1. Field of the Invention
The present invention relates to a communication apparatus and a control method and a storage medium therefor, and more particularly, to a technique for improving the security of data transfer between a multi-homed communication apparatus and networks.
2. Description of the Related Art
Some of printers in a printing system on a network environment have a function of printing a job transmitted from a PC (personal computer) via a network, storing the job, and transmitting the stored job to a desired PC on the network.
Since such printers of the printing system are sharedly used by users, users' usage of printers is sometimes managed to maintain and improve the security of the printing system. With the management of users' printer usage, users able to use printers are limited and usable processes are determined according to each individual user, whereby the security of the printing system is improved (see, for example, Japanese Laid-open Patent Publication No. 10-93803).
Another system having a plurality of network interfaces (I/Fs) and configured to change processing according to which I/F is used for data reception has been proposed. When receiving a network packet from a terminal apparatus such as a PC, the proposed system identifies the terminal apparatus based on network packet transmission source information, and implements a function requested by the identified terminal apparatus in accordance with a predetermined rule for the identified apparatus. In a case for example that a color printing request is received, color printing is performed, if the request is received from any of designated IP addresses, whereas color printing is not performed, if the request is received from an IP address other than the designated IP addresses (see, for example, Japanese Laid-open Patent Publication No. 2004-080331).
In recent years, a so-called multi-homed terminal apparatus has been provided that has a plurality of network I/Fs and is configured capable of being simultaneously connected with different networks. Such a construction is advantageous in, for example, that even if communication with one of the networks cannot be established, communication can be achieved via another network, and that each individual terminal apparatus can be connected to a plurality of independent networks.
Also for a printing system, there is a demand of having multi-home connectivity, and a multi-horned printing system including image forming apparatuses or including image forming apparatuses and a print control apparatus is known. The print control apparatus is utilized to add image forming apparatuses with a network printer function or expand the existing network printer function of image forming apparatuses. An image forming apparatus that can be network-connected via a print control apparatus of this type is proposed in, e.g., Japanese Laid-open Patent Publication No. 2002-312140.
However, in some cases, a multi-homed printing system entails inconveniences arising from security measures for stored jobs. For example, a problem is posed that data cannot be exchanged between independent networks, if security levels are provided for data transmission/reception.
In a multi-homed printing system configured for a network environment where there is a superordinate/subordinate concept that data can be transmitted from a superordinate network to a subordinate network, but cannot be transmitted from the subordinate network to the superordinate network, there is a possibility that a stored job is erroneously transmitted to a network to which the stored job should not be transmitted.
With the user management disclosed in Japanese Laid-open Patent Publication No. 10-93803, when data stored into the printing system without any user management problem is reused, no restriction is applied, so that the stored data becomes reusable in contradiction to a network operation policy.
With the processing performed on a per terminal apparatus basis as disclosed in Japanese Laid-open Patent Publication No. 2004-080331, no restriction is applied to stored data, so that the stored data becomes reusable in contradiction to a network operation policy.