JP2012029076A - Image formation system, image formation device, control method, program, and recording medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an image formation system, an image formation device, a control method, a program, and a recording medium which eliminates the need of construction of a new system when setting authority, etc. to a document and which enables reduction of troublesome operation for the setting.SOLUTION: A user obtains, from a policy management device, policy information which can be used by the user, and causes display means of a composite machine to display the obtained policy information on a policy selection list screen (step S300 and S302). The user selects the displayed policy information (step S304 to S324), performs file conversion of document data obtained by scanning a document, thereafter imparts the selected policy to the converted file (step S328 to S332), transmits the file by transmission means, and stores the file in the composite machine by storage means (step S334).

Description

The present invention relates to a system for granting usage authority and the like to an electronic document.

When conducting business in a company, it is important to pay sufficient attention to handling confidential documents containing trade secrets and personal information. If these confidential documents are leaked or misused by employees, It can lead to a big deal related to survival.

  At present, companies are taking measures against the risks described above from various viewpoints such as information security, internal control, and legal compliance.

  In order to mitigate the above risks, DRM (Digital Rights Management) technology that controls usage rights for electronic documents is effective. For example, LiveCycle Rights Management provided by Adobe And other products related to systems using DRM technology. (For example, Patent Document 1)

JP 2010-108051 A

  However, in general, when constructing a DRM system, it is unavoidable that the user will construct and operate the server in-house, so there will be a cost for using this system. As for the functions to be performed, it is often sufficient that general functions are applied rather than requiring specific functions for each company, and this system is built in-house in consideration of cost effectiveness. The validity of doing this is suspected.

  In addition, each product in the DRM system has problems such as difficult terms and operability in terms of use of the system, operability, etc., and complicated operation.

  For example, from the viewpoint of operability, in order to grant usage authority to a document, there are many specifications that activate the document and set the user interface for each authority to set the authority. In many cases, there are various file formats, not limited to a single file format, and the user must remember and use all of these user interfaces. It is a situation.

  Regarding these problems, the same can be said for the technique disclosed in Patent Document 1.

  Therefore, by using a system that provides various services such as ASP (Application Service Provider) and SaaS (Software as a Service) that can receive only necessary functions, the user can An object of the present invention is to provide an image forming system, an image forming apparatus, a control method, a program, and a storage medium in order to avoid the troublesomeness of granting the authority to use a document without performing construction and operation. And

According to a first aspect of the present invention, there is provided a policy grant in which an image forming apparatus having a scanner function and a policy management apparatus that stores and manages policy information indicating use conditions for a user's recording medium are connected via a network. The image forming apparatus includes: a reading unit that generates a recording medium and records the data on the recording medium after converting the document into reading data; and input of user information that uniquely identifies the user. Alternatively, an input unit for inputting a document reading instruction by the reading unit, an image forming apparatus transmission unit for transmitting user information input by the input unit to the policy management apparatus, and a policy management apparatus transmission unit. Image forming apparatus receiving means for receiving the policy information, and an instruction to read a document by the input means A policy assigning unit that assigns a policy to the recording medium according to the policy information received by the image forming apparatus receiving unit with respect to the recording medium generated by the reading unit when input; Storing means for storing policy information usable by a user in correspondence with user information, policy management apparatus receiving means for receiving user information transmitted by the image forming apparatus transmitting means, and policy management apparatus receiving means Policy information acquisition means for acquiring policy information corresponding to the user information stored in the storage means that matches the user information received by the policy, and a policy for transmitting the policy information acquired by the policy information acquisition means to the image forming apparatus And a management device transmission means.

According to a second aspect of the present invention, there is provided a policy management apparatus and a network for storing and managing policy information indicating usage conditions for a user's recording medium in association with user information for uniquely identifying the user. An image forming apparatus connected to the image forming apparatus, wherein after the original is converted into read data, a recording medium is generated and the data is recorded on the recording medium; and user information for uniquely identifying the user is input. Alternatively, an input unit for inputting a document reading instruction by the reading unit, an image forming apparatus transmitting unit for transmitting user information input by the input unit to the policy management apparatus, and a transmission by the image forming apparatus transmitting unit Image forming apparatus receiving means for receiving from the policy management apparatus the policy information that matches the user information Policy giving means for giving a policy to the recording medium according to the policy information received by the image forming apparatus receiving means with respect to the recording medium generated by the reading means when an input reading instruction is input by the input means; , Provided.

According to a third aspect of the present invention, there is provided a policy assignment in which an image forming apparatus having a scanner function and a policy management apparatus for storing and managing policy information indicating usage conditions for a user's recording medium are connected via a network. A method for controlling a system, wherein the image forming apparatus converts a document into read data and then generates a recording medium and records the data on the recording medium, and user information for uniquely identifying a user Or an input process for inputting a document reading instruction in the reading process, an image forming apparatus transmitting process for transmitting user information input in the input process to the policy management apparatus, and a policy management apparatus transmitting process An image forming apparatus receiving process for receiving the policy information transmitted by the process, and the input process When an instruction to read a manuscript is input, a policy granting step of giving a policy to the recording medium according to the policy information received by the image forming apparatus receiving step is executed on the recording medium generated by the reading step In the policy management device, a policy management device receiving step for receiving user information transmitted by the image forming device transmission step, and a policy that can be used by a user that matches the user information received by the policy management device reception step A policy information acquisition step for acquiring policy information corresponding to the user information stored in the storage unit that stores information corresponding to the user information, and the policy information acquired by the policy information acquisition step is transmitted to the image forming apparatus. Policy management device transmission process To.

According to a fourth aspect of the present invention, there is provided a policy management apparatus and a network for storing and managing policy information indicating usage conditions for a user's recording medium in association with user information for uniquely identifying the user. A method for controlling an image forming apparatus connected through a reading process for generating a recording medium and recording the data on the recording medium after converting a document into reading data, and a user for uniquely identifying a user An input process for inputting information or an instruction for reading a document in the reading process, an image forming apparatus transmitting process for transmitting user information input in the input process to the policy management apparatus, and an image forming apparatus An image forming apparatus receiving the policy information matching the user information transmitted in the transmitting step from the policy management apparatus. When a document reading instruction is input in the step and the input step, a policy is assigned to the recording medium according to the policy information received in the image forming apparatus receiving step with respect to the recording medium generated in the reading step. This is executed as a policy applying step.

According to a fifth aspect of the present invention, there is provided a policy assignment in which an image forming apparatus having a scanner function and a policy management apparatus that stores and manages policy information indicating use conditions for a user's recording medium are connected via a network. A program executed in a system, wherein the image forming apparatus uniquely identifies a user and a reading unit that generates a recording medium and records the data on the recording medium after a document is converted into reading data Input means for inputting user information or an instruction for reading a document by the reading means, an image forming apparatus transmitting means for transmitting user information input by the input means to the policy management apparatus, and a policy management apparatus An image forming apparatus receiving means for receiving the policy information transmitted by the transmitting means; and the input means When a document reading instruction is input, a policy giving unit that gives a policy to the recording medium according to the policy information received by the image forming apparatus receiving unit with respect to the recording medium generated by the reading unit; The policy management apparatus is used by a policy management apparatus receiving means for receiving user information transmitted by the image forming apparatus transmitting means and a user who matches the user information received by the policy management apparatus receiving means. Policy information acquisition means for acquiring policy information corresponding to user information stored in a storage means for storing possible policy information in association with user information, and policy information acquired by the policy information acquisition means in the image forming apparatus To function as a policy management device sending means to send to Is a program which is characterized.

According to a sixth aspect of the present invention, there is provided a policy management apparatus and a network for storing and managing policy information indicating usage conditions for a user's recording medium in association with user information for uniquely identifying the user. A program that is executed in an image forming apparatus connected to the image forming apparatus, and after a document is converted into read data, a recording medium is generated and the data is recorded on the recording medium, and a user is uniquely identified Input means for inputting user information to be inputted, or an input means for inputting a document reading instruction by the reading means, an image forming apparatus transmitting means for transmitting the user information input by the input means to the policy management apparatus, and image formation Receiving the policy information matching the user information transmitted by the apparatus transmitting means from the policy management apparatus; When a document reading instruction is input by the image forming apparatus receiving means and the input means, the recording medium generated by the reading means is recorded on the recording medium according to the policy information received by the image forming apparatus receiving means. It is a program characterized by functioning as policy assigning means for assigning a policy.

A seventh invention for solving the above problems is a computer-readable recording medium on which the program according to the fifth invention or the sixth invention is recorded.

According to the present invention, since it is possible for a user to receive only necessary functions without performing system construction and operation, etc., it is possible to reduce the cost for system construction and further to use the document. And the like.

It is a system configuration figure showing the outline of the composition of the policy grant system concerning the embodiment of the present invention. It is a block diagram which shows the outline of the hardware constitutions of the client terminal and policy management apparatus which concern on embodiment of this invention. 1 is a configuration diagram illustrating an outline of a hardware configuration of a multifunction peripheral according to an embodiment of the present invention. FIG. 5 is a configuration diagram of module functions executed when providing a user with a function for assigning a policy to a file in the policy assigning system according to the embodiment of the present invention. It is a block diagram which is a screen utilized in the client terminal which concerns on embodiment of this invention, and shows the structural example of the screen used when setting a policy with respect to a user or a group. FIG. 5 is a configuration diagram showing a configuration example of a menu screen that is a screen used in a multifunction peripheral according to an embodiment of the present invention and displays functions provided from the multifunction peripheral. FIG. 5 is a configuration diagram illustrating a configuration example of a screen used in a multifunction peripheral according to an embodiment of the present invention and used when logging into a policy assignment system. FIG. 5 is a configuration diagram showing a configuration example of a screen used in a multifunction peripheral according to an embodiment of the present invention and used when a policy is assigned to a file obtained by scanning. FIG. 5 is a configuration diagram showing a configuration example of a screen used in a multifunction peripheral according to an embodiment of the present invention and used when a policy that can be used by a login user is assigned to a file. FIG. 5 is a configuration diagram showing a configuration example of a screen that is used in the multifunction peripheral according to the embodiment of the present invention and that selects a file format when generating a file of document data obtained by scanning. It is a block diagram which shows the structure of the table used when executing the program which provides a policy provision function to a user in embodiment of this invention. It is a flowchart which shows the flow of the process which sets the policy which can be utilized with respect to a user in the policy provision system which concerns on embodiment of this invention. It is the flowchart which showed the flow which provides a policy provision function to a user in the policy provision system which concerns on embodiment of this invention. It is a flowchart which shows the flow of the process which provides a policy to a file in the policy provision system which concerns on embodiment of this invention.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 illustrates an image forming system (hereinafter referred to as a policy providing system) that assigns usage conditions (policy) such as a usage right of a function that can be executed on an electronic document according to an embodiment of the present invention.

  The policy assignment system 100 includes a multifunction peripheral 102, a client terminal 104, a virtual server 108, and a policy management apparatus 110. The multifunction peripheral 102 and the client terminal 104 are connected to the policy management apparatus 110 via the Internet 106. The virtual server 108 is a server provided by dividing the policy management apparatus 110 virtually so that the policy management apparatus 110 operates an OS (Operating System) and application software separately. 100 policy management devices 110 are divided for each user who uses 100, or a case of using one policy management device 110 for each user. Can take the configuration.

When the user issues a print instruction using a user interface (not shown) provided in the client terminal 104, the multifunction device 102 forms print data, receives the formed print data, and stores the print data. To do.

The multifunction device 102 includes a card reader. When the user holds the IC card over the card reader, user identification information for identifying the user stored in the IC card is transmitted to the policy management apparatus 110. In the policy management apparatus 110, when the user's validity is confirmed, the print data stored in the multifunction peripheral 102 is printed.

In addition, by checking the validity of the user with the IC card, it is possible to avoid the risk of information leakage or the like due to the printed matter being left in the printing device.

  The multifunction device 102 also has a scanner function, and stores document data obtained by scanning a document to be scanned with a scanner in a storage area called a box, or a destination address of a transmission destination. Etc., and then the document data is sent to the destination.

  Further, the MFP 102 acquires the policy information stored in the policy management apparatus 110, thereby converting the document data obtained by scanning into a file format such as PDF, and policy information for these files. It is also possible to grant.

  The client terminal 104 issues a print instruction to the MFP 102 as described above, and the user sets the authority such as browsing, printing, changing, copying, revoking, switching, screen reader, etc. for the digitized document, that is, the file. And a terminal device for setting a policy such as an expiration date of the authority.

  The policy management apparatus 110 has a function of storing and managing information about a policy to be assigned to a desired file set by the user using the client terminal 104 and transmitting policy information requested from the multifunction peripheral 102.

  In addition, the user stores and manages information related to the contents of the contract in the system at the stage of concluding the contract regarding the use of the policy granting system 100, and uses the contract information to restrict the use of the system. .

  The policy assignment system 100 operates a function for assigning a policy to a file provided in the policy management apparatus 110, and provides the use of this function to a user who uses the multi-function peripheral 102 via the Internet 106. It has a system configuration that provides a so-called ASP or SaaS type service.

  As a result, the user can reduce the cost required for the introduction and operation of the server in constructing the system that provides the above-mentioned policy grant function, and pays the service fee for the period and amount used. The policy grant function can be used.

  Next, FIG. 2 is a block diagram showing an outline of the hardware configuration of the client terminal 104, and the CPU 201 controls each device and controller connected to the system bus 204 in an integrated manner.

  The ROM 202 or the external memory 211 stores a BIOS (Basic Input / Output System), which is a control program for the CPU 201, an OS, and various programs (to be described later) necessary for realizing the functions executed by the client terminal 104. ing.

  The RAM 203 functions as a main memory, work area, and the like for the CPU 201. The CPU 201 implements various operations by loading a program necessary for execution of processing into the RAM 203 and executing the program.

  An input controller (input C) 205 controls input from an input unit 209 such as a keyboard or a pointing device such as a mouse (not shown). A video controller (VC) 206 controls display on a display device such as a CRT display (CRT) which is also an example of the display unit 210. The display device may be a liquid crystal display as well as a CRT.

  The memory controller (MC) 207 is connected via an adapter to a hard disk (HD), FD or PCMCIA card slot for storing boot programs, browser software, various applications, font data, user files, editing files, various data, etc. The access to the external memory 211 such as a compact flash (registered trademark) memory is controlled.

A communication I / F controller (communication I / FC) 208 is connected to and communicates with an external device via a network, and executes communication control processing in the network. For example, Internet communication using TCP / IP is possible.

Note that the CPU 201 can perform display on the display unit 210 by executing outline font rasterization processing on a display information area in the RAM 203, for example. In addition, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the display unit 210.

A program for providing a user with a policy assigning function for realizing the present invention is recorded in the external memory 211 and is executed by the CPU 201 by being loaded into the RAM 203 as necessary.

  Note that the policy management apparatus 110 has the same hardware configuration as that of the client terminal 104, and a description thereof will be omitted. The external memory 211 of the policy management apparatus 110 stores a program for providing to a user who uses the policy assignment function.

Furthermore, a definition file and various information tables used by a program executed to provide a policy providing function to the user are stored in the external memory 211 of the policy management apparatus 110, and detailed description thereof will be described later.

  Next, the hardware configuration of the controller unit that controls the multifunction peripheral 102 shown in FIG. 1 will be described with reference to FIG.

  FIG. 3 is a block diagram illustrating an example of a hardware configuration of the controller unit of the multifunction peripheral 102 illustrated in FIG.

  In FIG. 3, reference numeral 316 denotes a controller unit which is connected to a scanner unit 314 functioning as an image input device and a printer unit 312 functioning as an image output device, and is connected to a LAN or a public line (WAN) (for example, PSTN or ISDN). By connecting with, image data and device information are input and output.

  In the controller unit 316, reference numeral 301 denotes a CPU, which is a processor that controls the entire system. A RAM 302 is a system work memory for the CPU 301 to operate, and is also a program memory for recording a program and an image memory for temporarily recording image data.

  A ROM 303 stores a system boot program and various control programs. A hard disk drive (HDD) 304 stores various programs for controlling the system, image data, and the like.

  An operation unit interface (operation unit I / F) 307 is an interface unit with the operation unit (keyboard) 308. Further, the operation unit I / F 307 serves to transmit the key information (for example, pressing of the start button) input from the operation unit 308 to the CPU 301.

  A network interface (Network I / F) 305 is connected to a network (LAN) and inputs / outputs data. A modem (MODEM) 306 is connected to a public line and inputs / outputs data such as FAX transmission / reception.

  Reference numeral 318 denotes an external interface (external I / F), which is an I / F unit that accepts external inputs such as USB, IEEE 1394, printer port, RS-232C, etc. In this embodiment, an IC card for a portable terminal required for authentication A card reader 319 for reading (storage medium) is connected to the external I / F 318.

  The CPU 301 can control reading of information from the IC card of the mobile terminal by the card reader 319 via the external I / F 318, and can acquire information read from the IC card of the mobile terminal. The above devices are arranged on the system bus 309.

  Reference numeral 320 denotes an image bus interface (IMAGE BUS I / F), which is a bus bridge that connects the system bus 309 and an image bus 315 that transfers image data at high speed and converts the data structure.

  The image bus 315 is configured by a PCI bus or IEEE1394. The following devices are arranged on the image bus 315.

  A raster image processor (RIP) 310 develops vector data such as a PDL code into a bitmap image. A printer interface (printer I / F) 311 connects the printer unit 312 and the controller unit 316 and performs synchronous / asynchronous conversion of image data. A scanner interface (scanner I / F) 313 connects the scanner unit 314 and the controller unit 316 and performs synchronous / asynchronous conversion of image data.

  An image processing unit 317 performs correction, processing, and editing on input image data, and performs printer correction, resolution conversion, and the like on print output image data. In addition to this, the image processing unit 317 performs image data rotation and compression / decompression processing such as JPEG for multi-valued image data and JBIG, MMR, MH for binary image data.

  The scanner unit 314 illuminates an image on paper as a document and scans it with a CCD line sensor, thereby converting it into an electrical signal as raster image data. The original paper is set on the tray of the original feeder, and when the apparatus user gives a reading start instruction from the operation unit 308, the CPU 301 gives an instruction to the scanner unit 314, and the feeder feeds the original paper one by one to read the original image. Perform the action.

  The printer unit 312 is a part that converts raster image data into an image on paper. The method is an electrophotographic method using a photosensitive drum or a photosensitive belt, and ink is ejected from a micro nozzle array directly on the paper. There is an inkjet method for printing an image, but any method may be used.

  The activation of the printing operation is started by an instruction from the CPU 301. The printer unit 312 has a plurality of paper feed stages so that different paper sizes or different paper orientations can be selected, and has a paper cassette corresponding thereto.

  The operation unit 308 has an LCD display unit, and a touch panel sheet is pasted on the LCD. The operation unit 308 displays an operation screen of the system. When a displayed key is pressed, the position information is displayed on the operation unit I / F 307. To the CPU 301 via The operation unit 308 includes, for example, a start key, a stop key, an ID key, a reset key, and the like as various operation keys.

   Here, the start key of the operation unit 308 is used when starting a document reading operation. At the center of the start key, there are two color LEDs, green and red, which indicate whether or not the start key can be used. Further, the stop key of the operation unit 308 functions to stop the operation in operation. The ID key of the operation unit 308 is used when inputting the user ID of the user. The reset key is used when initializing settings from the operation unit.

  The card reader 319 reads information stored in the IC card under the control of the CPU 301 and notifies the CPU 301 of the read information via the external I / F 318.

  The external storage 321 has a function of storing the image data read from the scanner unit 314 via the external I / F 318.

  With the configuration as described above, the multi-function peripheral 102 can transmit the image data read from the scanner unit 314 to the network, and print out the print data received via the network by the printer unit 312.

  Further, the image data read from the scanner unit 314 can be fax-transmitted on the public line by the modem 306, and the image data received by FAX from the public line can be output by the printer unit 312.

  FIG. 4 is a functional configuration diagram illustrating a module configuration that is executed in order to provide a policy grant function to the user in the policy grant system 100 according to the embodiment of the present invention.

  The client terminal 104 uses the input unit 209 such as a keyboard or a mouse to the screen displayed on the display unit 210, and the user information for logging in to the policy assignment system 100 and the policy information to the user. An input unit 402 having an input function such as setting is provided.

  The client terminal 104 includes a display unit 404, and the display unit 404. Each screen displayed on the display unit 210 is shown, and the processing result executed by the policy management apparatus 110 on the information input by the user by the input unit 402 or the information input by the input unit 402 is shown in FIG. It has a function to display on a screen or the like.

  In addition, the client terminal 104 transmits information input from each screen to the policy management apparatus 110 in order to exchange data (information) with the policy management apparatus 110 via the network via the communication I / FC 208. A transmission unit 406 and a reception unit 408 for receiving a processing result executed in the policy management apparatus 110 are provided.

  The policy management apparatus 110 includes a receiving unit 410 that receives information transmitted from the MFP 102 or the client terminal 104 via the communication I / FC 208 via the network, and a user logs in from the MFP 102 or the client terminal 104. And authentication means 412 for authenticating whether or not the user uses the policy assignment system 100 based on the user information input at the time of login.

  In addition, the policy management apparatus 110 includes storage means 414 for storing user information using the policy granting system 100, policy information usable by the user, and the like in definition files and various information tables stored in the external memory 211 and the like. I have. Various information tables will be described later.

  When the policy information acquisition unit 415 requests policy information from the multi-function peripheral 102, the policy management apparatus 110 stores policy information that can be used by the user who has made a request using the multi-function peripheral 102. Can be obtained from.

  The policy management apparatus 110 further includes a transmission unit 416 that transmits the authentication result by the authentication unit 412 and the policy information acquired by the policy information acquisition unit 415 to the multi-function peripheral 102 or the client terminal 104.

  The MFP 102 is obtained by scanning the user information and the manuscript for logging in to the policy assignment system 100 using the operation unit 308 such as a keyboard and a mouse on the screen displayed on the display unit 210 by the user. An input unit 418 having input functions such as an instruction to transmit original data, an instruction to save the original data, and an instruction to assign a policy to the file is provided.

  The multifunction machine 102 includes a display unit 420. The display unit 420 shows each screen displayed on the operation unit 308, and the user inputs using the input unit 418 or the input unit 418. The processing result executed in the policy management apparatus 110 with respect to the information input by the function is displayed on the screen or the like.

  The multifunction machine 102 also includes a reading unit 422. When the user sets a document on a tray (not shown) of a document feeder (not shown) and the input unit 418 gives an instruction to start scanning, the reading unit 422 reads. Reference numeral 422 reads a document set on the tray of the document feeder by the scanner unit 314 and changes the read document to data.

  The MFP 102 also includes a policy assigning unit 424. The policy assigning unit 424 generates a file in the file format desired by the user from the document data read by the reading unit 422, and the input unit 418 selects the file. A function for assigning a policy to a file that has been generated.

  The MFP 102 also includes a storage unit 426. The storage unit 426 stores a file to which the policy is added by the policy adding unit 424 by the input unit 418 in a predetermined storage area (built-in unit) such as a box. A function of saving to the storage 304 or the like.

In addition, the MFP 102 transmits information input from each screen to the policy management apparatus 110 in order to exchange data (information) with the policy management apparatus 110 via the communication I / FC 208 via the network. Or a transmission unit 428 that transmits a file to which a policy is added by the policy addition unit 424 to a destination of a desired transmission destination, processing results executed by the policy management apparatus 110, and print data from the client terminal 104. Receiving means 430.

FIG. 5 shows a policy registration screen 500 for registering a policy that can be used by the user. The policy registration screen 500 is displayed on the display unit 210 of the client terminal 104.

  The policy registration screen 500 includes a policy name 502 for inputting a name for the policy to be assigned and a remark 504 for inputting a description for the policy.

  The policy registration screen 500 also includes a user / user group addition button 506. When the administrator user presses the user / user group addition button 506 by the input unit 209, the user or group (not shown) is specified. The screen is displayed on the display unit 210, and the user or group specified using the screen is additionally displayed in the name column of the policy setting column 508.

  The administrator user enters a check box corresponding to a policy for the user displayed in the name field of the policy setting field 508, for example, browsing, printing, changing, copying, revoking, switching, screen reader, and the like via the input unit 209. By inputting a check mark, it is possible to set policies that can be used by the user, and it is also possible to set expiration dates for these policies.

  In addition, by making settings for each item displayed in the general settings 510, it is possible to flexibly set a policy that can be used by a user or a group, and further, items displayed in the encryption setting 512. By making a setting for the file, it becomes possible to encrypt the file after the policy is added, and when the file after the policy is stored, which is stored in the policy management apparatus 110, is downloaded. Security is strengthened by combining the above.

  After setting these policies, the administrator user can register a policy that can be used by the user or group by pressing the registration button 514 using the input unit 209. The setting information is stored and managed in a table or the like provided in the external memory 211 of the policy management apparatus 110.

  When the registration process is interrupted and the screen transition source is returned, the administrator user presses the return button 516 by the input unit 209.

  FIG. 6 shows a main menu screen 600 for selecting a function provided from the MFP 102 when the user uses the MFP 102, and is displayed on the operation unit 308.

  The main menu screen 600 includes a scan and send button 602 and a scan and save button 604, and other buttons for providing various functions are displayed.

  When the user scans and the transmission button 602 is pressed by the operation unit 308, scanning of the document set for the multifunction machine 102 is started, and the address input by the operation unit 308 is scanned. The received document data is converted into a file format such as PDF and transmitted. In the embodiment of the present invention, a policy can be assigned to a file converted into a file format such as PDF.

  When the user scans and the save button 604 is pressed by the operation unit 308, scanning of the document set for the multifunction machine 102 is started, and the storage destination in the box input by the operation unit 308 is started. Then, the original data obtained by scanning is converted into a file format such as PDF and stored. As described above, in the embodiment of the present invention, a policy can be assigned to a file converted into a file format such as PDF.

  FIG. 7 shows a login screen 700 used for a user who uses the policy granting function to log in to the policy granting system 100. The login screen 700 is a login for inputting an ID for uniquely identifying the user. An ID 702, a password 704 for inputting a password set by the user or issued by a policy granting function provider, and a login button 706 for pressing when the user logs in are provided.

  When the user presses the login button 706, the login ID and password input in the login ID 702 and password 704 are acquired, and the policy management apparatus 110 is accessed via the Internet 106 using the acquired login ID and password. Request authentication processing. The login screen 700 is displayed on the display unit 210 of the client terminal 104.

  FIG. 8 shows an option screen 800 that is used when a user assigns a policy to a file obtained by converting the document data obtained by scanning into a file format such as PDF. Includes a button 802 for applying a policy, an OK button 804, and a cancel button 806. In addition, buttons for providing various optional functions are displayed.

  The option screen 800 is obtained by scanning and scanning the option screen 800 when a scan-type button such as the scan and send button 602 or the scan and save button 604 is pressed on the main menu screen 600. When assigning a policy to a file in which document data is converted into a file format such as PDF, the user presses a button 802 to apply the policy with the operation unit 308.

  In addition, the button 802 for applying a policy can be displayed so that it can be identified that the policy is applied at the timing when the policy to be applied, which will be described later, is confirmed, and other functions are applied. These buttons can also be displayed so that they can be identified. The user estimates the degree of application and presses an OK button 804 with the operation unit 308 to confirm each option function. On the other hand, when not applying each option function, the user presses a cancel button 806.

  FIG. 9 shows a policy list screen 900 for selecting a policy to be assigned to a file. When the button 802 for applying a policy on the option screen 800 is pressed by the operation unit 308, the policy list is displayed. The screen 900 is activated.

  In the policy list screen 900, a policy name 902 indicating a policy name that can be assigned is selected by the operation unit 308 from the policy name 902, and the user selects the policy to be applied by the operation unit 308 when confirming the selected policy. A grant button 904 for pressing and a setting cancel button 906 for the user to press using the operation unit 308 when canceling application of a policy are provided.

  When the user presses the grant button 904 by the operation unit 308, the policy list screen 900 is closed, and a button 802 for applying the policy on the option screen 800 is displayed so that it can be identified that the policy is applied. When the setting cancel button 906 is pressed by the operation unit 308, the policy list screen 900 is closed, and the button 802 for applying the policy on the option screen 800 is displayed in a standard state.

FIG. 10 shows a file format selection screen 1000 for selecting what file format the document data obtained by scanning should be converted. The file format selection screen 1000 displays the PDF format. The PDF button 1002 for converting to a file, the OK button 1004 for the user to press with the operation unit 308 when the conversion format is confirmed, and the option function on the option screen 800 again when the user reviews the option function. A cancel button 1006 to be pressed by the operation unit 308 is provided.

As to what type is selected at this time, it indicates that the destination indicated by 1008 to which the policy is applied is selected, and FIG. 10 shows that the PDF button 1002 is selected. ing.

If there is no objection to the file format to be converted, the user presses the OK button 1004 by the operation unit 308, and when reviewing the option function again, the user presses the cancel button 1006 to display the file format selection screen. Close 1000.

  FIG. 11 shows various information tables used by a program executed to provide to a user who uses the policy assignment function, and is stored and managed in the external memory 211 of the policy management apparatus 110.

  When the server master shown in FIG. 11 virtually constructs a server in the policy management apparatus 110, the server ID uniquely identifies the virtual server, the server name indicating the name of the virtual server, and the virtual server. It is configured to include a single multi section for identifying whether to operate as a dedicated server or a shared server.

  The customer master has a function of memorizing and managing a user who has signed a contract with the provider of this function when using the policy granting function using the policy granting system 100, and has signed a server ID and a contract. Customer ID for uniquely identifying the user, customer name indicating the user's name, other basic information such as the user's address, telephone number, e-mail address, number of contract licenses, service start date, cancellation flag indicating the cancellation status, etc. The contract information is stored.

  The user master sets a user who uses the policy granting function among a server ID indicating a server that can be used by the user, a customer ID, and a user who has concluded a contract, and uniquely identifies each set user. It includes a login ID, an authority classification for identifying the usage authority of the policy granting system 100 for the user, for example, a classification for identifying an operator, an administrator, a user, etc. of this system, and a user master Includes a password used when a user having a login ID uses the policy assignment system 100.

  The policy management table includes a server ID, a customer ID, a login ID, a policy ID for uniquely identifying the policy, a policy content indicating the content of the policy, and availability information indicating the policy availability and usage conditions. The user can use the policy information stored in the policy management table.

Next, in the policy assignment system 100 according to the embodiment of the present invention, processing for setting a policy that can be used for a user who uses the system will be described with reference to the flowchart shown in FIG. Note that each step in this flowchart is executed under the control of the client terminal 104 and the CPU 201 of the policy management apparatus 110.

  First, in step S100, the login screen 700 is activated and displayed by the display unit 404. At the activation timing, the policy management apparatus 110 selects any virtual server based on the connection information from the client terminal 104 that requested the activation. The server ID and the customer ID are specified by determining which user is using the server, and the login screen 700 is transmitted to the client terminal 104 by the transmission unit 416 together with the server ID and the customer ID. Note that this determination can be made by storing in the storage means 414 a table in which the server ID and customer ID are stored in correspondence with the connection information.

  The client terminal 104 receives the login screen 700 together with the server ID and customer ID transmitted from the policy management apparatus 110 by the receiving unit 408 and stores them in the RAM 203, and activates the login screen 700 stored in the RAM 203.

  In the next step S <b> 102, it is determined whether or not the login button 706 on the login screen 700 has been pressed by the input unit 402.

  If it is determined that the login button 706 has been pressed by the input unit 402, the process proceeds to step S104.

  In step S104, the server ID and customer ID stored in the RAM 203 in step S100, and the user information including the login ID and password input to the login ID 702 and password 704 on the login screen 700 are acquired and stored in the RAM 203.

  In step S106, the user information stored in the RAM 203 in step S104 is acquired, and the acquired user information is transmitted to the policy management apparatus 110 by the transmission unit 406.

  In step S108, the user information transmitted in the client terminal 104 is received by the receiving unit 410, and the received user information is stored in the RAM 203. In the next step S110, the user stored in the RAM 203 in step S108 by the authentication unit 412. It is determined whether the server ID, customer ID, and user ID included in the information match the server ID, customer ID, and login ID of the user master. If they match, authentication is OK, and if they do not match, authentication is performed. The authentication result is stored in the RAM 203 as NG.

  Further, in the case of authentication OK, the authority classification possessed by the user is acquired from the user master, and is included in the authentication result and stored in the RAM 203.

  In step S112, the authentication result stored in the RAM 203 in step S110 is acquired, and the policy information that matches the server ID, customer ID, and login ID included in the user information stored in the RAM 203 in step S108 is acquired from the policy management table. .

  In step S <b> 114, the authentication result and policy information transmitted from the policy management apparatus 110 are received by the receiving unit 408, and the received authentication result and policy information are stored in the RAM 203.

  In step S116, based on the authentication result stored in the RAM 203 in step S114, it is determined whether or not the login is approved. If the authentication is OK, the process proceeds to step S118. If the authentication is NG, the process proceeds to step S102. Proceed with the process.

  In step 118, the policy registration screen 500 is activated and displayed by the display unit 404. In step S120, it is determined whether or not the user / user group addition button 506 has been pressed by the input unit 402. If it is determined, the process proceeds to step S122. In step S122, one list is added to the policy setting field 508, and the policy assignment target user set in the name field by the input unit 402 (corresponding to the login ID) Each policy information set in correspondence with the login ID (note that the policy information is stored in the RAM 203 in correspondence with the policy information) and availability information of the policy information are acquired, Store in RAM 203.

  In step S122, it is determined whether or not the registration button 514 has been pressed by the input unit 402. If it is determined that the button is pressed, the process proceeds to step S126. If it is not determined that the button is pressed, the process proceeds to step S136. .

  In step S126, the policy assignment target login ID stored in the RAM 203 in step S122 and the policy information (including policy ID and availability information) corresponding to the login ID are acquired. In step S104, the user information stored in the RAM 203 is stored in the user information. In step S128, the server ID and the customer ID included in the login ID, the server ID, and the customer ID acquired in step S126 are transmitted to the policy management apparatus 110 by the transmission unit 406.

  In step S130, the user information and policy information transmitted from the client terminal 104 are received by the receiving means 410 and stored in the RAM 203. In step S132, the server ID, customer ID, login ID, policy stored in the RAM 203 in step S130. Server ID, customer ID, login ID, policy ID, policy content in the policy management table in the order of content, policy ID, and availability information (the policy content, policy ID, and availability information on the left are included in the policy information) And stored in the usability information.

  In step S134, the result of completion of registration of the policy information is transmitted to the client terminal 104 by the transmission unit 416. In step S136, the reception unit 408 receives the registration completion notification transmitted from the policy management apparatus 110, and then Then, the process proceeds to step S138. In step S138, the policy registration screen 500 is closed by the display unit 404.

  In step S140, it is determined whether or not the return button 516 has been pressed by the input unit 402. If it is determined that the button has been pressed, the process proceeds to step S138.

  Next, in the policy assigning system 100 according to the embodiment of the present invention, the data obtained by scanning the document in the multi-function peripheral 102 generates a file of a desired file format, and assigns the desired policy to the generated file. The process will be described with reference to the flowchart shown in FIG.

  In this flowchart, steps S200 to S208, steps S214 to S224, and steps S232 to S236 are executed under the control of the CPU 301 of the multi-function peripheral 102, and steps S210, S212, and S226 are executed. From step S230 to step S230, processing is executed under the control of the CPU 201 of the policy management apparatus 110.

  In step S200, the main menu screen 600 displayed by the display unit 420 is scanned by the input unit 418 to determine whether the send button 602 or the scan and save button 604 has been pressed. If so, the process proceeds to step S202.

  In step S202, the option screen 800 is activated and displayed by the display unit 420. In step S204, it is determined whether or not the button 802 to apply the policy has been pressed by the input unit 418. The process proceeds to S208, and if it is not determined that the button has been pressed, the process proceeds to step S206.

  In step S206, it is determined whether or not the cancel button 806 has been pressed by the input unit 418. If it is determined that the cancel button 806 has been pressed, it is determined that the policy is not applied, and the process proceeds to step S208.

In step S208, the transmission unit 406 confirms whether the policy management apparatus 110 can be connected. In the next step S210, any virtual server is used based on the connection information from the multifunction peripheral 102. Then, the server ID and the customer ID are specified by determining which user uses them. In the next step S212, the transmission authentication unit 416 sends the communication authentication result together with the server ID and the customer ID to the multifunction machine 102. Send to. Note that a table in which the server ID and the customer ID are stored in correspondence with the connection information is stored in the storage unit 414 in advance, and if the connection information from the MFP 102 exists in the storage unit 414, the communication authentication is OK. If the connection information does not exist in the storage unit 414, the communication authentication result is transmitted to the multi-function peripheral 102 by executing as the communication authentication NG.

In step S214, the communication authentication result is received together with the server ID and customer ID by the receiving unit 430 and stored in the RAM 203. In step S216, in step S216, the communication authentication result stored in the RAM 203 in step S214 is the communication authentication. If OK, the process proceeds to step S218. If the communication authentication result is communication authentication NG, the process proceeds to step S204.

  In step S218, the login screen 700 is activated and displayed by the display unit 420. In step S220, it is determined whether or not the login button 706 has been pressed by the input unit 418. If it is determined that the login button 700 has been pressed, the process proceeds to step S222. Proceed with the process.

  In step S224, the server ID and customer ID stored in the RAM 203 in step S214 and the user information including the login ID and password input to the login ID 702 and password 704 on the login screen 700 are acquired and stored in the RAM 203. In this step, a mode in which the user uses a login ID and a password obtained by putting the IC card storing the login ID and the password on the card reader 319 may be used.

  In step S224, the user information stored in the RAM 203 in step S222 is acquired, and the acquired user information is transmitted to the policy management apparatus 110 by the transmission unit 428.

  In step S226, the user information transmitted in the client terminal 104 is received by the receiving unit 410, and the received user information is stored in the RAM 203. In the next step S228, the user stored in the RAM 203 in step S226 by the authentication unit 412. It is determined whether the server ID, customer ID, and user ID included in the information match the server ID, customer ID, and login ID of the user master. If they match, authentication is OK, and if they do not match, authentication is performed. The authentication result is stored in the RAM 203 as NG.

  Further, in the case of authentication OK, the authority classification possessed by the user is acquired from the user master, and is included in the authentication result and stored in the RAM 203.

  In step S230, the authentication result stored in the RAM 203 in step S228 is acquired, and policy information that matches the server ID, customer ID, and login ID included in the user information stored in the RAM 203 in step S226 is acquired from the policy management table. .

  Then, the authentication result and policy information are transmitted to the client terminal 104 by the transmission unit 428.

  In step S232, the reception unit 430 receives the authentication result and policy information transmitted from the policy management apparatus 110, and stores the received authentication result and policy information in the RAM 203.

  In step S234, based on the authentication result stored in the RAM 203 in step S232, it is determined whether or not the login is approved. If authentication is OK, the process proceeds to step S236. If authentication is NG, the process proceeds to step S220. Proceed with the process.

  In step S236, processing for assigning a policy is executed. Details will be described later with reference to the flowchart shown in FIG.

  Next, details of the policy assignment processing in step S236 of the flowchart shown in FIG. 13 will be described using the flowchart shown in FIG. Note that each step in this flowchart is executed under the control of the CPU 201 in the policy management apparatus 110.

  First, in step S300, the policy list screen 900 is activated and displayed by the display unit 420. In the next step S302, the policy information stored in the RAM 203 in step S232 is displayed in the policy name 902 by the display unit 420.

  In step S304, it is determined whether or not the policy name 902 has been selected by the input unit 418. If the policy name 902 has been selected, the display unit 420 displays the policy name 902 in an identifiable manner to indicate that it has been selected. The process proceeds to step S306.

  In step S306, it is determined whether or not the grant button 904 has been pressed by the input unit 418. If it is determined that the button is pressed, the process proceeds to step S310, and if it is not determined that the button is pressed, the process proceeds to step S308. .

  In step S308, it is determined whether or not the setting cancel button 906 has been pressed by the input unit 418. If it is determined that the button has been pressed, the processing in this flowchart is terminated. If it is not determined that the button has been pressed, the processing proceeds to step S304. To proceed.

  In step S310, after the selected policy name 902 is acquired by the display unit 420 and stored in the RAM 203, the policy list screen 900 is closed by the display unit 420 in the next step S312.

  In step S314, the display unit 420 displays the button 802 for applying the policy on the option screen 800 in an identifiable manner. In the next step S316, it is determined whether or not the OK button 804 is pressed by the input unit 418. If it is determined that the button has been pressed, the process proceeds to step S320; otherwise, the process proceeds to step S318.

  In step S318, the input unit 418 determines whether or not the cancel button 806 is pressed. If it is determined that the button is pressed, the process proceeds to step S304.

  In step S320, the display unit 420 activates and displays the file format selection screen 1000. In step S322, the input unit 418 determines whether each button has been pressed to select a file format. If it is determined that the button has been pressed, the process proceeds to step S202. If it is not determined that the button has been pressed, the process proceeds to step S324.

  In step S324, it is determined whether or not the OK button 1004 has been pressed by the input unit 418. If it is determined that the button has been pressed, the process proceeds to step S328. If it is not determined that the button has been pressed, the process proceeds to step S326. Proceed.

  In step S326, it is determined whether or not the cancel button 1006 has been pressed by the input means 418. If it is determined that the button has been pressed, the process proceeds to step S316.

  In step S328, the selected file format is acquired by the display unit 420 and stored in the RAM 203. In step S330, the reading unit 422 reads the document set on the tray of the document feeder and converts it into data. In step S328, the data is generated as a file in the file format stored in the RAM 203.

  In the next step S332, a policy corresponding to the policy name 902 stored in the RAM 203 in step S310 is assigned to the file generated in step S330 by the policy giving unit 424. In step 334, the policy is changed in step S332. A process corresponding to the button pressed in step S200 is executed on the assigned file.

  In this step, for example, when the scan and send button 602 is pressed, immediately after step S200, a screen (not shown) for setting the destination address is displayed on the display means 420, and the user can When the file to which the policy is assigned is transmitted by the transmission unit 428 or the save button 604 is pressed after the scan is pressed, the file to which the policy is assigned is stored in a predetermined storage area by the storage unit 426. Remember me.

  As a result, it is possible to immediately assign a policy to a file obtained by scanning, and after executing each function in the MFP 102 to generate a file, the file is stored in an external system for the MFP. It is possible to reduce the troublesome task of extracting and assigning a policy, or assigning a policy to a file once stored from an external system.

As described above, according to the present invention, it is possible for a user to be provided with only necessary functions without performing system construction and operation, and further, the authority to use a document can be provided. It becomes possible to avoid the troublesomeness at the time of giving.

  Although the embodiment has been described in detail above, the present invention can take an embodiment as, for example, a method, a program, a storage medium, or the like. Specifically, the present invention is applied to a system composed of a plurality of devices. The present invention may be applied, or may be applied to an apparatus composed of one device. The program according to the present invention is a program that allows a computer to execute (read) each processing method, and the storage medium according to the present invention stores a program that allows the computer to execute each processing method.

The program in the present invention may be a program for each processing method of each device.

As described above, a recording medium that records a program that implements the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by performing reading.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium storing the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, silicon A disk or the like can be used.

Further, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also an OS or the like operating on the computer based on an instruction of the program is a part of the actual processing or It goes without saying that the case where the functions of the above-described embodiments are realized by performing all of the above processing is also included.

Furthermore, after the program read from the recording medium is written to the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is based on the instructions of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  Further, the present invention may be applied to a system composed of a plurality of devices or an apparatus composed of a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

  Furthermore, by downloading and reading a program for achieving the present invention from a server, database, etc. on a network using a communication program, the system or apparatus can enjoy the effects of the present invention. In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

DESCRIPTION OF SYMBOLS 100 Policy granting system 102 Multifunction machine 104 Client terminal 106 Internet 108 Virtual server 110 Policy management apparatus 201 CPU
202 ROM
203 RAM
204 System bus 205 Input controller 206 Video controller 207 Memory controller 208 Communication I / F controller 209 Input unit 210 Display unit 211 External memory 301 CPU
302 RAM
303 ROM
304 Hard Disk Drive 305 Network Interface 306 Modem 307 Operation Unit Interface 308 Operation Unit 309 System Bus 310 Raster Image Processor 311 Printer Interface 312 Printer Unit 313 Scanner Interface 314 Scanner Unit 315 Image Bus 316 Controller Unit 317 Image Processing Unit 318 External Interface 319 Card Reader 320 Image bus interface 321 External storage

Claims (11)

A policy granting system in which an image forming apparatus having a scanner function and a policy management apparatus that stores and manages policy information indicating use conditions for a user's recording medium are connected via a network.
The image forming apparatus includes:
Reading means for generating a recording medium and recording the data on the recording medium after converting the document into read data;
Input of user information for uniquely identifying a user, or input means for inputting an instruction to read a document by the reading means;
Image forming apparatus transmitting means for transmitting user information input by the input means to the policy management apparatus;
Image forming apparatus receiving means for receiving policy information transmitted by the policy management apparatus transmitting means;
Policy giving means for giving a policy to the recording medium according to the policy information received by the image forming apparatus receiving means with respect to the recording medium generated by the reading means when an instruction to read a document is inputted by the input means When,
With
The policy management device includes:
Storage means for storing policy information available to the user in association with the user information;
Policy management apparatus receiving means for receiving user information transmitted by the image forming apparatus transmitting means;
Policy information acquisition means for acquiring policy information corresponding to user information stored in the storage means that matches the user information received by the policy management device reception means;
Policy management apparatus transmitting means for transmitting the policy information acquired by the policy information acquisition means to the image forming apparatus;
A policy granting system characterized by comprising: The image forming apparatus includes:
Display means for displaying policy information received by the image forming apparatus receiving means;
The input means can further select and input the policy information displayed by the display means,
The policy assigning unit assigns a policy to the recording medium according to the policy information selected and input by the input unit with respect to the recording medium generated by the reading unit when an instruction to read a document is input by the input unit. The policy assignment system according to claim 1, wherein the policy assignment system is provided. A policy grant system comprising a client terminal in which the image forming apparatus and the policy management apparatus are connected via a network,
The client terminal is
Client terminal input means for inputting user information for uniquely identifying a user, and for inputting policy information for assigning the use condition of the user to a recording medium;
Client terminal transmission means for transmitting user information and policy information input by the client terminal input means to the policy management device;
With
The policy management device receiving means receives user information and policy information transmitted by the client terminal transmitting means,
3. The policy granting system according to claim 1, wherein the storage unit stores the received policy information in association with the user information. The input unit can further input an instruction to transmit a recording medium to which a policy is assigned to a predetermined destination after reading the document by the reading unit, and the predetermined destination,
4. The recording medium according to claim 1, wherein when the instruction to transmit is given by the input unit, the recording medium to which the policy is given by the policy giving unit is sent to the predetermined destination. 5. Policy granting system. The input means can further input an instruction to store a recording medium to which a policy is assigned in a predetermined area after the original is read by the reading means.
5. The storage medium according to claim 1, wherein when the instruction to store is given by the input unit, the recording medium to which the policy is given by the policy giving unit is stored in the predetermined area. 6. Policy granting system. An image forming apparatus connected via a network to a policy management apparatus that stores and manages policy information indicating usage conditions for a user's recording medium in association with user information for uniquely identifying the user,
Reading means for generating a recording medium and recording the data on the recording medium after converting the document into read data;
Input of user information for uniquely identifying a user, or input means for inputting an instruction to read a document by the reading means;
Image forming apparatus transmitting means for transmitting user information input by the input means to the policy management apparatus;
Image forming apparatus receiving means for receiving from the policy management apparatus the policy information that matches the user information transmitted by the image forming apparatus transmitting means;
Policy giving means for giving a policy to the recording medium according to the policy information received by the image forming apparatus receiving means with respect to the recording medium generated by the reading means when an instruction to read a document is inputted by the input means When,
An image forming apparatus comprising: A policy granting system control method in which an image forming apparatus having a scanner function and a policy management apparatus that stores and manages policy information indicating use conditions for a user's recording medium are connected via a network.
In the image forming apparatus,
A reading step of generating a recording medium and recording the data on the recording medium after converting the document into the reading data;
Input of user information for uniquely identifying a user, or an input step for inputting an instruction to read a document by the reading step;
An image forming apparatus transmission step of transmitting the user information input in the input step to the policy management device;
An image forming apparatus receiving process for receiving the policy information transmitted by the policy management apparatus transmitting process;
A policy applying step for assigning a policy to the recording medium according to the policy information received by the image forming apparatus receiving step with respect to the recording medium generated by the reading step when a document reading instruction is input by the input step. When,
Run
In the policy management device,
A policy management device receiving step for receiving user information transmitted by the image forming device transmission step;
Policy information acquisition step of acquiring policy information corresponding to user information stored in storage means for storing policy information usable by a user that matches the user information received by the policy management device reception step in association with user information When,
A policy management device transmission step of transmitting the policy information acquired by the policy information acquisition step to the image forming device;
And executing the policy granting system. A control method for an image forming apparatus connected via a network to a policy management apparatus that stores and manages policy information indicating usage conditions for a user's recording medium in association with user information for uniquely identifying the user. And
A reading step of generating a recording medium and recording the data on the recording medium after converting the document into the reading data;
Input of user information for uniquely identifying a user, or an input step for inputting an instruction to read a document by the reading step;
An image forming apparatus transmission step of transmitting the user information input in the input step to the policy management device;
An image forming apparatus receiving step for receiving from the policy management apparatus the policy information that matches the user information transmitted by the image forming apparatus transmitting step;
A policy applying step for assigning a policy to the recording medium according to the policy information received by the image forming apparatus receiving step with respect to the recording medium generated by the reading step when a document reading instruction is input by the input step. When,
And a control method for the image forming apparatus. A program executed by a policy grant system in which an image forming apparatus having a scanner function and a policy management apparatus that stores and manages policy information indicating use conditions for a user's recording medium are connected via a network,
The image forming apparatus;
Reading means for generating a recording medium and recording the data on the recording medium after converting the document into read data;
Input of user information for uniquely identifying a user, or input means for inputting an instruction to read a document by the reading means;
Image forming apparatus transmitting means for transmitting user information input by the input means to the policy management apparatus;
Image forming apparatus receiving means for receiving policy information transmitted by the policy management apparatus transmitting means;
Policy giving means for giving a policy to the recording medium according to the policy information received by the image forming apparatus receiving means with respect to the recording medium generated by the reading means when an instruction to read a document is inputted by the input means When,
To function,
The policy management device;
Policy management apparatus receiving means for receiving user information transmitted by the image forming apparatus transmitting means;
Policy information acquisition means for acquiring policy information corresponding to the user information stored in the storage means for storing the policy information usable by the user that matches the user information received by the policy management device reception means in association with the user information When,
Policy management apparatus transmitting means for transmitting the policy information acquired by the policy information acquisition means to the image forming apparatus;
A program characterized by making it function. A program executed in an image forming apparatus connected via a network to a policy management apparatus that stores and manages policy information indicating use conditions for a user's recording medium in association with user information for uniquely identifying the user Because
Reading means for generating a recording medium and recording the data on the recording medium after converting the document into read data;
Input of user information for uniquely identifying a user, or input means for inputting an instruction to read a document by the reading means;
Image forming apparatus transmitting means for transmitting user information input by the input means to the policy management apparatus;
Image forming apparatus receiving means for receiving from the policy management apparatus the policy information that matches the user information transmitted by the image forming apparatus transmitting means;
Policy giving means for giving a policy to the recording medium according to the policy information received by the image forming apparatus receiving means with respect to the recording medium generated by the reading means when an instruction to read a document is inputted by the input means When,
A program characterized by making it function. A computer-readable recording medium on which the program according to claim 9 or 10 is recorded.

Images