the print client 20 receives an authentication result indicating whether the authentication has been accepted from the printer 30. Based on the authentication result, the print client 20 determines whether the printer 30 has been authenticated ( Step S104). If the authentication is not recognized (step S104: No), the above steps S102 to S102 are repeated.
- Step S104 if the authentication is approved (Step S104: Yes), the print client 20 sends a public key acquisition request to the printer 30 (Step S106). Then, it is determined whether or not the public key has been received from the printer 30 (step S108). If the public key has not been received from the printer 30 (step S108: No), this step S108 is repeated to wait.
- the print client 20 has a public key table TB10 provided on the hard disk 76, and the obtained public key is stored and held in the public key table TB10.
- FIG. 6 is a diagram showing an example of the configuration of the public key table TB10. As shown in FIG. 6, the public key table TB10 includes an item TD10 for storing information for identifying the printer, and an item TD11 for storing the obtained public key in association with the printer. ing. As described above, the public key table TB10 can hold public keys for a plurality of printers for each printer.
- FIG. 5 the print client 20 disconnects from the printer 30 (step S112).
- the public key request processing shown in FIG. 5 ends.
- FIG. FIGS. 7 and 8 are flowcharts for explaining the public key transmission processing executed by the printers 30 and 32.
- This public key transmission processing is realized by the CPU 40 reading and executing a public key transmission program stored in the ROM 44 or the hard disk 58 of the printer. The public key transmission process is started in response to the above-described public key request process.
- the printer 30 waits for a connection from the print client 20, and establishes a connection with the print client 20 when a connection is requested from the print client 20 (step S120). This corresponds to step S100 on the printing clients 1 and 20 described above. That is, the connection is established after securing the security by SSL communication or the like. Subsequently, the printer 30 determines whether authentication information has been received from the print client 20 (step S122). If the authentication information has not been received (step S122: No), the process of step S122 is repeated and the process stands by.
- step S122 when the authentication information is received from the print client 20 (step S122: Yes), it is determined whether the authentication information matches the authentication information registered in advance in the printer 30 (step S122). 1 24). Specifically, as described above, since the print client ID and password are transmitted as authentication information from the print client 20, the print client ID and password are stored in the print client ID registered in advance in the printer 30. And password match.
- step S124: No If the authentication information does not match (step S124: No), the printer 30 transmits an authentication result indicating that the authentication has not been accepted to the print client 20 (step S126), In step S154 of 8, the connection with the print client 20 is terminated. On the other hand, if the authentications match (step S124: Yes), the printer 30 notifies the print client 20 that the authentication is accepted. A B certificate result is transmitted (step S128).
- step S130 determines whether a public key acquisition request has been received from the print client 20 (step S130). If the public key acquisition request has not been received (step S130: No), the process of step S130 is repeated to wait.
- step S when a public key acquisition request is received from the print client 20 (step S
- the printer 30 acquires the device-specific information of the printer 30 (step S132).
- the device-specific information is identification information uniquely assigned to the printer 30, and includes, for example, a manufacturing serial number and a MAC address of the printer 30.
- the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S140).
- the printer position information is acquired from the position detection unit 54 each time when the printer 30 is moved to another place, the public key is obtained using the moved position information. This is to generate it.
- the printer 30 creates a passphrase using the device-specific information and the printer position information (step S142).
- the passphrase is created simply by connecting the printer position information to the device-specific information.
- the passphrase may include data other than the device-specific information and the printer position information.
- Step S144 the printer 30 determines whether or not the random number of the printer 30 is registered in advance.
- step 144 the printer 30 generates one random number and registers it in the hard disk 58 (step S146). That is, in the present embodiment, each printer generates a random number only once, registers it in the hard disk 58, and holds it. This random number is generated when the printer 30 performs the public key transmission process for the first time. Also, since the hard disk 58 stores the random numbers, it is stored in a nonvolatile manner even when the power of the printer 30 is turned off. Therefore, even if the power of the printer 30 is turned on again, the random number used so far is effectively held. Note that the generation of the random number of the printer 30 is not necessarily performed in the public key transmission process, but may be performed in another process. For example, when the printer 30 is shipped from the factory, it may be generated in advance, registered in the hard disk 58, and held.
- step S144 when the random number is stored in the hard disk 58 (step S144: Yes), the process of step S146 is bypassed.
- the printer 30 reads out and obtains the random number of the printer 30 from the hard disk 58 (step S148).
- the printer 30 generates a public key and a secret key by public key cryptography using the passphrase created in step S144 and the random number obtained in step S148. (Step S150).
- Public key cryptography has the property that if the passphrase and random number used are the same, the same is generated even if the public key and secret key are generated again.
- the printer 30 transmits only the public key of the generated public key and private key to the print client 20 (step S1522). The private key is destroyed without being saved.
- the printer 30 terminates the connection with the print client 20 (step S154).
- the public key transmission processing according to the present embodiment ends.
- FIG. 9 is a flowchart illustrating a print request process executed by the print clients 20 and 22.
- This print request processing is realized by the CPU 64 reading and executing a print request program stored in the ROM 68 or the hard disk 76 of the print client.
- the print request processing is started and executed when the user inputs a print instruction to the print client.
- the print client 20 creates print data D05 based on a user's print request (step S160).
- the print data DO5 is data necessary for actually performing printing when the printer 30 is a normal printer.
- the print client 20 reads the public key of the printer 30 from the public key table TB10 of the hard disk 76 (Step S162). Subsequently, the print client 20 encrypts the print data DO 5 using the public key of the printer 30 to generate print transmission data D 10 (step S 164).
- the print transmission data D10 may include data other than the print data.
- the print client 20 establishes a connection with the printer 30 (step S165). Subsequently, the print client 20 transmits the encrypted print transmission data D10 to the printer 30 (step S166). Specifically, the network address of the printer 30 is specified, and the print transmission data D10 is transmitted to the network 10.
- step S168 determines whether or not print result information has been received from the printer 30 (step S168). If the print result information has not been received (step S168: No), the process of step S168 is repeated and the process waits. On the other hand, if the print result information has been received (step S168: Yes), it is determined whether or not the print result information is a print completion notification (step S170).
- step S170 If the print result information is a print completion notification (step S170: Yes), it means that the printing has been completed normally by the printer 30, and the user has completed the printing with the printer 30. Is notified (step S172). On the other hand, if the received print result information is not a print completion notification (step S170: No), it is determined whether or not the print result information is a decipherable notification (step S174). If the print result information is a non-decipherable notification (step S174: Yes), the user is informed that printing was not performed because the printer 30 could not decode the print transmission data D10. Notify (step S176). On the other hand, if the print result information is not an indecipherable notification (step S 174: No), Since the error is considered to be an error, the user is notified according to the type of the error (step S178).
- the print client 20 disconnects from the printer 30 (step S 179). Thus, the print request processing in the print client 20 ends.
- FIG. 10 is a flowchart illustrating a print execution process executed by the printers 30 and 32.
- This print execution process is realized by the CPU 40 reading and executing a print execution program stored in the ROM 44 or the hard disk 58 of the printers 30 and 32.
- the print execution process is a process that is constantly executed at predetermined time intervals.
- the printer 30 is waiting for a connection from the print client 20, and when the print client 20 requests a connection, the printer 30 connects to the print client 20 via the network 10.
- Establish (Step S180). After the connection with the print client 20 is established, the printer 30 determines whether or not the print transmission data D10 has been received from the network 10 (step S181). If no print transmission data D10 has been received (step S181: No), the process of step S181 is repeated to wait.
- the printer 30 acquires its own device-specific information (step S182). Subsequently, the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S184). As described above, the printer position information is acquired from the position detection unit 54 each time. When the printer 30 is moved to another location, the printer 30 is placed in an unintended location. In such a case, the printer 30 prints. This is to prevent them from being touched.
- the printer 30 creates a passphrase based on the device-specific information and the printer position information (step S186).
- the method for creating this passphrase must be the same as that in step S142 in the public key transmission process described above. This is because, if the passphrase is different, the print transmission data encrypted with the public key transmitted to the print client cannot be decrypted with the private key.
- the printer 30 reads out and acquires the random number of the printer 30 registered and held in the above-described step S146 from the hard disk 58 (step S188). Subsequently, the printer 30 generates a public key and a secret key by public key cryptography using the generated passphrase and the obtained random number (step S190).
- the printer 30 If the printer 30 is not moved, the passphrase and the random number used in step S190 in the above-described public key transmission process are used as the passphrase and the random number used in step S190. Is the same. Therefore, the same public key and secret key as those generated in step S150 are generated. Subsequently, the printer 30 decrypts the received print transmission data D10 using the generated secret key, and obtains the print data D05 (Step S192).
- the printer 30 determines whether or not the print transmission data D10 has been successfully decrypted using the secret key (step S194). If the decryption is successful (step S194: Yes), printing is performed by driving the print engine 52 based on the obtained print data DO5 (step S196). Specifically, the language of print data DO 5 is interpreted, and print request data suitable for print engine 52 is generated. Then, by transmitting the print request data to the print engine 52, printing is performed on printing paper or the like by the print engine 52.
- a secret key is generated using a passphrase including at least the printer position information detected by the position detection unit 54 and a random number registered in the printer 30. If the print transmission data D10 can be decrypted with this secret key, it is determined that the print transmission data D10 matches the printer position information.
- step S 198 When this printing is completed normally, the printer 30 informs that printing has been completed normally. Is transmitted to the print client 20 as print result information (step S 198). -On the other hand, if it is determined in step S194 that the print transmission data D10 has not been decrypted (step S194: No), the indecipherable notification is used as the print result information. And sends it to the print client 20 (step S200). That is, in the present embodiment, a secret key is generated using a passphrase including at least the printer position information detected by the position detection unit 54 and a random number registered in the printer 30, and the secret key is used for printing and transmission. If the trust data D10 cannot be decrypted, it is determined that the print transmission data D10 did not match the printer position information.
- step S 198 or S 200 the printer 30 ends the connection with the print client 20 (step S 202). Then, the process returns to step S181.
- the print clients 20 and 22 send a printer capable of printing the encrypted print transmission data D10 based on the printer position information. Therefore, it is possible to prevent printing from being performed by a printer at a position not intended by the user of the print clients 20 and 22. For example, if the printer 30 has been moved to another location, but the network address of the printer 30 in the network 10 has not been changed, the print transmission data D 10 is erroneously transmitted from the print client 20. Even if the data is transmitted to the printer 30, the passphrase created in step S186 becomes different from that before the movement because the printer position information has been changed in the printer 30. For this reason, even if the secret chain generated using this passphrase is used, the print transmission data D10 cannot be decrypted, and the printer 30 does not perform printing. Therefore, the security of the print data DO5 can be enhanced.
- printers 30 and 32 as well, those who normally do not have the authority to print on these printers 30 and 32 send print data to these printers 30 and 32 and print a large amount of data. Can be prevented from being executed by the printers 30 and 32. For example, for some reason, the network address of the printer 30 However, even if the user tries to transmit the print transmission data D10 to the printer 30, the public key of the printer 30 cannot be obtained.
- the device specific information is also included in the passphrase, even if a third party knows the position of the printer 30 for some reason, the device specific information of the printer 30 cannot be determined. Without it, the passphrase used in Printer 30 cannot be identified. For this reason, it is extremely difficult for a third party to impersonate the printer 30 and receive the print transmission data D10, and to decrypt the print transmission data D10.
- a public key and a secret key are generated using a random number in addition to a passphrase. Therefore, a third party can impersonate the printer 30 and copy the print transmission data D10. Receiving and decoding the print transmission data D10 can be made even more difficult.
- This random number is generated for each printer, and the generated random number is stored in a rewritable nonvolatile storage device such as a hard disk, so the same random number used when the public key was generated is used. Can also be used to generate private keys. Therefore, a secret key capable of decrypting the print transmission data D10 encrypted with the public key generated using the random number can be generated again.
- a random number used by the printers 30 and 32 to generate a public key and a secret key is generated and held for each print client. Is made even more difficult. This will be described in more detail below.
- the configuration of the printing system according to this embodiment is the same as that of the first embodiment described above.
- the configuration of the printers 30 and 32 is the same as that of FIG. 2 described above, and the configuration of the print clients 20 and 22 is the same as that of FIG. 3 described above.
- the public key request processing executed by the print clients 20 and 22 according to the present embodiment is the same as in the above-described first embodiment.
- FIG. 11 is a flowchart illustrating a part of a public key transmission process executed by the printers 30 and 32 according to the present embodiment, and is a diagram corresponding to FIG. 8 in the first embodiment. is there.
- the public key transmission processing according to this embodiment is the same as the processing of the first embodiment described above up to the generation of the passphrase shown in step S142. Subsequent processing is different. That is, after completing the generation of the passphrase, the printer 30 determines whether or not the random number of the print client requesting the public key is registered in the printer 30 (step S300).
- FIG. 12 is a diagram illustrating an example of a configuration of a random number table TB 20 in which a random number is registered for each print client, which is held by the printer 30 according to the present embodiment.
- the random number table TB20 is stored and held in the hard disk 58.
- the random number table TB 20 includes a print client ID T D 20 and a random number T D 21 as data items.
- the print client ID 20 stores the print client ID as information for specifying the print client.
- the random number TD21 stores a random number corresponding to the print client IDTD20.
- a print client ID and a password are transmitted from the print clients 20 and 22 as identification information to the printer 30. . Therefore, in this step S300, it is determined whether or not the print client ID received from the print clients 20 and 22 is registered in the random number table TB20 and a random number is held.
- step S300 if the random number of the print client concerned is not registered in this printer 30 (step S300: No), the printer 30 One random number for the print client is generated and registered in the random number table TB20 (step S302). Specifically, the print client ID of the print client and the generated random number are registered in the random number table TB20.
- step S300 Yes
- the process of step S302 is bypassed.
- the printer 30 reads and obtains the random number of the print client that has requested transmission of the public key from the random number table TB20 (step S304).
- the printer 30 generates a public key and a secret key by public key cryptography using the passphrase created in step S142 and the random number acquired in step S304 (step S306).
- the printer 30 transmits only the public key of the generated public key and secret key to the print client 20 (step S152). The private key is destroyed without being saved.
- the printer 30 terminates the connection with the print client 20 (step S154).
- the public key transmission processing according to the present embodiment ends.
- FIG. 13 is a flowchart illustrating a print request process executed by the print clients 20 and 22 according to the present embodiment.
- the print request processing according to the present embodiment is different from the above-described first embodiment in the processing for generating print transmission data. That is, after reading the public key in step S162, the print client 20 encrypts the print data D05 using the public key (step S310).
- FIG. 14 is a diagram illustrating an example of a format of the print transmission data D20 according to the present embodiment.
- the print transmission data D20 according to the present embodiment includes the print data DO5 encrypted with the public key read in step S162 and the print data DO5 read in step S162. It is configured by adding a print client IDD15 that is not encrypted with a chain.
- the print client IDD 15 is not encrypted with the public key read out in step S 16 2 because the printer 30 holds a different random number for each print client. This is because a secret key cannot be generated unless 5 is specified. Therefore, the print client IDD 15 can be encrypted by another encryption method without using the public key read in step S 16 2.
- the print transmission data D20 may include data other than the print client ID D15 and the print data D05.
- the print client ID 15 is transmitted together with the print data DO 5, but the print client ID 15 may be transmitted separately from the print data D 05. In this case, if the association with the print data D05 is maintained, the print client ID D15 may be transmitted before or after the print data D05. .
- FIG. 15 is a flowchart illustrating a print execution process executed by the printers 30 and 32 according to the present embodiment.
- the print execution process according to the present embodiment differs from the first embodiment in the process of obtaining random numbers. That is, after generating the passphrase in step S186, the printer 30 extracts and acquires the print client ID D15 from the received print transmission data D20 (step S32). 0).
- the printer 30 searches the random number table TB 20 using the print client ID as a search key, reads the random number of the corresponding print client from the random number table TB 20, and acquires it (step S 32). 2). Subsequently, the printer 30 generates a public key and a secret key by public key cryptography using the passphrase generated in step S186 and the random number obtained in step S322 ( Step S 3 2 4).
- step S324 is the same as in the above-described first embodiment.
- the printing system according to the present embodiment also performs the first embodiment described above. The same effect as in the embodiment can be obtained.
- the printers 30 and 32 generate random numbers for each print client and hold the random numbers. Can be extremely difficult to do.
- a random number used by the printers 30 and 32 when generating the public key and the private key is generated and held for each user, so that a third party can estimate the random number. Is made even more difficult. The details are described below.
- the configuration of the printing system according to this embodiment is the same as that of FIG. 1 in the first embodiment described above, and the configuration of the printers 30 and 32 is the same as that of FIG. 2 described above.
- the configurations of 20 and 22 are the same as in FIG. 3 described above.
- FIG. 16 is a diagram showing a flowchart describing a part of a public key request process executed by the print clients 20 and 22 according to the present embodiment.
- FIG. 6 is a diagram corresponding to FIG.
- step S 1 the public key request processing according to the present embodiment is performed in step S 1
- step S104 Processing after the authentication is approved in 04 differs from the above-described first embodiment. That is, if the authentication is approved in step S104 (step S104: Yes), the print client 20 requests the user of the user requesting the public key.
- the user ID is input to the print client by operating the keyboard or the like by the user, and the input user ID is transmitted to the printer 30.
- step S402 determines whether a public key has been received from the printer 30 (step S402). If the public key has not been received from the printer 30 (step S402: No), the process repeats step S402 and waits.
- Step S402 when the public link is received from the printer 30 (Step S402: Yes) This public key is stored in (step S402).
- the print client 20 has a public key table TB30 for each printer on the hard disk 76, and the acquired printer position information is stored and held in the public key table TB30. Is done.
- FIG. 17 is a diagram showing an example of the configuration of the public key table TB30.
- a table is formed for each printer 30 and 32, and each table stores information for identifying a user. 30 and an item TD 31 for storing the obtained public key in association with each user.
- the public key table TB 30 can hold public keys for a plurality of users for each user and for each printer. Also, by storing the public key in the public key table TB 30 of the hard disk 78 in this way, even if the power of the print client 20 is turned off and then turned on again, the public key obtained before that is obtained. Can be read from the hard disk 78 as it is and used.
- the print client 20 disconnects from the printer 30 (step S406).
- the public key request processing shown in FIG. 16 ends.
- FIGS. 18 and 19 are flowcharts for explaining the public key transmission process executed by the printers 30 and 32, and correspond to FIGS. 7 and 8 in the first embodiment described above. I have.
- the printer 30 receives the user ID from the print client 20 together with the public key acquisition request. Different from form. That is, after transmitting the authentication result indicating that the authentication is accepted in step S128, the printer 30 determines whether the user ID and the public key acquisition request have been received (step S41). 0). If the user ID and the public key acquisition request are not received at least one of them is received (step S410: No), this step S411 is repeated to wait.
- step S 4 For 10: Yes the processing from step S132 is executed as in the first embodiment described above.
- the printer 30 according to the present embodiment is different from the above-described first and second embodiments in the process of acquiring random numbers. That is, after completing the generation of the passphrase, the printer 30 determines whether or not the random number of the user who has requested the public key is registered in the printer 30 and the print client 20 (Step S). 4 2 0).
- FIG. 20 is a diagram showing an example of a configuration of a random number table TB 40 in which a random number is registered for each user, which is held by the printer 30 according to the present embodiment.
- the random number table TB40 is formed for each print client.
- the random number table TB40 is stored and stored in the hard disk 58.
- the random number table TB 40 includes a user ID T D 40 and a random number T D 41 as data items.
- the user ID 40 stores the user ID as information for identifying the user.
- the random number TD41 stores a random number corresponding to the user IDTD40.
- the print client ID and password are transmitted from the print client 20 to the printer 30 as identification information. Further, as described in step S410, the user ID is transmitted from the print client 20. Therefore, in this step S300, the table of the print client 20 in the random number table TB40 can be specified based on the print client ID received from the print client 20. Then, based on the user ID received from the print client 20, it can be determined whether a random number corresponding to the user is registered in the table of the print client.
- step S420 if the corresponding print client has not registered the random number of the corresponding user in this printer 30 (step S420: No), the printer 30 performs this printing.
- One random number of the corresponding user in the client is generated and registered in the random number table TB40 (step S422). Specifically, the user ID and the generated random number are registered in the print client 20 table in the random number table TB40.
- step S420: Yes if the random number is registered in the printer 30 (step S420: Yes), the process of step S422 is bypassed.
- the printer 30 reads the random number of the user registered for the print client requesting the transmission of the public key from the random number table TB40 and obtains it (step S424).
- the printer 30 generates a public key and a secret key by public key cryptography using the passphrase created in step S142 and the random number acquired in step S424. (Step S 4 26). Then, as in the first and second embodiments described above, the printer 30 transmits only the public key of the generated public key and private key to the print client 20 (step S15). 2). Note that the private key is destroyed without being stored.
- the printer 30 terminates the connection with the print client 20 (step S154).
- the public key transmission processing according to the present embodiment ends.
- FIG. 21 is a flowchart illustrating a print request process executed by the print clients 20 and 22 according to the present embodiment.
- the print request processing according to the present embodiment differs from the above-described first and second embodiments in the processing for generating print transmission data. That is, in step S 162, after reading the public key of the user corresponding to the printer from the public key table TB 30, the print client 20 uses this public key to print data D 0 5 is encrypted (step S430). Next, the print client 20 adds its own print client ID and user ID to the encrypted print data D05 to generate print transmission data. (Step S432).
- FIG. 22 is a diagram showing an example of the format of the print transmission data D30 according to the present embodiment. As shown in FIG.
- the print transmission data D30 includes the print data D05 encrypted with the public key read in step S162 and the public key read in step S162. It is configured by adding a print client IDD 15 that is not encrypted by the user and a user IDD 25 that is also not encrypted by the public key read out in step S162.
- the reason that the print client IDD 15 and the user IDD 25 are not encrypted with the public key read out in step S162 is that the printer 30 uses a different random number for each print client and for each user. This is because the secret key cannot be generated unless the print client IDD 15 and the user IDD 25 can be specified. Therefore, without using the public key read in step S 162, the print client ID 15 and the user ID
- the print transmission data D30 may include data other than the print client IDD15, the user IDD25, and the print data D05.
- the print client IDD 15 and the user IDD 25 are transmitted together with the print data DO5, but the print client IDD 15 and the user IDD 25 are transmitted to the print data D05. May be transmitted separately. In this case, as long as the association with the print data D05 is maintained, the print client IDD15 and the user IDD25 may be transmitted before the print data D05 or may be transmitted later. Good. Further, the print client ID 15 and the user ID 25 may be transmitted separately or may be transmitted simultaneously.
- step S432 is the same as in the above-described first and second embodiments.
- FIG. 23 is a flowchart illustrating a print execution process executed by the printers 30 and 32 according to the present embodiment.
- the print execution process according to the present embodiment differs from the above-described first and second embodiments in the process of obtaining random numbers. That is, after generating the passphrase in step S186, the printer 30 extracts the print client IDD15 and the user IDD25 from the received print transmission data D20 and acquires them ( Step S440).
- the printer 30 searches the random number table TB40 using the obtained print client ID and user ID as search keys, and stores the random number of the user registered for the print client in question in the random number table. Read and acquire from TB40 (step S4442). Subsequently, the printer 30 uses the passphrase generated in step S186 and the random number obtained in step S444 to generate a public key and a secret key by public key cryptography (step S4 4 4).
- step S444 is the same as in the above-described first and second embodiments.
- the printing system according to the present embodiment can also achieve the same effects as those of the above-described first and second embodiments. Further, according to the printing system according to the present embodiment, the printers 30 and 32 generate random numbers for each user and hold the random numbers, so that a third party can guess the random numbers. Can be extremely difficult.
- Fourth EmbodimentA printing system generates a public key for each print job using a passphrase including at least printer position information indicating a position where a printer is installed. And sends it to the print client.
- the print client transmits print transmission data generated by encrypting the print job data using the public key.
- the printer receiving the print transmission data again generated a secret key using a passphrase including at least the printer position information at the time of reception, and was able to decrypt the print transmission data with the secret key.
- the printing is executed only in the case.
- public key cryptography random numbers are used when generating a public key and a secret key. The random number used to generate the public key to be sent to the printer is stored, and the same random number is used to generate the private key to decrypt the print transmission data. If is not changed, the same secret key can be obtained. This will be described in more detail below.
- the configuration of the printing system according to this embodiment is the same as that of FIG. 1 in the first embodiment described above, and the configuration of the printers 30 and 32 is the same as that of FIG. 2 described above.
- the configurations of 20 and 22 are the same as in FIG. 3 described above.
- the print client 20 obtains the public key of the printer 30 from the printer 30.
- this public key is obtained for each print job via the network 10. That is, the printer 30 checks whether or not the print client 20 that has requested the transmission of the public key has the right authority, and only when the printer client 20 has the right authority, the printer 30 prints its own public key. Send to 0.
- This public key is disclosed by the printer 30 using a passphrase including at least printer position information indicating the location where the printer 30 is installed, and a random number generated for each print job by the printer 30. Generated by key cryptography. The printer 30 holds the random number used to generate the public key.
- the generated private key is destroyed. That is, in general public key cryptography, a public key and a secret key are generated at the same time. For this reason, in the present embodiment, even when a private key is generated when a public key is generated, the private key is destroyed. As a result, the possibility that the secret key generated by the printer 30 is leaked is reduced as much as possible.
- the user of the print client 20 creates print job data D 05 including data necessary for performing printing on the printer 30, and Specify printer 30 for 0 and instruct printing.
- the print client 20 encrypts the print job data DO5 using the public key of the printer 30 previously obtained, and generates print transmission data D10.
- the print transmission data D 10 is data other than the print job data D 05 shown in FIG. May be included.
- the printer 30 that has received the print transmission data D 10 temporarily stores the received print transmission data D 10 in the RAM 42 as shown in FIG. Then, the printer 30 decrypts the encrypted print transmission data D10 using the secret key. That is, the printer 30 generates a secret key by public key cryptography using a passphrase including at least printer position information and a random number generated and held by the printer 30. Then, the print transmission data D 10 is decrypted with the secret key.
- the printer 30 determines whether or not the print transmission data D10 has been successfully decrypted. If the print transmission data D10 can be decrypted, printing is performed based on the print job data D05 obtained by decrypting the print transmission data D10. Does not print. Subsequently, the printer 30 deletes the held random number.
- FIGS. 24 and 25 are flowcharts illustrating the print request processing executed by the print clients 20 and 22.
- This print request process is a process realized by the CPU 64 reading and executing a print request program stored in the ROM 68 or the hard disk 76 of the print client.
- the print request process is started and executed when the user inputs an instruction to the print clients 20 and 22 to execute printing.
- the processing will be described on the assumption that the print client 20 requests the printer 30 to perform printing.
- the print client 20 transmits a connection request to the printer 30 via the network 10 (step S110). Then, a connection between the print client 20 and the printer 30 is established (step S1102).
- SSL Secure Socket Layer
- the security of the print client is ensured by SSL (Secure Socket Layer) communication or the like. Establish a connection between 20 and printer 30.
- the print client 20 transmits the authentication information to the printer 30 (step S1104).
- a combination of a print client ID for specifying a print client and a password is used as the authentication information. Therefore, the print client 20 transmits the print client ID and the password to the printer 30.
- the print client 20 receives an authentication result from the printer 30 indicating whether or not the authentication has been accepted.
- step S1106 It is determined whether the authentication has been approved in 30 (step S1106). If the authentication is not approved (step S1106: No), the above steps S1104 to S104 are repeated.
- Step S1106 if the authentication is approved (Step S1106: Yes), the print client 20 sends a public key acquisition request to the printer 30 (Step S1108). Then, it is determined whether or not the public key has been received from the printer 30 (step S110). If the public key has not been received from the printer 30 (step S1110: No), this step S110 is repeated to wait.
- step S111 when the public key is received from the printer 30 (step S111: Yes), the public key is stored (step S111).
- the print client 20 temporarily stores and holds the public key in the RAM 66 (see FIG. 3). By storing the public key in the RAM 66 in this way, when the power of the print client 20 is turned off, the public key is automatically erased, so that the confidentiality of the public key can be enhanced. It is like that.
- the printer 30 releases the connection with the printer (step S111). That is, the connection established between the print client 20 and the printer 30 is released while security is secured by SSL communication or the like. The release of this connection is not always necessary, but the print transmission data D10 transmitted in step S112 described later is separately encrypted with the public key, and the security of the connection itself is further processed in the subsequent processing. Since it is not necessary to secure the connection, the connection is released in this embodiment.
- the print client 20 creates print job data DO5 based on the user's print request (step S11120). This print job data DO 5 is unencrypted data required to execute printing with the printer 30.
- the print client 20 reads the public key stored in step S111 from the RAM 66 (step S112). Subsequently, the print client 20 encrypts the print job data DO5 using the public key to generate print transmission data D10 (step S1124). Note that the print transmission data D10 may include data other than the print job data.
- the print client 20 newly establishes a connection with the printer 30 (step S112).
- this connection does not necessarily have to be a secure connection.
- the print client 20 transmits the encrypted print transmission data D10 to the printer 30 (Step S112). Specifically, the network address of the printer 30 is designated, and the print transmission data D 10 is transmitted to the network 10.
- step S112 determines whether or not print result information has been received from the printer 30 (step S112). If the print result information has not been received (step S112: No), the process of step S112 is repeated and the process stands by. On the other hand, if the print result information is received (step S112: Yes), it is determined whether the print result information is a print completion notification (step S11130).
- step S1130 If the print result information is a print completion notification (step S1130: Yes), it means that the printing has been completed normally on the printer 30, and the user is informed that the printing has been completed on the printer 30. Is notified (step S1 132). On the other hand, if the received print result information is not a print completion notification (step S1130: No), it is determined whether or not the print result information is a non-decipherable notification (step S1134).
- step S1134 If the print result information is an indecipherable notice (step S1134: Yes), The user is notified that printing was not performed because the print transmission data D10 could not be decrypted by the printer 30 (step S113). On the other hand, if the print result information is not an indecipherable notification (step S1134: No), it is considered to be some other error, and the user is notified according to the type of the error. (Step S 1 1 38).
- step S113 After the notification of step S1132, step S113, and step S118, the print client 20 deletes the public key stored in the RAM 66 in step S111 (step S1123). 140).
- the process of step S 1140 is not always necessary, but in order to improve the confidentiality of the public key, in the present embodiment, the process is performed every time one print job is completed. The public key is to be deleted.
- the print client 20 releases the connection with the printer 30 (step S1142).
- the print request processing in the print client 20 ends.
- FIGS. 26 to 28 are flowcharts for explaining the print execution processing executed by the printers 30 and 32.
- This print execution process is a process realized by the CPU 40 reading and executing a print execution program stored in the ROM 44 or the hard disk 58 of the printer.
- the print execution process is a process that is constantly executed at predetermined time intervals.
- the printer 30 determines whether or not a connection request has been received from the print client 20 via the network 10 (step S1200). If a connection request has not been received from the print client 20 (step S 1200: No), the process of step S 1200 is repeated and the process waits. On the other hand, when a connection request is received from the print client 20 (step S 1200: Yes), security is secured by SSL communication or the like as described above. Above, a connection between the printer 30 and the print client 20 is established (step S1202).
- step S1204 determines whether authentication information has been received from the print client 20 (step S1204). If the authentication information has not been received (step S1204: No), the process of step S1204 is repeated to wait.
- Step S 1 20 4 Ye s
- the authentication information to determine if it matches the pre-registered to Aru credentials to the printer 30 (Step S1206).
- the print client ID and password are transmitted from the print client 20 as authentication information
- the print client ID and password are registered in the hard disk 58 and the like of the printer 30 in advance. Print client ID and password.
- step S1206 If the authentication information does not match (step S1206: No), the printer 30 sends an authentication result indicating that the authentication has not been accepted to the print client 20 (step S1208) and returns to step S1208. It returns to the process of 1204. On the other hand, if the authentications match (step S1206: Yes), the printer 30 transmits an authentication result indicating that the authentication has been accepted to the print client 20 (step S1 210).
- step S1212 determines whether a public key acquisition request has been received from the print client 20 (step S1212). If the public key acquisition request has not been received (step S1212: No), the process of step S1222 is repeated and the process stands by.
- the printer 30 acquires device-specific information of the printer 30 (step S1224).
- the device-specific information is identification information uniquely assigned to the printer 30 and includes, for example, a manufacturing serial number and a MAC address of the printer 30.
- the printer 30 sends the Then, the printer position information of the printer 30 is obtained (step S1220). As described above, the printer position information is acquired from the position detection unit 54 each time. When the printer 30 is moved to another location, the printer 30 is disclosed using the position information after the movement. This is to generate a key.
- the printer 30 creates a passphrase using the device-specific information and the printer position information (step S1222).
- the passphrase is generated simply by connecting the printer position information to the device-specific information.
- the passphrase may include data other than the device-specific information and the printer position information.
- the printer 30 generates one random number and stores it in the printer 30 (step S1224).
- the generated random numbers are stored in RAM 42 (see FIG. 2).
- the random numbers are automatically erased, thereby increasing the confidentiality of the public key and the secret key. You can do it.
- the printer 30 uses the passphrase created in step S1222 and the random number generated in step S1222 to perform public key cryptography to determine the public key and the secret key. Is generated (step S 1 2 2 6).
- Public key cryptography has the property that if the passphrase and random number used are the same, the same is generated even if the public key and secret key are generated again.
- the printer 30 transmits only the public key of the generated public key and private key to the print client 20 (step S122). The private key is destroyed without being saved.
- step S1230 This process is a process corresponding to step S111 of the print request process described above.
- the processing in step S 1 230 is not necessarily required.
- the printer 30 determines whether a connection request has been received from the print client 20 via the network 10 (step S1232). When a connection request has not been received from the print client 20 (step S1232: No) Repeats the process of step S 1232 and waits. On the other hand, when a connection request is received from the print client 20 (step S1232: Yes), a connection between the printer 30 and the print client 20 is established (step S1234). This connection does not have to be secured. Next, the printer 30 determines whether or not the print transmission data D10 has been received from the network 10 (step S1236). If no print transmission data D10 has been received (step S1236: No), the process of this step S1236 is repeated to wait. On the other hand, when the print transmission data D10 has been received (step S1236: Yes), the printer 30 acquires its own device-specific information (step S1238).
- the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S1240).
- the printer position information is acquired from the position detection unit 54 each time, when the printer 30 is moved to another place, the position information after the movement is used. This is to generate a secret key.
- the printer 30 creates a passphrase based on the device-specific information and the printer position information (step S1242).
- the method of creating this passphrase needs to be the same method as in step S1222 described above. This is because if the passphrase is different, the print transmission data D10 encrypted with the public key transmitted to the print client cannot be decrypted with the private key.
- the printer 30 reads out and obtains the random number of the printer 30 generated in step S1224 and stored in the RAM 42 (step S1244). Subsequently, the printer 30 uses the generated passphrase and the obtained random number to generate a public key and a secret key by public key cryptography (step S1246).
- the passphrase used in step S1246 is the same as the passphrase used in step S1226 described above, unless the installation position of printer 30 has been moved during that time. Also, the random numbers are the same as in step S 1226 described above. Therefore, the same public key and secret key as those generated in step S1226 are generated. Subsequently, the printer 30 uses the generated private key to The credit data D10 is decrypted (step S1248).
- the printer 30 determines whether or not the print transmission data D10 has been decrypted using the secret key (step S1250). If the decryption is successful (step S1250: Yes), printing is performed by driving the printing engine 52 based on the obtained print job data DO5 (step S1252). Specifically, the language interpretation of the print job data D05 is performed, and print request data suitable for the print engine 52 is generated. Then, by transmitting the print request data to the print engine 52, the print engine 52 performs printing on printing paper or the like.
- a secret key is generated using a passphrase including at least the printer position information detected by the position detection unit 54 and a random number held in the RAM 42, and this secret key is generated. If the print transmission data D10 can be decrypted with the key, it is determined that the print transmission data D10 matches the printer position information.
- the printer 30 sends a print completion notice to the effect that the printing has been completed to the print client 20 as print result information (step S1254).
- step S1250 determines whether the print transmission data D10 could not be decrypted (step S1250: No)
- the print client 20 sends the indecipherable notification as print result information to the print client 20.
- Send it step S1256-). That is, in the present embodiment, a secret key is generated using a passphrase including at least the printer position information detected by the position detection unit 54 and a random number held in the RAM 42, and the print transmission data is generated using the secret key. If D10 cannot be decrypted, it is determined that the print transmission data D10 did not match the printer position information.
- the printer 30 deletes the random number held in the RAM 42 (step S1258).
- the process of deleting random numbers from RA M42 is not always necessary, but the confidentiality of random numbers can be increased by deleting random numbers from RAM 42 each time processing for one print job is completed. .
- the printer 30 releases the connection with the print client 20 (step S 1 260). Then, the process returns to the process of step S120 ° in FIG. 26 described above.
- the printers 30 and 32 generate a public key and a secret key using a different random number for each print job by public key cryptography, and Since the public key is transmitted to 20 and 22, the security of the public key and the private key can be enhanced.
- the security of the secret key can be improved. Also, since the random numbers are stored, when the print transmission data D 10 encrypted using the public key is decrypted, the stored random numbers are used to release the data again. The same secret key can be generated by key cryptography, and the print transmission data D10 can be decrypted.
- the printers 30 and 32 if the print transmission data D10 cannot be decrypted with the secret key, the printing of the received print transmission data D10 is not executed. It is possible to prevent a third party having an unauthorized intention from performing printing on the printers 30 and 32.
- the printing system generates a public key using at least printer position information indicating a position where a printer is installed, causes the print client to acquire the public key, and allows the print client to perform printing.
- the print data is encrypted using the obtained public key and transmitted as print transmission data including encrypted print data generated.
- the printer that has received the print transmission data generates a secret key again using at least the printer position information at that time at the time of reception, and uses the secret key to generate the encrypted print data included in the print transmission data. Printing is executed only when data can be decrypted.
- a random number is used when generating a public key and a secret key.
- the random number used for generating the public key is transmitted to the print client, and the print client To keep random numbers. Then, when the print client transmits the encrypted print data to the printer, the random number is also included in the print transmission data and transmitted to the printer, and the printer that has received the print transmission data includes the random number in the print transmission data.
- the secret key is generated again by using the random number. This ensures that the random number used to generate the public key is the same as the random number used to generate the secret chain for decrypting the encrypted print data. In this case, the same secret key can be obtained. This will be described in more detail below.
- the configuration of the printing system according to this embodiment is the same as that of FIG. 1 in the first embodiment described above, and the configuration of the printers 30 and 32 is the same as that of FIG. 2 described above.
- the configurations of 20 and 22 are the same as in FIG. 3 described above.
- the print client 20 previously obtains, for example, the public key of the printer 30 and the random number used to generate the public key from the printer 30.
- the acquisition of the public key and the random number is performed via the network 10. That is, the printer 30 checks whether the print client 20 that has requested the transmission of the public key and the random number has the proper authority, and only if the print client 20 has the proper authority, the printer 30 uses its own public key. And the random number used to generate this public key.
- This open key is generated by the printer 30 by a public key cryptography using a passphrase including at least the printer position information indicating the position where the printer 30 is installed and the generated random number.
- the print client 20 has a function of holding a public key and a random number used to generate the public key by public key cryptography.
- the printer 30 discards the generated secret key. That is, in general public key cryptography, a public key and a secret key are generated simultaneously. For this reason, in the present embodiment, even when a private key is generated when a public key is generated, the private key is destroyed. As a result, when the installation location of the printer 30 is moved, the encrypted print data generated by encrypting with the public key generated before the movement cannot be decrypted by the printer 30 after the movement. Like that It is.
- the public key of the printer 30 and the used random number need not always be notified to the print client 20 via the network 10.
- the user of the print client 20 has the right authority, the user can go to the place where the printer 30 is installed and operate the printer 30.
- the public key of the printer 30 and the used random number may be obtained.
- the user may record the public key of the printer 30 and the used random number on a recording medium such as a flexible disk, and cause the printing client 20 to read this.
- the user of the print client 20 creates data to be printed, specifies the printer 30 to the print client 20, and instructs the print client 20 to print.
- the print client 20 generates print data DO5 based on the data to be printed.
- the print data DO 5 indicates the original print data necessary for performing printing by driving the print engine 52 by the printer 30.
- the print client 20 encrypts the print data DO5 using the public key obtained from the printer 30, and generates encrypted print data. Then, the print client 20 adds the random number acquired from the printer 30 to the encrypted print data to generate print transmission data D10.
- the print transmission data D 10 may include data other than the encrypted print data and random numbers shown in FIG. 29.
- the printer 30 that has received the print transmission data D 10 temporarily stores the received print transmission data D 10 in the RAM 42 as shown in FIG. Then, the printer 30 decrypts the encrypted print data included in the print transmission data D10 using the secret key. That is, the printer 30 generates a secret key by the public key cryptography using the passphrase including at least the printer position information and the random number included in the print transmission data D10.
- FIG. 30 is a flowchart illustrating a public key request process executed by the print clients 20 and 22.
- the public key request processing is realized by the CPU 64 reading and executing a public key request program stored in the ROM 6.8 or the hard disk 76 of the print client.
- the public key request processing is started and executed when the user inputs an instruction to start processing for requesting a public key to the print client.
- the process will be described on the assumption that the print client 20 requests a public key from the printer 30.
- the print client 20 connects to the printer 30 (step S210).
- the print client 20 establishes a connection between the print client 20 and the printer 3 by designating the network address of the printer 30. Further, in the present embodiment, the connection between the print client 20 and the printer 30 is established after securing security by SSL (Secure Socket Layer) communication or the like.
- SSL Secure Socket Layer
- the print client 20 transmits the authentication information to the printer 30 (step S2102).
- a combination of a print client ID for specifying a print client and a password is used as the authentication information. Therefore, the print client 20 transmits the print client ID and the password to the printer 30.
- the print client 20 receives an authentication result from the printer 30 indicating whether or not the authentication has been accepted.
- step S210 It is determined whether or not the authentication has been approved in step 30 (step S210). If the authentication is not approved (step S210: No), the above-mentioned steps S2102 and thereafter are repeated.
- step S210 if the authentication is approved (step S210: Yes), the printing The client 20 sends a public key acquisition request to the printer 30 (step S2106). Then, it is determined whether the public key and the random number used for generating the public key have been received from the printer 30 (step S2108). If the public key and the random number have not been received from the printer 30 (step S2108: No), this step S2108 is repeated to wait.
- the print client 20 has a public key table TB 210 on the hard disk 76, and the acquired public key and random number are stored and held in the public key table TB 210.
- FIG. 31 is a diagram showing an example of the configuration of the public key table TB 210.
- the public key table TB 210 includes an item TD 10 for storing information for identifying a printer, an item TD 11 for storing the obtained public key in association with the printer, An item TD12 for storing the obtained random numbers in association with the printer is provided.
- the public key table TB 210 can hold public and random numbers for a plurality of printers for each printer. Also, by storing the public key and the random number in the public key table TB 210 of the hard disk 78 in this way, even if the power of the print client 20 is turned off and then turned on again, the public key and the public key obtained before that are obtained. The random number can be read out from the hard disk 78 and used as it is.
- FIGS. 32 and 33 are flowcharts illustrating a public key transmission process performed by the printers 30 and 32.
- This public key transmission processing is realized by the CPU 40 reading and executing a public key transmission program stored in the ROM 44 or the hard disk 58 of the printer.
- the public key transmission process is started in response to the above-described public key request process.
- the description will be made on the assumption that a public key is requested from the print client 20 and the printer 30.
- the printer 30 establishes a connection with the print client 20 (step S2120). This corresponds to step S2100 of the print client 20 described above. That is, the connection is established after ensuring security by SSL communication or the like. Subsequently, the printer 30 determines whether authentication information has been received from the print client 20 (step S2122). If the authentication information has not been received (step S2122: No), the process of step S2122 is repeated and the process stands by.
- step S21 2 when the authentication information is received from the print client 20 (step S21 2
- step S2124 it is determined whether the authentication information matches the authentication information registered in advance in the printer 30. Specifically, as described above, since the print client ID and password are transmitted as authentication information from the print client 20, the print client ID and password are registered in the printer 30 in advance. Judge whether the ID and password match.
- step S2124 No
- step S2126 the printer 30 transmits the authentication result indicating that the authentication has not been accepted to the print client 20 (step S2126), and returns to the process of step S2122.
- step S2124 Yes
- the printer 30 transmits an authentication result indicating that the authentication has been accepted to the print client 20 (step S21).
- step S2130 determines whether a public key acquisition request has been received from the print client 20 (step S2130). If this public key acquisition request has not been received (step S2130: No), the process of step S2130 is repeated and the process stands by.
- the printer 30 acquires the device-specific information of the printer 30 (step S2132).
- the device-specific information is the printer 3 Regarding 0, it is identification information uniquely assigned, for example, a production serial number of the printer 30, a MAC address, and the like.
- the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S2140). As described above, the printer position information is acquired from the position detection unit 54 each time. When the printer 30 is moved to another location, the printer 30 is disclosed using the position information after the movement. This is to generate a key.
- the printer 30 creates a passphrase using the device-specific information and the printer position information (step S2142).
- the passphrase is generated simply by connecting the printer position information to the device-specific information.
- the passphrase may include data other than the device-specific information and the printer position information.
- the printer 30 generates a random number (step S2144). Subsequently, the printer 30 uses the passphrase created in step S2124 and the random number generated in step S2144 to derive a public key and a secret key by public key cryptography. It is generated (step S2146). Public key cryptography has the property that if the passphrase used and the random number are the same, the same is generated even if the public key and secret key are generated again. Subsequently, the printer 30 transmits the public key of the generated public key and private key, and the random number used to generate the public key and the secret key to the print client 20 (step S2). 1 4 8). The private key is destroyed without being saved. Thus, the public key transmission processing according to the present embodiment ends. Next, the processing of the print clients 20 and 22 and the printers 30 and 32 when the print clients 20 and 22 want to perform printing and transmit the print request to the printers 30 and 32, respectively. , explain in detail.
- FIG. 34 is a flowchart illustrating a print request process executed by the print clients 20 and 22.
- This print request processing is realized by the CPU 64 reading and executing a print request program stored in the ROM 68 or the hard disk 76 of the print client.
- the print request process is started and executed when the user inputs a print instruction to the print client.
- the print client 20 creates print data DO5 based on a print request from the user (step S2160).
- the print data D05 is data necessary for actually performing printing when the printer 30 is a normal printer.
- the print client 20 reads the public key of the printer 30 and the random number used to generate the public key from the public key table TB 210 on the hard disk 76 (step S2162). Subsequently, the print client 20 encrypts the print data D05 using the public key of the printer 30, and generates encrypted print data (step S2164).
- the print client 20 adds the random number read in step S2162 to the generated encrypted print data to generate print transmission data D10 (step S2165).
- the print transmission data D 10 may include data other than the print data and the random number.
- the print client 20 transmits the generated print transmission data D10 to the printer 30 (step S2166). Specifically, the network address of the printer 30 is specified, and the print transmission data D10 is transmitted to the network 10.
- the print client 20 determines whether or not print result information has been received from the printer 30 (step S2168). When print result information has not been received
- Step S2168 No
- the process of Step S2168 is repeated and the process stands by.
- step S2168: Yes it is determined whether the print result information is a print completion notification (step S2170).
- step S2170 If the print result information is a print completion notification (step S2170: Yes), it means that the printing has been normally completed by the printer 30, so that the user is notified. The printer 30 is notified that printing has been completed (step S2172). On the other hand, if the received print result information is not a print completion notification (step S2170: No), it is determined whether or not the print result information is a decipherable notification (step S2174).
- step S2174 If the print result information is a non-decipherable notification (step S2174 : Yes), the user is notified that printing was not performed because the print transmission data D10 could not be decrypted by the printer 30. (Step S2176). On the other hand, if the print result information is not an indecipherable notification (step S2174: No), it is considered to be some other error, and the user is notified according to the type of the error ( Step S21 78).
- FIG. 35 is a flowchart for explaining the print execution processing executed by the printers 30 and 32.
- This print execution process is realized by the CPU 40 reading and executing a print execution program stored in the ROM 44 or the hard disk 58 of the printers 30 and 32.
- the print execution process is a process that is constantly executed at predetermined time intervals.
- the printer 30 determines whether the print transmission data D10 has been received from the network 10 (step S2180). If no print transmission data D10 has been received (step S2180: No), the process of step S2180 is repeated to wait.
- step S2180 if the print transmission data D10 has been received (step S2180: Yes), the printer 30 acquires its own device-specific information (step S2182). Subsequently, the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S2184). Like this Each time the printer 30 is moved to another location, the printer 30 is installed in a location not intended by the user. In such a case, printing is not performed by the printer 30.
- the printer 30 creates a pass phrase based on the device-specific information and the printer position information (step S2186).
- This passphrase creation method needs to be the same method as in step S2142 in the above-described public key transmission process. The reason is that if the passphrase is different, the encrypted print data encrypted with the public key transmitted to the print client cannot be decrypted with the private key. ⁇
- the printer 30 obtains a random number included in the print transmission data D10 (step S2188). Subsequently, the printer 30 uses the generated passphrase and the obtained random number to generate a public key and a secret key by the public key ⁇ method (step S2190).
- the passphrase used in step S2190 is the same as the passphrase used in step S2146 in the above-described public key transmission process unless the installation position of printer 30 has been moved.
- the random numbers used in step S2190 should be the same as the random numbers used in step S2146. Therefore, the same public key and secret key as those generated in step S2146 are generated.
- the printer 30 uses the generated secret key to decrypt the encrypted print data included in the print transmission data D10, and obtains the print data D05 (step S2192). .
- the printer 30 determines whether or not the encrypted print data has been decrypted using the secret key (step S2194). If the decryption is successful (step S2194: Yes), printing is performed by driving the print engine 52 based on the obtained print data D05 (step S2196). Specifically, the language of print data DO 5 is interpreted, and print request data suitable for print engine 52 is generated. By transmitting the print request data to the print engine 52,
- the position is detected by the position detecting unit 54.
- a secret key is generated using a passphrase including at least the printer position information and a random number transmitted along with the encrypted print data, and if the encrypted print data can be decrypted with this secret key, It is determined that the encrypted print data matches the printer position information.
- the printer 30 transmits a print completion notification to the effect that the printing has been completed to the print client 20 as print result information (step S2198). Then, the process returns to step S2180 described above.
- step S2194 determines whether the encrypted print data has not been decrypted (step S2194: No).
- the incomprehensible notification is given as the print result information.
- the data is sent to the print client 20 (step S2200). That is, in the present embodiment, a secret key is generated using a passphrase including at least the printer position information detected by the f-standing detector 54 and a random number transmitted along with the encrypted print data, If the encrypted print data cannot be decrypted with this secret key, it is determined that the encrypted print data did not match the printer position information. Then, the process returns to step S2180 described above.
- the print clients 20 and 22 limit the printers that can print the encrypted and transmitted encrypted print data based on the printer position information. Therefore, it is possible to prevent printing from being performed by a printer at a position not intended by the user of the print clients 20 and 22. For example, if the printer 30 is moved to another location, but the network address of the printer 30 in the network 10 has not been changed, the print client 20 erroneously prints the encrypted print data. Even if the transmission data D10 is transmitted to the printer 30, the printer location information has been changed in the printer 30, so the passphrase created in step S2186 is different from that before the movement. Will be different. For this reason, even if a secret key generated using this passphrase is used, the encrypted print data included in the print transmission data D10 cannot be decrypted, and the printer 30 does not perform printing. . Therefore, the security of the print data DO5 can be enhanced.
- the printers 30 and 32 normally have the printers 30 and 3 as well. It is possible to prevent a person who does not have the authority to print on the printer 2 from sending print data to the printers 30 and 32 and causing the printers 30 and 32 to execute a large amount of printing. For example, if for some reason a third party knows the network address of the printer 30 and tries to send print data to the printer 30, the public key of the printer 30 cannot be obtained. If this user encrypts the print data D05 with a different public key, it generates print transmission data D10 containing encrypted print data, or print transmission data D10 containing unencrypted print data.
- the device specific information is also included in the passphrase, even if a third party knows the position of the printer 30 for some reason, the device specific information of the printer 30 cannot be determined. Without it, the passphrase used in Printer 30 cannot be identified. Therefore, it is extremely difficult for a third party to impersonate the printer 30 and receive the print transmission data D 10, and to decrypt the encrypted print data included in the print transmission data D 10. It can be made something.
- this random number is generated for each print client 20, 22, and each print client 20, 22 can rewrite the random number with a public key on a hard disk or other non-volatile storage device. It was decided to keep it. Then, the print clients 20 and 22 transmit the random numbers to the printers 30 and 32 together with the encrypted print data obtained by encrypting the print data. The same random number used when generating the public key can be used when generating the secret key. For this reason, a secret key capable of decrypting the encrypted print data encrypted with the public key generated using the random number can be generated again.
- the print clients 20 and 22 are provided for each printer and A public key and a random number used to generate the public key are stored for each user. This makes it more difficult for a third party to guess the random number. This will be described in more detail below.
- the configuration of the printing system according to this embodiment is the same as that of FIG. 1 in the first embodiment described above, and the configuration of the printers 30 and 32 is the same as that of FIG. 2 described above.
- the configurations of 20 and 22 are the same as in FIG. 3 described above.
- the public key transmission process and the print execution process executed by the printers 30 and 32 according to the present embodiment are the same as those in the fifth embodiment.
- FIG. 36 is a diagram illustrating a flowchart for explaining a part of the public key request processing executed by the print clients 20 and 22 according to the present embodiment, and corresponds to FIG. 30 in the fifth embodiment described above.
- FIG. 36 is a diagram illustrating a flowchart for explaining a part of the public key request processing executed by the print clients 20 and 22 according to the present embodiment, and corresponds to FIG. 30 in the fifth embodiment described above.
- the public key request processing according to the present embodiment is the same as the processing of the above-described fifth embodiment up to the processing of receiving the public key and the random number shown in step S2108.
- the processing in the next step S2300 is different. That is, when the print client 20 according to the present embodiment receives the public key and the random number (Step S210: Yes), the print client 20 transmits the public key and the random number to each printer and to the user. Each is classified and stored in the public key table TB220.
- FIG. 37 is a diagram illustrating an example of the public key table TB220 according to the present embodiment.
- the public key table TB 220 in the present embodiment has a user ID as a data item in addition to the public key table TB 210 in the fifth embodiment described above.
- Item TD 20 to be stored is provided. That is, in the present embodiment, the print client 20 stores a public key and a random number for each user ID.
- the public key table TB220 of the present embodiment a table is formed for each printer. Thus, even if the same user ID is used, different printers can hold different public keys and random numbers.
- the public key request processing ends.
- FIG. 38 is a flowchart for describing a print request process executed by the print clients 20 and 22 according to the present embodiment.
- the print request processing according to the present embodiment is different from the above-described fifth embodiment in the processing of reading a public key and a random number. That is, after generating the print data D05 in step S2160, the print client 20 acquires the user ID (step S2310). That is, the user ID of the user who instructed the printer 30 to perform printing is acquired. For example, the user ID may be required to be input to the user when the print client 20 receives a print instruction, or may be authenticated when the print client 20 is used by the user. The user may be required to input.
- the print client 20 reads the public key and the random number stored in the table of the printer requesting printing from the public key table TB 220 in FIG. 37 (step S 2 3 1 2). That is, in the public key table TB 220 of the present embodiment, since a table is configured for each printer, the table of the printer that prints the print data D 05 generated in step S 216 is described. Reads the public key and random number registered with this user ID. Subsequent processing is the same as in the above-described fifth embodiment.
- the printing system according to the present embodiment can also obtain the same effects as those of the above-described fifth embodiment. Further, according to the printing system according to the present embodiment, the print clients 20 and 22 store the public key and the random number for each printer and for each user, so that a third party can guess the random number. Can be very difficult to do.
- a printing system generates a random number for each print job, and uses the generated random number and a passphrase including at least printer position information indicating a position where a printer is installed.
- To generate a public key and transmit the public key and a random number from the printer to the print client.
- the print client encrypts the print job data using the public key to generate encrypted print job data
- a random number transmitted from the printer is added to the encrypted print job data to generate print transmission data.
- the print client transmits the print transmission data to the printer.
- the printer Upon receiving the print transmission data, the printer generates a secret key again using the passphrase including at least the printer position information at that time and the random number included in the print transmission data.
- the printing is executed only when the encrypted print job data can be decrypted with the secret key. This will be described in more detail below.
- the configuration of the printing system according to this embodiment is the same as that of FIG. 1 in the first embodiment described above, and the configuration of the printers 30 and 32 is the same as that of FIG. 2 described above.
- the configurations of 20 and 22 are the same as in FIG. 3 described above.
- the print client 20 obtains the public key and the random number used to generate the public key from the printer 30.
- the acquisition of the public key and the random number is performed for each print job via the network 10. That is, the printer 30 checks whether or not the print client 20 that has requested the transmission of the public key has a valid right, and only when the print client 20 has the valid right, does the printer 30 generate the newly generated public key.
- the random number used to generate the public link is transmitted to the print client 20. That is, the printer 30 is made public by using a passphrase including at least printer position information indicating the position where the printer 30 is installed, and a random number generated for each print job by the printer 30.
- a public key is generated by key cryptography. The printer 30 discards the random number used for generating the public key because it is not necessary to hold the random number.
- the generated secret key is also destroyed. That is, in general public key cryptography, a public key and a secret key are generated at the same time. For this reason, in the present embodiment, even when a private key is generated when a public key is generated, the private key is destroyed. Thus, the possibility that the secret key generated by the printer 30 is leaked is reduced as much as possible.
- the print client 20 generates print job data DO5 based on the data to be printed.
- the print job data DO 5 indicates the original print data required to perform printing by driving the print engine 52 with the printer 30.
- the print client 20 encrypts the print job data DO5 using the public key of the printer 30 previously obtained, and generates encrypted print job data. Then, the print client 20 adds the random number obtained from the printer 30 to the encrypted print job data to generate print transmission data D10. Note that the print transmission data D 10 may include data other than the encrypted print data and the random numbers shown in FIG. 29.
- the printer 30 that has received the print transmission data D 1 ⁇ temporarily stores the received print transmission data D 10 in the RAM 42 as shown in FIG. Then, the printer 30 decrypts the encrypted print job data included in the print transmission data D10 using the secret key. That is, the printer 30 generates a secret key by the public key cryptography using the passphrase including at least the printer position information and the random number included in the print transmission data D10. Then, the encrypted print job data included in the print transmission data D10 is decrypted with this secret. Subsequently, the printer 30 determines whether or not the encrypted print job data has been successfully decrypted. If the encrypted print job data can be decrypted, printing is performed based on the print job data D05 obtained by decrypting the encrypted print job data.If the encrypted print job data cannot be decrypted, No printing is performed.
- FIG. 39 and FIG. 40 are flowcharts illustrating the print request processing executed by the print clients 20 and 22.
- This print request process is a process realized by the CPU 64 reading and executing a print request program stored in the ROM 68 or the hard disk 76 of the print client. Also, the present embodiment In, the print request process is started and executed when the user inputs an instruction to the print clients 20 and 22 to execute printing. In the following, the process will be described on the assumption that the print client 20 requests the printer 30 to perform printing.
- the print client 20 transmits a connection request to the printer 30 via the network 10 (step S3100). Then, a connection between the print client 20 and the printer 30 is established (step S3102). In the present embodiment, a connection between the print client 20 and the printer 30 is established with security ensured by Secure Socket Layer (SSL) communication or the like.
- SSL Secure Socket Layer
- the print client 20 transmits the authentication information to the printer 30 (step S3104).
- a combination of a print client ID for specifying a print client and a password is used as the authentication information. Therefore, the print client 20 transmits the print client ID and the password to the printer 30.
- the print client 20 receives an authentication result indicating whether the authentication has been accepted from the printer 30. Based on the authentication result, the print client 20 determines whether the printer 30 has been authenticated ( Step S3 106). If the authentication is not approved (step S3106: No), the above steps S3104 to S104 are repeated.
- step S3106 when the authentication is approved (step S3106: Yes), the print client 20 transmits a public key acquisition request to the printer 30 (step S3108). Then, it is determined whether or not the public key and the random number used to generate the public key have been received from the printer 30 (step S3110). If the public key and the random number have not been received from the printer 30 (step S3110: No), this step S3110 is repeated to wait.
- step S3110 when the public key and the random number are received from the printer 30 (step S3110: Yes), the public key and the random number are stored (step S3112).
- the print client 20 stores this public key in RAM 66 (see FIG. 3). And a random number are temporarily stored and held. By storing the public key and the random number in the RAM 66 in this way, when the power of the print client 20 is turned off, the public key and the random number are automatically erased. It can be raised.
- the printer 30 releases the connection with the printer (step S3114). That is, the connection established between the print client 20 and the printer 30 is released while security is secured by SSL communication or the like. Although the release of this connection is not necessarily required, the print job data D05 transmitted in step S3126 described later is separately encrypted with the public key, and the connection itself is not processed in the subsequent processing. Since it is not necessary to ensure security, the connection is released in this embodiment.
- the print client 20 creates print job data D05 based on the user's print request (step S3120). This print job data D05 is non-encrypted data required to execute printing on the printer 30.
- the print client 20 reads the public key and the random number stored in step S3112 from the RAM 66 (step S3122). Subsequently, the print client 20 uses the public key to encrypt the print job data D05 to generate encrypted print job data (step S3124).
- the print client .20 adds the random number read in step S3122 to the encrypted print job data generated in step S3124 to generate print transmission data D10 (step S 3 125).
- the print transmission data D10 may include data other than the encrypted print job data and the random numbers.
- the print client 20 transmits the print transmission data D10 to the printer 30 (step S3126). Specifically, the network address of the printer 30 is specified, and the print transmission data D10 is transmitted to the network 10.
- the print client 20 determines whether or not print result information has been received from the printer 30 (step S3128). If the print result information has not been received (step S3128: No), the process of step S3128 is repeated. Wait. On the other hand, if the print result information has been received (step S3128: Yes), it is determined whether the print result information is a print completion notification (step S3130).
- step S3130 If the print result information is a print completion notification (step S3130: Yes), it means that the printing has been completed normally on the printer 30, and the user is informed that the printing has been completed on the printer 30. Is notified (step S3132). On the other hand, if the received print result information is not a print completion notification (step S3130: No), it is determined whether or not the print result information is a non-decipherable notification (step S3134).
- step S3134 If the print result information is an indecipherable notification (step S3134: Yes), the user is informed that printing was not performed because the printer 30 could not decode the print transmission data D10. Notify (step S3136). On the other hand, if the print result information is not an indecipherable notification (step S3134: No), it is considered to be some other error, and the user is notified according to the type of the error. (Step S3138).
- step S3140 is not always necessary, but in order to improve the confidentiality of the public key and the random number, in the present embodiment, the process is acquired every time one print job process is completed. The public key and random number are deleted and destroyed. Thus, the print request processing in the print client 20 ends.
- FIGS. 41 to 43 are flowcharts for explaining the print execution processing executed by the printers 30 and 32.
- This print execution process is realized by the CPU 40 reading and executing a print execution program stored in the ROM 44 or the hard disk 58 of the printer.
- the print execution process is a process that is constantly executed at predetermined time intervals.
- the description will be made on the assumption that the print client 20 requests the printer 30 to perform printing.
- the printer 30 determines whether or not a connection request has been received from the print client 20 via the network 10 (step S3).
- step S3200 If a connection request has not been received from the print client 20 (step S3200: No), the process of step S3200 is repeated and the process waits. Then, as described above, the connection between the printer 30 and the print client 20 is established after ensuring security by SSL communication or the like (step S3202).
- step S3204 determines whether authentication information has been received from the print client 20 (step S3204). If the authentication information has not been received (step S3204: No), the process of step S3204 is repeated to wait.
- step S3204 when the authentication information is received from the print client 20 (step S3204: Yes), it is determined whether the authentication information matches the authentication information registered in advance in the printer 30 (step S3204).
- step S3204 since the print client ID and password are transmitted as authentication information from the print client 20, the print client ID and password are registered in the hard disk 58 or the like of the printer 30 in advance. Print client ID and password match.
- step S3206 No
- step S3208 the printer 30 transmits the authentication result indicating that the authentication has not been accepted to the print client 20 (step S3208), and returns to the process of step S3204.
- step S3206: Yes the printer 30 transmits an authentication result indicating that the authentication has been accepted to the print client 20 (step S3210).
- step S3212 determines whether a public key acquisition request has been received from the print client 20 (step S3212). If this public key acquisition request has not been received (step S3212: No), the process of step S3212 is performed. Wait repeatedly.
- the printer 30 acquires device-specific information of the printer 30 (step S32). 14 ) .
- the device-specific information is identification information uniquely assigned to the printer 30 and includes, for example, a manufacturing serial number of the printer 30 and a MAC address.
- the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S3220). As described above, the printer position information is acquired from the position detection unit 54 each time. When the printer 30 is moved to another location, the printer 30 is disclosed using the position information after the movement. This is to generate a key.
- the printer 30 creates a passphrase using the device-specific information and the printer position information (Step S3222).
- the passphrase is generated by simply connecting the printer position information to the device-specific information.
- the passphrase may include data other than the device-specific information and the printer position information.
- the printer 30 generates one random number (step S3224). Subsequently, the printer 30 transmits the passphrase created in step S3222 to step S322.
- a public key and a secret key are generated by the public key cryptography using the random number generated in step 2 32 (step S 3226).
- Public key cryptography has the property that if the passphrase and random number used are the same, the same is generated even if the public key and secret key are generated again.
- the printer 30 transmits the public key and the random number used to generate the public key to the print client 20 (Step S).
- step S3230 This process is a process corresponding to step S3114 of the print request process described above. Also, as described above, this step S 3 230 Is not always necessary.
- the printer 30 determines whether or not the print transmission data D10 has been received from the network 10 (step S3322). If no print transmission data D10 has been received (step S3322: No), the process of step S3322 is repeated to wait. On the other hand, when the print transmission data D10 has been received (step S3232: Yes), the printer 30 acquires its own device-specific information (step S3324).
- the printer 30 acquires the printer position information of the printer 30 at that time from the position detection unit 54 (step S3240).
- the printer position information is acquired from the position detection unit 54 each time when the printer 30 is moved to another place, the position information after the movement is obtained. This is to generate a secret key using the secret key.
- the printer 30 creates a passphrase based on the device-specific information and the printer position information (step S3242).
- the method of creating this passphrase needs to be the same method as in step S3222 described above. This is because if the passphrase is different, the print transmission data D10 encrypted with the public key transmitted to the print client cannot be decrypted with the private key.
- the printer 30 obtains a random number included in the received print transmission data D10 (step S3244). Subsequently, the printer 30 generates a public key and a secret key by public key cryptography using the generated passphrase and the obtained random numbers (step S3246).
- the passphrase used in step S3246 is the same as the passphrase used in step S3226 described above unless the installation position of printer 30 is moved during that time.
- the random number should be the same as that in step S 3 226 described above if the print transmission data D 10 is transmitted from the legitimate print client 20. For this reason, in this step S3246, the same public key and secret key as those generated in step S3226 are generated.
- the printer 30 uses the generated secret key to decrypt the encrypted print job data included in the received print transmission data D10 (step S3248).
- the printer 30 determines whether or not the encrypted print job data has been successfully decrypted using the secret key (step S325). If the decryption is successful (step S325: Yes), the print engine 52 is driven based on the print job data D05 obtained by decrypting the encrypted print job data. Is executed (step S3252). Specifically, the language interpretation of the print job data D 05 is performed, and print request data suitable for the print engine 52 is generated. Then, by transmitting the print request data to the print engine 52, the print engine 52 prints on printing paper or the like.
- the secret is determined using the passphrase including at least the printer position information detected by the position detection unit 54 and the random number included in the print transmission data D10. If a key is generated and encrypted print job data can be decrypted with this secret key, it is determined that the encrypted print job data matches the printer position information.
- the printer 30 transmits a print completion notification to the effect that the printing has been completed to the print client 20 as print result information (step S3254).
- step S325 if it is determined in step S325 that the encrypted print job data could not be decrypted (step S325: No), the indecipherable notification is used as the print result information. Then, the data is transmitted to the print client 20 (step S3256). That is, in the present embodiment, a secret key is generated using a passphrase including at least the printer position information detected by the position detection unit 54 and a random number included in the print transmission data D10, If the encrypted print job data cannot be decrypted with this secret key, it is determined that the encrypted print job data does not match the printer position information.
- step S3254 or step S3256 the printer 30 returns to the processing in step S3200 in FIG. 41 described above.
- the printers 30 and 32 generate a public key and a secret key using a different random number for each print job by public key cryptography, and Since we decided to send the public key and random number to 20 and 22, It can increase the security of public keys, private keys, and random numbers.
- the public key and the random number used to generate the public key are transmitted to the print client 20, and the printer 30 discards the secret key and the random number. Can be enhanced. Further, the print clients 20 and 22 temporarily hold the random numbers, and transmit the random numbers to the printers 30 and 32 together with the encrypted print job data. For this reason, when the printers 30 and 32 decrypt the encrypted print job data encrypted using this public key, the printer 30 and 32 again use the random number transmitted together with the encrypted print job data, and The same private key can be generated by public key cryptography, and encrypted print job data can be decrypted.
- the printers 30 and 32 if the encrypted print job data could not be decrypted with the secret key, the printing of the received encrypted print job data was not executed. It is possible to prevent a third party having the printer from executing printing with the printers 30 and 32.
- the present invention is not limited to the above embodiment, and can be variously modified.
- the predetermined number used for generating the public key and the secret key is a random number
- the predetermined number is not limited to the random number.
- the predetermined number is set to “1”
- the predetermined number is set in the case of the second generation of the public key and the secret key in the printer
- the predetermined number is set in the case of the second generation of the public key and the secret key.
- natural numbers in ascending order may be used as the predetermined number so that the predetermined number is set to “3”.
- the predetermined number may be an even number in ascending order or an odd number in ascending order.
- a predetermined algorithm may be used to generate a predetermined number.
- an algorithm used when deriving the predetermined number is used. (For example, even numbers in ascending order) and additional information (for example, the first time) necessary to derive a predetermined number using the algorithm may be transmitted.
- print clients 20 and 22 request printing.
- the predetermined number itself may be transmitted to the printers 30 and 32.
- the print clients 20 and 22 may hold the information specifying the algorithm received from the printers 30 and 32 and the necessary additional information, or a predetermined number. May be generated to hold a predetermined number.
- the print clients 20 and 22 may transmit an algorithm and additional information to the printers 30 and 32 when requesting printing.
- the print clients 20 and 22 hold the information specifying the algorithm and the necessary additional information.
- the print clients 20 and 22 send only additional information to the printers 30 and 32 without sending an algorithm when requesting printing. Is also good. This is because the algorithm used when generating the public key and the secret key may be fixedly determined in the printers 30 and 32 in some cases.
- the present invention has been described by exemplifying a print client as a data transmission device for transmitting data to be secured and a printer as a data reception device for receiving the data. Combination of a data transmission device and a data reception device in a data transmission / reception system.
- the present invention is not limited to the above embodiment.
- the data transmission device in the data transmission / reception system may be a digital camera for capturing images
- the data reception device may be a data server that stores image data captured by a digital camera.
- the data transmitted from the digital camera is encrypted using the public key received from the data server, and the data server receiving the data generates a secret key by the above-described method and generates the secret key. Will be decrypted. Then, if the received data can be decoded, the data is accumulated, and if the data cannot be decoded, the data is not accumulated.
- the data transmitting device in the data transmitting / receiving system may be a personal computer, and the data receiving device may be a projector for projecting image data transmitted from the personal computer.
- the personal convenience The data transmitted from the data is encrypted using the public key received from the projector, and the projector receiving the data generates a secret chain by the above-described method and decrypts the data. . If the received data can be decoded, the data is projected. If the data cannot be decoded, the data is not projected.
- the data transmission device in the data transmission / reception system may be a content server for music and the like, and the data reception device may be a device for reproducing content data such as music transmitted from the content server.
- the data transmitted from the content server is encrypted using the public key received from the playback device, and the playback device receiving this data generates the secret key by the above-described method, and Will be decrypted. Then, if the received data can be decoded, the data is reproduced, and if not, the data is not reproduced.
- the print medium of the printers 30 and 32 is the print paper
- the print medium is not limited to this, and other print media such as an OHP sheet may be used.
- the present invention can be applied to a medium.
- a program for executing each of the processing is provided by a flexible disk, a compact disc-read only memory (CD-ROM), a ROM, a memory card, or the like. It can be recorded on a recording medium and distributed in the form of a recording medium. In this case, the recording medium on which this program is recorded is read into the print clients 20, 22, and Z or the printers 30, 32, and executed, whereby the above-described embodiment can be realized.
- CD-ROM compact disc-read only memory
- ROM read only memory
- memory card or the like.
- the print clients 20, 22 and / or the printers 30, 32 may have other programs, such as an operating system or another application program.
- the recording medium includes the print clients 20 and 22 and / or the printers 30 and 32.
- an instruction for calling a program for realizing the same processing as the above-described embodiment may be recorded.
- such a program can be distributed not as a recording medium but as a carrier through a network.
- the program transmitted in the form of a carrier wave on the network is taken into the print clients 20, 22, and Z or the printers 30, 32, and the above-described embodiment is realized by executing the program. Can be.
- the program when a program is recorded on a recording medium or transmitted as a carrier wave over a network, the program may be encrypted or compressed.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Accessory Devices And Overall Control Thereof (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/512,235 US7552324B2 (en) | 2002-08-30 | 2003-07-22 | Printer and print system, and data receiving device and data transmitting and receiving system |
JP2004534094A JP4045552B2 (ja) | 2002-08-30 | 2003-07-22 | プリンタ及び印刷システム、並びに、データ受信装置及びデータ送受信システム |
EP03741540A EP1493589A4 (en) | 2002-08-30 | 2003-07-22 | PRINTER AND PRINTING SYSTEM, DATA RECEPTION DEVICE AND DATA END / RECEIVING SYSTEM |
Applications Claiming Priority (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2002-253410 | 2002-08-30 | ||
JP2002253410 | 2002-08-30 | ||
JP2002253378 | 2002-08-30 | ||
JP2002-253378 | 2002-08-30 | ||
JP2002277384 | 2002-09-24 | ||
JP2002277499 | 2002-09-24 | ||
JP2002-277499 | 2002-09-24 | ||
JP2002-277384 | 2002-09-24 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004022350A1 true WO2004022350A1 (ja) | 2004-03-18 |
Family
ID=31982504
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2003/009280 WO2004022350A1 (ja) | 2002-08-30 | 2003-07-22 | プリンタ及び印刷システム、並びに、データ受信装置及びデータ送受信システム |
Country Status (5)
Country | Link |
---|---|
US (1) | US7552324B2 (ja) |
EP (1) | EP1493589A4 (ja) |
JP (1) | JP4045552B2 (ja) |
CN (1) | CN100361823C (ja) |
WO (1) | WO2004022350A1 (ja) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006014182A (ja) * | 2004-06-29 | 2006-01-12 | Canon Inc | データ処理装置、暗号通信方法及びコンピュータプログラム |
JP2007317118A (ja) * | 2006-05-29 | 2007-12-06 | Kyocera Mita Corp | 印刷システム、情報処理装置、及び、印刷装置 |
JP2008165368A (ja) * | 2006-12-27 | 2008-07-17 | Konica Minolta Business Technologies Inc | サービス制限方法、画像処理制限方法、および画像処理システム |
CN100541414C (zh) * | 2005-06-28 | 2009-09-16 | 三星电子株式会社 | 数据管理方法和装置 |
JP2010508576A (ja) * | 2006-10-31 | 2010-03-18 | ヒューレット−パッカード デベロップメント カンパニー エル.ピー. | 装置間でのデータオブジェクトの転送 |
WO2020022353A1 (ja) * | 2018-07-23 | 2020-01-30 | 株式会社AndGo | 秘密情報を管理するための機器、方法及びそのためのプログラム |
Families Citing this family (51)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3707407B2 (ja) | 2001-08-28 | 2005-10-19 | セイコーエプソン株式会社 | パスワードを投写するプロジェクタ |
US7293071B2 (en) | 2002-05-27 | 2007-11-06 | Seiko Epson Corporation | Image data transmission system, process and program, image data output device and image display device |
US6901863B2 (en) * | 2002-11-27 | 2005-06-07 | Seiko Epson Corporation | Printer and print system for executing a proper print operation only in a place registered in advance |
JP2004287160A (ja) | 2003-03-24 | 2004-10-14 | Seiko Epson Corp | 画像表示システム、プロジェクタ、画像表示方法、プロジェクタ制御方法、画像表示プログラムおよびプロジェクタ制御プログラム |
US20050152543A1 (en) * | 2003-11-04 | 2005-07-14 | Toshihiro Shima | Printer and print system |
JP2005151459A (ja) * | 2003-11-19 | 2005-06-09 | Canon Inc | 画像処理システムおよびその画像データ処理方法 |
KR100757456B1 (ko) * | 2004-01-20 | 2007-09-11 | 삼성전자주식회사 | 인쇄의 보안이 가능한 프린터 및 그 인쇄의 보안방법 |
JP4290036B2 (ja) * | 2004-02-27 | 2009-07-01 | キヤノン株式会社 | 情報処理装置及び印刷制御装置 |
US20050246803A1 (en) * | 2004-04-30 | 2005-11-03 | Spencer Andrew M | Peripheral device for processing data from a computing device |
US7788482B2 (en) * | 2004-05-10 | 2010-08-31 | Scientific Games International, Inc. | System and method for securing on-line documents using authentication codes |
US8037307B2 (en) * | 2004-05-10 | 2011-10-11 | Scientific Games International Inc. | System and method for securing on-line documents using authentication codes |
US7823169B1 (en) | 2004-10-28 | 2010-10-26 | Wheeler Thomas T | Performing operations by a first functionality within a second functionality in a same or in a different programming language |
US7774789B1 (en) | 2004-10-28 | 2010-08-10 | Wheeler Thomas T | Creating a proxy object and providing information related to a proxy object |
US8266631B1 (en) | 2004-10-28 | 2012-09-11 | Curen Software Enterprises, L.L.C. | Calling a second functionality by a first functionality |
US7861212B1 (en) | 2005-03-22 | 2010-12-28 | Dubagunta Saikumar V | System, method, and computer readable medium for integrating an original application with a remote application |
US8578349B1 (en) | 2005-03-23 | 2013-11-05 | Curen Software Enterprises, L.L.C. | System, method, and computer readable medium for integrating an original language application with a target language application |
JP4604847B2 (ja) * | 2005-06-01 | 2011-01-05 | コニカミノルタビジネステクノロジーズ株式会社 | 画像処理システム、画像処理装置および画像処理プログラム |
JP5040341B2 (ja) * | 2006-04-04 | 2012-10-03 | セイコーエプソン株式会社 | プロジェクタシステム |
US7810140B1 (en) | 2006-05-23 | 2010-10-05 | Lipari Paul A | System, method, and computer readable medium for processing a message in a transport |
US7844759B1 (en) | 2006-07-28 | 2010-11-30 | Cowin Gregory L | System, method, and computer readable medium for processing a message queue |
US8200603B1 (en) | 2006-12-22 | 2012-06-12 | Curen Software Enterprises, L.L.C. | Construction of an agent that utilizes as-needed canonical rules |
US7660777B1 (en) | 2006-12-22 | 2010-02-09 | Hauser Robert R | Using data narrowing rule for data packaging requirement of an agent |
US7702604B1 (en) | 2006-12-22 | 2010-04-20 | Hauser Robert R | Constructing an agent that utilizes supplied rules and rules resident in an execution environment |
US9311141B2 (en) | 2006-12-22 | 2016-04-12 | Callahan Cellular L.L.C. | Survival rule usage by software agents |
US8132179B1 (en) | 2006-12-22 | 2012-03-06 | Curen Software Enterprises, L.L.C. | Web service interface for mobile agents |
US7698243B1 (en) | 2006-12-22 | 2010-04-13 | Hauser Robert R | Constructing an agent in a first execution environment using canonical rules |
US8423496B1 (en) | 2006-12-22 | 2013-04-16 | Curen Software Enterprises, L.L.C. | Dynamic determination of needed agent rules |
US7702603B1 (en) | 2006-12-22 | 2010-04-20 | Hauser Robert R | Constructing an agent that utilizes a compiled set of canonical rules |
US7949626B1 (en) | 2006-12-22 | 2011-05-24 | Curen Software Enterprises, L.L.C. | Movement of an agent that utilizes a compiled set of canonical rules |
US7660780B1 (en) | 2006-12-22 | 2010-02-09 | Patoskie John P | Moving an agent from a first execution environment to a second execution environment |
US7860517B1 (en) | 2006-12-22 | 2010-12-28 | Patoskie John P | Mobile device tracking using mobile agent location breadcrumbs |
US7702602B1 (en) | 2006-12-22 | 2010-04-20 | Hauser Robert R | Moving and agent with a canonical rule from one device to a second device |
US7970724B1 (en) | 2006-12-22 | 2011-06-28 | Curen Software Enterprises, L.L.C. | Execution of a canonical rules based agent |
US7664721B1 (en) | 2006-12-22 | 2010-02-16 | Hauser Robert R | Moving an agent from a first execution environment to a second execution environment using supplied and resident rules |
JP4798172B2 (ja) * | 2008-05-20 | 2011-10-19 | コニカミノルタビジネステクノロジーズ株式会社 | 画像処理装置、画像出力方法および画像出力プログラム |
KR20100059450A (ko) * | 2008-11-26 | 2010-06-04 | 삼성전자주식회사 | 화상형성장치, 호스트 장치 및 작업대상 문서 암호화 방법 |
US20100293095A1 (en) * | 2009-05-18 | 2010-11-18 | Christopher Alan Adkins | Method for Secure Identification of a Device |
EP2348447B1 (en) | 2009-12-18 | 2014-07-16 | CompuGroup Medical AG | A computer implemented method for generating a set of identifiers from a private key, computer implemented method and computing device |
EP2348452B1 (en) | 2009-12-18 | 2014-07-02 | CompuGroup Medical AG | A computer implemented method for sending a message to a recipient user, receiving a message by a recipient user, a computer readable storage medium and a computer system |
US8719587B2 (en) * | 2009-12-18 | 2014-05-06 | CompuGroup Medical AG | Computer implemented method for generating a pseudonym, computer readable storage medium and computer system |
EP2348449A3 (en) * | 2009-12-18 | 2013-07-10 | CompuGroup Medical AG | A computer implemented method for performing cloud computing on data being stored pseudonymously in a database |
EP2365456B1 (en) * | 2010-03-11 | 2016-07-20 | CompuGroup Medical SE | Data structure, method and system for predicting medical conditions |
US8914851B2 (en) * | 2010-12-06 | 2014-12-16 | Golba Llc | Method and system for improved security |
US8924713B2 (en) | 2012-03-30 | 2014-12-30 | Golba Llc | Method and system for state machine security device |
FR3032540B1 (fr) * | 2015-02-06 | 2018-09-07 | Dover Europe Sarl | Systeme de protection avancee d'elements consommables ou detachables |
CN106761853B (zh) * | 2017-01-09 | 2019-03-29 | 北京新能正源智能装备有限公司 | 用于拱架台车的夹具机构和拱架台车 |
JP7115027B2 (ja) * | 2018-05-22 | 2022-08-09 | ブラザー工業株式会社 | 通信装置と通信装置のためのコンピュータプログラム |
JP7195803B2 (ja) | 2018-07-31 | 2022-12-26 | キヤノン株式会社 | 情報処理方法、情報処理システム、およびプログラム |
JP7195802B2 (ja) * | 2018-07-31 | 2022-12-26 | キヤノン株式会社 | 情報処理方法、情報処理システム、および通信装置 |
WO2020091763A1 (en) * | 2018-10-31 | 2020-05-07 | Hewlett-Packard Development Company, L.P. | Group printing |
CN111959139B (zh) * | 2020-08-31 | 2022-05-13 | 湖南鼎一致远科技发展有限公司 | 一种热转印打印机的加密系统 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH10341212A (ja) * | 1997-06-10 | 1998-12-22 | Matsushita Electric Ind Co Ltd | 暗号文伝送システム |
JP2002334255A (ja) * | 2001-05-10 | 2002-11-22 | Nippon Telegr & Teleph Corp <Ntt> | 電子コンテンツ流通システム及びその実施装置並びにその処理プログラムと記録媒体 |
JP2002359806A (ja) * | 2001-05-31 | 2002-12-13 | Toshiba Corp | 認証方法および情報再生機器 |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3697871B2 (ja) * | 1997-12-12 | 2005-09-21 | セイコーエプソン株式会社 | ネットワークシステム、情報処理装置及び情報記憶媒体 |
US6362893B1 (en) * | 1998-03-06 | 2002-03-26 | Fargo Electronics, Inc. | Security printing and unlocking mechanism for high security printers |
JP3451929B2 (ja) | 1998-05-14 | 2003-09-29 | セイコーエプソン株式会社 | 暗号化サーバおよび該暗号化サーバを用いた通信方法 |
US6760119B1 (en) * | 1999-05-25 | 2004-07-06 | Silverbrook Research Pty Ltd | Relay device |
US6681214B1 (en) * | 1999-06-29 | 2004-01-20 | Assure Systems, Inc. | Secure system for printing authenticating digital signatures |
US7003667B1 (en) * | 1999-10-04 | 2006-02-21 | Canon Kabushiki Kaisha | Targeted secure printing |
US6952780B2 (en) * | 2000-01-28 | 2005-10-04 | Safecom A/S | System and method for ensuring secure transfer of a document from a client of a network to a printer |
US7136486B2 (en) * | 2000-09-11 | 2006-11-14 | Seiko Epson Corporation | Print system and printer capable of prevention of unjust copy print |
US7231044B2 (en) * | 2000-10-11 | 2007-06-12 | Digital Authentication Technologies, Inc. | Method and apparatus for real-time digital certification of electronic files and transactions using entropy factors |
US7177426B1 (en) * | 2000-10-11 | 2007-02-13 | Digital Authentication Technologies, Inc. | Electronic file protection using location |
DE60134565D1 (de) | 2000-11-03 | 2008-08-07 | Digital Authentication Technol | Schutz einer elektronischen datei unter verwendung des standorts |
JP2002245267A (ja) | 2001-02-20 | 2002-08-30 | Konica Corp | プリントシステム、プリンタクライアント、サービス側システム |
US6725051B2 (en) * | 2001-04-30 | 2004-04-20 | Hewlett-Packard Development Company, L.P. | Method for obtaining location data |
WO2002093826A1 (fr) * | 2001-05-14 | 2002-11-21 | Matsushita Electric Industrial Co., Ltd. | Appareil de commande d'un dispositif electronique |
US20030044009A1 (en) * | 2001-08-31 | 2003-03-06 | Sridhar Dathathraya | System and method for secure communications with network printers |
US20030065923A1 (en) * | 2001-09-28 | 2003-04-03 | Parry Travis J. | Systems and methods for converting physical signatures to electronic signatures |
US6772945B2 (en) * | 2001-10-09 | 2004-08-10 | Hewlett-Packard Development Company, L.P. | Printed card to control printer |
US7305556B2 (en) * | 2001-12-05 | 2007-12-04 | Canon Kabushiki Kaisha | Secure printing with authenticated printer key |
JP3701249B2 (ja) * | 2002-03-05 | 2005-09-28 | 京セラミタ株式会社 | 画像形成装置 |
JP3979192B2 (ja) * | 2002-06-21 | 2007-09-19 | セイコーエプソン株式会社 | プリンタ及び印刷システム、並びに、データ受信装置及びデータ送受信システム |
US6901863B2 (en) * | 2002-11-27 | 2005-06-07 | Seiko Epson Corporation | Printer and print system for executing a proper print operation only in a place registered in advance |
-
2003
- 2003-07-22 CN CNB038163926A patent/CN100361823C/zh not_active Expired - Fee Related
- 2003-07-22 US US10/512,235 patent/US7552324B2/en not_active Expired - Fee Related
- 2003-07-22 WO PCT/JP2003/009280 patent/WO2004022350A1/ja active Application Filing
- 2003-07-22 EP EP03741540A patent/EP1493589A4/en not_active Withdrawn
- 2003-07-22 JP JP2004534094A patent/JP4045552B2/ja not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH10341212A (ja) * | 1997-06-10 | 1998-12-22 | Matsushita Electric Ind Co Ltd | 暗号文伝送システム |
JP2002334255A (ja) * | 2001-05-10 | 2002-11-22 | Nippon Telegr & Teleph Corp <Ntt> | 電子コンテンツ流通システム及びその実施装置並びにその処理プログラムと記録媒体 |
JP2002359806A (ja) * | 2001-05-31 | 2002-12-13 | Toshiba Corp | 認証方法および情報再生機器 |
Non-Patent Citations (1)
Title |
---|
See also references of EP1493589A4 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006014182A (ja) * | 2004-06-29 | 2006-01-12 | Canon Inc | データ処理装置、暗号通信方法及びコンピュータプログラム |
CN100541414C (zh) * | 2005-06-28 | 2009-09-16 | 三星电子株式会社 | 数据管理方法和装置 |
JP2007317118A (ja) * | 2006-05-29 | 2007-12-06 | Kyocera Mita Corp | 印刷システム、情報処理装置、及び、印刷装置 |
JP4504950B2 (ja) * | 2006-05-29 | 2010-07-14 | 京セラミタ株式会社 | 印刷システム、情報処理装置、及び、印刷装置 |
JP2010508576A (ja) * | 2006-10-31 | 2010-03-18 | ヒューレット−パッカード デベロップメント カンパニー エル.ピー. | 装置間でのデータオブジェクトの転送 |
JP2008165368A (ja) * | 2006-12-27 | 2008-07-17 | Konica Minolta Business Technologies Inc | サービス制限方法、画像処理制限方法、および画像処理システム |
US8489891B2 (en) | 2006-12-27 | 2013-07-16 | Konica Minolta Business Technologies, Inc. | Method for limiting service, method for limiting image processing and image processing system |
WO2020022353A1 (ja) * | 2018-07-23 | 2020-01-30 | 株式会社AndGo | 秘密情報を管理するための機器、方法及びそのためのプログラム |
Also Published As
Publication number | Publication date |
---|---|
CN1668471A (zh) | 2005-09-14 |
US7552324B2 (en) | 2009-06-23 |
EP1493589A4 (en) | 2007-12-05 |
JP4045552B2 (ja) | 2008-02-13 |
JPWO2004022350A1 (ja) | 2005-12-22 |
US20050163549A1 (en) | 2005-07-28 |
EP1493589A1 (en) | 2005-01-05 |
CN100361823C (zh) | 2008-01-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4045552B2 (ja) | プリンタ及び印刷システム、並びに、データ受信装置及びデータ送受信システム | |
JP4349281B2 (ja) | プリンタ、サーバ及び印刷システム、並びに、データ受信装置及びデータ送受信システム | |
JP2007110703A (ja) | 電子ドキュメント伝達システム、方法およびプログラム | |
JP2007336556A (ja) | セキュリティ面で安全なファクシミリ通信システムおよび方法 | |
JP2006191626A (ja) | 電子文書をセキュアに通信するシステム、方法およびプログラム | |
JP2007288747A (ja) | 画像処理システムおよび画像処理システムの制御方法および画像形成装置および画像再生装置 | |
JP2007104660A (ja) | 電子ドキュメントデータをセキュリティ面で安全に伝達するシステム、方法およびプログラム | |
JP2007082208A (ja) | 電子ドキュメントをセキュリティ面で安全にドメイン間で伝送するシステム、方法、およびプログラム | |
JP2006139784A (ja) | ドキュメント処理装置とその装置にデータ暗号化サービスを追加する方法およびプログラム | |
JP2007038674A (ja) | 機密保持機能を有する画像形成方法及び機密保持機能を有する画像形成装置 | |
JP4046876B2 (ja) | 通信装置及び通信方法 | |
JP4923582B2 (ja) | 機器バインドコンテンツの受渡方法、コンテンツ保存装置及びプログラム | |
JP2007295167A (ja) | 画像処理装置、画像処理方法及び画像処理用プログラム | |
JP2007235716A (ja) | 画像読み取り装置、画像読み取り方法およびコンピュータプログラム | |
JP2007181945A (ja) | 画像形成装置、出力判断プログラムおよび出力判断方法 | |
JP4345056B2 (ja) | プリンタ及び印刷システム | |
JP4370564B2 (ja) | プリンタ、印刷システム、及び、位置情報による暗号化データ処理システム | |
JP4337474B2 (ja) | プリンタ及び印刷システム | |
JP3659148B2 (ja) | 印刷システム、及び、コンテンツデータ再現システム | |
JP4337473B2 (ja) | プリンタ及び印刷システム | |
JP4168394B2 (ja) | プリンタ及び印刷システム | |
JPH10276335A (ja) | 画像形成装置、方法および記憶媒体 | |
CN115859255A (zh) | 一种主机端与办公设备执行认证的控制方法、控制系统 | |
JP4232510B2 (ja) | プリンタ、及び、印刷システム | |
JP2004306263A (ja) | プリンタ、及び、印刷システム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN JP US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2003741540 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10512235 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 2003741540 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20038163926 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2004534094 Country of ref document: JP |