The invention disclosed herein relates generally to mail processing machines, and more particularly to allowing multiple users to simultaneously access a mail processing machine using networked external processing devices.
Mail processing machines often include different modules that automate the processes of producing mall pieces. A typical mail processing machine can include a one or more different modules or sub-systems each of which performs a different task on a mail piece. In larger machines, the mail piece is conveyed downstream utilizing a transport mechanism, such as rollers or a belt, to each of the modules. Such modules could include, for example, a simulating module, i.e., separating a stack of mail pieces such that the mail pieces are conveyed one at a time along the transport path, a moistening/sealing module, i.e., wetting and closing the glued flap of an envelope, a weighing module, and a metering/printing module, i.e., applying evidence of postage to the mail piece. In smaller machines, mall pieces may be fed one at a time by hand under a printing module to apply evidence of postage to the mail piece. The size of a mailing machine and exact configuration is, of course, particular to the needs of the user.
In some situations, it is desirous to allow a mailing machine to interface with an external processing device such as, for example, a personal computer, tablet device, smartphone, etc. Such an external processing device can provide the user with an enhanced user interface and allow the user to control certain operations of the mail processing machine remotely as well as access to other products or services that the mailing machine alone could not provide. Unfortunately, conventional mailing machines can only be interacted with by a single operator at a time, either by directly interacting with an input on the mailing machine for through another external processing device that is connected to the mailing machine via a network. If multiple operators want to use the mailing machine at the same time, they would not be able to do so, and instead would need to take turns. One user would perform his transaction and the next user would have to wait until the first user is finished before being able to use the mailing machine for any purpose. This greatly reduces the effectiveness of such systems.
The present invention provides a mail processing machine whose operation can be accomplished remotely and support multiple users. The present invention utilizes secure simultaneous multiple user/application access over a network. This supports software configuration, data access, control of a postal security device (PSD), indicium creation, and control of a print engine. The invention is realized by binding core embedded software to a web server within the device and using a web technology stack that allows many users to access the software. HTTPS and a web socket based API protocol are used to enable communications with external processing devices and web applications. A secure file system is present that can cache user credentials to allow access to the machine when it is offline from the Internet. The device also contains its own browser for rendering the user experience on its own local display and allowing access to other applications on the web. This technology enables a plurality of users to use the device at the same time, applies logic within the device that brokers transactions in case there is a dependency on one being complete before another transaction is started, makes sure that specific transactions stay linked to specific users, allows the same user experience to occur on the machine or external processing device, and gives multiple users access to peripherals attached to the mail processing machine.
Therefore, it should now be apparent that the invention substantially achieves all the above aspects and advantages. Additional aspects and advantages of the invention will be set forth in the description that follows, and in part will be obvious from the description, or may be learned by practice of the invention. Moreover, the aspects and advantages of the invention may be realized and obtained by means of the instrumentalities and combinations particularly pointed out in the appended claims.
The accompanying drawings illustrate presently preferred embodiments of the invention, and together with the general description given above and the detailed description given below, by way of example serve to explain the invention in more detail. As shown throughout the drawings, like reference numerals designate like or corresponding parts.
In describing the present invention, reference is made to the drawings, wherein there is seen in
The processing device 12 executes an operating system 40, such as, for example, Embedded Linux. Other operating systems can be used with the device 10. Machine-to-machine (M2M) technology 42 is present at this layer that allows easy updating of the operating system 40. M2M technology, as is known in the art, allows machines to communicate with each other without human intervention. It is commonly used to pass data from a device to an entity that can make a decision based on the data. It is also used to update software in devices. Thus, the M2M technology 42 provides a pipe for the core embedded software 44 to send data from the device 10 for analysis by other web applications, and enables the mailing machine 10 to be a part of the Internet of Things (IoT) if desired. The core embedded software 44 uses the operating system 40 to perform the functions of the mail processing device 10. The core software 44 will also contain any logic that is needed to manage multiple transactions within the device 10. The core software 44 contains a set of rules that indicate which transactions can occur in parallel and which ones cannot. Such rules that prevent parallel activity can include, for example: (i) two users cannot debit the PSD 16 at the same time, (ii) only one user can start a mailrun running remotely; (iii) only one user can refill the PSD 16 at a given time; and (iv) a user cannot withdraw a meter while another user is debiting it. In general, these rules exist so that the financial integrity of the PSD 16 is maintained and prevent two conflicting operations from occurring. However, there are other rules which do allow parallel activity, such as, for example, (i) a user can view the PSD 16 registers while another user is running mail: (ii) one user can edit his settings while another user edits his settings; and (iii) multiple users can rate shop at the same time. These rules have independent operations that will not change the overall state of the machine. Another implementation of rules is to use a Role Based Access Control (RBAC). Only an administrator would have capabilities to control the state of the machine such as refilling the PSD or downloading new software. Other users could have other privileges. There still may be a need to have rules which prevent conflict between users, but the roles could reduce the need as the role can specify what a user has access to do. In general, the rules are determined by the specific application implemented on the device 10 and must be compliant with postal regulatory requirements.
A file system 48, including a database for storage of information (which can be encrypted), exists that both the operating system 40 and core embedded software 44 can use. Encryption software 50 is employed to protect user data stored in the file system 48 database. Given that there are multiple users, it is important that each user's data be independent from each other. This can be accomplished by each user having a separate file or use of a multi-tenant database. The file system 48 will cache user credentials (if they are used) so that a user can access the device 10 if it is not connected to the web. The caching is needed because when credentials are used they are typically checked against a cloud based web server.
The core embedded software 44 interacts with an embedded web application server 52. The core embedded software 44 implements actions that the users can take and rules that make sure that a valid action is being performed given the state of the device 10. It also allows access to peripherals 30, 32 with which the users may interact. The web application server 52 allows users to employ browsers operating on an external processing device (e.g., tablet 14, smartphone 16, PC 18) to control the device 10. Thus, the user could be using the device's 10 internal browser 70 which renders information on the local display 24 or using a remote device with a browser. The embedded web application server 52 uses high-level web scripting 54 with ‘C’ binding to tie the user interface provided on the display 24 back into the core embedded software 44. Effectively, the core embedded software 44 has an API that will interact with the user interface. A message queue 60 is present so that requests can be buffered if the application is busy. The technology stack employed by the web application server 52 and interfaced to the core embedded software 44 is the “gaming technology” that is present on many Internet applications today. This allows many users to interact with the web applications at the same time. The device 10 includes an internal browser 70, that can be displayed on the display 24 for interaction with a user, that ties into the embedded web application server 52. Note that this is a programmatic interface to the device 10 that can be used while a physical user is interacting with the device 10 through the screens being displayed on the display 24. It also allows the device 10 to access web applications from its display 24. This would enable cloud based applications 72, like shipping or location intelligence applications, associated with the device 10 to be accessible from the device 10. A security sandbox 74 can also be provided to allow access to authorized cloud-based third party sites 76. The security sandbox allows third parties to have limited access to the device 10. There are a small set of commands and machine capabilities that will be accessible to these parties.
A RESTful API 62 exists that allows web applications 82 operated by external devices, e.g. PC 18, or applications running on BYOD devices 80 (e.g., tablet 14, smartphone 16) to interact with the device 10. This enables the same user experience to be available on devices outside of the device 10. HTTPS 84 and a web socket API 86 are used to transfer the data between the device 10 and other digital users that are using, for example, the PC 18, tablet 14 or smartphone 16.
If the activity requested by the second user is not currently allowed, e.g., the request is for an activity that is not allowed to be performed in parallel with another activity already being processed, then in step 112 the request is sent to the message queue 60 and will be delayed until the request can be processed. If in step 110 it is determined that the rules do not prohibit the request from being processed, e.g., there are no other activities currently being processed or the request is for an activity that can be performed in parallel with another activity already being processed, then in step 114 the request from the second user is processed and the activity is performed by the device 10. If user data must be changed, the database of the file system 48 is accessed for that specific user and the new data stored. Due to the gaming technology of the core embedded software 44, multiple users can be going through this flow and be in different steps depending on the timing of their request. The combination of gaming technology, separate user storage, and rules allow the requests of multiple users to be completed or denied while keeping the device 10 in an operational state.
There are numerous advantages provided by the architecture of the device 10. Multiple users to are allowed to simultaneously perform activities using different features of the device 10. Such activities include the capability to ship packages and debit registers by two different users, get an account balance while looking up a postal rate, allow multiple users to access the peripherals 30 that are attached to the device 10, allow one user to print a shipping label using the label/tape printer while another user gets the weight of a different package form the scale, allow one user to print an accounting report using the laser printer while another user debits the PSD 16, mailing/shipping jobs can be setup/programmed by different operators at any time or simultaneously, e.g., one user can be setting up address book of recipients, while another is loading funds or printing shipping labels, secure transactions can be pipelined by different users and executed as fast as possible to have a quick response time, the same user experience can occur on the device 10 and any external processing devices (e.g., PC 18, tablet device 14, or smartphone device 16, and initial out of the box setup/installation for the device 10 can be accomplished remotely from alternate devices, such as tablet 14, smart hone 16, or PC 12, which has a familiar user interface, and very often cloud connected. If multiple users try two operations that are not discrete, the device 10 will have rules on how to process the requests and execute them as soon as possible.
While preferred embodiments of the invention have been described and illustrated above, it should be understood that they are exemplary of the invention and are not to be considered as limiting. Additions, deletions, substitutions, and other modifications can be made without departing from the spirit or scope of the present invention. Accordingly, the invention is not to be considered as limited by the foregoing description but is only limited by the scope of the appended claims.