JP2007249575A - Information processing apparatus, computer-readable portable recording medium, information processing method, information processing program, and information processing system - Google Patents

Abstract

The present invention prevents unauthorized execution of authentication processing and improves safety when using data.
The information processing apparatus compares the MAC address of the information processing apparatus connected to the data subjected to the encryption processing and the allowable MAC address indicating the information processing apparatus that can use the data, and the allowable MAC address. Functions as a use determination unit that determines whether or not the user has the right to use and functions as a decryption processing unit that performs a decoding process on data when it is determined that the user has the right to use and restricts execution. A connection monitoring unit that monitors the connection of a portable recording medium recorded with the recorded security confirmation software, and security that activates a use determination unit included in the security confirmation program when the connection of the portable recording medium is detected A confirmation activation unit.
[Selection] Figure 2

Description

  The present invention relates to an information processing apparatus, a computer-readable portable recording medium, an information processing method, an information processing program, and an information processing system. In particular, while maintaining the security of data stored in a portable recording medium. It relates to the technology used.

  2. Description of the Related Art Conventionally, an image forming apparatus (hereinafter referred to as “multifunction machine”) in which functions of each apparatus such as a printer, a copy machine, a facsimile machine, and a scanner are housed in one casing is known. Such a multi-function peripheral is equipped with a storage device for storing images and document data.

  In recent years, in multifunction peripherals, there is a tendency to increase the opportunities to directly connect and use portable storage media (portable storage media) such as USB (Universal Serial Bus) memory and card-type media.

  However, in general, a portable storage medium can be easily carried, but has a high possibility of being stolen or lost. In such a case, the image and document data in the portable storage medium may be browsed by other users using a general electronic device such as an image forming apparatus or a PC (Personal Computer). Furthermore, there is a risk that it may flow out to the outside due to printing or FAX transmission. In addition, the portable storage medium may be used as a means for taking out data stored in a storage device provided in the multifunction peripheral to the outside.

  In order to solve such a problem, a technique for preventing unauthorized use of data is disclosed.

  For example, the technique disclosed in Patent Document 1 authenticates hardware-specific authentication data stored in a hardware memory connected to the client side, and authentication data stored in the client device. It authenticates that the user accessing the server is authentic.

JP 2003-162507 A

  However, in the conventional technology for preventing unauthorized use as described in Patent Document 1 described above, it is necessary to store an authentication application for each information processing apparatus. By the way, an application used for authentication is the same application if the types of information processing apparatuses are the same. For this reason, the application is preferably stored in a portable storage medium and shared. However, when the authentication application is stored in the portable storage medium, the authentication application may be analyzed by executing the authentication application on another information processing apparatus that does not have the authority to use the authentication application. There is a problem that there is.

  The present invention has been made in view of the above, and an information processing apparatus, a computer-readable portable recording medium, and information for preventing unauthorized execution of authentication processing and improving safety when using data It is an object to provide a processing method, an information processing program, and an information processing system.

  In order to solve the above-described problems and achieve the object, the invention according to claim 1 is directed to subject information used for processing, device identification information unique to an information processing device that uses the subject information, and the device identification. Use determination means for determining whether or not the information processing apparatus has a right to use the target information using information, and when the use determination means determines that the right to use is determined A connection monitoring unit that monitors a connection of a portable recording medium recorded with a security confirmation program that functions as a use control unit that controls the use of the target information and whose execution is restricted; and the connection monitoring unit Security confirmation activation means for activating the use determination means included in the security confirmation program when connection of the portable recording medium is detected by It is characterized in.

  Further, the invention according to claim 2 is the invention according to claim 1, wherein the connection monitoring means is configured to use the target information subjected to encryption processing and the encryption to be usable as the use control means. The connection of the portable storage medium recorded with the security confirmation program that functions as a decryption processing means for performing a decryption process on the target information that has been processed is characterized.

  The invention according to claim 3 is the invention according to claim 1 or 2, wherein the connection monitoring unit associates the plurality of pieces of encryption target information with the device identification information for each type of the target information. Functions as the use determination means for determining whether to permit the use of the target information based on the type associated with the apparatus identification information for the information processing apparatus using the apparatus permission information and the apparatus permission information And monitoring the connection of the portable recording medium recorded with the security confirmation program.

  The invention according to claim 4 is the invention according to any one of claims 1 to 3, wherein the connection monitoring means includes holding MAC (Media Access Control) address information unique to the information processing apparatus, The confirmation program for functioning as the use determining means for determining that the MAC address of the information processing apparatus has a right to use when the MAC address of the information processing apparatus matches the retained MAC address information. Monitoring the connection.

  The invention according to claim 5 is included in the security confirmation program recorded in the portable storage medium activated by the security confirmation activation means in the invention according to any one of claims 1 to 4. Information output processing means for performing processing to print and output the target information made available by the use control means when it is determined by the use determination means that the right to use the target information is obtained And further comprising.

  Further, the invention according to claim 6 is the invention according to any one of claims 1 to 5, wherein the connection monitoring means uses the use condition information indicating a condition for using the target information, and the use condition information. The security confirmation program recorded to function as the use determination means for determining that the information processing apparatus has a right to use the target information when the condition indicated by the It monitors the connection of a portable recording medium.

  According to a seventh aspect of the present invention, in the invention according to the sixth aspect, the connection monitoring means further includes the use determining means for deleting the target information when the condition indicated by the use condition information is not satisfied. The connection of the portable recording medium recorded with the confirmation program to be operated is monitored.

  The invention according to claim 8 is the invention according to claim 6 or 7, wherein the connection monitoring means includes expiration date information indicating a time limit during which the target information can be used, and an effective time indicated by the expiration date information. The portable recording medium on which is recorded the confirmation program that causes the information processing apparatus to function as the use determination unit that determines that the information processing apparatus has a right to use the target information when it is determined that the time limit has not expired It is characterized by monitoring the connection.

  The invention according to claim 9 is the invention according to claim 6 or 7, wherein the connection monitoring means includes a predetermined use number information indicating the number of times the target information can be used, and use of the information processing apparatus. The confirmation program for causing the information processing apparatus to function as the use determination means for determining that the information processing apparatus has a right to use the target information within the predetermined use number indicated by the use number information. The connection of the recorded portable recording medium is monitored.

  The invention according to claim 10 is the invention according to any one of claims 1 to 9, wherein the connection monitoring means has a right to use the decryption key and the use determining means. Monitoring the connection of the portable recording medium recorded with the confirmation program for functioning as the decryption processing means for performing decryption processing on the target information using the decryption key when judged. It is characterized by.

  According to an eleventh aspect of the present invention, there is provided a portable recording medium that is connected to an information processing device and transmits / receives information, and target information used for processing, and device identification information unique to the information processing device that uses the target information. And using the device identification information to determine whether or not the information processing device has the right to use the target information, and having the right to use the usage determination device When it is judged, it functions as a use control means for performing control to make the target information usable, and starts only when the information processing apparatus is called from a security confirmation starting means provided for calling its own program. A computer-readable portable recording medium having a security confirmation program recorded thereon.

  The invention according to claim 12 is the invention according to claim 11, wherein the target information is subjected to encryption processing, and the use control means in which the security confirmation program functions can be used as the use control means. In order to accomplish this, the information processing apparatus includes a decryption processing means for performing decryption processing on the target information subjected to the encryption processing.

  According to a thirteenth aspect of the invention, in the invention according to the eleventh or twelfth aspect, usage condition information indicating conditions under which the target information can be used is further recorded, and the security confirmation program is configured to use the usage determination unit. When the condition indicated by the use condition information is satisfied, it is determined that the information processing apparatus has an authority to use the target information.

  According to a fourteenth aspect of the present invention, target information used for processing, device identification information unique to an information processing device that uses the target information, and the target for the information processing device using the device identification information. Use determination means for determining whether or not the user has the right to use information, and use control for performing control to enable the use of the target information when the use determination means determines that the right to use is determined. When a connection is detected by a connection monitoring step for monitoring a connection between a portable recording medium on which a security confirmation program that functions as a means and execution is restricted is recorded, and an information processing apparatus, and the connection monitoring step detects the connection The security confirmation activation means for activating the use determination means of the security confirmation program by the security confirmation activation means included in the information processing apparatus A method, characterized by having a.

  Further, the invention according to claim 15 is the invention according to claim 14, wherein the connection monitoring step includes the object information subjected to encryption processing and the encryption to be usable as the use control means. Monitoring the connection between the portable storage medium recorded with the security confirmation program that functions as a decryption processing means for performing a decryption process on the target information that has been processed, and the information processing apparatus It is characterized by this.

  According to a sixteenth aspect of the present invention, in the invention according to the fourteenth or fifteenth aspect, the connection monitoring step includes device permission in which a plurality of the encryption target information and the device identification information are associated with each target information. The information and the device permission information are used to cause the information processing device to function as the use determining unit that determines whether the information processing device has a right to use the target information associated with the device identification information. And monitoring the connection of the portable recording medium recorded with the security confirmation program.

  The invention according to claim 17 is included in the security confirmation program recorded in the portable storage medium activated by the security confirmation activation step in the invention according to any one of claims 14 to 16. An information output processing step for performing a process of printing and outputting the target information made available by the use control unit when it is determined by the use determination unit that the right to use the target information is obtained And further comprising.

  According to an eighteenth aspect of the present invention, in the invention according to any one of the fourteenth to seventeenth aspects, the connection monitoring step includes use condition information indicating a condition for using the target information, and the use condition information. Monitoring the connection of the portable recording medium recorded with the security confirmation program that allows the information processing apparatus to function as the use determining means for permitting the use of the target information when the condition indicated by It is characterized by doing.

  The invention according to claim 19 is characterized in that the information processing method according to any one of claims 14 to 18 is executed by a computer.

  The invention according to claim 20 is an information processing system including an information processing apparatus and a portable storage medium connectable to the information processing apparatus, wherein the portable storage medium includes target information used for processing. , Device identification information unique to an information processing device using the target information, and use determination means for determining whether the information processing device has a right to use the target information using the device identification information And when it is determined that the right to use is determined by the use determining unit, the information processing apparatus functions as a use control unit that performs control for enabling the target information, and the information processing apparatus calls the own program. A security confirmation program that is activated only when called from the security confirmation activation means provided for the information processing apparatus, and the information processing apparatus stores the portable recording medium Connection monitoring means for monitoring connection; and security check starting means for starting the use determining means included in the security check program when the connection monitoring means detects the connection of the portable recording medium. It is characterized by that.

  According to the first aspect of the present invention, the information processing apparatus has the right to use the target information stored in the portable storage medium by activating the use determination unit stored in the portable storage medium. If the target information stored in the portable storage medium can be used when it is determined that it has the right, the unauthorized execution of the authentication process is prevented, and the target information There is an effect of improving the safety when using.

  Further, according to the invention according to claim 2, since the decryption process is performed on the target information subjected to the encryption process when the user has the right to use, the unauthorized third party Since this cannot be referred to or used, there is an effect that security is improved.

  According to the invention of claim 3, there is recorded a security confirmation program that functions as a use determination unit that determines whether or not to use the device permission information in which device identification information is associated with each target information. By monitoring the connection of the portable storage medium, it is possible to restrict the use of each piece of target information when it is connected, so that it is possible to prevent unauthorized use of the target information and improve the safety of the target information.

  According to the invention of claim 4, when the portable storage medium is connected, the information processing apparatus determines whether or not the information stored in the portable storage medium can be used using the MAC address. There is an effect of further improving the security against the authentication process.

  Further, according to the invention of claim 5, only when the use is permitted, the information stored in the portable storage medium is printed after being made usable, and the output process is performed. Since the person can easily acquire the target information, there is an effect that convenience is improved.

  According to the sixth aspect of the present invention, the target information stored in the portable storage medium can be used when the conditions indicated by the use condition information provided in the portable storage medium are satisfied. Since the conditions for using can be specifically set, there is an effect of improving the safety of the target information.

  According to the invention of claim 7, when the condition indicated by the use condition information provided in the portable storage medium is not satisfied, the information stored in the portable storage medium is deleted. This has the effect of preventing unauthorized use and improving the safety of the target information.

  Further, according to the invention of claim 8, since the use of the target information is permitted only within the expiration date, the illegal use of the target information is prevented and the safety for the target information is improved.

  Further, according to the invention of claim 9, since the use of the target information is permitted only for a predetermined number of times of use, there is an effect that the illegal use of the target information is prevented and the safety for the target information is improved.

  According to the invention of claim 10, since authentication is performed using the decryption key stored in the portable storage medium, the information processing apparatus accumulates the decryption key or inputs the decryption key from the user. There is no need to accept the service, and the convenience is improved.

  According to the eleventh aspect of the invention, only when connected to an information processing apparatus provided with a security confirmation activation means, the use determination means stored in the portable storage medium is activated, and the security confirmation activation means is activated. Since an authentication process cannot be performed by an information processing apparatus that is not provided, there is an effect of preventing unauthorized execution of the authentication process and improving safety when using the target information.

  According to the twelfth aspect of the present invention, when the connected information processing apparatus has the right to use, the decryption process is performed on the target information subjected to the encryption process. Since no third party can refer to or use the target information, there is an effect that security is improved.

  According to the invention of claim 13, it is possible to restrict use for each piece of target information when connected by determining whether or not to use each piece of target information for the connected information processing apparatus. Thus, it is possible to prevent illegal use of the target information and improve the safety of the target information.

  According to the fourteenth aspect of the present invention, the information processing apparatus has a right to use the target information stored in the portable storage medium by activating the use determination unit stored in the portable storage medium. If the target information stored in the portable storage medium can be used when it is determined that it has the right, the unauthorized processing of the authentication process is prevented. There is an effect of improving safety when using the target information.

  According to the fifteenth aspect of the present invention, since the decryption process is performed on the subject information that has been encrypted when the right to use is obtained, an unauthorized third party can obtain the subject information. Since this cannot be referred to or used, there is an effect that security is improved.

  According to the sixteenth aspect of the present invention, there is recorded a security confirmation program that functions as a use determination unit that determines whether or not to use a device permission information in which device identification information is associated with each target information. By monitoring the connection of the portable storage medium, it is possible to restrict the use of each piece of target information when it is connected, so that it is possible to prevent unauthorized use of the target information and improve the safety of the target information.

  Further, according to the invention of claim 17, only when the use is permitted, the information stored in the portable storage medium is printed after being made usable, and the output process is performed. Since the person can easily acquire the target information, there is an effect that convenience is improved.

  According to the eighteenth aspect of the present invention, the target information stored in the portable storage medium can be used when the conditions indicated by the use condition information provided in the portable storage medium are satisfied. Since the conditions for using can be specifically set, there is an effect of improving the safety of the target information.

  According to the invention of claim 19, the information processing method according to any one of claims 14 to 18 can be realized by using a computer by causing the computer to read and execute the method. The same effects as these information processing methods are achieved.

  According to the twentieth aspect of the present invention, the information processing apparatus has a right to use the target information stored in the portable storage medium by activating the use determination unit stored in the portable storage medium. If the target information stored in the portable storage medium can be used when it is determined that it has the right, the unauthorized processing of the authentication process is prevented. There is an effect of improving safety when using the target information.

  Exemplary embodiments of an information processing apparatus, a computer-readable portable recording medium, an information processing method, an information processing program, and an information processing system according to the present invention will be explained below in detail with reference to the accompanying drawings.

  FIG. 1 is a block diagram showing a functional configuration of a multifunction peripheral 100 according to an embodiment of the present invention. As shown in FIG. 1, a multi-function device 100 includes a monochrome line printer (B & W LP) 101, a color line printer (Color LP) 102, a memory card reader 103, a USB host 104, and a LAN I / F 105 serving as a network interface. And other hardware resources 106 such as a scanner and a facsimile, a software group 110, and a multifunction machine starting unit 140. The software group 110 is configured to include a platform 120 and an application 130.

  The memory card reader 103 controls connection of a memory card M1, which is a kind of portable storage medium. The memory card M1 may be of any type, for example, an SD card. The USB host 104 controls connection of a USB memory M2 which is a kind of portable storage medium. The data held by the memory card M1 or the USB memory M2 will be described later.

  The platform 120 interprets a processing request from the application 130 and generates a hardware resource acquisition request, and a system resource that manages one or more hardware resources and arbitrates the acquisition request from the control service A manager (hereinafter referred to as SRM) 123 and an operating system (hereinafter referred to as OS) 121 are configured.

  The control service includes a system control service (hereinafter referred to as SCS) 122, an engine control service (hereinafter referred to as ECS) 124, a memory control service (hereinafter referred to as MCS) 125, an operation panel control service (hereinafter referred to as OCS) 126, a fax. It is configured to have one or more service modules such as a control service (hereinafter referred to as FCS) 127, a network control service (hereinafter referred to as NCS) 128, and a user information management service (hereinafter referred to as UCS) 129.

  The platform 120 is configured to have an application program interface (hereinafter referred to as API) that can receive a processing request from the application 130 by a predefined function.

  The OS 121 is a general-purpose operating system such as UNIX (registered trademark), and executes the software of the platform 120 and the application 130 in parallel as processes.

  The process of the SRM 123 performs system control and resource management together with the SCS 122. For example, the process of the SRM 123 uses hardware resources of an engine such as a scanner unit and a printer unit, a memory, a hard disk device (HDD) file, and a host I / O (centro interface, network interface, IEEE 1394 interface, RS232C interface, etc.). Arbitration is performed according to the request from the upper layer, and execution control is performed.

  Specifically, the SRM 123 determines whether the requested hardware resource is available (whether it is not used by another request), and if it is available, the requested hardware resource can be used. Tell the upper layer to the effect. Further, the SRM 123 performs use scheduling of hardware resources in response to a request from an upper layer, and directly executes requested contents such as paper conveyance and image forming operation, memory allocation, file generation, etc. by a printer engine, for example.

  The process of the SCS 122 performs application management, operation unit control, system screen display, LED display, resource management, interrupt application control, and the like. Note that specific processing performed by the SCS 122 in the present embodiment will be described later.

  The process of the ECS 124 includes a monochrome line printer (B & W LP) 101, a color line printer (Color LP) 102, a memory card reader 103, a USB host 104, a LAN I / F 105, other hardware resources 106 such as a scanner and a facsimile. Control the engine.

  The MCS 125 process acquires and releases an image memory, uses a hard disk device (HDD), compresses and decompresses image data, and the like. The process of the OCS 126 controls an operation panel serving as information transmission means between the operator and the main body control.

  The process of FCS127 includes facsimile transmission / reception using PSTN or ISDN network from each application layer of system controller, registration / quotation of various facsimile data managed by BKM (backup SRAM), facsimile reading, facsimile reception printing, and fusion transmission / reception. Provide an application to do.

  The NCS 128 process is a process for providing a service that can be used in common to applications that require network I / O. Data received from the network side according to each protocol is distributed to each application, and data from the application Mediation when sending to the network side.

  The UCS 129 process manages user information, determines a storage device that stores user information in response to a request, acquires user information from the determined storage device, and supplies the user information to each application.

  The application 130 is a printer application 111 (including an image print processing section shown below) that is a printer application having a page description language (PDL), PCL, and Postscript (PS), and a copy application. A copy application 112; a fax application 113 that is a facsimile application; a scanner application 114 that is a scanner application; a net file application 115 that is a network file application; and a process inspection application 116 that is a process inspection application. is doing. In addition, an image print processing unit and a medium control unit (not shown), which will be described later, are included as applications.

  Each process of the application 130 and each process of the control service realize user services related to image forming processing such as copying, printers, scanners, and facsimiles while performing inter-process communication by calling functions, sending return values thereof, and sending and receiving messages. is doing.

  As described above, the MFP 100 according to the first embodiment includes a plurality of applications 130 and a plurality of control services, all of which operate as processes. In each of these processes, one or more threads are generated and parallel execution is performed in units of threads. The control service provides a common service to the application 130. For this reason, a large number of these processes perform a parallel operation and a parallel operation of threads to perform inter-process communication with each other. User services related to image forming processing such as copying, printers, scanners, and facsimiles are provided.

  The multifunction device activation unit 140 is executed first when the multifunction device 100 is powered on, and activates the application 130 and the platform 120. For example, the multifunction device activation unit 140 reads control programs and application programs from the HDD 103, transfers the read programs to a memory area secured on the SRAM or SDRAM, and activates them.

  FIG. 2 is a block diagram illustrating a software configuration of the multifunction peripheral 100 and the portable storage medium 250 according to the first embodiment.

  The portable storage medium 250 includes a storage unit 251. The storage unit 251 stores security confirmation software 252, security information 253, and encrypted data 254. Note that the portable storage medium 250 is the memory card M1 or the USB memory M2 shown in FIG.

  The data 254 that has been subjected to the encryption process is assumed to be image data or document data that has been subjected to the encryption process by the security confirmation software 252 described later. Also, the data 254 that has been subjected to encryption processing is subjected to encryption processing for each image data or document data. The plurality of data is stored in the storage unit 251.

  The security information 253 includes setting information used by the security confirmation software 252. Specifically, the security information 253 is used when determining whether or not the security confirmation software 252 can be used in the multifunction device 100 when the portable storage medium 250 is connected to the multifunction device 100.

  FIG. 3 is an explanatory diagram showing the concept of the security information 253 stored in the portable storage medium 250. As shown in the figure, the security information 253 includes decryption key information, a network setting check flag, an allowable network address, a MAC address check flag, an allowable MAC address list, an expiration date check flag, an expiration date, Use count check flag, remaining use count, password check flag, password content, user name check, user name, error detection deletion flag, device specific authentication information flag, and device specific authentication information. Is included. The authentication procedure using these will be described later.

  The security information 253 is stored in the storage unit 251 in a format that cannot be referred to by the user. This prevents the decryption key or password from being stolen. Therefore, it is possible to prevent an action such as decryption of the encrypted data 254 by a third party without authority to use. The format that the user cannot refer to may be any format, regardless of a known format. For example, it is possible to divide data or perform encryption processing.

  The allowed MAC address list stored in the security information 253 stores the MAC addresses of one or a plurality of electronic devices that permit the use of the encrypted data 254. The allowed MAC address list according to the present embodiment also stores the type of data 254 that is permitted to be used for each electronic device and the setting of the permitted usage mode.

  FIG. 4 is an explanatory diagram showing the types and usage modes of usable files set for each MAC address in the allowed MAC address list. As shown in this figure, for example, the MAC address '00: 00: 74: 00: 00: 01 'is allowed to be read and written for extensions' jpg', 'pdf', 'doc' and deleted Is prohibited.

  In addition, the setting of restrictions when permitting use is not limited for each file type or usage pattern, and can be set under any condition, for example, whether or not each file can be used. good.

  Returning to FIG. 2, the security confirmation software 252 includes a use determination unit 255, a decryption processing unit 256, an encryption processing unit 257, and a security information update unit 258, and data stored in the portable storage medium 250. Process to use.

  The security confirmation software 252 can be activated not by an executable file but by being called from the security confirmation activation unit 212 of the multifunction peripheral 100 described later. That is, the security confirmation software 252 alone cannot be activated. As a result, the security confirmation software 252 cannot be executed even if the portable storage medium 250 is connected to an electronic device that is not permitted to be connected. That is, analysis of the security confirmation software 252 by an unauthorized third party can be suppressed.

  By the way, in a general electronic device, OS etc. differ for every kind of electronic device. For this reason, a general executable file depends on the electronic device and cannot be activated on all electronic devices regardless of the model.

  On the other hand, in this embodiment, the security confirmation software 252 is called from the security confirmation activation unit 212. Further, the security confirmation software 252 holds a plurality of binary data for each type of electronic device. As a result, the security confirmation software 252 is automatically activated regardless of the model of the electronic device. The plurality of binary data are, for example, a program for a multifunction machine and a program for a PC. Details will be described later.

  Then, the user installs a program corresponding to the medium control unit 201 only for an electronic device that is permitted to use the data 254 stored in the portable storage medium 250. As a result, the security confirmation software 252 stored in the portable storage medium 250 can be activated only for the electronic device in which the program is installed. In addition, a program corresponding to the medium control unit 201 is prepared for each type of electronic device that uses data stored in the portable storage medium 250. As a result, the data stored in the portable storage medium 250 can be used after the processing described later, regardless of the type of electronic device.

  The use determination unit 255 determines whether the connected multifunction peripheral 100 can use the data 254 that has been subjected to the encryption process. The detailed processing procedure will be described later.

  When the use determining unit 255 determines that the MFP 100 can use the decryption processing unit 256, the decryption processing unit 256 decrypts the data 254 that has been subjected to the encryption processing stored in the portable storage medium 250. Apply. In other words, the decryption processing unit 256 performs control to make the data 254 subjected to the encryption processing usable. It is assumed that the decryption key information used for the decryption process is stored in the security information 253.

  Also, any method may be used as the decryption process and the encryption process, but DES (Data Encryption Standard) is used in the present embodiment.

  The encryption processing unit 257 performs encryption processing when storing data in the portable storage medium 250 and stores the data as the data 254 subjected to encryption processing.

  The security information update unit 258 updates the security information 253 stored in the portable storage medium 250 according to the situation when connected to the multifunction peripheral 100. For example, if the use count flag is set to be used in the security information 253, the security information update unit 258 is stored in the security information 253 when the use determination unit 255 determines that the MFP 100 can be used. A process of subtracting 1 from the remaining number of uses is performed.

  In addition, when performing the update process, the security information update unit 258, when the parameter included in the security information 253 satisfies a predetermined condition, the predetermined information included in the data 254 subjected to the encryption process. delete. Details of the processing procedure until deletion will be described later.

  Next, the multifunction peripheral 100 will be described. The MFP 100 includes a medium control unit 201, an image conversion processing unit 202, and an image print processing unit 203. The image data included in the data 254 that has been subjected to the encryption processing of the portable storage medium 250 or Processing for printing document data is performed.

  The medium control unit 201 includes a connection monitoring unit 211, a security confirmation starting unit 212, and a data input / output control unit 213. The medium control unit 201 monitors the connection of the portable storage medium 250 and detects the connection. When the security confirmation software 252 is called and it is determined by the security confirmation software 252 that the multifunction peripheral 100 has the authority to use the data 254, the decrypted data is converted into an image conversion processing unit. Output processing to 202. Further, the medium control unit 201 is a program that stays resident while the MFP 100 is activated.

  In addition, the medium control unit 201 accepts registration of a processing unit (such as an application) that uses data stored in the portable storage medium 250 first. Then, when it is determined by the security confirmation software 252 that the data stored in the portable storage medium 250 can be used, the medium control unit 201 performs a decryption process on the processing unit that has accepted the registration. Send data. In the present embodiment, the processing unit that has received registration is referred to as an image conversion processing unit 202.

  The connection monitoring unit 211 constantly monitors the connection of the portable storage medium 250 to the multifunction peripheral 100 while the medium control unit 201 is resident.

  When the connection monitoring unit 211 detects the connection of the portable storage medium 250, the security confirmation activation unit 212 performs a process of calling the security confirmation software 252 stored in the portable storage medium 250. The security confirmation activation unit 212 invokes the security confirmation software 252 to activate the security confirmation software 252. In other words, the security confirmation software 252 stored in the portable storage medium 250 is activated with the portable storage medium 250 connected to the multifunction peripheral 100 as a trigger, and is encrypted by the multifunction peripheral 100. It can be determined whether the data 254 can be used.

  The data input / output control unit 213 is included in the data 254 that has been subjected to the encryption processing stored in the portable storage medium 250 when use is permitted by the security confirmation software 252 stored in the portable storage medium 250. Control the input and output of data. For example, when data subjected to decryption processing is input from the portable storage medium 250, the data input / output control unit 213 performs processing to output the data to the associated processing unit. As a result, the processing unit can use the data stored in the portable storage medium 250 without being aware that the encryption processing is performed.

  FIG. 5 is an explanatory diagram showing a flow of processing performed between the multifunction peripheral 100 and the portable storage medium 250. As shown in the figure, the medium control unit 201 is resident in the multifunction peripheral 100, and the connection monitoring unit 211 included in the medium control unit 201 connects the portable storage medium 250 in which the security confirmation software 252 is stored. Monitoring. When the portable storage medium 250 is detected, the fact is output to the security confirmation activation unit 212.

  Then, the security confirmation activation unit 212 performs a process of activating the multifunction machine security confirmation software 252a when the connection confirmation is input. That is, in this case, the security confirmation activation unit 212 activates the multifunction device security confirmation software 252a corresponding to the multifunction device 100 among a plurality of binary data different for each model included in the security confirmation software 252.

  Then, the security confirmation starting unit 212 ensures communication between the medium control unit 201 and the multifunction device security confirmation software 252a. Thereafter, the use determination unit 255a collects the security information 253, and determines whether or not the multifunction device 100 has the authority to use the data 254 that has been encrypted. When the use determination unit 255a determines that the use is possible, the use determination unit 255a outputs a message to that effect to the medium control unit 201 (not shown). As a result, the data input / output control unit 213 can output a request for collecting the file list to the decryption processing unit 256a. Then, the decryption processing unit 256a performs decryption processing on the data 254 that has been subjected to encryption processing, and acquires information on the file list.

  Next, the decryption processing unit 256a transmits the acquired file list information to the data input / output control unit 213. Then, the data input / output control unit 213 outputs the received file list information to the processing unit that uses the data stored in the portable storage medium 250. Thereby, the data stored in the portable storage medium 250 can be used in the processing unit.

  Returning to FIG. 2, the image conversion processing unit 202 performs a process of converting the image data or document data into a format suitable for printing. Further, when it is determined by the security confirmation software 252 that the data stored in the portable storage medium 250 can be used, the image conversion processing unit 202 uses the data 254 that has been subjected to the encryption process of the portable storage medium 250. it can.

  That is, the image conversion processing unit 202 receives information such as a list of files that can be used from the decoding processing unit 256a, and transmits a request for acquiring a file to be used to the medium control unit 201. As a result, the image conversion processing unit 202 acquires the file subjected to the decoding process from the data input / output control unit 213 of the medium control unit 201.

  The image print processing unit 203 performs print processing of the image data converted into a format suitable for printing by the image conversion processing unit 202.

  Further, the portable storage medium 250 does not permit connection only to the multifunction peripheral 100, and may be connected to another electronic device. Therefore, the case where the portable storage medium 250 is connected to a PC will be described next.

  FIG. 6 is a block diagram illustrating the configuration of the PC 600 and the portable storage medium 250 according to the first embodiment. The portable storage medium 250 has the same configuration as that described with reference to FIG.

  The PC 600 includes a storage medium connection monitoring unit 601, a dedicated application 602, and an image display processing unit 603.

  The storage medium connection monitoring unit 601 is a dedicated driver for performing transmission / reception with the portable storage medium 250 installed in the PC 600. The storage medium connection monitoring unit 601 is resident while the PC 600 is activated, and detects the connection of the portable storage medium 250. When the storage medium connection monitoring unit 601 detects the connection of the portable storage medium 250, it outputs a message to that effect to the dedicated application 602.

  The dedicated application 602 includes a security confirmation activation unit 611 and a data input / output control unit 612, and performs processing to output data stored in the portable storage medium 250 to a processing unit such as the image display processing unit 603. The dedicated application 602 is executed via the storage medium connection monitoring unit 601 when performing transmission / reception with the portable storage medium 250.

  The security confirmation activation unit 611 and the data input / output control unit 612 are a portable storage medium via the security confirmation activation unit 212 and the data input / output control unit 213 of the multifunction peripheral 100 described with reference to FIG. Since the same processing is performed except that transmission / reception with 250 is performed, description thereof will be omitted.

  That is, the security confirmation activation unit 611 activates the security confirmation software 252 of the portable storage medium 250 and determines whether or not the PC 600 has authority to use in the use determination unit 255 of the security confirmation software 252. Then, when it is determined that the data is authorized, the data input / output control unit 612 controls the encrypted data 254 stored in the portable storage medium 250 after the decryption process is performed. it can.

  The image display processing unit 603 displays the decrypted data input from the dedicated application 602 on a monitor (not shown).

  FIG. 7 is an explanatory diagram showing the flow of processing between the PC 600 and the portable storage medium 250. As shown in the figure, the storage medium connection monitoring unit 601 of the PC 600 is resident in the PC 600 and monitors the connection of the portable storage medium 250 in which the security confirmation software 252 is stored. When the portable storage medium 250 is detected, a message to that effect is output to the dedicated application 602. The security confirmation activation unit 611 activates the security confirmation software 252 of the portable storage medium 250 via the storage medium connection monitoring unit 601, and the program activated at this time is the PC security confirmation software. 252b. The subsequent processing is the same as in FIG. 5 except that the dedicated application 602 performs transmission / reception with the PC security confirmation software 252b via the storage medium connection monitoring unit 601, and thus the description thereof is omitted.

  Next, after detecting the connection of the portable storage medium 250 in the MFP 100 and the portable storage medium 250 according to the present embodiment configured as described above, the data stored in the portable storage medium 250 is recorded. A process from when the decoding process is performed until it is used will be described. FIG. 8 is a flowchart illustrating the above-described processing procedure in the multifunction peripheral 100 and the portable storage medium 250 according to the present embodiment.

  First, the connection monitoring unit 211 of the medium control unit 201 provided in the multifunction peripheral 100 continues to monitor whether or not the portable storage medium 250 provided with the security confirmation software 252 is connected while resident. (Step S701). Then, after detecting the connection of the portable storage medium 250, the connection monitoring unit 211 checks whether or not the portable storage medium 250 is provided with the security confirmation software 252. The fact is output to the confirmation activation unit 212.

  Then, the security confirmation activation unit 212 calls the security confirmation software 252 stored in the portable storage medium 250 and activates the security confirmation software 252 (step S702).

  As a result, the security confirmation software 252 stored in the portable storage medium 250 is activated (step S711). Although not shown in the figure, the security confirmation software 252 outputs that the medium control unit 201 has been properly activated. At this time, a communication path is secured by generating a socket in the medium control unit 201.

  After that, the security confirmation activation unit 212 transmits a determination request as to whether or not the data 254 encrypted by the multifunction device 100 is usable to the security confirmation software 252 (step S703).

  As a result, the use determination unit 255 of the security confirmation software 252 receives a determination request as to whether or not the MFP 100 can be used (step S712).

  Then, the use determination unit 255 reads the security information 253 stored in the portable storage medium 250 and performs a process of determining whether or not there is an authority to use in the connected multifunction peripheral 100 (step S713). A detailed determination processing procedure will be described later.

  Then, the use determination unit 255 performs a process of transmitting the determination result to the multi-function device 100 (step S714). In the following processing procedure, a case where use is permitted will be described. If the use is not permitted, the fact is transmitted to the multi-function device 100 and the processing of the security confirmation software 252 is terminated. As a result, the multifunction peripheral 100 cannot use the data 254 that has been subjected to the encryption process, and therefore cannot use the data.

  Thereby, the security confirmation activation unit 212 receives the determination result from the portable storage medium 250 (step S704). If the security confirmation activation unit 212 receives that the determination result permits use, the security confirmation activation unit 212 notifies the registered processing unit that the portable storage medium 250 is connected (step S705). .

  Next, the image conversion processing unit 202 receives from the medium control unit 201 that the portable storage medium 250 is connected (step S721).

  Then, the image conversion processing unit 202 makes a request for reading the file stored in the portable storage medium 250 to the medium control unit 201 (step S722).

  Next, the data input / output control unit 213 of the medium control unit 201 receives an event for requesting reading from the image conversion processing unit 202 (step S706). The data input / output control unit 213 transmits a file reading request to the security confirmation software 252 (step S707).

  Then, the security confirmation software 252 receives an event for reading a file (step S715). Next, the security information update unit 258 of the security confirmation software 252 performs a process of updating the security information 253 corresponding to the file for which the read request has been made (step S716). Details of the update process will be described later.

  Then, the decryption processing unit 256 uses the decryption key information stored in the security information 253 to decrypt the file for which the read request is included, which is included in the encrypted data 254. Is performed (step S717).

  Next, the security confirmation software 252 performs a process of transmitting the decrypted file to the multi-function device 100 (step S718).

  As a result, the data input / output control unit 213 of the MFP 100 receives the file that has been decrypted (step S708). Next, the data input / output control unit 213 transmits the received file to the image conversion processing unit 202 (step S709).

  Then, the image conversion processing unit 202 receives the file requested to be read (step S723). Then, the image conversion processing unit 202 performs image conversion processing on the received file (step S724).

  The data 254 that has been encrypted in the portable storage medium 250 can be used by the above-described processing procedure. Note that the processing procedure described above is transmitted to the multi-function peripheral 100 after decrypting the data stored in the portable storage medium 250 after detecting the connection of the portable storage medium 250 according to the present embodiment. The example of the processing procedure up to this is shown, and the present invention is not limited to this processing procedure.

  Next, a process until the use determination unit 255 shown in step S713 of FIG. 8 according to the present embodiment configured as described above reads the security information 253 and determines whether or not to permit the use will be described. . FIG. 9 is a flowchart showing a procedure of the above-described processing in the use determining unit 255 of the portable storage medium 250 according to the present embodiment. In this case, the use determination unit 255 performs processing for reading the security information 253 in advance.

  Then, the usage determining unit 255 determines whether or not the MAC address check flag of the security information 253 is valid (S801). If it is determined that the MAC address is valid, the use determining unit 255 determines whether or not the MAC address of the MFP 100 matches the MAC address included in the allowed MAC address list (step S802). If they do not match (step S802: No), it is determined that the MFP 100 cannot use the data stored in the portable storage medium 250 (step S813). Details of processing performed when it is determined that it cannot be determined will be described later.

  Next, when the MAC address check flag is invalid (step S801: No) and when the MAC addresses match (step S802: Yes), the usage determining unit 255 determines whether the network check flag of the security information 253 is valid. It is judged (S803). If it is determined that it is valid (step S803: Yes), the usage determining unit 255 determines whether the IP address of the multifunction device 100 matches the IP address included in the allowable network address (step S804). If they do not match (step S804: No), it is determined that the multifunction device 100 cannot use the data stored in the portable storage medium 250 (step S813).

  When the network check flag is invalid (step S803: No) and when the IP addresses match (step S804: Yes), the use determination unit 255 determines whether the expiration date check flag is valid (S805). ). If it is determined that it is valid (step S805: Yes), the usage determining unit 255 determines whether the current time of the multifunction peripheral 100 has an expiration date (step S806). If it is determined that it is not within the expiration date (step S806: No), it is determined that the data stored in the portable storage medium 250 cannot be used by the multifunction peripheral 100 (step S813).

  Next, when the expiration date check flag is invalid (step S805: No) and when the current time is within the expiration date (step S806: Yes), the use determination unit 255 determines whether the device specific authentication information flag is valid. It is judged (S807). When it is determined that it is valid (step S807: Yes), the use determination unit 255 determines whether the specific information held in the multifunction peripheral 100 matches the device specific authentication information stored in the security information 253 ( Step S808). If it is determined that they do not match (step S808: No), it is determined that the data stored in the portable storage medium 250 cannot be used by the multifunction device 100 (step S813).

  If the device identification authentication information flag is invalid (step S807: No) and the device identification authentication information matches (step S808: Yes), the usage determination unit 255 determines whether the password check flag is valid. (S809). If it is determined that the user ID is valid (step S809: Yes), the input of the user ID and password is accepted from the operation panel of the multifunction peripheral 100 (step S810).

  FIG. 10 is a diagram illustrating an example of an authentication screen displayed on the operation panel of the multi-function device 100 when using data in the portable storage medium 250. When the screen shown in this figure is displayed, the user inputs a user ID and a password. As a result, authentication processing can be performed in the multifunction peripheral 100.

  Returning to FIG. 9, the use determination unit 255 determines whether the user ID and password input by the user match the user ID and password stored in the security information 253 (step S811). If it is determined that they do not match (step S811: No), a message indicating that the authentication has failed is displayed on the liquid crystal panel of the multifunction peripheral 100 (step S812).

  FIG. 11 is a diagram illustrating an example of a screen displayed on the operation panel of the multifunction peripheral 100 when the authentication process using the user ID and password received from the user fails. By displaying the screen shown in this figure, the user can recognize that the authentication has failed.

  Returning to FIG. 9, thereafter, the use determination unit 255 determines that the data stored in the portable storage medium 250 cannot be used in the multifunction peripheral 100 (step S813).

  Next, when the password check flag is invalid (step S809: No) and when the user ID and the password match (step S811: Yes), the use determination unit 255 performs the encryption process in the multi-function device 100. It is determined that there is an authority to use the data 254 (step S814).

  According to the processing procedure described above, it is possible to determine whether or not the data 254 that has been encrypted by the multi-function device 100 can be used. As described above, whether or not to authenticate each flag can be changed, so that the security level of the data stored in the portable storage medium 250 can be changed to an appropriate level.

  As shown in the processing procedure described above, the use determining unit 255 can perform various authentication processes using the security information 253 stored in the portable storage medium 250. Thus, security is improved by performing device authentication with as much information as possible. In addition to the user ID and password, manual input by the user is prevented. Thereby, the user burden in the authentication process is reduced.

  Next, processing when the use determining unit 255 shown in step S813 of FIG. 9 according to the present embodiment configured as described above determines that use is not permitted will be described. FIG. 12 is a flowchart showing a procedure of the above-described processing in the use determining unit 255 of the portable storage medium 250 according to the present embodiment. In this flowchart, it is assumed that the portable storage medium 250 is the USB memory M2.

  First, the usage determining unit 255 determines whether or not the error detection deletion flag of the security information 253 is valid (step S1101).

  Then, when the error detection deletion flag is valid (step S1101: Yes), the use determination unit 255 performs a process of deleting the data 254 that has been subjected to the encryption process (step S1102). Thereafter, the use determination unit 255 performs an error screen display process including deletion on the operation panel of the multifunction peripheral 100 (step S1103).

  FIG. 13 is a diagram illustrating an example of an error screen including that the file displayed on the operation panel of the multifunction peripheral 100 has been deleted in step S1103. This screen example is the screen displayed in step S1103. Then, by displaying the screen shown in the figure, the user can recognize that the data has been deleted.

  Returning to FIG. 12, when the error detection deletion flag is not valid (step S1101: No), the use determination unit 255 performs an error screen display process on the operation panel of the multifunction peripheral 100 (step S1104).

  FIG. 14 is a diagram illustrating an example of an error screen when the file displayed on the operation panel of the multifunction peripheral 100 is not deleted in step S1104. This screen example is the screen displayed in step S1104. By displaying the screen shown in this figure, the user can recognize that the data 254 subjected to the encryption processing of the portable storage medium 250 cannot be used.

  An error screen can be displayed to the user by the processing procedure described above. In addition, since data is deleted when an error is detected, security is improved by preventing data leakage.

  Next, processing when the security information updating unit 258 shown in step S716 of FIG. 8 according to the present embodiment configured as described above updates information included in the security information 253 will be described. FIG. 15 is a flowchart showing the above-described processing procedure in the security information updating unit 258 of the portable storage medium 250 according to the present embodiment. As will be described later, it is assumed that the number of uses included in the security information 253 is set for each data included in the data 254 subjected to the encryption process.

  First, the security information update unit 258 confirms the usage count check flag included in the security information 253. If the use count check flag is valid, a process for subtracting the use count is performed (step S1401).

  Thereafter, the security information update unit 258 determines whether or not the remaining number of use is “1” or more (step S1402). When the remaining number of uses is smaller than “1” (step S1402: No), the data requested to be read is deleted from the encrypted data 254 (step S1403).

  Next, when the remaining number of use is “1” or more (step S1402: Yes), the security information update unit 258 checks the expiration date check flag. If the expiration date check flag is valid, the security information update unit 258 determines whether or not the current time is included in the expiration date (step S1404). If the current time is not included in the expiration date (step S1404: No), the requested data is deleted from the encrypted data 254 (step S1403).

  When the current time is included in the expiration date (step S1404: Yes), the security information update unit 258 ends without performing any particular processing.

  As a result, data is deleted when used outside the range set in the security information 253. This prevents data leakage and improves security.

  In the present embodiment, the MFP 100 prints data stored in the portable storage medium 150 when authentication is appropriately performed. However, the present invention is not limited to such processing. For example, the multi-function device 100 may perform FAX processing on data that has been decrypted, or may perform e-mail transmission or the like. With these processes, secure printing, secure FAX operation, and secure mail transmission are possible.

  In MFP 100 according to the present embodiment, security information 253 stored in portable storage medium 250, encrypted data 254, and these are used to determine whether the security condition is satisfied. By storing the security confirmation software 252, it is possible to perform a detailed security check on the data stored in the portable storage medium 250.

  Further, in the MFP 100 according to the present embodiment, it is possible to delete the data stored in the portable storage medium 250 when the authentication is not properly performed in the security check. This makes it difficult for a third party to decipher the data stored in the portable storage medium 250 and improves security.

  Further, in the MFP 100 according to the present embodiment, the number of times of use in the portable storage medium 250 is managed, and data can be automatically deleted when the number of times of use exceeds a predetermined number. . Thereby, the security for the data stored in the portable storage medium 250 is improved.

  Further, in the MFP 100 and the portable storage medium 250 according to the present embodiment, it is determined whether or not to execute the security check based on the data stored in the security information 253. That is, the user can change the security level by changing the security information 253.

  In the present embodiment, the security information 253 holds the setting in association with each data. As a result, the administrator having the authority to change the error detection deletion flag stored in the security information 253 for each data can change the security level for each file used. As a result, the security level can be changed according to the importance of the data, so the safety is improved.

  Further, the data stored in the portable storage medium 250 has been subjected to encryption processing. As a result, even if the user loses the portable storage medium 250 or the portable storage medium 250 is stolen, data leakage is prevented.

  In the present embodiment, since the decryption key information is stored in the portable storage medium 250, the user can enter the decryption key or the like on the operation panel of the multifunction device 100 without requiring the decryption key. Data stored in the portable storage medium 250 can be encrypted.

  Further, in the multi-function device 100, it is possible to reject use beyond the number of uses by performing a check regarding the number of uses. In addition, by checking the expiration date, it is possible to refuse use after the permitted period. Thereby, security can be improved.

  Further, in the multi-function device 100, it is possible to refuse use outside the permitted network environment by performing a check on the network address. In addition, by checking the MAC address, it is possible to refuse use other than the specific device. Thereby, security can be improved.

  Furthermore, in the multi-function device 100, authentication processing can be performed in combination with authentication of a password or the like by user input. Further, authentication processing can be performed in combination with a user authentication function provided as a function of the device. Thereby, further security improvement can be performed.

(Modification)
Moreover, it is not limited to each embodiment mentioned above, The various deformation | transformation which is illustrated below is possible.

  For example, in the above-described embodiment, a case has been described in which the security confirmation software 252 reads different binary data depending on the type of the electronic device. However, it is not limited to holding such a plurality of binary data. Therefore, in this modification, a single binary that does not depend on the type of electronic device is used. That is, the security confirmation activation unit 212 is configured to absorb the difference between the electronic device and the OS. As a configuration for absorbing the difference between the electronic device and the OS, for example, any configuration such as holding a virtual machine may be used.

  This eliminates the need for the security confirmation software 252 to store different binaries for each type of electronic device. Thereby, for example, it is possible to easily add the type of electronic device that can use the data 254 that has been subjected to the encryption processing of the portable storage medium.

  FIG. 16 is a block diagram illustrating a hardware configuration of the multi-function device 100. As shown in the figure, the multifunction peripheral 100 has a configuration in which a controller 1510, a plotter 1540, a scanner 1550, and other hardware resources 1560 are connected by a PCI (Peripheral Component Interconnect) bus. A controller 1510 is a controller that controls the entire MFP 100 and controls drawing, communication, and input from the operation unit 1520. The plotter 1540 is a printer engine or the like that can be connected to the PCI bus, and is, for example, a monochrome plotter, a 1-drum color plotter, or a 4-drum color plotter. The scanner 1550 is assumed to be a scanner conventionally used in a multi-function peripheral. The other hardware resources 1560 are various electronic devices provided in the multifunction peripheral 100. The other hardware resources 1560 include image processing parts such as error diffusion and gamma conversion.

  The controller 1510 includes a CPU 1511, a North Bridge (NB) 1513, a system memory (MEM-P) 1512, a local memory (MEM-C) 1517, an ASIC (Application Specific Integrated Circuit) 1516, and a hard disk drive (HDD). 1514, and the North Bridge (NB) 1513 and the ASIC 1516 are connected by an AGP (Accelerated Graphics Port) bus 1515.

  The CPU 1511 performs overall control of the multifunction peripheral 100, has a chip set including the NB 1513 and the MEM-P 1512, and is connected to other devices via the chip set.

  The NB 1513 is a bridge for connecting the CPU 1511 to the MEM-P 1512 and the AGP 1515, and includes a memory controller that controls reading and writing to the MEM-P 1512, a PCI master, and an AGP target.

  The NB 1513 can also be connected to a peripheral device via a PCI bus. For example, the NB 1513 includes a serial bus 1571, a NIC (Network Interface Card) 1572, an IEEE 802.11b interface 1573, an IEEE 1394 (the Institute of Electrical and Electronics Engineers 1394) interface 1574, a USB host 1575, a memory via a PCI bus. A card I / F 1576 is connected. In addition, the USB host 1575 detects the connection with the USB device, and particularly in the above-described embodiment, the case where data is transmitted to and received from the USB memory M2 has been described. The memory card I / F 1576 detects the connection with the memory card M1, and transmits / receives data to / from the memory card M1.

  The MEM-P 1512 is a system memory used as a memory for storing programs and data, a memory for developing programs and data, a drawing memory for printers, and the like. A ROM (Read Only Memory) and a RAM (Random Access Memory) not shown Consists of. The ROM is a read-only memory used as a program and data storage memory, and the RAM is a writable and readable memory used as a program and data development memory, a printer drawing memory, and the like.

  The ASIC 1516 is an IC (Integrated Circuit) for image processing having hardware elements for image processing, and has a role of a bridge for connecting the AGP 1515, the PCI bus, the HDD 1518, and the MEM-C 1517. The ASIC 1516 includes a PCI target and an AGP master, an arbiter (ARB) that forms the core of the ASIC 1516, a memory controller that controls the MEM-C 1517, and a plurality of DMACs (Direct Memory) that rotate image data using hardware logic or the like. Access Controller) and a PCI unit that performs data transfer via the PCI bus between the plotter 1540 and the electronic device such as the scanner 1550. An FCU (Fax Control Unit) 1530 is connected to the ASIC 1516 via a PCI bus.

  A MEM-C 1517 is a local memory used as a copy image buffer and a code buffer. An HDD (Hard Disk Drive) 1518 is a storage for storing image data, programs, font data, and forms. It is.

  The AGP 1515 is a bus interface for a graphics accelerator card proposed for speeding up graphics processing. The AGP 1515 speeds up the graphics accelerator card by directly accessing the MEM-P 1512 with high throughput. .

  Note that the information processing program executed by the multifunction peripheral 100 of the present embodiment is provided by being incorporated in advance in a ROM or the like.

  The information processing program executed by the MFP 100 according to the present embodiment is a file in an installable or executable format, such as a CD-ROM, a flexible disk (FD), a CD-R, a DVD (Digital Versatile Disk), or the like. You may comprise so that it may record and provide on a computer-readable recording medium.

  Further, the information processing program executed by the multifunction peripheral 100 of the present embodiment may be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. In addition, the information processing program executed by the MFP 100 according to the present embodiment may be provided or distributed via a network such as the Internet.

  The information processing program executed by the multifunction peripheral 100 according to the present embodiment has a module configuration including the above-described units (connection monitoring unit, security confirmation activation unit, data input / output control unit), and as actual hardware The CPU (processor) reads the information processing program from the ROM and executes it, so that the above-described units are loaded onto the main storage device, and the connection monitoring unit, the security confirmation starting unit, and the data input / output control unit) are installed on the main storage device. To be generated. Further, like the information program executed in the above-described embodiment, a module configuration including a storage medium connection monitoring unit, a dedicated application including a security confirmation starting unit and a data input / output control unit may be used.

  As described above, the information processing apparatus, the computer-readable portable recording medium, the information processing method, the information processing program, and the information processing system according to the present invention are useful for the technology that uses the data stored in the portable storage medium. In particular, it is suitable for a technique for improving security by restricting the use of data stored in a portable storage medium.

FIG. 2 is a block diagram illustrating a functional configuration of the multifunction peripheral according to the embodiment. FIG. 2 is a block diagram illustrating a software configuration of a multifunction machine and a portable storage medium. It is explanatory drawing which showed the concept of the security information accumulate | stored in the portable storage medium. It is explanatory drawing which showed the classification | category of the file which can be used and the usage condition set for every MAC address in the permissible MAC address list stored in the security information of a portable recording medium. It is explanatory drawing which showed the flow of the process performed between a multifunctional device and a portable storage medium. It is a block diagram which shows the structure of PC and a portable storage medium. It is explanatory drawing which showed the flow of a process with PC and a portable storage medium. A procedure of processing from when the connection of the portable storage medium in the multifunction peripheral and the portable storage medium is detected until the data stored in the portable storage medium is decrypted and then transmitted to the multifunction peripheral It is a flowchart to show. It is a flowchart which shows the procedure of a process until it judges whether the security information is read in the use judgment part of a portable storage medium, and use is permitted. FIG. 6 is a diagram illustrating an example of an authentication screen displayed on an operation panel of a multifunction machine when using data in a portable storage medium. FIG. 10 is a diagram illustrating an example of a screen displayed on the operation panel of the multifunction peripheral when authentication processing using a user ID and password received from a user fails. It is a flowchart which shows the procedure of a process when the use judgment part of a portable storage medium judges that use is not permitted. 6 is a diagram illustrating an example of an error screen including a message indicating that a file displayed on the operation panel of the multifunction peripheral has been deleted. FIG. 6 is a diagram illustrating an example of an error screen when a file displayed on the operation panel of the multifunction peripheral is not deleted. FIG. It is a flowchart which shows the procedure of a process in case the security information update part of a portable storage medium updates the information contained in security information corresponding to the data in which the read request was performed. FIG. 2 is a block diagram illustrating a hardware configuration of a multifunction machine.

Explanation of symbols

100 MFP 101 Monochrome line printer (B & W LP)
102 Color line printer (Color LP)
103 memory card reader 103
104 USB host 105 LAN I / F
106 Other hardware resources 110 Software group 111 Printer application 112 Copy application 113 Fax application 114 Scanner application 115 Net file application 116 Process inspection application 120 Platform 121 OS
122 SCS
123 SRM
124 ESC
125 MCS
126 OSC
127 FCS
128 NCS
129 UCS
DESCRIPTION OF SYMBOLS 130 Application 140 MFP start part 201 Medium control part 202 Image conversion process part 203 Image printing process part 211 Connection monitoring part 212 Security confirmation start part 213 Data input / output control part 250 Portable storage medium 251 Storage part 252 Security confirmation software 252a Composite Security confirmation software for machine 252b Security confirmation software for PC 253 Security information 254 Data subjected to encryption processing 255 Usage determination unit 255a Usage determination unit for wind machine 256 Decryption processing unit 256a Decryption processing unit for multifunction device 257 Encryption Processing unit 258 Security information update unit 601 Storage medium connection monitoring unit 602 Dedicated application 603 Image display processing unit 611 Security confirmation activation unit 612 Data input / output control unit 151 0 controller 1511 CPU
1512 MEM-P
1513 NB
1514 HDD
1515 Bus 1516 ASIC
1517 MEM-C
1520 Operation unit 1530 FCU
1540 Plotter 1550 Scanner 1560 Engine 1560 Other hardware resource 1571 Serial bus 1572 NIC
1573 IEEE 802.11b interface 1574 IEEE 1394 interface 1575 USB host 1576 memory card interface

Claims (20)

Do you have target information used for processing, device identification information unique to the information processing device that uses the target information, and the right to use the target information for the information processing device using the device identification information A function for determining whether to use the target information when it is determined by the use determining means to be usable, and the execution is restricted. A security monitoring program, connection monitoring means for monitoring the connection of a portable recording medium recorded with the security confirmation program,
Security confirmation activation means for activating the use determination means included in the security confirmation program when the connection monitoring means detects the connection of the portable recording medium;
An information processing apparatus comprising: The connection monitoring unit decrypts the target information subjected to encryption processing and the target information subjected to the encryption processing to be usable as the use control unit. Monitoring the connection of the portable storage medium recorded with the security confirmation program to function as a processing means;
The information processing apparatus according to claim 1. The connection monitoring means includes a plurality of the encryption target information, device permission information in which the device identification information is associated for each type of the target information, and the information processing device using the device permission information. Monitoring the connection of the recorded portable recording medium with the security confirmation program functioning as the use determining means for determining whether to permit the use of the target information according to the type associated with the device identification information To do,
The information processing apparatus according to claim 1 or 2. The connection monitoring unit has a right to use when the MAC address of the information processing device is unique and the MAC address of the information processing device matches the MAC address information. Monitoring the connection of the recorded portable recording medium with the confirmation program that functions as the use determining means for determining
The information processing apparatus according to any one of claims 1 to 3. When it is determined by the use determination means included in the security confirmation program recorded in the portable storage medium activated by the security confirmation activation means that the right to use the target information is determined, Information output processing means for performing processing to print and output the target information made available by the use control means;
The information processing apparatus according to claim 1, further comprising: The connection monitoring means has usage condition information indicating a condition for using the target information and a right to use the target information for the information processing apparatus when the condition indicated by the usage condition information is satisfied. Monitoring the connection of the portable recording medium recorded with the security confirmation program for functioning as the use determining means for determining that it has
The information processing apparatus according to any one of claims 1 to 5. The connection monitoring means monitors the connection of the portable recording medium recorded with the confirmation program that further functions as the use determining means for deleting the target information when the condition indicated by the use condition information is not satisfied. To do,
The information processing apparatus according to claim 6. The connection monitoring means uses expiration date information indicating a time limit for using the target information, and uses the target information for the information processing apparatus when it is determined that it is within the expiration date indicated by the expiration date information. Monitoring the connection of the portable recording medium recorded with the confirmation program that functions as the use determining means for determining that the user has the right to
The information processing apparatus according to claim 6, wherein: The connection monitoring unit includes the information processing apparatus when the usage information of the target information indicates the number of times the target information can be used and the usage of the information processing apparatus is within the predetermined usage count indicated by the usage count information. Monitoring the connection of the portable recording medium recorded with the confirmation program for functioning as the use determining means for determining that the object information has a right to use the target information,
The information processing apparatus according to claim 6, wherein: The connection monitoring unit performs a decryption process on the target information using the decryption key when it is determined that the connection monitoring unit has a right to use the decryption key and the use determination unit Monitoring the connection of the portable recording medium recorded with the confirmation program to function as a processing unit,
The information processing apparatus according to any one of claims 1 to 9. In a portable recording medium that transmits and receives information by connecting to an information processing device,
Target information used for processing,
Device identification information unique to an information processing device using the target information;
Use determination means for determining whether or not the information processing apparatus has a right to use the target information using the apparatus identification information, and the use determination means determines that the right to use is determined. Security confirmation that activates only when the information processing apparatus is called by a security confirmation activation means provided for calling the own program. Program and
A computer-readable portable recording medium on which is recorded. The target information is subjected to encryption processing,
The use control means for functioning the security confirmation program includes a decryption processing means for performing a decryption process on the target information subjected to the encryption process so as to be usable as the use control means.
The computer-readable portable recording medium according to claim 11. And further recording usage condition information indicating conditions under which the target information can be used,
The security confirmation program determines that the information processing apparatus has an authority to use the target information when the use determination unit satisfies a condition indicated by the use condition information.
The computer-readable portable storage medium according to claim 11 or 12. Do you have target information used for processing, device identification information unique to the information processing device that uses the target information, and the right to use the target information for the information processing device using the device identification information The use determination means for determining whether or not the use determination means determines whether or not the use determination means has the right to use, and the function is used as a use control means for performing the control for enabling the target information, and the execution is restricted. A connection monitoring step for monitoring a connection between a portable recording medium recorded with a security confirmation program and an information processing device;
A security confirmation activation step of activating the use determination means of the security confirmation program by a security confirmation activation means included in the information processing apparatus when a connection is detected by the connection monitoring step;
An information processing method characterized by comprising: In the connection monitoring step, the target information subjected to the encryption process and the decryption process for performing the decryption process on the target information subjected to the encryption process so as to be usable as the use control unit Monitoring the connection between the portable storage medium recorded with the security confirmation program to function as a processing means, and the information processing apparatus;
The information processing method according to claim 14. The connection monitoring step includes a plurality of the encryption target information, device permission information in which the device identification information is associated with each target information, and the device identification for the information processing device using the device permission information. Monitoring the connection of the recorded portable recording medium with the security confirmation program functioning as the use determining means for determining whether or not the target information associated with the information has a right to use. ,
The information processing method according to claim 14 or 15, wherein: When it is determined by the use determination means included in the security confirmation program recorded in the portable storage medium activated by the security confirmation activation step that the right to use the target information is determined, An information output processing step for performing a process of printing and outputting the target information made available by the use control means;
The information processing method according to claim 14, further comprising: The connection monitoring step permits use of the target information to the information processing apparatus when the use condition information indicating a condition for using the target information and the condition indicated by the use condition information are satisfied. Monitoring the connection of the portable recording medium recorded with the security confirmation program that functions as the use determining means;
The information processing method according to claim 14, wherein:   An information processing program causing a computer to execute the information processing method according to any one of claims 14 to 18. In an information processing system comprising an information processing device and a portable storage medium connectable to the information processing device,
The portable storage medium is
Target information used for processing,
Device identification information unique to an information processing device using the target information;
Use determination means for determining whether or not the information processing apparatus has a right to use the target information using the apparatus identification information, and the use determination means determines that the right to use is determined. Security confirmation that activates only when the information processing apparatus is called by a security confirmation activation means provided for calling the own program. Program and
Recorded,
The information processing apparatus includes:
Connection monitoring means for monitoring connection of the portable recording medium;
The security confirmation activation means for activating the use determination means included in the security confirmation program when the connection monitoring means detects the connection of the portable recording medium;
With
An information processing system characterized by this.

Images