WO2005078551A1 - A system and method for role based access control of a document processing device - Google Patents

A system and method for role based access control of a document processing device Download PDF

Info

Publication number
WO2005078551A1
WO2005078551A1 PCT/US2005/003771 US2005003771W WO2005078551A1 WO 2005078551 A1 WO2005078551 A1 WO 2005078551A1 US 2005003771 W US2005003771 W US 2005003771W WO 2005078551 A1 WO2005078551 A1 WO 2005078551A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
data
document processing
processing device
user data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2005/003771
Other languages
English (en)
French (fr)
Inventor
Marianne L. Kodimer
Mike Yeung
Amir Shahindoust
Girish R. Krishna
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Toshiba Corp
Toshiba Tec Corp
Original Assignee
Toshiba Corp
Toshiba Tec Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp, Toshiba Tec Corp filed Critical Toshiba Corp
Publication of WO2005078551A1 publication Critical patent/WO2005078551A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • This invention is directed to a system and method for role based access control of a document processing device, such as a multifunctional peripheral. More particularly, this invention is directed to system and method for role based access control of a document processing device which provides improved security to the users for managing document processing jobs.
  • Document processing devices such as multifunctional peripherals, printing devices, copying devices, facsimiles, or scanning devices, typically provide minimal security to users of such devices for managing document processing jobs. For example, in currently available document processing devices, a user is able to walk up to the document processing device and delete other document processing jobs and place the user's job higher in the queue for processing.
  • Another problem is that when a user selects a private document processing job, which are those jobs that have been created and left in the queue to be released once the user presents his password, the user selecting the private job is able to view the other private jobs in the queue, defeating the purpose of a private document processing job.
  • Several available document processing devices have attempted to overcome these problems in different ways.
  • One device uses a feature to track and control the access of their peripherals, hi this technique, there are 2000 to 2500 user accounts with unique PINS. The user must enter PINS in job control panel to obtain access to the copy function.
  • the drawback of this approach is that only the copy function is protected in the device. This approach also does not support the matrix functionality of roles vs. the functions.
  • Another device uses a feature wherein the mailboxes are protected by a password. Upon the successful presentation of the password anyone can access the document.
  • these devices have various drawbacks as described above.
  • a system and method for role based access control of document processing devices which prevents users from performing functions which the users are not allowed to perform Summary of the Invention.
  • a system and method for role based access control of document processing devices which prevents users from performing functions which the users are not allowed to perform.
  • a system and method for role based access control of document processing devices which provides improved security to the users for managing document processing jobs.
  • a system for role-based access control of a document processing device comprises means adapted for acquiring user data representative of an identity of a user of a document processing device, means adapted to receive device access data representative of device access privileges associated with each of a plurality of users, and comparison means adapted for comparing user data with the device access data.
  • the system also comprises means adapted for generating permission matrix data as a result of a comparison of the comparison means, the permission matrix data including data representative of allowable usage of the document processing device by a user associated with the user data and means adapted for communicating the permission matrix data to the document processing device to allow for control thereof.
  • a method for role-based control of a document processing device comprises the steps of acquiring user data representative of an identity of a user of a document processing device, receiving device access data representative of device access privileges associated with each of a plurality of users, and comparing user data with the device access data.
  • the method also comprises the steps of generating permission matrix data as a result of a comparison of the comparison means, the permission matrix data including data representative of allowable usage of the document processing device by a user associated with the user data and communicating the permission matrix data to the document processing device to allow for control thereof.
  • Figure 1 is diagram illustrating the system according to the present invention.
  • Figure 2 is a flow chart illustrating the method according to the present invention.
  • Figure 3 is a diagram illustrating a preferred role/resource correlation according to the present invention.
  • FIG. 1 is a diagram illustrating a preferred system 100 according to the present invention.
  • the system includes a document processing device 102.
  • Such document processing device 102 is suitably a multifunctional peripheral device, copying machine, facsimile, scanning device, printing device, storage device, or workstation or terminal.
  • the document processing device 102 includes a controller 104 for controlling the operations of the document processing device 102.
  • the controller 104 may be incorporated within the document processing device 102, as shown, or may be an external component.
  • the controller 104 further includes a user interface 106 which allows the user to select the function of the document processing device 102, as well as input the user's identification or username and password, as discussed below.
  • the document processing device 102 is suitably connected to at least one server 108 via a communications link 110.
  • the server 108 is preferably an authentication server.
  • the server 108 includes a storage area or authentication database 112 for storing selected information, passwords and usernames or the like.
  • the subject system is particularly advantageous in office document processing environments, and will be described in reference thereto. It is to be appreciated that the subject system is advantageously used in connection with any distributed, information processing environment in which enhanced throughput and efficiency is desired.
  • a flowchart illustrating the method according to the present invention is shown in Figure 2. An associated user requests the use of the document processing device 102 to perform any of functions the document processing device 102 is capable of performing at step 202.
  • the preferred embodiment utilizes the print, scan, facsimile, and copy functions of a multifunction peripheral device, however it will be appreciated by those skilled in the art that other functions may be attributed to the multifunction peripheral device.
  • devices other than the multifunction peripheral device, may equally provide a user with the ability to process documents.
  • the user may request the performance of the function from a remote workstation, mobile device, wireless network client, or other electronic device capable of transmitting the document for processing.
  • the user may physically approach the document processing device 102 and utilize the integral user interface 106, which may or may not be a graphical user interface.
  • the user after requesting the desired function at step 202, is prompted by the document processing device 102 at step 204 for the user's username and/or password.
  • the inputted username and password are then compared with the corresponding pair of username and password stored on an authentication server 108 at 206.
  • the authentication server 108 may be internal to the document processing device 102, or may be remotely accessible by the document processing device 102 over the communications link 110.
  • the communications link 110 may be any form of wired or wireless communication methods known in the art.
  • the authentication server 108 then informs the controller 104 that the user is authenticated.
  • the controller 104 must determine that the user has been authenticated. In the event that the user improperly typed in the username or password, the controller 104 will interpret this to be an unauthenticated user and proceed to step 210, wherein the authentication fails and the user is exited from the system.
  • the authorization level of the authenticated user must be determined at step 212.
  • the user prior to using the functions of the document processing device 102, must first be authorized to use such functions as the user's role allows. For example, an authenticated user is determined by the system to be a senior administrator. Correspondingly, the senior administrator will be authorized to use a substantially larger number of functions than a summer intern. In the event that the user is determined at step 212 to lack authorization to use the document processing device 102 or the failure of the system to authorize the user, the controller 104 will exit the user from the system at 214.
  • a list of resources the user is authorized to utilize is transmitted to the controller 104 from the authentication server 108.
  • the list of resources provides the controller 104 with a function-by-function authorization for the user or the group in which the user belongs. For example, the user may be authorized to scan, copy and print, but not be authorized to use the facsimile function.
  • the list returned to the controller 104 contains the functions scan, copy and print, but does not contain the facsimile function, thus the user is not authorized to use that particular function of the document processing device 102.
  • the controller 104 on the document processing device 102 compares the list of permitted functions retrieved at step 216 with the request input by the user at step 202 for compatibility. At step 218, the controller 104 then determines the requested function is not on the list of permitted functions for this particular user or the group to which the user belongs. The controller 104 then terminates the request at step 214 and the user is exited for authorization failure. When, at step 218, the controller 104 determines that the requested function from step 202 is contained within the list of authorized functions from step 216, the controller 104 directs the document processing device 102 to perform the function requested at step 220. Referring now to Figure 3, there is shown a diagram illustrating a preferred role/resource correlation according to the present invention.
  • a user logs into the controller 104 in order to authenticate and authorize as discussed in the method above, as shown at 302.
  • the login 302 is transmitted to the authentication/authorization server 304 for verification.
  • the server 304 retrieves from the authentication database, shown as 306, the list of authorized functions and authenticated user logins.
  • the authentication/authorization server 304 then correlates the requested function with the functions shown as 308 through 318.
  • the groups used in this example are created by a system administrator, enabling the administrator to control the level of access each user of the group has with respect to a document processing device 102.
  • the groups may be configured as determined by the administrator and individual users, depending upon their respective roles, may be members of more than one group.
  • the Print group of users is authorized only to use the print function 308 of the document processing device 102.
  • the Fax group of users is authorized only to use the fax function 310 of the document processing device 102.
  • the Scan group of users is authorized only to use the scan function 312 of the document processing device 102.
  • the Copy group of users is authorized only to use the copy function 314 of the document processing device 102.
  • the Power group of users is authorized to use the print function 308, the fax function 310, the scan function 312, the copy function 314 and the j ob administration function 316 of the document processing device 102.
  • the Admin group of users is typically comprised of system administrators and is authorized to use all functions 308-318 of the document processing device 102.
  • the Tech group of users typically comprises the technical support personnel charge with maintenance of the document processing device 102 and is authorized to use all of the functions 308-318 supported by the document processing device 102.
  • the correlation described below should not be viewed to limit application of the foregoing method to only these groups.
  • the diagram of Figure 3 denotes the six distinct functions capable of being performed by the document processing device 102.
  • the first function is the print function 308.
  • the print function 308 allows the document processing device 102 to act as a printer, printing documents transmitted to it over any communications channel or media known in the art.
  • the groups of users designated as Print, Power, Admin, and Tech all have equal rights to use the document processing device 102 as a printer. Each user of these respective groups is capable of sending a print job to the document processing device 102 for printing.
  • a second set of groups is authorized to us the facsimile function 310. These groups of users are the Fax, Power, Admin and Tech groups of users. Each member of these respective groups is authorized to use the facsimile function 310 of the document processing device 102. Thus, a user belonging to any of these groups may request a document be faxed by the document processing device 102.
  • the third set of groups is authorized to use the scanning function 310 of the document processing device 102.
  • These groups of users are the Scan, Power, Admin and Tech users, with each user authorized to scan a document using the document processing device 102.
  • an authenticated user of the Power group may request a document be scanned by the document processing device 102.
  • the controller 104 will then use the method above to determine the user belongs to the Power group and thus has rights to use the scan function 312 of the document processing device 102.
  • the document processing device 102 will then scan the document accordingly.
  • the fourth set of groups is authorized to use the copy function 314 of the document processing device 102.
  • These user groups are the Copy, Power, Admin and Tech users, with each user capable of requesting the document processing device 102 copy a document.
  • the fifth group of users is authorized to change the administration of print, scanning, copying, or facsimile jobs of the document processing device 102 using the job administration function 316.
  • users in the Power, Admin and Tech groups may adjust the properties of the job administration of the document processing device 102 by designating, for example, the order in which certain jobs are to be performed by the document processing device 102.
  • the sixth set of user groups is authorized to change the device settings of the document processing device 102 using the device administration function 318.
  • users belonging to the Admin and Tech groups are authorized to request changes made to the document processing device 102.
  • the skilled artisan will appreciate that the designated groups of users have rights to configure the document processing device 102 settings, layout, hardware, software, and the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Facsimiles In General (AREA)
  • Accessory Devices And Overall Control Thereof (AREA)
  • Storage Device Security (AREA)
PCT/US2005/003771 2004-02-04 2005-02-04 A system and method for role based access control of a document processing device Ceased WO2005078551A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/771,584 2004-02-04
US10/771,584 US7478421B2 (en) 2004-02-04 2004-02-04 System and method for role based access control of a document processing device

Publications (1)

Publication Number Publication Date
WO2005078551A1 true WO2005078551A1 (en) 2005-08-25

Family

ID=34808498

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/003771 Ceased WO2005078551A1 (en) 2004-02-04 2005-02-04 A system and method for role based access control of a document processing device

Country Status (4)

Country Link
US (1) US7478421B2 (https=)
JP (1) JP2005228310A (https=)
CN (1) CN1934516A (https=)
WO (1) WO2005078551A1 (https=)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100464276C (zh) * 2005-12-30 2009-02-25 联想(北京)有限公司 配置和保护用户软硬件配置信息的方法和系统

Families Citing this family (48)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7324711B2 (en) * 2004-02-26 2008-01-29 Xerox Corporation Method for automated image indexing and retrieval
US7913300B1 (en) * 2005-04-08 2011-03-22 Netapp, Inc. Centralized role-based access control for storage servers
JP2007004512A (ja) * 2005-06-24 2007-01-11 Fuji Xerox Co Ltd 画像処理システム及び装置及び承認サーバ
JP4305428B2 (ja) * 2005-08-04 2009-07-29 コニカミノルタビジネステクノロジーズ株式会社 デバイス管理用プログラム及びデバイス管理装置
JP2007142948A (ja) * 2005-11-21 2007-06-07 Konica Minolta Business Technologies Inc データ入出力システム
JP2007137018A (ja) * 2005-11-22 2007-06-07 Toshiba Corp 画像形成装置と画像形成方法
JP2007164640A (ja) * 2005-12-15 2007-06-28 Fuji Xerox Co Ltd 利用制限管理装置、方法、プログラム及びシステム
JP2007174062A (ja) * 2005-12-20 2007-07-05 Canon Inc データ通信装置、データ通信システム、データ通信方法、及びそのプログラム
US20070162480A1 (en) * 2006-01-10 2007-07-12 Kabushiki Kaisha Toshiba System and method for monitoring consumables in a document processing environment
US20070214497A1 (en) * 2006-03-10 2007-09-13 Axalto Inc. System and method for providing a hierarchical role-based access control
JP4868906B2 (ja) * 2006-03-24 2012-02-01 キヤノン株式会社 制限情報作成装置及び方法と機能制限付き印刷システム及び印刷認証方法
JP5100172B2 (ja) * 2006-05-12 2012-12-19 キヤノン株式会社 ネットワークシステム、デバイス機能制限方法、及びコンピュータプログラム
US7788712B2 (en) * 2006-06-05 2010-08-31 Ricoh Company, Ltd. Managing access to a document-processing device using an identification token
US20080005115A1 (en) * 2006-06-30 2008-01-03 International Business Machines Corporation Methods and apparatus for scoped role-based access control
EP2074547A2 (en) * 2006-08-10 2009-07-01 Intertrust Technologies Corporation Trust management systems and methods
US20090055248A1 (en) * 2006-08-22 2009-02-26 Wolf Andrew L Method of administering a search engine with a marketing component
US20080059423A1 (en) * 2006-08-22 2008-03-06 Andrew Wolf Method of administering a search engine with a marketing component
JP2008102633A (ja) 2006-10-17 2008-05-01 Sharp Corp 画像形成装置、ユーザ認証システム、画像形成装置を作動させる制御プログラムおよびコンピュータ読取可能な記録媒体
JP5078332B2 (ja) * 2006-12-04 2012-11-21 キヤノン株式会社 情報処理装置、情報処理方法
JP4966060B2 (ja) * 2007-03-16 2012-07-04 株式会社リコー 情報処理装置及び情報処理プログラム
US20080273224A1 (en) * 2007-05-01 2008-11-06 Preo Software Inc. System and method of print management
JP2009010658A (ja) * 2007-06-27 2009-01-15 Ricoh Co Ltd 情報処理装置
JP5145828B2 (ja) * 2007-09-11 2013-02-20 株式会社リコー ネットワークシステム、画像形成装置、プログラムおよび記録媒体
JP5046816B2 (ja) * 2007-09-13 2012-10-10 株式会社リコー 画像処理装置,セッション管理方法及びセッション管理プログラム
JP4706685B2 (ja) * 2007-10-12 2011-06-22 富士ゼロックス株式会社 情報処理装置、情報処理システム及び情報処理プログラム
US9471801B2 (en) * 2007-11-29 2016-10-18 Oracle International Corporation Method and apparatus to support privileges at multiple levels of authentication using a constraining ACL
US8627453B2 (en) * 2007-12-26 2014-01-07 Lexmark International, Inc. Method and apparatus for managing multiple security protocols and users for imaging devices
WO2009086661A1 (en) * 2007-12-29 2009-07-16 Motorola, Inc. User identification method and apparatus for multimedia priority service
US9430660B2 (en) * 2008-01-31 2016-08-30 International Business Machines Corporation Managing access in one or more computing systems
JP5102650B2 (ja) * 2008-02-26 2012-12-19 株式会社リコー 情報検索システム、情報検索方法、情報検索プログラム及び記録媒体
JP5164727B2 (ja) * 2008-08-06 2013-03-21 キヤノン株式会社 アプリケーション開発を支援するための開発ツールキットとしてのプログラム
JP4826637B2 (ja) * 2009-01-29 2011-11-30 ブラザー工業株式会社 画像処理装置およびプログラム
JP2010178047A (ja) * 2009-01-29 2010-08-12 Brother Ind Ltd 画像処理装置およびプログラム
JP5316867B2 (ja) * 2009-03-04 2013-10-16 日本電気株式会社 ライセンス管理システム、ライセンス管理方法及びライセンス管理プログラム
CN101547117B (zh) * 2009-05-07 2011-04-20 山东中创软件商用中间件股份有限公司 充分体现“分级分权”的安全框架
JP5454008B2 (ja) * 2009-08-27 2014-03-26 富士ゼロックス株式会社 情報処理装置、およびプログラム
EP2365462A2 (en) * 2010-03-08 2011-09-14 Kabushiki Kaisha Toshiba Image forming apparatus, authority management method of image forming apparatus, and authority management system of image forming apparatus
JP5546331B2 (ja) * 2010-04-15 2014-07-09 キヤノン株式会社 画像処理装置、画像処理装置におけるユーザ認証方法
US8549314B2 (en) 2010-04-29 2013-10-01 King Saud University Password generation methods and systems
US8689298B2 (en) * 2011-05-31 2014-04-01 Red Hat, Inc. Resource-centric authorization schemes
US9015196B2 (en) * 2012-05-10 2015-04-21 Dst Technologies, Inc. Internal social network for an enterprise and applications thereof
JP2015118400A (ja) * 2013-12-16 2015-06-25 キヤノン株式会社 情報処理装置、その制御方法、及びプログラム
US9208329B2 (en) 2013-12-31 2015-12-08 Lexmark International Technology, S.A. Systems and methods for monitoring document life cycle and destruction
US9734309B1 (en) * 2014-03-24 2017-08-15 Amazon Technologies, Inc. Role-based access control assignment
JP6436677B2 (ja) * 2014-08-07 2018-12-12 キヤノン株式会社 画像形成装置、画像形成装置の制御方法、及びプログラム
JP6379953B2 (ja) * 2014-10-01 2018-08-29 ブラザー工業株式会社 処理装置、処理システム、権限設定方法およびプログラム
CN104503752A (zh) * 2014-12-17 2015-04-08 青岛海信电器股份有限公司 一种智能设备中控制网页调用系统功能的方法及装置
KR20200142952A (ko) * 2019-06-14 2020-12-23 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. 그룹 정보를 이용한 보안 인쇄

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2331820A (en) * 1997-11-27 1999-06-02 Xerox Corp Document platforms
JP2000232567A (ja) * 1998-12-10 2000-08-22 Ricoh Co Ltd ファクシミリ装置及びその制御方法
US20010017700A1 (en) * 1999-11-30 2001-08-30 Masayuki Homma Peripheral device control system
US20030163707A1 (en) * 2002-02-26 2003-08-28 Canon Kabushiki Kaisha Information management apparatus and method
EP1480104A2 (en) * 2003-05-22 2004-11-24 Ricoh Company, Ltd. Information processing apparatus entry information management method, certification function control method, a computer program and a computer readable storage medium

Family Cites Families (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0697662B1 (en) * 1994-08-15 2001-05-30 International Business Machines Corporation Method and system for advanced role-based access control in distributed and centralized computer systems
US5757916A (en) * 1995-10-06 1998-05-26 International Series Research, Inc. Method and apparatus for authenticating the location of remote users of networked computing systems
JPH1058796A (ja) * 1996-08-21 1998-03-03 Fuji Xerox Co Ltd サービス利用許諾管理機能付き複合機
US6055637A (en) * 1996-09-27 2000-04-25 Electronic Data Systems Corporation System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential
US6023765A (en) * 1996-12-06 2000-02-08 The United States Of America As Represented By The Secretary Of Commerce Implementation of role-based access control in multi-level secure systems
US5923756A (en) * 1997-02-12 1999-07-13 Gte Laboratories Incorporated Method for providing secure remote command execution over an insecure computer network
US7062781B2 (en) * 1997-02-12 2006-06-13 Verizon Laboratories Inc. Method for providing simultaneous parallel secure command execution on multiple remote hosts
US5925126A (en) * 1997-03-18 1999-07-20 Memco Software, Ltd. Method for security shield implementation in computer system's software
US6516416B2 (en) * 1997-06-11 2003-02-04 Prism Resources Subscription access system for use with an untrusted network
US6202066B1 (en) * 1997-11-19 2001-03-13 The United States Of America As Represented By The Secretary Of Commerce Implementation of role/group permission association using object access type
US6357010B1 (en) * 1998-02-17 2002-03-12 Secure Computing Corporation System and method for controlling access to documents stored on an internal network
US6453353B1 (en) * 1998-07-10 2002-09-17 Entrust, Inc. Role-based navigation of information resources
US6182142B1 (en) * 1998-07-10 2001-01-30 Encommerce, Inc. Distributed access management of information resources
JP2000029845A (ja) * 1998-07-10 2000-01-28 Canon Inc 情報処理装置、情報処理システム、及び記憶媒体
US20020062451A1 (en) * 1998-09-01 2002-05-23 Scheidt Edward M. System and method of providing communication security
US6487583B1 (en) * 1998-09-15 2002-11-26 Ikimbo, Inc. System and method for information and application distribution
US6574736B1 (en) * 1998-11-30 2003-06-03 Microsoft Corporation Composable roles
US6519647B1 (en) * 1999-07-23 2003-02-11 Microsoft Corporation Methods and apparatus for synchronizing access control in a web server
US6671818B1 (en) * 1999-11-22 2003-12-30 Accenture Llp Problem isolation through translating and filtering events into a standard object format in a network based supply chain
US6785812B1 (en) * 2000-01-14 2004-08-31 Avaya Technology Corp. Secure and controlled electronic document distribution arrangement
US20020026592A1 (en) * 2000-06-16 2002-02-28 Vdg, Inc. Method for automatic permission management in role-based access control systems
EP1168752A1 (en) * 2000-06-23 2002-01-02 Matra Nortel Communications Access control in client-sever systems
WO2002008870A2 (en) * 2000-07-26 2002-01-31 David Dickenson Distributive access controller
US7155616B1 (en) * 2000-07-31 2006-12-26 Western Digital Ventures, Inc. Computer network comprising network authentication facilities implemented in a disk drive
JP2002111924A (ja) * 2000-09-29 2002-04-12 Omron Corp 画像形成装置および画像形成装置の制御方法、制御装置、並びにネットワークシステム
JP2002236577A (ja) * 2000-11-17 2002-08-23 Canon Inc 印刷処理における自動認証方法及びそのシステム
JP2002169433A (ja) * 2000-12-04 2002-06-14 Ricoh Co Ltd 複写機システム
US7127524B1 (en) * 2000-12-29 2006-10-24 Vernier Networks, Inc. System and method for providing access to a network with selective network address translation
US7131000B2 (en) * 2001-01-18 2006-10-31 Bradee Robert L Computer security system
US6947989B2 (en) * 2001-01-29 2005-09-20 International Business Machines Corporation System and method for provisioning resources to users based on policies, roles, organizational information, and attributes
US6985955B2 (en) * 2001-01-29 2006-01-10 International Business Machines Corporation System and method for provisioning resources to users based on roles, organizational information, attributes and third-party information or authorizations
US20020144142A1 (en) 2001-04-03 2002-10-03 Dalia Shohat Automatic creation of roles for a role-based access control system
US7392546B2 (en) * 2001-06-11 2008-06-24 Bea Systems, Inc. System and method for server security and entitlement processing
US7380271B2 (en) * 2001-07-12 2008-05-27 International Business Machines Corporation Grouped access control list actions
US20030046586A1 (en) * 2001-09-05 2003-03-06 Satyam Bheemarasetti Secure remote access to data between peers
US20030093298A1 (en) * 2001-10-12 2003-05-15 Javier Hernandez System and method for providing secure remote access to patient files by authenticating personnel with biometric data
JP3653073B2 (ja) * 2001-10-22 2005-05-25 株式会社リコー 画像形成装置、利用者制限方法およびこの方法をコンピュータに実行させるプログラム
US20030144901A1 (en) * 2002-01-25 2003-07-31 Coulter Jeffery R. Managing supplier and alliance partner performance data
AU2003208940A1 (en) * 2002-01-30 2003-09-02 Core Sdi, Inc. Framework for maintaining information security in computer networks
JP2003309681A (ja) * 2002-04-15 2003-10-31 Canon Inc ディジタル複合機の操作部
KR100450402B1 (ko) * 2002-04-17 2004-09-30 한국전자통신연구원 컴퓨터 시스템에 있어서 보안속성을 갖는 토큰을 이용한접근 제어방법
US8549114B2 (en) * 2002-06-12 2013-10-01 Bladelogic, Inc. Method and system for model-based heterogeneous server configuration management
JP2004021554A (ja) * 2002-06-14 2004-01-22 Canon Inc 画像入出力装置および画像入出力装置の制御方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2331820A (en) * 1997-11-27 1999-06-02 Xerox Corp Document platforms
JP2000232567A (ja) * 1998-12-10 2000-08-22 Ricoh Co Ltd ファクシミリ装置及びその制御方法
US20010017700A1 (en) * 1999-11-30 2001-08-30 Masayuki Homma Peripheral device control system
US20030163707A1 (en) * 2002-02-26 2003-08-28 Canon Kabushiki Kaisha Information management apparatus and method
EP1480104A2 (en) * 2003-05-22 2004-11-24 Ricoh Company, Ltd. Information processing apparatus entry information management method, certification function control method, a computer program and a computer readable storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "MEAP Information Page", INTERNET ARTICLE, 20 June 2003 (2003-06-20), pages 1 - 5, XP002328353, Retrieved from the Internet <URL:http://web.archive.org/web/20030620044432/http://developersupport.canon.com/MEAPmailinglist.htm> [retrieved on 20050517] *
ANONYMOUS: "The eCopy Solution", INTERNET ARTICLE, 2002, XP002268497, Retrieved from the Internet <URL:http://web.archive.org/web/20010604091806/www.ecopy.com/news/05_01_2001.htm> *
PATENT ABSTRACTS OF JAPAN vol. 2000, no. 11 3 January 2001 (2001-01-03) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100464276C (zh) * 2005-12-30 2009-02-25 联想(北京)有限公司 配置和保护用户软硬件配置信息的方法和系统

Also Published As

Publication number Publication date
JP2005228310A (ja) 2005-08-25
US20050172151A1 (en) 2005-08-04
CN1934516A (zh) 2007-03-21
US7478421B2 (en) 2009-01-13

Similar Documents

Publication Publication Date Title
US7478421B2 (en) System and method for role based access control of a document processing device
US20090119755A1 (en) System and method for role based access control of a document processing device
JP4143526B2 (ja) ネットワークディバイスアクセス制御方法及び装置、並びにコンピュータプログラム及びコンピュータ可読記憶媒体
US7487233B2 (en) Device access based on centralized authentication
EP2014067B1 (en) Provisioned configuration for automatic wireless connection
US8402552B2 (en) System and method for securely accessing mobile data
KR101614578B1 (ko) 정보 처리 장치, 그 제어 방법, 저장 매체, 및 화상 처리 장치
US20050177724A1 (en) Authentication system and method
US20070103712A1 (en) System and method for limiting access to a shared multi-functional peripheral device based on preset user privileges
US20080263635A1 (en) Policy store
JP5772011B2 (ja) 情報処理システム、情報処理装置、情報処理方法、およびプログラム
CN102238008A (zh) 图像发送装置及图像发送装置中的认证方法
US20110289571A1 (en) Information processing apparatus, user authentication method, and storage medium
US7676668B2 (en) System and method for monitoring configuration changes in a document processing device
CN1967558A (zh) 图像处理系统,信息处理设备,计算机可读记录介质以及信息处理方法
CN108632039A (zh) 一种成像装置与控制终端之间的安全认证方法
CN101455063B (zh) 用于自动无线连接的预配配置
JP2005085154A (ja) ネットワークシステムおよび端末装置
US20070081184A1 (en) System and method for releasing multiple document processing operations
US20250071228A1 (en) Image forming apparatus, control method for image forming apparatus, server, control method for server and storage medium
JP2009251710A (ja) 画像形成装置および画像形成プログラム
JP2022132074A (ja) 印刷装置及び印刷装置の制御方法
JP2009070168A (ja) 画像処理装置,セッション管理方法及びセッション管理プログラム
GB2408358A (en) Access and password management for network resources

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 200580004087.9

Country of ref document: CN

NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase