JP2017016204A - Information processing system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processing system configured to easily improve a user authentication function.SOLUTION: An information processing system including one or more information processing apparatuses comprises: a storage unit which stores a security level indicating a level of use permission for each of electronic devices connected to the one or more information processing apparatus; a generation unit which generates a plurality of images indicating the security level for each of users; a transmission unit which transmits the images generated by the generation unit to another apparatus; an acquisition unit which acquires images via a reader equipped in one of the electronic devices; and a determination unit which determines whether to permit a user to use each of the electronic devices, according to the images generated by the generation unit, when the images generated by the generation unit are included in the images acquired by the acquisition unit.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an information processing system.

  Conventionally, it is known that QR code (registered trademark) or the like is used for user authentication for permitting use of an image forming apparatus such as an MFP (Multifunction Peripheral). It is also known to perform entrance / exit management by reading information stored in a medium and authenticating a user.

  Further, Patent Document 1 discloses an entrance / exit management system in which entry qualification is set for each room (room), and only qualified persons having entry qualification are allowed to enter the room. In Patent Document 2, the entrance / exit management server receives the identification information of the person who wants to enter the room from the card reader, determines the operating state of the device (electronic device), and enters the room if the device is not in use. An entrance / exit management system is disclosed in which a person's permission to enter a room is determined, a notification to that effect is sent to the door opening / closing device, and the door is opened so that the person entering the room can enter.

  However, in the authentication so far, hardware (for example, an IC card) used for the authentication has to be distributed and managed for each security level, resulting in a complicated system.

  The present invention has been made in view of the above, and an object thereof is to provide an information processing system that can easily perform authentication according to a security level.

  In order to solve the above-described problems and achieve the object, the present invention is an information processing system including one or more information processing devices, and each of a plurality of electronic devices connected to the one or more information processing devices. A storage unit that stores a security level indicating a permission level, a generation unit that generates a plurality of images indicating the security level for each user, and a plurality of images generated by the generation unit are transmitted to another device. A transmission unit, an acquisition unit that acquires an image via a reading device included in any one of the plurality of electronic devices, and an image generated by the generation unit in the image acquired by the acquisition unit And a determination unit that determines whether or not the user is allowed to use each of the plurality of electronic devices according to the image generated by the generation unit.

  According to the present invention, there is an effect that authentication according to the security level can be easily performed.

FIG. 1 is a diagram illustrating a configuration example of an information processing system according to an embodiment. FIG. 2 is a diagram illustrating a hardware configuration example of the image forming apparatus. FIG. 3 is a diagram illustrating an outline of a software configuration example of the image forming apparatus. FIG. 4 is a diagram showing security information of each electronic device stored in the authentication system server. FIG. 5 is a flowchart showing processing until the authentication system server generates a QR code and stores it as an authentication information database. FIG. 6 is a diagram illustrating a configuration example of the authentication information database. FIG. 7 is a sequence diagram illustrating processing in which the information processing system registers user information in the authentication information database. FIG. 8 is a diagram illustrating an example of a screen displayed by the terminal device during the process of registering in the authentication information database. FIG. 9 is a sequence diagram illustrating processing in which the information processing system deletes user information from the authentication information database. FIG. 10 is a diagram illustrating an example of a screen displayed by the terminal device during the process of deleting from the authentication information database. FIG. 11 is a diagram illustrating transition of a screen displayed by the mobile terminal until the QR code selected by the user is displayed. FIG. 12 is a diagram illustrating processing in which the information processing system performs authentication using a QR code. FIG. 13 is a screen transition diagram illustrating a screen example displayed on the operation panel when the information processing system performs authentication.

  Embodiments of an information processing system will be described below with reference to the accompanying drawings. FIG. 1 is a diagram illustrating a configuration example of an information processing system 1 according to the embodiment. As shown in FIG. 1A, an information processing system 1 includes a terminal device 10 such as a PC (Personal Computer), an authentication system server 11, a building management system server 12, and one or more mobile terminals 13. The plurality of image forming apparatuses 3 and the plurality of entrance / exit management apparatuses 2 are provided. The terminal device 10, the authentication system server 11, the building management system server 12, the mobile terminal 13, the image forming device 3, and the entrance / exit management device 2 can communicate with each other via the network 110.

  The authentication system server 11 is an example of an information processing apparatus, includes a storage unit such as a CPU and a memory, has a function as a computer, manages information on users, devices, and management targets registered in the system and performs authentication. And a function for distributing a QR code generating / decoding program to each medium. That is, the authentication system server 11 has a function as a generation unit that generates a plurality of QR codes indicating the security level for each user.

  The building management system server 12 is an example of an information processing apparatus, includes a storage unit such as a CPU and a memory, has a function as a computer, manages information on a building to be managed, and cooperates with the authentication system server 11 It has a function to do.

  The mobile terminal 13 is, for example, a mobile phone, a smartphone, or a tablet PC, and includes a storage unit such as a CPU and a memory, and an image reading unit such as a camera, and has a function as a computer. The mobile terminal 13 is installed by receiving a QR code function application for generating / decoding a QR code from, for example, the authentication system server 11. The mobile terminal 13 receives and displays an image (authentication image) such as a QR code (registered trademark) or a barcode embedded with information indicating that the user has been authenticated, and the image forming apparatus 3 The QR code displayed on the operation panel 57 (described later) can be read.

  The image forming apparatus 3 stores an address book that enables in-device authentication, and has a function of performing authentication by communicating with the authentication system server 11. The image forming apparatus 3 is an MFP (Multifunction Peripheral), for example, and is connected to an image reading apparatus (image reading unit) 30. The image reading device 30 is a camera that reads an image such as a QR code, for example, and outputs the read image to the image forming device 3. The image reading apparatus 30 may be integrated with the image forming apparatus 3 and may be a part of the functions of the image forming apparatus 3.

  Further, the image forming apparatus 3 may have the functions of the authentication system server 11 and the building management system server 12 inside. The image forming apparatus 3 is installed by receiving a QR code function application for generating / decoding a QR code from, for example, the authentication system server 11. The image forming apparatus 3 is disposed in a room (room) 100 and a room 104 of a building, for example. In addition, at least one of the image forming apparatus 3 and the authentication system server 11 responds to information embedded in the QR code when the image read by the image reading apparatus 30 includes a QR code serving as an authentication image. In addition, each of the plurality of electronic devices has a function as a determination unit that determines whether or not the user is permitted to use, and a permission range. The image forming apparatus 3 is an example of an electronic device, and may be various devices such as a projector, an electronic blackboard, a video conference terminal, and a camera. Moreover, you may comprise so that the function of the authentication system server 11 and the function of the building management system server 12 may be provided in the same server (information processing apparatus).

  The entrance / exit management device 2 includes a reading device 20 and a key (electronic lock) 22 as shown in FIG. Similar to the image reading device 30, the reading device 20 is a camera or the like that reads an image. The key 22 is unlocked when the user is authenticated, and is provided at the entrance of the room (room) 102 and the room 104 of the building.

  The information processing system 1 may be configured to have an authentication function by any one connected to the network 110 such as the image forming apparatus 3, the authentication system server 11, and the building management system server 12.

  Next, the hardware configuration of the image forming apparatus 3 will be described in detail. FIG. 2 is a diagram illustrating a hardware configuration example of the image forming apparatus 3. As shown in FIG. 2, the image forming apparatus 3 includes a main body 40 capable of realizing various functions such as a copy function, a scanner function, a fax function, and a printer function, and an operation unit 50 that receives a user operation. Note that accepting a user operation is a concept including accepting information (including a signal indicating a coordinate value of a screen) input according to the user operation.

  The main body 40 and the operation unit 50 are connected to be communicable with each other via a dedicated communication path 300. The communication path 300 may be, for example, a USB (Universal Serial Bus) standard, but may be of any standard regardless of wired or wireless.

  The main body 40 can perform an operation according to the operation received (received) by the operation unit 50. The main body 40 can also communicate with an external device such as a client PC (personal computer), and can perform an operation according to an instruction received from the external device.

  First, the hardware configuration of the main body 40 will be described. As shown in FIG. 2, the main body 40 includes a CPU 41, a ROM 42, a RAM 43, an HDD (hard disk drive) 44, a communication I / F (interface) 45, a connection I / F 46, and an engine unit 47. These are connected to each other via a system bus 48.

  The CPU 41 comprehensively controls the operation of the main body 40. The CPU 41 controls the overall operation of the main body 40 by executing a program stored in the ROM 42 or the HDD 44 or the like using the RAM 43 as a work area (work area), and the above-described copy function, scanner function, fax function, printer function ( Various functions such as printing function) are realized.

  The communication I / F 45 is an interface for connecting to the network 110, and has functions as a transmission unit and a reception unit (acquisition unit). The connection I / F 46 is an interface for communicating with the operation unit 50 via the communication path 300.

  The engine unit 47 performs processes other than general-purpose information processing and communication for realizing a copy function, a scanner function, a fax function, and a printer function. Further, the engine unit 47 is, for example, a scanner that scans and reads an image of a document, a plotter (image forming unit: output unit) that forms (prints) an image on a recording medium such as paper, and a fax unit that performs fax communication. It also has. Further, a specific option such as a finisher for sorting printed sheet materials or an ADF (automatic document feeder) for automatically feeding a document can be provided.

  Next, the hardware configuration of the operation unit 50 will be described. As illustrated in FIG. 2, the operation unit 50 includes a CPU 51, a ROM 52, a RAM 53, a flash memory 54, a communication I / F 55, a connection I / F 56, an operation panel 57, and an external connection I / F 58. These are connected to each other via a system bus 59. The operation panel 57 may be connected to the image forming apparatus 3 as described above.

  The CPU 51 comprehensively controls the operation of the operation unit 50. The CPU 51 controls the overall operation of the operation unit 50 by executing a program stored in the ROM 52, the flash memory 54, or the like using the RAM 53 as a work area (work area), and information (images) corresponding to the input received from the user. Various functions described later such as display of) are realized.

  The communication I / F 55 is an interface for connecting to the network 110, and has functions as a transmission unit and a reception unit (acquisition unit). The connection I / F 56 is an interface for communicating with the main body 40 via the communication path 300.

  The operation panel 57 accepts various inputs in accordance with user operations and various information (for example, information in accordance with accepted operations, information indicating the operation status of the image forming apparatus 3, information indicating a setting state, and the like). Is displayed. Here, the operation panel 57 is configured by a liquid crystal display device (LCD) equipped with a touch panel function, but is not limited thereto. For example, an organic EL display device equipped with a touch panel function may be used. Further, in addition to or instead of this, an operation unit such as a hardware key and a display unit such as a lamp may be provided.

  The external connection I / F 58 is an interface for connecting to the image reading device 30 and the IC card reader 32 described above. The image reading device 30 is hardware for reading an authentication image. Here, it is assumed that the authentication image is an image in which authentication information indicating authentication is embedded. Hereinafter, the authentication image may be described as authentication information since at least authentication information is embedded. The image reading device 30 is specialized for reading from a photographed information such as a camera or reading a specific authentication image such as a QR code / bar code reader. As described above, the image reading apparatus 30 may be integrated with the image forming apparatus 3.

  Next, an outline of a software configuration example of the image forming apparatus 3 will be described. FIG. 3 is a diagram illustrating an outline of a software configuration example of the image forming apparatus 3. As illustrated in FIG. 3, the main body 40 includes an application layer 401, a service layer 402, and an OS layer 403. The entities of the application layer 401, the service layer 402, and the OS layer 403 are various software stored in the ROM 42, the HDD 44, and the like. Various functions are provided by the CPU 41 executing these software.

  The software of the application layer 401 is application software for operating a hardware resource to provide a predetermined function (in the following description, it may be simply referred to as “application”). For example, examples of the application include a copy application for providing a copy function, a scanner application for providing a scanner function, a fax application for providing a fax function, a printer application for providing a printer function, and the like. The software of the application layer 401 also includes an application that provides a function of creating an authentication image using an ID and password input via the operation panel 57 and printing the authentication image.

  The software of the service layer 402 is software that is interposed between the application layer 401 and the OS layer 403 and provides an interface for using hardware resources included in the main body 40 for the application. More specifically, it is software for providing a function of accepting an operation request for a hardware resource and arbitrating the operation request. The operation request received by the service layer 402 includes a request for reading by a scanner or printing by a plotter.

  Note that the interface function of the service layer 402 is provided not only to the application layer 401 of the main body 40 but also to the application layer 501 of the operation unit 50. That is, the application layer 501 (application) of the operation unit 50 can also realize a function using hardware resources (for example, the engine unit 47) of the main body 40 via the interface function of the service layer 502.

  The software of the OS layer 403 is basic software (operating system) for providing a basic function for controlling hardware included in the main body 40. The software of the service layer 402 converts the use request of hardware resources from various applications into a command interpretable by the OS layer 403 and passes it to the OS layer 403. Then, when the command is executed by the software of the OS layer 403, the hardware resource performs an operation according to the request of the application.

  Similarly, the operation unit 50 includes an application layer 501, a service layer 502, and an OS layer 503. The application layer 501, the service layer 502, and the OS layer 503 provided in the operation unit 50 are also the same as the main body 40 in terms of the hierarchical structure. However, the functions provided by the applications in the application layer 501 and the types of operation requests that can be accepted by the service layer 502 are different from those on the main body 40 side. The application of the application layer 501 may be software for operating a hardware resource included in the operation unit 50 to provide a predetermined function, but mainly functions provided in the main body 40 (copy function, scanner function, fax function). , A printer function), software for providing a UI (user interface) function for performing operations and display.

  In this embodiment, the software of the OS layer 403 on the main body 40 side and the software of the OS layer 503 on the operation unit 50 side are different from each other in order to maintain the independence of functions. That is, the main body 40 and the operation unit 50 operate independently of each other with different operating systems. For example, Linux (registered trademark) can be used as software for the OS layer 403 on the main body 40 side, and Android (registered trademark) can be used as software on the OS layer 503 on the operation unit 50 side.

  As described above, in the image forming apparatus 3, the main body 40 and the operation unit 50 operate with different operating systems. Therefore, communication between the main body 40 and the operation unit 50 is not inter-process communication in a common apparatus. Is performed as communication between different devices. The operation (command communication) for transmitting information (instruction content from the user) received by the operation unit 50 to the main body 40, the operation for the main body 40 notifying the operation unit 50 of an event, and the like correspond to this. Here, the function of the main body 40 can be used when the operation unit 50 performs command communication to the main body 40. Further, the event notified from the main body 40 to the operation unit 50 includes the execution status of the operation in the main body 40 and the contents set on the main body 40 side.

  In the present embodiment, since the power supply to the operation unit 50 is performed from the main body 40 via the communication path 300, the power control of the operation unit 50 is performed separately from the power control of the main body 40 (independently). Can do).

  As described above, the function of each unit of the image forming apparatus 3 is realized by the CPU (41 or 51) executing the program stored in the storage device (for example, ROM 42, HDD 44, ROM 52, flash memory 54, etc.). However, it is not limited to this. For example, at least a part of the functions of each unit of the image forming apparatus 3 may be realized by a dedicated hardware circuit (for example, a semiconductor integrated circuit). In the above-described embodiment, the main body 40 and the operation unit 50 operate independently of each other with different operating systems. However, the present invention is not limited thereto, and for example, the main body 40 and the operation unit 50 operate with the same operating system. Form may be sufficient.

  The programs executed by the image forming apparatus 3 and the like described above are files in an installable or executable format, such as CD-ROM, flexible disk (FD), CD-R, DVD (Digital Versatile Disk), USB. (Universal Serial Bus) or the like may be recorded and provided on a computer-readable recording medium, or may be provided or distributed via a network such as the Internet. Further, various programs may be provided by being incorporated in advance in a nonvolatile recording medium such as a ROM.

  Next, the security level of each electronic device (equipment such as the image forming apparatus 3) stored in the authentication system server 11 will be described. FIG. 4 is a diagram showing security information of each electronic device stored in the authentication system server 11. As shown in FIG. 4, the authentication system server 11 stores device identification information, a target QR code, and a security level for each facility.

  The apparatus identification information is information for identifying equipment such as the image forming apparatus 3 and the entrance / exit management apparatus 2. QR codes have different encryption strengths depending on the generation method and encryption method. For example, QR code generation methods include four generation methods A to D. The security level indicates the level of permission for use of each electronic device. The larger the number, the more severe the security. The security level may be set for each user, for example.

  FIG. 5 is a flowchart showing processing until the authentication system server 11 generates a QR code and stores it as an authentication information database. As shown in FIG. 5, the authentication system server 11 identifies a device (equipment such as the image forming apparatus 3) selected by the image forming apparatus 3 or the portable terminal 13 (S100). Next, the authentication system server 11 refers to the security information shown in FIG. 4 and identifies the target QR code of the device identified in the process of S100 (S102).

  The authentication system server 11 determines whether the QR code specified in the process of S102 has already been created (S104). If the authentication system server 11 determines that the QR code has already been created (S104: Yes), the processing proceeds to S108. If the authentication system server 11 determines that the QR code has not been created (S104: No), the process proceeds to S106.

  The authentication system server 11 generates a target QR code in the process of S106. Further, the authentication system server 11 determines whether all the devices selected by the image forming apparatus 3 or the portable terminal 13 have been specified (S108). If the authentication system server 11 determines that all the devices have been identified (S108: Yes), the process proceeds to S110. If the authentication system server 11 determines that all devices have not been specified (S108: No), the process returns to S100.

  In the process of S110, the authentication system server 11 associates the generated QR code with the user information and stores it as an authentication information database.

  FIG. 6 is a diagram illustrating a configuration example of an authentication information database (user management database). The authentication information database is a database used by the authentication system server 11 for authentication.

  In the authentication information database, ID is a code for identifying a user. The e-mail address and the telephone number are a telephone number and an e-mail address assigned to the user. Further, for each user, a user name is associated with a Pass corresponding to the security level.

  The creation / update date / time is the date / time at which data such as a QR code is issued by new or update. The one-time issue information is management information for a one-time issue period, and includes, for example, a period, an expiration date, and conditions. Further, one or more QR codes are associated with each ID according to the user's authority (security level). Note that information managed in the authentication information database can be arbitrarily expanded, and can follow various authentication patterns. For example, the authentication information database may be associated with a user who is permitted to use the electronic device with a QR code including information indicating whether or not the use of the electronic device is charged.

  Next, processing in which the information processing system 1 registers user information in the authentication information database will be described. FIG. 7 is a sequence diagram illustrating a process in which the information processing system 1 registers user information in the authentication information database. As shown in FIG. 7, when the user inputs user information to the terminal device (PC) 10 (S200), the terminal device 10 transmits the user information to the authentication system server 11 (S202). In the process of S200, the terminal device 10 displays, for example, the screen illustrated in FIG. The authority may be set in advance, or may be set by the user when registering user information.

  The authentication system server 11 registers user information in the authentication information database (S204), and generates a QR code corresponding to the user (S206). Here, the authentication system server 11 refers to the security information shown in FIG. 4 in order to determine which QR code should be generated for each device.

  And the authentication system server 11 transmits QR code with respect to the portable terminal 13 (S208), and performs transmission notification with respect to the terminal device 10 (S210). In the process of S210, the terminal device 10 displays, for example, the screen illustrated in FIG. The portable terminal 13 stores the QR code received from the authentication system server 11 (S212).

  Next, processing in which the information processing system 1 deletes user information from the authentication information database will be described. FIG. 9 is a sequence diagram illustrating processing in which the information processing system 1 deletes user information from the authentication information database. As shown in FIG. 9, the terminal device 10 displays the user information transmitted from the authentication system server 11 to the terminal device 10 in the process of S300 (S302).

  When the user inputs an authority deletion request for the device via the terminal device (PC) 10 (S304), the terminal device 10 transmits a deletion request to the authentication system server 11 (S306). In the process of S304, the terminal device 10 displays, for example, the screens illustrated in FIGS. 10A and 10B in accordance with the user's selection in order.

  The authentication system server 11 performs a process of deleting the selected authority from the authentication information database (S308), specifies a QR code corresponding to the authority to be deleted, and transmits a deletion request to the mobile terminal 13 (S310). . The user deletes the authority (deletes the QR code) in the mobile terminal 13 (S312), and notifies the authentication system server 11 that the deletion is completed (S314).

  Then, the authentication system server 11 transmits to the terminal device 10 that authority deletion (QR code deletion) has been completed (S316). In the process of S316, the terminal device 10 displays, for example, the screen illustrated in FIG.

  Next, a screen that the mobile terminal 13 displays until the QR code selected by the user is displayed will be described. FIG. 11 is a diagram illustrating a transition of a screen displayed by the mobile terminal 13 until the QR code selected by the user is displayed. As shown in FIG. 11, the user displays a standby screen showing a list of devices on the mobile terminal 13 (a). The mobile terminal 13 receives a QR code corresponding to the user (b).

  When the user activates an application for displaying a QR code on the mobile terminal 13, an application activation screen is displayed (c). The user sequentially displays and selects a QR code corresponding to the device authenticated on the application (d, e).

  Next, the authentication operation of the information processing system 1 will be described. FIG. 12 is a diagram illustrating processing in which the information processing system 1 performs authentication using a QR code. As shown in FIG. 12, the user selects a QR code on the mobile terminal 13 (S400). The mobile terminal 13 displays the selected QR code (S402). Then, the image reading device 30 captures the QR code by the user holding the QR code (or the printed QR code) displayed on the terminal device 10 (S404).

  The image reading device 30 transmits the captured image (image including the QR code) to the image forming device 3 (S406). The image forming apparatus 3 analyzes the image received from the image reading apparatus 30 and determines whether the text data indicating the embedded information can be acquired (S408). If the image forming apparatus 3 can acquire the text data (S408: Yes), the process proceeds to S410. If the image forming apparatus 3 cannot acquire the text data (S408: No), the process proceeds to S420.

  The image forming apparatus 3 decodes the QR code (when it is necessary to decode the QR code) (S410). If the image forming apparatus 3 decrypts the image data, the image forming apparatus 3 transmits the decrypted text data to the authentication system server 11 (S412). If decryption is impossible, the process proceeds to S420. If it is not necessary to decode the QR code, when the text data can be acquired in the process of S408 (S408: Yes), the acquired text data is transmitted to the authentication system server 11.

  The authentication system server 11 performs authentication using the QR code (S414). The authentication system server 11 refers to the authentication information database stored in the authentication (S416). Then, the authentication system server 11 transmits the authentication result to the image forming apparatus 3.

  The image forming apparatus 3 performs an operation according to the authentication result (S420). For example, when the image forming apparatus 3 has been authenticated, the image forming apparatus 3 performs a printing operation according to a user operation. Further, when the image forming apparatus 3 cannot authenticate, the image forming apparatus 3 informs the user that the authentication has failed using the operation panel 57 or the like. Then, the image forming apparatus 3 transmits an authentication result to the mobile terminal 13 (S422).

  Note that the information processing system 1 may be configured such that the authentication system server 11 executes all the processes of S408, S410, and S414. Further, the information processing system 1 may be configured so that the image reading apparatus 30 executes S408 and S410. In that case, the image reading device 30 transmits the decrypted text data to the authentication system server 11.

  FIG. 13 is a screen transition diagram illustrating a screen example displayed on the operation panel 57 when the information processing system 1 performs authentication. First, the user performs an input indicating whether or not the authentication image (QR code) is held on the operation panel 57 (a: top screen). When the user holds the QR code, the user holds the QR code according to the screen scanning instruction (b) and obtains authentication permission (c, d).

  When authentication is performed by combining a plurality of QR codes, the operation panel 57 displays a screen message indicating that (b, c). When the QR code is invalid (authentication failure) (e), or when the QR code is not held, the user performs a one-time QR code (substitute authentication image) issuance process (printing) (fi). . For the user ID, a registered ID or telephone number is input (g). The QR code can be selected to be transmitted to a pre-registered mail address or printed on the spot (h, i).

  In other words, the information processing system 1 decodes QR codes having different security levels, and properly uses the authority depending on the level, and determines the authority to enter the room and the authority to operate the device as the authentication result. Further, the information processing system 1 may be configured to invalidate the QR code displayed by the terminal device 10 until the expiration date when the image forming apparatus 3 prints (outputs) the QR code in which the expiration date is embedded. Good. In this case, the authentication system server 11 generates a QR code so that substitution information indicating that the QR code displayed by the terminal device 10 is substituted is embedded in the QR code printed by the image forming apparatus 3.

  By using the system as in this embodiment, the user of the system does not need to distribute / manage hardware (IC card) in which authentication information different for each security level is stored, for example. In addition, a system like this embodiment can flexibly cope with a change in the user's security level. When the security level is changed, the system according to the present embodiment distributes or deletes the QR code corresponding to the security level to the terminal. Therefore, the user can perform authentication corresponding to the changed security level using the same terminal. Further, the present invention is not limited to the specifically disclosed embodiments, and various modifications and changes can be made without departing from the scope of the claims.

DESCRIPTION OF SYMBOLS 1 Information processing system 2 Entrance / exit management apparatus 3 Image forming apparatus 10 Terminal apparatus 11 Authentication system server 12 Building management system server 13 Portable terminal 20 Reading apparatus 22 Key 30 Image reading apparatus 40 Main body 47 Engine part 50 Operation part 57 Operation panel

JP 2004-92057 A JP 2014-161006 A

Claims (8)

An information processing system including one or more information processing devices,
A storage unit for storing a security level indicating a permission level for each of the plurality of electronic devices connected to the one or more information processing apparatuses;
A generating unit that generates a plurality of images indicating the security level for each user;
A transmission unit that transmits the plurality of images generated by the generation unit to another device;
An acquisition unit that acquires an image via a reading device included in any one of the plurality of electronic devices;
If the image acquired by the generation unit is included in the image acquired by the acquisition unit, whether to allow the user to use each of the plurality of electronic devices according to the image generated by the generation unit A determination unit for determining whether or not,
An information processing system comprising: The generator is
The information processing system according to claim 1, wherein a plurality of images encrypted with an encryption strength corresponding to the security level are generated. The determination unit
The information processing system according to claim 1, further comprising determining a user's permitted range for each of the plurality of electronic devices. The generator is
The information processing system according to any one of claims 1 to 3, wherein another image indicating the same security level as the generated image for each user can be generated. The generator is
5. The image according to claim 1, wherein an image including information indicating whether or not the user who is permitted to use the electronic device is charged for using the electronic device is generated. Information processing system. The determination unit
6. The apparatus according to claim 1, wherein the plurality of images generated by the generation unit is used to determine whether or not the user is permitted to use each of the plurality of electronic devices. Information processing system. The generator is
Generating a plurality of images including an expiration date indicating the security level for each user;
The transmitter is
The information processing system according to claim 1, wherein a plurality of images including the expiration date generated by the generation unit are transmitted. An operation unit that accepts input of information necessary for authenticating the user;
An output unit that outputs an image including expiration dates corresponding to a plurality of images generated by the generation unit when the operation unit accepts input of information necessary for authenticating the user;
Further comprising
The determination unit
8. The method according to claim 1, wherein when the output unit outputs an image including an expiration date corresponding to a plurality of images generated by the generation unit, the image transmitted by the transmission unit is invalidated for a predetermined period. The information processing system according to any one of claims.

Images