JP4977387B2 - Information processing device - Google Patents

Description

  The present invention relates to an information processing apparatus, and more particularly to a technique for delivering information subjected to encryption processing to a transmission destination.

  In recent years, with the spread of network environments such as the Internet, Internet facsimiles capable of FAX transmission using the Internet have also appeared.

  In order to prevent browsing by other users when information is transmitted / received via the Internet in this way, a technique for performing encryption processing has been proposed.

  For example, in Patent Document 1, an encryption process is performed when information is transmitted using an escrow service. In Patent Document 1, it is determined whether or not the user has a public key, and if there is no public key, a notification for newly registering the public key is made. Thereby, the user can acquire the information subjected to the encryption process regardless of the presence or absence of the public key using the escrow service.

JP 2002-535922 gazette

  However, when the user does not have a public key, it is necessary to register the public key, and there is a problem that a procedure until acquiring information becomes complicated.

  The present invention has been made in view of the above, and an object of the present invention is to provide an information processing apparatus that transmits information that has been encrypted by an appropriate method according to the environment of the transmission destination.

In order to solve the above-described problems and achieve the object, the invention according to claim 1 includes an encryption processing unit that performs an encryption process on an electronic mail, and an encryption process that is performed by the encryption processing unit. A first determination means for determining whether or not the electronic mail can be decrypted at a transmission destination, a transmission destination, and a criterion for determining whether or not the transmission destination can log in to the own device; Thus, it is impossible to perform decryption processing at the destination by the communication information storage means associated with the secret ensuring means for ensuring the secret state by communication with the destination, and the first determination means. A second determination for determining whether or not it is possible to log in to the own device from the transmission destination based on the secret securing means associated with the transmission destination in the communication information storage means Means and the second judging means If it is determined not to be ins, the transmission target information was scheduled to be transmitted as the e-mail, the destination using the secret securing means available, and alternative delivery means to pass to said destination, It is provided with.

Further, in the invention according to claim 2, in the invention according to claim 1, when the alternative delivery means determines that the login is not possible by the second determination means, the secret ensuring means and the transmission destination. communication when the secret state is ensured between the pre Symbol transmission target information comprises information transmitting means for transmitting by the destination request, if it is determined to be logged by the second determination means the further comprising a storage means for storing transmission target information to the storage means and the this.

  According to a third aspect of the present invention, in the second aspect of the invention, when the transmission target information is stored in the storage unit by the storage unit, the transmission target information is stored in the storage unit. It further comprises position information transmission means for transmitting information to the transmission destination.

  The invention according to claim 4 is the invention according to claim 3, wherein the alternative delivery means includes a plurality of secret state securing means for securing a secret state of communication with the transmission destination, It is characterized by.

  The invention according to claim 5 is the invention according to claim 3 or 4, wherein the position information transmitting means can deliver the transmission target information stored in the storage means together with the position information to the transmission destination. It is characterized by transmitting an expiration date.

According to a sixth aspect of the present invention, the invention according to any one of the second to fifth aspects includes a history storage unit that stores user history information that holds a user who has received the transmission target information as a history. Authentication means for authenticating the user of the transmission destination, and the delivery user stored in the history storage means when the transmission target information is delivered to the user authenticated by the authentication means History adding means for adding user identification information unique to the user to the history information is further provided.

According to a seventh aspect of the present invention, in the invention according to any one of the second to fifth aspects, the history storage means stores user number history information that holds the number of transmission destinations that have received the transmission target information. And a history addition means for adding the number of users of the user number history information stored in the history storage means when the transmission target information is delivered by the alternative delivery means. Features.

The invention according to claim 8, the invention according to claim 1, wherein the alternate delivery means, if it is determined not to be logged by the second determining means by said second determining means, said transmission Encrypted document information generating means for generating encrypted document information subjected to encryption processing that can be decrypted at the transmission destination for the target information, and an e-mail attached with the encrypted document information, And an encrypted document transmission means for transmitting to a transmission destination.

The invention according to claim 9 is the invention according to any one of claims 1 to 8 , wherein the first determination means decrypts at the transmission destination when the electronic mail is transmitted to a plurality of transmission destinations. It is characterized in that it is determined for each transmission destination whether or not the conversion processing can be performed.

The invention according to claim 10 is the invention according to claim 9 , wherein the alternative delivery means is judged by the first judging means to be unable to perform decryption processing at a plurality of the destinations. A selection receiving unit that receives a selection of the secret securing unit common to the plurality of destinations from a user, and uses the secret securing unit selected by the selection receiving unit to It is characterized by delivering.

The invention according to claim 11 is the invention according to claim 9 , in which the alternative delivery unit is configured to be used when the determination unit determines that the decoding process cannot be performed at a plurality of transmission destinations. Selection accepting means for accepting selection of the secret securing means for each transmission destination, and delivering to each transmission destination using the secret securing means selected by the selection accepting means .

The invention according to claim 12 is the invention according to any one of claims 1 to 11 , wherein the encryption processing means encrypts the electronic mail using a different public key for each destination. Processing is performed, and the first determining means determines whether or not a public key corresponding to the transmission destination is provided.

Further, in the invention according to claim 13, when the invention according to any one of claims 1 to 12 is determined by the first determination means not to have a public key corresponding to a transmission destination, It further comprises key request transmission means for transmitting a request for sending the public key to the transmission destination.

According to the first aspect of the present invention, when it is determined that the decryption process can not be performed at the transmission destination and the login is not possible, the secret securing means for securing the secret state with the transmission destination is used. By delivering, it is possible to deliver the transmission target information that has been encrypted by an appropriate method according to the environment of the transmission destination.

Further, according to the invention of claim 2, since the transmission target information is accumulated or transmitted to the transmission destination when the secret state is ensured, there is an effect that the transmission target information can be delivered safely.

  According to the invention of claim 3, since the position information is transmitted, it is possible to recognize that the transmission target information to be delivered to the transmission destination can be recognized.

  Further, according to the invention of claim 4, since a plurality of secret state securing means are provided, it is possible to deliver the transmission target information that has been encrypted by an appropriate method according to the environment of the transmission destination. Play.

  Further, according to the invention of claim 5, by transmitting the expiration date to the transmission destination, it is possible to recognize the time limit at which the transmission destination can take over the transmission target information, so that the reliability is improved. Play.

According to the sixth aspect of the invention, it is possible to confirm whether or not the transmission destination has taken over the transmission target data by associating and storing the transmission target information and the user identification information.

Further, according to the invention of claim 7 , it is possible to confirm whether or not the transmission destination has received the transmission target data by accumulating the number of users who have received the transmission target information.

In addition, according to the invention of claim 8 , since the transmission target information is subjected to the encryption process without being transmitted, the transmission target information is transmitted, so that it is possible to prevent unauthorized third parties from browsing or falsification. Play.

Further, according to the invention according to claim 9 , since it is determined whether transmission is possible for each transmission destination, it is possible to deliver the transmission target information that has been encrypted by an appropriate method according to the environment of the transmission destination. Play.

According to the tenth aspect of the present invention, since it is possible to select the transmission destinations in a lump, there is an effect of omitting the trouble of accepting selection for each transmission destination.

According to the eleventh aspect of the invention, since the selection of the secret securing means is accepted for each transmission destination, it is possible to deliver the transmission target information that has been encrypted by an appropriate method according to the environment of the transmission destination. Play.

According to the twelfth aspect of the present invention, it is determined whether or not each transmission destination has a public key, and if it is provided, an encryption process is performed. There is an effect that can be done.

According to the invention of claim 13 , there is an effect of improving the possibility of transmission by e-mail that has been encrypted using the public key at the next transmission.

  Exemplary embodiments of an information processing apparatus according to the present invention will be explained below in detail with reference to the accompanying drawings.

(First embodiment)
FIG. 1 is a diagram showing a network configuration in which electronic devices according to the present embodiment are connected via a LAN (Local Area Network) 110. As shown in FIG. 1, with the recent progress of networking, electronic devices are usually connected to a network such as a LAN 110 and communicate with each other. For example, as shown in this figure, the network includes an MFP (Multi Function Peripherals) 100, a FAX 101, a scanner 102, a printer 103, a copier 104, a client PC 111, a client PC 112, and a mail server. 113 and the like can be connected to send and receive e-mails and transfer files.

  Along with the progress of such networking, the MFP 100 is also connected to such a network and can communicate with devices such as PCs. By incorporating a storage device such as a hard disk, it has evolved into a so-called network multifunction device. And it has become possible to meet the various needs of users.

  The MFP 100, the FAX 101, the scanner 102, the printer 103, and the copier 104 are each provided with a user DB, and an authentication process or the like when transmitting read or received document data or the like to a transmission destination such as the client PC 111. I do.

  Therefore, as an embodiment of the present invention, an information processing apparatus is a copy function, a facsimile (FAX) function, a print function, a scanner function, and an input image (a document image read by a scanner function, a printer, or a FAX function. An example in which the MFP 100 is combined with a function that distributes (image) is shown. Note that the FAX 101, the scanner 102, the printer 103, and the copier 104 have the configurations described later, and the same processing can be performed, and the description thereof is omitted.

  FIG. 2 is a block diagram illustrating a hardware configuration of the MFP 100 according to the first embodiment. As shown in the figure, the MFP 100 has a configuration in which a controller 210 and an engine unit (Engine) 260 are connected by a PCI (Peripheral Component Interconnect) bus. The controller 210 is a controller that controls the entire MFP 100 and controls drawing, communication, and input from the operation display unit 220. The engine unit 260 is a printer engine or the like that can be connected to the PCI bus, and is, for example, a monochrome plotter, a 1-drum color plotter, a 4-drum color plotter, a scanner, or a fax unit. The engine unit 260 includes an image processing unit such as error diffusion and gamma conversion in addition to a so-called engine unit such as a plotter.

  The controller 210 includes a CPU 211, a north bridge (NB) 213, a system memory (MEM-P) 212, a south bridge (SB) 214, a local memory (MEM-C) 217, and an ASIC (Application Specific Integrated Circuit). 216 and a hard disk drive (HDD) 218, and the north bridge (NB) 213 and the ASIC 216 are connected by an AGP (Accelerated Graphics Port) bus 215. The MEM-P 212 further includes a ROM (Read Only Memory) 212a and a RAM (Random Access Memory) 212b.

  The CPU 211 performs overall control of the MFP 100, has a chip set including the NB 213, the MEM-P 212, and the SB 214, and is connected to other devices via the chip set.

  The NB 213 is a bridge for connecting the CPU 211 to the MEM-P 212, SB 214, and AGP 215, and includes a memory controller that controls read / write to the MEM-P 212, a PCI master, and an AGP target.

  The MEM-P 212 is a system memory used as a memory for storing programs and data, a memory for developing programs and data, a memory for drawing printers, and the like, and includes a ROM 212a and a RAM 212b. The ROM 212a is a read-only memory used as a memory for storing programs and data, and the RAM 212b is a writable and readable memory used as a program and data development memory, a printer drawing memory, and the like.

  The SB 214 is a bridge for connecting the NB 213 to a PCI device and peripheral devices. The SB 214 is connected to the NB 213 via a PCI bus, and a network interface (I / F) unit and the like are also connected to the PCI bus.

  The ASIC 216 is an IC (Integrated Circuit) for image processing having hardware elements for image processing, and has a role of a bridge for connecting the AGP 215, the PCI bus, the HDD 218, and the MEM-C 217. The ASIC 216 includes a PCI target and an AGP master, an arbiter (ARB) that forms the core of the ASIC 216, a memory controller that controls the MEM-C 217, and a plurality of DMACs (Direct Memory) that rotate image data using hardware logic or the like. Access Controller) and a PCI unit that performs data transfer between the engine unit 260 via the PCI bus. The ASIC 216 is connected to an FCU (Fax Control Unit) 230, a USB (Universal Serial Bus) 240, and an IEEE 1394 (the Institute of Electrical and Electronics Engineers 1394) interface 250 via a PCI bus.

  The MEM-C 217 is a local memory used as a copy image buffer and a code buffer, and an HDD (Hard Disk Drive) 218 is a storage for storing image data, programs, font data, and forms. It is.

  The AGP 215 is a bus interface for a graphics accelerator card that has been proposed to speed up graphics processing. The AGP 215 speeds up the graphics accelerator card by directly accessing the MEM-P 212 with high throughput. .

  Although not shown, the operation display unit 220 is controlled by a control unit different from the CPU 211 described above. And as a memory which this another control part uses, the memory different from MEM-C217 mentioned above is provided. The other control unit performs processing for developing image data to be displayed on the liquid crystal touch panel, which will be described later, using a work area secured on the memory. As another modification, MEM-C may be used, but it is conceivable that the work area for the liquid crystal touch panel and the work area of the CPU 211 are secured in different areas.

  FIG. 3 is a diagram illustrating an example of the operation panel 300 of the MFP 100. As shown in the figure, the operation panel 300 includes an initial setting key 301, a copy key 302, a copy server key 303, a printer key 304, a transmission key 305, a ten key 306, a clear / stop key 307, a start key 308, a preheat. A key 309, a reset key 310, and a liquid crystal touch panel 320 are provided.

  A numeric keypad 306 is used for inputting the number of copies. A clear / stop key 307 is used to interrupt the copy operation. A start key 308 is used to start execution of a copy operation. An initial setting key 301 is used to move to a screen for setting an initial state of the device.

  When the initial setting key 301 is touched, an initial setting menu is displayed on the liquid crystal touch panel 320, and in this menu, the size of paper to be stored can be set. When the copy server key 303 is pressed, the scanned image data is accumulated.

  FIG. 4 is a block diagram showing a configuration of MFP 100 according to the first embodiment of the present invention. As shown in this figure, the MFP 100 includes a determination unit 401, an encryption processing unit 402, an e-mail transmission unit 403, a storage unit 404, a position data transmission unit 405, a target data transmission unit 406, a selection A reception unit 408, a secret state securing unit 409, a history addition unit 410, and an authentication unit 407 are provided. Further, the MFP 100 includes a user DB 150, a public key storage unit 451, and a document data storage unit 452 as storage devices.

  The user DB 150 is a database used for specifying a user. Specifically, a user ID and password are associated with each other and a user management table is held. In addition, a history when the user logs into MFP 100 and acquires document data is held. Specifically, the user ID, the login time, and the acquired document data name are held. Also, the number of times the user has acquired the document data is stored.

  The document data is data to be transmitted to the transmission destination, and is also referred to as transmission target data below.

  The public key storage unit 451 holds a public key management table. FIG. 5 is a diagram showing a table structure of the public key management table. As shown in the figure, the public key management table manages user names, user IDs, mail addresses, and public keys in association with each other. That is, by managing the public key and the mail address in association with each other, it is possible to specify a transmission destination that can perform encryption processing using the public key.

  Returning to FIG. 4, when the user does not hold the public key, the document data storage unit 452 holds the transmission target data until the user collects it. The transmission target data stored in the document data storage unit 452 can be browsed only by users who have been properly authenticated. Thereby, unauthorized use of transmission target data can be prevented.

  The user DB 150, the public key storage unit 451, and the document data storage unit 452 may be any storage unit that is generally used, such as an HDD (Hard Disk Drive), an optical disk, a memory card, and a RAM (Random Access Memory). Can be configured.

  The determination unit 401 determines whether or not the e-mail encrypted by the encryption processing unit 402 described later can be decrypted at the transmission destination. Specifically, the determination unit 401 determines whether or not the public key storage unit 451 holds the transmission destination public key. In the present embodiment, the public key is locally managed in MFP 100 in the present embodiment. However, a public key managed externally may be acquired using LDAP or the like.

  In addition, when a plurality of transmission destinations are set, the determination unit 401 determines whether it is possible to perform a decoding process for each transmission destination.

  When the determination unit 401 determines that the transmission destination public key is held, the encryption processing unit 402 performs an encryption process using the transmission destination public key. In this embodiment, S / MIME (Secure MIME) or PGP (Pretty Good Privacy) is assumed as the encryption method, but other encryption methods may be used.

  The e-mail transmission unit 403 performs processing for transmitting the e-mail that has been encrypted by the encryption processing unit 402 to a transmission destination.

  The accumulating unit 404 is data to be transmitted that is scheduled to be transmitted as an e-mail when the determining unit 401 determines that the public key of the transmission destination is not held (for example, document data, but any data such as image data). The data is stored in the document data storage unit 452.

  The position data transmission unit 405 performs processing to transmit the storage location of the transmission target data accumulated by the accumulation unit 404 to the transmission destination. The storage location on the MFP 100 is indicated by a URI (Uniform Resource Identifier) or the like. Since the storage location is transmitted in this way, it is possible to recognize that the transmission target data to be delivered to the transmission destination is accumulated.

  FIG. 6 is a diagram illustrating an example of an e-mail document transmitted by the position data transmission unit 405. As shown in the figure, the storage location of the transmission target data is notified and the registration of the public key is prompted. That is, it can be said that the position data transmission unit 405 has a function as a key request transmission unit in other words. Also, as shown in the figure, a registration method and an expiration date are described. Also, by describing the registration method, from the next transmission, it is not stored in the document data storage unit 452 and an e-mail indicating the storage location is transmitted, but an encryption process is performed using a public key. Improve the possibility of sending by e-mail.

  When the expiration date has passed, the storage unit 404 deletes the transmission target data. This prevents leakage of information described in the transmission target data and deletes unnecessary data, thereby reducing the amount of data to be managed. In addition, by indicating the expiration date in the e-mail, it is possible to clarify how long the transmission target data must be stored in the MFP 100. Since the user at the transmission destination can also recognize the collection deadline, the reliability is improved.

  Authentication unit 407 performs authentication processing for a user who logs in to MFP 100. In the authentication process, the user ID and password stored in the user DB 150 are used, but any other authentication means may be used. In the present embodiment, it is assumed that an appropriate authentication process is performed according to the difference in the protocol that secures the secret state. This prevents browsing by unauthorized third parties.

  When the authentication process is performed by the authentication unit 407, the history adding unit 410 adds the user ID indicating the logged-in user, the login time, and the transmission target data name of the access destination to the user DB 150 as history information. It also holds the number of users who have accessed the transmission target data.

  Moreover, the user who transmitted can refer the history information, and can confirm the person who took the transmission target data. In addition, the number of accessed users is held. Thereby, the transmitting user can confirm whether or not the transmission destination user has collected the data to be transmitted, and can confirm whether or not more data is collected than the transmission destination user. That is, it can be confirmed whether or not the document storage location of the MFP 100 has been illegally accessed.

  The selection accepting unit 408 accepts selection of a means (such as a protocol) that ensures a secret state with the transmission destination when the logged-in user acquires the transmission target data. The means for securing the secret state is a means that can be executed by the secret state securing unit 409, which will be described later. For example, HTTPS (Hypertext Transfer Protocol Security), SFTP (Secure File Transfer Protocol), and the like are conceivable.

  The secret state securing unit 409 includes an HTTPS processing unit 421 and an SFTP processing unit 422, and performs encryption processing for communication with the transmission destination.

  The HTTPS processing unit 421 performs encryption processing for communication with a transmission destination using a protocol HTTPS in which an encryption function by SSL is added to HTTP.

  The SFTP processing unit 422 performs the encryption process when transmitting the transmission target data to the transmission destination using the protocol SFTP in which the encryption function is added to the file transfer function.

  In other words, the HTTPS processing unit 421 and the SFTP processing unit 422 correspond to secret securing means. As described above, MFP 100 according to the present embodiment includes a plurality of secret state securing means.

  The target data transmission unit 406 performs the transmission process of the transmission target data to the transmission destination according to the request from the transmission destination in the communication subjected to the encryption process by the secret state securing unit 409. In other words, the target data transmission unit 406 corresponds to an alternative delivery unit in other words.

  Next, processing from the search for the public key of the transmission destination to the transmission processing for the transmission destination in MFP 100 according to the present embodiment configured as described above will be described. FIG. 7 is a flowchart showing the above-described processing procedure in MFP 100 according to the present embodiment. First, it is assumed that MFP 100 receives a request for transmitting document data from a user.

  First, the determination unit 401 searches the public key storage unit 451 for the public key of the transmission destination (step S701). Then, the determination unit 401 determines whether or not there is a transmission destination public key (step S702).

  Next, when the determination unit 401 determines that there is a public key (step S702: Yes), the encryption processing unit 402 performs encryption processing on the entire email including the attached data (step S703). ). Then, the e-mail transmission unit 403 performs processing for transmitting the encrypted e-mail to the transmission destination (step S704).

  If the determination unit 401 determines that there is no public key (step S702: No), the storage unit 404 stores the transmission target data to be transmitted in the document data storage unit 452 (step S705). Note that the transmission target data is not limited to the document data attached to the e-mail, but may be other data attached to the e-mail or the text of the e-mail.

  Then, the position data transmission unit 405 performs processing for transmitting an e-mail in which the storage location of the transmission target data accumulated by the accumulation unit 404 is described to the transmission destination (step S706).

  As a result, if there is a public key, an email that has been encrypted is sent to the destination, and if there is no public key, the destination stores the storage location where the data to be sent is stored. An email is sent.

  Next, a description will be given of a processing procedure during which a user collects data to be transmitted when a storage location is transmitted to a transmission destination. FIG. 8 is an operation sequence showing a processing procedure when a user collects document data from a document storage location on MFP 100. In this embodiment, a case where there are two transmission destinations will be described. However, the same processing procedure can be applied to a case where there are one transmission destination or three or more transmission destinations.

  First, the MFP 100 transmits a URI or IP address indicating a document storage location as document transmission to the PC 111 (step S801). First, the MFP 100 transmits a URI or an IP address indicating a document storage location as document transmission to the PC 112 (step S802).

  Then, when accessing the document storage location of the MFP 100, the PC 111 selects an acquisition method for collecting the transmission target data (step S804). Examples of the acquisition method include HTTPS and SFTP. Further, the PC 111 performs an authentication process when connecting to the MFP 100 (step S805). Details of the authentication process will be described later.

  Further, the PC 112 selects an acquisition method for collecting the transmission target data (step S806).

  Then, the PC 111 makes a document data (transmission target data) collection request by HTTPS-GET (step S807). In response to this, the MFP 100 makes a document data (transmission target data) response using HTTPS (step S808). As a result, the user of the PC 111 can collect the transmission target data.

  Next, the PC 112 connects to the MFP 100 via SFTP (step S809). Then, the PC 112 logs in to the MFP 100 (step S810). The authentication process will be described later. If the authentication process is properly performed, the PC 112 receives a login consent from the MFP 100 (step S811). Next, the PC 112 uses the GET command to make a document (transmission target data) collection request (step S812).

  Then, the MFP 100 makes a document (transmission target data) response to the PC 112 (step S813). As a result, the user of the PC 111 can collect the transmission target data. Thereafter, the PC 112 ends the connection by SFTP (step S814).

  In the processing procedure described above, the user of the PC 111 acquires document data using the HTTPS protocol, and the user of the PC 112 acquires document data using the SFTP protocol. In this way, the transmission destination can take over the document data that was the transmission target data with a different protocol for each transmission destination. The protocol is not limited to HTTPS or SFTP. In addition, when the transmission destination user determines that the document data does not include confidential information, a protocol that is not subjected to encryption processing such as HTTP can be used.

  Next, authentication processing in MFP 100 will be described. FIG. 9 is a flowchart showing the above-described processing procedure in MFP 100 according to the present embodiment. In the processing shown in this figure, it is assumed that the MFP 100 accepts an FTP login request or an HTTPS connection request from a transmission destination (for example, the PC 111 or the PC 112).

  First, the authentication unit 411 performs an authentication process on a user (PC 111 or PC 112) who has received a document (step S901). Any means may be used for the authentication process.

  Next, the authentication unit 411 determines whether or not proper authentication has been performed for the user (step S902).

  If proper authentication is performed (step S902: Yes), after the document data transmission processing or the like is performed, the history adding unit 410 sets the authenticated user ID and the transmission target data name as the user. It adds to the log | history which DB150 hold | maintains (step S903).

  If proper authentication has not been performed (step S902: No), the authentication unit 411 responds to the user with an access error (step S904).

  Further, the history adding unit 410 increments the number of times the document data held by the user DB 150 is acquired assuming that the transmission target data has been accessed (step S905). If proper authentication is not performed and there is no request for acquisition of transmission target data, it is not necessary to increment.

  By performing the above-described processing procedure, it is possible to manage the fact that the user has received the document data as a history together with the authentication processing.

  Since MFP 100 according to the present embodiment secures a secret state by HTTPS or SFTP with the transmission destination when there is no public key of the transmission destination, the transmission target data is transferred to the transmission destination. There is an effect that the transmission target data subjected to the encryption process can be delivered by an appropriate method according to the previous environment.

  Since the MFP 100 according to the present embodiment can deliver the transmission target data after the encryption process is performed by the secret state securing unit 409, the transmission target data can be safely transmitted without holding the transmission destination public key. Can be handed over. This eliminates the need for the MFP 100 to perform transmission processing of the transmission target data again after accepting registration of the public key from the transmission destination.

  Further, since the MFP 100 according to the present embodiment can be selected from a plurality of secret state securing means such as HTTPS and SFTP in order to secure the secret state with the transmission destination, the possibility that the transmission destination takes over the transmission target data is improved. To do.

(Second Embodiment)
In the above-described embodiment, when there is no destination public key, MFP 100 stores and saves the storage location by e-mail. However, the processing performed when there is no transmission destination public key is not limited to such processing. Therefore, in the second embodiment, when there is no transmission destination public key, it is assumed that transmission processing is performed using an encrypted PDF obtained by applying document encryption to document data.

  In this embodiment, it is assumed that an electronic device is connected via a LAN as shown in FIG. 1, but in this embodiment, the electronic device does not include a user DB. .

  FIG. 10 is a block diagram illustrating a configuration of the MFP 1000 according to the second embodiment. As shown in the figure, the MFP 1000 includes a determination unit 401, an encryption processing unit 402, an email transmission unit 403, an encrypted document data generation unit 1001, and an encrypted document transmission unit 1002. In the following description, the same components as those in the first embodiment described above are denoted by the same reference numerals and description thereof is omitted.

  The encrypted document data generation unit 1001 encrypts the transmission target data that was scheduled to be transmitted as an e-mail by applying document encryption when the determination unit 401 determines that the transmission destination public key is not held. Generate PDF. In the present embodiment, it is assumed that the transmission destination user knows the decryption key for decrypting the encrypted PDF in advance. In other words, the encrypted document data generation unit 1001 corresponds to a secret securing unit.

  The encrypted document transmission unit 1002 performs transmission processing of the encrypted PDF generated by the encrypted document data generation unit 1001 to the transmission destination. In other words, the encrypted document transmission unit 1002 corresponds to an alternative delivery unit.

  Next, a process from the search for the transmission destination public key in the MFP 1000 to the transmission process for the transmission destination will be described. FIG. 11 is a flowchart showing a procedure of the above-described processing in MFP 1000 according to the present embodiment. First, it is assumed that MFP 100 receives a request for transmitting document data from a user.

  First, the determination unit 401 searches the public key storage unit 451 for the public key of the transmission destination (step S1101). Then, the determination unit 401 determines whether or not there is a transmission destination public key (step S1102).

  Next, when the determination unit 401 determines that there is a public key (step S1102: Yes), the encryption processing unit 402 performs encryption processing on the entire email including the attached data (step S1103). ). Then, the e-mail transmission unit 403 performs processing for transmitting the encrypted e-mail to the transmission destination (step S1104).

If the determination unit 401 determines that there is no public key (step S1102: No),
The encrypted document data generation unit 1001 applies document encryption to the transmission target data that was scheduled to be transmitted as an e-mail to generate an encrypted PDF (step S1105). Then, the encrypted document transmission unit 1002 performs transmission processing of the encrypted PDF generated by the encrypted document data generation unit 1001 to the transmission destination (step S1106).

  As a result, the MFP 1000 encrypts an e-mail that has been encrypted at the destination when there is a public key, and encrypts the destination with the decryption key when there is no public key. The encrypted PDF that has been processed can be transmitted.

  The MFP 1000 according to the present embodiment can transmit the encrypted PDF on the assumption that the transmission destination holds a decryption key even if the MFP 1000 does not hold the public key of the transmission destination. In this case, since the transmission target data is not stored in the MFP 1000, it is possible to prevent unauthorized third parties from browsing or falsifying.

(Third embodiment)
In the above-described embodiment, the case where there is only one type of processing performed when there is no public key has been described. Therefore, in the third embodiment, a case will be described in which a plurality of types of processing is performed when there is no public key.

  FIG. 12 is a block diagram illustrating a configuration of the MFP 1200 according to the third embodiment. The MFP 1200 includes the configuration described in the MFP 100 according to the first embodiment and the MFP 1000 according to the second embodiment described above, and is further changed to a selection receiving unit 1201 having a process different from that of the selection receiving unit 408. It differs from the unit 1202 in that the process is changed to a determination unit 1202 having a different process. In the following description, the same components as those in the first embodiment and the second embodiment described above are denoted by the same reference numerals, and the description thereof is omitted.

  The selection receiving unit 1201 performs the processing of the selection receiving unit 408 of the first embodiment, and when the determination unit 1202 determines that the transmission destination public key is not held, the transmission target data is converted into document data. The user accepts selection as a communication means whether to store in the storage unit 452, to generate and transmit an encrypted PDF, or to transmit without performing encryption processing.

  FIG. 13 is a diagram showing an example of a screen for accepting communication means selection displayed on the liquid crystal touch panel 220 when it is determined that the transmission destination public key is not held. In the communication means selection field 1401 shown in this figure, the user selects a process for delivering the transmission target data. As shown in the figure, a user ID 1402 is displayed on this screen, and a communication means is selected for each user. Also, when it is desired to select communication means at once, the communication means can be selected at once for all users by checking the selection item 1403. That is, when the selection item 1403 is checked, there is no further inquiry.

  The selection receiving unit 1201 receives a selection of a transmission destination when transmitting document data. The selection receiving unit 1201 can also receive selection of a plurality of transmission destinations.

  Further, the selection of the process for actually delivering the transmission target data is not limited to the reception of the selection of the communication means from the user by the selection receiving unit 1201. For example, the determination unit 1202 may determine processing for delivering transmission target data for each transmission destination.

  Any method may be used as a method for the determination unit 1202 to determine a process for transferring transmission target data for each transmission destination. In the present embodiment, it is assumed that a communication unit is associated with each transmission destination in the public key management table. Note that the communication means is URI transmission (the storage location shown in the first embodiment is transmitted and login by HTTPS or SFTP), encrypted PDF, or the like.

  Then, the determination unit 1202 can determine whether or not it is possible to log in for each transmission destination by referring to the public key management table. In other words, the determination unit 1202 determines that login is possible when URI communication is associated with the transmission destination, and determines that login is not possible when encrypted PDF is associated with the transmission destination.

  Next, processing from reception of selection of a transmission destination in MFP 1200 to transmission processing for the transmission destination will be described. FIG. 14 is a flowchart showing the processing procedure described above in the MFP 1000 according to the present embodiment.

  First, the selection receiving unit 1201 receives a plurality of selections of transmission destinations for transmitting document data from the user (step S1301).

  Next, the determination unit 1202 searches the public key storage unit 451 for the transmission destination public key (step S1302). Then, the determination unit 1202 determines whether or not there is a transmission destination public key (step S1303).

  Next, when the determination unit 1202 determines that there is a public key (step S1303: Yes), the encryption processing unit 402 performs encryption processing on the entire email including the attached data (step S1304). ). Then, the e-mail transmission unit 403 performs processing for transmitting the encrypted e-mail to the transmission destination (step S1305).

If the determination unit 1202 determines that there is no public key (step S1303: No),
The selection receiving unit 1201 receives the selection of the communication unit (alternative unit) (step S1306).

  Then, the MFP 1200 performs processing using the selected communication means (step S1307). Note that the communication means is the URI communication shown in the first embodiment and the encrypted PDF shown in the second embodiment, and the processing is the same as that of the above-described embodiment, and thus the description thereof is omitted.

  Then, the determination unit 1202 determines whether there is another transmission destination that has received the selection (step S1308). If it is determined that there is the determination unit 1202 (step S1308: Yes), the determination unit 1202 searches for a public key of another transmission destination again (step S1302).

  If it is determined that there is no determination unit 1202 (step S1308: No), the processing is terminated as if all the information has been transmitted.

  As a result, the MFP 1000 receives the e-mail that has been encrypted at the transmission destination when there is a public key, and the data to be transmitted by the communication means selected by the user when there is no public key. Can pass.

  In the processing procedure described above, the case where the selection of the communication means is received from the user has been described. Next, a case where the determination unit 1202 determines a process for transferring transmission target data for each transmission destination will be described.

  Next, processing from reception of selection of a transmission destination in MFP 1200 to transmission processing for the transmission destination will be described. FIG. 15 is a flowchart showing a procedure of the above-described processing in MFP 1000 according to the present embodiment.

  First, the selection receiving unit 1201 receives a plurality of selections of transmission destinations for transmitting a document from the user (step S1501).

  Next, the determination unit 1202 searches the public key storage unit 451 for the transmission destination public key (step S1502). Then, the determination unit 1202 determines whether or not there is a transmission destination public key (step S1503).

  Next, when the determination unit 1202 determines that there is a public key (step S1503: Yes), the encryption processing unit 402 performs encryption processing on the entire email including the attached data (step S1504). ). Then, the e-mail transmission unit 403 performs processing for transmitting the encrypted e-mail to the transmission destination (step S1505).

  If the determination unit 1202 determines that there is no public key (step S1303: No), the determination unit 1202 determines whether the transmission destination is a user who can log in to the MFP 1200 (step S1506). This can be determined by communication means associated with the user ID in the public key management table.

  If the determination unit 1202 determines that login is possible (step S1506: Yes), the storage unit 404 stores the transmission target data to be transmitted in the document data storage unit 452 (step S1507).

  Next, the position data transmission unit 405 performs processing for transmitting an e-mail in which the storage location of the transmission target data accumulated by the accumulation unit 404 is described to the transmission destination (step S1508).

  If the determination unit 401 determines that login is not possible (step S1506: No), the encrypted document data generation unit 1001 encrypts the transmission target data that was scheduled to be transmitted as an e-mail by applying document encryption. PDF is generated (step S1509). Then, the encrypted document transmission unit 1002 performs transmission processing of the encrypted PDF generated by the encrypted document data generation unit 1001 to the transmission destination (step S1510).

  Then, the determination unit 1202 determines whether there is another transmission destination that has received the selection (step S1511). If it is determined that there is the determination unit 1202 (step S1511: Yes), the determination unit 1202 searches for a public key of another transmission destination again (step S1502).

  If it is determined that there is no determination unit 1202 (step S1511: No), the process is terminated as if all transmissions have been transmitted.

  As a result, the MFP 1000 delivers an e-mail that has been encrypted at the destination when there is a public key, and the data to be sent through an appropriate process for each destination when there is no public key. It is.

  Note that the MFP 1200 can select whether to accept selection of a communication means from a user, or whether the determination unit determines processing for delivering transmission target data.

  In MFP 1200 according to the present embodiment, transmission using the document storage location of MFP 1200 and transmission using encrypted PDF can be used properly according to the transmission destination.

  Further, in MFP 1200, even if the selection receiving unit 1201 receives the selection of the communication means from the user, and the process for transferring the transmission target data for each transmission destination is not set in advance, the selection is performed by the communication means. The transmission target data can be transferred to the transmission destination using the processed processing. Note that the MFP 1200 may determine a default communication means. By setting, it is possible to eliminate reception of such a selection.

  In MFP 1200 according to the present embodiment, determination unit 1202 can determine processing for delivering transmission target data for each transmission destination. As a result, it is possible to use an optimal transmission target data transfer process without setting for each transmission destination, so that the operation load is reduced and the transmission target data is transferred by an appropriate transmission target data transfer process. Can do.

  Further, in MFP 1200 according to the present embodiment, since communication means can be set as a transmission destination in a lump, convenience is improved by omitting the selection effort for each transmission destination.

  Also, in MFP 1200 according to the present embodiment, transmission target data is delivered to a user who cannot log in to MFP 1200 by means that does not require login. This improves convenience.

(Modification)
Moreover, it is not limited to each embodiment mentioned above, The various deformation | transformation which is illustrated below is possible.

  In the first or third embodiment described above, a user DB is provided for each electronic device. However, it is not limited to such a configuration. Therefore, in this modification, it is assumed that the user DB 1601 is managed by the server 1602. In addition to the user DB, the public key storage unit and the document data storage unit 452 may be managed by the server.

  FIG. 16 is a diagram illustrating a network configuration in which electronic devices according to this modification are connected via a LAN.

  In other words, when the MFP performs communication with the server that has been encrypted, information in the public key storage unit as well as the user DB can be acquired. As a result, the MFP can make a determination for each destination even if the MFP does not include a public key storage unit. The MFP can update the history by requesting the server to update. As a result, user information can be collectively managed by the server.

  In addition, since the MFP transmits the transmission target data to the server, the transmission target data can be stored in the server. In this case, the transmission destination logs in to the server and acquires transmission target data.

  The information processing program executed by the MFP according to the above-described embodiment is provided by being incorporated in advance in a ROM or the like.

  The information processing program executed by the MFP according to the above-described embodiment is an installable or executable file, such as a CD-ROM, a flexible disk (FD), a CD-R, a DVD (Digital Versatile Disk), or the like. It may be configured to be recorded on a computer-readable recording medium.

  Furthermore, the information processing program executed by the MFP according to the above-described embodiment may be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. The information processing program executed by the MFP according to the above-described embodiment may be provided or distributed via a network such as the Internet.

  The information processing program executed by the MFP according to the present embodiment has a module configuration that includes different units for each embodiment. As actual hardware, a CPU (processor) reads the information processing program from the ROM. By executing the above, the above-described units are loaded onto the main storage device, and the different units for each embodiment are generated on the main storage device.

  As described above, the information processing apparatus according to the present invention is useful for a technique for delivering information by performing an encryption process, and particularly suitable for a technique for delivering information by a method suitable for the environment of the transmission destination. ing.

1 is a diagram illustrating a network configuration in which electronic devices according to a first embodiment are connected via a LAN. 2 is a block diagram illustrating a hardware configuration of the MFP according to the first embodiment. FIG. 2 is a diagram illustrating an example of an operation panel of an MFP. FIG. 1 is a block diagram showing a configuration of an MFP according to a first embodiment. 3 is a diagram showing a table structure of a public key management table of the MFP according to the first embodiment. FIG. 6 is a diagram illustrating an example of an e-mail document transmitted by a position data transmission unit of the MFP according to the first embodiment. FIG. 6 is a flowchart illustrating a processing procedure from a search for a public key of a transmission destination to a transmission process performed on the transmission destination in the MFP according to the first embodiment. 6 is an operation sequence showing a processing procedure when a user collects document data from a document storage location of the MFP according to the first embodiment. 4 is a flowchart illustrating a procedure of authentication processing in the MFP according to the first embodiment. It is a block diagram which shows the structure of MFP concerning 2nd Embodiment. 10 is a flowchart showing a processing procedure from searching for a transmission destination public key to performing transmission processing on a transmission destination in the MFP according to the second embodiment. It is a block diagram which shows the structure of MFP concerning 3rd Embodiment. FIG. 10 is a diagram illustrating an example of a screen that accepts selection of a communication unit displayed on a liquid crystal touch panel when the determination unit of the MFP according to the third embodiment determines that the transmission destination public key is not held. . 14 is a flowchart illustrating a processing procedure from reception of a selection of a transmission destination to transmission processing on the transmission destination when a selection of a communication unit is received by an MFP selection reception unit according to a third embodiment. FIG. 10 is a flowchart showing a processing procedure from reception of a selection of a transmission destination to transmission processing to the transmission destination when the determination unit of the MFP according to the third embodiment determines a process of delivering the transmission target data. is there. It is the figure which showed the network structure to which the electronic device concerning a modification was connected via LAN.

Explanation of symbols

100, 1000, 1200 MFP
101 FAX
102 Scanner 103 Printer 104 Copier 111 PC
112 PC
113 Mail server 150, 151, 152, 153, 154 User DB
210 Controller 211 CPU
212 MEM-P
212a ROM
212b RAM
213 NB
214 SB
215 AGP bus 216 ASIC
217 MEM-C
218 HDD
220 Operation unit 230 FCU
240 Plotter 250 Scanner 260 Engine unit 300 Operation panel 301 Initial setting key 302 Copy key 303 Copy server key 304 Printer key 305 Transmission key 306 Numeric keypad 307 Clear / stop key 308 Start key 309 Preheating key 310 Reset key 320 LCD touch panel 401, 1202 judgment Unit 402 encryption processing unit 403 e-mail transmission unit 404 storage unit 405 location data transmission unit 406 target data transmission unit 407 authentication unit 408, 1201 selection reception unit 409 secret state securing unit 410 history addition unit 411 authentication unit 421 HTTPS processing unit 422 SFTP processing unit 451 public key storage unit 452 document data storage unit 1001 encrypted document data generation unit 1002 encrypted document transmission unit 1401 communication means selection field 402 user ID
1403 Selection item

Claims (13)

An encryption processing means for performing encryption processing on the e-mail;
First determination means for determining whether or not the e-mail encrypted by the encryption processing means can be decrypted at a transmission destination;
A communication information storage unit that associates a transmission destination with a secret securing unit that secures a secret state by communication with the transmission destination, which is a criterion for determining whether or not the transmission destination can log in to the own device. When,
When it is determined by the first determination means that the decryption process cannot be performed at the transmission destination, the transmission is performed based on the secret securing means associated with the transmission destination by the communication information storage means. Second determination means for determining whether or not it is possible to log in to the device from the beginning;
If it is determined not to be logged by the second determination means, the transmission target information was scheduled to be transmitted as the e-mail, the destination using the secret securing means available, to the destination An alternative delivery means to deliver,
An information processing apparatus comprising: The alternative delivery means, if it is determined not to be logged by the second determining means, wherein when a secret state in communication with the destination is secured by a secret securing means, before Symbol transmission target information Comprising information transmission means for transmitting a request at the request of the destination ,
And a storage unit that stores the transmission target information in a storage unit when the second determination unit determines that login is possible .
The information processing apparatus according to claim 1, wherein the this. Position information transmitting means for transmitting the position information stored in the storage means to the transmission destination when the transmission target information is stored in the storage means by the storage means;
The information processing apparatus according to claim 2, further comprising: The alternative delivery means comprises a plurality of secret state securing means for securing a secret state of communication with the transmission destination;
The information processing apparatus according to claim 3. The location information transmitting means transmits an expiration date with which the transmission target information stored in the storage means can be delivered to the transmission destination together with the location information.
The information processing apparatus according to claim 3 or 4, characterized in that: History storage means for storing user history information for holding a user who has received the transmission target information as a history;
Authentication means for authenticating the user of the destination;
When the transmission target information is delivered to the user authenticated by the authentication means, the user identification information unique to the user is included in the delivery user history information stored in the history storage means. A history adding means for adding
The information processing apparatus according to any one of claims 2 to 5, further comprising a. History storage means for storing user number history information that holds the number of destinations that have received the transmission target information;
A history adding means for adding the number of users of the user number history information stored in the history storage means when the transmission information is delivered by the alternative delivery means;
The information processing apparatus according to any one of claims 2 to 5, further comprising a. The alternative delivery means is
If it is determined not to be logged by the second determining means by said second determination means, encryption to the transmission target information, subjected to the destination decoding processing capable encryption Encrypted document information generating means for generating document information;
An encrypted document transmitting means for transmitting an e-mail attached with the encrypted document information to the transmission destination;
The information processing apparatus according to claim 1, further comprising: The first determining means determines, for each transmission destination, whether or not it is possible to perform decryption processing at the transmission destination when sending an e-mail to a plurality of transmission destinations;
The information processing apparatus according to any one of claims 1 to 8 . The alternative delivery means is
Selection accepting means for accepting selection of the secret securing means common to the plurality of transmission destinations from the user when the first judgment means determines that the decryption processing cannot be performed at the plurality of transmission destinations. And comprising
Passing to the plurality of destinations using the secret securing means selected by the selection accepting means;
The information processing apparatus according to claim 9 . The alternative delivery means is
A selection receiving unit that receives selection of the secret securing unit for each transmission destination from a user when it is determined by the determination unit that the decryption process cannot be performed at a plurality of transmission destinations;
Passing for each transmission destination using the secret securing means selected by the selection accepting means;
The information processing apparatus according to claim 9 . The encryption processing means performs an encryption process on the e-mail using a different public key for each destination,
The first determining means determines whether or not a public key corresponding to the transmission destination is provided;
The information processing apparatus according to any one of claims 1 to 11, wherein the. A key request transmission unit that transmits a request to the transmission destination to send a public key, when the first determination unit determines that the public key corresponding to the transmission destination is not provided;
The information processing apparatus according to any one of claims 1 to 12, further comprising a.

Images