1. Field of the Invention
This invention relates to login control for peripheral devices having multiple applications, at least some of which require an operator to login. For example, a peripheral device may include printer, scanner and photocopier applications each having login requirements.
2. Description of the Related Art
Traditional office photocopiers, scanners and printers have developed considerably in recent years. Typically, scanners, printers and photocopiers were separate, stand-alone devices. Multi-purpose devices, termed Multi-Functional Products (MFPs), have been developed in recent times that are typically able to print, scan and photocopy documents as well as transfer files, such as scanned images, over a network.
FIG. 1 shows a network consisting of an MFP 2 connected to a file server 4 and an E-Mail client 6 over a local area network (LAN) 8. LAN 8 is also connected to the Internet 10. In addition to being connected to local file server 4 and local Email client 6 via LAN 8, MFP 2 is also connected to remote file server 12 and remote Email client 14 via the Internet 10. Documents can be sent over a network consisting of LAN 8 or LAN 8 and the Internet 10 to MFP 2 for printing: similarly, scanned files can be transmitted from MFP 2 over such networks.
It is known to provide login arrangements for a wide range of applications. For example, users of computer workstations are used to being required to login by entering their username and password. These are transmitted to and checked by a security program and if they are correct the user is logged on. This kind of logging in is often referred to as “logging on to the network”.
In relation to multi-functional products of the form described above, it is known to provide login arrangements to restrict access to unauthorised users and to monitor the usage of the devices for charging purposes. This may be used in a shared office environment to reduce the risk of confidential information being seen by unauthorised individuals, or to provide a means for charging for resources on the basis of use.
Canon Inc. provides a wide range of MFPs that are compatible with the present invention. Many of these MFPs include a Multifunctional Embedded Application Platform (MEAP) as is known in the art. The MEAP platform allows applications written in a Java-type language to be installed and run on the MFP (these are known as MEAP applications). These applications can then control the operation of the MFP and can display user information and receive user input from an operator, typically via a touch sensitive screen. Of course, other forms of embedded software application environments for an MFP could be used.
There are many known login arrangements that can readily be incorporated into MFPs and the like. These include:                Username and/or password.        PIN code.        Magnetic cards used in conjunction with a card reader.        Proximity cards which do not require the user to pass the card through a card reader.        
FIG. 2 shows a first approach for providing a login arrangement for a multi-functional product (MFP). The arrangement shown in FIG. 2 includes first 16, second 18, third 20 and fourth 22 applications. Those applications may, for example, implement printing, scanning, faxing and mailbox functions, respectively, and may be MEAP applications.
In addition to standard functions available with MFPs, custom applications can readily be designed (for example by writing new MEAP applications). For example, the inventors are aware of a number of such applications, including, by way of example:                An application in which a print job is held at an MFP until an operator's identity has been verified at the device itself, thereby increasing the security of printing confidential information.        A queue management arrangement so that jobs can be printed out in a particular order, for example in order of urgency.        Accounting systems to determine the amount of usage of particular functions, for charging purposes.        
Overlaying the applications 16 to 22 is a login application 24. In the structure of FIG. 2, in order to gain access to any of the applications 16 to 22, a user must be logged in via the login application 24. Once the user is so logged in, then he/she has full access to each of the applications 16 to 22.
FIG. 3 shows a second approach for providing a login arrangement for an MFP. In the arrangement of FIG. 3, first 26, second, 28, third 30 and fourth 32 applications are provided. The arrangements 26 to 32 could, for example, implement printing, scanning, faxing and mailbox functions, respectively. Application 26 is provided with login arrangement 34. In a similar manner, applications 28, 30 and 32 are provided with login arrangements 36, 38 and 40, respectively.
In the structure of FIG. 3, in order to gain access to any of the applications 26 to 32, the operator needs to login via the login arrangement associated with the application concerned.
FIG. 4 shows a third approach for providing a login arrangement for an MFP that combines features of the first and second arrangements described above. In the arrangement of FIG. 4, first 42, second 44, third 46 and fourth 48 applications are provided. The arrangements 42 to 48 could, for example, implement printing, scanning, faxing and mailbox functions, respectively. Overlaying the applications 42 to 48 is a login application 50.
In the structure of FIG. 4, in order to gain access to any of the applications 42 to 48, a user must be logged in via the login application 50. In addition, applications 42, 44, 46 and 48 are provided with login arrangements 52, 54, 56 and 57, respectively. In the example of FIG. 4, in order to gain access to any of the applications 42 to 48, the operator needs to login via the login arrangement associated with the application concerned. It should be noted that it is not essential to provide each of the applications 42 to 48 with its own login arrangement. For example, the login arrangement 57 may be omitted. In such an arrangement, in order to login to application 46 it would be necessary to login via the login arrangement 50 and the login arrangement 56, but in order to login to the application 48 it would only be necessary to login via the login arrangement 50.
Consider the following scenario, described with relation to the arrangement of FIG. 1. An operator wishes to send a set of documents to an MFP for printing. This is done, in this exemplary scenario, in the form of an email, which is sent to the email address of the MFP from the local email client 6, making use of the mailbox function of the MFP. That same operator also wishes to scan a document using the scanner function of the MFP and store those documents on the remote file server 12. The mailbox and scanning functions of the MFP each require the operator to login before they can be carried out.
Consider first the login arrangement of FIG. 2. The operator simply logs in via the login arrangement 24. (The means by which the operator logs in could take one of many forms, as discussed elsewhere in this specification.) The operator then has complete access to both the mailbox function and the scanning function. It is not possible to provide separate login requirements for the printer and the scanner using the arrangement of FIG. 2.
Consider the second login arrangement of FIG. 3. In order to access the mailbox function, the user needs to log in to that function. Once the documents sent to the mailbox have been printed, the operator must login to the scanning function in order to carry out the scanning of the documents.
Consider the third login arrangement of FIG. 4. In order to access either the mailbox function or the scanning function, the operator must first login via the login arrangement 50. Then, in order to access the mailbox function, the operator must login to that function. After that, in order to login to the scanning function, the operator must separately login to that function.
The first login arrangement of FIG. 2 has the advantage that it is simple, but it lacks flexibility. Only one login procedure is required, which would be popular with operators. However, it is not possible to allow an operator to access some applications without a password, whilst still protecting others with login requirements. Further, as noted above, it is not possible to provide different login requirements for different applications. A further potential problem is that an individual operator may log in when the MFP is first powered up and remain logged in, leaving other operators free access to the device.
The second login arrangement provides flexibility regarding the applications that require a login procedure, but is likely to lead to an operator logging in repeatedly, possibly using different login procedures required by different application developers.
The third login arrangement provides yet further flexibility from an application developer's point of view but further complicates the operation of the device from an operator's point of view.
The goals of flexibility for the application developer in terms of defining the login requirements and ease of use for the operator are contradictory in the known login arrangements described above. A further problem with some existing solutions is that the login procedure is separately designed for each application, increasing development time and resulting in applications having quite different functionalities.