1. Field of the Invention
The present invention relates to an image forming apparatus which prevents unauthorized printing, an image forming system, and control methods thereof.
2. Description of the Related Art
Existing image forming apparatuses can perform printing from a client PC via a network. Image forming apparatuses have until the recently only been used within the confines of an office, but since they are now connected to the Internet, it is now possible to print from outside the office. This has brought about a new usage method whereby an image forming apparatus is used in place of a FAX apparatus, thus improving convenience.
However, since anyone can perform printing via the Internet, a problem arises whereby such anonymity is misused through unauthorized printing. More specifically, for example, mass printing of, for example, advertisement data is a known problem. Especially, in recent years, an attack method called cross-site scripting (XSS) has become known. In XSS, an unauthorized script is embedded in a web server using a PUT method of an HTTP server; then, client PCs that refer to that site are used to execute unauthorized printing. As a result, resources such as print sheets and toner are wasted by such unauthorized printing which poses a problem for the administrators and legitimate users of such image forming apparatuses with respect to printing normal print jobs.
Conventionally, in order to prevent such unauthorized printing, it is a common practice to provide an authentication mechanism that specifies a user who transmitted a job, and permits only a legitimate user to perform printing. For example, IPP (Internet Printing Protocol), defined by RFC 2911, will be exemplified below. IPP uses HTTP (HyperText Transfer Protocol), defined by RFC 2616 as its transport layer. For this reason, a user who performed printing can be authenticated by, for example, BASIC authentication/Digest authentication included in the HTTP protocol itself. As another method, a dedicated printer driver is used so that print data itself includes authentication information, and an image forming apparatus extracts authentication information included in data and performs authentication upon analysis of the print data.
Japanese Patent Laid-Open No. 2004-164233 proposed a technique that temporarily stores received print data in a storage device, and actually prints only print data corresponding to a printer model, so as to prevent unwanted printing. According to the technique described in Japanese Patent Laid-Open No. 2004-164233, even when unauthorized print data is sent to the printer, if model information included in the print data does not match, that print data is deleted without being printed, thus suppressing wasteful printing.
However, the aforementioned related arts suffers problems to be described below. For example, in the authentication method of the related art, authentication information such as a user name and password required to perform authentication has to be set in advance in the image forming apparatus. For this reason, an administrator is required to perform troublesome operations such as maintenance of authentication information, and synchronization of items of authentication information in respective apparatuses when there are a plurality of image forming apparatuses.
Also, the technique described in Japanese Patent Laid-Open No. 2004-164233 allows control that prohibits printing until the user selects stored print data and inputs a print instruction when the size of print data exceeds a prescribed value. However, when a legitimate user executes printing that exceeds the prescribed value of the size, and print processing is not executed in practice, the user notices it only when he or she moves to a position in front of the image forming apparatus. Therefore, in an urgent case, the user has to issue a new print instruction there, and wait for completion of printing, resulting in inconvenience.