Information processing system, apparatus, method, server, program product, and recording medium
By establishing a virtual private line between the image processing device and the VPN server, and using the VPN server to manage the processing requests of the image processing device, the security and management issues of the image processing device in a remote office environment are solved, and a mechanism for verifying the legitimacy of the image processing device and charging is realized.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- FUJIFILM BUSINESS INNOVATION CORP
- Filing Date
- 2021-09-02
- Publication Date
- 2026-06-30
AI Technical Summary
In a remote work environment, how can we ensure that image processing devices (such as multifunction printers) lent to users are not used for private purposes in terms of security and management, while allowing them to conduct necessary business processing outside the company?
By establishing a virtual private line between the image processing device and the VPN server, the VPN server manages the processing requests of the image processing device, allowing only communication via the virtual private line, and ensuring legitimate use through certificate management and periodic beacon confirmation of connection status.
It enables secure management of image processing devices, preventing private use while ensuring business processing needs outside the company, and provides a mechanism for verifying the legality of processing and charging.
Smart Images

Figure CN115129271B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to an information processing system, a server, an information processing device, a recording medium, and an information processing method. Background Technology
[0002] It is not uncommon to need to access a company's internal network system (hereinafter referred to as the "internal system") from an external location, such as a business trip destination. In this case, the following technology is used: a VPN server is connected to the internal system, enabling the PC brought outside to establish a VPN connection with the VPN server. Thus, the PC can access the internal system from the outside while maintaining security.
[0003] In recent years, opportunities for remote work and other business operations outside the company have increased. In such cases, for business processing, it is desirable to have multifunction printers available to users both outside and inside the company, just as they would inside. In this context, considering security, communication such as sending data to the multifunction printer or executing instructions is preferably conducted via an internal VPN server.
[0004] Patent Document 1: Japanese Patent No. 6214445 Specification
[0005] Patent Document 2: Japanese Patent No. 4882030 Specification
[0006] Patent Document 3: Japanese Patent Application Publication No. 2008-289040
[0007] Patent Document 4: Japanese Patent Application Publication No. 2004-274448 Summary of the Invention
[0008] The purpose of this invention is to enable an information processing device connected to an organization's local area network via a virtual private line to perform processing under the condition of communicating via a virtual private line.
[0009] The information processing system of the present invention is characterized by having: a first processor mounted on a server connected to a local area network (LAN) of the user's organization; and a second processor mounted on an information processing device located outside the LAN. The first processor performs the following processing: when relaying processing request information to the information processing device, including data as the object of processing and processing information including identification information of the processing, information determining the request source of the processing, and identification information of the information processing device as the request destination of the processing, the first processor establishes a corresponding association between the processing identification information contained in the processing request information and the identification information of the information processing device to generate processing management information, and registers it in a processing management information storage unit, depending on whether the request can be executed... For a confirmation request for processing of the processing request information sent from the information processing device via a virtual leased line established with the information processing device, if the identification information of the information processing device and the identification information of the processing contained in the confirmation request are registered in the processing management information storage unit, the second processor replies with execution permission information indicating that the processing can be executed. The second processor performs the following processing: based on the processing request information, it sends a confirmation request for whether the processing, including the identification information of the information processing device and the identification information of the requested processing, can be executed to the server via the virtual leased line established with the server. If the server replies with execution permission information based on the sent confirmation request, the requested processing is executed.
[0010] Furthermore, the first processor does not perform the processing if the identification information of the information processing device and the group of processing identification information contained in the confirmation request sent from the information processing device are not registered in the processing management information storage unit.
[0011] Furthermore, the first processor notifies the organization's manager of a confirmation request that includes identification information of an information processing device not registered in the processing management information storage unit and the processed identification information of a group.
[0012] Furthermore, the second processor is characterized in that it performs the following processing: sending issuance request information for a certificate that includes the identification information of the information processing device and is used when connecting to the virtual leased line with the server; obtaining the certificate from the server according to the issuance request information; using the certificate to connect to the virtual leased line when the information processing device is started; and not receiving information from outside the virtual leased line when the virtual leased line is connected.
[0013] Furthermore, the first processor performs the following processing: when issuing a certificate according to the issuance request information, it associates the certificate issued to the information processing device with the identification information of the information processing device contained in the issuance request information and registers it in the issuance destination information storage unit, and issues the certificate only if the identification information of the information processing device contained in the issuance request information is not registered in the issuance destination information storage unit.
[0014] Furthermore, the second processor, after connecting to the virtual private line, periodically sends a signal indicating that the virtual private line has been connected to the server via the virtual private line, while the first processor, after issuing the certificate, waits for the signal to be sent from the information processing device.
[0015] Furthermore, the first processor notifies the administrator of the organization if the signal is not sent from the information processing device within a specified period.
[0016] Furthermore, the second processor, when performing the processing according to a processing request, records in the information processing device a discrimination information that distinguishes whether the processing performed is based on a request via the virtual private line or on a request not made via the virtual private line.
[0017] Furthermore, the first processor performs the following processing: obtaining the discrimination information from the information processing device via the virtual private line, and notifying the organization's administrator of the situation if processing has not been performed according to the processing request from the virtual private line.
[0018] Furthermore, the first processor charges a fee for executing a process if the processing performed by the information processing device is based on a process request not made by the virtual private line.
[0019] Furthermore, the information processing device is characterized in that it is an image forming device lent to users belonging to the organization.
[0020] The server involved in this invention has a processor, is connected to the local area network of the user's organization, and is connected to an information processing device located outside the local area network via a virtual leased line. The server is characterized in that the processor performs the following processing: when a processing request message is sent to the information processing device, including data as the object of processing and processing information including identification information of the processing, information determining the request source of the processing, and identification information of the information processing device as the request destination of the processing, the processor establishes a corresponding association between the identification information of the processing contained in the processing request message and the identification information of the information processing device to generate processing management information and registers it in a processing management information storage unit; and, based on whether a confirmation request for processing of the processing request message sent from the information processing device via the virtual leased line established with the information processing device can be executed, if the identification information of the information processing device and the identification information of the processing contained in the confirmation request are registered in the processing management information storage unit, the processor replies with execution permission information indicating that the processing can be executed.
[0021] The information processing apparatus of the present invention includes a processor and is connected to a server and located outside the local area network of the user's organization. The server is characterized in that the processor performs the following processing: according to processing request information, it sends a confirmation request to the server via a virtual leased line established with the server to confirm whether the processing, including identification information of the information processing apparatus and identification information of the processing to be executed, is permitted; and if the server replies with execution permission information according to the sent confirmation request, it executes the requested processing.
[0022] The recording medium of the present invention records a program for enabling a computer in an information processing system that forms a server connected to a local area network (LAN) of a user's organization and an information processing device located outside the LAN to perform the following functions: when relaying processing request information sent to the information processing device, including data as the object of processing and processing information including identification information of the processing, information determining the source of the request for the processing, and identification information of the information processing device as the destination of the request for the processing, the program establishes a corresponding association between the identification information of the processing contained in the processing request information and the identification information of the information processing device to generate processing management information and registers it in a processing management information storage unit; and the program also includes a function that, depending on whether execution is possible, targets established via the information processing device... The system provides a function to respond with execution permission information indicating that the processing request information sent from the information processing device via the proposed leased line is allowed to be executed, provided that the identification information of the information processing device and the identification information of the processing contained in the confirmation request are registered in the processing management information storage unit. It also records a program for enabling the computer forming the information processing device to perform the following functions: sending a confirmation request to the server, via a virtual leased line established with the server, regarding whether the processing request information allows execution of the processing including the identification information of the information processing device and the identification information of the requested processing; and executing the requested processing if the server responds with execution permission information based on the sent confirmation request.
[0023] The information processing method of the present invention includes the following steps: when a processing request message is sent to an information processing device, including data as the object of processing and processing information including identification information of the processing, information determining the request source of the processing, and identification information of an information processing device as the request destination of the processing, the processing management information is generated by establishing a corresponding association between the identification information of the processing contained in the processing request message and the identification information of the information processing device, and registered in a processing management information storage unit; and if, based on a confirmation request for whether the processing of the processing request message sent from the information processing device via a virtual leased line established with the information processing device can be executed, and if the group of identification information of the information processing device and the identification information of the processing contained in the confirmation request is registered in the processing management information storage unit, an execution permission message indicating that the processing can be executed is replied, and the method includes the following steps: based on the processing request message, a confirmation request for whether the processing including the identification information of the information processing device and the identification information of the processing to be executed is sent to the server via a virtual leased line established with the server; and if the server replies with the execution permission message based on the sent confirmation request, the requested processing is executed.
[0024] Invention Effects
[0025] According to the first aspect of the present invention, an information processing device connected to an organization's local area network via a virtual private line can perform processing under the condition of communication via the virtual private line.
[0026] According to the second aspect of the present invention, it is possible to prevent the execution of processes that are not relayed by the server.
[0027] According to the third aspect of the present invention, it is possible to notify the administrator that a confirmation request has been received regarding whether a process not managed by the server can be executed.
[0028] According to the fourth aspect of the present invention, it is possible to restrict the information received by the information processing device to always being received via a server.
[0029] According to the fifth aspect of the present invention, it is possible to limit the issuance of multiple certificates to an information processing device.
[0030] According to the sixth aspect of the present invention, it can be confirmed that a virtual private line is connected between the server and the information processing device.
[0031] According to the seventh aspect of the present invention, it is possible to notify the administrator that although a certificate has been issued, the virtual leased line has not been connected to the information processing device for a specified period.
[0032] According to the eighth aspect of the present invention, it is possible to determine whether the performed process is based on an execution instruction via a virtual private line.
[0033] According to the ninth aspect of the present invention, the administrator information processing device can be notified that processing has been performed without the request from the virtual leased line.
[0034] According to the tenth aspect of the present invention, it is possible to charge for processing performed without the execution instruction of the virtual leased line.
[0035] According to the eleventh aspect of the present invention, it is possible to control and manage the execution of the processing of the image forming apparatus lent to the user.
[0036] According to the 12th aspect of the present invention, an information processing device connected to an organization's local area network via a virtual private line can perform processing under the condition of communication via the virtual private line.
[0037] According to the 13th aspect of the present invention, an information processing device connected to an organization's local area network via a virtual private line can perform processing under the condition of communication via the virtual private line.
[0038] According to the 14th aspect of the present invention, an information processing device connected to an organization's local area network via a virtual private line can perform processing under the condition of communication via the virtual private line.
[0039] According to the 15th aspect of the present invention, an information processing device connected to an organization's local area network via a virtual private line can perform processing under the condition of communication via the virtual private line. Attached Figure Description
[0040] The embodiments of the present invention will be described in detail with reference to the following figures.
[0041] Figure 1 This is a block diagram illustrating one embodiment of the information processing system involved in this invention;
[0042] Figure 2 This is a timing diagram illustrating the processes used to implement image processing management in the image processing apparatus in this embodiment;
[0043] Figure 3 This is a flowchart illustrating the certificate issuance process in this embodiment;
[0044] Figure 4 This is a timing diagram illustrating the processes performed when a user performs printing in this embodiment;
[0045] Figure 5 This is a diagram illustrating an example of a data structure for job management information stored in the job management information storage unit of this embodiment.
[0046] Symbol Explanation
[0047] 1-Network, 100-Home, 110-Image Processing Device, 111-Image Processing Department, 112-Certificate Acquisition Department, 113-VPN Connection Processing Department, 114-Beacon Sending Department, 115-Processing Monitoring Department, 116-Usage History Information Storage Department, 120-User Terminal, 121-Acquisition Agent Department, 122-Processing Request Department, 130-Router, 200-Company, 210-VPN Server, 211-Certificate Issuance Department, 212-VPN Server Function Processing Department, 213-Operations Management Department, 214-VPN Monitoring Department, 215-Notification Department, 216-Charging Processing Department, 217-Certificate Information Storage Department, 218-Operations Management Information Storage Department, 220-Image Processing Device, 230-PC at Home, 240-LAN. Detailed Implementation
[0048] Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings.
[0049] Figure 1 This is a block diagram illustrating one embodiment of the information processing system involved in the present invention. Figure 1The diagram illustrates a structure where systems located at home 100 and company 200 are connected via a network 1, such as the Internet. As hardware, the information processing system in this embodiment can be implemented by combining existing computers, and as described later, the control of the characteristic information processing in this embodiment is achieved through software running on each computer.
[0050] Information processing systems may include multiple proprietary systems and multiple company systems, as long as they each have the structure described later. Figure 1 Each system is illustrated in the diagram.
[0051] 100 of our own Figure 1 The company's employees, etc. (hereinafter referred to as "users"), are located at their own 100. Since their own 100 is located outside the company's internal LAN (Local Area Network) system, it cannot be guaranteed to be a secure environment in terms of security.
[0052] The company 100 is equipped with an image processing device 110, a user terminal 120, and a router 130. The router 130 relays data communication between the image processing device 110 and the user terminal 120, and devices such as a VPN server 210 that have other communication functions via network 1. The user terminal 120 is a PC (Personal Computer) used by the user. However, it is not limited to a PC and can be any terminal device as long as it can perform VPN connections or execute job requests as described later. In this embodiment, it is assumed that the company 200 lends the image processing device 110 to the user to support the user's remote work from home 100.
[0053] The image processing apparatus 110, also known as an image forming apparatus, is a multifunction printer equipped with printing, copying, and scanning functions, along with various image processing capabilities. It functions as an information processing unit with a built-in computer. The image processing apparatus 110 includes a CPU as a second processor, ROM, RAM, and HDD; a scanner as an image reading device for reading images from media such as paper; a print engine as an image forming device for forming images on media; an operation panel that receives user instructions and displays information; and a network interface for connecting to communication lines such as Network 1. Furthermore, it may include an external media interface for connecting external storage devices such as USB memory and flash memory, and a wireless communication unit for short-range wireless communication with the user terminal 120.
[0054] The image processing apparatus 110 includes an image processing unit 111, a certificate acquisition unit 112, a VPN connection processing unit 113, a beacon sending unit 114, a processing monitoring unit 115, and a historical data storage unit 116. The image processing unit 111 performs image processing based on requests from the user. In this embodiment, printing is performed by executing a print job as image processing. Therefore, in the following description, "image processing" is used in the same sense as "print job".
[0055] In principle, the image processing apparatus 110 in this embodiment performs image processing based on processing requests received via a VPN connected to the company 200. The certificate acquisition unit 112 performs processing to obtain the certificate required for connecting to the VPN server 210 of the company 200.
[0056] VPN connection processing unit 113 establishes a VPN connection with the VPN server 210 of the user's company 200. In this embodiment, the connection between the two, for example, the image processing device 110 and the VPN server 210, to enable communication via a VPN is called a "VPN connection". Furthermore, VPN connection processing unit 113 disconnects the connected VPN upon receiving a termination request.
[0057] The beacon sending unit 114 periodically sends a heartbeat signal (hereinafter referred to as a "beacon") indicating that the VPN is connected to the VPN to the VPN server 210 via the VPN. In this embodiment, as described above, in principle, the image processing unit 111 performs image processing based on processing requests received via the VPN connected to the company 200. However, depending on the circumstances, the image processing unit 111 may exceptionally perform image processing based on processing requests not received by the VPN. When the processing is performed according to the processing execution instruction, the processing monitoring unit 115 records the discrimination information that distinguishes whether the performed processing is based on a request via the VPN or on a processing not received by the VPN in the historical record information storage unit 116.
[0058] Each component 111 to 115 in the image processing apparatus 110 is implemented through the coordinated operation of a computer mounted on the image processing apparatus 110 and a program running on a CPU mounted on the computer as a second processor. Furthermore, the historical data storage unit 116 is implemented using an HDD mounted on the image processing apparatus 110. Alternatively, RAM or other information processing devices within the home 100 can be used via a home LAN.
[0059] As described above, user terminal 120 is for user use. User terminal 120 can also be used at home 100 by bringing a PC used at company 200, such as PC 230 at one's own desk. User terminal 120 has an acquisition agent unit 121 and a processing request unit 122. The acquisition agent unit 121 acquires a certificate for the image processing device 110 in home 100. The processing request unit 122 requests image processing from the image processing device 110 by instructing the execution of image processing.
[0060] The constituent elements 121 to 122 in the user terminal 120 are realized through the coordinated action of the computer mounted on the user terminal 120 and the program running on the CPU mounted on the computer.
[0061] Company 200 has a corporate LAN system built by connecting VPN server 210, image processing device 220 and PC 230 at its own desk via LAN 240. LAN 240 may be connected to other devices, but they are not used in the description of this embodiment and are therefore omitted from the figures.
[0062] VPN server 210 primarily has functions such as VPN server function or VPN router function, for connecting to a VPN based on VPN connection requests from external devices. VPN server 210 includes a certificate issuance unit 211, a VPN server function processing unit 212, an operation management unit 213, a VPN monitoring unit 214, a notification unit 215, a billing processing unit 216, a certificate information storage unit 217, and an operation management information storage unit 218. Furthermore, components not used in the description of this embodiment are omitted from the figures.
[0063] If a certificate issuance request is received, the certificate issuance unit 211 issues a certificate according to the issuance request and if the specified conditions are met. The VPN server function processing unit 212 has VPN server functions and establishes a VPN connection according to a request from the external image processing device 110. If a processing request is received that corresponds to an execution instruction for image processing, the job management unit 213, when relaying the processing request to the image processing device 110, which is the destination of the image processing request, establishes a corresponding association between the print job identification information (hereinafter referred to as "job ID") contained in the processing request and the identification information of the image processing device 110, which is the destination of the image processing request (hereinafter referred to as "device ID"), to generate job management information and register it in the job management information storage unit 218 as processing management information.
[0064] VPN monitoring unit 214 continuously monitors the VPN connection status with image processing device 110. When a warning is required, notification unit 215 notifies users in its own 100 or administrators in company 200, as shown in the following example. If processing performed by image processing device 110 is based on a processing request not made via VPN, billing processing unit 216 charges for the execution of that processing. The information stored in each of the storage units 217-218 will be explained in conjunction with the description of the operation.
[0065] Each of the constituent elements 211 to 216 in the VPN server 210 is implemented through the coordinated operation of the computer that forms the VPN server 210 and the program running on the CPU, which is the first processor mounted on the computer. Furthermore, each of the storage units 217 to 218 is implemented using an HDD mounted on the VPN server 210. Alternatively, RAM or other information processing devices connected to the LAN 240 may be used.
[0066] Similar to image processing device 110, image processing device 220 is a multifunction printer equipped with printing, copying, and scanning functions, as well as other image processing capabilities. PC 230 at one's own desk is an information processing device used internally by users within company 100.
[0067] Furthermore, the program used in this embodiment can be provided either through the communication unit or stored on a computer-readable recording medium such as a CD-ROM or USB memory. The program provided from the communication unit or the recording medium is installed in the computer, and various processes are performed by the computer's CPU executing the program sequentially.
[0068] Next, the operation in this embodiment will be explained.
[0069] As described above, in this embodiment, considering the convenience of the user conducting business at home 100, the image processing device 110 is lent to the user. Therefore, the image processing device 110 is typically used for business purposes, and the company 200 wishes to prevent the user's private use. Therefore, in this embodiment, the execution of image processing for print jobs is limited to the image processing device 110 executing print jobs related to image processing sent to the image processing device 110 via the VPN established between the VPN server 210 and the image processing device 110. For this purpose, the VPN server 210 manages the execution of image processing within the image processing device 110.
[0070] In order for the VPN server 210 to manage the execution of image processing in the image processing device 110, firstly, a VPN needs to be established between the image processing device 110 and the VPN server 210 to create an environment capable of managing the image processing in the image processing device 110. Hereinafter, using... Figure 2 The timing diagram shown illustrates the processes used to manage image processing in the image processing apparatus 110.
[0071] First, the user needs to bring the image processing device 110 borrowed from company 200 to their own home 100 to create a usable environment. Alternatively, the user can mail it instead of carrying it themselves. For this, the user needs to establish a VPN connection with company 200's VPN server 210. As a corresponding preparation, the VPN server 210 needs to issue the certificate required for the VPN connection. To issue the certificate, the user first accesses the image processing device 110 from user terminal 120 by performing an operation for certificate issuance (step S110). Based on this operation, the image processing device 110 sends certificate issuance request information to user terminal 120 (step S120). The certificate issuance request information includes the device ID of the image processing device 110's identification device, such as a UUID or IP address, as data required to obtain the certificate.
[0072] If the device ID is obtained from the image processing device 110, the acquisition agent 121 in the user terminal 120 sends a certificate issuance request including its own identification information (hereinafter referred to as "user ID") and the device ID of the image processing device 110 to the VPN server 210 (step S130).
[0073] Additionally, user terminal 120 sends a certificate issuance request via a VPN established with VPN server 210 using information stored internally required to establish a VPN connection. Image processing device 110 has not yet established a VPN connection with VPN server 210 at this point, therefore user terminal 120 acts as an agent for image processing device 110 in obtaining the certificate.
[0074] In VPN server 210, if a certificate issuance request is received, certificate issuance unit 211 then performs certificate issuance processing (step S140) to determine whether to issue a certificate. Hereinafter, using... Figure 3 The flowchart shown illustrates the certificate issuance process.
[0075] As described above, if a certificate issuance request is received (step S141), the certificate issuance unit 211 extracts and obtains the device ID of the image processing device 110 from the certificate issuance request. Then, the certificate issuance unit 211 confirms whether the image processing device 110 from the issuance request meets the prescribed conditions. Specifically, it confirms whether the device ID of the image processing device 110 is registered in the certificate information storage unit 217. If it is not registered ("No" in step S143), the certificate issuance unit 211 issues a certificate to the image processing device 110 corresponding to the device ID (step S144).
[0076] Next, the certificate issuance unit 211 associates the issued certificate with the device ID of the image processing device 110, which is the destination of the certificate, and registers it in the certificate information storage unit 217 (step S145). Then, the certificate issuance unit 211 sends the issued certificate to the user terminal 120 of the certificate issuance request source (step S146).
[0077] Here, the data structure of the certificate information stored in the certificate information storage unit 217 will be described. As described above, the certificate information is configured to establish a corresponding association between the issued certificate and the device ID of the image processing device 110 that issued the certificate. Furthermore, a corresponding association can also be established between the user ID of the user who lent out the image processing device 110. The certificate information storage unit 217 only registers information related to the image processing device 110 that is being lent out. Therefore, when the image processing device 110 is returned, information related to the image processing device 110 is preferably managed by deleting or adding, for example, a return flag or date / time information.
[0078] On the other hand, if the device ID contained in the certificate issuance request is registered in the certificate information storage unit 217 ("Yes" in step S143), the certificate issuance unit 211 notifies the user terminal 120 of the certificate issuance request source of a warning (step S147).
[0079] The device ID included in the certificate issuance request is registered in the certificate information storage unit 217, indicating that a certificate has been issued for the image processing device 110 corresponding to the device ID. This is equivalent to a subsequent issuance request. In this embodiment, certificates are strictly managed, and re-issuance is not accepted. That is, the certificate issuance unit 211 issues a certificate only if the device ID of the image processing device 110 included in the issuance request information is not registered in the certificate information storage unit 217.
[0080] The warning includes a message stating that no further issuance will be made due to a request equivalent to a second or subsequent issuance request. Ideally, only one certificate should be issued to the image processing device 110. Therefore, multiple certificate issuance requests could constitute improper use of the image processing device 110. If the certificate is lost for a legitimate reason, the user can temporarily return the image processing device 110 and borrow it again through proper procedures.
[0081] Here, assuming it's the initial release request, let's go back to... Figure 2Continuing with the explanation in step S146 above, the certificate issuance unit 211 sends the certificate to the user terminal 120, the source of the certificate issuance request. More specifically, it sends VPN connection information required to connect to the VPN. The VPN connection information includes the server address, port number, and authentication information. The server address is the address information used to determine the VPN server 210 as the access destination, essentially setting an IP address. The port number is the port number used to connect to the VPN server 210. The authentication information is the information required by the VPN server 210 at the connection destination to authenticate the image processing device 110, including an access ID, password, the certificate issued according to the issuance request, and VPN settings including settings related to communication via the VPN (e.g., encryption method or protocol).
[0082] If VPN server connection information is obtained from VPN server 210, the acquisition agent 121 in user terminal 120 will send the VPN connection information, including the certificate, to image processing device 110 (step S150).
[0083] As described above, the image processing device 110 obtains the certificate required to connect to the VPN from the VPN server 210 via the user terminal 120.
[0084] If VPN server connection information is obtained, the image processing device 110 in this embodiment restarts (step S160). If the image processing device 110 restarts, the VPN connection processing unit 113 sends a VPN connection request including authentication information to the server address and port number contained in the VPN server connection information (step S170).
[0085] If a VPN connection request is received from the image processing device 110, the VPN server function processing unit 212 in the VPN server 210 authenticates the image processing device 110 according to the authentication information contained in the request, and then replies to allow the connection (step S180).
[0086] As described above, if VPN server 210 allows VPN connection, VPN connection processing unit 113 establishes VPN connection with VPN server 210 (step S190).
[0087] In this embodiment, the process transitions to VPN mode by establishing a VPN connection as described above (step S200). "VPN mode" refers to a mode in which the image processing device 110 maintains a VPN connection with the VPN server 210 and operates only when processing data transmitted via the VPN. Furthermore, the non-VPN mode detection process (step S210) and the improper use monitoring process (step S220) will be described later.
[0088] As described above, in this embodiment, by restarting after obtaining the certificate, the image processing device 110 always operates in VPN mode. Of course, if the user operates by automatically connecting to the VPN after obtaining the certificate according to the application rules with the company, a restart is not necessarily required. Alternatively, if the user does not directly instruct the image processing device 110 to process, the image processing device 110 can connect to the VPN upon request from the user, rather than always being connected to the VPN. However, in this embodiment, by switching to VPN mode immediately after startup, the image processing device 110 is rendered unable to directly receive image processing instructions from the user terminal 120, thereby more reliably preventing the private use of the image processing device 110.
[0089] In this embodiment, the certificate is obtained after the image processing device 110 is brought back to the user's home 100. However, the certificate can also be obtained at the company 200. In this case, the user connects the image processing device 110 to the LAN 240 to send an issuance request. The certificate issuance unit 211, after confirming, as described above, that no certificate has been issued for the image processing device 110 based on the issuance request sent from the image processing device 110, issues a certificate. Then, the image processing device 110 obtains VPN connection information including the issued certificate. Then, after the user brings it back to their home 100, they quickly start the image processing device 110, thereby enabling it to operate in VPN mode. Thus, similar to the case where the user terminal 120 proxies the certificate acquisition at home 100, the user can configure the image processing device 110 to operate without receiving information that is not transmitted via VPN.
[0090] Next, use Figure 4 The timing diagram shown illustrates the processing performed when the user prints.
[0091] The user instructs the image processing device 110 to print from the user terminal 120. More specifically, the processing request unit 122 generates a job for the image processing device 110 to execute based on the print instruction from the user specifying print object data, and sends the execution instruction (in other words, print processing request) for the job to the image processing device 110 to the VPN server 210 via the VPN established with the VPN server 210 (step S310). As in the past, the job includes print object data and job information. The job information includes the job ID, date / time information indicating the job generation date / time, the user ID of the user who gave the print instruction, information determining the source of the job, and information determining the destination of the job (in other words, information determining the image processing device 110 to execute the job). In this embodiment, the identification information of the user terminal 120 (hereinafter referred to as "terminal ID") is set as the information for determining the source of the job. And, the device ID of the image processing device 110 is set as the information for determining the image processing device 110.
[0092] If the VPN server 210 receives a print processing request from the user terminal 120, the job management unit 213 generates job management information by establishing a corresponding association between the job ID contained in the print processing request and the device ID of the image processing device 110, which is the destination of the job execution instruction, and registers it in the job management information storage unit 218 (step S320). Then, the job management unit 213 sends the job via the VPN established with the image processing device 110, which is the destination of the job execution (step S330). That is, the VPN server 210 relays the job sent from the user terminal 120 to the image processing device 110, and at this time, the job management information is generated with reference to the relayed job.
[0093] Figure 5 This diagram illustrates an example of the data structure for job management information stored in the job management information storage unit 218 of this embodiment. The job management information includes date / time information extracted from the received job, job ID, information determining the sending source, information determining the sending destination (i.e., the execution destination of the job), and a print indicator.
[0094] If a job execution request is received, the image processing unit 111 in the image processing apparatus 110 sends a confirmation request (hereinafter referred to as the "confirmation request") to the VPN server 210 via the VPN to confirm whether the received job can be executed (step S340). Additionally, the image processing apparatus 110 may sometimes receive job execution instructions without using the VPN, but regardless of the channel from which the execution instructions are received, a confirmation request will be sent to the VPN server 210 via the VPN; details will be described later. The confirmation request sent to the VPN server 210 includes the job ID extracted from the received job and its own device ID.
[0095] If a confirmation request is received, the job management unit 213 determines whether the requested job can be executed based on the confirmation request, and performs the following processing (step S350) based on the determination result. That is, if the job ID and device ID group contained in the received confirmation request are registered in the job management information storage unit 218, the job management unit 213 determines that the job execution request received by the image processing device 110 is a job execution request relayed by the VPN server 210, and allows the job to be executed. If execution is allowed, the job management unit 213 replies with execution permission information indicating that the job can be executed based on the confirmation request. In addition, job management information that matches the job ID and device ID group contained in the confirmation request is deleted from the job management information storage unit 218.
[0096] Here, assuming that the image processing device 110 receives a job execution request via the VPN server 210 to continue the description, the image processing unit 111 executes the job when the VPN server 210 allows the job to be executed (step S360). That is, printing is performed according to the job received from the user terminal 120 via the VPN server 210.
[0097] On the other hand, in step S350, if the group of job ID and device ID contained in the confirmation request is not registered in the job management information storage unit 218, it is determined that the job execution request received by the image processing device 110 is an execution request based on a job not relayed by the VPN server 210, and a warning is issued. That is, it is suspected that the user may want to use the image processing device 110 privately, and the warning includes a message that execution is not allowed. If this warning is received, the image processing unit 111 does not execute the job.
[0098] Furthermore, if the group of job ID and device ID contained in the confirmation request is not registered in the job management information storage unit 218, the job management unit 213 can also notify the administrator of the company 200 that the image processing device 110 has received a job execution request that was not relayed by the VPN server 210 via the instruction notification unit 215. Based on this notification, the administrator determines that the user may be improperly using the image processing device 110 and takes measures such as questioning the user.
[0099] As described above, according to this embodiment, the image processing apparatus 110 only performs operations via the VPN server 210, thus avoiding the execution of processes directly instructing the image processing apparatus 110 from the user terminal 120. That is, it is possible to prevent the user from privately using the image processing apparatus 110.
[0100] As a communication unit with other devices, the image processing apparatus 110 has a virtual communication interface such as a VPN and a physical communication interface. When other devices access the image processing apparatus 110 via the physical communication interface while operating in VPN mode, the image processing apparatus 110 can, for example, prevent unauthorized use by always displaying a predetermined management user interface screen. That is, if the image processing apparatus 110 is accessed, the management user interface screen is displayed on the other device, thus allowing access only to the management user interface screen. The management user interface screen may also display warning messages indicating inaccessibility or messages guiding users to predetermined operations.
[0101] Here, on Figure 2 The non-VPN mode detection process (step S210) shown is explained.
[0102] As described above, the image processing device 110 in this embodiment switches to VPN mode after startup, maintaining a constant VPN connection. However, sometimes the user may not switch to VPN mode after starting the image processing device 110, or may disconnect the VPN after connecting. It is also conceivable that the user might use the image processing device 110 privately when it is not operating in VPN mode. Therefore, in this embodiment, modes that are not VPN mode, i.e., non-VPN modes, are detected as follows.
[0103] First, if the image processing device 110 is started, the beacon sending unit 114 periodically sends heartbeat packets (hereinafter referred to as "beacons") to the VPN server 210 via the VPN as a signal indicating that the VPN connection has been established.
[0104] The VPN monitoring unit 214 in the VPN server 210 constantly waits for beacons that should be sent from the image processing device 110 via the VPN. Furthermore, the VPN monitoring unit 214 maintains an internal counter that increments at a fixed period. If a beacon is received, the VPN monitoring unit 214 resets the internally maintained counter; that is, it initializes it to 0. When a VPN is connected, the VPN monitoring unit 214 can periodically receive beacons, thus periodically resetting the counter. On the other hand, when no VPN is connected, the counter cannot be reset, so the counter increments at a fixed period. If it is not reset within a specified period, the counter will reach a predetermined upper limit. The VPN monitoring unit 214 constantly monitors the counter, so the image processing device 110 detects that no VPN connection has been established for a specified period (in other words, it is not in VPN mode). In this case, the notification unit 215 notifies the administrator, based on the instruction from the VPN monitoring unit 214, that the image processing device 110 is not operating in VPN mode. Although a user lends the image processing device 110 for use, if it is not used for a specified period (e.g., several days), it is possible that it has been used privately during that period. Therefore, based on the notification from the notification department 215, the administrator determines that the user may have improperly used the image processing device 110, and takes measures such as questioning the user.
[0105] Next, regarding Figure 2 The improper use of monitoring processing (step S220) is explained.
[0106] As described above, the image processing device 110 is lent to the user for business purposes. Therefore, private use of the image processing device 110 by the user is something to be prevented. However, if certain conditions are met, private use may be permitted. Therefore, unlike the above-described application, it is also possible to allow the image processing device 110 to perform processing even without a VPN.
[0107] When the image processing unit 111 executes a job according to the job execution request, the processing monitoring unit 115 records the discrimination information that distinguishes whether the job execution is based on a request via a VPN to the VPN server 210 or on a request without a VPN in the utilization history information storage unit 116. The utilization history information storage unit 116 accumulates the execution logs of jobs executed by the image processing device 110 as utilization history information. However, the processing monitoring unit 115 may also establish a corresponding association between the flag information indicating whether the request is via a VPN or without a VPN and the job ID contained in the utilization history information for recording. Alternatively, the utilization history information storage unit 116 may set counters as discrimination information for requests via a VPN and requests without a VPN, and increment either counter each time a job is executed.
[0108] The operation management unit 213 in the VPN server 210 retrieves usage history information from the image processing device 110 at predetermined intervals. Then, if the discrimination information detects that a user is performing a job based on an execution request that is not relayed by the VPN, the operation management unit 213 can notify the administrator through the instruction notification unit 215 that the image processing device 110 has performed a job based on an execution request that is not relayed by the VPN server 210.
[0109] Furthermore, the charging processing unit 216 charges the user for executing jobs without a VPN request. The calculation and collection methods for the charges are the same as in conventional methods and are not features of this embodiment, therefore they will not be specifically mentioned.
[0110] According to this embodiment, as described above, users may also have private access to the image processing device 110.
[0111] In the above embodiment, the case where a job execution request is sent from a user terminal 120 within the company 100 to the image processing device 110 via the VPN server 210 is described. Specifically, when a job execution request is sent from the image processing device 220 located in the company 200 or from a PC 230 at the user's own desk to the image processing device 110, the VPN server 210 can create and maintain job management information, thus enabling the image processing device 110 to execute the print job.
[0112] Furthermore, in the above description, printing processing was used as an example of the processing performed by the image processing device 110, but it is not limited to this, and any processing function that the image processing device 110 has is acceptable.
[0113] In the above embodiment, processor refers to processor in a broad sense, including general-purpose processors (e.g., CPU: Central Processing Unit, etc.) or dedicated processors (e.g., GPU: Graphics Processing Unit, ASIC (Application Specific Integrated Circuit), FPGA (Field Programmable Gate Array), and programmable logic devices, etc.).
[0114] Furthermore, the actions of the processor in the above embodiments can be performed not only by a single processor, but also by a plurality of processors physically located at alternating positions. Moreover, the order of the processor's actions is not limited to the order described in the above embodiments and can be appropriately modified.
[0115] The embodiments of the present invention described above are provided for illustrative purposes. Furthermore, these embodiments do not encompass the entirety of the invention, nor do they limit the invention to the disclosed methods. It will be apparent to those skilled in the art that various modifications and variations will be readily understood. These embodiments were chosen and described to most readily explain the principles and applications of the invention. Thus, those skilled in the art can understand the invention through various modifications that are assumed to be optimized for specific uses of various embodiments. The scope of the invention is defined by the foregoing claims and their equivalents.
Claims
1. An information processing system, characterized by comprising: have: The first processor is mounted on a server connected to the local area network of the user's organization; and The second processor is mounted on an information processing device located outside the local area network. The first processor performs the following processing: When a relay includes data that is the object of processing and processing information including identification information of the processing, information determining the source of the processing request, and identification information of the information processing device that is the destination of the processing request, a processing management information is generated by establishing a corresponding association between the identification information of the processing and the identification information of the information processing device contained in the processing request information, and the information is registered in the processing management information storage unit. Based on the confirmation request regarding whether processing of the processing request information sent from the information processing device via a virtual leased line established with the information processing device can be executed, and if the group of information processing device identification information and processing identification information contained in the confirmation request is registered in the processing management information storage unit, an execution permission message indicating permission to execute the processing is replied. The second processor performs the following processing: Based on the processing request information, a confirmation request, including identification information of the information processing device and identification information of the requested processing, is sent to the server via a virtual private line established with the server to confirm whether the processing can be performed. If the server responds with execution permission information in response to the sent confirmation request, the requested processing is performed.
2. The information processing system according to claim 1, characterized in that, If the identification information of the information processing device and the group of identification information of the processing contained in the confirmation request sent from the information processing device are not registered in the processing management information storage unit, the first processor will not execute the processing.
3. The information processing system according to claim 2, characterized in that, The first processor notifies the organization's manager that it has received a confirmation request for a group that includes identification information of an information processing device not registered in the processing management information storage unit and the identification information of the processed group.
4. The information processing system according to claim 1, characterized in that, The second processor performs the following processing: Send a certificate issuance request message that includes the identification information of the information processing device and is used when connecting to the virtual leased line with the server. After obtaining the certificate from the server based on the issuance request information, the certificate is used to connect to the virtual leased line when the information processing device starts up. When the virtual private line is connected, information from sources other than the virtual private line is not received.
5. The information processing system according to claim 4, characterized in that, The first processor performs the following processing: When a certificate is issued based on the issuance request information, the certificate issued to the information processing device is associated with the identification information of the information processing device contained in the issuance request information, and registered in the issuance destination information storage unit. Certificates are issued only if the identification information of the information processing device contained in the issuance request information is not registered in the issuance destination information storage unit.
6. The information processing system according to claim 4, characterized in that, After connecting to the virtual private line, the second processor periodically sends a signal to the server indicating that the connection to the virtual private line has been established. After issuing the certificate, the first processor waits for the signal that should be sent from the information processing device.
7. The information processing system according to claim 6, characterized in that, If the signal is not sent from the information processing device within the specified period, the first processor notifies the administrator of the organization.
8. The information processing system according to claim 1, characterized in that, When the processing is performed according to the processing request, the second processor records the discrimination information in the information processing device that distinguishes whether the processing performed is based on a request via the virtual private line or on a request not made via the virtual private line.
9. The information processing system according to claim 8, characterized in that, The first processor performs the following processing: The discrimination information is obtained from the information processing device via the virtual leased line. If a request for processing by the virtual leased line has not been processed, the organization's administrators shall be notified of the situation.
10. The information processing system according to claim 9, characterized in that, If the processing performed by the information processing device is based on a processing request not made by the virtual leased line, the first processor charges for the execution of the processing.
11. The information processing system according to any one of claims 1 to 10, characterized in that, The information processing device is an image forming device lent to users belonging to the organization.
12. A server comprising a processor, connected to a local area network (LAN) of an organization to which a user belongs, and connected via a virtual private line to an information processing device located outside the LAN, characterized in that, The processor performs the following processing: When a relay includes data that is the object of processing and processing information including identification information of the processing, information determining the source of the processing request, and identification information of the information processing device that is the destination of the processing request, a processing management information is generated by establishing a corresponding association between the identification information of the processing and the identification information of the information processing device contained in the processing request information, and the information is registered in the processing management information storage unit. Based on the confirmation request for processing the processing request information sent from the information processing device via a virtual leased line established with the information processing device, if the group of information processing device identification information and processing identification information contained in the confirmation request is registered in the processing management information storage unit, an execution permission information indicating permission to execute the processing is replied.
13. An information processing apparatus comprising a processor and connected to a server and located outside the local area network of a user's organization, characterized in that, The processor performs the following processing: Based on processing request information sent to the information processing device, including data as the object of processing, identification information of the processing, information determining the source of the request, and identification information of the information processing device as the destination of the request, a confirmation request for whether the processing, including the identification information of the information processing device and the identification information of the requested processing, can be executed is sent to the server via a virtual leased line established with the server. If the server responds with execution permission information in response to the sent confirmation request, the requested processing is performed.
14. A recording medium storing a program for enabling a computer in an information processing system, which forms a server connected to a local area network (LAN) of an organization to which a user belongs, and an information processing device located outside the LAN, to perform the following functions: When the relay includes, as processing target data, processing request information transmitted to the information processing apparatus including processing identification information of the processing, information that determines a request source of the processing, and identification information of the information processing apparatus as a request destination of the processing, the processing management information is generated by associating the processing identification information included in the processing request information and the identification information of the information processing apparatus, and registered in the processing management information storage unit; and Based on the confirmation request regarding whether processing of the processing request information sent from the information processing device via a virtual leased line established with the information processing device can be executed, and if the identification information of the information processing device and the identification information of the processing contained in the confirmation request are registered in the processing management information storage unit, a function indicating permission to execute the processing is replied with execution permission information. The computer that forms the information processing device contains a program for performing the following functions: Based on the processing request information, the system sends a confirmation request to the server via a virtual private line established with the server to confirm whether the processing can be performed, including the identification information of the information processing device and the identification information of the processing requested to be performed. and If the server responds with execution permission information in response to the sent confirmation request, the requested processing function is executed.
15. An information processing method, comprising the following steps: When a relay includes data that is the object of processing and processing information that is sent to the information processing device, including the identification information of the processing, the information that determines the source of the request for the processing, and the identification information of the information processing device that is the destination of the request for the processing, the processing management information is generated by establishing a corresponding association between the identification information of the processing contained in the processing request information and the identification information of the information processing device, and is registered in the processing management information storage unit. and Based on the confirmation request regarding whether processing of the processing request information sent from the information processing device via a virtual leased line established with the information processing device can be executed, and if the identification information of the information processing device and the identification information of the processing contained in the confirmation request are registered in the processing management information storage unit, an execution permission message indicating permission to execute the processing is replied. Includes the following steps: Based on the processing request information, a confirmation request for whether the processing can be performed, including the identification information of the information processing device and the identification information of the processing requested, is sent to the server via a virtual leased line established with the server. and If the server responds with execution permission information in response to the sent confirmation request, the requested processing is performed.
16. A computer program product comprising a program for enabling a computer in an information processing system, which forms a server connected to a local area network (LAN) of an organization to which a user belongs, and an information processing device located outside the LAN, to perform the following functions: When a relay includes data that is the object of processing and processing information that includes the identification information of the processing, information that determines the source of the processing request, and identification information of the information processing device that is the destination of the processing request, the function of sending processing request information to the information processing device is to establish a corresponding association between the identification information of the processing contained in the processing request information and the identification information of the information processing device to generate processing management information and register it in the processing management information storage unit. and Based on the confirmation request regarding whether processing of the processing request information sent from the information processing device via a virtual leased line established with the information processing device can be executed, and if the identification information of the information processing device and the identification information of the processing contained in the confirmation request are registered in the processing management information storage unit, a function indicating permission to execute the processing is replied with execution permission information. Includes programs for enabling the computer forming the information processing device to perform the following functions: Based on the processing request information, the system sends a confirmation request to the server via a virtual private line established with the server to confirm whether the processing can be performed, including the identification information of the information processing device and the identification information of the processing requested to be performed. and If the server responds with execution permission information in response to the sent confirmation request, the requested processing function is executed.