JP2007328491A - Server, multi function peripheral and user authentication method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a server, a multi function peripheral and a user authentication method for authenticating a user from any server on a network even when no exclusive server for managing user information is present. <P>SOLUTION: The server is provided with: a use history recording means for recording the use history of a user; a characteristics analyzing means for analyzing the characteristics of a user from the use history recorded in the use history storage means; a question preparation means for preparing a question to the user based on the analysis result of the characteristics analyzing means; a transmission part for transmitting a question prepared by the question preparation means; a reception part for receiving an answer to the question; an answer collation means for collating the answer; and an authentication means authenticating the user based on the result of collation from the answer collation means. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a server, a composite multifunction terminal, and a user authentication method.

  In recent years, with the spread of computers, the digitization of all documents is progressing. Document creation software such as a word processor is used, and files are created electronically and stored on the hard disk. In an environment such as an enterprise, servers are often connected via a network, and a large number of document files are often shared among a plurality of users.

  In general, a multi-function terminal (hereinafter referred to as MFP) includes an input unit such as a scanner and a fax machine and an output unit such as a printer, and prints input data such as documents and images by performing data processing. Has function. In recent years, MFPs are connected via a network, and have a document sharing system function that allows multiple users to share documents and image files recorded on a mass storage device such as a hard disk of a server that cooperates with the MFP. Has been put to practical use.

  As described above, in an MFP having a document sharing system function, a plurality of users access information recorded in the MFP. Therefore, from the viewpoint of security, the MFP is provided with a user registration / authentication function so that the device cannot be used unless it is authenticated. Products are provided. In these products, user authentication is generally performed using a password input from a panel, but recently, a product that provides a biometric authentication device such as a fingerprint and performs high-security user authentication is also provided.

  On the other hand, in a company, for example, a plurality of MFPs are connected to an in-house network, and the MFPs are used in cooperation. In such an environment, there is a demand for a function that allows the user to log in to the MFP at the business trip destination, retrieve the document from the MFP of his / her department that stores his / her document, and operate the MFP at the business trip destination. ing.

  In order to solve such a problem, a method has been proposed in which an authentication server on the network is provided with a user registration / authentication function so that the MFP cannot be accessed without approval from the authentication server (for example, Patent Document 1). reference).

  However, if the MFP in its own department is a product equipped with a biometric authentication device, and the MFP for business trips does not have a biometric authentication device even if it is logging in with high security by biometric authentication in its own department, In many cases, it is necessary to log in with an alternative authentication method. In that case, there are cases where authentication must be performed by a method with a low security level such as a password method, which is not preferable in terms of security. For this reason, when the security administrator authenticates using the password method, the functions and data that can be used by the MFP may be restricted, and the functions that the user wants to use may not be used or the desired data may not be accessed.

On the other hand, in an information terminal device having a personal information management function such as a mobile phone and a PDA (Personal Digital Assistants) as an authentication method having higher security than the password method, a question about the user based on the personal information stored in the information terminal device A method for authenticating a user who has answered the questions correctly as a valid user has been proposed (see, for example, Patent Document 2).
JP 2004-86765 A JP 2006-11959 A

  However, the method disclosed in Patent Document 2 has a problem that registration of personal information for authentication is necessary in advance, and registration takes time. In particular, in an office device such as an MFP, since personal information must be sufficiently managed so as not to leak, it is not preferable to register personal information.

  The present invention has been made in view of the above problems, and provides a server, a composite multifunction terminal, and a user authentication method capable of performing high-security user authentication without registering information for authentication in advance. The purpose is to provide.

  The object of the present invention can be achieved by the following constitution.

1. Usage history recording means for recording user usage history;
Feature analysis means for analyzing user characteristics from the usage history recorded in the usage history recording means;
Question creation means for creating a question for the user based on the analysis result of the feature analysis means;
A transmitter for transmitting the question created by the question creating means;
A receiver for receiving an answer to the question;
An answer matching means for matching the answers;
Authentication means for authenticating a user based on the result of the verification by the answer verification means;
The server characterized by having.

  2. The feature analysis unit analyzes the user's feature from the latest usage history recorded in the usage history recording unit every time the user is authenticated, and the question creating unit is based on the analysis result of the feature analysis unit, 2. The server according to 1, wherein a question for a user is created.

  3. As a result of checking the answer by the answer checking means, when the authentication means cannot authenticate the user, the authentication means allows the user to input the answer to the question to the input means up to a predetermined number of times. The server according to 1 or 2.

  4). The feature analysis unit analyzes the item that shows the most feature from the record of the use history recording unit, and the question creation unit relates to the item that shows the most feature based on the analysis result of the feature analysis unit. 4. The server according to any one of 1 to 3, wherein a question is created.

5). The item that shows the most characteristic is the function of the server most frequently used by the user,
5. The server according to claim 4, wherein the feature analysis unit analyzes a function used most frequently from the function used by the user and the number of times recorded in the use history recording unit.

6). The server has a display unit on which a user can set a screen,
The item showing the most characteristic is the screen setting of the display unit set by the user,
5. The server according to claim 4, wherein the feature analysis unit analyzes a screen setting of the display unit set by the user recorded in the use history recording unit.

7). The most characteristic item is data operated by the user,
5. The server according to 4, wherein the feature analysis unit analyzes data operated by a user recorded in the use history recording unit.

  A composite multifunction terminal comprising the server according to any one of 8.1 to 7.

9. A usage history recording process for recording user usage history;
A feature analysis step of analyzing user features from the usage history recorded in the usage history recording step;
A question creation process for creating questions for users;
A transmission step of transmitting the question created in the question creation step;
A receiving step of receiving an answer to the question;
An answer matching step for matching the answers;
An authentication process for authenticating a user based on a result of the answer verification process;
A user authentication method comprising:

  According to the present invention, since a question for user authentication is created from the use history, a server, a composite multifunction terminal, capable of performing high-security user authentication without registering information for authentication in advance, A user authentication method can be provided.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  First, a first embodiment of the present invention will be described with reference to FIG.

  FIG. 1 is a block diagram showing an example of the overall configuration of a server system according to an embodiment of the present invention.

  The MFP 100 is a composite multifunction terminal, and includes an image input unit 2, a server 1, and an output unit 3. The first MFP 100a, the second MFP 100b, and the third MFP 100c are complex multifunction terminals having the same functions as the MFP 100, and the first, second, and third are added in front of the MFP for distinction, and the component numbers are a, b, or A distinction is made by attaching c. Further, the same constituent elements constituting the first MFP 100a, the second MFP 100b, and the third MFP 100c are assigned the same numbers, and a, b, or c are added to the constituent element numbers for distinction. In the present embodiment, it is assumed that the first MFP 100a and the second MFP 100b are installed in the same office A, and the third MFP 100c is installed in another office B.

  The image input unit 2 is, for example, a scanner that inputs a document or image, and the output unit 3 is, for example, a printer that prints a document or image. The server 1 has an input unit 18 where a user performs key input and button operation, and controls the entire MFP 100 by communicating with the image input unit 2 and the output unit 3. The input unit 18 also includes a touch panel provided on the screen of the display unit 19 and can perform various operations by touching icons such as buttons displayed on the screen.

  In addition, the server 1 has communication means (not shown) that performs communication using, for example, Ethernet (registered trademark) or a telephone line, and has other communication functions via a network 5 including a router and a hub (not shown). Has the function to communicate with. The network 5 may be a LAN (Local Area Network) or the Internet.

  Further, the server 1 has a function of storing document and image data, converting the data into output data in a predetermined format, and outputting the data to the output unit 3.

  Input of document or image data may be data transmitted from the internal image input unit 2 or data transmitted from another device on the network 5. For example, data is transmitted from the external client terminal 20 or the second MFP 100b to the first MFP 100a. The server 1 also has a function of sharing data files with other MFPs on the network 5.

  The server 1 will be described in detail later.

  The biometric authentication device 4 reads an individual's fingerprint or iris and transmits the fingerprint data or iris data to the server 1. In FIG. 1, the biometric authentication device 4a is connected to the first MFP 100a, and the biometric authentication device 4b is connected to the second MFP 100b. In the present embodiment, an example in which the biometric authentication device 4 is separate from the MFP 100 will be described. However, the present invention is not limited to this example, and the biometric authentication device 4 may be incorporated in the MFP 100.

  The client terminal 20 is a personal computer including, for example, a keyboard, a mouse, and a display (not shown). The client terminal 20 logs in to the server 1 on the network and receives data such as documents, images, and sounds in the server. You can view and edit. In addition, data such as documents, images, and sounds created by the client terminal 20 can be stored in the server 1 or output from the output unit 3.

  The client terminal 20 transmits / receives data to / from the first MFP 100a via the network 5, for example. The network 5 may be a LAN (Local Area Network) or the Internet.

  FIG. 2 is a block diagram showing an example of the internal configuration of the server 1 according to the embodiment of the present invention.

  The server 1 includes a CPU 11 that controls the entire MFP 100, an input unit 18 that allows a user to input to the server 1 and perform various operations using operation buttons and keys, a transmission unit 24 that performs communication using Ethernet (registered trademark), and a reception unit 25. The communication unit 10 provided, a display unit 19 for displaying images and characters, and a storage unit 13 including a RAM (Random Access Memory), a ROM (Read Only Memory), a HDD (Hard Disk Drive), and the like (not shown). I have.

  The storage unit 13 stores, for example, an OS (Operating System), a program for recording printer data, an application, a printer driver, and the like, and the CPU 11 executes these programs. The storage unit 13 includes a data storage unit 15 that stores various data such as documents and images, a usage history storage unit 16 that stores user usage history, and an authentication data storage unit 17 that stores user authentication data such as fingerprints and passwords. ing.

  The usage history storage unit 16 is a usage history storage means of the present invention.

  The CPU 11 includes an authentication unit 22 that authenticates a user and a question creation unit 31 that creates a question for authenticating the user. The authentication unit 22 includes a fingerprint collation unit 35 that collates the user's fingerprint at the time of authentication, a password collation unit 36 that collates the user's password, and an answer collation unit 37 that collates the user's answer to the question created by the question creation unit 31. I have. The question creation unit 31 includes a feature analysis unit 32 that analyzes user features from the user usage history stored in the usage history storage unit 16.

  The authentication unit 22 is an authentication unit of the present invention, the answer collation unit 37 is an answer collation unit of the present invention, the question creation unit 31 is a question creation unit of the present invention, and the feature analysis unit 32 is a feature analysis unit of the present invention.

  Next, user information registration and management of the MFP 100 will be described.

  In order to use MFP 100, user registration in MFP 100 is required. The information registered by the user includes, for example, a user name and user ID, a password, an MFP ID, fingerprint data, and the like. The MFP ID is information for identifying the server, and a unique ID is assigned so that the server 1 can be identified. When the biometric authentication device 4 is not connected to the MFP 100, biometric authentication data such as fingerprint data is not registered.

  As an example, in this embodiment, the MFP ID of the server 1a is “01”, the MFP ID of the server 1b is “02”, and the MFP ID of the server 1c is “03”.

  For example, the user operates the input unit 18 at the time of initial setting, inputs such information, and registers as a user. Note that when the user is registered by operating the input unit 18, the MFP ID is clear and the user does not necessarily need to input.

  Information input by the user is registered in the authentication data storage unit 17 by the CPU 11.

  FIG. 3 is a flowchart illustrating a procedure for authenticating a user in the first embodiment.

  S100: This is a step in which the user inputs user information and MFPID.

  The user operates the input unit 18 to input user information (for example, user ID and password) and the MFP ID of the server 1 registered by the user (step S100). For ease of understanding, the following description will be given assuming that the user performs an input operation on the third MFP 100c, for example, but it is needless to say that the present invention is not limited to this.

  S101: This is a step of determining whether or not the MFP ID input by the user matches the MFP ID of the server 1.

  The authentication unit 22 determines whether the MFP ID input by the user matches the MFP ID of the server 1.

  When the MFP ID input by the user matches the MFP ID of the server 1, that is, when the user inputs “03” as the MFP ID (step S101; Yes), the process proceeds to step S102.

  S102: This is a step of determining whether or not the user information input by the user (biological data such as user ID, password, or fingerprint data) matches the information registered in the authentication data storage unit 17.

  The authentication unit 22 refers to the authentication data storage unit 17 and collates whether corresponding user information is registered (step S102).

  S103: A step of determining whether or not user authentication is possible.

  As a result of the collation in step S102, the authentication unit 22 determines that user authentication is possible (step S103; Yes), and proceeds to step 121.

  S121: This is a step of permitting the user to log in.

  The server 1a permits the user to log in.

  As a result of the collation in step S102, the authentication unit 22 determines that user authentication is not possible (step S103; No), and proceeds to step 120.

  S120: This is a step of notifying that the user cannot be authenticated.

  The server 1a displays on the display unit 19 that the user authentication is not possible.

  S105: A step of determining whether or not a server with the MFP ID input by the user exists.

  The authentication unit 22 refers to the authentication data storage unit 17 and determines whether the MFP ID input by the user exists.

  If the MFP ID input by the user does not exist, it is determined that the input is invalid (step S105; No), and the process ends.

  If the MFP ID input by the user exists (step S105; Yes), the process proceeds to step S106.

  For ease of understanding, the following description will be given assuming that, for example, the user is a user registered in the first MFP 100a and the user inputs '01' as the MFP ID to the third MFP 100c. However, the present invention is not limited to this. Needless to say. In addition, since the biometric authentication device 4 is not connected to the third MFP 100c, it is assumed in this flowchart that authentication cannot be performed by comparing fingerprints. Note that this flowchart is a procedure of the third MFP 100c operated by the user, and the authentication procedure performed by the first MFP 100a will be described in detail separately.

  S106: This is a step of requesting authentication from the server of the MFP ID input by the user.

  The authentication unit 22 transmits the user information (user ID and password) input by the user from the transmission unit 24 to the server 1a having the MFP ID '01' input by the user, and requests authentication.

  S107: The server 1a returns whether or not the user information (user ID, password) matches the user information registered in the server 1a, and the server 1c is a step of determining the result.

  If the user information (user ID, password) does not match the user information registered in the server 1a (step S107; No), the process proceeds to step S120.

  If the user information (user ID, password) matches the user information registered in the server 1a (step S107; Yes), the process proceeds to step S108.

  S108: Since the server 1a creates a question for user authentication, this is a step in which the user inputs whether or not to print the question on the server 1c.

  When the user instructs printing (step S108; Yes), the process proceeds to step S130.

  S130: This is a step of printing a question.

  The server 1c prints and outputs the received data from the output unit 3c.

  If the user instructs not to print (No at Step S108), the process proceeds to Step S109.

  The user can operate the server 1a in which the user is registered in advance and print a question for authentication. Therefore, when the user has the pre-printed question and answer sheet 80, the user selects not to print. .

  S109: This is a step of inputting the user's answer to the question.

  The user inputs a sheet on which an answer to the question is written from the image input unit 2c. The image input unit 2c reads the input paper and converts it into image data.

  S110: This is a step of transmitting answer data.

  The server 1c transmits response data from the transmission unit 24 to the server 1a.

  S111: This is a step of determining the authentication result returned from the server 1a.

When the user authentication result returned from the server 1a is authentication approval (step S111; Yes), the process proceeds to step S121.
.

  When the user authentication result returned from the server 1a is not authenticated (step S111; No), the process proceeds to step S120.

  S120: This is a step of notifying that the user cannot be authenticated.

  The server 1c displays on the display unit 19 that the user authentication is not possible.

  S121: This is a step of permitting the user to log in.

  The server 1c permits the user to log in.

  As described above, in this embodiment, when the user inputs his / her ID and password to the server 1c other than the server 1a registered as a user, the server 1a transmits a question about the user, and if the server 1a correctly answers this, the server 1a Authenticate. By doing in this way, authentication with higher security than the password authentication method can be performed.

  Next, a procedure for authenticating the user will be described in detail.

  FIG. 4 is a flowchart for explaining the procedure of a subroutine for authenticating the user in the embodiment of the present invention.

  S301: This is a step of determining whether or not there is fingerprint data in the data requested for authentication.

  The authentication unit 22 determines whether there is fingerprint data in the data requested for authentication. In the present embodiment, fingerprint data will be described as an example of biometric authentication data. However, the present invention is not limited to fingerprint data, and may be iris data, palm print data, or the like.

If there is fingerprint data (step S301; Yes), the process proceeds to step S302.
. Since biometric authentication using fingerprint data or the like is an authentication method with high security, if fingerprint data is included in the requested authentication data, authentication is performed using only fingerprint data.

  S302: This is a step of collating the fingerprint data requested for authentication with the registered fingerprint data.

  The fingerprint collation unit 35 collates the fingerprint data requested for authentication with the fingerprint data stored in the authentication data storage unit 17.

  S303: This is a step of authenticating the fingerprint data requested for authentication.

  The authentication unit 22 determines whether authentication is possible or not based on the result of the fingerprint collation unit 35 collation.

If authentication is possible (step S303; Yes), the process proceeds to step S331.
.

  S331 is a step of notifying that authentication is possible.

  The authentication unit 22 notifies the server 1 that has been requested to authenticate that authentication is possible, and returns to the original routine.

When authentication is impossible (step S303; No), the process proceeds to step S330.
.

  S330: This is a step of notifying that authentication is impossible.

  The authentication unit 22 notifies the server 1 that has been requested to authenticate that authentication is impossible, and returns to the original routine.

  If there is no fingerprint data (step S301; No), the process proceeds to step S310.

  S310: It is determined whether or not the user ID and password of the data requested for authentication are correct.

  The password verification unit 36 compares the user ID and password of the data requested for authentication with the data stored in the authentication data storage unit 17, and the authentication unit 22 determines that the user ID and password are correct based on the result. Or not.

  If the user ID and password are correct (step S310; Yes), the process proceeds to step S311.

  S311: A step of analyzing the characteristics of the user specified by the user ID.

  The user feature analysis unit 32 analyzes user features from the user usage history stored in the usage history storage unit 16.

  User characteristics analyzed from user usage history include frequently used functions (for example, print, document box, fax, etc.), regularity of file naming, recently created or deleted files, destination for sending files, printed files File name.

  S312: A step of creating a question for authenticating the user.

  The question creation unit 31 creates a question about the user based on the analysis result of the user feature analysis unit 32.

  S313: This is a step of transmitting question data to the server 1 requested to be authenticated.

  The question creating unit 31 converts the created question into image data for printing, and transmits the image data to the server 1c requested to be authenticated. The server 1c prints and outputs the received image data with the output unit 3c.

  Here, an example of the question / answer sheet 80 output in step S313 will be described with reference to FIGS.

  FIG. 5 shows an example of a question / answer sheet 80a on which a question about a file name created by the user is described.

  The user feature analysis unit 32 analyzes the file name of the file created by the user stored in the usage history storage unit 16, and the question creation unit 31 actually creates a combination of the first word to the fifth word. A question sheet / answer sheet 80a for making the user answer the file name is created.

  In the question / answer sheet 80a, 81a to 81h are the first word, 82a to 82c are the second word, 83a to 83h are the third word, 84a to 84h are the fourth word, and 85a to 85h are the fifth word.

  For example, if the actual file name is XX product-plan 060203, the answer may be 81a and 82a, 82a and 83c, 83c and 84c, and 84c and 85f.

  FIG. 6 is an example of a question / answer sheet 80b on which a question regarding a file name recently deleted by the user is described.

  The user feature analysis unit 32 analyzes the file name of the file deleted by the user stored in the usage history storage unit 16, and the question creation unit 31 enters a check in the check box of the actually created file name. The question and answer sheet 80b to be created is created.

  Reference numerals 91a to 91h are check boxes. The user enters a check in the correct file name.

  FIG. 7 shows an example of a question / answer sheet 80c on which a question regarding a file name recently created by the user is described.

  The user feature analysis unit 32 analyzes the file created by the user stored in the usage history storage unit 16, and the question creation unit 31 asks and answers a question sheet / answer sheet 80c in which the user enters the order of the actually created file. Create

  The user enters the order of file creation in 92a to 92h.

  FIG. 8 is an example of a question / answer sheet 80d on which a question about a file name that the user has recently transmitted is described.

  The user feature analysis unit 32 analyzes the file transmitted by the user stored in the usage history storage unit 16, and the question creation unit 31 also functions as a question sheet for actually transmitting the file and checking the person's check box 93. An answer sheet 80c is created.

  The user enters the order of file creation in 93a to 93h.

  FIG. 9 is an example of a question / answer sheet 80e on which a question regarding the screen setting of the display unit 19 set by the user is described.

  For example, when transmitting a fax or mail, the MFP 1 displays a button 72 preset by the user for each transmission destination on the display unit 19. The display unit 19 of the question / answer sheet 80e shows a state in which the button 72 preset by the user is displayed on the display unit 19. In FIG. 9, the department name of the general affairs department is displayed only on the button 72a, but actually the department names set by the user are also displayed on the other buttons.

  When the user presses the button 72, the MFP 1 transmits to the transmission destination set in the button 72. The setting of the button 72 is a button setting unique to each user because each user assigns the buttons 72 so that they are easy to use. In addition, since a unique screen is displayed for each logged-in user, there is little possibility that others will know the screen settings. Therefore, the question regarding the screen setting of the display unit 19 is a question that is difficult to answer except for the user.

  The user feature analysis unit 32 analyzes the screen settings of the display unit 19 set by the user stored in the use history storage unit 16, and the question creation unit 31 actually sets each button 72 of the display unit 19 to which department A question and answer sheet 80c is written to enter whether or not it is set.

  Table A is a table for entering answers, and the user enters the button number corresponding to the department name in Table A.

  As described above, the characteristics are analyzed from the user's MFP usage history, and a question that is difficult to know except for the user is created. At the time of creating a question, the user feature analysis unit 32 analyzes the function most frequently used from the functions used by the user and the number of times recorded in the use history storage unit 16, and the question creation unit 31 analyzes the user feature analysis unit 32. Create questions about the most frequently used features based on the results. For example, if the user frequently sends a fax using the button 72, a question regarding the screen setting of the display unit 19 set by the user described with reference to FIG. 9 is created.

  S314: This is a step of waiting for the user's answer.

  The answer collating unit 36 waits for a predetermined time until the answer data is received. It is determined whether or not the received answer data is data in which a user's answer to the question output in step S313 is input.

  If it is not answer data (step S314; No), the process returns to step S314.

  If it is not answer data, the answer collating unit 36 stands by until answer data is input.

  In the case of answer data (step S314; Yes), the process proceeds to step S315.

  S315: This is a step of analyzing the contents of the answer data.

  The answer collating unit 36 analyzes the contents of the answer data.

  S316: This is a step of determining whether or not the question is valid.

  The answer collating unit 36 determines whether or not the question included in the answer data is a question actually output by the MFP 1 within the expiration date.

  If the question is not valid (step S316; No), the process proceeds to step S330.

  S330: This is a step of notifying that authentication is impossible.

  The authentication unit 22 notifies the server 1 that has been requested to authenticate that authentication is impossible, and returns to the original routine.

  If the question is valid (step S316; Yes), the process proceeds to step S317.

  S317: This is a step of determining whether or not the number of answers is within the limit range.

  The answer matching unit 36 determines whether the number of answers to the same question is within the limit range. For example, the limit range is two, and the third response is not accepted.

  If the number of answers is not within the limit range (step S317; No), the process proceeds to step S330.

  S330: This is a step of notifying that authentication is impossible.

  The authentication unit 22 notifies the server 1 that has been requested to authenticate that authentication is impossible, and returns to the original routine.

  When the number of answers is within the limit range (step S317; Yes), the process proceeds to step S318.

  S318: This is a step of collating answers.

  The answer collating unit 36 collates the answer entered on the question and answer sheet 80 with the correct answer.

  S319: This is a step of determining the answer result.

  The authentication unit 22 determines an answer based on the collation result of the answer collation unit 36.

  If the answer is not correct (step S319; No), the process proceeds to step S320.

  S320: This is a step for requesting re-input of the answer.

  The authentication unit 22 notifies the server 1 that requested the authentication to re-input the answer, and the process returns to step S314. In this way, if the number of responses is within the limit range, the response can be made again. Therefore, in the case of a simple mistake, it can be corrected immediately and authentication can be requested again.

  If the answer is correct (step S319; Yes), the process proceeds to step S331.

  S331: This is a step of notifying that authentication is possible.

  The authentication unit 22 notifies the server 1 that requested authentication that the authentication is possible, and returns to the original routine.

  FIG. 10 is a flowchart illustrating a procedure for authenticating a user in the second embodiment.

  The difference from the flowchart of the first embodiment described with reference to FIG. 3 is that a question is displayed on the display unit 16 without printing, and an answer is also made by operating the input unit 18. The description of FIG. 10 will be made from the case of step S107; Yes. Steps having the same contents are given the same numbers, and description thereof is omitted.

  When the user information (user ID, password) matches the user information registered in the server 1a (step S107; Yes), the process proceeds to step S140.

  S140: This is a step of displaying a question.

  The server 1c displays the received data on the display unit 19. The question data may be, for example, image data of a question / answer sheet 80e, or may be character data.

  S141: This is a step of inputting the user's answer to the question.

  The user inputs an answer to the question from the input unit 18. For example, the answer may be input from the touch panel of the input unit 18 or may be performed by key operation of the input unit 18.

  Since step S110 and subsequent steps are the same as those in FIG. 3, description thereof is omitted.

  As described above, according to the present invention, since a question for user authentication is created from the use history, a server capable of high security user authentication without registering information for authentication in advance, A composite multifunction terminal and a user authentication method can be provided.

It is a block diagram which shows an example of the whole structure of the server system concerning embodiment of this invention. It is a block diagram which shows an example of the internal structure of the server 1 concerning embodiment of this invention. It is a flowchart explaining the procedure which authenticates the user in 1st Embodiment. 4 is a flowchart illustrating a procedure of a subroutine for authenticating a user in the embodiment of the present invention. It is an example of a question and answer sheet 80a on which a question about a file name created by a user is described. It is an example of a question sheet / answer sheet 80b on which a question regarding a file name recently deleted by a user is described. It is an example of a question and answer sheet 80c on which a question regarding a file name that has been recently created by a user is described. It is an example of a question and answer sheet 80d in which a question regarding a file name that has been recently transmitted by the user is described. It is an example of a question and answer sheet 80e on which a question about the screen setting of the display unit 19 set by the user is described. It is a flowchart explaining the procedure which authenticates the user in 2nd Embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Server 2 Image input part 3 Output part 4 Biometric authentication device 5 Network 10 Communication part 11 CPU
DESCRIPTION OF SYMBOLS 13 Memory | storage part 17 Authentication data memory | storage part 19 Display part 22 Authentication part 35 Fingerprint collation part 36 Password collation part 37 Reply collation part 100 MFP

Claims (9)

Usage history recording means for recording user usage history;
Feature analysis means for analyzing user characteristics from the usage history recorded in the usage history recording means;
Question creation means for creating a question for the user based on the analysis result of the feature analysis means;
A transmitter for transmitting the question created by the question creating means;
A receiver for receiving an answer to the question;
An answer matching means for matching the answers;
Authentication means for authenticating a user based on the result of the verification by the answer verification means;
The server characterized by having. The feature analysis means analyzes the user's characteristics from the latest usage history recorded in the usage history recording means every time the user is authenticated, and the question creating means is based on the analysis result of the feature analysis means, The server according to claim 1, wherein a question for the user is created. As a result of checking the answer by the answer checking means, when the authentication means cannot authenticate the user, the authentication means allows the user to input the answer to the question to the input means up to a predetermined number of times. The server according to claim 1 or 2. The feature analysis unit analyzes the item that shows the most feature from the record of the use history recording unit, and the question creation unit relates to the item that shows the most feature based on the analysis result of the feature analysis unit. The server according to any one of claims 1 to 3, wherein a question is created. The item that shows the most characteristic is the function of the server most frequently used by the user,
The server according to claim 4, wherein the feature analysis unit analyzes a function used most frequently from a function used by the user and the number of times recorded in the use history recording unit. The server has a display unit on which a user can set a screen,
The item showing the most characteristic is the screen setting of the display unit set by the user,
The server according to claim 4, wherein the feature analysis unit analyzes the screen setting of the display unit set by the user recorded in the use history recording unit. The most characteristic item is data operated by the user,
The server according to claim 4, wherein the feature analysis unit analyzes data operated by a user recorded in the use history recording unit. A composite multifunction terminal comprising the server according to claim 1. A usage history recording process for recording user usage history;
A feature analysis step of analyzing user features from the usage history recorded in the usage history recording step;
A question creation process for creating questions for users;
A transmission step of transmitting the question created in the question creation step;
A receiving step of receiving an answer to the question;
An answer matching step for matching the answers;
An authentication process for authenticating a user based on a result of the answer verification process;
A user authentication method comprising:

Images