The present application claims priority to corresponding Japanese Application No. 2004-101063, filed on Mar. 30, 2004, the entire contents of which are hereby incorporated by reference.
1. Field of the Invention
The present invention relates to the network communication device, the method of maintenace of the network communication device, the program, the recording medium, and the maintenance system. More particularly, the present invention relates to the network communication device the maintenance of which is remotely performed according to the maintenance policy specified by the user, the method of maintenance of the network communication device, the program, the recording medium, and the maintenance system.
2. Description of the Related Art
The network communication device, such as the digital multifunctional peripheral or the electronic document filing system, requires the periodical maintenance operations, such as performing an update of the firmware in the device, or supervising the state of the device to prevent the occurrence of an error in the device after the introduction of the device.
Since performing the maintenance operation of the device at the place of its installation is not efficient, a remote maintenance service is performed conventionally. In the case of the conventional remote maintenance service, a telephone line is connected to the digital multi-function peripheral for the maintenance, and the maintenance operation for the device is remotely performed through the telephone line.
For example, the remote maintenance system that can remotely perform the suitable maintenance operation even where the serviceman does not go where the user's device is installed has been proposed. For example, see Japanese Laid-Open Patent Application No. 2000-132364. The remote maintenance system mentioned above can detect an error of the device in the remote place, can determine the classification of the error of the device concerned, and can perform the suitable maintenance operation according to the classification of the error.
In recent years, with the spreading of the networks, the device to perform the maintenance is the network communication device which is connected to the network for the communication with the center system. It is desirable that the network communication device is capable of being connected to not only the telephone line but also the network to perform the remote maintenance through the network.
If the maintenance operation of the maintenance device remotely be performed from the network, there is the advantage that the error recovery operation for the device can be performed immediately.
However, when accessing the user's device through the network freely is permitted, there is the possibility that the security of the user information be demaged. Moreover, the degree of the security available and the requested security varies with users. Therefore, it is difficult to set uniformly how the maintenance of the network communication device is performed.
For this reason, it is desirable that the policy of the maintenance is defined for every user of the network communication device, and how the maintenance is performed through the network according to the maintenance policy concerned is defined. As to how the maintenance of the network communication device capable of performing the remote maintenance is performed, it is desirable to follow the maintenance policy of the user who uses the network communication device.
In addition, there is the proposed remote maintenance system in which the range of maintenance in the maintenance device can be set up beforehand, and when the maintenance of the device is remotely performed in response to the request, the range of maintenace is restricted. According to the remote maintenance system, the range of maintenance can be set up by an authenticated user beforehand, and when performing the remote maintenance, the maintenance operation other than the setting can be prevented.
However, in the case of the conventional remote maintenance system mentioned above, the method of describing the range of maintenace is not clearly explained, and the method of setting up the range of maintenace according to the user's maintenance policy flexibly is not clearly described.
Moreover, in the case of the conventional remote maintenance system mentioned above, only the maintenance form that accesses the maintenance device from the remote maintenance center which performs the maintenance at the remote place is described. However, there is no assumption that the maintenance information, such as the number of copy sheets or the toner residual quantity, is transmitted from the maintenance device to the remote maintenance center. Thus, in order for the remote maintenance center to acquire the maintenance information, the remote maintenance center must access all the maintenance devices that are managed by the remote maintenance center.
In addition, there are many cases in which it is necessary to pass through the fire wall when the remote maintenance center accesses the maintenance device, and it is usually difficult to access the maintenance device from the external network. Therefore, with the maintenance form in which the maintenance device is accessed from the remote maintenance center, there is the problem in that the maintenance device cannot be accessed by the remote maintenance center.
Conventionally, there is no technology that enables performing the remote maintenance of the network communication device through the external network according to the maintenance policy of the user.
A network communication device, method of maintenance of network communication device, program, recording medium, and maintenance system. In one embodiment, the network communication device that is connected to a maintenance center through a network, comprises a maintenance policy database to store a maintenance policy specifying either transmission of maintenance information related to maintenance of the network communication device or a maintenance operation of the network communication device requested by the maintenance center; a maintenance information transmitting unit to transmit the maintenance information to the maintenance center by referring to the maintenance policy database; a maintenance operation command to receive unit to receive a maintenance operation command requested by the maintenance center; and a maintenance operation control unit to perform the maintenance operation command received by the maintenance operation command receiving unit, by referring to the maintenance policy database.
Other objects, features and advantages of the present invention will be apparent from the following detailed description when reading in conjunction with the accompanying drawings.
Embodiments of the present invention includes an improved network communication device in which the above-described problems are eliminated.
Another embodiment of the present invention includes a network communication device that can have its maintenance remotely performed by accessing the network communication device from the external network according to the maintenance policy specified by the user, as well as a method of maintenace of the network communication device, the program, the recording medium, and the maintenance system.
In order to achieve the above-mentioned functionality, an embodiment of the present invention includes a network communication device which is connected to a maintenance center through a network, the network communication device comprising: a maintenance policy database to store a maintenance policy specifying either transmission of maintenance information related to maintenance of the network communication device or a maintenance operation of the network communication device requested by the maintenance center; a maintenance information transmitting unit to transmit the maintenance information to the maintenance center by referring to the maintenance policy database; a maintenance operation command to receiving unit to receive a maintenance operation command requested by the maintenance center; and a maintenance operation control unit to perform the maintenance operation command received by the maintenance operation command receiving unit, by referring to the maintenance policy database.
In order to achieve the above-mentioned functionality, the present invention includes a method for maintaining a network communication device which is connected to a maintenance center through a network and equipped with a maintenance policy database that stores a maintenance policy specifying either transmission of maintenance information related to maintenance of the network communication device or a maintenance operation of the network communication device requested by the maintenance center, where the method comprises transmitting the maintenance information to the maintenance center by referring to the maintenance policy database; receiving a maintenance operation command requested by the maintenance center; and performing the received maintenance operation command by referring to the maintenance policy database.
In order to achieve the above-mentioned functionality, an embodiment of the present invention provides a computer program product embodifed therein for causing a computer to execute a method for maintaining a network communication device which is connected to a maintenance center through a network and equipped with a maintenance policy database that stores a maintenance policy specifying either transmission of maintenance information related to maintenance of the network communication device or a maintenance operation of the network communication device requested by the maintenance center, where the method comprises transmitting the maintenance information to the maintenance center by referring to the maintenance policy database; receiving a maintenance operation command requested by the maintenance center; and performing the received maintenance operation command by referring to the maintenance policy database.
In order to achieve the above-mentioned functionality, an embodiment of the present invention includes a computer-readable recording medium embodied therein for causing a computer to execute a method for maintenaining a network communication device which is connected to a maintenance center through a network and equipped with a maintenance policy database that stores a maintenance policy specifying either transmission of maintenance information related to maintenance of the network communication device or a maintenance operation of the network communication device requested by the maintenance center, where the method comprises transmitting the maintenance information to the maintenance center by referring to the maintenance policy database; receiving a maintenance operation command requested by the maintenance center; and performing the received maintenance operation command by referring to the maintenance policy database.
In order to achieve the above-mentioned functionality, an embodiment of the present invention includes a maintenance system which includes a maintenance center and a network communication device connected to the maintenance center through a network, the maintenance center performing a maintenance operation of the network communication device, the network communication device comprising: a maintenance policy database to store maintenance policy specifying either transmission of maintenance information related to maintenance of the network communication device or a maintenance operation of the network communication device requested by the maintenance center; and a maintenance information transmitting unit to transmit the maintenance information to the maintenance center by referring to the maintenance policy database, the maintenance center comprising: a maintenance information receiving unit to receive the maintenance information from the network communication device; and a maintenance operation command unit to transmit a maintenance operation command to the network communication device based on the received maintenance information, and the network communication device further comprising: a maintenance operation command receiving unit to receive the maintenance operation command from the maintenance center; and a maintenance operation control unit to perform the received maintenance operation command by referring to the maintenance policy database.
According to embodiments of the present invention, it is possible to perform maintenance easily on a network communication device remotely from the external network according to the policy of the maintenance specified by the user, as well as the method of maintenance of the network communication device, the program, the recording medium, and the maintenance system.
A description will now be given of the preferred embodiments of the invention with reference to the accompanying drawings.
In the following, a digital multi-function peripheral (MFP) having the functions of the copier, the fax, the printer and the scanner and having the function of an image forming apparatus to form an image will be explained as the network communication device for the maintenance to which the present invention is applied.
As shown in
The maintenance operation of the MFP 2 will be explained. In this embodiment, the maintenance operation of the MFP 2 is performed for the MFP 2, which is used by the user, according to the maintenance policy specified by the user. Moreover, the MFP 2 holds the maintenance information related to the maintenance of the MFP 2. The maintenance information is the information related to the maintenance of the MFP concerned, for example, the toner residual quantity, the number of copy sheets, etc.
The remote maintenance operation in this embodiment is performed according to the maintenance policy 5. The maintenance policy 5 is stored in the MFP 2. A detailed description of the maintenance policy 5 will be given later. The maintenance policy 5 comprises the portion (the maintenance information transmit policy) that specifies how the maintenance information of the maintenance policy 5 is transmitted to the remote maintenance center and at which timing the maintenance information is transmitted thereto, and the portion (maintenance operation permission policy) that specifies what maintenance operation is permitted from the remote maintenance center.
The maintenance information transmit policy specifies the contents of maintenance information, the frequency of transmission, etc. which are supplied to the remote maintenance center 3. For example, the accumulated total number of copy sheets and the toner residual quantity may be transmited as the maintenance information once per 30 minutes, but the log data of fax transmission is not transmitted as the maintenance information.
Moreover, the maintenance operation permission policy specifies the contents of the maintenance operation that the remote maintenance center 3 can perform to the MFP 2. For example, as the maintenance operation permission policy, the resetting of the copy count is permitted, but the device rebooting is not permitted.
As shown in
If the command of acquisition of the maintenance information is received as the maintenance operation command and the maintenance information is not permitted according to the maintenance information transmit policy, such maintenance information is not transmitted to the remote maintenance center 3.
When there is no maintenance operation command from the remote maintenance center 3 (No of step S1), it is determined whether there is the input of a new maintenance policy (step S4).
Only the administrator who is authorized to manage the MFP 2 can set up the maintenance policy 5 on the MFP 2. For example, the administrator is authenticated with the user ID and the password. When it is confirmed that the user is authenticated as being the administrator having the authority to set up the maintenance policy 5, the MFP 2 displays the setting screen in which the user sets up the maintenance policy 5, and makes the user input a new maintenance policy.
The new maintenance policy is stored in the maintenance policy database that stores the maintenance policy (step S5). The MFP 2 extracts the timing at which the maintenance information is transmitted to the remote maintenance center 3, from the stored maintenance policy (step S6).
When there is no input of the new maintenance policy (No of step S4), it is determined whether the time the maintenance information is transmitted to the maintenance center 3 has elapsed (step S7). Each time the timing at which the maintenance information is transmitted to the remote maintenance center 3 has been reached (Yes of step S7), the maintenance information is periodically transmitted to the remote maintenance center 3. And, the MFP 2 collects the maintenance information that should be transmitted periodically according to the maintenance policy 5, by referring to the maintenance policy 5 (step S8). Then, the MFP 2 transmits the collected maintenance information to the remote maintenance center 3 (step S9).
In addition, the processing of the judgment of receiving the maintenance operation command (step S1) and the processing of the judgment of the input of the maintenance policy (step S4) may be performed by interruption.
Next, the hardware and functional composition of the remote maintenance center will be explained.
The hardware composition of the remote maintenance center 3 will be explained with reference to
As shown in
The CPU 41 generally controls the processing that is performed by the remote maintenance center 3. The I/O control device 42 controls the I/O of data with the storage device 46 or the drive device 43. The drive device 43 reads the program and data from the recording medium 47, and writes the program and data to the recording medium 47. The recording medium 47 is, for example, a CD-ROM. The communication unit 44 is the interface for connecting the maintenance center 3 with the network 1, and comprises the modem, the router, etc. The main storage device 45 forms the storage region in which the operating system, the program and the data are stored temporarily. The storage device 46 is the storage device in which the program and the data are stored therein. The recording medium 47 is the recording medium in which the programs for supporting the various functions of the remote maintenance center 3 are recorded. The recording medium 47 is set in the drive device 43, and the programs for the functions of the remote maintenance center are installed into the storage device 46 through the drive device 43.
The recording medium 47 in which the programs for the remote maintenance center are recorded may be any of various media types including semiconductor memories that record information electrically such as a ROM and a flash memory, and optical, electric and magnetic recording media that record information optically, electrically or magnetically such as a CD-ROM, a flexible disk, and a magneto-optic disk (MO).
Next, the functional composition of the remote maintenance center 3 will be explained.
As shown in
The maintenance operation command unit 13 transmits a maintenance operation command suitable for the MFP 2 concerned through the communication unit 11, based on the maintenance information sent from the MFP 2.
Next, the functional composition of the MFP 2 will be explained with reference to
As shown in
The policy setting processing unit 27 provides the interface of the user and the MFP 2, and outputs the contents concerned to the other function units 25 and 26 according to the contents input by the user. The user authentication processing unit 26 authenticates the user based on the user ID and the password that are input by the user and received from the policy setting processing unit 27. Therefore, the user authentication processing unit 26 provides the function as the administrator authentication unit.
The policy managing unit 25 calls the current maintenance policy which is currently set up on the MFP 2, and updates the maintenance policy 5 by the new maintenance policy that is set up by the user. The policy managing unit 25 comprises the maintenance policy database 29 in which the maintenance policy 5 is stored. Therefore, the policy managing unit 25 provides the function as the maintenance policy renewal unit.
The maintenance processing unit 20 transmits the maintenance information from the MFP 2 to the remote maintenance center 3 at the timing specified by the maintenance policy 5, and receives the maintenance operation command from the remote maintenance center 3. Even in the case where the maintenance operation command cannot be received from the remote maintenance center 3 by the presence of the fire wall, the maintenance processing unit 20 periodically transmits the inquiry about any maintenance operation command from the remote maintenance center 3, to the remote maintenance center 3, so that the maintenance operation of the MFP 2 can be performed. Therefore, the maintenance processing unit 20 provides the functions of the maintenance information transmitting unit, the maintenance operation command receiving unit, and the operation inquiry unit.
The policy judging processing unit 21 determines whether the maintenance operation command from the remote maintenance center 3 is permitted according to the maintenance policy 5. The center authentication processing unit 22 authenticates the remote maintenance center 3 by using the predetermined authentication method, that is: the center authentication processing unit 22 determines whether the remote maintenance center 3 concerned is a remote maintenance center having the maintenance contract related to the MFP 2. Therefore, the center authentication processing unit 22 provides the function of the maintenance center authentication unit.
Next, the maintenance policy will be explained. The maintenance policy comprises the maintenance information transmit policy and the maintenance operation permission policy as described above. The maintenance information transmit policy is in correspondence with the classification of the maintenance information, and specifies permission/prohibition of transmission of the maintenance information concerned to the remote maintenance center 3, and the timing of the tranmission of the maintenance information concerned.
The maintenance operation permission policy is in correspondence with each maintenance operation, and specifies permission/prohibition of the maintenance operation of the MFP 2 by the remote maintenance center 3.
The maintenance information transmit policy contains the items including the automatic transmit interval, the unit, the classification of periodic maintenance information, and the classification of maintenance information.
The automatic transmit interval specifies the timing at which the maintenance information is transmitted automatically. The unit is a unit of the timing set up for the automatic transmit interval, and it is expressed with, for example, hours, minutes and seconds.
The classification of periodic maintenance information is the maintenance information that is transmitted to the remote maintenance center 3 automatically. For example, in
The classification of maintenance information includes, for example, the model number, the IP address, the MAC (Media Access Control) address, the firmware version, the copy count, the toner residual quantity, etc. The model number is the number which identifies the model of the MFP concerned. The IP (Internet Protocol) address enables the communication to the MFP concerned from the external network, and the MAC (Media Access Control) address identifies the physical address in the LAN. The firmware version indicates the version of the firmware installed in the MFP concerned. The copy count is the number of copy sheets from the last maintenance after the MFP concerned is supplied. The toner residual quantity indicates the quantity of the remaining toner.
Permission/prohibition can be set up for every classification of each maintenance information, and only the maintenance information of the classification for which permission is set up is transmitted to the remote maintenance center 3 under control of the remote maintenance center.
The maintenance operation permission policy contains the maintenance operations including the rebooting of the device, the HDD formatting, the address book clearance, the administrator password clearance, the maintenance information acquisition, etc., and permission/prohibition can be set up for every maintenance operation. It is possible to perform only the maintenance operation for which permission is set up, under control of the remote maintenance center 3.
The administrator sets up each item of the maintenance policy 5 from the touch panel of the MFP concerned.
In the screens to set the maintenance information policy and the maintenance operation permission policy, the numeric value can be input by touching the keyboard shown in
The item of permission/prohibition can be chosen by touching the corresponding key.
For example, if the keys 3 and 0 of the keyboard are touched, the numeric value of the automatic transmit interval is input as 30. The display of the unit of the automatic transmit interval is shifted to the hours, the minutes or the seconds every time the key of the “minutes” is touched.
The classification of the periodic maintenance information is input by touching the number of maintenance information classification on the keyboard. Moreover, the display of the selected item of permission/prohibition is surrounded by the rectangle on the screen. The setting up is completed when the administrator touches the end button.
Alternatively, the setting screen may be configured so that the item is not individually set up as in
In the setting screen of
In addition, it is possible to allow the administrator to perform matching of each security level with the permission/prohibition of each maintenance policy item.
The maintenance policy input by the administrator is created as an XML data in the XML (extensible markup language) format.
When the end button is touched, the policy setting processing unit 27 of
The XML data is output to the policy managing unit 25, and the policy managing unit 25 stores the XML data in the maintenance policy database 29 by arranging the XML data as the file.
Alternatively, it is possible to input the maintenance policy from the terminal connected to the internal network 4 or the Internet 1, without using the touch panel of the MFP 2.
In
In the present embodment, the terminal 10 is the computer. When inputting the maintenance policy from the terminal 10, the program for setting up the maintenance policy is started on the terminal 10 and the maintenance policy is input.
The maintenance policy 5 of
In addition, it is possible that the maintenance policy 5 be input without using the MFP 2 or the terminal 10. For example, the administrator creates the XML data beforehand and set up the same on the MFP 2. The administrator stores in the recording medium like the floppy disk or the smart card by converting the maintenance policy described in the XML format into the file. When the maintenance policy is set up on the MFP 2, each item (permission/prohibition) of the maintenance policy is not input, but the floppy disk or the smart card in which the XML data is recorded is set to the MFP 2. The policy setting processing unit 27 of the MFP 2 reads the XML file from the floppy disk or the smart card, and stores the same in the maintenance policy database 29 as the new maintenance policy.
Moreover, when passing the maintenance policy recorded on the floppy disk to another person and setting up the maintenance policy on the MFP 2, the maintenance policy in the floppy disk (XML data) may be altered unjustly. In order to prevent this, it is desirable that the electronic signature of the administrator is given to the XML data. When the policy setting processing unit 27 reads the XML data from the floppy disk or the smart card set to the MFP and sets up the same on the policy managing unit 25 as the maintenance policy, the XML data concerned is assigned to the policy managing unit 25 after the electronic signature given is referred to and the justification of the XML data is checked.
As a method for assigning the electronic signature to the XML file, the electronic signature method in conformity with the XML structure, for example, the XML signature (IETF RFC3275), may be used, the XML file may only be treated as data and the electronic signature method like the PKCS (Public Key Cryptography Standards) #7 may be used.
Based on the above-described composition and functions, the method of maintenance of the MFP 2 by the remote maintenance center 3 will be explained.
The remote maintenance center 3 and the MFP 2 repeat performing two or more communications therebetween. For example, such communications include not only transmitting the maintenance information but also checking if it is the device for the maintenance that has the maintenance contract, detecting whether it is connected with the correct remote maintenance center 3, etc.
In order to perform such communications, it is suitable to use the SOAP (Simple Object Access Protocol) on the HTTP. The SOAP uses the message described in the XML format and makes access possible at the object (data) of the computer on the network.
Since the SOAP can access data without being dependent on the OS or the programming language, even if they are various devices for the maintenance and computers, it can perform the machining and processing of data, without being influenced by the difference of architecture.
In the following, the SOAP message is used to perform the maintenance operation of the MFP 2 by the remote maintenance center 3. Since the SOAP message transmitted to the MFP 2 from the remote maintenance center 3 contains two or more SOAP interfaces used by the processing of the MFP 2, the maintenance processing unit 20 distributes the SOAP interface to each of the function units shown in
Next, the administrator's authentication that is performed at the time of inputting the maintenance policy will be explained. Since the maintenance policy specifies transmission of the maintenance information and permission/prohibition of the maintenance operation, it is desirable to inhibit any person, other than the administrator who is authorized to manage the maintenance policy of the MFP 2, from updating the maintenance policy of the MFP 2.
The authentication which is performed at the time of inputting the maintenance policy will be explained.
When setting up the maintenance policy, the user inputs the user ID and the password (S101). For example, the SOAP interface “authenticateAdmin(string name and string password): string session” is called, and the password is stored in the “password” and the user ID is stored in the “name”.
If the user ID and the password are input, the policy setting processing unit 27 outputs the user ID and the password to the user authentication processing unit 26 (S102).
The user authentication processing unit 26 authenticates the user based on the matching of the user ID and the password (S103).
When the match of the user ID and the password occurs, the signal indicating that the user authentication is completed normally is output to the policy setting processing unit 27 (S104).
The signal indicating that the user authentication is completed normally is stored in the return value “session”.
When the user authentication is completed, the policy setting processing unit 27 requests the current maintenance policy of the policy managing unit 25 (S105). For example, the SOAP interface “getCurrentRemoteMaintenancePolicy(String session): byte[ ]policy” is called. The policy managing unit 25 reads the current maintenance policy (S106), stores the current maintenance policy in the “policy”, and outputs the same to the policy setting processing unit 27 (S107).
The policy setting processing unit 27 displays the current maintenance policy on the maintenance policy setting screen while displaying the maintenance policy setting screen (S108). The user can input the new maintenance policy while making reference to the current maintenance policy displayed on the maintenance policy setting screen.
The new maintenance policy (S109) input by the user is output to the policy managing unit 25 by the policy setting processing unit 27 (S110). For example, the SOAP interface “setNewRemoteMaintenancePolicy(string session and byte[ ]policy): string error” is called by the policy setting processing unit 27.
The new maintenance policy stored in the “policy” is output to the policy managing unit 25. The policy managing unit 25 updates the current maintenance policy by the new maintenance policy (S11).
Moreover, the policy managing unit 25 stores in the “error” the signal indicating that the renewal of the maintenance policy is completed, and outputs the same to the policy setting processing unit 27 (S112).
Subsequently, the policy setting processing unit 27 displays the indication that the setup of the new maintenance policy is completed on the maintenance policy setting screen (S115).
Moreover, the policy setting processing unit 27 outputs the signal indicating that the new maintenance policy is set up, to the maintenance processing unit 20 (S113).
When the new maintenance policy is set up, the maintenance processing unit 20 starts the processing of transmission of the maintenance information based on the new maintenance policy (S114) since the automatic transmit interval at which the maintenance information is transmitted to the remote maintenance center 3 periodically is changed.
Thus, the maintenance policy is set up on the MFP 2 based on the maintenance policy specified by the user. In addition, the biometrics method using the fingerprint etc., or the PKI (Public Key Infrastructure) based authentication method using the smart card may be used instead as the method of user authentication.
Since the maintenance policy defines the policy of the maintenance of the MFP 2 specified by the authorized administrator, the maintenance policy cannot be set up when the third person other than the administrator intends to set up the maintenance policy or when the remote maintenance center 3 intends to remotely set up the maintenance policy.
As shown in
The policy setting processing unit 27 outputs the input user ID and password to the user authentication processing unit 26 (S202).
The user authentication processing unit 26 receives the user ID and the password, and authenticates the user based on the matching of the user ID and the password (S203).
When the matching of the user ID and the password does not occur, the signal indicating that the user authentication is completed abnormally is output to the policy setting processing unit 27 (S204).
The policy setting processing unit 27 displays the authentication error screen, and finishes the processing (S205).
When the user aauthentication is not completed normally, the maintenance policy setting screen is not displayed.
As shown in
The maintenance processing unit 20 requests the challenge of the center authentication processing unit 22 (S302).
The center authentication processing unit 22 creates the challenge (S303), and outputs the created challenge to the maintenance processing unit 20 (S304).
The maintenance processing unit 20 transmits the challenge to the remote maintenance center 3 (S305). The remote maintenance center 3 receives the challenge, subsequently performs the computation of the challenge concerned by using the secret, and creates the authentication data.
The remote maintenance center 3 transmits the created authentication data to the maintenance processing unit 20 (S306).
The maintenance processing unit 20 outputs the received authentication data to the center authentication processing unit 22 (S307).
The center authentication processing unit 22 authenticates the remote maintenance center 3 by determining whether the result of computation of the challenge concerned using the secret, shared with the remote maintenance center 3, is equal to the authentication data received from the remote maintenance center 3 (step S308).
When the matching of the result of computation and the authentication data received occurs, the center authentication processing unit 22 outputs the signal indicating that the center authentication is completed normally to the maintenance processing unit 20 (S309).
The maintenance processing unit 20 transmits the signal concerned to the remote maintenance center 3 (S310).
The authenticated remote maintenance center 3 requests the setting of the maintenance policy in the maintenance processing unit 20 (S311).
However, since it is beforehand set up so that only the administrator can perform the setting of the maintenance policy, the maintenance processing unit 20 transmits the error signal of maintenance operation to the remote maintenance center 3 (S313). This error signal is sent back in response to the maintenance policy setting command sent from the third party other than the administrator.
The remote maintenance center 3 needs to be authenticated when performing the maintenance operation of the MFP 2. However, even if the center authentication is completed normally, the authority to update the maintenance policy of the MFP 2 is not granted for the remote maintenance center 3.
Since the maintenance policy cannot be set up by the person other than the administrator as shown in the sequence diagrams of
In addition, the maintenance policy may be configured to specify permission/prohibition of rewriting of the maintenance policy by the remote maintenance center 3.
When the administrator sets the rewriting of the maintenance policy as “permission” in the maintenance policy, the maintenance policy can be rewritten by the remote maintenance center 3.
When the rewriting of the maintenance policy is set as “prohibition”, unless the administrator sets it as “permission”, the rewriting of the maintenance policy cannot be performed. Accordingly, by giving the user flexibility, the maintenance of the network communication device can be remotely performed from the external network 1 according to the user's maintenance policy.
Next, the maintenance operation by the remote maintenance center will be explained. Namely, the processing of the maintenenace operation to the MFP 2 performed by the remote maintenance center 3 will be explained.
As shown in
The center authentication method in this embodiment uses the challenge/response method similar to the case of the authentication of the administrator. The maintenance processing unit 20 requests the challenge of the center authentication processing unit 22 (S402). When the challenge is requested, the SOAP interface “getchallenge( ): byte[ ]challenge” is called.
The center authentication processing unit 22 receives the request of the challenge, creates the challenge, and stores the created challenge in the return value “challenge” (S403). The center authentication processing unit 22 outputs the same to the maintenance processing unit 20 (S404).
The maintenance processing unit 20 receives the challenge and transmits the challenge to the remote maintenance center 3 (S405).
The remote maintenance center 3 receives the challenge, creates the authentication data by performing computation of the challenge concerned using the secret, and transmits the authentication data to the maintenance processing unit 20 (S406).
Subsequently, the maintenance processing unit 20 outputs the authentication data to the center authentication processing unit 22 (S407).
When the center authentication is requested, the SOAP interface “internalAuthenticate(byte[ ] authCode): atring session” is called. The authentication data, which is obtained by the remote maintenance center 3 by performing the computation of the challenge using the secret, is stored in the “authCode”.
The center authentication processing unit 22 authenticates the remote maintenance center 3 by determining whether the result of computation of the challenge concerned using the secret shared with the remote maintenance center 3 is equal to the authentication data received from the remote maintenance center 3 (S408).
The numeric value according to the authentication result is stored in the return value “session”, and the center authentication processing unit 22 outputs the same to the maintenance processing unit 20 (S409).
When the center authentication is completed normally (S410), the remote maintenance center 3 transmits the maintenance operation command to the maintenance processing unit 20 (S411).
As shown in
The 3rd to 4th lines of the paragraph 451 define the model of parameter. The name of the parameter is stored in the “name”. The value of the parameter is stored in the “value”. In the paragraph 452, the model of result in which the result of the maintenance operation is stored is defined. When the maintenance operation is not completed normally, the error code is stored in the “error”, and the result of the maintenance operation is stored in the “result”.
In the paragraphs 453 and 454, the contents of maintenance operation are defined. As a typical example, Machine Rebooting which performs the device rebooting as the maintenance operation is defined in the paragraph 453. Maintenance information retrieval that performs the maintenance information acquisition as the maintenance operation is defined in the paragraph 454.
In the case of the rebooting of the device, the 2nd to 3rd lines of the paragraph 453 define the timing at which the rebooting of the device is started from now on. In the case of the maintenance information acquisition, the 2nd to 3rd lines of the paragraph 454 define what type of maintenance information is acquired.
Referring back to
The policy judging processing unit 21 receives the judgment request, and requests the acquisition of the current maintenance policy to the policy managing unit 25 (S413).
The policy managing unit 25 reads the current maintenance policy (S414), and outputs the same to the policy judging processing unit 21 (S415).
The policy judging processing unit 21 receives the current maintenance policy, compares the current maintenance policy with the contents of the maintenance operation requested by the remote maintenance center 3, and determines whether the requested maintenance operation is permitted according to the current maintenance policy (S416).
According to the SOAP interface “OperationResultperformRemoteOperation” of
When the maintenance operation requested by the remote maintenance center 3 is not permitted according to the current maintenance policy, the “NOT_PERMITTED” is returned as the error code and the processing is finished.
More specifically, when the session is valid, the processing shown in
Subsequently, in the XML data explained with
When the matching of the <Name> element does not occur, the error code: false (“prohibition”) is returned and the processing is finished. When the matching of the <Name> element occurs, by referring to the <Permission> element of the <Name> element concerned, it is determined whether the requested maintenance operation is permitted depending on whether the <Permission> element is “allowed” or “denied”.
Referring back to
The maintenance processing unit 20 requests the processing of maintenance operation to the main function control unit 24 with respect to the permitted maintenance operation (S418).
The main function control unit 24 receives the maintenance operation request and performs the requested maintenance operation (S419).
When the SOAP interface “OperationResult performoperation” is called, the contents of the maintenance operation are specified according to the contents of the “operation”. The parameter required for the maintenance operation is stored in the “params”. The “Machine Rebooting”, the “HDD Formatting”, and the “Maintenance Info Retrieval” are described as a typical example in the pseudo code of
When the “operation” is Machine Rebooting, the time of the rebooting is acquired by referring to the “params”. Subsequently, the time of the rebooting is displayed on the touch panel of the MFP 2, and the command of the rebooting that specifies the time is output to the main function control unit of the MFP 2.
When the “operation” is HDD Formatting, the formatting of the HDD is requested to the main function control unit of the MFP 2. When the “operation” is Maintenance Info Retrieval, the command of the maintenance information acquisition is output. In any processing, the processing result is returned and then the processing is completed.
Returning to
The maintenance processing unit 20 transmits the return value concerned to the remote maintenance center 3 (S421). Then, the maintenance operation by the remote maintenance center 3 is completed.
In the processing of
Moreover, in the processng of
When the result of authentication of the remote maintenance center 3 is an error, the maintenance operation request is not accepted and the error is notified to the remote maintenance center 3, and the processing is finished.
Next, the transmission of the maintenance information from the MFP to the remote maintenance center will be explained.
The MFP 2 is the timing set as the automatic transmit interval of the maintenance policy, and transmits maintenance information for periodic maintenance information to the remote maintenance center 3. Thereby, the remote maintenance center 3 can acquire the maintenance information, such as the toner residual quantity and the accumulating total of the number of copy sheets, and can perform the remote maintenance operation of the MFP 3 according to the maintenance information received.
As shown in
The policy judging processing unit 21 receives the request from the maintenance processing unit 20 and requests the acquisition of the current maintenance policy to the policy managing unit 25 (S502).
The policy managing unit 25 reads the current maintenance policy (S503). The policy managing unit 25 outputs the current maintenance policy to the policy judging processing unit 21 (S504).
The policy judging processing unit 21 receives the current maintenance policy and extracts the classification of the maintenance information currently recorded in the classification of periodic maintenance information of the maintenance policy (S505).
Moreover, the policy judging processing unit 21 extracts the time interval set up in the automatic transmit interval of the maintenance policy (S505).
The periodic maintenance information and the automatic transmit interval that are extracted are output to the maintenance processing unit 20 (S506).
The maintenance processing unit 20 requests to the maintenance information managing unit 23 the acquisition of the periodic maintenance information (S507).
The maintenance information managing unit 23 acquires the periodic maintenance information requested by the maintenance processing unit 20 (S508), and outputs the same to the maintenance managing unit 21 (S509).
The maintenance processing unit 20 transmits the periodic maintenance information received from the maintenance information managing unit 23, to the remote maintenance center 3 according to the automatic transmit interval (S510).
The remote maintenance center 3 receives the maintenance information, and transmits the signal indicating that the maintenance information is received normally, to the maintenance processing unit 20 (S511). Thus, the processing which transmits the maintenance information to the remote maintenance center 3 from the MFP 2 is completed. The MFP 2 repeats the processing of
Alternatively, the processing of
The processing using the SOAP interface of
The maintenance processing unit 20 calls the SOAP interface “AutoProvision” as shown in
The policy managing unit 25 opens the maintenance policy file (XML data) in the maintenance policy database, and reads the maintenance policy on the memory.
Subsequently, in the XML data as shown in
For every automatic transmit interval, the maintenance processing unit 20 acquires the periodic maintenance information from the maintenance information managing unit 23, and transmits the acquired maintenance information to the remote maintenance center 3. The processing which transmits the maintenance policy for every automatic transmit interval is repeatedly performed until the maintenance policy is updated by the administrator.
Next, the SOAP interface that transmits the maintenance information from the MFP 2 to the remote maintenance center 3 will be explained.
When the periodic maintenance information is transmitted from the MFP 2 to the remote maintenance center 3, the MFP 2 calls the SOAP interface “sendMaintenanceInfo(byte[ ]random and byte[ ] authCode, String targetId, and Parameter[ ]params): String error” which is provided by the remote maintenance center 3.
In the SOAP interface concerned, the parameters for authenticating the MFP for the maintenance are stored in the “random” and the “authCode”, and the identification information of MFP for the maintenance is stored in the “targetId”.
Moreover, the maintenance information transmited is stored in the “params”. For example, the part number “23094203-777635” is stored in the params[0].value, and “Machine Number” is stored in the params[0].name. Moreover, “Firmware Versions” is stored in the params[1].name, and the firmware version “OS: 505, Main: 2.00, Sub: 1.01” is stored in the params[1] value.
Through the communication between the MFP 2 and the remote maintenance center 3 using the SOAP interface called by the MFP 2, the remote maintenance center 3 can receive the identification information and the maintenance information of the MFP concerned.
In addition, it is desirable to perform the transmission and receiving of these SOAP messages by using the HTTP protocol (HTTPS) on the SSL in order to prevent the alteration and wiretapping of the maintenance operation and the maintenance information.
In the processing of
Moreover, the processing of
Moreover, in the case of the network environment that can establish the session of SSL (secure socket layer) between the remote maintenance center and the device for the maintenance, a series of cipher processing using SSL may be performed so that the maintenance information can be transmitted to the remote maintenance center while preventing the wiretapping of the third person.
Next, the case where the fire wall is set up will be explained.
It is assumed that the MFP 2 is connected to the user's internal network, and it is assumed that the fire wall is installed between the Internet 1 and the internal network 4.
Therefore, if the HTTP or SMTP is used as the communication protocol to transmit the maintenance information from the MFP 2 to the maintenance center 3, such alternative embedment is desirable because it is not necessary to perform a special setting to the fire wall and the transmission of maintenance information is possible.
Moreover, starting the communication to the Internet from the internal network is permitted by the fire wall but the communication from the Internet to the internal network may be blocked by the fire wall. In such a case, the inquiry about whether a maintenance operation command is sent from the remote maintenance center 3 is transmitted from the MFP 2 to the remote maintenance center 3, and the MFP 2 can receive the maintenance operation command from the remote maintenance center 3 in the response to the inquiry concerned.
The communication is started from the internal network and the communication from the external network is enabled without changing the setup of the fire wall. This enables processing of the maintenance operation command of the maintenance center according to the user's maintenance policy. For example, the MFP 2 calls the SOAP interface “getRequest (byte[ ]random, byte[ ] authCode, string targetId): string soapRequestEnvelope” from the remote maintenance center 3. This SOAP interface is usually provided by the remote maintenance center 3. The parameters for authenticating the MFP as the candidate device for the maintenance are stored in the “random” and the “authCode” of the SOAP interface concerned, and the identification information of the MFP for the maintenance is stored in the “targetId”.
When the SOAP interface that is called by the MFP 2 is transmitted to the remote maintenance center 3, the remote maintenance center 3 stores in the “soapRequestEnvelope” any of the “getChallenge”, the “internalAuthenticate” and the “performRemoteOperation” which are the commands sent from the remote maintenance center 3 side. Then, the remote maintenance center 3 sends such “soapRequestEnvelope” back to the MFP 2.
When the challenge is stored in the “getChallenge”, the MFP 2 communicates with the remote maintenance center 3 using the SOAP interface “putResult (string soapResultEnvelope): string error”. The SOAP envelope having the return value and the out argument of the “getChallenge”, the “internalAuthenticate” or the “performRemoteOperation” is stored in the “soapResultEnvelope”.
Even if there is the fire wall, the MFP 2 as the object of maintenance operation sends periodically the inquiry to the remote maintenance center 3, and the remote maintenance center 3 can perform the remote maintenance operation of the MFP 2 at the predetermined interval. The predetermined interval may be the same as the automatic transmit interval, and the transmission of the inquiry may be made at the predetermined time once every day, or may be made for every minute.
Next, the program which provides the function of the remote maintenance will be explained.
In the previously described embodiments, the device for the maintenance is the MFP 2. Alternatively, the computer that provides the predetermined functions, such as the electronic-filing-document managing server, or the image forming device that has the single function, such as the printer, may be the device for the maintenance.
Although the maintenance information and the contents of maintenance operation will change if the device for the maintenance changes, the basic concept of controlling the remote maintenance according to the maintenance policy is the same as that of the MFP 2.
The functions of the remote maintenance can be provided as the software. When providing the same as the software, it is possible to provide the recording medium, such as FD, CD-ROM, or a memory card, in which the program of the remote maintenance is recorded therein.
Especially in the case of the electronic-filing-document managing server, providing the function of the remote maintenance in the form of the program is preferred. Thereby, in the software of the electronic-filing-document managing server, performing the remote maintenance operation, such as upgrading of the software, is possible.
If the program of the remote maintenance can be provided as the single product, it is possible to add the function of the remote maintenance after purchasing of the MFP. Thus, it becomes possible to perform the additional introduction of the function of the remote maintenance later, rather than providing the MFP or the electronic-filing-document managing server in which the function of the remote maintenance is already installed therein.
According to the above embodiments, it is possible to provide the network communication device the maintenace of which can be performed remotely from the external network in accordance with the maintenance policy specified by the user, as well as the method of maintenance of the network communication device, the program, the recording medium, and the maintenance system.
According to the maintenance policy specified by the user, the maintenance information can be periodically transmitted to the remote maintenance center 3. Since the maintenance information can be enciphered and transmitted, the alteration and wiretapping of the maintenance information can be prevented. When the maintenance operation command is received from the maintenance center; only the maintenance operation permitted by the maintenance policy is performed on the network communication device.
Moreover, since the maintenance policy can be set up on every the MFP 2, the maintenance according to the policy of the maintenance of the user can be attained. The administrator is authenticated when inputting the maintenance policy, and when inputting the maintenance policy using the recording medium, the electronic signature processing is performed. Thus, the alteration of the maintenance policy by the third person can be prevented.
Moreover, even if there is the fire wall, the MFP 2 can receive the maintenance operation command in the response to the inquiry sent from the MFP 2 to the maintenance center 3 or by the transmission of the periodical maintenance information from the MFP 2 to the maintenance center 3. The XML data and the SOAP message are used for the communication between the MFP 2 and the remote maintenance center 3. Thus, the remote maintenance operation of the MFP 2 is carried out without being dependent on the OS or the architecture.
The present invention is not limited to the above-described embodiments, and variations and modifications may be made without departing from the scope of the present invention.
Number | Date | Country | Kind |
---|---|---|---|
NO.2004-101063 | Mar 2004 | JP | national |