JP5471418B2 - Image processing device - Google Patents

Description

  The present invention relates to an image processing apparatus that restricts functions available to a user based on the level of the user.

  2. Description of the Related Art In recent years, image processing apparatuses called “multifunction peripherals” having various functions such as copying, network printing (PC printing), scanners, fax machines, and document servers have become widespread.

  Such an image processing apparatus has come to have an authentication function for preventing unauthorized use. An image processing apparatus having an authentication function permits use of a user when authentication is successful, and does not permit use of the user when authentication fails.

  As an authentication method, a method of authenticating by collating information input by a user, information read from an IC card possessed by the user, or information read from a user's vein or fingerprint with information registered in advance Etc. are used. Registration information for collation is registered in the image processing apparatus itself or an authentication server connected to the image processing apparatus via a network.

  When it is desired to increase security, authentication is performed not only once but multiple times. So-called multiple authentication is performed.

  For example, when a user ID and password generated from the user ID and password input by the operator are acquired from the authentication server, and the number of successful authentications reaches a preset value, A processing device that permits an operator to use is proposed (Patent Document 1).

  Further, when it is desired to further improve the security, the authentication state is canceled after a predetermined time has elapsed after successful authentication.

  For example, it has been proposed to initialize the number of successful authentications when the elapsed time from the last successful authentication reaches a predetermined time (Patent Document 1).

  Alternatively, it is proposed that after a predetermined time elapses when a card for authenticating a user is attached, the valid state of the card is invalidated and the invalid state is canceled by receiving predetermined authentication information. (Patent Document 2).

  In a plurality of authentications, one type of authentication method may be performed a plurality of times, but different types of authentication methods are generally performed in combination. In general, a function requiring a higher level of security generally has a larger number of authentications required to use the function. The user is authenticated a plurality of times through various procedures such as inputting an ID and password via the operation panel, holding the IC card over the card authentication device, or bringing a finger into contact with the biometric authentication device.

JP2007-102686 JP 2006-76034 A

  A conventional image processing apparatus automatically performs logout processing and cancels the authentication state in response to a user instruction or when a predetermined time has elapsed. Therefore, even if the user has been authenticated a plurality of times in order to use a predetermined function, once the authentication state is canceled, the user must re-accept the plurality of authentications and acquire the original authentication state. The predetermined function could not be used.

  As described above, since multiple authentications are generally performed by combining different types of authentication methods, the user can also receive multiple authentications again once the authentication status is canceled. I had to repeat various procedures, which was cumbersome.

  On the other hand, for the purpose of reducing such a burden on the user, if the authentication state is maintained even after logout, the user is operated in an authentication state in which a user different from the user who performed the operation immediately before is maintained. Therefore, there is a possibility that highly confidential data may be referred to, which is not preferable in terms of security. In addition, if the authentication method in the case where a plurality of authentications are performed again is simplified, this is contrary to the purpose of providing a plurality of authentications in order to increase security, which is not preferable in terms of security.

  SUMMARY OF THE INVENTION In view of such circumstances, an object of the present invention is to improve the convenience of operation when receiving multiple authentications again while ensuring security in an image processing apparatus that performs multiple authentications. To do.

A function that can be used by a user is restricted based on the level of the user, an image processing apparatus that authenticates the user, and one or more of the plurality of authentication means Based on the result of authentication, the level determining means for determining the level, the level reducing means for reducing the level one by one each time the user does not operate for a predetermined time, and the level is reduced And a level recovery means for recovering the level to the level determined by the level determination means when the user is authenticated again by at least one of the plurality of authentication means.

  According to the present invention, in an image processing apparatus that performs a plurality of authentications, it is possible to improve the convenience of operation when receiving a plurality of authentications again while ensuring security.

It is a figure which shows the example of a network system. It is a figure which shows the example of the hardware constitutions of an image processing apparatus. It is a figure which shows the example of a functional structure of an image processing apparatus. It is a figure which shows the example of authentication success information. It is a figure which shows the example of an authentication level / authentication form correspondence table. It is a figure which shows the example of a use authority / required authentication level corresponding | compatible table. It is a flowchart which shows the example of the flow of a process in the case of automatic logout. It is a flowchart which shows the example of the flow of a process in the case of re-login. It is a flowchart which shows the example of the flow of an authentication level return process.

  As shown in FIG. 1, the image processing apparatus 1 constitutes a network system NW together with other information processing apparatuses such as personal computers 2A to 2C.

  The image processing apparatus 1 and other information processing apparatuses are connected to each other via a communication line 3. The network system NW may be connected to the Internet through a gateway or the like. In the present embodiment, a network system NW provided in a company or a government office having a plurality of departments will be described as an example.

  The image processing apparatus 1 is an apparatus in which various functions such as copying, network printing (PC printing), scanner, fax, and document server are integrated. It may also be called “multifunction machine” or “MFP (Multi Function Peripherals)”.

  Furthermore, the image processing apparatus 1 has an authentication function for preventing unauthorized use. That is, the image processing apparatus 1 requests a user who uses the image processing apparatus 1 to receive one or more authentications (perform authentication login) according to the function to be used. When the authentication is successful, the user is permitted to use the predetermined function, and when the authentication is unsuccessful, the user is not permitted to use the predetermined function.

  An authentication card used for authentication is distributed to the user. As the authentication card, an IC card, a wireless tag, a magnetic card, or the like is used. In the authentication card, card identification information that is information for identifying the card or user identification information that is information for identifying a user to whom the card is distributed is recorded.

  As shown in FIG. 2, the image processing apparatus 1 includes a CPU (Central Processing Unit) 10a, a RAM (Random Access Memory) 10b, a ROM (Read Only Memory) 10c, an auxiliary storage device 10d, a network communication control unit 10e, a FAX. The communication control unit 10f, other peripheral devices, and a control unit that controls the peripheral devices are provided. As other peripheral devices, an input device 21, a display device 22, a card authentication device 23, a biometric authentication device 24, an image reading device 25, and an image printing device 26 are an input device control unit 10g, a display device control unit 10h, and a card, respectively. The authentication device control unit 10i, the biometric authentication device control unit 10j, the image reading device control unit 10k, and the image printing device control unit 10m are provided.

  The CPU 10a executes arithmetic processing using the RAM 10b as a work area based on programs and data stored in the ROM 10c or the auxiliary storage device 10d and various data input from the outside as needed.

  The auxiliary storage device 10d is a non-volatile storage device that retains the stored contents even when the power is turned off. A magnetic storage device such as a hard disk is used as the auxiliary storage device 10d. The auxiliary storage device 10d stores various data and information related to settings such as image data, names and IP addresses set in the image processing device 1, and registration information for authentication.

  A storage area for a BOX function is allocated to the auxiliary storage device 10d. A BOX is a storage location that stores image data and the like classified by user or group. That is, it corresponds to a “folder” or “directory” in a personal computer.

  The auxiliary storage device 10d may store programs and data executed by the CPU 10a. In that case, programs and data are loaded into the RAM 10b as necessary.

  The network communication control unit 10e is an interface for communicating with other information processing apparatuses in the network system NW using a communication protocol such as TCP / IP.

  The FAX communication control unit 10f is an interface for communicating with other FAX terminals using a FAX protocol using a public line network or the like.

  The input device control unit 10 g is an interface circuit for controlling the input device 21. The input device 21 is provided with operation buttons and a numeric keypad. The user inputs instructions to the image processing apparatus 1 by operating them.

  The display device control unit 10 h is an interface circuit for controlling the display device 22. As the display device 22, a liquid crystal display or a CRT display is used. The user confirms the message from the image processing apparatus 1 and the processing result of the image processing apparatus 1 on the screen displayed on the display device 22.

  The card authentication device control unit 10 i is an interface circuit for controlling the card authentication device 23. The card authentication device 23 is a device that reads card identification information recorded on an authentication card as information for authentication. The user causes the card authentication device 23 to read the card identification information by holding or inserting the authentication card over the reading unit.

  The biometric authentication device control unit 10 j is an interface circuit for controlling the biometric authentication device 24. The biometric authentication device 24 is a device that reads data on the physical characteristics of the user as information for authentication. Vein or fingerprint data is used as the physical feature data. The user causes the biometric authentication device 24 to read physical feature data by holding or touching the hand or finger with the reading unit.

  The image reading device control unit 10 k is an interface circuit for controlling the image reading device 25. The image reading device 25 is a device that optically reads an image written on a document and generates image data.

  The image printing apparatus control unit 10 m is an interface circuit for controlling the image printing apparatus 26. The image printing apparatus 26 includes image data generated by the image reading apparatus 25, data received from other information processing apparatuses in the network system NW, data received from other FAX terminals using a public line network, etc. Is a device for printing an image on paper based on the above.

  The ROM 10c of the image processing apparatus 1 includes an authentication processing unit 101, an authentication level management unit 102, an authentication history holding unit 103, a level lowering timer unit 104, a history deletion timer unit 105, and a user operation detection unit as shown in FIG. 106 and a program for realizing each unit such as the logout operation detection unit 107 are stored. The authentication processing unit 101 includes a card authentication processing unit 101a, a biometric authentication processing unit 101b, a department authentication processing unit 101c, an individual authentication processing unit 101d, and a re-authentication processing unit 101e. The authentication level management unit 102 includes an authentication level determination unit 102a, an authentication level lowering unit 102b, an authentication level initialization unit 102c, and an authentication level recovery unit 102d.

  In addition, the ROM 10c stores programs for realizing various functions provided by the image processing apparatus 1.

  These programs are executed by the CPU 10a as necessary. Some or all of these programs may be stored in the auxiliary storage device 10d. Moreover, you may implement | achieve the function by those programs with a circuit.

[Processing at first login]
First, the contents of the process executed when the user uses the image processing apparatus 1 for the first time and when the user uses the image processing apparatus 1 in the state where the authentication history at the previous use has already been deleted will be described. In this embodiment, the process in these cases is handled as the process at the first login.

  In the present embodiment, four types of authentication modes are prepared: card authentication, biometric authentication, department authentication, and individual authentication. The user logs in after being authenticated by one or more authentication forms according to the function to be used in the image processing apparatus 1.

  The card authentication processing unit 101a of the authentication processing unit 101 performs processing when a user attempts to log in after receiving card authentication.

  When the user causes the card authentication device 23 to read the authentication card distributed to the user, the card authentication processing unit 101a receives the card identification information (card ID) recorded on the authentication card via the card authentication device control unit 10i. D11 is acquired.

  Then, the card registration information D21 stored in the auxiliary storage device 10d is read out and referred to. In the card registration information D21, card identification information D11 that permits login and user identification information (user ID) that is information for identifying a user to whom an authentication card on which the login is recorded are registered in advance.

  The card authentication processing unit 101a compares the acquired card identification information D11 with the card identification information D11 registered in the card registration information D21, and determines whether or not the user attempting to log in is a legitimate user. . That is, the success or failure of authentication is determined.

  However, when user identification information (user ID) is recorded on the authentication card, it is acquired, and the acquired user identification information is collated with the user identification information registered in the card registration information D21. You may judge the success or failure of authentication.

  When the authentication is successful, user identification information corresponding to the card identification information D11 registered in the card registration information D21 that matches the acquired card identification information D11 is extracted from the card registration information D21.

  Then, as shown in FIG. 4A, card authentication success information D31, which is information indicating the authentication result, is issued to the authentication level management unit 102 and the authentication history holding unit 103. Also, a level lowering timer set notification S10 is issued to the level lowering timer unit 104. Thereby, login with a card | curd is materialized.

  The card authentication success information D31 includes user identification information indicating the authenticated user, information indicating that the card authentication has been received, information indicating the date and time when the user logged in, and the like. The user identification information extracted previously is set in the user identification information.

  On the other hand, if the authentication fails, a screen informing the fact is displayed on the display device 22, and the process waits until the card identification information D11 is acquired again.

  The biometric authentication processing unit 101b of the authentication processing unit 101 performs processing when the user attempts to log in after receiving biometric authentication.

  When the user causes his / her hand or finger to be read by the biometric authentication device 24, the biometric authentication processing unit 101b acquires the user's physical feature data as biometric identification information D12 via the biometric authentication device control unit 10j. .

  Then, the biometric registration information D22 stored in the auxiliary storage device 10d is read out and referred to. In the biometric registration information D22, biometric identification information D12 that permits login and user identification information (user ID) that is information for identifying a user having the physical characteristics indicated therein are registered in advance.

  The biometric authentication processing unit 101b compares the acquired biometric identification information D12 with the biometric identification information D12 registered in the biometric registration information D22, and determines whether or not the user who is attempting to log in is a legitimate user. . That is, the success or failure of authentication is determined.

  When the authentication is successful, user identification information corresponding to the biometric identification information D12 registered in the biometric registration information D22 that matches the acquired biometric identification information D12 is extracted from the biometric registration information D22.

  Then, biometric authentication success information D32, which is information indicating the authentication result as shown in FIG. 4B, is issued to the authentication level management unit 102 and the authentication history holding unit 103. Also, a level lowering timer set notification S10 is issued to the level lowering timer unit 104. Thereby, the login by the living body is established.

  The biometric authentication success information D32 includes user identification information indicating the authenticated user, information indicating that the biometric authentication has been received, information indicating the date and time when the user logged in, and the like. The user identification information extracted previously is set in the user identification information.

  On the other hand, if the authentication fails, a screen to that effect is displayed on the display device 22, and the process waits until the biometric identification information D12 is acquired again.

  The department authentication processing unit 101c of the authentication processing unit 101 performs processing when the user attempts to log in after receiving department authentication.

  When the user inputs an ID of a department to which the user belongs and a password paired therewith to the input device 21, the department authentication processing unit 101c passes the input ID of the department and the pair with the input ID via the input device control unit 10g. A set of passwords to be obtained is acquired as department identification information D13.

  Then, the department registration information D23 stored in the auxiliary storage device 10d is read out and referred to. In the department registration information D23, department identification information D13 permitting login is registered in advance.

  The department authentication processing unit 101c compares the acquired department identification information D13 with the department identification information D13 registered in the department registration information D23 to determine whether or not the user who is logging in is a legitimate user. . That is, the success or failure of authentication is determined.

  When the authentication is successful, department authentication success information D33, which is information indicating the authentication result, as shown in FIG. 4C is issued to the authentication level management unit 102 and the authentication history holding unit 103. Also, a level lowering timer set notification S10 is issued to the level lowering timer unit 104. Thereby, the login of the department is established.

  The department authentication success information D33 includes user identification information indicating the authenticated user, information indicating that the department authentication has been received, information indicating the date and time when the user logged in, and the like. In the user identification information, the user identification information extracted in the authentication form performed prior to the department authentication is inherited and set. Examples of the authentication mode performed prior to the department authentication include card authentication and biometric authentication. Or the user identification information specified based on department identification information D13 etc. may be set to user identification information.

  On the other hand, if the authentication fails, a screen to that effect is displayed on the display device 22 and then waits until the department identification information D13 is input again.

  The individual authentication processing unit 101d of the authentication processing unit 101 performs processing when a user attempts to log in after receiving individual authentication.

  When the user inputs an individual ID assigned to the user and a password paired with the individual ID to the input device 21, the individual authentication processing unit 101d receives the input individual ID and the input ID via the input device control unit 10g. A pair of passwords to be paired is acquired as individual identification information D14.

  Then, the individual registration information D24 stored in the auxiliary storage device 10d or the like is read and referred to. In the individual registration information D24, individual identification information D14 permitting login is registered in advance.

  The individual authentication processing unit 101d compares the acquired individual identification information D14 with the individual identification information D14 registered in the individual registration information D24, and determines whether or not the user who is attempting to log in is a legitimate user. . That is, the success or failure of authentication is determined.

  When the authentication is successful, the individual authentication success information D34, which is information indicating the authentication result as shown in FIG. 4D, is issued to the authentication level management unit 102 and the authentication history holding unit 103. Also, a level lowering timer set notification S10 is issued to the level lowering timer unit 104. Thereby, an individual login is established.

  The individual authentication success information D34 includes user identification information indicating the authenticated user, information indicating that the individual authentication has been received, information indicating the date and time when the user logged in, and the like. In the user identification information, the user identification information extracted in the authentication mode performed prior to the individual authentication is inherited and set. Examples of the authentication mode performed prior to the individual authentication include card authentication and biometric authentication. Or user identification information specified based on individual identification information D14 etc. may be set to user identification information.

  On the other hand, if the authentication fails, a screen informing that effect is displayed on the display device 22, and the process waits until the individual identification information D14 is input again.

  Hereinafter, the card authentication success information D31, biometric authentication success information D32, department authentication success information D33, and individual authentication success information D34 may be collectively referred to as authentication success information D30.

  The authentication level management unit 102 manages login user information UI, which is information indicating a logged-in user, and an authentication level UL, which is information indicating the latest authentication level (security level) assigned to the user.

  The authentication level management unit 102 holds the managed login user information UI and authentication level UL in an area on the RAM 10b. Therefore, when the image processing apparatus 1 is turned off, the information is lost.

  Upon receiving the authentication success information D30 from the authentication processing unit 101, the authentication level determination unit 102a of the authentication level management unit 102 displays user identification information indicating the authenticated user included in the authentication success information D30 as login user information. Set to UI.

  Further, based on the authentication success information D30 and the contents registered in the authentication level / authentication form correspondence table TBL1 as shown in FIG. 5, the value of the authentication level UL to be given to the user is determined, and the authentication level UL is set. Set.

  In the authentication level / authentication form correspondence table TBL1, a correspondence relationship between a combination of authentication states by a plurality of authentication forms and an authentication level UL to be assigned is registered in advance. Here, “not yet” indicates that the authentication by the authentication form is not successful, and “done” indicates that the authentication by the authentication form has been successful. Note that the authentication level / authentication form correspondence table TBL1 is stored in the auxiliary storage device 10d or the like, and is appropriately read and referred to.

  When the authentication level management unit 102 has not received any authentication success information D30 of the card authentication success information D31, biometric authentication success information D32, department authentication success information D33, and individual authentication success information D34 from the authentication processing unit 101. The authentication level UL is set to “level 0”. That is, “level 0” is an initial value of the authentication level UL and is a value indicating a state where the user is not logged in.

  Upon receiving the card authentication success information D31 when the authentication level UL is set to “level 0”, the authentication level determination unit 102a updates the authentication level UL to “level 1”. When the biometric authentication success information D32 is received when the authentication level UL is set to “level 1”, the authentication level UL is updated to “level 2”. When the department authentication success information D33 is received when the authentication level UL is set to “level 2”, the authentication level UL is updated to “level 3”. When the individual authentication success information D34 is received when the authentication level UL is set to “level 3”, the authentication level UL is updated to “level 4”.

  Therefore, each time the authentication is successful in each type of authentication mode, the user acquires a higher authentication level UL.

  Based on the authentication level UL managed by the authentication level management unit 102 and the usage authority / necessary authentication level correspondence table TBL2 as shown in FIG. Give. That is, control is performed so as to limit the functions that can be used by the user according to the authentication level UL acquired by the user.

  For example, a user who has acquired the authentication level UL “level 1” is given authority to use the print function and the copy function. The user who has acquired the authentication level UL “level 2” is further granted authority to use the BOX function. The user who has obtained the authentication level UL “level 3” is further given the authority to use the scan function and the function to access the network in the department. The user who has acquired the authentication level UL “level 4” is further given authority to use an access function to an external network.

  Therefore, as the user acquires a higher authentication level UL, the usable functions are expanded.

  The authentication history holding unit 103 holds the authentication success information D30 issued from the authentication processing unit 101 for the history holding time T10. The history holding time T10 is set to a value of about 5 minutes to 1 hour, for example.

  If the user has been authenticated a plurality of times, the authentication success information D30 for each time is stored. For example, when card authentication, biometric authentication, department authentication, and individual authentication are received, card authentication success information D31, biometric authentication success information D32, department authentication success information D33, and individual authentication success information D34 are held.

  The authentication history holding unit 103 holds the authentication success information D30 in an area on the RAM 10b. Therefore, when the image processing apparatus 1 is turned off, the information is lost.

[Processing at automatic logout]
Next, the contents of processing executed when the logged-in user has not performed an operation for a certain period will be described. In this embodiment, the process in this case is handled as a process at the time of automatic logout.

  As described above, the level lowering timer unit 104 is issued the level lowering timer set notification S10 from the authentication processing unit 101 when the user is authenticated.

  When the user operation detection unit 106 detects that the user has performed some operation based on the information acquired via the input device control unit 10g, the user operation detection unit 106 issues a level decrease timer set notification S10 to the level decrease timer unit 104.

  Therefore, the level lowering timer unit 104 is also issued with the level lowering timer set notification S10 when the user performs some operation.

  The level reduction timer unit 104 issues a level reduction notification S20 to the authentication level management unit 102 at a predetermined timing.

  That is, when the level lowering timer unit 104 receives the level lowering timer set notification S10, it starts timing from that point of time, and when it reaches the level lowering time T20, it stops timing and sends the level lowering notification S20 to the authentication level management unit 102. To issue. Then, the timing starts again from that point. When a new level lowering timer set notification S10 is received before reaching the level lowering time T20, time counting is started again from that point.

  That is, the timer is reset every time the level lowering timer set notification S10 is received and every time the level lowering notification S20 is issued.

  Upon receiving the level lowering notification S20 from the level lowering timer unit 104, the authentication level lowering unit 102b of the authentication level managing unit 102 lowers the authentication level UL to a value one step lower.

  For example, when the level lowering notification S20 is received when the authentication level UL is set to “level 4”, the authentication level UL is lowered to “level 3”.

  Therefore, when the user does not perform an operation for a predetermined time, the values of the latest authentication level UL managed by the authentication level management unit 102 are “level 4”, “level 3”, “level 2”, “level In order of “1”, the level falls step by step at every level lowering time T20. When the level drops to “Level 1”, automatic logout occurs.

  When the authentication level lowering unit 102b receives the level lowering notification S20 from the level lowering timer unit 104 and lowers the authentication level UL to “level 1” which is an automatic logout state, the login user information UI and the history deletion timer set notification S30 are displayed. Issued to the history deletion timer unit 105. As a result, automatic logout is established. As a result, the login user information UI issued to the history deletion timer unit 105 indicates user identification information related to the user who has logged in immediately before.

  The login user information UI and the history deletion timer set notification S30 may be issued when the value is updated to a value other than “level 1”, for example, “level 0”.

  The history deletion timer unit 105 issues a history deletion notification S40 to the authentication history holding unit 103 at a predetermined timing.

  That is, when the log deletion timer unit 105 receives the log-in user information UI and the log deletion timer set notification S30 from the authentication level management unit 102, the log deletion timer unit 105 starts timing from that point, and when it reaches the log holding time T10, The login user information UI and the history deletion notification S40 are issued to the authentication history holding unit 103. As a result, the login user information UI issued to the authentication history holding unit 103 indicates user identification information relating to a user who has already been automatically logged out.

  Upon receiving the login user information UI and the history deletion notification S40 from the history deletion timer unit 105, the authentication history holding unit 103 receives the user identification information set in the login user information UI among the held authentication success information D30. The authentication success information D30 including the same user identification information is deleted. If there are a plurality of corresponding authentication success information D30, all of them are deleted.

  For example, card authentication success information D31, biometric authentication success information D32, department authentication success information D33, and individual authentication success information D34 including the same user identification information as the user identification information set in the login user information UI. Delete all of them.

  As described above, when the user does not perform an operation for a certain period, automatic logout is performed, and the authentication history for the logged out user is deleted after the history holding time T10 has elapsed from the time of automatic logout.

[Processing at manual logout]
Next, the contents of processing executed when the logged-in user performs logout operation himself will be described. In this embodiment, the process in this case is handled as a process at the time of manual logout.

  The logout operation detection unit 107 issues a logout notification S50 to the authentication level management unit 102 when it detects that the user has performed a logout operation on the basis of information acquired via the input device control unit 10g.

  Upon receiving the logout notification S50 from the logout operation detection unit 107, the authentication level initialization unit 102c of the authentication level management unit 102 initializes the authentication level UL to “level 0” which is a manual logout state. Then, the login user information UI and the history deletion timer set notification S30 are issued to the history deletion timer unit 105. This establishes manual logout. As a result, the login user information UI issued to the history deletion timer unit 105 indicates user identification information related to the user who has logged in immediately before.

  It should be noted that a value other than “level 0”, for example, “level 1” may be updated and the login user information UI and history deletion timer set notification S30 may be issued.

  After that, the authentication history holding unit 103 and the history deletion timer unit 105 perform the same processing as in the above automatic logout, and after the log holding time T10 has elapsed from the time of manual logout, The authentication history is deleted.

[Re-login processing]
Next, the contents of processing executed when the user uses the authentication history when it has been used before will be described. In this embodiment, the process in this case is handled as a process at the time of re-login.

  The user receives card authentication again and logs in again.

  The re-authentication processing unit 101e of the authentication processing unit 101 performs processing when the user tries to log in again after receiving card authentication again.

  When the card authentication device 23 reads the card used for the previous authentication by the user, the re-authentication processing unit 101e receives the card identification information (card ID) recorded on the authentication card via the card authentication device control unit 10i. ) As re-input information D41.

  Then, the card registration information D21 stored in the auxiliary storage device 10d is read out and referred to. The acquired re-input information D41 and the card identification information D11 registered in the card registration information D21 are collated, and the card identification information D11 registered in the card registration information D21 matches the acquired re-input information D41. Corresponding user identification information is extracted from the card registration information D21.

  However, when user identification information (user ID) is recorded on the authentication card, it may be acquired.

  Then, the authentication success information D30 including the same user identification information as the extracted user identification information is extracted from the authentication success information D30 stored in the authentication level management unit 102. If there are a plurality of corresponding authentication success information D30, all of them are extracted. When the corresponding authentication success information D30 does not exist, the re-input information D41 is handed over to the card authentication processing unit 101a as the card identification information D11, and the same processing as that at the time of the first login described above is performed.

  When the corresponding authentication success information D30 is extracted, re-login is established by performing the following processing.

  That is, when only the card authentication success information D31 is extracted, user identification information related to the re-logged-in user and card authentication recovery information D51, which is information indicating that card authentication has been received, are sent to the authentication level management unit 102. Issue.

  Alternatively, when the card authentication success information D31 and the biometric authentication success information D32 are extracted, the user identification information relating to the re-logged-in user and the biometric authentication recovery information D52, which is information indicating that biometric authentication has been received, are authenticated. Issued to the level management unit 102.

  Alternatively, when the card authentication success information D31, the biometric authentication success information D32, and the department authentication success information D33 are extracted, the user identification information related to the re-logged-in user and the information indicating that the department authentication has been received. The department authentication recovery information D53 is issued to the authentication level management unit 102.

  Alternatively, when the card authentication success information D31, the biometric authentication success information D32, the department authentication success information D33, and the individual authentication success information D34 are extracted, the user identification information related to the re-logged-in user and the individual authentication are received. The individual authentication recovery information D54, which is information indicating this, is issued to the authentication level management unit 102.

  Hereinafter, the card authentication recovery information D51, biometric authentication recovery information D52, department authentication recovery information D53, and individual authentication recovery information D54 may be collectively referred to as authentication recovery information D50.

  Upon receiving the authentication recovery information D50 from the authentication processing unit 101, the authentication level recovery unit 102d of the authentication level management unit 102 receives the user identification information related to the re-logged-in user included in the authentication recovery information D50 as the login user information UI. Set to.

  Further, based on the authentication recovery information D50 and the contents registered in the authentication level / authentication form correspondence table TBL1 as shown in FIG. 5, the following processing is performed to give to the re-logged-in user. The value of the authentication level UL is determined and set to the authentication level UL.

  That is, when the card authentication recovery information D51 is received, the authentication level UL is updated to “level 1” or maintained at “level 1”. When the biometric authentication recovery information D52 is received, the authentication level UL is updated to “level 2”. When the department authentication recovery information D53 is received, the authentication level UL is updated to “level 3”. When the individual authentication recovery information D54 is received, the authentication level UL is updated to “level 4”.

  As described above, when logging in again from the time when the user is automatically logged out or manually logged out until the history holding time T10 elapses, the value obtained when the authentication level UL is logged in last time only by receiving the card authentication again. Is updated to the highest value.

  Therefore, even if the user logs out once, the user has returned again because the other user has to use the image processing apparatus 1 or because the work in the image processing apparatus 1 has to be interrupted. In this case, the original authentication level UL can be quickly acquired.

  Moreover, the authentication success information D30 held in the authentication history holding unit 103 is deleted after the history holding time T10 has elapsed from the time of logout. Further, the login user information UI and the authentication level UL managed by the authentication level management unit 102, and the authentication success information D30 stored in the authentication history storage unit 103 are stored in the RAM 10b, and are stored in the image processing apparatus 1. It disappears when the power is turned off. Therefore, security is ensured.

  An example of the flow of processing at the time of automatic logout in the present embodiment will be described with reference to the flowchart shown in FIG.

  The image processing apparatus 1 performs authentication each time one of the identification information D11 to D14 for login authentication is received, and performs authentication a plurality of times (# 201).

  An authentication level UL is determined based on a plurality of authentication results (# 202).

  The authentication success information D30 for a plurality of times is stored (# 203).

  The timing of the level lowering timer for timing to drop the value of the authentication level UL is started (# 204).

  If any operation is performed within the level lowering time T20 after the level lowering timer starts counting (No in # 205), the level lowering timer is interrupted and restarted (# 204).

  On the other hand, if no operation is performed within the level lowering time T20 and the level lowering timer reaches the level lowering time T20 which is a time limit (Yes in # 205), the authentication level UL is lowered by one step (# 206).

  If the authentication level UL has not dropped to the predetermined level (No in # 207), the level lowering timer is started again (# 204). On the other hand, when the authentication level UL has fallen to a predetermined level (Yes in # 207), the history deletion timer for measuring the timing for deleting the authentication history is started (# 208). These predetermined levels are, for example, “level 1” or “level 0”.

  Next, an example of the flow of processing at the time of re-login in the present embodiment will be described with reference to the flowchart shown in FIG.

  If re-login is performed within the history retention time T10 after the history deletion timer has started (Yes in # 301), it is given at the previous login based on the stored authentication success information D30. Return to the authentication level UL (# 302).

  On the other hand, if the re-login is not performed within the history holding time T10 (No in # 301), the stored authentication success information D30 is deleted (# 303).

  Next, an example of a detailed flow of the authentication level return process (# 302) will be described with reference to the flowchart shown in FIG.

  When the biometric authentication success information D32 does not exist as the authentication success information D30 (Yes in # 401), the authentication level UL is set to “level 1” (# 402). That is, it is determined that only the authentication success information D31 exists, and the authentication level UL is set to “level 1”.

  If the biometric authentication success information D32 exists (Yes in # 401) and the department authentication success information D33 does not exist (No in # 403), the authentication level UL is set to “level 2” (# 404).

  If the department authentication success information D33 exists (Yes in # 403) and the individual authentication success information D34 does not exist (No in # 405), the authentication level UL is set to “level 3” (# 406).

  If the individual authentication success information D34 exists (Yes in # 405), the authentication level UL is set to “level 4” (# 407).

  In the above-described embodiment, the image processing apparatus 1 is configured to perform user authentication, but may be configured to perform user authentication using an authentication server or the like provided in the network system NW. In that case, the image processing apparatus 1 may transmit the identification information D11 to D14 for login authentication to the authentication server and acquire the authentication result from the authentication server.

  Further, in the above-described embodiment, the authentication processing unit 101 is configured to perform authentication with different types of authentication modes once each time when performing multiple times of authentication. You may become the structure which implements the authentication by a form in multiple times. For example, card authentication may be performed for each of a plurality of authentication cards, or biometric authentication may be performed for each individual finger.

  In the above-described embodiment, the re-authentication processing unit 101e is configured to acquire the card identification information as the re-input information D41, but is configured to acquire other information as the re-input information D41. Also good. That is, the user is supposed to log in again after receiving card authentication, but may log in again after receiving biometric authentication, department authentication, individual authentication, or the like.

  In the above-described embodiment, the entire image processing apparatus 1 or the configuration of each unit can be changed as appropriate in accordance with the gist of the present invention. In addition, the processing content, processing order, table configuration, and the like performed by them can be changed as appropriate in accordance with the spirit of the present invention.

1 Image Processing Device 101a Card Authentication Processing Unit (Authentication Unit)
101b Biometric authentication processing unit (authentication means)
101c Department authentication processing unit (authentication means)
101d Individual authentication processing unit (authentication means)
102a Authentication level determination unit (level determination means)
102b Authentication level lowering unit (level lowering means)
102d Authentication level recovery unit (level recovery means)
UL authentication level (level)

Claims (4)

An image processing apparatus that restricts functions available to a user based on the level of the user,
A plurality of authentication means for authenticating the user;
Level determining means for determining the level based on a result of one or more of the plurality of authentication means authenticating the user;
Level lowering means for lowering the level one by one each time a state in which there is no operation by the user continues for a predetermined time ;
Level recovery means for recovering the level to a level determined by the level determination means when the user is authenticated again by at least one of the plurality of authentication means after the level has decreased;
An image processing apparatus comprising: The level recovery means determines the level determined by the level determination means when the user is re-authenticated until a first predetermined time elapses after the level drops to the predetermined level. To recover,
The image processing apparatus according to claim 1. A use function restriction method for restricting functions usable by a user in an image processing apparatus having a plurality of authentication means based on the level of the user,
A first step of causing at least one of the plurality of authentication means to execute a process of authenticating the user;
A second step of causing the image processing apparatus to execute a process of determining the level based on a result of one or more of the plurality of authentication means authenticating the user;
A third step of causing the image processing apparatus to execute a process of decreasing the level by one each time a state in which the user does not perform an operation continues for a predetermined time ;
After the level is lowered, when the user is authenticated again by at least one of the plurality of authentication means, a process for restoring the level to the level determined in the second step is performed as the image processing. A fourth step for the device to perform;
A method for limiting the use function, comprising: A computer program used for an image processing apparatus that has a plurality of authentication means and restricts a function that a user can use based on the level of the user,
Causing at least one of the plurality of authentication means to execute a first process for authenticating the user;
Causing the image processing apparatus to execute a second process for determining the level based on a result of one or more of the plurality of authentication means authenticating the user;
Each time a state in which there is no operation by the user continues for a predetermined time, the image processing apparatus is caused to execute a third process for decreasing the level one by one ,
A fourth process for restoring the level to the level determined in the second process when the user is authenticated again by at least one of the plurality of authentication means after the level is lowered; Causing the image processing apparatus to execute;
A computer program characterized by the above.

Images