JP2008129807A - Image data control system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To monitor transfer of a recording medium in which image data are recorded, and to prevent the recording medium from being brought out to the outside. <P>SOLUTION: The present invention comprises a printer 1 for outputting image data to a recording medium, a gate 5 for monitoring a plurality of control regions 4 where the recording medium in which the image data are recorded passes through, and a server 2 for controlling the image data, the printer 1, and the gate 5 in association with the control regions 4, and permitting the output of the image data if there is a correspondence between them. When the gate 5 detects the passage of the recording medium, the server 2 issues a warning at a waning level corresponding to the confidentiality level of the image data and the control region 4 where the recording medium has passed through. The warning level when the recording medium passes becomes higher from the inner control region 4 to the outer control region 4. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an image data management system that manages output of image data.

In a system in which an image processing apparatus and a management server are connected via a network, output of image data is managed in order to prevent leakage of confidential information. For example, as described in Patent Document 1, a magnetic tag is attached to a recording sheet on which image data is recorded. When the user passes through the gate of the storage room, the magnetic tag of the recording sheet is detected to check whether the user can take out the recording sheet. Thereby, in the storage room, a recording sheet on which confidential information is recorded can be freely viewed. And it is possible to prevent the recording sheet from being taken out illegally.
JP 2004-110690 A

  By the way, image data includes data including confidential information and data that does not cause a problem even if it is disclosed. As described above, the confidential levels of image data are various. If the taking-out of the recording sheet on which the image data is recorded is uniformly regulated, it is advantageous in the case of image data with a high confidentiality level because the leakage of the image data can be prevented. However, when it is desired to use a recording sheet on which image data is recorded in another room, such as in a conference, the recording sheet cannot be used when taking out is prohibited. Even in the case of image data with a low security level, taking out of a recording sheet is restricted. The user cannot freely use the printed recording sheet outside, and is inconvenient.

  SUMMARY OF THE INVENTION In view of the above, an object of the present invention is to provide an image data management system that does not inconvenience a user by restricting the taking-out of a recording sheet according to the confidential level of image data.

  The present invention manages an output device that outputs image data to a recording medium, a monitoring device that monitors a plurality of management areas through which a recording medium that records image data passes, and an image data, an output device, and a monitoring device. And a management device that manages in correspondence with the area and permits the output of image data when there is a correspondence relationship between the three parties. When the monitoring device detects the passage of the recording medium, the management device issues a warning according to the confidential level of the image data and the management area that has passed.

  The management device issues a warning when the recording medium on which the image data is recorded passes through the management area. Here, there are high and low security levels, and the management area has a management area that leads to an unmanaged area, and it may be necessary to prevent leakage of image data. Therefore, by taking different warnings depending on the security level and the management area, taking out of the recording medium on which the image data is recorded is restricted.

  The management device changes the warning level each time the recording medium passes through each management area. In other words, as you go through each management area, you gradually approach the outside and the risk of taking out increases. Therefore, the restriction on taking out of the recording medium becomes stronger by increasing the warning level as it passes through the management area.

  A warning level corresponding to each management area is set for the confidential level. The management apparatus recognizes the security level of the image data to be taken out and the management area to be passed, and determines a corresponding warning level from the set warning levels.

  A plurality of management areas form a multiple structure in which the outer management area includes the inner management area. The output device is provided in the innermost management area. Since the outer management area is closer to the outside, the management device increases the warning level as it passes through the outer management area.

  When the recording medium passes through the outermost management area, the management device regulates the passage of the recording medium. When the confidential level of image data is high, restrictions are imposed so that the image data is not taken out. Specifically, an open / close gate is provided between the outermost management area and the outside. The management device controls the opening / closing of the open / close gate according to the security level of the image data recorded on the recording medium that has passed. Therefore, when the security level is high, the open / close gate is closed, and the user cannot go outside.

  When the recording medium passes through the management area, the management device notifies the contact person according to the warning level. When the warning level is high, a contact that can immediately cope with the passage is set in the recording medium. When the warning level is low, a contact is provided that only informs that the recording medium has passed.

  A gate is provided at the entrance of the room forming the management area, and the gate serves as a monitoring device. The monitoring device notifies when the recording medium passes through the doorway. For example, the monitoring device reads an IC tag attached to an object such as a recording medium or a user passing through an entrance and detects the passage of the object. As a result, since the IC tag is detected in a non-contact manner and is notified that it has passed through the gate, the entry / exit of the recording medium can be managed.

  When outputting the image data to the recording medium, the management device causes the specific output device to output the image data. For this reason, the management apparatus sets image data that can be output in the management area, an output apparatus and a monitoring apparatus belonging to the management area, and associates the three parties. The management device permits output of image data from the output device to the recording medium when there is a correspondence relationship between the three parties, and prohibits output of image data from the output device to the recording medium when there is no correspondence relationship between the three parties. To do.

  Specifically, when the image data to be output and the output device are designated, the management device checks whether the management region to which the designated output device belongs is a management region capable of outputting image data. Whether or not the monitoring device corresponding to the management area is in an operating state is confirmed.

  If the management area to which the specified output device belongs matches the management area that can output the image data, it is positive. It is positive when the monitoring device is in the operating state, and not when it is not in the operating state. If both are positive, the management device determines that there is a correspondence, and permits the output of tooth image data. If either one is negative, it is determined that there is no correspondence, and output is prohibited.

  According to the present invention, image data is output and recorded on a recording medium in the permitted management area. This recording medium can be browsed freely in the management area. When the recording medium is taken out, it is possible to regulate the taking out of the recording medium by giving a different warning each time it passes through each management area. In particular, when the confidential level of the image data is increased, the warning level is also increased, so that the export can be more strictly regulated. As a result, it is possible to prevent the recording medium on which the image data is recorded from being taken out and to prevent leakage of the image data.

  An image data management system of this embodiment is shown in FIG. In this image data management system, a plurality of printers 1 serving as output devices that output image data to a recording medium, a server 2 serving as a storage device that stores image data, and a plurality of terminal devices 3 such as personal computers are connected to a LAN. , WAN, Internet, etc. The terminal device 3 includes a client and an administrator. The printer 1 may be an image processing apparatus that can perform copying, facsimile communication, scanning, and data communication.

  The printer 1 is installed in a management area 4 where a user can enter and exit. The management area 4 is a partitioned area having a doorway for a user to enter and exit. Multiple management areas form a multiple structure. That is, the inner management area is included in the outer management area. In FIG. 1, a triple structure is adopted. For example, the outermost management area is a building such as a building, the inner management area is a floor, and the innermost management area is a document storage room. The printer is installed in the innermost management area.

  At the entrance / exit of each management area 4, a gate 5 is provided as a monitoring device for monitoring the entry / exit of the recording medium. An open / close gate 6 is provided between the outermost management area and the outside. The gate 5 and the open / close gate 6 are connected to a network. The server 2, the printer 1, the terminal device 3, and the gates 5 and 6 communicate with each other according to a predetermined protocol.

  In response to an instruction from the terminal device 3, the printer 1 prints and outputs image data on a recording sheet. This recording sheet is a recording medium. The recording sheet has an IC tag. The IC tag is embedded in the recording sheet or attached to the surface of the recording sheet. The printer 1 includes a reader / writer that transmits and receives data to and from the IC tag. When printing and outputting image data on a recording sheet, the reader / writer writes image data and identification information about the printer 1 in the IC tag. Instead of writing the identification information on the IC tag attached to the recording sheet, the printer 1 may paste the identification tag on the recording sheet after writing the identification information on the IC tag.

  The gate 5 includes a detection unit that detects the passage of the recording sheet to which the IC tag is attached, a communication unit that communicates with the server 2 when the passage is detected, and a control unit that drives and controls them. The detection unit includes an IC tag reader that performs data communication without contact with the IC tag attached to the recording sheet, and reads identification information from the IC tag each time a user carrying the recording sheet enters and exits the gate.

  The detection unit also detects a user who passes through the doorway. The user wears an IC tag. For example, an ID card embedded with an IC tag is carried. The IC tag stores user information such as a user ID for identifying the user. The user ID is given to the registered user in this management system. When this user passes through the doorway, the detection unit reads the user information from the IC tag.

  Based on the identification information and the user information, the control unit creates passing information indicating that the user has passed the gate with a recording medium on which the image data is recorded. The communication unit transmits the passage information to the server.

  The open / close gate 6 can be freely opened and closed and is automatically closed in response to a command from the server 2. When the open / close gate 6 is closed, the user cannot pass through the open / close gate 6.

  The server 2 includes a storage unit 10, a passage recording unit 11, a warning unit 12, and a control unit 13. The storage unit 10 includes a hard disk device and stores image data such as document data. The image data is input to the server 2 from the terminal device 3 or the image processing device and is written in the storage unit 10.

  Upon receiving an image data output instruction from the terminal device 3, the control unit 13 reads the designated image data from the storage unit 10 and transmits the image data to the printer 2 designated by the terminal device 3.

  The server 2 functions as a management apparatus that manages the image data, the printer 1, and the gate 5 in association with the management area 4. That is, the control unit 13 of the server 2 sets the printer 1 and the gate 5 for the innermost management area 4 and creates a device management table as shown in FIG. The device management table is stored in the management table of the storage unit 13.

  At this time, as shown in FIG. 3, a plurality of management areas 4 are grouped into one group. An outer management area 4 is formed so as to include a plurality of groups, and each management area 4 forms a multiplex structure. The outermost management area 4 communicates with the open / close gate 6.

  For example, the A group is composed of two management areas 4. The A group includes a gate A1-1 and a printer A1-1 belonging to one management area 4, and a gate A1-2 and a printer A1-2 belonging to the other management area 4. The same applies to the B group.

  The control unit 13 sets image data that can be output to the management area 4 and creates a data management table as shown in FIG. The data management table is stored in the management table of the storage unit 10. For each image data, an administrator and a mail address as a contact address are set. For example, there are document data doc1 and doc2 as image data that can be output in the A group. These document data are output from the printers A1-1 and A1-2 in the same group, and are not output from the printers B1-1 and B1-2 in different groups. An administrator may be set for each group. The image data is stored by being divided into folders for each group.

  As described above, the image data, the printer 1, and the gate 5 are managed in association with each management area 4. Then, when outputting the image data, the control unit 13 determines whether or not there is a correspondence relationship between the three, and determines whether or not the image data can be output.

  When the image data to be output and the printer 1 are designated by the terminal device 3, the control unit 13 determines whether the group to which the designated printer 1 belongs is a group capable of outputting image data, and the printer 1 is installed. It is determined whether the gate 5 of the management area 4 being operated is in an operating state.

  If the group to which the printer 1 belongs and the group that can output image data match, the result is positive. When the gate 5 is in the operating state, it is positive. When the gate 5 is not in the operating state, it is negative. If both are positive, the control unit 13 determines that there is a correspondence, and permits output of image data. If at least one of them is negative, it is determined that there is no corresponding relationship, and output of image data is prohibited.

  When the gate 5 is not in the operating state, the gate 5 cannot detect the IC tag of the recording sheet. Therefore, by prohibiting the output of the image data, it is possible to restrict the image data from being taken out. Further, when the printer 1 in the management area 4 other than the management area 4 capable of outputting image data is designated, the image data is not output. In other words, when a third party who does not know the correspondence between the management area 4 capable of outputting image data and the printer 1 makes an output request, there is a mismatch. This can prevent output of image data due to unauthorized use.

  Upon receipt of the passage information from the gate 5, the passage recording unit 11 of the server 2 creates a passage record based on the passage information and records it in the history table. The history table is stored in the storage unit 10 or a nonvolatile memory. In the passing record, as shown in FIG. 5, the file name of the image data recorded on the recording medium, the user ID, the passing gate 5, and the passing date and time are recorded. Each time a recording medium and a user enter and exit, a passing record is created and the history table is updated.

  The passage recording unit 11 manages the current location of the recording medium. That is, according to the gate 5 that has passed, it is determined in which management area 4 the recording medium is located, or an area outside the management, that is, outside. Based on the result, the taking out flag is set. For example, when the recording medium is outside a specific management area 4, a flag being taken out is set for the management area 4. If it passes through the gate 5 of the specific management area 4 again, the recording medium is inside the management area 4. At this time, the accommodated flag is set. This location management is performed in units of management areas.

  The warning unit 12 has a function of issuing a warning when passage information is input from the gate 5. That is, the warning unit 12 issues a warning according to the security level set in advance in the image data and the management area 4 that has passed. As shown in FIG. 6, a warning table in which a warning level is set for each management area 4 with respect to the confidential level is created and stored in the management table. When the recording medium passes through the gate 5, the warning unit 12 refers to the management table and issues a warning according to the warning level.

  The confidentiality level is set to the highest, high, medium, or low in consideration of the importance of image data, security, and the like. The set security level is registered in the data management table shown in FIG. For example, a confidential document has a maximum or high confidentiality level. For image data that anyone can view, the confidentiality level is low.

  As shown in FIG. 7, the warning level is determined as highest, high, medium, or low. At the maximum, the open / close gate 6 is closed. In high, contact the security guard. Among them, the administrator determined for the image data is contacted. At low, do not contact anywhere. It can also be set whether or not to create a passage record.

  Next, the operation when outputting image data will be specifically described with reference to FIG. When the user wants to output image data, the user uses the client terminal device 3 to make an output request to the server 2. The terminal device 3 transmits the specified image data and information regarding the printer 1 to the server 2.

  The control unit 13 of the server 2 refers to the data management table and identifies a group corresponding to the designated image data. Then, with reference to the device management table, it is determined whether the group to which the printer 1 designated as the output destination belongs matches the specified group. If the coincidence is confirmed, it is next confirmed whether or not the gate 5 provided in the innermost management area 4 is in an operating state. The control unit 13 communicates with the corresponding gate 5 and confirms the response from the gate 5. When there is a response, gate 5 is in operation. In this case, the control unit 13 determines that there is a correspondence relationship between the image data, the printer 1, and the gate 5.

  Upon confirming the correspondence, the server 2 transmits the designated image data and identification information to the output destination printer 1. When the printer 1 receives the image data, the printer 1 prints the image data on a recording sheet. At this time, an IC tag is attached to the recording sheet. Identification information is written in the IC tag. For example, in the case of document data, the identification information includes information such as a file name, a group, and an administrator.

  If the designated image data is not registered in the data management table, the server 2 transmits the image data to the output destination printer 1 without confirming the correspondence relationship. The printer 1 prints image data on a recording sheet and outputs it. Identification information relating to the image data is written on the IC tag attached to the recording sheet. For this image data, it is not necessary to write identification information on the IC tag.

  When the group to which the printer 1 designated as the output destination belongs does not match the group that can output image data, or when there is no response from the gate 5 and the gate 5 is not in the operating state, the control unit 13 of the server 2 It is determined that there is no corresponding relationship. The server 2 does not transmit the image data to the designated printer 1. Then, the server 2 notifies the terminal device 3 that requested the output of the error.

  As described above, even when the user is not near the printer 1, the image data can be output from the printer 1 in the specific management area 4, and the user can hold the recording sheet on which the image data is printed. Can be put.

  By the way, in the above, when there is a request for outputting image data, the operation state of the gate 5 is confirmed to determine whether or not there is a correspondence relationship between the three. Instead, the control unit 13 of the server 2 periodically checks the operation state of the gate 5 and records an output permission flag indicating the operation state of the gate 5 in the device management table. As shown in FIG. 9, an output permission flag is set in the device management table. “OK” indicates that the gate 5 is in an operating state, and “NG” indicates that the gate 5 is not in an operating state. Each time the server 2 confirms the operating state of the gate 5 at regular intervals, the output permission flag is updated.

  When the server 2 determines the correspondence between the three parties, the operating state of the gate 5 can be confirmed by checking the device management table. As a result, it is possible to save communication time between the server 2 and the gate 5, and shorten processing time until image data is output.

  In the management area 4 where the image data can be output, the recording sheet on which the image data is recorded can be freely viewed. In some cases, the user takes out the recording sheet from the management area 4 such as using the recording sheet in another room.

  As shown in FIG. 10, when a user with a recording sheet leaves the gate 5, the detection unit of the gate 5 communicates with the IC tag of the recording sheet and the user's IC tag, and the identification information and user information are displayed. read. The control unit of the gate 5 creates passage information based on the identification information and the user information, and transmits the passage information to the server 2.

  In the server 2, the passage recording unit 11 creates a passage record based on the passage information and records it in the history table. At this time, since the number of passages of the gate 5 is 1, the take-out flag is set during take-out. Further, the warning unit 12 notifies the manager terminal device 3 that the image data has passed through the gate. In FIG. 10, S represents a recording sheet, T represents a recording sheet IC tag, and U represents a user IC tag.

  When the user having the same recording sheet returns to the management area 4, the user passes through the gate 5 again. Similar to when leaving the gate 5, the identification information and the user information are read, and the passage information is transmitted to the server 2. The passage recording unit 11 of the server 2 creates a passage record and records it in the history table. At this time, since the number of times of passage through the same gate 5 is 2, the take-out flag is set to be accommodated. Further, when entering a different management area 4 in the same group, it passes through the gate 5 of the same group, so the passing recording unit 11 sets the take-out flag to accommodated.

  Here, in the passing recording for the same recording sheet, that is, the same image data, the take-out flag based on the latest location is always set. For this reason, the carry-out flag set in the previous passing record is deleted.

  If the user enters a different management area 4 instead of the same management area 4, the recording sheet is not returned because the passing gate 5 is the gate 5 belonging to a different management area 4. For this reason, the passage recording unit 11 keeps the carry-out flag for the image data being taken out.

  When a user different from the user who took out the recording sheet comes in with the recording sheet, the passing recording unit 11 indicates that the recording sheet has returned because the recording sheet has passed the gate 5 twice. Judgment and set the take-out flag to accommodated These passing records are reported to the terminal device 3 for the manager one by one. Further, when a user who does not have a user ID holds a recording sheet and enters and exits the gate 5, the server 2 immediately issues a warning. Alternatively, the opening / closing gate 6 may be closed to restrict entry / exit.

  In this manner, since the entry / exit of the recording medium on which the image data is recorded in the management area 4 is recorded and managed each time, the current location of the recording medium becomes clear. And when a recording medium is taken out, the user who carried out can be specified and leakage of image data can be suppressed. Further, even if the whereabouts of the recording medium is lost, the movement of the recording medium can be tracked based on the passing recording. Therefore, it becomes possible to find the recording medium, which helps prevent the recording medium from being lost.

  When a user with a recording medium goes from the innermost management area 4 to the outside, the user passes through the plurality of management areas 4. At this time, the server 2 receives passage information from the gate 5 of each management area 4. The warning unit 12 identifies the image data recorded on the passed recording medium and the gate 5 of the management area, and determines the warning level based on the warning table of FIG. A warning is issued according to this warning level.

  For example, in the case of image data with the highest confidential level, every time it passes through the management area 4 toward the outside, the warning level increases to medium, high, and highest, and the content of the warning changes. Finally, when passing through the gate 5 of the outermost management area 4, the open / close gate 6 is closed. A user who has a recording medium on which the image data is recorded cannot go outside. Therefore, it is possible to prevent image data from being taken out and leak confidential information.

  In the case of image data with a high security level, every time the image data passes through the management area, the warning level increases to low, medium, and high, and the content of the warning changes. Eventually, a guard is contacted when passing through the gate 5 of the outermost management area 4. When the user goes outside through the open / close gate 6, he / she receives a check by a guard. When a recording medium on which highly confidential image data is recorded is taken out of the management area 4, the user cannot take it out without permission. Therefore, even if a third party tries to take out the recording medium, it can be prevented from taking out, and leakage of image data can be prevented.

  In the case of image data with a low security level, the warning level remains low even if it passes through the management area 4 toward the outside. That is, no one is contacted. The user can freely go outside while holding the recording medium.

  When the user enters the management area 4 with a recording medium on which image data is recorded, the warning unit 12 passes through the gate 5 according to the warning level corresponding to the confidential level of the image data. Every time you do, notify the contact information that you have decided. Therefore, the current location of the recording medium is clarified, which is useful for managing the output image data.

  FIG. 11 shows another form of image data management system. In this system, a host device 15 that manages the printer 1 and the gate 5 belonging to the management area 4 is provided. The host device 15 manages the three parties in association with the management area 4. The server 2 functions as a file server that stores image data and includes a warning unit 12.

  A plurality of management areas 4 exist, and a host device 15 is installed in each management area 4. In the management area 4, a plurality of printers 1 are installed, and a plurality of gates 5 are provided. The printer 1 and the gate 5 are communicably connected to a host device 15 composed of a personal computer. The host device 15 is connected to the network and can communicate with the server 2 and the terminal device 3. Other configurations are the same as those of the image data management system.

  The host device 15 creates a device management table for the printer 1 and the gate 5 and stores the device management table in the storage unit of the own device. Each host device 15 creates a device management table in the management area 4 to which the host device 15 belongs. For example, the host device A1-1 has a device management table shown in FIG. 12A, and the host device A1-2 has a device management table shown in FIG.

  When the host device 15 periodically checks the operation state of the gate 5, the host device 15 in each management area 4 performs device management including an output permission flag as shown in FIGS. Create a table.

  As shown in FIG. 14, the server 2 creates a host device management table related to the host device 15 in each management area 4. The host device management table is stored in the management table of the storage unit 10. The management table stores a data management table.

  Next, the operation when outputting image data in this system will be described with reference to FIG. The user uses the client terminal device 3 to make an output request to the server 2. The terminal device 3 transmits the specified image data and information regarding the printer 1 to the server 2.

  The server 2 refers to the data management table and identifies a group corresponding to the designated image data. Then, the host device 15 in each management area 4 constituting the group is inquired about the presence or absence of correspondence.

  In response to the inquiry from the server 2, the host device 15 confirms the presence of the printer 2 designated as the output destination and the operation state of the gate 5. The host device 15 refers to the device management table and checks whether the printer 1 exists. Also, it communicates with the gate 5 to check whether there is a response or to check the output permission flag of the device management table.

  When the host device 15 managing the corresponding printer 1 confirms that there is a correspondence relationship, the host device 15 replies to the server 2 that there is a correspondence relationship. On the other hand, the host device 15 that does not manage the corresponding printer 1 replies to the server 2 that there is no corresponding relationship. As a result, the correspondence between the three parties is confirmed, and the image data can be output.

  Upon receiving these responses, the server 2 transmits the designated image data and identification information to the host device 15 in the output destination management area 4. The host device 15 transmits image data and identification information to the printer 1. The printer 1 prints image data on a recording sheet and writes identification information on an IC tag.

  As described above, by providing the host device 15 as compared with the case where the server 2 performs centralized management, it is possible to easily cope with the case where the printer 1 and the gate 5 are added in the management area 4. When there are a plurality of printers 1 and gates 5 in one management area 4, the host device 15 manages them by communicating with them. When a change occurs in the management area 4 such that the printer 1 or the gate 5 increases or decreases, the host device 15 recognizes the change. And it can respond quickly by updating each table. When the gate 5 is changed, the host device 15 transmits this change information to the server 2. In the server 2, the warning table is updated according to the change of the gate 5.

  When a user with a recording sheet enters and exits the gate 5, the host device 15 creates passing information based on the identification information and user information detected by the gate 5, and transmits it to the server 2. The passage recording unit 11 of the server 2 creates a passage record and records it in the history table. Alternatively, the host device 15 creates a passage record from the passage information and transmits the passage record to the server 2. In the server 2, the passage recording unit 11 records the passage record in the history table. Then, the server 2 issues a warning according to the confidential level of the image data and the passing management area 4 in the same manner as described above.

  As a result, the host device 15 can manage the entry and exit of the recording medium in its own management area 4. And the server 2 can grasp | ascertain the present location of a recording medium correctly by managing the passage record from each host apparatus 15 collectively.

  Although the management of the location of the recording medium is performed in units of the management area 4, if the management area 4 is in the group, the same image data can be output. Therefore, the passage recording unit 11 manages the location of the recording medium in units of groups. Even if a user who has a recording medium enters / exits the management area 4 in the group, the passing recording unit 11 sets the take-out flag during accommodation. When entering the management area 4 of another group, the passing recording unit 11 sets the take-out flag during take-out.

  In addition, this invention is not limited to the said embodiment, Of course, many corrections and changes can be added to the said embodiment within the scope of the present invention. A printer or a gate may function as a management device. Then, information relating to an output management area and an output device is added to the image data. This eliminates the need for a device management table and only manages image data.

  Instead of attaching an IC tag directly to a recording sheet, a container for storing a recording sheet such as a file or case with an IC tag is used. When outputting the image data, identification information is written in the IC tag of the container, and the user can carry out the recording sheet from the management area by carrying the container.

  Further, as a form of outputting image data from the output device, a portable recording medium such as a semiconductor memory, an optical disk, or a magnetic disk is used, and the image data is recorded on the recording medium. An IC tag is attached to this recording medium. Alternatively, the image data may be recorded in a communication terminal device that can perform data communication wirelessly, such as a mobile phone or a portable information terminal. The output device outputs identification information together with the image data to the communication terminal device. In these cases, the output device is an image processing device or a terminal device such as a personal computer, a portable information terminal, or a mobile phone.

  As a monitoring device, a camera such as a CCD camera, an infrared camera, or an X-ray camera is used to monitor the entrance / exit. A substance that emits ultraviolet rays, infrared rays, X-rays, or the like is added to a recording medium for recording image data or a container in which the recording medium is placed so that other objects can be identified.

  In addition, a transmitter is attached to the recording medium, a receiver is used as a monitoring device, and radio waves emitted from the transmitter are received by the receiver to monitor entry / exit from the management area. In this case, the range in which radio waves reach becomes the management area. Therefore, an area extending over a plurality of rooms can be set as a management area instead of a room unit. Furthermore, only a partial area in the room can be set as a management area.

  As a warning due to the passage of the recording medium, the gate cannot be easily passed toward the outside. That is, when passing through the gate, the authentication information is requested to be input. As the user goes to the outside, the warning level is increased by requiring complicated authentication as the user approaches the outside, such as password input, biometric information input, and password and biometric information input. If the entered authentication information cannot be authenticated when passing through the gate, the gate is kept closed. This prevents the user from going out of the management area, thereby preventing image data leakage.

  The structure of a plurality of management areas may be a structure in which each management area is arranged. In order to go outside, it is only necessary to pass through another management area. The number of open / close gates is not limited to one, and a plurality of open / close gates may be provided.

The figure which shows schematic structure of the image data management system of this invention Figure showing the device management table Diagram showing how multiple management areas are grouped Figure showing the data management table The figure which shows the history table which records the passage record Diagram showing warning table Diagram showing warning level contents Flow chart for printing image data Figure showing another device management table The figure which shows the operation of the monitoring device with respect to the entry and exit of the user who has the record sheet The figure which shows schematic structure of the image data management system of another form. The figure which shows the apparatus management table which each host apparatus installed in a different management area | region has. The figure which shows the other apparatus management table which each host apparatus installed in a different management area | region has. Figure showing the host device management table The figure which shows the communication procedure when outputting image data

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Printer 2 Server 3 Terminal apparatus 4 Management area 5 Gate 6 Opening / closing gate 10 Storage part 11 Passing recording part 12 Warning part 13 Control part 15 Host apparatus

Claims (11)

An output device that outputs image data to a recording medium, a monitoring device that monitors a plurality of management areas through which the recording medium on which image data is recorded, and an image data, output device, and monitoring device are associated with the management area. And a management device that permits output of image data when there is a correspondence relationship between the three parties, and when the monitoring device detects the passage of the recording medium, the management device An image data management system which performs warning according to a management area. 2. The image data management system according to claim 1, wherein the management device changes the warning level every time the recording medium passes through each management area. 3. The image data management system according to claim 2, wherein a warning level corresponding to each management area is set for the confidential level. The multiple management areas form a multiple structure in which the outer management area includes the inner management area, and the management device increases the warning level as it passes through the outer management area. 2. The image data management system according to 2. 5. The image data management system according to claim 4, wherein when the recording medium passes through the outermost management area, the management device regulates passage of the recording medium. An opening / closing gate is provided between the outermost management area and the outside, and the management device controls opening / closing of the opening / closing gate according to the confidential level of the image data recorded on the recording medium that has passed. The image data management system according to claim 5. 5. The image data management system according to claim 4, wherein the output device is provided in an innermost management area. 3. The image data management system according to claim 2, wherein when the recording medium passes through the management area, the management device reports to a contact according to the warning level. 2. The image data management system according to claim 1, wherein a gate is provided at a doorway of a room forming a management area, and the gate serves as a monitoring device, and the monitoring device notifies when a recording medium passes through the doorway. . The image data management system according to claim 9, wherein the monitoring device reads an IC tag attached to an object passing through an entrance and detects the passage of the object. The management device associates the three parties by setting image data that can be output in the management region, and the output devices and monitoring devices belonging to the management region, and records from the output device when there is a correspondence relationship between the three parties. 11. The image data output to a medium is permitted, and when there is no correspondence between the three, the output of image data from the output device to the recording medium is prohibited. Image data management system.

Images