These days, a number of digital Multi Function Peripherals (DMFPs) are installed in ordinary offices. A DMFP has functions of scanning, copying, printing, faxing, etc., and is equipped with a built-in hard disc, and connected to a network. Some of them are capable of higher functions including Web browsing and Java® applications. The DMFP, therefore, is used not only as a copier, printer, fax machine, etc., but also as a terminal device for document filing, network communication, etc. This makes it essential that the DMFP be provided with sufficient security measures against illegal use or data leaking.
Instances of security measures for the use of a DMFP include authentication using a password or information given by IC card, or human body authentication using human body information on a fingerprint, eyeball, etc. Such authentication is carried out to determine on whether a user is an authentic person who is authorized to use the DMFP. In an authentication process, a user's input of authentication information is compared with password/IC card information or human body information on fingerprints, eyeballs, etc., of an access-authorized person, the access-authorized person information being prerecorded in the DMFP. When the input information agrees with the prerecorded information, the user is authenticated, and is authorized to use the DMFP.
For example, when a user authorized to use a DMFP copies a manuscript, the manuscript is read by a scanner, and the read image data is stored in a built-in hard disc, and then a printed matter is put out using a copying function. When image information transmitted to the DMFP from an external information processor via a network is printed out, the image information from the external information processor is temporarily stored in the hard disc, and then a printed matter is put out using the printing function. The user must invalidate authentication on the user after obtaining the printed matter, etc., at the end of the process by the DMFP. This invalidation of authentication is imperative.
A user authorized to use a DMFP, however, may happen to fail to invalidate authentication on the user after the use of the DMFP because of forgetting the invalidation or other reasons. In such a case, as the authentication on the user remains effective, the DMFP mistakenly considers a person who is not entitled to authorization as a user authorized to use the DMFP. Meanwhile, the hard disc of the DMFP keeps a part of previously processed image data unless the data is completely deleted. This leads to an accident that information involving the image data is printed out or transmitted out fraudulently to cause an information leak, thus ensuring security becomes difficult.
Related to user authentication on a conventional image processing apparatus, the DMFP disclosed in the Japanese Laid-Open Patent Publication No. 2005-244488, has been known. This DMFP provides an information reading unit that sends an electromagnetic signal to a user's portable memory card carried by a user into a detection area to read identification information of the user, a memory unit that stores the information that limits the use of function which is preset on the authenticated user on the basis of the identification information read out of the memory card, and a controlling unit that limits functions available for the authenticated user according to the information that limits the use of function extracted from the memory unit. The DMFP thus can set limitations in using various functions of the DMFP for each user.