JP2007094821A - Secure network printing system and program therefor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To perform print processing of a plurality of print jobs by only one-time authentication in a print server even when the plurality of print jobs are stored, and to prevent an interrupt of another print job when processing the plurality of print jobs. <P>SOLUTION: A client terminal generating the print job and performing a print instruction has: a status discrimination means for discriminating status information of a print spool area; an individual authentication means; a print job information acquisition means for acquiring print job identification information of the print spool area; and a status control means for controlling the status information. By acquiring the print job identification information of the print spool area, the print job performed with the print processing by the one-time authentication can be restricted to the print job stored in the print spool area at a time point of authentication completion. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a network printing system that transmits and receives print data (print job) via a communication network, and more particularly to a secure / authenticated function suitable when a plurality of data processing means share one printer via a communication network. The present invention relates to a technology of a network printing system and a secure network printing program.

In recent years, information infrastructure has been developed in various corporate offices, and a network printing system in which a plurality of data processing devices (client terminals) and printing devices (printer terminals) are connected via a communication network has become widespread. ing.
In this network printing system, printing is performed in the order in which print jobs are sent from the client terminal, or printing is performed based on priority order information added to the print job.
In such a network printing system, the printer terminal is placed in a shared environment with a plurality of client terminals. Therefore, when a print job sent from a certain client terminal is output from the printer terminal, the printer terminal is output. There is a risk that an undocumented document may touch eyes other than the specific user who instructed printing.
Therefore, in such a network printing system, in order to prevent others from seeing the print result, the user goes to the vicinity of the printer terminal immediately after sending the print job from the client terminal, and the print result is discharged. Had to wait until.
Also, if the user does not collect the print result immediately after sending the print job, the printed paper is left as it is, resulting in problems such as loss of print result, corruption, theft, or information leakage There was something to do.

  Therefore, a network printing system that authenticates each individual user using information that represents the physical characteristics of the user, such as fingerprints and voiceprints, that are difficult to counterfeit and is less likely to be lost or stolen, is proposed. (For example, Patent Document 1). The network printing system disclosed in Patent Document 1 adds fingerprint information to a print job, spools the print job from a client terminal to a print server, and prints the fingerprint information included in the spooled print job and the print server. Only when it is determined that the fingerprint information transmitted from the apparatus matches, the print job is transmitted to the printing apparatus.

  In addition, a fingerprint input device is provided for each of the client terminal and the print server connected via the network, and when the user issues a print instruction from the client terminal, the fingerprint input is performed at the client terminal, and printing is actually performed from the printing device. There is also known a network printing system that transmits a print job from a client terminal to a print server and prints it out when a fingerprint is verified by performing a fingerprint input in the print server even when executing.

JP 2001-051915 A

In the conventional network printing system described above, personal authentication is performed for each print job. Therefore, when a plurality of print jobs are stored in the client terminal, the user needs to input authentication on the print server for each print job. It was.
Such an authentication input for each print job is not always convenient for the user.

The present invention has been made in view of the above circumstances, and even when a plurality of print jobs are accumulated in a client terminal, a technique in which a plurality of print jobs are printed by only one authentication at the print server. Is to provide.
Further, the present invention also provides a technique for preventing interruption of other print data when a plurality of print jobs are printed by only one authentication.

  An object of the present invention is to provide a secure network printing system that is more convenient for the user by using these techniques.

  In order to achieve the above object, the following aspects of the invention are provided.

According to a first aspect of the present invention, at least one client terminal that generates a print job and gives a print instruction and a print server that receives the print job are connected via a network, and the print instruction from the client terminal A network printing system for transferring a print job to the printing apparatus via the print server and performing a printing process,
The client terminal is
A status determination means for determining status information of the print spool area;
A personal authentication means for performing personal authentication of the user based on whether or not the user identification information registered or input in advance matches the user identification information received from the print server;
Print job information acquisition means for acquiring print job identification information in the print spool area;
-Status control means for controlling the status information;
Comprising at least
The print server
-User identification information acquisition means for inputting user identification information and transmitting the input user identification information to the client terminal;
A secure network printing system is provided.

According to the first aspect of the invention, even when a plurality of print jobs are stored in the client terminal, the plurality of print jobs are processed by only one authentication at the print server.
Also, by acquiring the print job identification information in the print spool area, it is possible to limit the print jobs that are printed by one authentication to the print jobs that are stored in the spool at the time of authentication completion.

According to a second aspect of the present invention, at least one client terminal that generates a print job and issues a print instruction and a print server that receives the print job are connected via a network. A network printing system that performs a printing process by transferring a print job to the printing apparatus via the print server according to a print instruction,
The client terminal is
A status determination means for determining status information of the print spool area;
User identification information acquisition means for transmitting user identification information registered or input in advance to the print server;
Print job information acquisition means for acquiring print job identification information in the print spool area;
-Status control means for controlling the status information;
Comprising at least
The print server
Personal authentication means for inputting user identification information, and performing personal authentication of the user based on whether or not the input user identification information matches the user identification information received from the print server;
A secure network printing system is provided.

According to the invention of the second aspect, as in the invention of the first aspect described above, even when a plurality of print jobs are stored in the client terminal, a plurality of print jobs can be obtained by only one authentication at the print server. Will be printed.
The difference from the first aspect of the invention is that in the first aspect of the invention, the client terminal has personal authentication means, and in the second aspect of the invention, the print server has, In the invention, the user identification information acquisition means included in the print server is included in the client terminal in the invention of the second aspect.

  Further, according to the third aspect of the present invention, in the first aspect and the second aspect, the status information includes at least the presence / absence of a print job, unauthenticated, and authenticated status, and is stored in the shared memory. A secure network printing system is provided.

  According to the third aspect of the invention, by referring to the status information, it is possible to obtain information when the previous print job is processed, and based on this, authentication processing such as authentication input and authentication verification is performed. It is possible to determine whether or not authentication processing is required for each print job.

  According to a fourth aspect of the present invention, in the first to third aspects, the client terminal transmits a Lock signal to the print server when the authentication result by the personal authentication means matches. Provided is a secure network printing system that further includes a lock processing unit and an unlock processing unit that transmits an unlock signal to the print server when processing for all print jobs is completed, and can perform exclusive control of the print server. The

  According to the fourth aspect of the invention, even when a plurality of print jobs are to be processed by a plurality of client terminals on the network, the interruption of other print jobs can be prevented by performing exclusive control of the print server. Can do.

  Further, according to a fifth aspect of the present invention, in the fourth aspect, the Lock processing means refers to the Lock / Unlock information data, and prints the Lock / Unlock information data in the Lock state when not in the Lock state. A secure network printing system is provided in which a lock signal is transmitted to the server, and the unlock processing means transmits the unlock signal to the print server to bring the lock / unlock information data into the unlock state.

  According to the fifth aspect of the invention, when there are a plurality of print job processing means in the client terminal, between each print job processing means (for example, port monitor program processing described in an embodiment described later). The exclusive control of the print server can be performed.

  From the sixth aspect of the present invention, in the first to fifth aspects, the personal authentication means is based on at least one of a user ID, a password, an IC card, a fingerprint, and biometric information. Provided is a secure network printing system characterized by performing personal authentication of a user.

  According to the sixth aspect of the invention, a secure terminal for performing personal authentication of a user by connecting peripheral devices such as a key input device, a fingerprint sensor and other biometric authentication sensors, and an IC card reader to the client terminal and the print server. A network printing system can be constructed.

According to a seventh aspect of the present invention, at least one client terminal that generates a print job and gives a print instruction and a print server that receives the print job are connected via a network, and the print instruction from the client terminal A program that runs on the client terminal in a network printing system that transfers a print job to a printing device via the print server and performs a printing process,
A status determination step for determining status information of the print spool area;
A personal authentication step for performing personal authentication of the user based on whether or not the user identification information registered or input in advance matches the user identification information received from the print server;
A print job information acquisition step for acquiring print job identification information in the print spool area;
A status control step for controlling the status information;
A secure network printing program is provided.

  From an eighth aspect of the present invention, according to the seventh aspect, provided is a secure network printing program in which status information comprises at least the presence / absence of a print job, an unauthenticated status, and an authenticated status, and is stored in a shared memory Is done. Thus, by referring to the status information, it is possible to obtain information when the previous print job was processed, and to determine whether or not to perform authentication processing such as authentication input and authentication verification based on the information. Authentication processing for each print job can be made unnecessary.

  Further, from the ninth aspect of the present invention, in the seventh and eighth aspects, a lock processing step of transmitting a lock signal to the print server when the authentication result in the personal authentication step is identical, An unlock processing step of transmitting an Unlock signal to the print server when processing for the print job is completed, and a secure network printing program capable of exclusive control of the print server is provided. Accordingly, even when a plurality of print jobs are to be processed by a plurality of client terminals on the network, interruption of other print jobs can be prevented by performing exclusive control of the print server.

  Also, from a tenth aspect of the present invention, in the ninth aspect, the Lock processing step refers to Lock / Unlock information data and sets the Lock / Unlock information data to the Lock state when not in the Lock state. The Lock signal is transmitted to the print server, and the Unlock processing step transmits an Unlock signal to the print server to set the Lock / Unlock information data to the Unlock state, thereby enabling each print job to be transmitted. A secure network printing program capable of exclusive control of the print server between processing means (for example, port monitor program processing described in an embodiment described later) is provided.

  According to an eleventh aspect of the present invention, in the seventh to tenth aspects, the personal authentication step is based on at least one of a user ID, a password, an IC card, a fingerprint, and biometric authentication information. A secure network printing program for authentication is provided. As a result, a secure network printing system for performing personal authentication of a user can be constructed by connecting peripheral devices such as a key input device, a fingerprint sensor and other biometric authentication sensors, and an IC card reader to the client terminal and the print server.

The secure network printing system according to the present invention has an effect that even when a plurality of print jobs are stored in the client terminal, a plurality of print jobs can be printed by only one authentication at the print server.
Further, when a plurality of print jobs are printed by only one authentication, there is an effect of preventing interruption of other print data.
According to the present invention, it is possible to provide a secure network printing system that enhances confidentiality in printing important documents and is more convenient for the user.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. However, the scope of the invention is not limited to the illustrated examples.

  FIG. 1 is a schematic system configuration diagram of a secure network printing system in which a fingerprint sensor and a print server are combined. Client terminals (1a, 1b, 1c) such as personal computers (PCs) are connected to the print server 4 via a network communication line 3 such as a LAN. Each of the client terminals (1a, 1b, 1c) and the print server 4 is connected to fingerprint sensors (2a, 2c, 2d) as peripheral devices. The print server 4 is connected to a printing apparatus (printer) 5.

  When the person who has issued the print instruction at the client terminal places his finger on the fingerprint sensor 2d next to the print server 4 and is authenticated that the print belongs to the person himself, the print job placed in the personal computer is displayed. It is transferred to a printing apparatus and printing is executed. By using this solution, even if the network printer in the office is away from his / her desk, it is possible to print the confidential document 6 that the other person does not want to see with confidence.

Here, there are a client terminal to which a fingerprint sensor is connected (for example, client terminals 1a and 1c) and a terminal to which a fingerprint sensor is not connected (for example, client terminal 1b).
When a fingerprint sensor is connected to the client terminal, authentication can be performed by inputting fingerprint data from the connected fingerprint sensor at the time of login or print command.
On the other hand, if the fingerprint sensor is not connected to the client terminal, the fingerprint is entered and registered in advance from the client terminal or server to which the fingerprint sensor is connected, and the fingerprint information is managed as a database on the client terminal or server. By doing so, it is possible to omit the input of fingerprint data at the time of a print command and use the fingerprint data of the database for authentication.

Next, FIG. 2 shows a program function block diagram of the client terminal.
The following procedures (1) to (8) for printing will be described below with reference to FIG.
(1) First, when a user issues a print instruction from an application 11 such as word processing software on the client terminal 1 such as a personal computer, the print data is converted by the printer driver 12, stored in the print spool area 20 of the client terminal, and printed. Job 1 is generated (print job 1 in the figure).
(2) When a print job is generated, the port monitor program 14 serving as a print job processing unit is activated. The port monitor program 14 establishes a network connection with a print server (not shown).
(3) The port monitor program 14 displays a fingerprint input screen on the client terminal monitor for personal authentication in the client terminal.
(4) When a user inputs a fingerprint from a peripheral device such as the fingerprint sensor 2 connected to the client terminal, the fingerprint image data is analyzed by the fingerprint processing program 15, the fingerprint feature point data is extracted, and the memory of the client terminal Saved in.
(5) Next, the user moves to the installation location of the print server and inputs a fingerprint from a peripheral device such as a fingerprint sensor connected to the print server.
(6) The fingerprint image data is encrypted and transmitted from the print server to the client terminal.
(7) The client terminal analyzes the received fingerprint image data, extracts fingerprint feature point data, and collates it with already stored fingerprint feature point data.
(8) If the collation result is OK, the port monitor program 14 sends the print job 1 stored in the print spool area 20 of the client terminal to the print server and prints it out from the printer connected to the print server. The

In the above procedure, the port monitor program 14 of the client terminal is activated for each print job, and when a plurality of print jobs are stored in the client terminal, the user prints a fingerprint on the print server for each print job. Input is required.
In other words, the port monitor program 14 has a function of prompting the user to input a fingerprint and transmitting a print job stored in the print spool area 20 to the print server when the fingerprint collation is OK. However, the port monitor program 14 is called for each print job.
The function of the port monitor program will be specifically described on the assumption that a plurality of print jobs (for example, Job1 and Job2) are stored in the print spool area 20.

First, the port monitor program 14 is called for the print job 1 (Job 1). Thereafter, when the collation of the fingerprint is confirmed, the port monitor program 14 performs Job1 processing. The port monitor program 14 once terminates itself after completing the processing of Job1. However, since the print job 2 (Job2) remains in the spool area 20, the port monitor program 14 for Job2 is called again. However, this is called as a new program separate from the port monitor program for Job1. In other words, the port monitor program for Job2 does not have any information (for example, information that fingerprint collation is OK) when Job1 is processed.
This means that when the same user issues a plurality of print instructions and a plurality of print jobs are stored in the print spool area 20, a fingerprint input is required for each print job.
Therefore, in the present invention, when the same user issues a plurality of print instructions and a plurality of print jobs are stored in the print spool area, the fingerprint verification OK information is also obtained for a port monitor program that can be started later. The information of the previous fingerprint verification OK is recorded as status information in a shared memory that can be accessed globally by the program.

Here, the shared memory stores status information and print job identification information described below in the print spool area.
The status information includes at least the presence / absence of a print job and the print job authentication status (unauthenticated or authenticated status). In the embodiment described below, A: no job, B: unauthenticated, and C: authenticated are used as status information.
The print job identification information includes at least the number of print jobs or the print job ID.
More specifically, the number of print jobs counts the number of print jobs accumulated in the print spool area. The print job ID information is information acquired from the job ID list of print jobs stored in the print spool area.

FIG. 3 shows a hardware configuration diagram of the client terminal. The client terminal 1 includes a CPU 31 that controls its operation, a RAM (random access memory) 33 that temporarily stores programs and data that the CPU 31 refers to when it is executed, and a ROM (a ROM that stores predetermined programs that the CPU 31 executes). Read-only memory) 32, a hard disk 36 as auxiliary storage means for storing a port monitor program, a print job monitoring program, and the like, a display input unit connected to an input device such as a keyboard and a mouse and a display device such as a display 34, a network I / F 35 for communicating via a network such as a LAN (local information communication network), and an external I / F 37 connected to the fingerprint sensor 2 as an authentication input device.
A shared memory in which the above-described status information and print job identification information are stored exists on the RAM 33.

  FIG. 4 shows a program function block diagram of the print server. As shown in FIG. 4, the print server 4 includes a network processing program 41 that communicates with a client terminal via a network such as a LAN, a fingerprint processing server program 42 that processes fingerprint image data input from a fingerprint sensor, 5 includes a print job output program 43 for outputting a print job, a display / audio control program 44 for controlling an LED / buzzer 46 such as an operation panel of the print server, and a lock / unlock processing server program 45 for performing exclusive control. The

  FIG. 5 shows an H / W configuration diagram of the print server. As shown in FIG. 5, the print server 4 has the same H / W configuration as the client terminal 1 described above. The CPU 51 controls the overall operation of the print server 4, the ROM 52 and RAM 53 that store programs and data, the LAN, and the like. A network I / F 55 for communication via the network, an external I / F 57 connected to the fingerprint sensor 2 as an authentication input device, a display / sound output unit 54 such as an LED / buzzer, and a printer. A printer I / F 56 is provided.

Next, a processing flow of the secure network printing system according to the present invention will be described. For the sake of explanation, the processing flow of the conventional secure network printing system is shown in FIG. 6 as a comparison.
FIG. 7 shows a processing flow of the secure network printing system according to the present invention.

A processing flow of the conventional secure network printing system will be described with reference to FIG. In the client terminal, when printing is executed from an application such as data processing (S31), a print job is stored in the print spool area 20 by the printer driver, and printing preparation (S32) is performed.
In the process of the conventional secure network printing system, the fingerprint input screen is then displayed by the port monitor program, and fingerprint image data is input from the fingerprint sensor 2 connected to the client terminal (fingerprint input (S33)). The input fingerprint image data is analyzed, and fingerprint feature point data is extracted and stored.

Thereafter, when the person moves to the print server and inputs the fingerprint in the same manner from the fingerprint sensor 2 of the peripheral device of the print server, the fingerprint image data is transmitted from the print server to the client terminal (fingerprint input / transmission (S35)). The fingerprint feature point data is collated at the client terminal (fingerprint analysis / collation (S34)).
If the fingerprint collation result is OK, the print job is transmitted from the client terminal (S36), the print job is received by the print server (S37), and the document is printed out from the connected printer 5 (printing). Job output (S38)).

  In the above description, the fingerprint image data is extracted by analyzing the fingerprint image data in the client terminal. However, the fingerprint feature point data may be extracted by analyzing the fingerprint image data in the print server. Absent.

The process of the secure network printing system of the present invention will be described below with reference to FIG. 7 while comparing with the process of the conventional secure network printing system described above.
The status determination (S41), print job identification information acquisition (S42), and status control (S43), which were not included in the processing of the conventional secure network printing system shown in FIG. Even when a plurality of print jobs are stored in the print spool area, a plurality of print jobs are printed by only one authentication at the print server.

In the client terminal, when printing is executed from an application such as data processing (S31), a print job is stored in the print spool area 20 by the printer driver, and printing preparation (S32) is performed.
After the print preparation (S32) is performed, the status information stored in the shared memory 21 is referred to, and the status determination (S41) is performed.

Here, the status information includes the print job authentication status (unauthenticated or authenticated status), and the processing of the port monitor program differs depending on the print job authentication status. Details will be described in the processing of the port monitor program described later, but it is determined whether or not the status control (S43) is performed based on the result of the status determination (S41).
The status information includes information on the presence / absence of a print job, but when the print job is saved in the print spool area 20 by the printer driver and the print preparation (S32) is performed, the print job monitoring program always prints. Updated with information that there is a job.
In the status determination (S41), the print job identification information (print job ID, number of print jobs) stored in the shared memory 21 is referenced to check whether or not there is a print job ID of itself. Also based on this result, it is determined whether or not the status control (S43) is performed.

Thereafter, a fingerprint input screen is displayed by the port monitor program, and fingerprint image data is input from the fingerprint sensor 2 connected to the client terminal (fingerprint input (S33)). The inputted fingerprint image data is analyzed, and fingerprint feature point data is extracted and stored.
When the person moves to the print server and inputs a fingerprint in the same manner from the fingerprint sensor 2 of the peripheral device of the print server, the fingerprint image data is transmitted from the print server to the client terminal (fingerprint input / transmission (S35)), and the client terminal The fingerprint feature point data is collated in (Fingerprint analysis / collation (S34)).

  If the fingerprint collation result is OK, the print job identification information including the number of print jobs and the print job ID is acquired (S42). The print job ID and the number of print jobs are acquired from the job ID list of print jobs stored in the print spool area at the time of completion of authentication when the fingerprint collation result is OK.

  The status control (S43) following the acquisition of the print job identification information (S42) stores the acquired print job ID and the number of print jobs as status information in the shared memory 21, and sets the authentication status of the print job to the authenticated status. It is a process to update.

At the client terminal, the print job is transmitted (S36) to the print job stored in the print spool area 20, the print server receives the print job (S37), and the document is printed from the connected printer 5. This is output (print job output (S38)).
In the client terminal, status control (S43) processing is performed, and status information and print job identification information (print job ID, number of print jobs) are updated.

  The status determination (S41), print job identification information acquisition (S42), and status control (S43), which are the points of the present invention, are processed mainly by the port monitor program that is a print job processing unit. In the following embodiment, the processing flow of the entire system will be described while paying attention to the port monitor program.

Hereinafter, a print processing flow for an embodiment of the secure network printing system according to the present invention will be described.
Hereinafter, description will be given with reference to FIG. 8 showing the processing flow of the port monitor program and FIG. 2 showing the program function block diagram of the client terminal.

(A) When a user issues a print instruction from the application 11 on the client terminal 1, the print data is stored in the print spool area 20 via the printer driver 12 (for example, print job 1 is stored). ).
(B) The print job monitoring program 13 monitors (polls) the print spool area 20 and writes “unauthenticated (= B)” in the status information on the shared memory 21 when the print job 1 is saved. .
(C) When the print job is saved, the port monitor program 14 is called to process the print job 1. The port monitor program 14 refers to the shared memory 21 and displays the fingerprint image input screen on the monitor of the client terminal because the status information is “unauthenticated (= B)”.
(D) When the user inputs a fingerprint from the fingerprint sensor 2, the fingerprint processing program 15 analyzes the fingerprint image data to generate and store feature point data.
(E) When the user executes the second print instruction in a situation where the print job 1 is stored in the print spool area 20, the printer driver converts the second print data, and the print job is stored in the print spool area 20. Saved (for example, print job 2 is stored).
(F) The user moves to a place where the print server is located and inputs a fingerprint from the fingerprint sensor of the print server.
(G) The fingerprint image is encrypted and sent to the client terminal via the network, and fingerprint analysis / collation processing is performed at the client terminal.
(H) If the fingerprint collation result is OK, the fingerprint processing program notifies the port monitor program 14 to that effect.
(I) The port monitor program 14 changes the status information of the shared memory 21 to “authenticated (= C)”, and stores the number of jobs “2” and the print job IDs “1, 2”. Then, the print job 1 is transmitted to the print server.
(J) When the print job 1 ends, the port monitor program 14 changes the number of jobs in the shared memory 21 to “1” and the print job ID “2”.
(K) Since the print job 2 remains in the print spool area 20, the port monitor program is newly started to process this. The new port monitor program refers to the shared memory, determines that the fingerprint information has already been completed because the status information is “authenticated (= C)” and the print job ID is “2”. The print job 2 is transmitted to the print server, and the process ends.
(L) The print server sequentially transmits the received print jobs to the printer, and prints out the output from the printer.
(M) When the port monitor program detects that there is no job in the print spool area when the print job 2 ends, the status information in the shared memory is rewritten to “no job (= A)”.

Store the number of print jobs in the print spool area and the print job ID information in the shared memory when fingerprint authentication is completed, and print only the jobs accumulated in the print spool area at the time of authentication Constitute.
In this case, when the fingerprint authentication is completed, the port monitor program confirms and stores the number of print jobs and the print job ID in the print spool area.
After authentication, if a print job is stored in the print spool area due to a new print instruction, when the print job starts printing, its own print job ID is not stored in the shared memory. The information is changed to “unauthenticated (= B)”.
As a result, print jobs stored in the print spool area at the timing after the completion of fingerprint authentication will not be printed by the previous authentication, and a print job to be printed by one authentication will be printed when authentication is completed. It can be limited to print jobs stored in the spool area.

Next, preventing the interruption of a print job from another client terminal connected via a network will be described as a second embodiment.
FIG. 9 shows an interrupt prevention process flow diagram of a print job from another client terminal on the network according to the second embodiment.

First, when the fingerprint is verified and the authentication is OK, the port monitor program 14 in the client terminal 1 gives a Lock completion signal to the Lock / Unlock processing program 16. In response to this, the lock / unlock processing program 16 transmits a lock signal to the print server 4. When the print server 4 receives the Lock signal, it shifts to an exclusive state, and accepts print jobs from other client terminals until it receives the Unlock signal, but waits for printing (during this time, a plurality of print jobs in the print spool area are sent to the print server 4. Send processing).
When all the print jobs in the print spool area are transmitted (when there is no authenticated print job), the port monitor program 14 gives an Unlock signal to the Lock / Unlock processing program 16. The Lock / Unlock processing unit transmits an Unlock signal to the print server 4, and in response to this, the print server 4 cancels the exclusive state (starts printing stopped from other client terminals).

  In order to prevent the lock state from being unable to be released if communication cannot be performed, such as when the power is turned off after the client terminal or the print server is locked, A timeout time is provided at both the client terminal and the print server. It is also possible to include a mechanism (timeout process) that measures a certain time after the end of the last communication and automatically cancels it after that time.

  As for the lock / unlock processing, the client terminal ID information can be exchanged between the client terminal and the print server, and the client terminal that is subject to lock control can be identified. By doing so, for example, the lock state of the print server is not released by an erroneous Unlock signal from another client terminal.

Next, when there are a plurality of port monitor programs in a single client terminal, a case where a print job interruption is prevented inside the client terminal will be described as a third embodiment.
FIG. 10 is a flowchart of a print job interruption prevention process in the client terminal 1 when there are a plurality of port monitor programs (14a, 14b) as print job processing means in a single client terminal 1. ing.

In the description of the third embodiment, it is assumed that the port monitor program 1 (14a) has the control right first and the port monitor program 2 (14b) has the control right next. The Lock / Unlock processing program 16 performs exclusive control on the print server 4 and also performs exclusive control on a plurality of port monitor programs (14a, 14b).
(A) The port monitor program 1 (14a) collates the fingerprint and gives a lock signal to the lock / unlock processing program 16 in the case of authentication OK.
(A) In response to this, the lock / unlock processing program 16 transmits a lock signal to the print server 4 and at the same time lock / unlock information in the shared memory 21 so that printing from the port program 2 (14b) is not interrupted. Since the data is referred to and the data is not in the Lock state, this is set to the Lock state, and then a Lock OK signal is given to the port monitor program 1 (14a).
(C) When the print server 4 receives the lock signal, the print server 4 shifts to an exclusive state and accepts print jobs from other client terminals until it receives the unlock signal, but waits for printing (during this time, multiple print jobs in the print spool area are printed. Sent to the server).
(D) The port monitor program 1 (14a) receives the Lock OK signal from the Lock / Unlock processing program 16 and starts the printing process.
(E) The port monitor program 2 (14b) collates the fingerprint and gives a Lock signal to the Lock / Unlock processing program 16 if the authentication is OK.
(F) Upon receiving this, the lock / unlock processing program 16 sends a lock signal to the print server 4 and simultaneously refers to the lock / unlock information data in the shared memory 21 to write the lock information into the shared memory 21. However, since the port monitor program 1 (14a) is already in the Lock state, it cannot be locked.
(G) The port monitor program 2 (14b) that has received Lock NG from the Lock / Unlock processing program 16 continues to periodically call the Lock / Unlock processing program 16 until a Lock OK signal is given (polling Lock / Unlock processing) Continue).
(H) When all the print jobs in the print spool area are transmitted (when there is no authenticated print job), the port monitor program 1 (14a) gives an Unlock signal to the Lock / Unlock processing program 16.
(G) The Lock / Unlock processing program 16 transmits an Unlock signal to the print server 4, and the print server 4 releases the exclusive state in response to this (starts printing stopped from other client terminals). Simultaneously with the release, the lock / unlock information data of the shared memory 21 is set to the unlock state.
(K) Upon receiving the Lock signal received from the port monitor program 2 (14b) that is polling for Lock / Unlock processing, the Lock / Unlock processing program 16 transmits the Lock signal to the print server 4 and at the same time, the shared memory The lock information is written in 21 and a Lock OK signal is given to the port monitor program 2 (14b).
(S) When receiving the Lock signal, the print server 4 shifts to the exclusive state, and accepts print jobs from other client terminals until receiving the Unlock signal, but waits for printing (during this time, multiple print jobs in the print spool area are printed) Transmission processing to the server 4).
(F) The port monitor program 2 (14b) receives the Lock OK signal from the Lock / Unlock processing program 16 and starts the printing process.
(S) The port monitor program 2 (14b) gives an Unlock signal to the Lock / Unlock processing program 16 when all the print jobs in the print spool area are transmitted (when there is no authenticated print job).
(C) The Lock / Unlock processing program 16 transmits an Unlock signal to the print server 4, and in response to this, the print server 4 cancels the exclusive state (starts printing stopped from other client terminals). Simultaneously with the cancellation, Unlock information is written to the shared memory 21.

The shared memory in this case secures an area for each “IP address + logical port name” of the print server, for example. In this way, ports with the same "IP address + logical port name" as communication destinations each refer to the same shared memory, and printing from the same client terminal in parallel to the same communication destination is prevented. Benefits arise.

By using the present invention, it is possible to print out all of a plurality of print jobs in the client terminal by simply inputting a fingerprint once at the print server. Therefore, secure network printing is more convenient for the user. It is useful as a system or secure network printing program.
Further, by using the present invention, it is not interrupted by a print job from another client terminal or by a print job from a different port in the same client terminal when processing a plurality of print jobs. Therefore, it is useful as a secure network printing system or a secure network printing program with higher confidentiality.

Schematic system configuration diagram of a secure network printing system according to the present invention Program function block diagram of client terminal according to the present invention H / W configuration diagram of client terminal Program function block diagram of print server H / W configuration diagram of print server Processing flow of conventional secure network printing system Process flow of secure network printing system according to the present invention Port monitor program processing flow Print job interruption prevention flow from other client terminals on the network Print job interrupt prevention process flow when there are multiple port monitors in a single client terminal

Explanation of symbols

1,1a, 1b, 1c Client terminal
2, 2a, 2c, 2d fingerprint sensor
3 Communication line 4 Print server 5 Printing device (printer)
6 Confidential Document 11 Application 12 Printer Driver 13 Print Job Monitoring Program 14 Port Monitor Program 14a Port Monitor Program 1
14b Port monitor program 2
15 Fingerprint Processing Program 16 Lock / Unlock Processing Program 17 Spooler 20 Print Spool Area 21 Shared Memory 41 Network Processing Program 42 Fingerprint Processing Server Program 43 Print Job Output Program 44 Display / Voice Control Program 45 Lock / Unlock Processing Server Program 46 LED / Buzzer

Claims (11)

At least one client terminal that generates a print job and issues a print instruction and a print server that accepts the print job are connected via a network, and the print job is printed via the print server according to a print instruction from the client terminal. A network printing system that transfers to a device and performs printing processing,
The client terminal is
Status determination means for determining status information of the print spool area;
Personal authentication means for performing personal authentication of the user based on whether the user identification information registered or input in advance matches the user identification information received from the print server;
Print job information acquisition means for acquiring print job identification information of the print spool area;
Status control means for controlling the status information;
Comprising at least
The print server
User identification information acquisition means for inputting user identification information and transmitting the input user identification information to the client terminal;
A secure network printing system comprising: At least one client terminal that generates a print job and issues a print instruction and a print server that accepts the print job are connected via a network, and the print job is printed via the print server according to a print instruction from the client terminal. A network printing system that transfers to a device and performs printing processing,
The client terminal is
Status determination means for determining status information of the print spool area;
User identification information acquisition means for transmitting user identification information registered or input in advance to the print server;
Print job information acquisition means for acquiring print job identification information of the print spool area;
Status control means for controlling the status information;
Comprising at least
The print server
Personal authentication means for inputting user identification information, and performing personal authentication of the user based on whether or not the input user identification information matches the user identification information received from the print server;
A secure network printing system comprising:   3. The secure network printing system according to claim 1, wherein the status information includes at least a print job presence / absence, unauthenticated, and authenticated status, and is stored in a shared memory.   The client terminal includes: a lock processing unit that transmits a lock signal to the print server when an authentication result by the personal authentication unit is coincident; and a process for all print jobs to the print server when the processing is completed. 4. The secure network printing system according to claim 1, further comprising an unlock processing means for transmitting an unlock signal, and performing exclusive control of the print server.   The Lock processing means refers to the Lock / Unlock information data, and when it is not in the Lock state, sets the Lock / Unlock information data to the Lock state and transmits a Lock signal to the print server, and the Unlock processing means 5. The secure network printing system according to claim 4, wherein an Unlock signal is transmitted to the print server to place the Lock / Unlock information data in an Unlock state.   6. The personal authentication unit according to claim 1, wherein the personal authentication unit performs personal authentication of the user based on at least one of a user ID, a password, an IC card, a fingerprint, and biometric information. Secure network printing system. At least one client terminal that generates a print job and issues a print instruction and a print server that accepts the print job are connected via a network, and the print job is printed via the print server according to a print instruction from the client terminal. A program that runs on the client terminal in a network printing system that transfers to a device and performs print processing,
A status determination step for determining status information of the print spool area;
A personal authentication step for performing personal authentication of the user based on whether or not the user identification information registered or input in advance matches the user identification information received from the print server;
A print job information acquisition step for acquiring print job identification information of the print spool area;
A status control step for controlling the status information;
A secure network printing program comprising:   The secure network printing program according to claim 1, wherein the status information includes at least a print job presence / absence, unauthenticated, and authenticated status, and is stored in a shared memory.   A lock processing step of transmitting a lock signal to the print server when the authentication result in the personal authentication step is coincident, and an unlock signal to the print server when processing for all print jobs is completed The secure network printing program according to claim 7, further comprising an unlock processing step, and performing exclusive control of the print server.   The Lock processing step refers to Lock / Unlock information data, and when not in the Lock state, sends the Lock signal to the print server with the Lock / Unlock information data in the Lock state, and the Unlock processing step. The secure network printing program according to claim 9, wherein an Unlock signal is transmitted to the print server to set the Lock / Unlock information data to an Unlock state. The personal authentication step performs personal authentication of a user based on at least one of a user ID, a password, an IC card, a fingerprint, and biometric authentication information. Secure network printing program.