JP2018007036A - Apparatus, system and method for image processing, and program - Google Patents

Abstract

An image processing apparatus, an image processing system, an image processing method, and a program that make it possible to more easily execute settings necessary for enabling a function. An image processing apparatus includes: a connection detection unit configured to detect a connected authentication information acquisition apparatus; correspondence information indicating correspondence between an authentication function and an authentication information acquisition apparatus used for executing the authentication function; A determination unit for determining an ineffective authentication function among authentication functions corresponding to the detected authentication information acquisition device based on the valid information indicating whether the function is valid, and the determined authentication function And a display control unit that displays the information in a selectable manner. [Selection] Figure 5

Description

  The present invention relates to an image processing apparatus, an image processing system, an image processing method, and a program.

  As a user authentication method for an apparatus such as an image forming apparatus, a technique for performing face authentication using a face image of a user photographed by a camera in addition to IC card authentication is known. In order to enable (use) the face authentication function using an external camera, it is necessary to connect the camera to the image forming apparatus and make settings for enabling the authentication function.

  However, in the conventional technology, there are cases where settings necessary for enabling functions such as face authentication cannot be easily performed. For example, when there are multiple setting items, it is necessary for the user to find and set the setting items necessary for the function to be used from many types of setting items. There was a problem that the burden increased.

  The present invention has been made in view of the above, and provides an image processing apparatus, an image processing system, an image processing method, and a program that make it possible to more easily execute settings necessary for enabling a function. For the purpose.

  In order to solve the above-described problems and achieve the object, the present invention provides a connection detection unit that detects a connected authentication information acquisition device, an authentication function, and an authentication information acquisition device used to execute the authentication function. The authentication function that is not valid is determined among the authentication functions corresponding to the detected authentication information acquisition device, based on the correspondence information that indicates the correspondence between the authentication function and the valid information that indicates whether the authentication function is valid. A determination unit; and a display control unit that displays the determined authentication function in a selectable manner.

  According to the present invention, there is an effect that it is possible to more easily execute settings necessary for enabling a function.

FIG. 1 is a diagram illustrating an example of a configuration of an image processing system according to the embodiment. FIG. 2 is a diagram illustrating an example of a hardware configuration of the image forming apparatus according to the embodiment. FIG. 3A is a diagram illustrating a physical connection relationship between the operation unit and the camera. FIG. 3B is a diagram illustrating a physical connection relationship between the operation unit and the camera. FIG. 4 is a diagram illustrating an example of a software configuration of the image forming apparatus according to the embodiment. FIG. 5 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the embodiment. FIG. 6A is a diagram illustrating an example of a data structure of connection information. FIG. 6B is a diagram illustrating an example of the data structure of the connection information. FIG. 7 is a diagram illustrating an example of the data structure of the correspondence information. FIG. 8A is a diagram illustrating an example of a data structure of valid information. FIG. 8-2 is a diagram illustrating an example of a data structure of valid information. FIG. 9 is a flowchart illustrating an example of a function setting process in the embodiment. FIG. 10 is a diagram illustrating an example of a restart screen. FIG. 11 is a flowchart illustrating an example of the extraction process according to the embodiment. FIG. 12 is a diagram illustrating an example of the selection screen. FIG. 13 is a sequence diagram illustrating an example of the function setting process. FIG. 14 is a sequence diagram illustrating an example of a function setting process when the camera is removed. FIG. 15 is a diagram illustrating an example of the invalid function display screen.

  Exemplary embodiments of an image processing apparatus, an image processing system, an image processing method, and a program according to the present invention will be explained below in detail with reference to the accompanying drawings.

  In the present embodiment, for example, when a camera is connected to the image processing apparatus, a screen for setting necessary to activate the face authentication function is displayed, and the setting can be easily performed in a wizard format.

  FIG. 1 is a diagram illustrating an example of a configuration of an image processing system according to an embodiment. The configuration of the image processing system 100 according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 1, the image processing system 100 includes an image forming apparatus 101 and an RFID (Radio Frequency Identification) tag 104 possessed by a user 105.

  The image forming apparatus 101 is, for example, an image forming apparatus such as an MFP (Multi Function Peripheral), a copier, a printer, a facsimile apparatus, or a scanner apparatus, and is an example of the image processing apparatus of the present invention. Here, the MFP is a multifunction device having at least two functions among a copy function, a printer function, a scanner function, and a facsimile function. The image forming apparatus 101 includes an RFID tag reader 103 and a moving body sensor 106. The RFID tag reader 103 receives predetermined information such as a wireless tag ID from an RFID tag 104 (an example of a wireless tag) within a predetermined range. An external device (device) such as a camera 102 can be connected to the image forming apparatus 101. The camera 102 captures an image. The moving body sensor 106 detects a moving body (such as a user) within a predetermined range. Here, the RFID is a technique for performing short-range wireless communication using electromagnetic waves or radio waves between the RFID tag 104 storing predetermined information such as a wireless tag ID and the RFID tag reader 103. It is an example of radio | wireless communication.

  For example, when the RFID tag 104 is a passive tag, the RFID tag reader 103 radiates a predetermined radio wave to a detection range of the RFID tag reader 103 described later. When the RFID tag 104 receives a radio wave radiated from the RFID tag reader 103, the RFID tag 104 operates using the received radio wave as power, and transmits predetermined information such as a radio tag ID stored in advance to the RFID tag reader 103.

  A passive tag is an RFID tag that operates using radio waves from an RFID tag reader as an energy source, and does not require a battery. The antenna of the passive tag reflects a part of the radio wave from the RFID tag reader and returns information such as the radio tag ID on the reflected wave. Since the intensity of this reflection is very small, a passive tag has a shorter communication distance than an active tag that transmits radio waves with its own power, but is inexpensive and operates almost permanently.

  Radio wave transmission systems are mainly classified into radio wave induction systems and radio wave systems. The electromagnetic induction method is a method of transmitting energy and signals by magnetically coupling a tag coil and a reader antenna coil. Compared to the radio system, energy can be transmitted more efficiently, so development has progressed further. Felica (registered trademark) is this system. This method is adopted in a band of 130 to 135 kHz and 13.56 MHz. The maximum communicable distance of the radio wave induction method is about 1 m. On the other hand, the radio wave system is a system in which radio waves are exchanged between a tag antenna and a reader antenna to transmit energy and signals. Since radio waves are radiated and transmitted in space, it is possible to communicate with tags farther than electromagnetic induction methods. This method is adopted in the bands of 433 MHz, 900 MHz, and 2.45 GHz. The communicable distance of the radio wave system is 3 to 5 m with a passive tag. The active tag can communicate about several kilometers as long as output power is allowed.

  For example, the camera 102 is an imaging device installed so that a captured image includes a user 105 who uses the image forming apparatus 101.

  In the present embodiment, for example, when the camera 102 is connected to the image forming apparatus 101, a selection screen 300 that displays the authentication function to be enabled is displayed. When the authentication function to be enabled is selected and the confirmation button 301 is pressed, the selected function is executed. When the cancel button 302 is pressed, the new authentication function is not validated and the process is interrupted.

  Note that the system configuration in FIG. 1 is merely an example. For example, although FIG. 1 shows the image forming apparatus 101 as an example of the image processing apparatus, the present invention is not limited to this. The image processing apparatus may be a PC (Personal Computer), a tablet terminal, a smartphone, a game machine, a video conference apparatus, or the like having an authentication function for a user similar to the image forming apparatus 101.

  Further, the RFID tag reader 103 or the like may be externally attached.

  The RFID tag 104 may be an RFID active tag or a semi-active tag. The RFID tag 104 is an example of a wireless tag. The wireless tag may be a wireless terminal that performs communication using a short-range wireless method (for example, Bluetooth (registered trademark) Low Energy (hereinafter referred to as “BLE”) or NFC (Near Field Communication)) different from RFID. Good. Further, instead of the wireless tag, a mobile terminal equipped with a wireless tag or the like may be used. As described above, the authentication (wireless authentication) using the RFID tag 104 is an example, and may be replaced with another authentication method using an object storing authentication information associated with the user.

  An authentication method combined with wireless authentication is not limited to an authentication method using an image obtained by capturing a user. For example, various authentication methods for authenticating a user using feature information indicating the characteristics of the user's biological body may be used. Such authentication methods include, for example, authentication based on the user's walking pattern, authentication based on the speed and timing of the user's key input, voice authentication, fingerprint authentication, iris authentication, and vein authentication.

(Hardware configuration)
FIG. 2 is a diagram illustrating an example of a hardware configuration of the image forming apparatus according to the present embodiment. A hardware configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 2, the image forming apparatus 101 includes, for example, a main body 310 that realizes various image forming functions such as a copy function, a scanner function, a fax function, and a printer function, and an operation unit 330 that receives user operations. And comprising. Here, accepting a user's operation is a concept including accepting information (including a signal indicating a coordinate value of a screen) input according to the user's operation.

  The main body 310 and the operation unit 330 are connected to each other via a dedicated communication path 350 so that they can communicate with each other. The communication path 350 may be, for example, a USB (Universal Serial Bus) standard, but is not limited thereto, and may be of any standard regardless of wired or wireless. The main body 310 performs an operation according to the operation received by the operation unit 330. The main body 310 can also communicate with an external device such as a client PC, and can also perform an operation according to an instruction received from the external device.

<Hardware configuration of main unit>
As shown in FIG. 2, the main body 310 includes a CPU (Central Processing Unit) 311, a ROM (Read Only Memory) 312, a RAM (Random Access Memory) 313, a storage 314, and a communication I / F (Interface) 315. A connection I / F 316, an engine 317, a moving body sensor 318, and a system bus 319.

  The CPU 311 comprehensively controls the operation of the main body 310. The CPU 311 controls the overall operation of the main body 310 by executing a program stored in the ROM 312 or the storage 314 using the RAM 313 as a work area (working area). For example, the CPU 311 realizes various functions such as the copy function, the scanner function, the fax function, and the printer function described above.

  The ROM 312 is a non-volatile memory that stores, for example, a basic input / output system (BIOS) executed when the main body 310 is activated, and various settings. The RAM 313 is a volatile memory used as a work area for the CPU 311. The storage 314 is, for example, a non-volatile storage device that stores an OS (Operating System), application programs, various data, and the like. The storage 314 includes, for example, an HDD (Hard Disk Drive) or an SSD (Solid State Drive).

  The communication I / F 315 is a network interface for connecting the main body 310 to the network 360 and communicating with an external device connected to the network 360. The connection I / F 316 is an interface for communicating with the operation unit 330 via the communication path 350.

  The engine 317 is hardware that performs processing other than general-purpose information processing and communication for realizing functions such as a copy function, a scanner function, a fax function, and a printer function. The engine 317 includes, for example, a scanner that scans and reads an image of a document, a plotter that performs printing on a sheet material such as paper, and a fax unit that performs fax communication. The engine 317 may include a specific option such as a finisher that sorts printed sheet materials or an ADF (Auto Document Feeder) that automatically feeds a document.

  The moving body sensor 318 is a sensor that detects a moving body (such as a user) within the detection range around the image forming apparatus 101. The moving body sensor 318 is composed of, for example, a pyroelectric sensor. The moving body sensor 318 corresponds to the moving body sensor 106 shown in FIG.

  A system bus 319 is a transmission path that connects the above-described components to each other and transmits an address signal, a data signal, various control signals, and the like.

<Hardware configuration of operation unit>
As shown in FIG. 2, the operation unit 330 includes a CPU 331, a ROM 332, a RAM 333, a flash memory 334, a communication I / F 335, an operation panel 336, a connection I / F 337, an external connection I / F 338, A short-range wireless communication device 339 and a system bus 341 are included.

  The CPU 331 comprehensively controls the operation of the operation unit 330. The CPU 331 controls the operation of the entire operation unit 330 by executing a program stored in the ROM 332, the flash memory 334, or the like using the RAM 333 as a work area (working area). For example, the CPU 331 realizes various functions such as displaying information (image) according to the input received from the user on the operation panel 336.

  The ROM 332 is a non-volatile memory that stores, for example, a BIOS executed when the operation unit 330 is activated, and various settings. The RAM 333 is a volatile memory used as a work area for the CPU 331. The flash memory 334 is a non-volatile storage device that stores an OS, application programs, various data, and the like, for example.

  The communication I / F 335 is a network interface for connecting the operation unit 330 to the network 360 and performing communication with an external device connected to the network 360.

  The operation panel 336 accepts various inputs according to user operations, and also receives various types of information (for example, information according to the accepted operations, information indicating the operating status of the image forming apparatus 101, setting information, and the like). A device having an input function and a display function for displaying. The operation panel 336 is configured by, for example, a liquid crystal display device (LCD: Liquid Crystal Display) equipped with a touch panel function. Note that the operation panel 336 is not limited to a liquid crystal display device, and may be configured by, for example, an organic EL (Electro-Luminescence) display device equipped with a touch panel function. The operation panel 336 can include an operation unit such as a hardware key or a display unit such as a lamp in addition to or instead of the touch panel function.

  The connection I / F 337 is an interface for communicating with the main body 310 via the communication path 350. The external connection I / F 338 is an interface such as a USB for connecting an external device. The external connection I / F 338 can connect to and communicate with an arbitrary number of external devices. The external device can be removed from the external connection I / F 338.

  In the example of FIG. 2, a camera 102 and a card reader 201 are connected as external devices. The card reader 201 is a device that reads data stored in an IC (Integrated Circuit) card. The camera 102 and the card reader 201 are examples of external devices, and can connect other arbitrary external devices. The camera 102 and the card reader 201 are examples of external devices used for user authentication. Other examples of external devices connected to the external connection I / F 338 for user authentication include a vein authentication device (finger, palm), fingerprint authentication device, voice print authentication device (microphone), and iris authentication device (camera). )and so on. As described above, the short-range wireless communication device 339 (RFID tag reader 103) may be externally attached as an external device, and user authentication (wireless authentication) may be performed using the short-range wireless communication device 339.

  The short-range wireless communication device 339 is a short-range wireless device for communicating with a wireless tag within a predetermined range by short-range wireless communication. The short-range wireless communication device 339 includes, for example, the RFID tag reader 103 shown in FIG. 1 and the like, and transmits a radio wave from an RFID passive tag that returns a response to a radio wave transmitted from the short-range wireless communication device 339 or from its own device. Predetermined information is received from an RFID active tag or the like. Note that the short-range wireless communication device 339 may be a short-range wireless device that performs short-range wireless communication such as BLE or NFC described above.

  The system bus 341 is a transmission path that connects the above-described components to each other and transmits an address signal, a data signal, various control signals, and the like.

  3A and 3B are diagrams illustrating a physical connection relationship between the operation unit 330 and the camera 102. 3A is a front view of the image forming apparatus 101, and FIG. 3B is a side view of the image forming apparatus 101. A connector 362 (such as a USB connector) used for connecting the external connection I / F 338 to an external device is provided on the side surface of the operation unit 330. The camera 102 is also provided with a connector 361. The external connection I / F 338 and the camera 102 are connected by connecting the connectors 371 at both ends of the cable 372 to the camera 102 and the operation unit 330, respectively. The cable 372 can be removed.

  In FIGS. 3A and 3B, there are two connectors 362 on the external connection I / F 338 side, one is used for connection with the camera 102, and the other is not used. The external device stores the identification information (type, device ID, etc.) of its own device in the storage area, and transmits the identification information to the operation unit 330 when connected to the operation unit 330.

(Software configuration)
FIG. 4 is a diagram illustrating an example of a software configuration of the image forming apparatus according to the present embodiment. The software configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 4, the main body 310 of the image forming apparatus 101 includes an application layer 411, a service layer 412, and an OS layer 413. The entities of the application layer 411, the service layer 412, and the OS layer 413 are various software stored in the ROM 312 or the storage 314. When the CPU 311 executes these software (programs), various functions of the main body 310 are provided.

  The application layer 411 is application software (hereinafter, simply referred to as “application” in some cases) for operating hardware resources and providing a predetermined function. Examples of the application include a copy application for providing a copy function, a scanner application for providing a scanner function, a fax application for providing a fax function, and a printer application for providing a printer function.

  The service layer 412 is software that is interposed between the application layer 411 and the OS layer 413 and provides an interface for using hardware resources of the main body 310 for the application of the application layer 411. Specifically, the service layer 412 provides a function of accepting operation requests for hardware resources and arbitrating operation requests. The operation request received by the service layer 412 includes a request for reading by a scanner and printing by a plotter. Note that the interface function by the service layer 412 is provided not only to the application layer 411 of the main body 310 but also to the application layer 431 of the operation unit 330. The interface function of the service layer 412 is provided by, for example, WebAPI. That is, the application layer 431 of the operation unit 330 can also realize a function using hardware resources (for example, the engine 317) of the main body 310 via the Web API interface function of the service layer 412 of the main body 310.

  The OS layer 413 is basic software (operating system) for providing a basic function for controlling hardware included in the main body 310. The service layer 412 converts a hardware resource use request from various applications into a command interpretable by the OS layer 413 and passes it to the OS layer 413. Then, when the command is executed by the OS layer 413, the hardware resource performs an operation in accordance with the request of the application.

  As illustrated in FIG. 4, the operation unit 330 of the image forming apparatus 101 includes an application layer 431, a service layer 432, and an OS layer 433. The application layer 431, the service layer 432, and the OS layer 433 included in the operation unit 330 have the same hierarchical structure as that of the main body 310. However, the functions provided by the applications in the application layer 431 and the types of operation requests that can be accepted by the service layer 432 are different from those on the main body 310 side.

  The application of the application layer 431 may be software for operating a hardware resource included in the operation unit 330 to provide a predetermined function, but is mainly a UI for performing an operation and display related to the function included in the main body 310. (User Interface) functions are provided. The application of the application layer 431 provides an authentication function using the short-range wireless communication device 339 provided in the operation unit 330, the camera 102, and the like.

  In the present embodiment, the software of the OS layer 413 on the main body 310 side is different from the software of the OS layer 433 on the operation unit 330 side in order to maintain the independence of functions. That is, the main body 310 and the operation unit 330 operate independently of each other by different operating systems. For example, it is possible to use Linux (registered trademark) as the software of the OS layer 413 on the main body 310 side and Android (registered trademark) as the software of the OS layer 433 on the operation unit 330 side.

  As described above, in the image forming apparatus 101 according to the present embodiment, the main body 310 and the operation unit 330 operate with different operating systems, and therefore communication between the main body 310 and the operation unit 330 is performed in a common apparatus. This is not communication between processes but communication between different devices. The operation (command communication) for transmitting information (operation instruction content from the user) received by the operation unit 330 to the main body 310, the operation for transmitting information to the operation unit 330, and the like correspond to this. Here, the function of the main body 310 can be used when the operation unit 330 performs command communication to the main body 310. The information transmitted from the main body 310 to the operation unit 330 includes, for example, the execution status of the operation in the main body 310 and the contents set on the main body 310 side. In the present embodiment, since the power supply to the operation unit 330 is performed from the main body 310 via the communication path 350, the power control of the operation unit 330 is performed separately from the power control of the main body 310 (independently). Can do).

(Functional configuration)
FIG. 5 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the present embodiment. The functional configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

<Functional configuration of the main unit>
As illustrated in FIG. 5, the main body 310 of the image forming apparatus 101 includes a moving body detection unit 501, a power state control unit 502, an image forming unit 503, a storage unit 504, and a communication unit 505.

  The moving body detection unit 501 is a functional unit that detects a moving body (for example, a person) within the detection range around the image forming apparatus 101 using the moving body sensor 318. The moving body detection unit 501 is realized by, for example, a program that operates on the CPU 311 illustrated in FIG. When the moving object detection unit 501 detects a moving object within the detection range, the moving object detection unit 501 notifies the power state control unit 502 that the moving object has been detected.

  The power state control unit 502 is a functional unit that controls the power states of the main body 310 and the operation unit 330. The power state control unit 502 is realized by, for example, a program that operates on the CPU 311 illustrated in FIG. The power state control unit 502 puts the image forming apparatus 101 into a power saving state that consumes less power than the normal state in which the image forming process can be performed when the image forming apparatus 101 is not used for a preset time. Transition. In the power saving state, power consumption can be reduced by, for example, stopping the functions of the operation unit 330 and the engine 317 and storage 314 of the main body 310. When the power state control unit 502 receives a notification from the moving body detection unit 501 indicating that the moving body has been detected while the image forming apparatus 101 is in the power saving state, the power state control unit 502 moves the operation unit 330 from the power saving state to the normal state. It returns to the normal state that can operate. The power state control unit 502 notifies the operation unit 330 of a return command via the communication path 350 to return the operation unit 330 from the power saving state to the normal state.

  In the normal state, power is supplied to the function units related to image authentication (camera 102, image receiving unit 513, etc.) and the function units related to wireless authentication (short-range wireless communication device 339, wireless communication unit 511). Note that the state may be changed to a state other than the normal state as long as power is supplied to at least the functional units related to image authentication and wireless authentication. The power state control unit 502 notifies each unit (image reception unit 513, wireless communication unit 511, authentication management unit 516, etc.) in the operation unit 330 that the normal state has been restored (power on).

  The power state control unit 502 may be configured to activate the camera 102 when the moving object ((user 105)) is detected by the moving object detection unit 501 (the moving object sensor 106). A function of activating the camera 102 when it is detected may be provided in the operation unit 330.

  The image forming unit 503 is a functional unit that executes various image forming functions (for example, a printer function, a copy function, a scanner function, and a fax function) provided in the image forming apparatus 101. The image forming unit 503 is realized by, for example, a program that operates on the engine 317 illustrated in FIG. 2 and the CPU 311 illustrated in FIG.

  The storage unit 504 is a functional unit that stores various pieces of information such as user information A 506 including information indicating the user of the image forming apparatus 101 registered in advance. The storage unit 504 is realized by, for example, the RAM 313 and the storage 314 illustrated in FIG. 2 and a program that operates on the CPU 311 illustrated in FIG.

  The communication unit 505 is a functional unit that connects the main body 310 to the network 360 and communicates with an external device connected to the network 360. The communication unit 505 is realized by, for example, a communication I / F 315 illustrated in FIG. 2 and a program that operates on the CPU 311 illustrated in FIG.

  Note that the moving body detection unit 501, the power state control unit 502, the image forming unit 503, the storage unit 504, and the communication unit 505 of the main body 310 shown in FIG. The configuration is not limited. For example, a plurality of functional units illustrated as independent functional units in the main body 310 illustrated in FIG. 5 may be configured as one functional unit. On the other hand, in the main body 310 illustrated in FIG. 5, the functions of one function unit may be divided into a plurality of functions and configured as a plurality of function units.

  In addition, some or all of the moving body detection unit 501, the power state control unit 502, and the image forming unit 503 of the main body 310 are not software programs, but are an FPGA (Field-Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). ) Or the like.

<Functional configuration of operation unit>
5, the operation unit 330 of the image forming apparatus 101 includes a wireless communication unit 511, a wireless authentication unit 512, an image reception unit 513, a face detection unit 514, an image authentication unit 515, and an authentication management unit. 516, user information management unit 517, storage unit 518, communication unit 519, card authentication unit 521, connection detection unit 522, setting control unit 523, power supply control unit 524, and input / output control unit 525. (Display control unit).

  The wireless communication unit 511 is a functional unit that receives predetermined information (such as a wireless tag ID) from a wireless tag within a predetermined range by short-range wireless communication using the short-range wireless communication device 339. The wireless communication unit 511 is realized by, for example, a program that operates in the short-range wireless communication device 339 illustrated in FIG. 2 and the CPU 331 illustrated in FIG. The wireless communication unit 511 receives predetermined information such as a wireless tag ID from the RFID tag 104 within the detection range of the RFID tag reader 103.

  The wireless authentication unit 512 is a functional unit that authenticates a wireless tag that has transmitted predetermined information based on predetermined information received by the wireless communication unit 511 and user information registered in advance. The wireless authentication unit 512 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. The wireless authentication unit 512 is based on the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 and user information registered in advance (for example, user information a520 and user information A506 described later). The RFID tag 104 is authenticated (wireless authentication). The wireless authentication unit 512 permits authentication of the RFID tag 104 when the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 is included in the previously registered user information.

  The wireless authentication unit 512 sends the wireless tag ID received from the wireless communication unit 511 to the user information management unit 517, for example. The wireless authentication unit 512 receives the result received from the user information management unit 517 (the presence / absence of the corresponding user, the user number if the corresponding user exists). If the user is present in the user information, short-range wireless authentication is possible, and if not, short-range wireless authentication is not possible. The wireless authentication unit 512 sends the authentication result to the authentication management unit 516. In addition, the wireless authentication unit 512 outputs information indicating the user of the RFID tag 104 permitted to be authenticated to the authentication management unit 516. Note that the wireless authentication unit 512 may output and store the information indicating the user of the RFID tag 104 permitted to be authenticated in the storage unit 518.

  The image receiving unit 513 receives an image from the camera 102. The image receiving unit 513 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. The image receiving unit 513 causes the camera 102 to capture an image in front of the image forming apparatus 101 and receives an image of the user 105 in front of the image forming apparatus 101 from the camera 102.

  The face detection unit 514 is an example of a detection unit that detects user authentication information. For example, the face detection unit 514 authenticates a user's face image, feature information extracted from the user's face image (an example of feature information indicating a biometric feature), and the like from the received image. Detect as information. When performing authentication other than face authentication, authentication information used for other authentication may be detected instead of a face image or the like. For example, a walking pattern, key input speed, key input timing, voice characteristics, fingerprint characteristics, vein characteristics, and the like may be detected as authentication information. The face detection unit 514 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. Note that the feature information of the face image includes information such as the shape and relative position of each part such as the face outline, eyes, nose, chin, and cheekbone.

  The face detection unit 514 detects a face image (face area) from the image using, for example, a face detection method based on the following Haar-like feature. The Haar-like feature value is a value obtained by subtracting the sum of the pixel values of the white region from the sum of the pixel values of the black region in the rectangle to be calculated in the search region. Since this rectangle may be arranged anywhere and how in the search area, there are tens of thousands of possible arrangement places in the search area. Each weak classifier in the search area is weighted by prior learning by boosting these rectangles, and a strong classifier is created by selecting only a few dozen weak classifiers with the highest importance. Is done. Then, it is determined by this strong classifier (by a black and white rectangular number pattern indicating the human face likeness) whether or not the area is a human face area.

  When the feature information of the face image is used as the authentication information, the face detection unit 514 may further detect the feature information from the face image (face region). For example, the face detection unit 514 may extract a feature point (for example, 13-dimensional data) of the face image from the face image as authentication information by a method using a subspace method or the like.

  The image authentication unit 515 is a functional unit that authenticates a user included in the image received by the image receiving unit 513 based on the image received by the image receiving unit 513 and user information registered in advance. . The image authentication unit 515 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. The image authentication unit 515 includes user authentication information (face image or face image feature information) detected by the face detection unit 514 from the image received by the image reception unit 513, and user information registered in advance. Based on (for example, user information a520 and user information A506 described later), image authentication of the user included in the image is performed. The image authentication unit 515 is an example of a face authentication control unit that controls face authentication.

  When one feature information corresponding to the feature information of the face image extracted by the face detection unit 514 is included in the previously registered user information, the image authentication unit 515 permits authentication of the user included in the image.

  For example, the image authentication unit 515 receives a face image from the face detection unit 514, receives pre-registered user authentication information from the user information management unit 517, and collates it. The image authentication unit 515 repeats the verification for the number of users registered in the user information until the verification is successful. As a matching method, a method of comparing feature points detected from face images, a method of matching by pattern recognition using the luminance value of each pixel per face image as one vector, and the like can be applied. .

  The image authentication unit 515 outputs information indicating the user permitted to be authenticated to the authentication management unit 516. Note that the image authentication unit 515 may output and store information indicating a user who has been authenticated in the storage unit 518.

  The authentication method by the image authentication unit 515 is not limited to the above-described method, and any known face authentication technology (for example, see Japanese Patent Application Laid-Open No. 2015-35178) can be applied. Further, the image authentication unit 515 performs various well-known image authentication methods (for example, for performing user authentication) based on feature information indicating characteristics of the user's biological body included in the image received by the image reception unit 513 (for example, User authentication may be performed by fingerprint authentication, iris authentication, vein authentication, or the like.

  The authentication management unit 516 performs login authentication (apparatus for the user) based on information indicating a user permitted to be authenticated by the wireless authentication unit 512 and information indicating a user permitted to be authenticated by the image authentication unit 515. It is a functional unit that performs authentication. The authentication management unit 516 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG.

  In addition, the authentication management unit 516 manages one or more authentication control units, and determines which of these authentication control units is valid (decision unit). For example, the authentication management unit 516 refers to correspondence information (FIG. 7) and effective information (FIGS. 8-1 and 8-2), which will be described later, uses an external device whose connection is detected, and An authentication control unit that activates a function that is not valid is determined. The authentication management unit 516 validates the authentication function by requesting the authentication control unit to be activated when the image forming apparatus 101 is activated. Examples of the authentication control unit include a face authentication control unit (image authentication unit 515) and a card authentication control unit (card authentication unit 521) that controls card authentication. A wireless authentication unit 512 that does not use an external device may be included in the authentication control unit.

  The authentication management unit 516 performs login authentication of the user based on the result of one or more authentication functions. For example, the authentication management unit 516 performs login authentication of the user from the authentication result by the wireless authentication unit 512 and the authentication result by the image authentication unit 515. When the card reader 201 is connected, login authentication may be performed with reference to the authentication result by the card authentication unit 521 and the authentication result by the image authentication unit 515. The combination of a plurality of authentication functions is not limited to these, and can be any combination. Further, the authentication management unit 516 may perform login authentication by referring to an authentication result of one authentication function, or may perform login authentication by referring to authentication results of three or more authentication control units.

  An example in which login authentication is performed using authentication results of the wireless authentication unit 512 and the image authentication unit 515 will be described. Similar procedures can be applied to other combinations. If the user of the wireless tag (RFID tag 104) authorized by the wireless authentication unit 512 and the user authorized by the image authentication unit 515 are the same user, the authentication management unit 516 The user is permitted to use the image forming apparatus 101. As a preferred example, the authentication management unit 516 includes identification information indicating a user of a wireless tag whose authentication is permitted by the wireless authentication unit 512 and identification information indicating a user whose authentication is permitted by the image authentication unit 515. If they match, the user's use of the image forming apparatus 101 is permitted.

  Note that when the identification information indicating the user obtained from the wireless authentication unit 512 matches the identification information indicating the user obtained from the image authentication unit 515, the two identification information completely match. In addition, the case where the two pieces of identification information can be determined as identification information indicating substantially the same user may be included. For example, the identification information indicating the user obtained from the image authentication unit 515 is an 8-digit employee ID, and the identification information indicating the user obtained from the wireless authentication unit 512 is 10 digits obtained by adding two characters to the employee ID. It may be determined that the two pieces of identification information coincide with each other. As described above, in the authentication management unit 516, the identification information indicating the user obtained from the wireless authentication unit 512 and the identification information indicating the user obtained from the image authentication unit 515 are identification information regarding the same user. In this case, the use of the image forming apparatus 101 of the user may be permitted.

  For example, when the authentication management unit 516 receives a power-on command from the power state control unit 502, the authentication management unit 516 initializes the value of the variable “number of logins” to 0. Thereafter, the authentication management unit 516 executes the above-described login authentication. In general, a result notification from the wireless authentication unit 512 is transmitted early. For this reason, the authentication management unit 516 may perform authentication preparation (pre-authentication) in advance and make the user available immediately after the remaining authentication results are transmitted. When the login authentication fails, the authentication management unit 516 adds 1 to the value of the variable “number of logins”. The authentication management unit 516 receives the result from the image authentication unit 515 a predetermined number of times (for example, three times) until login fails, and attempts login authentication. If the login has failed a predetermined number of times, the authentication management unit 516 does not permit the user to use the image forming apparatus 101.

  The user information management unit 517 is a functional unit that manages the user information a 520 stored in the storage unit 518. The user information management unit 517 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG.

  The user information management unit 517 provides user information (user information a520 in FIG. 5) to the image authentication unit 515 and the wireless authentication unit 512, for example. For example, the user information management unit 517 sends the “user number” and “authentication information” of each user to the image authentication unit 515. The user information management unit 517 may sequentially send information for each authentication process, or may send it in a lump at the beginning. For example, the user information management unit 517 passes the “user number” of the user having the wireless tag ID specified by the wireless authentication unit 512 to the wireless authentication unit 512.

  The storage unit 518 is a functional unit that stores various types of information such as user information a520 including information indicating the user of the image forming apparatus 101. The storage unit 518 also stores connection information, correspondence information, valid information, and the like, which will be described later. The storage unit 518 is realized by, for example, the RAM 333 illustrated in FIG. 2, the flash memory 334, and a program that operates on the CPU 331 illustrated in FIG.

  The communication unit 519 is a functional unit that connects the operation unit 330 to the network 360 and communicates with an external device connected to the network 360. The communication unit 519 is realized by, for example, a communication I / F 335 illustrated in FIG. 2 and a program that operates on the CPU 331 illustrated in FIG.

  An authentication unit (authentication control unit) other than the image authentication unit 515, the wireless authentication unit 512, and the card authentication unit 521 may be further provided. For example, you may provide the password authentication part which performs the password authentication using the password which the user input.

  The card authentication unit 521 controls card authentication using a storage medium such as an IC card. The card authentication unit 521 is an example of a card authentication control unit. For example, the card authentication unit 521 reads the identification information stored in the IC card from the IC card held by the user over the card reader 201, and performs authentication by specifying the user from the read identification information. For example, the card authentication unit 521 may authenticate the user based on the read identification information and user information registered in advance (for example, user information a520 and user information A506).

  The connection detection unit 522 detects that an external device (authentication information acquisition device) is connected to the external connection I / F 338 and that the external device is removed from the external connection I / F 338 (connection release). When the connection detection unit 522 detects that an external device is connected, the connection detection unit 522 acquires identification information of the external device from the connected external device. The connection detection unit 522 notifies the setting control unit 523 of the connection of the external device and the identification information of the connected external device.

  A setting control unit 523 controls settings of the image forming apparatus 101. For example, when the setting control unit 523 receives a notification indicating that an external device is connected from the connection detection unit 522, the setting control unit 523 displays a screen for selecting an authentication function to be activated, and activates the selected authentication function. Process. When the setting control unit 523 receives a notification indicating that the external device is connected from the connection detection unit 522, the setting control unit 523 displays a screen for selecting an authentication function to be activated, and a process for enabling the selected authentication function I do. When the setting control unit 523 receives a notification indicating that the external device has been removed from the connection detection unit 522, the setting control unit 523 displays a screen indicating an authentication function to be invalidated, and performs processing for invalidating the authentication function.

  The power supply control unit 524 controls the power supply of the operation unit 330. For example, the power supply control unit 524 restarts the operation unit 330 in accordance with a request from the setting control unit 523. The power supply control unit 524 may perform control so that the main body 310 is restarted together with the operation unit 330.

  The input / output control unit 525 controls input / output of various information to the operation panel 336. For example, the input / output control unit 525 controls display of a screen on the operation panel 336, reception of key input from the operation panel 336, and the like. For example, in accordance with a request from the setting control unit 523, the input / output control unit 525 displays a screen such as a selection screen on the panel of the operation unit 330, and notifies the setting control unit 523 of the selection result of the user. Further, in accordance with a request from the setting control unit 523, a restart screen is displayed, and a user selection result is returned to the setting control unit 523.

  Note that the wireless communication unit 511, the wireless authentication unit 512, the image reception unit 513, the face detection unit 514, the image authentication unit 515, the authentication management unit 516, the user information management unit 517, and the storage unit 518 of the operation unit 330 illustrated in FIG. The communication unit 519, the card authentication unit 521, the connection detection unit 522, the setting control unit 523, the power supply control unit 524, and the input / output control unit 525 are conceptually shown functions, and have such a configuration. It is not limited to. For example, a plurality of functional units illustrated as independent functional units in the operation unit 330 illustrated in FIG. 5 may be configured as one functional unit. On the other hand, the function of one function unit may be divided into a plurality of functions in the operation unit 330 illustrated in FIG. 5 and configured as a plurality of function units.

  In addition, the wireless communication unit 511, the wireless authentication unit 512, the image reception unit 513, the face detection unit 514, the image authentication unit 515, the authentication management unit 516, the user information management unit 517, the card authentication unit 521, the connection detection of the operation unit 330. Part or all of the unit 522, the setting control unit 523, the power supply control unit 524, and the input / output control unit 525 may be realized by a hardware circuit such as an FPGA or an ASIC instead of a program that is software.

  In addition, at least a part of the function of the operation unit 330 may be executed in the main body 310, and conversely, at least a part of the function of the main body 310 may be executed in the operation unit 330. For example, the authentication management unit 516 may be included in the main body 310. In this case, the other configuration is the same as that of the image forming apparatus 101 shown in FIG. In such a configuration, the wireless authentication unit 512 notifies the authentication management unit 516 of the authentication result of the wireless authentication unit 512 (for example, information indicating a user permitted to be authenticated) via the communication path 350. Similarly, the image authentication unit 515 notifies the authentication management unit 516 of the authentication result of the image authentication unit 515 (for example, information indicating a user permitted to be authenticated) via the communication path 350. Also, the authentication management unit 516 performs user authentication (device authentication) based on the authentication result of the wireless authentication unit 512 and the authentication result of the image authentication unit 515 received via the communication path 350.

  Next, examples of connection information, correspondence information, and valid information will be described. 6A and 6B are diagrams illustrating an example of the data structure of the connection information. The connection information is information indicating the connection status of the external device. As illustrated in FIGS. 6A and 6B, the connection information includes a device name, identification information, and a state. The identification information is information for identifying the external device indicated by the device name. As the status, “connected” is set when the external apparatus is connected to the image forming apparatus 101, and “unconnected” is set when the external apparatus is not connected. FIG. 6A illustrates an example of connection information when only the RFID tag reader 103 is connected. When the connection detection unit 522 detects the connection of the external device, the connection detection unit 522 changes the state corresponding to the identification information acquired from the external device to “connection”. FIG. 6B illustrates that since the camera 102 is further connected in the state of FIG. 6A, the state corresponding to the camera 102 is changed to “connected”. Further, when it is detected that the connection of the external device has been released (external device has been removed), the corresponding state is changed to “not connected”.

  FIG. 7 is a diagram illustrating an example of the data structure of the correspondence information. The correspondence information is information indicating a correspondence relationship between the authentication control unit name, the function name, the device name, and the usage information. It can be said that the correspondence information is information indicating which device is used by a certain authentication function name and authentication control unit. The correspondence information includes an authentication control unit name, a function name, usage information, and a device name. As the function name, the name of the function realized by the corresponding authentication control unit is set. The function name is used, for example, when displayed on a screen such as a selection screen.

  The usage information is information indicating an external device used by the corresponding authentication control unit. FIG. 7 shows an example of usage information in which whether or not the external device is used by the authentication function by the authentication control unit (“used” or “unused”) is set for each external device. . For example, in the authentication function by the face authentication control unit, it is set that the camera is used and the card reader is not used. You may comprise so that the name (device name) of the external apparatus used for every authentication control part may be set.

  RFID authentication is an authentication function (wireless authentication) for authenticating the RFID tag 104. As shown in FIG. 7, a composite authentication function using a plurality of external devices may be realized. In FIG. 7, composite authentication (face × RFID) for performing face authentication and RFID authentication, composite authentication (face × IC card) for performing face authentication and card authentication, and fingerprint authentication and card authentication are performed. An example of composite authentication (fingerprint × IC card) is shown.

  8A and 8B are diagrams illustrating an example of the data structure of the valid information. The valid information is information indicating whether the authentication function is valid. The valid information includes an authentication control unit name and settings. “Valid” is set when the corresponding authentication control unit is valid, and “invalid” is set when it is not valid. The default setting may be invalid. The authentication function for which “valid” is set is executed when the image forming apparatus 101 is activated (reactivated). FIG. 8A illustrates valid information in a state where RFID authentication is enabled. FIG. 8-2 shows the valid information in a state where the composite authentication (face × RFID authentication) is changed to valid and the RFID authentication is changed to invalid from the state of FIG.

  Next, function setting processing by the image forming apparatus 101 according to the present embodiment will be described with reference to FIG. FIG. 9 is a flowchart illustrating an example of a function setting process according to the present embodiment. The function setting process is a process of enabling a function that uses an external device when the external device is connected.

  When the external apparatus is connected to the image forming apparatus 101, the connection detection unit 522 detects that the external apparatus is connected, and acquires identification information transmitted from the external apparatus (step S101). The connection detection unit 522 identifies the device name of the connected external device from the acquired identification information (step S102). For example, the connection detection unit 522 updates the connection state as illustrated in FIG. 6A so that the connection state of the identified device name becomes “connected” (step S103). The authentication management unit 516 refers to the correspondence information and the valid information, and extracts a function that can be used by the connected external device (step S104). Details of the extraction process will be described later.

  The input / output control unit 525 displays on the operation panel 336 a selection screen that displays the extracted functions in a selectable manner (step S105). The input / output control unit 525 displays a selection screen 300 as shown in FIG. The input / output control unit 525 determines whether any of the displayed functions has been selected (step S106). For example, the user can select a desired authentication function by selecting one or both of “face authentication” and “card authentication” on the selection screen 300 and pressing the confirmation button 301. When there is one authentication function that can be used, only one authentication function may be displayed on the selection screen 300.

  When no function is selected (step S106: No), for example, when the cancel button 302 is pressed, the function setting process is terminated. When any function is selected (step S106: Yes), the input / output control unit 525 displays a restart screen (step S107). FIG. 10 is a diagram illustrating an example of a restart screen.

  The restart screen includes a “Yes” button 1001 and a “No” button 1002. When the “Yes” button 1001 is pressed, the image forming apparatus 101 is restarted to execute the selected function. When a “No” button 1002 is pressed, the process is interrupted and the restart screen is closed.

  Returning to FIG. 9, the input / output control unit 525 determines whether or not a restart has been instructed, for example, by pressing the “Yes” button 1001 (step S108). When the restart is not instructed (step S108: No), for example, when the “No” button 1002 or the like is pressed, the process is interrupted. When the restart is instructed (step S108: Yes), the power control unit 524 restarts the image forming apparatus 101 (step S109). The power supply control unit 524 may restart only a part necessary for enabling the selected function. For example, the power supply control unit 524 may restart only the operation unit 330 or only the main body 310.

  After the restart, the authentication management unit 516 starts the authentication control unit for which “valid” is set in the valid information (step S110). Thereby, the selected function can be used.

  Next, details of the extraction process in step S104 will be described. FIG. 11 is a flowchart illustrating an example of the extraction processing according to the present embodiment.

  The authentication management unit 516 initializes the previous output result (step S201). The authentication management unit 516 acquires, for example, rows of correspondence information as illustrated in FIG. 7 in order from the top (step S202). If the external device (device) used for the authentication function by the authentication control unit included in the acquired correspondence information is being connected and the authentication control unit is invalid, the authentication management unit 516 displays the corresponding function name. It adds to an output result (step S203). Step S203 is executed, for example, in the procedure as shown in the following (1) to (4).

(1) The authentication management unit 516 sets the authentication control unit name included in the acquired correspondence information in the variable name. Further, the authentication management unit 516 initializes the variable “exist” and the variable “failed”. The variable name is a variable for storing the authentication control unit name. The variable “exist” is a variable that stores information indicating whether there is an external device (device) that can be connected and used. The variable “exist” is initialized to “FALSE”, for example. “FALSE” indicates that there is no usable function. When there is a usable function, for example, “TRUE” is set in the variable “exist”. The variable failed is a variable for storing information indicating whether or not an external device (device) is not connected. The variable failed is initialized to “FLASE”, for example. “FALSE” indicates that there is no unconnected device among the devices used in the authentication function (all devices used are in the “connected” state).
When there is an unconnected device, for example, “TRUE” is set in the variable failed.

  (2) The authentication management unit 516 confirms the device names whose usage information included in the acquired correspondence information is “used”, for example, in order from left to right.

  (3) If the usage information is “used” and there is an external device whose connection state is “not connected” among the external devices corresponding to the device name, the authentication management unit 516 sets “TRUE” in the variable failed. Set. If the usage information is “use” and the variable failed is “FALSE”, the authentication management unit 516 sets “TRUE” in the variable “exist”.

  (4) When “TRUE” is set in the variable “exist”, the authentication management unit 516 refers to valid information as illustrated in FIGS. 8A and 8B, for example, and performs authentication control set in the variable name. It is determined whether or not the setting corresponding to the department name is “invalid”. When the setting is “invalid”, the authentication management unit 516 adds the function name included in the correspondence information to the output result.

  After step S203, the authentication management unit 516 determines whether all correspondence information has been processed (step S204).

  If all the correspondence information has not been processed (step S204: No), the authentication management unit 516 acquires the next correspondence information and repeats the processing. When all the correspondence information has been processed (step S204: Yes), the authentication management unit 516 outputs all of the added output results as items to be displayed on the selection screen (step S205), and ends the extraction process.

  By the extraction process as shown in FIG. 11, a function that can be used by a connected external device, in other words, a function that uses the connected external device and is invalid (not valid) can be extracted. In addition, for example, it is possible to newly set an authentication function that is already connected but has been forgotten to be enabled. Further, by executing the extraction process together with the correspondence information as shown in FIG. 7, it is possible to select composite authentication.

  Next, a specific example of the extraction process in FIG. 11 will be described. In the following, an example will be described in which the RFID tag reader 103 is connected and RFID authentication is enabled, and the camera 102 is further connected and composite authentication (face × RFID) is enabled.

  When the camera 102 is connected, the connection detection unit 522 detects the connection of the camera 102 and identifies the device name “camera” from the acquired identification information and the connection information as shown in FIG. 9 step S102). The connection detection unit 522 updates the state corresponding to the device name “camera” to “connection” (step S103). As a result, the connection information is changed from FIG. 6-1 to FIG. 6-2.

  The authentication management unit 516 acquires the correspondence information of the first line in FIG. 7 (step S202), and sets “face authentication control unit” in the variable name ((1) above). The authentication management unit 516 confirms devices whose usage information is “used” in the order of “camera”, “card reader”, “RFID tag reader”, and “fingerprint authentication device” ((2) above). In the example of FIG. 7, it is confirmed that the usage information of “camera” is “used”.

  The authentication management unit 516 determines that the usage information of “camera” is “used” and the connection state of FIG. 6-2 is “connected” ((3) above). In this case, the authentication management unit 516 sets “TRUE” to the variable “exist”. If there is at least one device whose usage information is “used” and whose connection state is “connected”, “TRUE” is set in the variable “exist” for the correspondence information of the row being processed.

  For example, the authentication management unit 516 refers to valid information as illustrated in FIG. 8A and determines that the setting corresponding to the authentication control unit name “face authentication control unit” set in the variable name is “invalid”. . In this case, the authentication management unit 516 adds the function name “face authentication” included in the correspondence information to the output result ((4) above).

  Similarly, the correspondence information of each line in FIG. 7 is confirmed in order, and a function name that meets the conditions is added to the output result. For example, “RFID authentication” is not added to the output result because the RFID tag reader 103 is “used” and “connected” and the variable “exist = TRUE” is set, but the valid information is already set to “valid”. Further, for example, in “composite authentication (face × RFID authentication)”, the camera 102 and the RFID tag reader 103 are both “used” and “connected”, and the variable “exist =“ TRUE ”. Furthermore, since the valid information is “invalid”, it is added to the output result. For example, “composite authentication (face × IC card authentication)” is not added to the output result because the camera used for face authentication is “connected” but the card reader 201 is “not connected”.

  As a result, “face authentication” and “composite authentication (face × RFID authentication)” are added to the output result. Thereafter, a selection screen for displaying these authentication functions in a selectable manner is displayed. FIG. 12 is a diagram showing an example of the selection screen in this case.

  As illustrated in FIG. 12, the selection screen 1200 includes two extracted authentication functions, a confirmation button 1211, and a cancel button 1212. When any authentication function is selected and the confirmation button 1211 is pressed, the selected authentication function is validated. If there is another authentication function that is already valid, the input / output control unit 525 may display a confirmation screen that prompts confirmation of whether the authentication function being executed may be invalidated (stopped).

  The confirmation screen 1220 is an example of a screen displayed when “RFID authentication” is valid and “face authentication” is selected to be activated. When the execution (validation) button 1221 is pressed, the selected authentication function “face authentication” is validated. When the return button 1222 is pressed, the previous selection screen 1200 is displayed again.

  The confirmation screen 1230 is an example of a screen displayed when “RFID authentication” is valid and “composite authentication (face × RFID authentication)” is selected. When the execution (validation) button 1231 is pressed, the selected authentication function “composite authentication (face × RFID authentication)” is activated. When the return button 1232 is pressed, the previous selection screen 1200 is displayed again.

  Next, a function setting process when the face authentication function that has been invalidated is validated will be described. FIG. 13 is a sequence diagram showing an example of the function setting process in this case.

  When the camera 102 is connected to the image forming apparatus 101, the connection detection unit 522 detects the connection of the camera 102 (step S301). The connection detection unit 522 notifies the setting control unit 523 of the connection of the camera 102 and the identification information of the camera 102 (step S302).

  The setting control unit 523 designates the camera 102 as a connected external device to the authentication management unit 516 and requests acquisition of a corresponding function (step S303). The authentication management unit 516 uses the camera 102 with reference to the connected external device (camera 102), correspondence information (FIG. 7), and valid information (FIGS. 8-1 and 8-2), and A function whose setting is invalid is extracted (step S304). In this example, the face authentication function is extracted. The authentication management unit 516 returns to the setting control unit 523 that the face authentication function has been extracted as a response to the request (step S305).

  The setting control unit 523 requests the input / output control unit 525 to display a selection screen including the face authentication function as an item of the function list to be displayed so as to be selectable (step S306). The input / output control unit 525 displays a selection screen on the operation panel 336 in response to a request.

  When the user selects “face authentication” from the displayed function list, the input / output control unit 525 receives the selected function (step S307). The input / output control unit 525 notifies the setting control unit 523 that face authentication has been selected (step S308).

  The setting control unit 523 requests the input / output control unit 525 to display a restart screen (for example, FIG. 10) (step S309). The input / output control unit 525 displays a restart screen on the operation panel 336 in response to the request.

  When the user designates restart (for example, the user presses the “Yes” button 1001 in FIG. 10), the input / output control unit 525 notifies the setting control unit 523 that the restart has been designated (Step S1). S310).

  The setting control unit 523 notifies the authentication management unit 516 that the face authentication function is enabled (step S311). The authentication management unit 516 effectively updates the setting corresponding to the face authentication control unit in the valid information (step S312).

  The setting control unit 523 requests the power supply control unit 524 to restart (step S313). The power control unit 524 restarts the image forming apparatus 101 in response to the request. The power supply control unit 524 returns the restart result to the setting control unit 523 (step S314).

  After the restart, the authentication management unit 516 refers to the valid information and activates the authentication control unit whose setting is valid (step S315). In this example, since the face authentication control unit is effectively changed, the face authentication control unit (image authentication unit 515) is activated. When the authentication control unit is realized by a program (software), the activation corresponds to executing a program corresponding to the authentication control unit. The activated image authentication unit 515 returns the activation result to the authentication management unit 516 (step S316).

  Next, processing when the external device is removed will be described. Hereinafter, a case where the connected camera 102 is removed will be described as an example. FIG. 14 is a sequence diagram illustrating an example of a function setting process when the camera 102 is detached.

  When the camera 102 is removed from the image forming apparatus 101, the connection detection unit 522 detects that the camera 102 has been removed (step S401). For example, the connection detection unit 522 detects that the camera 102 has been removed due to a change in a signal from a connector to which the camera 102 was connected. The connection detection unit 522 notifies the setting control unit 523 of the removal of the camera 102 and the identification information of the camera 102 (step S402).

  The setting control unit 523 designates the camera 102 as the removed external device to the authentication management unit 516 and requests acquisition of the corresponding function (step S403). The authentication management unit 516 uses the camera 102 with reference to the removed external device (camera 102), correspondence information (FIG. 7), and valid information (FIGS. 8-1 and 8-2), and A function whose setting is valid is extracted (step S404). In this example, the face authentication function is extracted. The authentication management unit 516 returns to the setting control unit 523 that the face authentication function has been extracted as a response to the request (step S405).

  The setting control unit 523 requests the input / output control unit 525 to display an invalid function display screen including the face authentication function as an item of the function list to be displayed (step S406). The input / output control unit 525 displays an invalid function display screen on the operation panel 336 in response to a request.

  FIG. 15 is a diagram illustrating an example of the invalid function display screen. The invalid function display screen is a screen displayed when the external device is detached from the image forming apparatus 101. The invalid function display screen includes a function list 1401 that cannot be used when an external device is removed, a message that prompts restart, an OK button 1411 that specifies restart, a cancel button 1412 that stops restart, including. When the cancel button 1412 is pressed, for example, restart is not executed.

  Returning to FIG. 14, the setting control unit 523 notifies the authentication management unit 516 that the face authentication function is invalidated (step S407). The authentication management unit 516 invalidates the setting corresponding to the face authentication control unit in the valid information (step S408).

  When the user designates restarting (for example, pressing the OK button 1411 in FIG. 15), the setting control unit 523 requests the power supply control unit 524 to restart (step S409). Steps S410 to S412 are the same as steps S314 to S316 in FIG.

  In this example, since the face authentication control unit is changed to invalid, if there is another valid authentication control unit, the authentication control unit is activated. The face authentication control unit is not executed because it is invalid. That is, the face authentication function is stopped.

  As described above, in this embodiment, when an external device is connected, a screen for performing settings necessary for enabling the function using the external device is displayed, and the setting is performed according to the user's instruction. Can do. Further, when the external device is removed, a screen for performing settings necessary for invalidating the function using the external device is displayed, and the settings can be changed in accordance with a user instruction. That is, settings necessary for enabling the function can be executed more easily.

  Note that the program executed by the apparatus of the present embodiment is provided by being incorporated in advance in a ROM or the like.

  A program executed by the apparatus according to the present embodiment is an installable or executable file and can be read by a computer such as a CD-ROM, a flexible disk (FD), a CD-R, or a DVD (Digital Versatile Disk). It may be configured to be recorded on a simple recording medium and provided as a computer program product.

  Furthermore, the program executed by the apparatus of the present embodiment may be configured to be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. The program executed by the apparatus according to the present embodiment may be provided or distributed via a network such as the Internet.

  The program executed by the apparatus according to the present embodiment has a module configuration including the above-described units. As actual hardware, the CPU (processor) reads the program from the ROM and executes the program, so that the above-described units are mainly used. It is loaded on the storage device, and each unit is generated on the main storage device.

  In the present embodiment, the configuration in which one image processing apparatus (image forming apparatus) includes each unit has been described, but the apparatus configuration is not limited thereto. The image processing system may include a plurality of devices, and the plurality of devices may be configured to include a part or all of each unit in a distributed manner.

DESCRIPTION OF SYMBOLS 100 Image processing system 101 Image forming apparatus 102 Camera 103 RFID tag reader 104 RFID tag 106 Moving body sensor 201 Card reader 310 Main body 311 CPU
312 ROM
313 RAM
314 Storage 315 Communication I / F
316 Connection I / F
317 Engine 318 Moving body sensor 319 System bus 330 Operation unit 331 CPU
332 ROM
333 RAM
334 Flash memory 335 Communication I / F
336 Operation panel 337 Connection I / F
338 External connection I / F
339 Short-range wireless communication device 341 System bus 350 Communication path 360 Network 411 Application layer 412 Service layer 413 OS layer 431 Application layer 432 Service layer 433 OS layer 501 Moving object detection unit 502 Power state control unit 503 Image formation unit 504 Storage unit 505 Communication unit 511 Wireless communication unit 512 Wireless authentication unit 513 Image reception unit 514 Face detection unit 515 Image authentication unit 516 Authentication management unit 517 User information management unit 518 Storage unit 519 Communication unit 521 Card authentication unit 522 Connection detection unit 523 Setting control unit 524 Power control unit 525 Input / output control unit

JP 2011-055161 A

Claims (9)

A connection detection unit for detecting the connected authentication information acquisition device;
Information for authentication detected based on correspondence information indicating the correspondence between the authentication function and the authentication information acquisition device used for executing the authentication function, and valid information indicating whether the authentication function is valid A determination unit that determines an invalid authentication function among the authentication functions corresponding to the acquisition device;
A display control unit that displays the determined authentication function in a selectable manner;
An image processing apparatus comprising: A setting control unit for executing the selected authentication function when the displayed authentication function is selected;
The image processing apparatus according to claim 1. The setting control unit further stops the authentication function being executed when the connection of the authentication information acquisition device used by the authentication function being executed is released.
The image processing apparatus according to claim 2. An image forming unit that executes image formation;
An operation unit connected to the image forming unit,
The operation unit is
The connection detector;
The determination unit;
The display control unit;
A power control unit that restarts the operation unit and the image forming unit when the displayed authentication function is selected;
The image processing apparatus according to claim 1. The connection detection unit detects connection of a plurality of authentication information acquisition devices,
The determination unit includes a plurality of pieces of authentication information detected based on correspondence information indicating correspondence between the authentication function and a plurality of authentication information acquisition apparatuses used for executing the authentication function, and the valid information. Determine the authentication function that is not valid among the authentication functions corresponding to the acquisition device.
The image processing apparatus according to claim 1. When the displayed authentication function is selected, the display control unit displays a confirmation screen for confirming that the authentication function being executed is stopped.
The image processing apparatus according to claim 1. A connection detection unit for detecting the connected authentication information acquisition device;
Information for authentication detected based on correspondence information indicating the correspondence between the authentication function and the authentication information acquisition device used for executing the authentication function, and valid information indicating whether the authentication function is valid A determination unit that determines an invalid authentication function among the authentication functions corresponding to the acquisition device;
A display control unit that displays the determined authentication function in a selectable manner;
An image processing system comprising: A connection detection step for detecting the connected authentication information acquisition device;
Information for authentication detected based on correspondence information indicating the correspondence between the authentication function and the authentication information acquisition device used for executing the authentication function, and valid information indicating whether the authentication function is valid A determining step for determining an ineffective authentication function among the authentication functions corresponding to the acquisition device;
A display control step for selectively displaying the determined authentication function;
An image processing method including: On the computer,
A connection detection step for detecting the connected authentication information acquisition device;
Information for authentication detected based on correspondence information indicating the correspondence between the authentication function and the authentication information acquisition device used for executing the authentication function, and valid information indicating whether the authentication function is valid A determination step for determining an ineffective function among the authentication functions corresponding to the acquisition device;
A display control step for selectively displaying the determined authentication function;
A program for running

Images