JP2009119625A - Printing control device, printing system - Google Patents

Abstract

Suppression of leakage of print contents in an authentication printing system using a plurality of authentication means.
In a case where a print job received from a client computer is an authenticated print job, the multifunction machine stores the print job in a spool and waits for authentication by a user. The multi-function device 10 gives a predetermined score to each of the authentication results of the IC card authentication and the fingerprint authentication by the user. Then, the multifunction machine 10 determines whether or not various processes relating to the authentication printing process can be performed using the assigned points and the predetermined determination conditions, and controls the printing process. In the determination condition, whether or not to execute each print process, for example, print start, print continuation, and print restart, according to the number of points given to at least two authentication results among the authentication results by a plurality of authentication means. Determination conditions for determination are set.
[Selection] Figure 9

Description

  The present invention relates to a print control apparatus that controls a printing apparatus that performs authentication printing using a plurality of authentication systems.

  Authentication printing systems that print highly confidential documents such as confidential documents using authentication means such as card authentication, fingerprint authentication, and password authentication are becoming widespread. In such an authentication printing system, at the start of printing, printing is executed only when the user who has issued the print job is authenticated by the authentication unit as a user who may view the print contents, so that confidentiality is ensured. There are some that suppress the leakage of high-quality print contents.

  In addition, a recording apparatus that can read a confidential document only when the user is authenticated by all of the plurality of authentication units is also used (Patent Document 1).

JP 2006-187986 A

  However, in the conventional technique, there is no authentication mechanism according to various conditions, for example, the usage environment of the printing apparatus, the degree of confidentiality of the printed material, the authority of the user who performed printing, and the like. Therefore, from the viewpoint of suppressing and improving leakage of printed matter with higher accuracy, an authentication printing system that can perform authentication by flexibly combining a plurality of authentication units according to various conditions is desired.

  The present invention has been made in view of the above-described problems, and an object thereof is to suppress leakage of print contents in an authentication printing system using a plurality of authentication means.

  SUMMARY An advantage of some aspects of the invention is to solve at least a part of the problems described above, and the invention can be implemented as the following forms or application examples.

[Application Example 1]
Application Example 1 provides a print control apparatus. The print control apparatus of Application Example 1 that controls a printing apparatus that performs printing of an authentication print job that requires authentication printing is provided in the printing apparatus, and acquires authentication results by a plurality of types of authentication means for authenticating a user. Executing the processing related to the authentication printing by using the points given to the at least two authentication results, the score granting unit for giving a score to each of the acquired authentication results, and the plurality of authentication results A determination unit configured to determine whether or not it is possible; and a control unit configured to control execution of the process related to the authentication printing according to the determination result.

  According to the printing control apparatus of the application example 1, it is possible to evaluate the authentication state by the plurality of authentication units and control the authentication printing process by the printing apparatus. Therefore, it is possible to determine whether printing is possible in various ways, and it is possible to suppress information leakage in authentication printing with high accuracy.

  The print control apparatus according to the application example 1, wherein the determination unit further determines whether or not the process can be executed in accordance with a security level representing a confidentiality of contents represented by the authentication print job.

  According to the print control apparatus of Application Example 1, the determination condition includes the confidential level of the authentication print job. Therefore, since it is possible to flexibly determine whether printing can be executed according to the security level and the number of points assigned, it is possible to suppress leakage of print contents and improve user convenience in authenticated printing.

  In the print control apparatus according to the application example 1, the authentication result of the user includes an authority level indicating a print authority for the authenticated print job of the user, and the score granting unit is configured according to the authority level. Give different points.

  According to the print control apparatus of the application example 1, the number of points given varies depending on the authority level of the user. Accordingly, since it is possible to flexibly determine whether printing can be executed according to the authority level, it is possible to improve user convenience in authenticated printing.

  The print control apparatus according to the application example 1 further includes a holding unit that holds authentication state information indicating a state of authentication by each of the authentication units, and a detection unit that detects a change in the authentication state information. Performs the determination when the change is detected.

  According to the printing control apparatus of the application example 1, it is determined whether or not the printing process can be executed when the authentication state is changed. Therefore, it is possible to appropriately determine whether printing is possible according to the authentication state that dynamically changes during the printing process, and information leakage in authentication printing can be suppressed with high accuracy.

  The print control apparatus of Application Example 1 further includes an acquisition unit that acquires user presence information representing a user existing in the vicinity of the print control device, and the plurality of authentication units are represented by the user presence information. Presence authentication means for authenticating whether the user is an authorized user permitted to view the printed matter is included, and the determination means performs the determination using an authentication result by the presence authentication means.

  According to the printing control apparatus of Application Example 1, a user existing in the vicinity of the printing apparatus can authenticate whether or not the printed material can be browsed. Accordingly, since it is possible to determine whether or not the printing process can be performed according to a user in the vicinity of the printing apparatus, information leakage can be suppressed with high accuracy.

  The print control apparatus according to the application example 1 further includes a history recording unit that records a printing history of the authentication print job, and the score giving unit further gives a score according to the success or failure of the history, and the determination The means further determines whether or not the printing can be executed by using the assigned points according to the success or failure of the history recording.

  According to the printing control apparatus of the application example 1, it is possible to determine whether or not the printing process can be performed according to success or failure of the history recording. Therefore, the security of authentication printing can be improved from the viewpoint of preventing information leakage by history management.

  The printing control apparatus of Application Example 1 further stores a determination condition for determining whether or not to execute a plurality of processes related to the authentication printing by using the points given to the authentication result by at least two types of authentication means. The determination means performs the determination using the determination condition and the assigned score. Further, the print control apparatus according to the application example 1 further includes a setting unit for setting the determination condition.

  According to the printing control apparatus of the application example 1, since the determination condition can be arbitrarily set and stored, the determination condition can be flexibly changed according to the use environment and the authentication means provided. Therefore, convenience can be improved.

  In the printing control apparatus according to the application example 1, the execution of the process related to the authentication printing includes at least one of the start of printing of the authentication print job issued by the authenticated user, the continuation of printing, and the restart of printing. According to the printing control apparatus of the application example 1, it is possible to determine whether or not various processes relating to printing can be performed with a simple configuration.

  In the printing control apparatus according to the application example 1, when the determination unit determines that the printing cannot be continued, the printing control unit stops the printing process being executed.

  According to the printing control apparatus of Application Example 1, printing can be stopped according to whether printing can be continued. Therefore, output of printed matter can be interrupted even during printing according to authentication results by a plurality of authentication means, and information leakage can be suppressed.

The print control apparatus according to the application example 1 further includes a print state storage unit for storing the print state of the authentication print job, and the determination condition includes restarting the stopped authentication print.
The print control unit stores, in the print state storage unit, print state information related to the print state of the print job at the time of the print stop of the authentication print job in which the print process is stopped, and the determination unit is allowed to resume printing. Then, the printing state information stored in the printing state storage unit is used to restore the printing state at the time of stop and resume printing.

  According to the print control apparatus of Application Example 1, it is possible to resume printing of the authentication print job that has been stopped according to the authentication results of the plurality of authentication units, so that it is not necessary to re-execute authentication printing from the beginning. Therefore, the convenience in authentication printing can be improved.

  Application example 2 provides a printing system. In a printing system in which a plurality of printing apparatuses and a printing control apparatus that controls authenticated printing in each of the printing apparatuses are connected to be communicable via a network, each of the printing apparatuses receives an authenticated print job. Means, a plurality of types of authentication means for authenticating a user, a notification means for notifying the print control apparatus of the authentication result, and controlling the print processing of the authentication print job according to an instruction from the print control apparatus Printing control means. The print control device includes a score providing unit that assigns a score to each authentication result obtained by each authentication unit, a holding unit that holds the assigned score for each of the plurality of printing devices, and the grant. Determination means for determining whether or not to execute a plurality of processes related to the authentication printing for each of the plurality of printing apparatuses, using the points given to the authentication result by at least two types of authentication means among the obtained scores; In accordance with the result of the determination, an instruction transmission unit that transmits an instruction for controlling the execution of the process to a printing apparatus capable of executing the process related to the authentication print of the authentication print job.

  According to the printing system of the application example 2, the print control apparatus manages the authentication points in a plurality of printing apparatuses. Therefore, even when it is determined that the printing process cannot be performed by the printing apparatus that has received the print job, the printing process can be performed by another printing apparatus that is permitted to perform the printing process, and convenience can be improved.

  In the printing system according to the application example 2, when the instruction transmission unit determines that the authentication printing job cannot be continuously printed by the first printing device among the plurality of printing devices, the plurality of printings is performed. An instruction to continue printing of the authenticated print job is transmitted to a second printing apparatus that is determined to be able to continue printing of the authenticated print job.

  According to the printing system of the application example 2, in authenticated printing, a print job can be transferred while maintaining safety. Therefore, convenience can be improved.

  In the present invention, the various aspects described above can be applied by appropriately combining or omitting some of them.

A. First embodiment:
A1. System configuration:
FIG. 1 is an explanatory diagram illustrating a printing system in the first embodiment. The printing system 1000 includes a multifunction machine 10, a client computer 20, and an authentication server 30, and each device is connected to a local area network LAN.

  The multifunction machine 10 is a device having a plurality of functions such as a print function, a copy function, and a FAX function. The multifunction machine 10 includes an IC card authentication unit 11, a fingerprint authentication unit 12, and a presence information acquisition unit 13 as authentication means. Presence information represents information related to users existing in the vicinity of the multifunction machine 10. The multi-function device 10 executes print job print processing according to the result of authentication by a plurality of authentication means. The IC card authentication unit 11 acquires an IC card number from the IC card 40. The fingerprint authentication unit 12 has a built-in sensor for reading a fingerprint, and acquires the user's fingerprint. The presence information acquisition unit 13 includes an IC card sensor, performs wireless communication with an IC of an IC card existing within a predetermined range, and acquires presence information that can identify a user from the IC card.

  The client computer 20 is a general personal computer that includes a CPU, a ROM, and a RAM. The client computer 20 transmits a print job desired to be printed to the multifunction machine 10 in response to a user instruction.

  The authentication server 30 receives authentication requests from a plurality of authentication means provided in the multifunction device 10, performs user authentication, and notifies the multifunction device 10 of an authentication result.

  The flow of authentication printing in the printing system is as follows. When the print job received from the client computer 20 is an authentication print job, the multifunction machine 10 stores the print job in the spool and waits for user authentication. After transmitting the authentication print job, the user moves to the location of the multifunction machine 10, inserts his IC card 40 into the IC card slot 11, and holds the finger 50 over the fingerprint authentication panel 12. The multi-function device 10 reads the IC card number from the IC card and fingerprint information from the finger, makes an authentication request to the authentication server 30, and gives a predetermined score to each authentication result. Then, the multifunction machine 10 determines whether or not various processes relating to the authentication printing process can be performed using the assigned points and the predetermined determination conditions, and controls the printing process. In the first embodiment, processing related to printing of an authenticated print job includes start of printing, continuation of printing, and resumption of printing.

A2. Function block:
With reference to FIG. 2, functional blocks of the multifunction machine 10 will be described. FIG. 2A is a block diagram illustrating functional blocks of the multifunction machine 10. FIG. 2B is an explanatory diagram illustrating a module for executing authentication printing in the first embodiment. The multi-function device 10 includes a CPU 100, a ROM 101, a RAM 102, an interface 103, a storage device 104, an IC card authentication unit 11, a fingerprint authentication unit 12, a presence information acquisition unit 13, and a printing mechanism 107. .

  The interface 11 exchanges information between the IC card authentication unit 11, the fingerprint authentication unit 12, the presence information acquisition unit 13, the storage device 104, and the printing mechanism 107 and the CPU 100.

  Print mechanism 107 Prints a print job in accordance with an instruction from CPU 100.

  Information stored in the module stored in the ROM 101, the RAM 102, and the storage device 104 will be described with reference to FIG. The ROM 101 includes a print job reception module 200, an authentication module 202, a score assignment module 206, a determination module 208, a print control module 210, a determination condition setting module 212, and a log management module 214. The RAM 102 has an authentication state holding unit 260 for holding the authentication result by the authentication unit. The storage device 104 includes a score table 240, a determination condition table 250, and a log storage unit 255.

  The score table 240 stores the number of points to be given to the authentication result by the authentication means. The determination condition table 250 stores determination conditions for determining whether print processing can be executed. The log accumulating unit 255 accumulates a history regarding print processing. The authentication status holding unit 260 holds the status of authentication by each authentication means in the multifunction machine 10.

  The print job receiving module 200 determines whether the received print job is an authentication print job or a normal print job.

  The authentication module 202 uses the information input to the IC card authentication unit 11 and the fingerprint authentication unit 12 to communicate with the authentication server 30 and perform user authentication. Further, the authentication module 202 uses the information acquired by the presence information acquisition unit 13 to authenticate whether a user in the vicinity of the multifunction device 10 is a user who can view the printed matter output from the multifunction device 10. To do. The authentication module 202 stores the authentication result in the authentication state holding unit 260.

  The score assigning module 206 assigns points to the authentication result by the authentication module 202 and the result of history accumulation success / failure by the log management module 214 described later, based on the score table 240 stored in the storage device 104.

  The determination module 208 uses the points assigned by the score assignment module 206 and the determination conditions registered in the determination condition table 250 to perform various processes related to printing of the received authenticated print job, for example, printing start, It is determined whether printing can be continued or resumed. In the first embodiment, “print start” refers to converting a print job into printable data, “continuation of print” refers to printing the printable data on a medium and outputting the data, Resuming printing refers to resuming printing of a print job whose printing process has been stopped halfway.

  The print control module 210 performs control to start, stop, and restart printing according to the determination result by the determination module 208.

  The determination condition setting module 212 stores determination conditions for determining whether or not print processing can be executed, which is input via the operation unit 108.

  The log management module 214 manages the accumulation of history regarding print processing in the log accumulation unit 255 and the success or failure of log accumulation.

A3. Scoring process:
With reference to FIG. 3 to FIG. 6, the point assignment to the authentication result will be described. FIG. 3 is a flowchart for explaining the point giving process by the IC card authentication in the first embodiment. FIG. 4 is a flowchart for explaining the point giving process by the user authentication using the presence information in the first embodiment. FIG. 5 is an explanatory diagram illustrating the score table 240 in the first embodiment. FIG. 6 is an explanatory diagram illustrating the authentication state holding unit 260 in the first embodiment.

A3-1. IC card authentication:
The CPU 100 displays an authentication standby message on the display (not shown) of the multifunction machine 10 (step S10), and waits for insertion of an IC card (step S12). When the IC card 40 is inserted, the CPU 100 acquires the IC card information from the IC card and transmits it to the authentication server 30 (step S14), and determines whether the user authentication is successful (step S16).

  When the user is authenticated (step S16: YES), the CPU 100 acquires user information from the authentication server 30 (step S18), refers to the score table 240, and gives a score to the authentication result (step S20). If the user is not authenticated (step S16: NO), the CPU 100 returns to step S10 and continues the process.

  As shown in FIG. 5, the score table 240 includes five items of “authentication means”, “authentication score”, “external input”, “internal input”, and “internal output”. “Authentication means” represents an authentication means for authentication printing. The “authentication score” represents the score to be given according to the authentication result by the authentication means. For example, 1 point is given when the card is authenticated by IC card authentication, and 0 point is given when the card is not authenticated. “External input” represents information acquired from the authentication means. “Internal input” represents information acquired by the CPU 100 based on external input information. “Internal output” represents information acquired from the authentication server 30 based on external input information. For example, in A) IC card authentication, the CPU 100 acquires an IC card number from the IC card 40 and transmits it to the authentication server 30. The CPU 100 receives the authentication result transmitted from the authentication server 30, and when authenticated, acquires the user information together with the authentication result as an internal output. The CPU 100 refers to the score table 240, assigns a score according to the authentication result, and updates the authentication status holding unit 260.

  The authentication status holding unit 260 will be described with reference to FIG. The authentication status holding unit 260 stores, for each authentication result, user information representing the user being authenticated and the assigned points. As shown in FIG. 6, for example, when the user is authenticated by performing IC card authentication, the CPU 100 stores the user information acquired together with the authentication result in the user information column, and in the “A) IC card authentication” column. The number “1” to be given is stored. Note that “0” is set as an initial value in each of the columns A) to D) in advance.

A3-2. User presence authentication:
The user presence authentication process will be described with reference to FIG. When the CPU 100 detects the presence of a user in the vicinity of the multifunction device 10 via the presence information acquisition unit 13, that is, when an IC card is detected in the vicinity of the multifunction device 10 (step S30), wireless communication with the IC card is performed. To obtain presence information about the user who owns the IC card (step S32). The CPU 100 acquires user information from the presence information, compares the acquired user information with the user information held in the authentication status holding unit 260 (step S34), and gives a score according to the comparison result (step S36). . Specifically, when the user information acquired from the presence information is the same as the user information held in the authentication status holding unit 260, the CPU 100 has a user who can view the printed matter in the vicinity of the multifunction machine 10. Judge that. As shown in FIG. 5, when the authentication result by the user presence confirmation authentication is “existing”, the assigned score is “1”, so the CPU 100 determines the corresponding user in the authentication status holding unit 260 (FIG. 6). “1” is stored in the “C) existence check” column.

  The CPU 100 changes the presence information by the presence information acquisition unit 13, specifically, when a user with an IC card comes in the vicinity of the multifunction device 10 and when there is no user with an IC card (separated) In addition, the authentication state holding unit 260 is updated. That is, if there is a user who has an IC card in the vicinity of the multifunction machine 10, “1” is stored in the “C) Existence Confirmation” column of the authentication status holding unit 260. “0” is immediately stored in the “C) Existence Confirmation” column of the holding unit 260.

A4. Print control processing:
The print control process will be described with reference to FIGS. 7 and 8 are flowcharts for explaining print control processing in the first embodiment. FIG. 9 is an explanatory diagram illustrating a determination condition table in the first embodiment. FIG. 10 is an explanatory diagram illustrating the data configuration of the authentication print job in the first embodiment. The print control process is executed by the CPU 100 controlling each module.

  When the CPU 100 monitors the authentication status holding unit 260 and detects a change in the authentication status of each user (step S100), the authentication print job of the user whose authentication status has changed (hereinafter referred to as “corresponding user” in the embodiment). Is being printed (step S102). The change in the authentication state represents a change in the number of points stored in the authentication state holding unit 260.

  If the authentication print job for the user is not being printed (S102: NO), the CPU 100 determines whether there is an authentication print job for which printing has been stopped among the authentication print jobs for the user (step S104). If there is no authenticated print job for which the corresponding user has stopped printing (step S104: NO), the CPU 100 determines whether the unprinted authenticated print job for the corresponding user is stored in the spooler (step S106). If there is an unprinted authentication print job for the user in the spooler (step S106: YES), the CPU 100 determines whether printing can be started using the determination condition table and the number of points stored in the authentication state storage unit 260. Are judged (step S108), and whether or not printing can be started is judged (step S110).

  The determination condition table will be described with reference to FIG. In the determination condition table, a determination condition for determining whether or not processing can be executed in each printing process is set. In FIG. 9, A, B, C, and D included in the determination conditions represent the points A) to D) of the authentication status holding unit 260, and L represents the security level of the authentication print job set by the user. To express.

  The confidential level is included in the authentication print job, and the higher the level, the higher the confidentiality. The configuration of the print job will be described with reference to FIG. The print job JOB is composed of a header part HD and a data part DT, and the driver software installed in the client computer 20 includes the security level LV in the header part HD in accordance with a user instruction, and is an authenticated print job. Create a JOB. In the first embodiment, the security level set for the authenticated print job is “3”.

  For example, since the determination condition 1) for determining whether printing can be started is C * (A + B + 2)> L, it is always set so that printing does not start unless there is a user in the vicinity of the multifunction device 10. . In the first embodiment, the user can set a desired determination condition from the operation panel of the multifunction machine 10 or remotely via a network. For example, a predetermined determination condition may be used.

  In order to determine whether or not the print start process of the authentication print job can be executed, the CPU 100 applies the score of each authentication means held in the authentication state holding unit 260 to the expression of the determination condition 1), and the expression is established. Determine whether. For example, when the transmission user of the authentication print job is the user information “01234”, the authentication state of the user is A = 1, B = 1, C = 1, and D = 1 as shown in FIG. That is, authentication is performed in all of IC card authentication, fingerprint authentication, presence confirmation authentication, and log writing authentication. When these points are applied to the equation of determination condition 1), the following is obtained.

  C * (A + B + 2) = 1 * (1 + 1 + 2) = 4> 2 = L

  Therefore, since the expression of the determination condition 1) is satisfied, the CPU 100 determines that printing of the authentication print job can be started (step S110: YES), and executes printing of the authentication print job of the corresponding user (step S112).

  On the other hand, when the transmission user of the authentication print job is the user information “56789”, the authentication state of this user is A = 1, B = 0, C = 1, and D = 1 as shown in FIG. That is, authentication is performed in IC card authentication, presence confirmation authentication, and log writing authentication, and fingerprint authentication is not performed. When these points are applied to the equation of determination condition 1), the following is obtained.

  C * (A + B + 2) = 1 * (1 + 0 + 2) = 3 = L

  That is, since the result of the expression of the determination condition 1) is “3” and does not exceed the confidential level, the expression of the determination condition 1) is not satisfied. The CPU 100 determines that printing of the authentication print job cannot be started (step S110: NO), deletes the authentication state information of the user whose authentication state has not changed for a certain period of time (step S114), and ends the process. Similarly, the user with the user information “01234” is determined to be able to resume printing, but the user with the user information “56789” is determined to be unable to resume printing.

  Details of the printing process will be described with reference to FIG. The CPU 100 determines whether the print process to be executed is a print restart process (step S122). If it is not the print resumption process (step S122: NO), the CPU 100 acquires the spooled authentication print job of the corresponding user from the spooler (step S124), and sets the first page as the print page (step S126). The processes of steps S124 to 126 are included in the print start process of the first embodiment. The CPU 100 evaluates the print continuation determination condition in order to print and output the printed matter on the medium (step S128), and determines whether or not the print can be continued (step S130).

  In order to determine whether or not the print continuation process of the authentication print job can be executed, the CPU 100 applies the score of each authentication means held in the authentication status holding unit 260 of FIG. Is determined. When the awarded points are applied to the expression of the determination condition 2), it is as follows.

  C * D = 1 * 1 = 1> 0

  Therefore, since the expression of determination condition 2) is satisfied, the CPU 100 determines that the printing of the authentication print job can be continued (step S130: YES), and executes the printing of the designated page (step S132). When printing of the designated page is completed, the CPU 100 determines whether the page for which printing has been completed is the last page of the authentication print job (step S136). If the printed page is not the last page (step S136: YES), the CPU 100 designates the next page as a print page (step S142), and repeats the processing from step S128 onward.

  If the printed page is the last page, the CPU 100 determines whether an authentication print job not printed by the user is spooled (step S138). If it is spooled (step S138: YES), the processing is performed from step S124. If it is not spooled (step S138: NO), the process returns to FIG. The authentication status information is deleted (step S114), and the process ends.

  If the CPU 100 determines that printing of the authenticated print job cannot be continued (step S130: NO), the CPU 100 stops the printing process, and temporarily stores the printing state information representing the printing state at the time of the stop in the RAM 102 (step S134). The print status information includes the page number for which printing has been completed. For example, when there is a change in the presence information and the user leaves the vicinity of the multifunction machine 10, “C) presence check” held in the authentication status holding unit 260 is changed from “1” to “0”. As a result, the expression for determining the number of assigned points 2) is as follows, and C * D> 0 is not satisfied. Therefore, it is determined that printing cannot be continued. In this way, when the user who has transmitted the authentication print job in the vicinity of the multifunction machine 10 is absent, the printed matter is not output, so that leakage of the print contents can be suppressed.

  C * D = 0 * 1 = 0

  Resuming an authenticated print job for which print processing has been stopped will be described. If there is a print job for which the user has stopped printing (step S104: YES), the determination condition for whether or not printing can be resumed is evaluated (step S116), and whether or not the printing restart process can be executed is determined (step S118).

  In order to determine whether or not to execute the print resumption process for the authentication print job, the CPU 100 applies the score of each authentication means held in the authentication status holding unit 260 of FIG. Is determined. When the awarded points are applied to the expression of the determination condition 3), it is as follows.

  C * (A + B + 2) = 1 * (1 + 1 + 3) = 4> 2 = L

  Therefore, since the expression of determination condition 3) is satisfied, the CPU 100 determines that printing of the authentication print job can be resumed (step S118: YES), and the authentication print job of the corresponding user held in the RAM 102 and whose printing has been stopped is determined. Print status information when printing is stopped is acquired, and printing restart processing is performed (step S120).

  When the printing process is performed, it is the printing resumption process (step S122: YES), the printing state before the printing stop is restored using the printing state information (step S140), and the page to be printed is designated as the printing page (step S140). Step S142), the processing after step S128 is performed and printing is resumed.

  When the change of the authentication state is detected, if the print job of the user is being printed (step S102: YES), the CPU 100 determines whether or not the print continuation process is possible, and performs the subsequent processes (step S128 and subsequent steps).

  According to the printing system of the first embodiment described above, it is possible to control the printing process of the printing apparatus by scoring and evaluating the authentication results of a plurality of authentication means and determining whether various processes in the authentication printing can be performed. Therefore, authentication printing can be realized by combining a plurality of authentication means flexibly in accordance with the use environment, and information leakage of the print contents can be suppressed.

  Further, according to the printing system of the first embodiment, user information is acquired from presence information, and if the user does not exist in the vicinity of the multi-function device 10, the printed material is not output, so that a confidential document is viewed by a third party. And being stolen.

  Further, according to the printing system of the first embodiment, when the authentication state change is detected, the print process execution determination process is performed, so that the authentication print can be promptly reflected and the authentication printing can be performed. Therefore, information leakage can be suppressed with high accuracy, such as output of printed matter being stopped when printing cannot be continued due to a change in the authentication state.

  Further, according to the printing system of the first embodiment, since the user can arbitrarily set the determination condition, various determination conditions can be flexibly set according to the installation environment and the authentication means used. Therefore, the determination can be made with the determination conditions suitable for the use environment, the safety of the authentication printing can be improved, and the convenience of the user using the printing system can be improved.

  Further, according to the printing system of the first embodiment, it is possible to delete the authentication status information of the user who has not changed the authentication status for a certain period of time. Therefore, since the latest information can be used, convenience can be improved and useless use of the memory can be suppressed.

B. Second embodiment:
In the second embodiment, a printing system that determines whether or not authentication printing can be performed according to the authority level of the user will be described. In the second embodiment, the system configuration and functional blocks and modules of the printing system have the same configuration as in the first embodiment.

B1. Score table:
FIG. 11 is an explanatory diagram illustrating a score table in the second embodiment. Similar to the first embodiment, the score table 240a is composed of five items: “authentication means”, “authentication score”, “external input”, “internal input”, and “internal output”. However, in the second embodiment, different points are set according to the authority level of the user authenticated by the IC card authentication. The authority level of the user represents the authority that has been granted to each user in advance, and the higher the level, the greater the authorized authority. The authority level is included in the user information transmitted together with the authentication result by the IC card authentication.

  For example, as shown in the score table 240a, when the authority level is “3”, the assigned score is “3”, and when the authority level is “2”, the awarded score is “2”. The higher the authority level, the higher the number of points given.

  When the authentication module 202 performs IC card authentication and acquires user information, the authentication module 202 extracts the authority level of the user included in the user information. The score assigning module 206 assigns points according to the extracted authority level.

B2. Authentication status holding unit:
FIG. 12 is an explanatory diagram illustrating the contents of the authentication state holding unit 260a in the second embodiment. In the second embodiment, the authority level of the authenticated print job transmission user (user information “01234”) is “3”. As shown in FIG. 12, in the “A) IC card” field of the user information “01234”, “3” points corresponding to the authority level are given.

B3. Determination process:
In the second embodiment, whether or not the authentication printing process can be performed is determined using the same determination condition as the determination condition set in the determination condition table 250 of the first embodiment. An example of determining whether or not to execute a print start process for an authenticated print job will be described. When the transmission user of the authentication print job is the user information “01234”, the authentication state of this user is A = 3, B = 1, C = 1, and D = 1 as shown in FIG. That is, authentication is performed in all of the IC card authentication, fingerprint authentication, existence confirmation authentication, and log writing authentication, and the score “3” corresponding to the authority level is stored in the “(A) IC card authentication” column. ing. Applying the given points to the determination condition 1) in FIG. 9 gives the following. In the second embodiment, the security level L = 4.

  C * (A + B + 2) = 1 * (3 + 1 + 2) = 6> 4 = L

  Therefore, since the expression of the determination condition 1) is satisfied, the CPU 100 of the multifunction machine 10 determines that printing of the authentication print job can be started and executes printing of the authentication print job of the corresponding user.

  On the other hand, when the transmission user of the authentication print job is the user information “56789”, the authentication state of this user is A = 1, B = 1, C = 1, and D = 1 as shown in FIG. That is, authentication is performed in all of IC card authentication, fingerprint authentication, presence confirmation authentication, and log writing authentication. When these points are applied to the equation of determination condition 1), the following is obtained.

  C * (A + B + 2) = 1 * (1 + 1 + 2) = 4 = L

  That is, since the result of the expression of the determination condition 1) is “4” and does not exceed the confidential level = 4, the expression of the determination condition 1) is not satisfied. The CPU 100 determines that printing of the authentication print job cannot be started. Similarly, the user with the user information “01234” is determined to be able to resume printing, but the user with the user information “56789” is determined to be unable to resume printing.

  According to the printing system of the second embodiment described above, since the number of points to be given can be changed according to the authority level of the user, even in the same authentication print job, whether or not printing is possible can be changed according to the authority level of the user. Therefore, the safety and convenience of authentication printing can be improved.

C. Third embodiment:
In the third embodiment, a server is provided separately from the multifunction device 10, and the server determines whether or not printing processing is possible according to the authentication result and the determination condition, and controls the printing process of the authentication printing of the multifunction device 10. explain.

C1. System configuration:
FIG. 13 is an explanatory diagram illustrating a printing system according to the third embodiment. A printing system 2000 according to the third embodiment includes a plurality of multifunction peripherals 60 and 70, a client computer 20, an authentication server 30, and a print control server 80, and each device is connected to a local area network LAN. In the third embodiment, the MFPs 60 and 70 do not determine whether or not the authentication printing process can be executed, but the print control server 80 makes the determination. In the third embodiment, devices and the like having the same reference numerals as those in the first embodiment have the same functions and configurations.

  The print control server 80 manages all authentication states of the multifunction peripherals connected in the same network LAN, and controls the authentication print processing of each multifunction peripheral based on the authentication state. That is, when the print control server 80 receives the authentication result from the multi-function devices 60 and 70, the print control server 80 assigns a predetermined score according to the authentication result, determines whether or not to execute the printing process, and based on the determination result. Then, an instruction for controlling the authentication printing by the multifunction devices 60 and 70 is sent to the multifunction devices 60 and 70.

C2. Function block:
FIG. 14 is an explanatory diagram illustrating a module for executing authentication printing in the third embodiment. Each module of the third embodiment has the same function and configuration as each module having the same reference numeral as that of the first embodiment.

  The ROM 101 of the multi-function device 60 includes a print job receiving module 200, an authentication module 202, a presence information acquisition module 204, an authentication status change notification module 310, and a log management module 214. The storage device 104 of the multifunction device 60 includes a log storage unit 255.

  The authentication status holding unit 260 of the multi-function device 60 holds the authentication status of the authentication means provided in the own device. In the third embodiment, at the time of authentication printing, the authentication status holding unit 260 holds only the authentication status of one user so that one user can monopolize the use of the multifunction device. The authentication status change notification module 310 detects a change in the authentication status and notifies the print control server 80 of the change contents.

  The ROM 301 of the print control server has a notification reception module 230, a score assignment module 206, a determination module 208, a print control module 320, and a determination condition setting module 212. The RAM 302 has an authentication state holding unit 330 for holding the authentication result by the authentication unit of all multifunction devices. The storage device 304 includes a score table 240 and a determination condition table 250.

  The notification receiving module 230 receives an authentication state change notification from the multi-function devices 60 and 70. Upon receiving the change notification, the score assignment module 206 updates the authentication status information held in the authentication status holding unit 330. In the third embodiment, the authentication status holding unit 330 holds the authentication statuses of a plurality of multifunction peripherals in the printing system.

C3. Authentication information notification processing:
FIG. 15 is a flowchart for explaining authentication information notification processing for notifying the change of the authentication state in the third embodiment. When the CPU 100 of the multi-function device 60 detects a change in the authentication state of the own device (step S200), the CPU 100 determines whether the changed authentication result is an authentication result of a user not held in the authentication state holding unit 260 (step S200). S202). If the authentication result of the user is not held in the authentication status holding unit 260 (step S202: YES), the authentication status of other authentication means held in the authentication status holding unit 260 is initialized (step S204), and the composite The authentication status of all the authentication means provided in the machine 60 and the user information being authenticated are transmitted to the print control server 80 (step S206).

  FIG. 16 is an explanatory diagram for explaining the contents of the authentication status holding unit of the print control server in the third embodiment. FIG. 16A illustrates the contents of the authentication state holding before the authentication state change, and FIG. 16B illustrates the contents of the authentication state holding unit after the authentication state change. The authentication status holding unit 330 stores “MFP” indicating the name of the MFP, “User information” indicating the user, “(A) IC card” that stores the number of points assigned to the authentication result of IC card authentication, and authentication for fingerprint authentication. “(B) fingerprint” for storing the number of points given for the result, “(C) existence check” for storing the number of points given for the authentication result of the user existence confirmation authentication, and the number of points given for success or failure of log writing are stored. It consists of six items "(D) Log writing". For example, in the MFP “PT001”, the users of the user information “01234” and “56789” are authenticated, and the users of the user information “01234” are the authentication means (A), (C), (D ) Indicates that the user of the user information “56789” is authenticated by the authentication means (A) and (D). In addition, the user of the user information “01234” indicates that it is authenticated by the authentication means (B) and (D) in the multifunction peripheral “PT002”. In the third embodiment, the multi-function device 60 corresponds to “PT001”, and the multi-function device 70 corresponds to “PT002”.

  When the change of the authentication state is notified, the print control server 80 updates the contents of the authentication state holding unit. For example, when the user with the user information “01234” leaves the multi-function device 60 and moves to the multi-function device 70, the presence information of both the multi-function devices 60 and 70 changes. The multi-function device 60 transmits a change notification to the print control server 80, and the print control server 80 responds to the change notification received from the multi-function device 60, as shown in FIG. , “(C) Presence Confirmation” of the user information “01234” is updated from “1” to “0”. Similarly, the multifunction device 70 also transmits a change notification to the print control server 80. In response to the change notification received from the multi-function device 70, the print control server 80 sets “(C) presence confirmation” of the multi-function device “PT002” and user information “01234” to “0” as shown in FIG. To "1". In this way, the print control server 80 manages the authentication states of a plurality of multifunction devices.

C4. Print control processing:
FIG. 17 is a flowchart illustrating print control processing in the third embodiment. The print control process is executed by the CPU 300 of the print control server 80 controlling each module.

  When the CPU 300 receives the authentication status change notification from each multifunction peripheral (step S300), the CPU 300 performs substantially the same processing as that after step S102 in the first embodiment. However, the processes in steps S112 and S120 of the first embodiment are different, and in the third embodiment, printing processing is performed on a multifunction peripheral (hereinafter referred to as a corresponding device in the third embodiment) that has transmitted the authentication status change notification. Send an execution instruction for.

  If there is a print job for which the user has stopped printing (step S104: YES), the determination condition for the print resumption process is evaluated (step S116), and whether or not the print resumption process can be executed is determined (step S118). If it is determined that the print resumption process cannot be executed (step S118: NO), the CPU 300 refers to the authentication status holding unit 330, and prints a print job whose print is suspended to another multifunction peripheral determined to be printable. A restart execution instruction is transmitted (step S306).

  Specifically, the process of step S306 is as follows. In order to determine whether or not to execute the print resuming process of the authentication print job, the CPU 300 sets the expression of the determination condition 3) to each authentication means held in the authentication state holding unit after change shown in FIG. A score is applied to determine whether the formula is valid. For example, when the score of the corresponding device “PT001” of the corresponding user “01234” is applied to the expression of the determination condition 3), the following is obtained.

  C * (A + B + 2) = 0 * (1 + 0 + 2) = 0 <2 = L

  Accordingly, since the determination condition 3) is not satisfied, it is determined that printing cannot be resumed for the corresponding device “PT001”. In the CPU 300, the corresponding user “01234” is also authenticated in “PT002”, and when the authentication state of the corresponding user “01234” in “PT002” is applied to the expression of the determination condition 3), the following is obtained.

  C * (A + B + 2) = 1 * (0 + 1 + 2) = 3> 2 = L

  Therefore, since the determination condition 3) is satisfied, the CPU 300 of the print control server 80 determines that the printing can be resumed for the corresponding device “PT001”, and the print job for which printing has been stopped and the print to the multifunction device 60 (PT001). An instruction is given to cause the multi-function device 70 (PT002) to transmit print status information indicating the print status at the time of stoppage. The multifunction device 60 is relative to the multifunction device 70. The MFP 70 transmits the print job and the print status information, and performs the printing by restoring the print status using the received print job and the print status information.

  According to the printing system of the third embodiment described above, since the function for determining whether or not to execute the printing process for authentication printing is provided separately from the multifunction peripheral, the authentication status of a plurality of multifunction peripherals can be collectively managed, A system that combines authentication printing with alternative printing can be provided, and not only safety but also convenience can be improved. The user can obtain a printed material from the destination multifunction peripheral, which is preferable.

  Further, according to the printing system of the third embodiment, since the print control server performs all the determinations of whether or not to execute the authentication printing process for a plurality of multifunction devices, the determination condition is set or changed for each multifunction device. There is no need to set or change the determination condition only for the print control server. Therefore, the burden on the administrator of the printing system can be reduced. Also, forgetting to set can be suppressed.

  Further, according to the printing system of the third embodiment, since the print control server is provided, the load on the multifunction peripheral can be reduced.

D. Variations:
(1) In the first embodiment, whether or not to execute print processing is determined using a predetermined determination condition. For example, when the multifunction device receives an authentication print job, the print job sender A person with a high authority level (such as a security administrator) may be inquired about whether or not the user can print by e-mail or the like. In this case, it is preferable to configure so that points are given according to the result of the inquiry.

(2) In each of the above embodiments, authentication is performed by IC card authentication, fingerprint authentication, presence information or log writing success / failure. For example, authentication means for authenticating the authority to print an authentication print job from the user's print history Various authentication methods such as authentication means for authenticating that the password set at the time of print job issuance has been input to the printer and an entry / exit management system to authenticate whether the user has officially entered or exited the room You may build the printing system which combined the means.

(3) In the first embodiment, when it is determined that the print continuation process is impossible, the print process is stopped. However, for example, a shredder function is provided in the multi-function peripheral, and the printed matter is printed halfway along with the print stop. You may provide the structure discarded with a shredder. In addition, when printing is stopped, a function may be provided such as displaying a message on the panel of the multifunction device, notifying by a buzzer or the like, and sending an email to the administrator.

(4) In the first and second embodiments, the MFP controls the printing process, and in the third embodiment, the server controls the printing process. For example, the authentication server and the client computer have a printing process control function. It may be provided.

(5) Although no particular reference is made to the log accumulation method in each of the above embodiments, the process from reception of a print job to completion of printing may be appropriately accumulated, or in response to an instruction from the server, or Alternatively, the authentication state and the usage state may be accumulated at regular time intervals. Further, a score may be given to each log writing success / failure result, or a writing success / failure may be judged at a predetermined interval, and a score may be given to the judgment result.

(6) In each of the above embodiments, the authentication unit is described as being pre-installed in the multi-function peripheral. However, for example, the authentication unit may be configured to be externally connectable via a USB or the like. In this way, various authentication devices can be used flexibly according to the usage environment.

(7) In the first embodiment, the determination of whether or not the printing process can be performed is triggered by the detection of the change of the authentication status. For example, when the printing process starts or when the next page is printed, The authentication status may be acquired to determine whether execution is possible.

(8) In the first embodiment, the presence information is user information included in the IC card. However, any information may be used as long as the information can individually recognize the user.

(9) In the third embodiment, the multifunction peripheral receives the authentication print job directly from the client. For example, the print control server, that is, the print control apparatus that controls the print processing of the multifunction peripheral directly receives the authentication print job from the client. The print control server may be configured to function as a print server that receives the authentication print job and transmits it to the multifunction peripheral after receiving the print job.

(10) In the first to third embodiments, the determination condition can be arbitrarily set and changed. For example, not only the determination condition but also the number of points set for the confirmation status is set. The number of points assigned to the table may be changeable. In this case, the setting may be changed directly from the operation unit 108 of the multifunction peripheral, or the setting may be changed from a client computer or a print control server via a network.

  As mentioned above, although the various Example of this invention was described, this invention is not limited to these Examples, A various structure can be taken in the range which does not deviate from the meaning.

FIG. 3 is an explanatory diagram illustrating a printing system according to the first embodiment. FIG. 3 is a block diagram illustrating functional blocks and modules of the multifunction machine according to the first embodiment. The flowchart explaining the score provision process by IC card authentication in 1st Example. The flowchart explaining the score provision process by the user authentication using presence information in 1st Example. Explanatory drawing which illustrates about the score table in 1st Example. Explanatory drawing which illustrates about the authentication state holding | maintenance part in 1st Example. 6 is a flowchart for explaining print control processing in the first embodiment. 6 is a flowchart for explaining print control processing in the first embodiment. Explanatory drawing which illustrates the determination condition table in 1st Example. FIG. 3 is an explanatory diagram illustrating a data configuration of an authentication print job in the first embodiment. Explanatory drawing which illustrates the score table in 2nd Example. Explanatory drawing which illustrates the content of the authentication status holding | maintenance part in 2nd Example. Explanatory drawing which illustrates the printing system in 3rd Example. Explanatory drawing showing the module for performing authentication printing in 3rd Example. The flowchart explaining the authentication information notification process which notifies the change of the authentication state in 3rd Example. Explanatory drawing explaining the content of the authentication status holding | maintenance part of the printing control server in 3rd Example. 10 is a flowchart for explaining print control processing in a third embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 ... Multifunction machine 11 ... IC card authentication slot 12 ... Fingerprint authentication part 13 ... IC card sensor 13 ... Presence information acquisition part 20 ... Client computer 30 ... Authentication server 40 ... IC card 60 ... Multifunction machine 70 ... Multifunction machine 80 ... Print control Server 100 ... CPU
DESCRIPTION OF SYMBOLS 103 ... Interface 104 ... Memory | storage device 107 ... Printing mechanism 108 ... Operation part 200 ... Print job reception module 202 ... Authentication module 204 ... Presence information acquisition module 206 ... Score assignment module 208 ... Judgment module 210 ... Print control module 212 ... Judgment condition setting Module 214 ... Log management module 230 ... Notification receiving module 240 ... Point table 240a ... Point table 250 ... Determination condition table 250 ... Determination condition table 255 ... Log storage unit 260 ... Authentication status holding unit 300 ... CPU
310 ... Authentication status change notification module 320 ... Print control module 330 ... Authentication status holding unit 1000 ... Printing system 2000 ... Printing system

Claims (15)

A print control apparatus that controls a printing apparatus that performs printing of an authentication print job that requires authentication printing,
An acquisition unit provided in the printing apparatus for acquiring an authentication result by a plurality of types of authentication units for authenticating a user;
Point giving means for assigning points to each of the plurality of acquired authentication results;
Determination means for determining whether or not to execute processing related to the authentication printing using the points given to at least two authentication results of the plurality of authentication results;
And a control unit that controls execution of the process related to the authentication printing according to a result of the determination. The print control apparatus according to claim 1,
The determination unit is a print control apparatus that further determines whether or not the process can be executed in accordance with a security level representing a confidentiality of contents represented by the authentication print job. The print control apparatus according to claim 1 or 2,
The user authentication result includes an authority level representing a print authority for the authentication print job of the user,
The score control unit is a print control device that assigns a different score depending on the authority level. The print control apparatus according to claim 1, further comprising:
Holding means for holding authentication status information representing the status of authentication by each of the authentication means;
Detecting means for detecting a change in the authentication status information,
The determination unit is a print control apparatus that performs the determination when the change is detected. The print control apparatus according to any one of claims 1 to 4, further comprising:
Obtaining means for obtaining user presence information representing a user existing in the vicinity of the print control apparatus;
The plurality of authentication means includes presence authentication means for authenticating whether the user represented by the user presence information is an authorized user permitted to view the printed matter,
The printing control apparatus, wherein the determination unit performs the determination using an authentication result obtained by the presence authentication unit. The print control apparatus according to claim 1, further comprising:
A history recording means for recording a printing history of the authenticated print job;
The score giving means further gives a score according to the success or failure of recording the history,
The determination unit further determines whether or not the printing can be performed using a score given in accordance with the success or failure of the history recording. The print control apparatus according to claim 1, further comprising:
A storage unit that stores a determination condition for determining whether or not to execute the process related to the authentication printing by using the score given to the authentication result by the at least two types of authentication unit;
The printing control apparatus, wherein the determination unit performs the determination using the assigned score and the determination condition. The print control apparatus according to claim 7, further comprising:
A printing control apparatus comprising setting means for setting the determination condition. A printing control apparatus according to any one of claims 1 to 8,
The print control apparatus, wherein the process related to the authentication printing includes at least one of printing start, printing continuation, and printing restart of the authentication print job issued by the authenticated user. The print control apparatus according to claim 9,
The print control unit, when the determination unit determines that the continuation of printing is impossible, stops a print process being executed. The print control apparatus according to claim 10, further comprising:
A printing state storage unit for storing a printing state of the authentication print job when the printing process is stopped;
The determination unit determines whether or not to execute a print resumption process of the authenticated print job that has stopped the print process;
The print control unit stores, in the print state storage unit, print state information related to the print state of the print job at the time of the print stop of the authentication print job in which the print process is stopped, and the determination unit is allowed to resume printing. Then, the print control apparatus restores the print state at the time of the stop using the print state information and restarts the printing of the authentication print job in which the print processing is stopped. A printing system in which a plurality of printing apparatuses and a printing control apparatus that controls authentication printing in each of the printing apparatuses are connected via a network so as to be communicable,
Each of the printing devices
Authenticated print job receiving means for receiving an authenticated print job;
Multiple types of authentication means for authenticating users;
Notification means for notifying the print control apparatus of the authentication result;
Print control means for controlling the print processing of the authentication print job in response to an instruction from the print control device,
The print control device includes:
Point giving means for giving a score to the acquired authentication result;
Holding means for holding the assigned score for each of the plurality of printing devices;
Determination means for determining whether or not to execute a plurality of processes related to the authentication printing for each of the plurality of printing apparatuses, using the points given to at least two authentication results among the assigned points;
A printing system comprising: an instruction transmission unit configured to transmit an instruction for controlling execution of the process to a printing apparatus capable of executing the process related to the authentication print of the authentication print job according to the determination result. The printing system according to claim 12, comprising:
When it is determined that the authentication print job cannot be continuously printed by the first printing device of the plurality of printing devices, the instruction transmission unit is configured to print the authentication printing of the plurality of printing devices. A printing system that transmits an instruction to cause the second printing apparatus that has been determined to be able to continue printing a job to continue printing the authentication print job. A printing method executed by a print control apparatus that controls a printing apparatus that prints an authentication print job for which authentication printing is required,
Provided in the printing apparatus, obtaining authentication results by a plurality of types of authentication means for authenticating a user;
A score is assigned to each of the acquired authentication results,
Determining whether or not to execute the process related to the authentication printing by using the points given to at least two authentication results of the plurality of authentication results;
A printing method for controlling execution of processing related to the authentication printing in accordance with a result of the determination. A printing method executed by a printing system in which a plurality of printing apparatuses and a printing control apparatus that controls authentication printing in each of the printing apparatuses are connected via a network,
Each of the printing devices
Receive an authenticated print job,
Notifying the print control apparatus of authentication results by a plurality of types of authentication means for authenticating the user,
The print control device includes:
Point giving means for giving a score to the acquired authentication result;
Holding means for holding the assigned score for each of the plurality of printing devices;
Using the points assigned to at least two authentication results among the assigned points, it is determined whether or not to execute a plurality of processes related to the authentication printing for each of the plurality of printing devices,
In accordance with the result of the determination, an instruction for controlling the execution of the process is transmitted to a printing apparatus capable of executing the process related to the authentication print of the authentication print job.
Each of the printing devices
A printing method for controlling print processing of the authentication print job in accordance with an instruction from the print control apparatus.

Images