JP2012124898A - Print system, printer, printing instruction device, and program used in the print system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To safely output data while maintaining confidentiality without registering a public key taken out from a printer, a client PC, or the like to an LDAP server.SOLUTION: A print system according to an embodiment of this invention determines if an identification information and a password which are input to a printer are proper based on information stored in the printer in advance. If the identification information and the password are proper, the print system creates a user certificate, which includes a secret key and is encrypted, and a public key of a device certificate. The print system requests inputs of the identification information and the password by recognizing that the created user certificate and the public key are directly received from the printer connected through a network cable. A printing instruction device stores the user certificate and the public key of the device certificate in the printing instruction device when the identification information and the password are input.

Description

  Embodiments described herein relate generally to a print system, a printer, a print instruction apparatus, and a program used in the print system.

  When the printer securely outputs the print data while keeping the secret of the print data, it is pre-registered in an LDAP server (Lightweight Directory Access Protocol Server). When printing by the user, the client PC obtains the printer public key from the LDAP server. The client PC encrypts the print data using the acquired public key, and adds a digital signature to the print data using a secret key created in advance. The client PC transmits the encrypted and digitally signed print data to the printer. When the printer receives the encrypted print data, it temporarily stores it in a predetermined storage area inside the printer. The printer acquires the public key of the user who logged in from the LDAP server when the login process can be recognized by the user with a password or the like. In addition, the printer uses the public key acquired from the LDP server to decrypt the digital signature and perform signature verification. If the printer determines that the signature verification is proper, the printer decrypts the print data using the printer private key with respect to the encrypted print data transmitted from the client PC. The printer outputs the decrypted print data.

  However, there is a problem that the public key has to be taken out from a printer or client PC and registered in the LDAP server.

JP 2005-33480 A

  The problem to be solved by the embodiment of the present invention is to extract a public key from a printer, a client PC, etc., and register it in the LDAP server and output it safely while keeping the secret.

  In order to solve the above problems, the printing system according to the embodiment of the present invention determines whether the identification information and the password input to the printer are appropriate based on information stored in advance on the printer side, When the password is appropriate, an encrypted user certificate including a private key is created, and a public key of a device certificate is created. The created user certificate and the public key are connected with a network cable. Requesting input of the identification information and the password by recognizing that it has been received directly from the connected printer or by recognizing the connection of the created user certificate and the auxiliary storage device storing the public key When the identification information and the password are input, the print instruction device sends the user certificate to the print instruction device. Characterized in that it saves the public key of the device certificate.

It is a lineblock diagram showing the whole system in an embodiment. It is a block diagram which shows the hardware constitutions of client PC in embodiment. FIG. 2 is a block diagram illustrating a hardware configuration of a printer in the embodiment. 4 is a flowchart of a client PC regarding registration of a user certificate via a network according to the first embodiment. 6 is a flowchart of a printer relating to registration of a user certificate via a network according to the first embodiment. 6 is a flowchart of a client PC regarding print output processing according to the first embodiment. 3 is a flowchart of a printer regarding print output processing according to the first embodiment. 10 is a flowchart of a printer relating to registration of a user certificate using a USB memory according to the second embodiment. 10 is a flowchart of a client PC regarding registration of a user certificate using a USB memory according to the second embodiment.

(First embodiment)
Hereinafter, a first embodiment will be described with reference to the accompanying drawings.

  FIG. 1 is a configuration diagram showing the entire system in the first embodiment. A plurality of client PCs (personal computers) 1 and one printer 2 are connected by a network cable 3. The client PC 1 is also a print instruction device. The network cable 3 is a secure path.

  FIG. 2 is a block diagram showing a hardware configuration of the client PC in the first embodiment. The client PC 1 temporarily stores a CPU (Central Control Unit) 11 of a client PC that is a client PC controller, a ROM (Read Only Memory) 12 that stores various programs, and various variable data and image data. And an external interface (external I / F) 14 for inputting data from the outside via the network cable 3 and outputting data to the outside. . The client PC 1 is connected to a display 15 for displaying various information, a display control circuit 16 connected to the display 15, and a keyboard 17 and a keyboard 17 that are input devices for inputting various data. A keyboard control circuit 18 and the like are included. Further, the client PC 1 has a bus 19, and the CPU 11 of the client PC is connected to the ROM 12, RAM 13, external I / F 14, display control circuit 16 and keyboard control circuit 18 via the bus 19. Hereinafter, the CPU 11 of the client PC is referred to as CPU 11.

  Next, the hardware configuration of the printer in the first embodiment will be described with reference to FIG. The printer 2 temporarily stores a printer CPU (Central Control Unit) 21 that is a printer controller, a ROM (Read Only Memory) 22 that stores various programs, and various variable data and image data. A random access memory (RAM) 23 and an external interface (external I / F) 24 for inputting data from the outside via the network cable 3 and outputting data to the outside. The printer 2 is connected to a printer engine 25 that outputs print data, a printer interface (printer I / F) 26 that is connected to the printer engine 25, a scanner engine 27 that reads a document and the like, and a scanner engine 27. A scanner interface (scanner I / F) 28. Since the printer engine 25 and the scanner engine 27 are well-known techniques, description of the contents is omitted. The printer 2 is connected to a key unit 29 that is an input device for inputting various data, a key unit control circuit 30 connected to the key unit 29, a display 31 that displays various information, and a display 31. Display control circuit 32 and the like. Further, the printer 2 has a bus 33, and the CPU 21 of the printer has a ROM 22, a RAM 23, an external I / F 24, a printer I / F 26, a scanner I / F 28, a display control circuit 32 and a keyboard control circuit 30 via the bus 33. Connected. Hereinafter, the CPU 21 of the printer 2 is referred to as a CPU 21.

  Next, the operation of the first embodiment will be described with reference to FIGS.

  First, identification and authentication of the user are performed on the printer 2 side. The identification and authentication method for the printer 2 may be a local identification and authentication method for the printer 2 or an identification recognition method that uses an external server such as an LDAP server. As a device certificate, a method of inputting a certificate created by an external certificate authority (external CA) to the printer 2 or a method of creating a self-issued certificate may be used. Since any of these known methods may be used, detailed description and flowcharts are omitted. On the other hand, on the client PC 1 side, it is necessary to install the printer driver of the printer 2 that prints safely while keeping the secret. Since this installation is also a well-known technique, detailed description and flowcharts are omitted.

  With reference to FIG. 4, a flowchart of a client PC regarding registration of a user certificate via a network will be described.

  The CPU 21 instructs the display control circuit 16 to display a guidance display for inputting a user ID and password on the display 15 in order to perform user authentication (operation 101, hereinafter abbreviated as A101). When the CPU 11 confirms that the user ID and password have been input by the user, the CPU 11 transmits the user ID and password as identification information to the printer 2 in order to perform user identification processing (A103). Transmission to the printer 2 is performed using a secure path. Specifically, Kerberos, SSL (Secure Socket Layer), etc. are equivalent.

  The CPU 11 determines whether or not data is sent directly from the printer 2 that has transmitted the user ID and password after a predetermined time from the end of the processing of A103 (A105). That is, the CPU 11 determines whether or not it has recognized that the created user certificate and public key are directly received from the printer 2 connected to the network 3. When the CPU 11 determines that no data has been sent from the printer 2 (N in A105), it further determines whether data has been sent from the printer 2 that has transmitted the user ID and password after a predetermined time has elapsed. If the CPU 11 determines that data has been sent from the printer 2 that has transmitted the user ID and password after a predetermined time from the end of the processing of A103 (Y in A105), the sent data is a user certificate including a secret key. Whether the device certificate includes a certificate and a public key (A107). That is, the CPU 11 determines whether or not it has recognized that the user certificate and the public key of the device certificate have been received directly from the printer connected by the network cable. This determination is also a recognition means. If the CPU 11 cannot determine that the data sent from the printer 2 is a device certificate including a user certificate including a private key and a public key (N in A107), that is, user authentication has failed. If so, the process returns to A101.

  If the CPU 11 determines that the data sent from the printer 2 is a user certificate including a private key and a device certificate including a public key (Y in A107), the CPU 11 notifies the display control circuit 16 of the data. In order to perform user authentication, the display unit 15 is instructed to display a guidance display for inputting a user ID and a password (A109). A109 is also a second user login means. When the user ID and password are input, the CPU 11 determines whether the user ID and password are correct (A111). If the CPU 11 determines that the user ID and password are not correct (N in A111), it instructs the display control circuit 16 to display an error message on the display 15 (A113), and returns to the process of A109. .

  If the CPU 11 determines that the user ID and password are correct (Y in A111), that is, if the CPU 11 determines that the user ID and password transmitted to the printer in A103 are the same, the secret received from the printer 2 is displayed. The user certificate including the key is decrypted and stored in a predetermined area of the RAM 13 of the client PC 1 (A115). Further, the CPU 11 stores the public key of the device certificate received from the printer 2 in a predetermined area of the RAM 13 of the client PC 1 (A117). A115 and A117 are also storage means.

  Next, with reference to FIG. 5, a flowchart of the printer PC regarding registration of a user certificate via the network will be described.

  The CPU 21 of the printer 2 determines whether a user ID and a password have been transmitted from the client PC (A121). If it is determined that the user ID and password have not been transmitted from the client PC, the CPU 21 performs the process A121 again after a predetermined time has elapsed. If the CPU 21 determines that the user ID and password are transmitted from the client PC (Y in A121), the CPU 21 determines whether or not the user ID and password are correct (A123). That is, the CPU 21 determines whether the user ID and the password are accurate based on data stored by inputting a certificate created by an external certificate authority or data generated and stored by a self-issued certificate. to decide. A123 is also a first user login means.

  If the CPU 21 determines that the user ID and password sent from the client PC 1 are not correct (N in A123), the CPU 21 transmits an authentication failure message to the client PC 1 (A125) and ends the process.

  If the CPU 21 determines that the user ID and password sent from the client PC 1 are correct (Y in A123), the CPU 21 uses the user ID and password sent from the client PC 1 to make a PFX (Personal information eXchange). ) Create a user certificate in the format (A127). The user certificate is encrypted because of the PFX format, and includes a private key. The CPU 21 also creates a public key for the device certificate in A127. A127 is also a certificate creation means. The PU 21 transmits the user certificate including the private key and the public key of the device certificate to the client PC 1 via the external I / F 14 (A129). A129 is also an output means.

  Next, operations relating to print output processing from the client PC 1 to the printer 2 will be described with reference to FIGS. FIG. 6 is a flowchart of the client PC regarding print output processing.

  When the printer driver is activated and a print instruction is issued by the user, the CPU 11 creates print data (A201). The CPU 11 encrypts the print data using the one-time common key (A203). The CPU 11 adds (creates) a digital signature using the private key of the user certificate (A205). The order of A203 and A205 may be switched. The CPU 11 encrypts the one-time public key using the public key of the device certificate (A207). The CPU 11 packages the encrypted print data, the digital signature created with the private key, and the one-time common key encrypted with the public key (A209). A209 is also a packaging means. The print data encrypted in A203, the digital signature created in A205, the public key encrypted in A207, and the data packaged in A211 are stored in different predetermined areas of the RAM 13, respectively. The CPU 21 transmits the packaged data to the printer 2 (A211). A211 is also a package transmission unit.

  Next, referring to FIG. 7, a printer flowchart relating to print output processing will be described.

  The CPU 21 of the printer determines whether data has been received from the client PC 1 and determines whether the received data is packaged data (A221). A221 includes a package receiving means. If the CPU 21 determines that the packaged data has not been transmitted from the client PC 1 (N of A221), it executes the process of A221 again after a predetermined time has elapsed. If the CPU 21 determines (recognizes) that the packaged data has been transmitted from the client PC 1 (Y in A221), it verifies the digital signature using the public key of the user certificate (A223). . The CPU 21 determines whether or not the verified digital signature is appropriate (A225).

  If the CPU 21 determines that the verified digital signature is appropriate (Y in A225), the CPU 21 decrypts the one-time common key using the private key of the device certificate (A227). Next, the CPU 21 decrypts the print data using the one-time common key (A229). A229 is also a print data decoding unit. The CPU 21 determines whether or not the decrypted print data is appropriate (A231). If the CPU 21 determines that the decrypted print data is appropriate (Y in A231), the CPU 21 instructs the display control circuit 32 to display guidance for inputting the user ID and password to the display 31 (A233). . The user ID and password at this time are the same as the user ID and password input when the user certificate and the device certificate public key are received from the printer 2. If the CPU 21 determines that the user ID and password are input from the key unit 29 by the user, the CPU 21 determines whether or not the user ID and password are appropriate (A235). If the CPU 21 determines that the user ID and password are not appropriate (N in A235), the CPU 21 instructs the display control circuit 32 to output an error message to the display 31 (A237). Further, the CPU 21 returns to the process of A233 and issues an instruction to the display control circuit 32 to display guidance for inputting the user ID and password to the display 31. If the CPU 21 determines that the user ID and password are appropriate (Y in A239), the printer engine 25 outputs the decrypted print data via the printer I / F 26 (A237).

  If the CPU 21 determines that the verified digital signature is not appropriate (N in A225), the CPU 21 discards the print data received from the client PC 1 (A241) and ends this processing. If the CPU 21 determines in A231 that the decrypted print data is not appropriate (N in A231), the CPU 21 discards the print data received from the client PC 1 (A241) and ends this processing. In the process of discarding data, a value may be displayed on the display 31 even if the process is not appropriate.

(Second Embodiment)
Next, a second embodiment will be described. In the first embodiment, the user certificate and the public key of the device certificate are transmitted from the printer to the client PC via the network cable 3, but in the second embodiment, the user certificate created by the printer 2 is used. And the public key of the device certificate are temporarily stored in the USB memory, and the user certificate and the public key of the device certificate are stored in the client PC 1 from the USB memory. Since the other operations are the same, the configuration diagram of the entire system and the block diagram of each hardware will not be described in common with the first embodiment. 2 and 3, the external I / F 14 of the client PC 1 and the external I / F 24 of the printer are connected to the USB memory as an auxiliary storage device in addition to the I / F connected to the network cable 3. Is different from the first embodiment.

  Next, the operation of the second embodiment will be described with reference to FIGS. FIG. 8 is a flowchart of the printer 2 regarding registration of a user certificate using a USB memory. FIG. 9 is a flowchart of the client PC 1 regarding registration of a user certificate using a USB memory.

  When the application relating to user certificate registration is activated, the CPU 21 activates the flowchart of FIG. The CPU 21 instructs the display control circuit 32 to use the display 31 as a guide display for inputting a user ID and password in order to perform user authentication (A151). A151 is also a first user login means. The CPU 21 determines whether a user ID and a password have been input (A153). If the CPU 21 determines that the user ID and password have not been input (N in A153), it performs the process of A151 again after a predetermined time. If the CPU 21 determines that the user ID and password are input (Y in A153), the CPU 21 determines whether or not the input user ID and password are appropriate (A155). If the CPU 11 determines that the user ID and password are not correct (N in A155), the CPU 21 instructs the display control circuit 32 to display an error message on the display 31 (A157). Thereafter, the CPU 21 returns to the process of A151.

  If the CPU 21 determines that the user ID and password are correct (Y in A155), it creates a user certificate and a public key of the device certificate (A159). A159 is also a certificate creation means. The CPU 21 transmits the user certificate including the private key and the public key of the device certificate to the client PC 1 (A161). Next, the CPU 21 stores the user certificate including the private key and the public key of the device certificate in a predetermined area of the USB memory (not shown) connected to the external I / F 24 (A163). Further, the CPU 21 stores the public key of the user certificate in a predetermined area of the RAM 23 of the printer 2 (A165).

  Next, control of the client PC will be described with reference to FIG. The CPU 11 determines whether or not a USB memory is connected to the external I / F 14 (A171). That is, the CPU 11 determines whether or not the connection of the USB memory storing the created user certificate and public key has been recognized. If the CPU 11 determines that the USB memory is not connected to the external I / F 14 (N in A171), it determines again whether the USB memory is connected to the external I / F 14 after a predetermined time has elapsed. If the CPU 11 determines that the USB memory is connected to the external I / F 14 (Y of A171), the CPU 11 displays a guidance display for inputting the user ID and password for user authentication. An instruction is given to make the display 15 (A173).

  If it is determined that the user ID and password have been input, the CPU 11 determines whether or not the input user ID and password are appropriate (A175). If it is determined that the user ID and password are not correct (N in A175), the CPCPU 11 instructs the display control circuit 16 to display an error message on the display 31 (A177). Thereafter, the CPU 11 returns to the process of A173.

  If the CPU 11 determines that the user ID and password are correct (Y in A175), the CPU 11 decrypts the encrypted user certificate and stores it in a predetermined area of the RAM 13 (A179). Further, the CPU 11 stores the public key of the device certificate in a predetermined area of the RAM 13 (A181).

  Since the flowchart regarding the printing execution is the same as the control of FIGS. 6 and 7, the description and illustration are omitted.

  In the second embodiment, the USB memory is used for the description. However, the present invention is not limited to this, and any auxiliary storage device (if any capacity is available to store the user certificate and the public key of the device certificate). Storage device). Therefore, this auxiliary storage device does not correspond to a large-capacity device such as a server.

In addition, when the data packaged in A221 of the first embodiment and the second embodiment is sent, the data is stored in a predetermined area of the RAM 23, but it is stored in a hard disk not shown in FIG. You may use a format to save. When a hard disk is used, if it is determined in A255 that a digital signature is coming out, it may be stored in a predetermined area partitioned for each predetermined capacity of the hard disk.
Further, although the printer in the present embodiment is premised on a multifunction peripheral including a scanner function, the printer may have only a printing function.

  As is apparent from the first and second embodiments, the created user certificate and public key are received directly from a printer connected by a network cable, or the created user certificate and the public key By recognizing the connection of the auxiliary storage device storing the public key, the CPU 11 of the client PC requests input of identification information and a password.

  In the first and second embodiments, in order to construct a secure (secure) printing environment, a user including a secret key directly from a printer connected by a network cable or via an auxiliary storage device Since the client PC can receive the certificate and the public key of the device certificate, there is an advantage that it is possible to save the trouble of registering in advance in the LDAP server. In addition, since it is determined whether or not the electronic signature is inappropriate before the user inputs the user ID and password, even if a large amount of inappropriate data is sent, it is immediately deleted and the storage capacity of the RAM or hard disk is exceeded. It also has the effect of dealing with vulnerabilities. In addition, since the common key encryption is used, the decryption becomes faster, and even when a large amount of print data such as a color image is received, the time before the paper output from the print instruction by the user can be shortened. In addition, since the printer performs a decoding process immediately after receiving the print data and stores the data when it is converted into output data, it can be output immediately in response to a print output instruction such as a password input by the user. There is.

  In the present embodiment, the description has been given of the case where the functions to be implemented in the client PC and the printer are recorded in advance. However, the present invention is not limited to this, and similar functions may be downloaded from the network to the apparatus. You may install what stored the function in the recording medium in the apparatus. The recording medium may be any form as long as the recording medium can store the program and can be read by the apparatus, such as a CD-ROM. In addition, the function obtained by installing or downloading in advance may be realized in cooperation with an OS (operating system) inside the apparatus.

  Although several embodiments have been described, these embodiments have been presented by way of example and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the spirit of the invention. These embodiments and modifications thereof are included in the gist of the invention, and in the invention described in the claims and the equivalents thereof.

1 ... Client PC (printing instruction device)
2 ... Printer 11 ... Client PC CPU
14 ... External I / F of client PC
21 ... Printer CPU
24 ... External I / F of printer
A107 ... recognition means A109 ... second user login means A115 ... storage means A117 ... storage means A123 ... first user login means A127 ... certificate creation means A129 ... Output means A155 ... first user login means A159 ... certificate creation means A161 ... output means A171 ... recognition means A175 ... second user login means A181 ... save means A183. ..Saving means A209 ... Packaging means A211 ... Package sending means A221 ... Package receiving means A229 ... Print data decoding means

Claims (8)

Determine whether the identification information and password input to the printer are appropriate based on information stored in advance on the printer side,
If the identification information and the password are appropriate, create an encrypted user certificate including a private key and a public key of the device certificate,
Recognizing that the created user certificate and the public key are directly received from a printer connected by a network cable, or recognizing connection of the auxiliary storage device storing the created user certificate and the public key Requesting the input of the identification information and the password,
The printing system is characterized in that when the identification information and the password are input, the printing instruction device stores the user certificate and the public key of the device certificate in the printing instruction device. The printer receives the packaged user certificate, the public key and encrypted print data,
2. The print according to claim 1, wherein the printer decrypts the encrypted print data before receiving the identification information and the password after receiving the encrypted print data. system A first user login means for determining whether the input identification information and password are appropriate based on information stored in advance;
If the identification information and the password are appropriate by the first user login unit, a certificate creation unit creates a user certificate encrypted including a private key and a public key of the device certificate When,
Output means for outputting the user certificate created by the certificate creating means and the public key of the device certificate via an external interface;
A printer comprising: A package receiving means for receiving the user certificate, the public key and the encrypted print data from outside in a packaged state;
Print data decrypting means for decrypting the encrypted print data received by the package receiving means before inputting identification information and a password;
A printer according to claim 3, further comprising: Recognizing that the user certificate encrypted including the created private key and the public key of the created device certificate have been received directly from the printer connected by the receiving network cable, or the created user certificate Recognizing means for recognizing the connection of the auxiliary storage device storing the public key;
A second user log-in means for requesting input of identification information and a password when the first receiving means receives the user certificate and the public key or recognizes the connection of the auxiliary storage device;
Public key storage means for storing the user certificate and the public key when the identification information and the password are input by the second user login means;
A printing instruction apparatus comprising: Packaging means for packaging the user certificate, the public key of the device certificate and the encrypted print data when transmitting print data to a printer;
Package transmitting means for transmitting data packaged by the packaging means to a printer;
The printing instruction apparatus according to claim 5, further comprising: A second user login function for causing the printer to determine whether the input identification information and password are appropriate based on information stored in advance in the printer;
A certificate creation function for causing a printer to create a user certificate encrypted including a private key and a device certificate public key when the identification information and the password are appropriate;
Auxiliary storage for recognizing that the created user certificate and the public key are directly received from a printer connected via a network cable in the print instruction apparatus, or storing the created user certificate and the public key A first user login function for requesting input of the identification information and the password by recognizing connection of a device;
A storage function that causes the print instruction apparatus to store the user certificate and the public key of the device certificate when the identification information and the password are input to the print instruction apparatus;
A program used in a print system to achieve the above. A package receiving function for causing the printer to receive the packaged user certificate, the public key of the device certificate, and the encrypted print data;
A print data decryption function for decrypting the encrypted print data before being input after reception of the encrypted print data;
The program used for the printing system of Claim 7 for implement | achieving.

Images