Information processing system, control method therefor, image processing apparatus, control method therefor, and storage medium storing control program therefor

US 10,560,477 B2
Filed: 01/31/2014
Issued: 02/11/2020
Est. Priority Date: 01/31/2013
Status: Active Grant

First Claim

Patent Images

1. An information processing system comprising:

at least one processor connected to a memory, the processor and memory configured to;

receive security policy data including a security policy, the security policy data further including identification information of a predetermined policy exclusion application to which the security policy is not to be applied;

determine, based on confirming a policy version setting of an application, whether the application in an image processing apparatus supports enforcement of a setting to comply with the security policy in the security policy data;

set up the application to comply with the security policy in a case where it is determined that the application supports the enforcement of the setting to comply with the security policy in the security policy data; and

determine, based on the identification information in the security policy data, whether the application is the predetermined policy exclusion application identified by the identification information, in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data,wherein the determination that the application does not support the enforcement of the setting to comply with the security policy based on confirming the policy version setting of the application is separate from the determination that the application is the predetermined policy exclusion application,wherein in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data and the application is the predetermined policy exclusion application, the application is allowed to operate, andwherein in a case where it is determined based on confirming the policy version setting of the application that the application does not support the enforcement of the setting to comply with the security policy in the security policy data, the administrator is notified of a message about a security policy of the application via the display.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing system that facilitates management of information security policy even for an extended application installed from exterior. A receiving unit receives security policy data in which a security policy is described. A management unit manages an extended application that can be added and deleted and that operates in an image processing apparatus. A notification unit notifies an administrator of error information about a security policy of an extended application managed by the management unit, when the extended application managed by the management unit does not comply with the security policy described in the security policy data, and when an identifier of an extended application that is extracted from the security policy data and that is excepted from applying the security policy does not match with the identifier of the extended application managed by the management unit.

6 Citations

14 Claims

1. An information processing system comprising:
- at least one processor connected to a memory, the processor and memory configured to;
  
  receive security policy data including a security policy, the security policy data further including identification information of a predetermined policy exclusion application to which the security policy is not to be applied;
  
  determine, based on confirming a policy version setting of an application, whether the application in an image processing apparatus supports enforcement of a setting to comply with the security policy in the security policy data;
  
  set up the application to comply with the security policy in a case where it is determined that the application supports the enforcement of the setting to comply with the security policy in the security policy data; and
  
  determine, based on the identification information in the security policy data, whether the application is the predetermined policy exclusion application identified by the identification information, in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data,wherein the determination that the application does not support the enforcement of the setting to comply with the security policy based on confirming the policy version setting of the application is separate from the determination that the application is the predetermined policy exclusion application,wherein in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data and the application is the predetermined policy exclusion application, the application is allowed to operate, andwherein in a case where it is determined based on confirming the policy version setting of the application that the application does not support the enforcement of the setting to comply with the security policy in the security policy data, the administrator is notified of a message about a security policy of the application via the display.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The information processing system according to claim 1, the processor and memory further configured to:
    - stop an operation of the application in a case where it is determined that the policy version setting of the application is not set to the application and it is determined that the application is not the predetermined policy exclusion application identified by the identification information.
  - 3. The information processing system according to claim 1, wherein it is determined whether the application supports the enforcement of the setting to with the security policy by investigating whether a policy version is set to the application.
  - 4. The information processing system according to claim 1, the message about the security policy of the application includes items of difference between the security policy of the application and the security policy of the image processing apparatus.
  - 5. The information processing system according to claim 1, wherein the security policy prohibits a communication using a predetermined communication protocol.
  - 6. The information processing system according to claim 5, wherein the application receives a print job transmitted using the predetermined communication protocol and enables the image processing apparatus to execute printing a received print job.
  - 7. The information processing system according to claim 5, wherein the application is free from a communication using the predetermined communication protocol.
  - 8. The information processing system according to claim 1, wherein the application operates in execution environment of Java which is dynamically added into and deleted from the image processing apparatus.
  - 9. The information processing system according to claim 4, the processor and memory further configured to cause the display to display an extended application name and an information security policy item that is the difference.

10. A control method for an information processing system, comprising:
- receiving security policy data including a security policy, the security policy data further including identification information of a predetermined policy exclusion application to which the security policy is not to be applied;
  
  first determining, based on confirming a policy version setting of an application, whether the application in an image processing apparatus supports enforcement of a setting to comply with the security policy in the security policy data;
  
  setting up the application to comply with the security policy in a case where it is determined that the application supports the enforcement of the setting to comply with the security policy in the security policy data;
  
  second determining, based on the identification information in the security policy data, whether the application is the predetermined policy exclusion application identified by the identification information in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data,wherein the determining whether the application is the predetermined policy exclusion application is separate from the determination that the application does not support the enforcement of the setting to comply with the security policy based on confirming the policy version setting of the application,wherein in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data and it is determined that the application is the predetermined policy exclusion application, the application is allowed to operate andwherein in a case where it is determined based on confirming the policy version setting of the application that the application does not support the enforcement of the setting to comply with the security policy in the security policy data, the administrator is notified of a message about a security policy of the application via the display.
- View Dependent Claims (11)
- - 11. The control method for an information processing system according to claim 10, further comprising:
    - stopping an operation of the application in a case where it is determined that the policy version setting of the application is not set to the application and it is determined that the application is not the predetermined policy exclusion application identified by the identification information.

12. An image processing apparatus, comprising:
- a processor connected to a memory, the processor and memory configured to;
  
  receive security policy data including a security policy, the security policy data further including identification information of a predetermined policy exclusion application to which the security policy is not to be applied;
  
  determine, based on confirming a policy version setting of an application, whether the application in an image processing apparatus supports enforcement of setting to comply with the security policy in the security policy data;
  
  set up the application to comply with the security policy in a case where it is determined, based on confirming the policy version setting of the application, that the application supports the enforcement of the setting to comply with the security policy in the security policy data ; and
  
  determine, based on the identification information included in the security policy data, whether the application is the predetermined policy exclusion application identified by the identification information in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data,wherein the determination that the application does not support the enforcement of the setting to comply with the security policy based on confirming the policy version setting of the application is separate from the determination that the application is the predetermined policy exclusion application,wherein in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data and the application is the predetermined policy exclusion application, the application is allowed to operate, andwherein in a case where it is determined that the policy version setting of the application does not support enforcement of a setting to comply with the security policy in the security policy data and the application is not the predetermined policy exclusion application, the administrator is notified of a message via the display.
- View Dependent Claims (13, 14)
- - 13. The Image processing apparatus according to claim 12, the security policy is related to a communication protocol regarding at least one of a predetermined encryption or digital certification.
  - 14. The Image processing apparatus according to claim 12, wherein in a case where it is determined that the policy version setting of the application is set to the application, it is determined, based on confirming whether a version defined in the policy version setting of the application is corresponding to a version of a security policy in the received security policy data of the application, whether the application in an image processing apparatus supports enforcement of setting to comply with the security policy in the security policy data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Ayutthaya Limited (Canon Inc.)
Original Assignee
Canon Ayutthaya Limited (Canon Inc.)
Inventors
Tsuchitoi, Naoki, Yasukawa, Akari, Shimizu, Shota
Primary Examiner(s)
King, John B

Application Number

US14/169,199
Publication Number

US 20140215553A1
Time in Patent Office

2,202 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/20 for managing network securi...

Information processing system, control method therefor, image processing apparatus, control method therefor, and storage medium storing control program therefor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

6 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Information processing system, control method therefor, image processing apparatus, control method therefor, and storage medium storing control program therefor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links