WO2019098476A1 - Système de sécurité d'impression au moyen d'une authentification d'utilisateur et procédé de sécurité associé - Google Patents

Système de sécurité d'impression au moyen d'une authentification d'utilisateur et procédé de sécurité associé Download PDF

Info

Publication number
WO2019098476A1
WO2019098476A1 PCT/KR2018/006134 KR2018006134W WO2019098476A1 WO 2019098476 A1 WO2019098476 A1 WO 2019098476A1 KR 2018006134 W KR2018006134 W KR 2018006134W WO 2019098476 A1 WO2019098476 A1 WO 2019098476A1
Authority
WO
WIPO (PCT)
Prior art keywords
output
identification information
request
user
security server
Prior art date
Application number
PCT/KR2018/006134
Other languages
English (en)
Korean (ko)
Inventor
유대걸
우상원
Original Assignee
(주)엠더블유스토리
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)엠더블유스토리 filed Critical (주)엠더블유스토리
Publication of WO2019098476A1 publication Critical patent/WO2019098476A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1223Dedicated interfaces to print systems specifically adapted to use a particular technique
    • G06F3/1237Print job management
    • G06F3/1238Secure printing, e.g. user identification, user rights for device usage, unallowed content, blanking portions or fields of a page, releasing held jobs

Definitions

  • the present invention relates to an output security system using user authentication to prevent an output from an output device such as a multifunction device or a printer located physically apart from a user from being leaked to the outside due to carelessness of a user or malicious approach of an outside person, Security method.
  • a corporation or a public institution outputs an output containing various information by using an output device such as a multifunction printer or a printer.
  • the output output through the output device may be a confidential document including the business secret of the enterprise or the country information of the public institution.
  • an output security system that can enhance the security function of an output device physically spaced from a computer requesting output, and continuously manage log information on an output output from the output device according to a user.
  • the present invention has been made to solve the above-mentioned problems, and an object of the present invention is to provide a method and apparatus for preventing user's carelessness or malicious access by an outsider to prevent outflow of output from an output device such as a multi- And to provide a security system and a security method thereof.
  • the output security system using user authentication includes a user terminal, an output security server, an output device, and a user authentication module.
  • the user terminal device may hook the output data to limit the first output request when a first output request for outputting output data from the installed output job program is generated, The output data is matched with the first identification information and transmitted.
  • the output security server receives the output data matched from the user terminal and the first identification information, and delivers the output command so that the received output data is output through the authentication process according to the second output request.
  • the output device generates the second output request according to a request of the user, transmits the second identification information to the output security server by requesting authentication of the user, and transmits the output command according to the authentication process of the output security server And outputs the output data matched with the first identification information.
  • the user authentication module receives the user identification information from the output device, recognizes the user authentication means including the second identification information, obtains the second identification information, and transmits the obtained second identification information to the output device To the output security server.
  • the output security server transmits the output command to the output device through an authentication process of comparing the first identification information transmitted from the user terminal and the second identification information transmitted from the output device.
  • the output security server provides an output data list including a plurality of the output data to the output device after an authentication process of determining whether the first and second identification information are matched, When at least one of the output data items in the output data list is selected, the output command is transmitted to the output device so that the selected output data is output.
  • the output security server receives a first output log including an operation time according to the first output request from the user terminal device and outputs a second output log including the operation time according to the second output request from the output device, Calculates another time difference between the first and second output logs, and performs another authentication process for determining whether the calculated time difference is less than or equal to a reference time difference.
  • the output security server receives a random first random character from the user terminal and receives a random second random character from the output device to compare the first and second random characters to each other, The certification process goes further.
  • the output device is configured to output the output data when the output of the output data is completed, the output completion date and time of the output data, the first identification information matching the output data, And transmits a third output log including the IP address of the apparatus and the output data on which the output is completed to the output security server.
  • the security method of the output security system using the user authentication as described above includes a first output request step, a first output processing step, a second output request step and a second output processing step.
  • the first output request step may include hooking the output data to limit the first output request when a first output request for outputting output data from the output job program is generated, The output data corresponding to the first output request is matched with the first identification information and transmitted.
  • the first output processing step receives the output data and the first identification information, which the output security server has matched from the user terminal device.
  • the second output request step is a step in which the output device generates a second output request in response to a user's request, requests authentication of the user by the user authentication module, and transmits second identification information of the user authentication means, To the security server.
  • the second output processing step may include an authentication process for comparing and discriminating whether the output security server matches the first identification information transmitted from the user terminal device and the second identification information transmitted from the output device, To output the output command.
  • the output device outputs the output data matched with the first identification information in accordance with the output command.
  • the second output processing step may include an outputting step of outputting a list of output data including a plurality of the output data to the output device after the output security server performs an authentication process of determining whether the first and second identification information match And transmits the output command to the output device so that the selected output data is output when at least one output data item of the output data list is selected from the output device.
  • the second output processing step is a step in which the output security server receives a first output log including an operation time according to the first output request from the user terminal, The second output log including the first output log and the second output log to calculate a time difference between the operation times of the first and second output logs and to perform another authentication process of determining whether the calculated time difference is less than or equal to a reference time difference.
  • the second output processing step comprises receiving the random first random character from the user terminal device and receiving a random second random character from the output device so that the first and second random characters There is another authentication process that compares whether they are mutually consistent.
  • the second output processing step may include a second output processing step of, when the output device has finished outputting the output data, outputting the output completion date and time of the output data, outputting the first identification information, And transmits to the output security server a third output log including the IP address of the user terminal device that generated the request and the output data of which output is completed.
  • the output security system and the security method using the user authentication according to the present invention include a user authentication process having an output right from an output device such as an MFP or a printer located physically apart from the user, So that it is possible to prevent the user from being carelessly taken out or being leaked to the outside by a malicious approach of an outside person.
  • the output security system and the security method using the user authentication according to the present invention can output only selected output out of a plurality of output requests, so that even if a plurality of output requests are concurrently output from the output device, There is an effect that output suitable for the user is outputted.
  • FIG. 1 is a diagram illustrating a configuration of an output security system using user authentication according to the present invention.
  • FIG. 2 is a diagram illustrating a configuration of the output security server of FIG.
  • FIG. 3 is a diagram illustrating a security method of an output security system using user authentication according to the present invention in accordance with the processing procedure of the first embodiment.
  • FIG. 4 is a diagram illustrating a security method of an output security system using user authentication according to the present invention in accordance with the processing procedure of the second embodiment.
  • FIG. 5 is a diagram illustrating a security method of an output security system using user authentication according to the present invention in accordance with the processing procedure of the third embodiment.
  • FIG. 1 is a diagram illustrating a configuration of an output security system using user authentication according to the present invention.
  • the output security system 10 using the user authentication according to the present invention transmits a first output request from the user terminal 100 to the output security server 200,
  • the second output request is transmitted to the security server 200 and the user authentication process according to the first output request and the second output request is performed so that the output device 300 positioned physically apart from the user terminal performing the first output request It is possible to enhance the security against the leakage of the outputted output.
  • the user terminal device 100 transmits unique identification information to the output security server 200.
  • the output device 300 receives the second identification information from the user authentication means 500 using the user authentication module 400 and transmits the second identification information to the output security server 200.
  • the output security system 10 using the user authentication includes the user terminal 100, the output security server 200, the output device 300, the user authentication module 400, and the user authentication means 500, The output security system 10 using the enhanced user authentication can be provided to the user.
  • the user terminal device 100 controls the output request of the output job program by the first output security program 110, and the information related to the output transmitted from the output job program is output to the output device 200 via the output security server 200.
  • the user terminal device 100 transmits the output data corresponding to the first output request using the first output security program 110 And restricts the request so that the first output request is not transmitted to the output apparatus 300.
  • the user terminal 100 also matches the output data corresponding to the first output request with the first identification information identifiable by the computer program, and transmits the matching result to the output security server 200.
  • the user terminal device 100 outputs a first output log including a working time according to the first output request and a random first random character input through the first output security program 110 at the first output request, To the security server 200.
  • the random first random character is also identifiable by a computer program, such as the first identification information.
  • the user terminal device 100 may be provided for each of a plurality of users, and may transmit the respective output data to the output security server 200 through the respective first output security programs 110.
  • the user terminal device 100 may be provided with a computer capable of requesting transmission and output of output data, for example.
  • the user terminal device 100 may insert a watermark on the output data transmitted from the output job application program to the output security server 200.
  • the spooler interlocked with the terminal device 100 can be invoked to simultaneously process and output output data.
  • the first output security program 110 installed in the user terminal device 100 shares a job with a separate output security program installed directly in cooperation with the output device 300 such as a multifunctional apparatus or a printer,
  • the first output log and the first random character may be transmitted to the output security server 200.
  • FIG. 2 is a diagram illustrating a configuration of the output security server of FIG.
  • the output security server 200 receives matched output data and first identification information, a first output log, and a first random character from the user terminal device 100.
  • the output security server 200 also receives an output command to output output data matched and transmitted from the user terminal device 100 through a user authentication process in response to a second output request of the output device 300 . That is, the output security server 200 can perform a user authentication process using the first identification information using the communication unit 201, the control unit 202, the output management program 210, and the database 220,
  • the log and the first random character may be subjected to another user authentication process to transmit the output command so as to output the output data.
  • the communication unit 201 processes the output security server 200 to mutually data-communicate with the plurality of user terminal devices 100 and the output device 300. That is, the communication unit 201 can transmit and receive all signals including data transmitted between the output security server 200, the plurality of user terminal devices 100, and the output device 300.
  • the communication unit 201 can use a specific communication network limited to the public communication network or the output security server 200, for example.
  • the control unit 202 controls all operations of the output security server 200 to be processed. That is, the control unit 202 controls the processing of the communication unit 201, the output management program 210, and the database 220 to transmit and receive all data, and to allow the output of the output data of the output device 300, You can pass an output control command.
  • the control unit 202 may be implemented as, for example, at least one of a general purpose central processing unit (CPU), a programmable device element (CPLD, FPGA), an application specific integrated circuit (ASIC) Can be used.
  • CPU general purpose central processing unit
  • CPLD programmable device element
  • ASIC application specific integrated circuit
  • the output management program 210 receives the first identification information, the first output log, and the first random character received from the user terminal device 100 through the communication unit 201 and the output identification information received from the output device 300 through the communication unit 201 And determines a second identification information, a second output log, and a second random character according to respective user authentication procedures. That is, the output management program 210 causes output data, matched and transmitted to correspond to the first identification information, from the user terminal device 100 to the output security server 200 to be output to the output device 300 ). ≪ / RTI > To this end, the output management program 210 includes an output determination unit 211 and a time difference setting unit 212.
  • the output determination unit 211 determines whether the output data is output to the output device 300 through comparison of the first and second identification information, the first and second output logs, and the first and second random characters, And outputs the output command and the output stop command to the output device 300.
  • the output command is an instruction to allow the output data transmitted from the user terminal device 100 to the output security server 200 in correspondence with the first identification information to be output according to the user authentication procedure.
  • the output stop command is a command for causing output data transmitted from the user terminal device 100 to the output security server 200 to correspond to the first identification information to be output according to a user authentication procedure.
  • the output determination unit 211 After the user identification process, the output determination unit 211 provides a list of output data including a plurality of output data corresponding to the first identification information to the output device 300, Depending on the data selection, the output command can be passed back. First, the output determination unit 211 may compare the first and second identification information (hereinafter, referred to as "first authentication process ").
  • the first authentication process of the output determination unit 211 is a process in which the first identification information transmitted and matched with the output data from the user terminal device 100 to the output security server 200 and the second identification information transmitted from the output device 300 Are coincident with each other. That is, in the first authentication process, if the first identification information of the user terminal device 100 and the second identification information of the output device 300 correspond to each other, output of the output data is permitted.
  • the output determination unit 211 may perform comparison of the first and second output logs (hereinafter referred to as "second authentication process ").
  • the second authentication process of the output discrimination unit 211 is a process of outputting a first output request including a working time according to a first output request generated when a first output request is generated from the user terminal apparatus 100 to the output security server 200 A time difference between the log and the second output log including the operation time according to the second output request generated when the second output request is generated from the output apparatus 300 to the output security server 200 is calculated, And determines whether the calculated time difference of the first and second output logs is equal to or less than the reference time difference.
  • the output determination unit 211 may compare the first and second random characters (hereinafter referred to as "third authentication process ").
  • the third authentication process of the output discrimination unit 211 is a process in which when the first output request is generated from the user terminal device 100 to the output security server 200, When the second output request is generated from the output security server 200, it is determined whether any second random characters input from the user coincide with each other. At this time, the first and second random characters transmitted to each other can be prevented from being leaked by an outside person through encryption and decryption processes.
  • the third authentication process permits the output of the output data, Sanctions.
  • the first to third authentication processes may be generated independently of each other, so that only one authentication process may be provided, or the authentication process may be performed in various stages.
  • the time difference setting unit 212 sets a reference time difference for determining the time difference between the first output log of the user terminal device 100 and the second output log of the output device 300 in the output determination unit 211.
  • the time difference setting unit 212 sets the reference time difference for the working time between the first and second output logs to 1 minute, and outputs the first and second output logs in the output determination unit 211, The reference time difference of one minute is applied to determine whether the time difference between the first and second output logs is equal to or less than the reference time difference.
  • the time difference setting unit 212 generates a first output request by using the user terminal device 100, moves to an output device 300 located at a predetermined distance from the user terminal device 100, By minimizing the space between the first and second output requests that occur when generating the request, the user can respond to external environmental factors.
  • the database 220 includes output information 221, identification information 222, log information 223, encryption information 224 and user information 225.
  • the output information 221 includes output data transmitted from the plurality of user terminal devices 100 to the output security server 200.
  • the output data included in the output information 221 may be stored so as to correspond to the first identification information of each user terminal device 100 and may be stored in the output data list according to the first identification information .
  • the identification information 222 includes first identification information assigned to each user terminal device 100.
  • the log information 223 includes a first output log corresponding to the first output request of the user terminal device 100 and a second output log corresponding to the second output request of the output device 300 and a third output log corresponding to the third Include the output log.
  • the third output log includes the output completion date and time of the output data that has been output, the first identification information that matches the output data that has been output, the IP address of the user terminal device that has generated the first output request, do.
  • the first to third output logs can be increased in number according to the number of times of the first and second output requests and the output completion times of the output data, and each of the first to third output logs has a first identification It is preferable to be stored so as to correspond to the information.
  • the encryption information 224 includes a first random character transmitted from the user terminal device 100 to the output security server 200.
  • the first random character included in the encryption information 224 may be identified by syllables, numbers, symbols, or the like, and is preferably stored so as to correspond to each first identification information.
  • the user information 225 matches the output data requested to be output according to the first identification information of each user terminal device 100, the first to third output logs, and the first random character with the corresponding first identification information do. Therefore, the administrator of the output security server 200 can browse the user information 225 to observe the output operation of the user using the user terminal device 100.
  • the information stored in the database 220 may be updated at the request of the output management program 210 or may be updated with data and information transmitted through the communication unit 201.
  • the output device 300 generates a second output request through the second output security program 310 according to a user's request to access the output device 300. Also, the output device 300 requests the user authentication module 400 to authenticate the user, and outputs the second identification information and the second random character obtained from the user authentication module 400 to the output security server 200 The second output log corresponding to the second output request, and the third output log corresponding to the completion of the output of the output data, to the output security server 200. Thereafter, the output apparatus 300 receives an output command or an output stop command from the output security server 200 according to at least one of the first to third user authentication procedures of the output security server 200, Outputs output data matched with the first identification information in accordance with the command, or restricts the output.
  • the output apparatus 300 may receive the output data list before receiving the output control command from the output security server 200, select at least one output data, and output the output command for the selected output data to the output security server 200).
  • the output device 300 may be provided with a separate screen for receiving the second output request from the user and receiving the output data list from the output security server 200.
  • the user authentication module 400 When the user authentication module 400 receives a user authentication request from the output device 300, the user authentication module 400 obtains the second identification information from the user authentication means 500 carried by the user and outputs the obtained second identification information to the output device 300 To the output security server 200 via the network. Also, the user authentication module 400 can recognize the user authentication means 500 carried by the user through wireless communication means such as NFC (Near Field Communication). In addition, the user authentication module 400 may be switched to the user authentication mode only when a second output request is generated in order to restrict a user or an outsider's indiscriminate user authentication request, and receive the second identification information. In addition, the user authentication module 400 may be located in the vicinity of the output device 300 as a separate device, or as one component with the output device 300.
  • NFC Near Field Communication
  • the user authentication means 500 stores the identifiable second identification information.
  • the user authentication module 500 is switched to the user authentication mode when the second output request is generated from the output device 300 and the user authentication module 400 is switched to the user authentication mode, And may provide the second identification information to the output device 300 through the user authentication module 400.
  • the user authentication means 500 may include, for example, a semiconductor-based integrated circuit and a memory in which data can be written or erased several times, As well as data encryption and the like.
  • FIG. 3 The security of the output security system using user authentication will be described in more detail with reference to FIGS. 3 to 5 in addition to FIGS. 1 and 2.
  • FIG. 3 The security of the output security system using user authentication will be described in more detail with reference to FIGS. 3 to 5 in addition to FIGS. 1 and 2.
  • FIG. 3 is a diagram illustrating a security method of an output security system using user authentication according to the present invention in accordance with the processing procedure of the first embodiment.
  • the output security system 10 using the user authentication in the first embodiment generates a first output request for outputting output data from the output work program installed in the user terminal device 100 in step S601 .
  • step S602 the user terminal device 100 hooks up the output data according to the first output request using the installed first output security program 110, thereby limiting the first output request of the output job program.
  • step S603 the user terminal device 100 transmits the output data corresponding to the first output request to the output security server 200 by matching with the first identification information.
  • step S604 the output security server 200 receives matching output data and first identification information from the user terminal device 100.
  • step S605 the output apparatus 300 generates a second output request in response to a request from the user.
  • step S606 the output device 300 transmits a user authentication request according to the second output request to the user authentication module 400.
  • the user authentication module 400 is switched to the user authentication mode for recognizing the user authentication means 500 in step S607.
  • step S608 the user authentication unit 500 provides the second identification information to the user authentication module 400.
  • step S609 the user authentication module 400 acquires second identification information from the user authentication means 500 and provides the second identification information to the output device 300.
  • step S610 the output apparatus 300 transmits the second identification information provided from the user authentication module 400 to the output security server 200.
  • step S611 the output security server 200 transmits the first identification information transmitted to match the output data from the user terminal device 100 and the second identification information of the user authentication means 500 transmitted from the output device 300, To determine whether they match or not. At this time, if the first and second identification information coincide with each other, the procedure goes to step S612. If the first and second identification information are inconsistent with each other, the procedure advances to step S613 to transmit an output stop command for stopping the output of the corresponding output data to the output apparatus 300, and the processing procedure ends.
  • step S612 the output security server 200 provides an output data list including at least one output data item corresponding to the first identification information to the output device 300 so that at least one output data item is selected.
  • step S614 the output apparatus 300 selects at least one output data item from the output data list provided from the output security server 200.
  • step S615 the output security server 200 delivers an output command to the output device 300, which permits the output of at least one output data selected from the output device 300.
  • step S616 the output apparatus 300 outputs the output data corresponding to the output command of the output security server 200.
  • step S617 the output apparatus 300 transmits the third output log of the output data on which the output is completed to the output security server 200.
  • step S618 the output security server 200 receives the third output log from the output device 300 and allows the output record of the user outputting the output data according to the first and second output requests to be stored.
  • FIG. 4 is a diagram illustrating a security method of an output security system using user authentication according to the present invention in accordance with the processing procedure of the second embodiment.
  • the output security system 10 using the user authentication in the second embodiment generates a first output request for outputting output data from the output job program installed in the user terminal device 100 in step S701 .
  • step S702 the user terminal device 100 hooks up the output data according to the first output request using the first output security program 110 installed, thereby limiting the first output request of the output job program.
  • step S703 the user terminal device 100 transmits the output data corresponding to the first output request to the output security server 200 by matching with the first identification information.
  • step S704 the user terminal device 100 transmits the first output log according to the first output request to the output security server 200 together with the matched output data and the first identification information.
  • step S705 the output security server 200 receives matched output data, first identification information, and first output log from the user terminal device 100.
  • step S706 the output apparatus 300 generates a second output request in response to a user's request.
  • step S707 the output device 300 transmits a user authentication request according to the second output request to the user authentication module 400.
  • the user authentication module 400 is switched to the user authentication mode for recognizing the user authentication means 500 in step S708.
  • step S709 the user authentication unit 500 provides the second identification information to the user authentication module 400.
  • step S710 the user authentication module 400 obtains the second identification information from the user authentication means 500 and provides the second identification information to the output device 300.
  • the output device 300 transmits the second identification information provided from the user authentication module 400 to the output security server 200 in step S711.
  • step S712 the output apparatus 300 transmits the second output log corresponding to the second output request to the output security server 200.
  • step S713 the output security server 200 transmits the first identification information transmitted to match the output data from the user terminal device 100 and the second identification information of the user authentication means 500 transmitted from the output device 300, To determine whether they match or not. At this time, if the first and second identification information coincide with each other, the procedure goes to step S715. If the first and second identification information are inconsistent with each other, the procedure advances to step S717 to transmit an output stop command for stopping the output of the output data to the output apparatus 300, and the processing procedure ends.
  • step S715 the output security server 200 calculates a time difference between the first output log transmitted from the user terminal device 100 and the second output log transmitted from the output device 300, It is determined whether the time difference is equal to or less than the reference time difference. At this time, if the calculated time difference between the first and second output logs is less than the reference time difference, the procedure goes to step S716. If the calculated time difference between the first and second output logs exceeds the reference time, the procedure advances to step S717 to transmit an output stop command for stopping the output of the output data to the output device 300, The procedure ends.
  • step S716 the output security server 200 provides an output data list including at least one output data corresponding to the first identification information to the output device 300 so that at least one output data is selected.
  • step S718 the output apparatus 300 selects at least one output data from the output data list provided from the output security server 200.
  • step S719 the output security server 200 delivers an output command to the output device 300, which permits output for at least one output data selected from the output device 300.
  • step S720 the output apparatus 300 outputs the output data corresponding to the output command of the output security server 200.
  • step S721 the output apparatus 300 transmits the third output log of the output data on which the output is completed to the output security server 200.
  • step S722 the output security server 200 receives the third output log from the output device 300 and allows the output record of the user outputting the output data according to the first and second output requests to be stored.
  • FIG. 5 is a diagram illustrating a security method of an output security system using user authentication according to the present invention in accordance with the processing procedure of the third embodiment.
  • the output security system 10 using the user authentication in the third embodiment generates a first output request for outputting output data from the output job program installed in the user terminal device 100 in step S801 .
  • step S802 the user terminal device 100 hooks the output data according to the first output request using the installed first output security program 110, thereby limiting the first output request of the output job program.
  • step S803 the user terminal device 100 matches the output data corresponding to the first output request with the first identification information, and transmits the output data to the output security server 200.
  • step S804 the user terminal device 100 transmits a random first random character input from the user according to the first output request to the output security server 200 together with the matched output data and the first identification information.
  • step S805 the output security server 200 receives the output data and the first identification information and the first random character matched from the user terminal device 100.
  • step S806 the output apparatus 300 generates a second output request in response to a user's request.
  • step S807 the output apparatus 300 transmits a user authentication request according to the second output request to the user authentication module 400.
  • the user authentication module 400 is switched to the user authentication mode for recognizing the user authentication means 500 in step S808.
  • step S809 the user authentication unit 500 provides the second identification information to the user authentication module 400.
  • step S810 the user authentication module 400 obtains the second identification information from the user authentication means 500 and provides the second identification information to the output device 300.
  • the output device 300 transmits the second identification information provided from the user authentication module 400 to the output security server 200 in step S811.
  • step S812 the output apparatus 300 transmits the second random character input from the user to the output security server 200 according to the second output request.
  • step S813 the output security server 200 transmits the first identification information transmitted to match the output data from the user terminal device 100 and the second identification information of the user authentication means 500 transmitted from the output device 300, To determine whether they match or not. At this time, if the first and second identification information coincide with each other, the procedure goes to step S815. If the first and second identification information are inconsistent with each other, the procedure advances to step S817 to transmit an output stop command for stopping the output of the output data to the output apparatus 300, and the processing procedure ends.
  • step S815 the output security server 200 compares the first random character transmitted from the user terminal device 100 with the second random character transmitted from the output device 300 to determine whether they match or not. At this time, if the first and second random characters coincide with each other, the procedure goes to step S716. If the first and second random characters are inconsistent with each other, the procedure advances to step S717 to transmit an output stop command to stop the output of the corresponding output data to the output apparatus 300, and the processing procedure ends.
  • step S816 the output security server 200 provides an output data list including at least one output data corresponding to the first identification information to the output device 300 so that at least one output data is selected.
  • step S818 the output apparatus 300 selects at least one output data from the output data list provided from the output security server 200.
  • step S819 the output security server 200 delivers an output command to the output device 300, which permits output for at least one output data selected from the output device 300.
  • step S820 the output apparatus 300 outputs the output data corresponding to the output command of the output security server 200.
  • step S821 the output apparatus 300 transmits the third output log of the output data to the output security server 200.
  • step S822 the output security server 200 receives the third output log from the output device 300, and allows the output record of the user outputting the output data according to the first and second output requests to be stored.
  • the output security system 10 allows the output of the output device 300, which is physically separated from the user, to be outputted through the user authentication process, It is possible to prevent the output from being leaked to the outside.
  • the output security system 10 using the user authentication according to the present invention allows only a selected output of a plurality of output items to be output, so that even if a plurality of output items are simultaneously output from the output device 300, So that an appropriate output is outputted.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Facsimiles In General (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un système de sécurité d'impression au moyen d'une authentification d'utilisateur, ainsi qu'un procédé de sécurité associé, permettant à un appareil d'impression, tel qu'une photocopieuse ou une imprimante, situé physiquement à distance d'un utilisateur d'imprimer des impressions par l'intermédiaire d'un processus d'authentification de l'utilisateur ayant un droit d'accès aux impressions. Ainsi, la présente invention permet non seulement d'empêcher les fuites d'impressions vers l'extérieur du fait de la négligence de l'utilisateur ou d'un accès malveillant par une personne extérieure, mais également d'imprimer uniquement une impression sélectionnée parmi une pluralité d'impressions, de sorte que, même si l'impression simultanée d'une pluralité d'impressions par l'appareil d'impression est requise, des impressions appropriées puissent être imprimées pour des utilisateurs respectifs.
PCT/KR2018/006134 2017-11-16 2018-05-30 Système de sécurité d'impression au moyen d'une authentification d'utilisateur et procédé de sécurité associé WO2019098476A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2017-0152762 2017-11-16
KR1020170152762A KR101861252B1 (ko) 2017-11-16 2017-11-16 사용자 인증을 이용한 출력물 보안 시스템 및 그 보안 방법

Publications (1)

Publication Number Publication Date
WO2019098476A1 true WO2019098476A1 (fr) 2019-05-23

Family

ID=62299577

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2018/006134 WO2019098476A1 (fr) 2017-11-16 2018-05-30 Système de sécurité d'impression au moyen d'une authentification d'utilisateur et procédé de sécurité associé

Country Status (2)

Country Link
KR (1) KR101861252B1 (fr)
WO (1) WO2019098476A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11296327A (ja) * 1998-01-09 1999-10-29 Hewlett Packard Co <Hp> 安全にドキュメントを印刷する方法
KR20050052962A (ko) * 2003-12-01 2005-06-07 삼성전자주식회사 정보의 보안등급에 따라 인쇄권한을 제한할 수 있는인쇄장치, 이를 이용한 인쇄시스템 및 이들의 인쇄방법
JP2010170234A (ja) * 2009-01-20 2010-08-05 Kyocera Mita Corp 画像形成システム、サーバ装置および画像形成装置
JP2013178726A (ja) * 2012-02-09 2013-09-09 Sharp Corp 情報処理システム、情報処理装置、及び通信接続方法
KR101457891B1 (ko) * 2013-08-14 2014-11-06 (주)엠텔레텍 스마트 프린터 관리시스템

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5844306B2 (ja) * 2013-04-30 2016-01-13 京セラドキュメントソリューションズ株式会社 画像形成装置、画像形成装置の制御プログラム、及び画像形成方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11296327A (ja) * 1998-01-09 1999-10-29 Hewlett Packard Co <Hp> 安全にドキュメントを印刷する方法
KR20050052962A (ko) * 2003-12-01 2005-06-07 삼성전자주식회사 정보의 보안등급에 따라 인쇄권한을 제한할 수 있는인쇄장치, 이를 이용한 인쇄시스템 및 이들의 인쇄방법
JP2010170234A (ja) * 2009-01-20 2010-08-05 Kyocera Mita Corp 画像形成システム、サーバ装置および画像形成装置
JP2013178726A (ja) * 2012-02-09 2013-09-09 Sharp Corp 情報処理システム、情報処理装置、及び通信接続方法
KR101457891B1 (ko) * 2013-08-14 2014-11-06 (주)엠텔레텍 스마트 프린터 관리시스템

Also Published As

Publication number Publication date
KR101861252B1 (ko) 2018-05-25

Similar Documents

Publication Publication Date Title
WO2018124857A1 (fr) Procédé et terminal d&#39;authentification sur la base d&#39;une base de données de chaînes de blocs d&#39;un utilisateur sans face-à-face au moyen d&#39;un id mobile, et serveur utilisant le procédé et le terminal
WO2017111383A1 (fr) Dispositif d&#39;authentification sur la base de données biométriques, serveur de commande relié à celui-ci, et procédé de d&#39;ouverture de session sur la base de données biométriques
WO2018030707A1 (fr) Système et procédé d&#39;authentification, et équipement d&#39;utilisateur, serveur d&#39;authentification, et serveur de service pour exécuter ledit procédé
WO2013012120A1 (fr) Procédé d&#39;authentification et dispositif utilisant un mot de passe à usage unique comportant des informations d&#39;images biométriques
WO2014058130A1 (fr) Procédé de commande d&#39;accès à un distributeur de réseau, et système pilote de réseau
WO2021003975A1 (fr) Procédé de test d&#39;interface de passerelle, dispositif terminal, support de stockage et appareil
EP2148286A2 (fr) Mécanisme de contrôle d&#39;impression basé sur un environnement d&#39;impression
WO2018151390A1 (fr) Dispositif de l&#39;internet des objets
US20070136820A1 (en) Server apparatus, client apparatus, control method therefor, and computer program
WO2018124856A1 (fr) Procédé et terminal d&#39;authentification d&#39;un utilisateur au moyen d&#39;un id mobile grâce à une base de données de chaînes de blocs, et serveur utilisant le procédé et le terminal
WO2019013422A1 (fr) Impression par traction par l&#39;intermédiaire de processus de sécurité supplémentaires
WO2014104539A1 (fr) Procédé et appareil de gestion de mot de passe
KR101560246B1 (ko) 클라우드 프린팅 시스템 및 이를 이용한 클라우드 프린팅 서비스 방법
WO2017105072A1 (fr) Dispositif d&#39;authentification basé sur des informations biométriques et son procédé de fonctionnement
WO2018151480A1 (fr) Procédé et système de gestion d&#39;authentification
WO2018169150A1 (fr) Système et procédé d&#39;authentification d&#39;utilisateur à base d&#39;écran verrouillé
WO2018004245A1 (fr) Procédé de vérification de contrefaçon et de falsification d&#39;un fichier exécutable dans un appareil de formation d&#39;images, et appareil de formation d&#39;images mettant en oeuvre ce procédé
EP3563227A1 (fr) Procédé et système d&#39;impression utilisant un nuage
WO2022045691A1 (fr) Procédé de médiation d&#39;une transmission d&#39;actifs virtuels
WO2020032351A1 (fr) Procédé permettant d&#39;établir une identité numérique anonyme
WO2015069028A1 (fr) Authentification multicanal, procédé de transfert financier et système utilisant un terminal de communication mobile
WO2010068057A1 (fr) Appareil de gestion de données d&#39;identité et procédé correspondant
WO2018131958A1 (fr) Sortie d&#39;une pluralité d&#39;images possédant des tailles différentes
WO2019098476A1 (fr) Système de sécurité d&#39;impression au moyen d&#39;une authentification d&#39;utilisateur et procédé de sécurité associé
WO2020060101A1 (fr) Dispositif électronique de fourniture de service par utilisation d&#39;un élément sécurisé, et son procédé de fonctionnement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18878574

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18878574

Country of ref document: EP

Kind code of ref document: A1