System and method for role based access control of a document processing device

US 7,478,421 B2
Filed: 02/04/2004
Issued: 01/13/2009
Est. Priority Date: 02/04/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A system for role-based control of a document processing device comprising:

means for receiving an electronic document into a document processing device via an associated network, the document processing device including a printer, a copier, and a scanner;

means for generating a scan file corresponding to a scan of a tangible document by the document processing device;

means for receiving, via the associated network, document processing instruction data corresponding to at least one user-selected document processing operation corresponding to at least one of the received electronic document and a received tangible document;

means for acquiring, via the associated network, user data representative of an identity of a user of a document processing device, which user data is associated with the received electronic document;

means for prompting the user for login data via an interface associated with the document processing device;

means for receiving login data from the user via the interface;

means for receiving device access data representative of device access privileges associated with each of a plurality of users;

comparison means for comparing user data and login data with the device access data;

means for associating login data with at least one preselected user role in accordance with an output of the comparison means;

means for retrieving a permission matrix template specifying allowable usage options of the data processing device associated with each of a plurality of user roles;

means for generating permission matrix data in accordance with the at least one preselected user role and retrieved permission matrix template, the permission matrix data including data representative of allowable usage options of the document processing device from a plurality thereof by a user associated with the user data;

means for communicating the permission matrix data to the document processing device to allow for control thereof;

means for storing the permission matrix on a data storage associated with a controller of the document processing device; and

means for controlling operation of the document processing device to a subset of available document processing operations in accordance with the stored permission matrix such that the document processing operation is terminated when not permitted by the stored permission matrix.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for controlling access to a document processing device based on roles assigned to user groups. Each group of users has certain functions for which they are authorized to use the document processing device. The device compares a username and password with correlating information stored in an authentication server. The server transmits a list of functions for which the user is authorized to employ the device. The device then compares the requested function with the authorized functions to determine if the user is allowed to utilize the document processing device for the requested function. The document processing device then performs the authorized requested function.

Citations

12 Claims

1. A system for role-based control of a document processing device comprising:
- means for receiving an electronic document into a document processing device via an associated network, the document processing device including a printer, a copier, and a scanner;
  
  means for generating a scan file corresponding to a scan of a tangible document by the document processing device;
  
  means for receiving, via the associated network, document processing instruction data corresponding to at least one user-selected document processing operation corresponding to at least one of the received electronic document and a received tangible document;
  
  means for acquiring, via the associated network, user data representative of an identity of a user of a document processing device, which user data is associated with the received electronic document;
  
  means for prompting the user for login data via an interface associated with the document processing device;
  
  means for receiving login data from the user via the interface;
  
  means for receiving device access data representative of device access privileges associated with each of a plurality of users;
  
  comparison means for comparing user data and login data with the device access data;
  
  means for associating login data with at least one preselected user role in accordance with an output of the comparison means;
  
  means for retrieving a permission matrix template specifying allowable usage options of the data processing device associated with each of a plurality of user roles;
  
  means for generating permission matrix data in accordance with the at least one preselected user role and retrieved permission matrix template, the permission matrix data including data representative of allowable usage options of the document processing device from a plurality thereof by a user associated with the user data;
  
  means for communicating the permission matrix data to the document processing device to allow for control thereof;
  
  means for storing the permission matrix on a data storage associated with a controller of the document processing device; and
  
  means for controlling operation of the document processing device to a subset of available document processing operations in accordance with the stored permission matrix such that the document processing operation is terminated when not permitted by the stored permission matrix.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1 wherein the permission matrix data includes selected permissions associated with at least one of printing, copying, faxing and scanning.
  - 3. The system of claim 2 wherein the permission matrix data includes data allowing access to all available functions when the user data is representative of an administrative mode.
  - 4. The system of claim 1 wherein the user data representative of the identity of a user comprise at least one of user name and user password.
  - 5. The system of claim 1 further comprising:
    - means for transmitting acquired user data to an authentication server;
      
      means for transmitting device access data to the authentication server;
      
      wherein the authentication server compares the user data with the device access data to generate the permission data matrix.
  - 6. The system of claim 1 wherein the user data and the device access data are stored in an associated database.

7. A method for role-based control of a document processing device comprising the steps of:
- receiving an electronic document into a document processing device via an associated network, which document processing device includes a printer, a copier, and a scanner;
  
  outputting a tangible rendering of the electronic document by the document processing device;
  
  generating a scan file corresponding to a scan of the tangible document rendered by the document processing device;
  
  receiving, via the associated network, document processing instruction data corresponding to at least one user-selected document processing operation corresponding to at least one of the received electronic document and the received tangible document;
  
  acquiring, via the associated network, user data representative of an identity of a user of a document processing device, which user data is associated with the received electronic document;
  
  prompting the user for login data via an interface associated with the document processing device;
  
  receiving login data from the user via the interface;
  
  receiving device access data representative of device access privileges associated with each of a plurality of users;
  
  comparing user data and login data with the device access data;
  
  associating login data with at least one preselected user role in accordance with an output of the comparison means;
  
  retrieving a permission matrix template specifying allowable usage options of the data processing device associated with each of a plurality of user roles;
  
  generating permission matrix data as a result in accordance with the at least one preselected user role and retrieved permission matrix template, the permission matrix data including data representative of allowable usage options of the document processing device from a plurality thereof by a user associated with the user data;
  
  communicating the permission matrix data to the document processing device to allow for control thereof;
  
  storing the permission matrix on a data storage associated with a controller of the document processing device; and
  
  controlling operation of the document processing device to a subset of available document processing operations in accordance with the stored permission matrix such that the document processing operation is terminated when not permitted by the stored permission matrix.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7 wherein the permission matrix data includes selected permissions associated with at least one of printing, copying, faxing and scanning.
  - 9. The method of claim 8 wherein the permission matrix data includes data allowing access to all available functions when the user data is representative of an administrative mode.
  - 10. The method of claim 7 wherein the user data representative of the identity of a user comprise at least one of user name and user password.
  - 11. The method of claim 7 further comprising:
    - transmitting acquired user data to an authentication server;
      
      transmitting device access data to the authentication server;
      
      wherein the authentication server compares the user data with the device access data to generate the permission data matrix.
  - 12. The method of claim 7 wherein the user data and the device access data are stored in an associated database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Toshiba Corporation, Toshiba Tec Corporation (Toshiba Corporation)
Original Assignee
Toshiba Corporation, Toshiba Tec Corporation (Toshiba Corporation)
Inventors
Shahindoust, Amir, Krishna, Girish R., Kodimer, Marianne L., Yeung, Mike
Primary Examiner(s)
Revak; Christopher A
Assistant Examiner(s)
AVERY, JEREMIAH L

Application Number

US10/771,584
Publication Number

US 20050172151A1
Time in Patent Office

1,805 Days
Field of Search

None
US Class Current

726/4
CPC Class Codes

G06F 21/31   User authentication

G06F 21/608   Secure printing

G06F 21/629   to features or functions of...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2115   Third party

G06F 2221/2141   Access rights, e.g. capabil...

System and method for role based access control of a document processing device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for role based access control of a document processing device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links