Two-pass device access management

US 7,167,919 B2
Filed: 12/05/2002
Issued: 01/23/2007
Est. Priority Date: 12/05/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method for controlling access to a peripheral device by a user, wherein the peripheral device is accessible by the user based on centralized access management information accessible by a server, the method comprising:

authenticating a user of a computer based on authentication information corresponding to the user;

determining, at the server, whether the user is authorized to use at least one portion of features and/or services of the peripheral device;

transmitting access management information for the user from the server to the computer, in case that authentication of the user is successful and the user is authorized to use at least one portion of the features and/or services of the peripheral device;

transmitting the access management information for the user and a job requested by the user from the computer to the peripheral device;

determining, at the peripheral device, whether a level of access to the peripheral device available to the user based on the transmitted access management information provides access to a feature and/or a service necessary to perform the job requested by the user; and

performing the job requested by the user at the peripheral device in a case that the level of access provides access to the feature and/or service necessary to perform the job requested by the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access control to a networked peripheral device by a walk-up user, wherein the networked peripheral device is accessible by both the walk-up user and a remote user, based on centralized access management information. Access control comprises receiving authenticated information for the walk-up user from the networked peripheral device at a centralized location, determining at a server connected to the network a first level of access to the networked peripheral device, determining at the networked peripheral device a second level of access to the networked peripheral device by the walk-up user based on received access management information for the walk-up user, and allowing the walk-up user to access determined user-available features of the networked peripheral device based on the determined first and second levels of access.

109 Citations

View as Search Results

15 Claims

1. A method for controlling access to a peripheral device by a user, wherein the peripheral device is accessible by the user based on centralized access management information accessible by a server, the method comprising:
- authenticating a user of a computer based on authentication information corresponding to the user;
  
  determining, at the server, whether the user is authorized to use at least one portion of features and/or services of the peripheral device;
  
  transmitting access management information for the user from the server to the computer, in case that authentication of the user is successful and the user is authorized to use at least one portion of the features and/or services of the peripheral device;
  
  transmitting the access management information for the user and a job requested by the user from the computer to the peripheral device;
  
  determining, at the peripheral device, whether a level of access to the peripheral device available to the user based on the transmitted access management information provides access to a feature and/or a service necessary to perform the job requested by the user; and
  
  performing the job requested by the user at the peripheral device in a case that the level of access provides access to the feature and/or service necessary to perform the job requested by the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, wherein the peripheral device is a multifunction peripheral device.
  - 3. A method according to claim 1, further comprising the steps of:
    - receiving, at the server, the authentication information from the computer,wherein the access management information is transmitted from the server to the computer after the server authenticates the user based on the received authentication information.
  - 4. A method according to claim 3, wherein the authentication information received from the computer is encrypted.
  - 5. A method according to claim 1, wherein the access management information is supplied by an authentication server that authenticates both a walk-up user who operates the peripheral device and a remote user of the computer.
  - 6. A method according to claim 1, wherein the authentication information is a username and/or password.
  - 7. A method according to claim 1, wherein the access management information is encrypted or a cryptographic hashing and signing operation is used for the access management information.
  - 8. A method according to claim 1, further comprising the step of:
    - transmitting from the server to the computer a message for denying the access by the user, in case that the user has no access to the peripheral device.
  - 9. A method according to claim 1, wherein the access management information identifies a feature and/or a service which the user can use.

10. A server for use in controlling access to a peripheral device by a user, wherein the peripheral device is accessible by the user based on access management information accessible by the server, the server comprising a processor executing steps of:
- receiving authentication information corresponding to a user, from a computer for transmitting a job to the peripheral device;
  
  authenticating the user using the authentication information;
  
  determining whether the user is authorized to use at least one portion of features and/or services of the peripheral device; and
  
  transmitting access management information for the user to the computer, in case that authentication of the user is successful and the user is authorized to use at least one portion of the features and/or the services of the peripheral device,wherein the transmitted access management information is used to determine whether a feature and/or a service of the peripheral device necessary to perform the job is available to the user.
- View Dependent Claims (11, 12, 13)
- - 11. A server according to claim 10, wherein the processor executes the step of:
    - transmitting a message for denying the access by the user in case that either authentication of the user failed or the user has no access to features and/or services of the peripheral device.
  - 12. A server according to claim 10, wherein the processor executes the steps of:
    - receiving from the peripheral device authentication information corresponding to a second user;
      
      authenticating the second user using the authentication information corresponding to the second user; and
      
      transmitting access management information for the second user to the peripheral device, in case that authentication of the second user is successful and the second user is authorized to use at least one portion of the features and/or the services of the peripheral device.
  - 13. A server according to claim 10, wherein the access management information identifies a feature and/or a service of the peripheral device which the user can use.

14. A method for controlling access to a peripheral device by a user, wherein the peripheral device is accessible by the user based on centralized access management information accessible by a server, the method comprising:
- receiving, at the server, authentication information corresponding to a user, from a computer for transmitting a job to the peripheral device;
  
  authenticating, at the server, the user using the authentication information;
  
  determining, at the server, whether the user is authorized to use at least one portion of features and/or services of the peripheral device, andtransmitting, at the server, access management information for the user to the computer in case that authentication of the user is successful and the user is authorized to use at least one portion of the features and/or the services of the peripheral device,wherein the transmitted access management information is used to determine whether a feature and/or a service of the peripheral device necessary to perform the job is available to the user.
- View Dependent Claims (15)
- - 15. A method according to claim 14, wherein the access management information identifies a feature and/or a service which the user can use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Original Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Inventors
Yang, Joseph, Khosrova, Eliza, Martinez, Martin, Seikh, Attaullah, Iwamoto, Neil Y., Chern, Wei-Jhy, Slick, Royce E., Paek, Jeanette Yang
Primary Examiner(s)
VU, THONG H

Application Number

US10/309,884
Publication Number

US 20030167336A1
Time in Patent Office

1,510 Days
Field of Search

709/245, 709227-229, 709/225, 709/203, 709/223, 709/224, 709/222, 375/141, 375/356, 713/200, 713/156, 713/193, 713/182, 713/168, 705/8, 705/10, 705/35, 705/53, 705/14, 705/26, 705/51, 705/401, 455/552, 455/412, 379/100, 379/230, 715/716, 358/1.9, 710/8, 710/315, 726/20, 707/100
US Class Current

709/229
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 21/608   Secure printing

G06F 21/6218   to a system of files or obj...

G06F 21/84   output devices, e.g. displa...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 63/12   Applying verification of th...

H04N 1/00509   Personalising for a particu...

Two-pass device access management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

109 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Two-pass device access management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

109 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links