Information processing system, information processing apparatus and method and program therefor
First Claim
1. An information processing system, in which one or plural information processing apparatuses, a first authentication server storing first authentication information for permitting use of the information processing apparatus, and a second authentication server storing at least second authentication information for identifying a user, are capable of communication through a communication medium,wherein the first authentication server comprises:
- an authentication information storing unit configured to store a first authentication information for permitting use of the information processing apparatus;
a period setting unit configured to set a period for registering the first authentication information;
a latest log-in time storing unit configured to store a latest time information at which the authentication is successful as a latest log-in time, in combination with the first authentication information;
a determination unit configured, for executing an authentication based on the first authentication information received from the information processing apparatus, to determine whether the first authentication information is stored in the authentication information storing unit;
an inquiry unit configured to inquire to the information processing apparatus registration of the first authentication information, when the determination unit determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit;
a first request unit configured, upon receiving a request for registration from the information processing apparatus as a response to the inquiry by the inquiry unit, to request to the second authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information;
a registration unit configured, in response to a reception from the second authentication server as a response to the request by the first request unit of a result indicating that the second authentication information is registered in the second authentication server, to register the second authentication information and the first authentication information that is determined by the determination unit as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; and
a deletion unit configured, when the period set by the period setting unit elapses from the latest log-in time stored in the latest log-in time storing unit, to delete the first authentication information combined with the latest log-in time and the second authentication information combined with the first authentication information from the authentication information storing unit, andwherein the information processing apparatus comprises;
a second request unit configured to transmit input first authentication information to the first authentication server thereby requesting an authentication based on the first authentication information to the first authentication server;
a result acquiring unit configured to acquire a result based on the determination by the determination unit from the first authentication server in response to the request from the second request unit;
a permission unit configured to permit use of the information processing apparatus when the authentication is determined as successful based on the result acquired by the result acquiring unit; and
a registration request unit that is configured, in the case that the authentication is determined as failed based on the result acquired by the result acquiring unit and in the case of receiving an inquiry for the registration of the first authentication information, to transmit the second authentication information for identifying the user input from an operation unit to the first authentication server thereby requesting a registration.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention is to alleviate cumbersome operations of manager such as registration and deletion of authentication information. A card ID read from an IC card is transmitted to an IC card authentication server to obtain a first authentication result, and when the first authentication result indicates a successful authentication, the use of a composite apparatus is permitted. When the first authentication result indicates a failed authentication, an input user name is transmitted to a directory service server to obtain a second authentication result, and, when the second authentication result indicate a successful authentication, the card ID failing the authentication and the user name succeeding in the authentication are transmitted for requesting a registration to an IC card authentication server, which, receiving the request, registers the card ID and the user name in the registration request in combination in an authentication table.
15 Citations
13 Claims
-
1. An information processing system, in which one or plural information processing apparatuses, a first authentication server storing first authentication information for permitting use of the information processing apparatus, and a second authentication server storing at least second authentication information for identifying a user, are capable of communication through a communication medium,
wherein the first authentication server comprises: -
an authentication information storing unit configured to store a first authentication information for permitting use of the information processing apparatus; a period setting unit configured to set a period for registering the first authentication information; a latest log-in time storing unit configured to store a latest time information at which the authentication is successful as a latest log-in time, in combination with the first authentication information; a determination unit configured, for executing an authentication based on the first authentication information received from the information processing apparatus, to determine whether the first authentication information is stored in the authentication information storing unit; an inquiry unit configured to inquire to the information processing apparatus registration of the first authentication information, when the determination unit determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit; a first request unit configured, upon receiving a request for registration from the information processing apparatus as a response to the inquiry by the inquiry unit, to request to the second authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information; a registration unit configured, in response to a reception from the second authentication server as a response to the request by the first request unit of a result indicating that the second authentication information is registered in the second authentication server, to register the second authentication information and the first authentication information that is determined by the determination unit as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; and a deletion unit configured, when the period set by the period setting unit elapses from the latest log-in time stored in the latest log-in time storing unit, to delete the first authentication information combined with the latest log-in time and the second authentication information combined with the first authentication information from the authentication information storing unit, and wherein the information processing apparatus comprises; a second request unit configured to transmit input first authentication information to the first authentication server thereby requesting an authentication based on the first authentication information to the first authentication server; a result acquiring unit configured to acquire a result based on the determination by the determination unit from the first authentication server in response to the request from the second request unit; a permission unit configured to permit use of the information processing apparatus when the authentication is determined as successful based on the result acquired by the result acquiring unit; and a registration request unit that is configured, in the case that the authentication is determined as failed based on the result acquired by the result acquiring unit and in the case of receiving an inquiry for the registration of the first authentication information, to transmit the second authentication information for identifying the user input from an operation unit to the first authentication server thereby requesting a registration. - View Dependent Claims (2, 3, 4, 5, 10)
-
-
6. An authentication server capable of communication with one or plural information processing apparatuses, and a user authentication server storing at least second authentication information for identifying a user, through a communication medium, comprising:
-
an authentication information storing unit configured to store a first authentication information for permitting use of the information processing apparatus; a period setting unit configured to set a period for registering the first authentication information; a latest log-in time storing unit configured to store a latest time information at which the authentication is successful as a log-in time in combination with the first authentication information; a determination unit configured to determine whether first authentication information received from the information processing apparatus is stored in the authentication information storing unit in order to execute an authentication based on the first authentication information; an inquiry unit configured to inquire to the information processing apparatus registration of the first authentication information, when the determination unit determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit; a first request unit that is configured, upon receiving a request for registration from the information processing apparatus as a response to the inquiry by the inquiry unit, to request to the user authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information; a registration unit that is configured, when a reception from the user authentication server of a result of authentication indicating that the second authentication information is registered in the user authentication server, to register the second authentication information and the first authentication information that is determined by the determination unit as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; and a deletion unit configured, when the period set by the period setting unit elapses from the latest log-in time stored in the latest log-in time storing unit, to delete from the authentication information storing unit the first authentication information combined with the latest log-in time and the second authentication information combined with the first authentication information.
-
-
7. A method for an information processing system, in which one or plural information processing apparatuses, a first authentication server storing first authentication information for permitting use of the information processing apparatus, and a second authentication server storing at least second authentication information for identifying a user, are capable of communication through a communication medium, wherein the first authentication server includes an authentication information storing unit configured to store a first authentication information for permitting use of the information processing apparatus, the method comprising:
-
in the first authentication server; a period setting step of setting a period for registering the first authentication information; a latest log-in storing step of storing a latest time information at which the authentication is successful as a latest log-in time in combination with the first authentication information; a determination step of determining, for executing an authentication based on the first authentication information received from the information processing apparatus, whether the first authentication information is stored in the authentication information storing unit; an inquiry step of inquiring to the information processing apparatus registration of the first authentication information, when the determination step determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit; a first request step of, upon receiving from the information processing apparatus as a response to the inquiry a request for registration, requesting to the second authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information; a registration step of registering, in response to a reception from the second authentication server as a response to the request of a result indicating that the second authentication information is registered in the second authentication server, the second authentication information and the first authentication information that is determined as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; and a deletion step of deleting, when the period set by the period setting step elapses from the latest log-in time stored in the latest log-in time storing step, the first authentication information combined with the latest log-in time and the second authentication information combined with the first authentication information, from the authentication information storing unit, and in the information processing apparatus; a second request step of transmitting input first authentication information to the first authentication server thereby requesting to the first authentication server an authentication based on the first authentication information; a result acquisition step of acquiring, from the first authentication server in response to the second request, a result based on the determination in the determination step by the first authentication server; permitting use of the information processing apparatus when the authentication is determined as successful based on the acquired result; and a registration request step of, in the case that the authentication is determined as failed based on the acquired result and in the case of receiving an inquiry for the registration of the first authentication information, transmitting the second authentication information for identifying the user input from an operation unit to the first authentication server, thereby requesting a registration.
-
-
8. A method executed in an authentication server which is capable of communication with one or plural information processing apparatuses, and a user authentication server storing at least second authentication information for identifying a user, through a communication medium, the authentication server including an authentication information storing unit configured to store a first authentication information for permitting use of the information processing apparatus, the method comprising:
-
a period setting step of setting a period for registering the first authentication information; a latest log-in storing step of storing a latest time information at which the authentication is successful as a latest log-in time in combination with the first authentication information; a determination step of determining, for executing an authentication based on the first authentication information received from the information processing apparatus, whether the first authentication information is stored in the authentication information storing unit; an inquiry step of inquiring to the information processing apparatus registration of the first authentication information, when the determination step determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit; a first request step of, upon receiving from the information processing apparatus as a response to the inquiry a request for registration, requesting to the user authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information; a registration step of registering, when a reception from the user authentication server of a result of authentication indicating that the second authentication information is registered in the user authentication server, the second authentication information and the first authentication information that is determined as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; and a deletion step of deleting, when the period set by the period setting step elapses from the latest log-in time stored in the latest log-in time storing step, the first authentication information combined with the latest log-in time and the second authentication information combined with the first authentication information, from the authentication information storage unit. - View Dependent Claims (9)
-
-
11. An information processing system, in which one or plural information processing apparatuses, a first authentication server storing first authentication information for permitting use of the information processing apparatus, and a second authentication server storing at least second authentication information for identifying a user, are capable of communication through a communication medium,
wherein the first authentication server comprises: -
an authentication information storing unit configured to store a first authentication information for permitting use of the information processing apparatus; a determination unit configured, for executing an authentication based on the first authentication information received from the information processing apparatus, to determine whether the first authentication information is stored in the authentication information storing unit; an inquiry unit configured to inquire registration of the first authentication information to the information processing apparatus, when the determination unit determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit; a first request unit configured, upon receiving a request for registration from the information processing apparatus as a response to the inquiry by the inquiry unit, to request to the second authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information; a registration unit configured, in response to a reception from the second authentication server as a response to the request by the first request unit of a result indicating that the second authentication information is registered in the second authentication server, to register the second authentication information and the first authentication information that is determined by the determination unit as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; a second authentication server inquiry unit configured to inquire whether the second authentication information stored in the authentication information storing unit is registered in the second authentication server; a second authentication information acquiring unit configured to acquire, from the second authentication server, the second authentication information not registered in the second authentication server; and a deletion unit configured to delete the second authentication information acquired by the second authentication information acquiring unit and the first authentication information combined with the second authentication information, from the authentication information storing unit, and wherein the information processing unit comprises; a second request unit configured to transmit input first authentication information to the first authentication server thereby requesting to the first authentication server an authentication based on the first authentication information; a result acquiring unit configured to acquire from the first authentication server in response to the request from the second request unit a result based on the determination by the determination unit; a permission unit configured to permit use of the information processing apparatus when the authentication is determined as successful based on the result acquired by the result acquiring unit; and a registration request unit that is configured, when the authentication is determined as failed based on the result acquired by the result acquiring unit and in the case of receiving an inquiry for the registration of the first authentication information, to transmit the second authentication information for identifying the user input from an operation unit to the first authentication server thereby requesting a registration.
-
-
12. A method executed by an information processing system, in which one or plural information processing apparatuses, a first authentication server storing first authentication information for permitting use of the information processing apparatus, and a second authentication server storing at least second authentication information for identifying a user, are capable of communication through a communication medium, the method comprising:
-
the first authentication server performing; an authentication information storing step of storing in an authentication information storing unit a first authentication information for permitting use of the information processing apparatus; a determination step of, for executing an authentication based on the first authentication information received from the information processing apparatus, to determining whether the first authentication information is stored in the authentication information storing unit; an inquiry step of inquiring registration of the first authentication information to the information processing apparatus, when the determination step determines that the first authentication information received from the information processing apparatus is not stored in the authentication information storing unit; a first request step of, upon receiving a request for registration from the information processing apparatus as a response to the inquiry by the inquiry step, requesting to the second authentication server an authentication based on a second authentication information for identifying the user contained in the request for registration, wherein the second authentication information is different from the first authentication information; a registration step of, in response to a reception from the second authentication server as a response to the request by the first request step of a result indicating that the second authentication information is registered in the second authentication server, registering the second authentication information and the first authentication information that is determined by the determination step as not stored in the authentication information storing unit in mutual combination in the authentication information storing unit; a second authentication server inquiry step of inquiring whether the second authentication information stored in the authentication information storing unit is registered in the second authentication server; a second authentication information acquiring step of acquiring, from the second authentication server, the second authentication information not registered in the second authentication server; and a deletion step of deleting the second authentication information acquired by the second authentication information acquiring step and the first authentication information combined with the second authentication information, from the authentication information storing unit, and the information processing apparatus performing; a second request step of transmitting input first authentication information to the first authentication server thereby requesting to the first authentication server an authentication based on the first authentication information; a result acquiring step of acquiring from the first authentication server in response to the request from the second request step a result based on the determination by the determination step; a permission step of permitting use of the information processing apparatus when the authentication is determined as successful based on the result acquired by the result acquiring step; and a registration request step of, when the authentication is determined as failed based on the result acquired by the result acquiring step and in the case of receiving an inquiry for the registration of the first authentication information, transmitting the second authentication information for identifying the user input from an operation unit to the first authentication server thereby requesting a registration. - View Dependent Claims (13)
-
Specification