1. Field of the Invention
The present invention relates to a job processing system, job processing method, and non-transitory computer-readable medium. The present invention particularly relates to the control of job encryption in job processing.
2. Description of the Related Art
Recently, a technique such as a cloud computing system or SaaS (Software as a Service) is used as a form of performing various processes on a server computer. In cloud computing, requests from many clients can be processed at the same time by executing data conversion and data processing by distributing them by using many computing resources. In addition, to fully utilize this feature of the cloud computing, there is a technique that implements a series of processes on a server by connecting finely defined tasks, and simultaneously processes the tasks in parallel, thereby scalably processing a large number of jobs.
In the above processing, temporary data generated by data conversion and data processing in individual tasks are separately managed for each tenant indicating a user's group. Since physically separating data for each server or the like requires a very high cost, data is managed in a tenant logically separated by designating the tenant ID when the data is saved and acquired.
When managing data for each tenant, the security can be improved by encrypting the data by using the tenant ID.
Japanese Patent Laid-Open No. 8-316951 has disclosed audio data wireless communication in which a plurality of encryption methods and identifiers for uniquely identifying them are managed by using a table. When performing encryption or decryption, an encryption method corresponding to the identifier is specified from the table, and encryption or decryption is performed using the encryption method. Since data to be transmitted by wireless communication contains encrypted audio data and the identifier of the encryption method, the data can be decrypted by using the same algorithm as that used in encryption.
When performing a job such as scanning that is closed within a tenant, an encryption key uniquely generated from the tenant ID need only be used. However, this shall exclude the execution of processing by which, for example, the processing result of a task is finally transmitted as data outside a tenant by using an apparatus such as a FAX apparatus. For example, if a task that is going to acquire processing target data acquires data of another job in the same tenant by mistake, the task can decrypt the acquired wrong data because it belongs to the same tenant. Consequently, the task transmits the wrong data outside the tenant. That is, the technique that encrypts data to be used by, for example, scan processing and FAX processing by using the same encryption method as described above cannot solve this problem.
In Japanese Patent Laid-Open No. 8-316951, the identifier is bundled with data, so the data can always be decrypted by referring to the table. This makes it impossible to prevent data acquired by mistake from being transmitted as wrong data outside a tenant.