1. Field of the Invention
The present invention relates to an information processing system, information processing apparatus, and peripheral and, more particularly, to an information processing system comprising an information processing apparatus such as a PC and a peripheral such as a multifunction printer having a scanner function which connect to a network.
2. Description of the Related Art
Recently, computer techniques and communication techniques have remarkably advanced, and networks have become widespread not only in offices but also in households. As terminals forming these networks, peripheral devices such as printers which have network functionalities are commercially available and becoming increasingly popular.
It is easy to enable terminal apparatuses connected to a network to communicate with each other. For example, a wired LAN may be used to enable a given terminal apparatus to connect to a network by using a cable to connect to the network and setting up an IP address. A wireless LAN allows a given terminal apparatus to connect to a network from, for example, outside a room, if the apparatus satisfies predetermined conditions, e.g., its identifier matches an identification code called an SSID (Service Set Identifier) which indicates a network group. For this reason, it may be possible for an unintended terminal apparatus (e.g., unauthorized terminal apparatus) to connect to a network. As a result, the unintended terminal apparatus may be used to read out or rewrite files in other apparatuses connected to the network without authorization. In certain cases, it may be possible for a user of an unauthorized apparatus to use a printer connected to the network without authorization. Furthermore, it may be possible for a user of an unauthorized apparatus to read a document placed on the document table of a scanner connected to the network. Moreover, it may be possible for a user of an unauthorized apparatus to change settings for a device connected to the network.
To address the above concerns, an access restriction function typified by a function called MAC address filtering is sometimes provided for a network transfer unit, a network recording apparatus, or the like. A MAC address is an address which is assigned to the media access control layer of a network and is unique to each network device. This address is displayed by using 16 digits in hexadecimal notation. MAC address filtering or the access restriction function is a function of registering in advance a MAC address which permits communication and receiving communication from only a network device having the registered MAC address on the basis of the fact that the MAC address is a unique address.
In order to use such an access restriction function or MAC address filtering function, it is necessary to register the MAC address of a device whose communication is permitted or rejected. As described above, however, a MAC address has 16 digits in hexadecimal notation, which an average user might be unfamiliar with. It is therefore very difficult for the user to understand the address, and it is very cumbersome to input the MAC addresses of a plurality of devices.
In order to solve this problem, various proposals have been made conventionally. For example, according to Japanese Patent Laid-Open No. 2006-203422, a printer discriminates whether a received packet complies with a predetermined protocol. Upon determining that the packet complies with the protocol, the printer stores a transmission source address in advance, and displays the stored address upon activation of an access restriction setting utility. There has also been proposed a technique of allowing a user to register an address which permits access by selecting it from the displayed addresses.
In addition, with regard to an authentication apparatus for an MFP (Multi Function Peripheral), Japanese Patent Laid-Open No. 2003-110551 discloses the following technique. This technique displays, on a display, identification information which can identify a terminal apparatus on the basis of the apparatus address transmitted from the terminal apparatus, and allows the user to select, by using input keys, a terminal apparatus for which a predetermined service is permitted to be provided on the basis of the displayed identification information. The technique then transmits an apparatus address corresponding to the identification information of the selected terminal apparatus to the service providing apparatus by using a wireless unit or the like. On the other hand, the service providing apparatus of the MFP stores the apparatus address transmitted from the authentication apparatus in a RAM. In addition, the service providing apparatus collates the apparatus address transmitted from the terminal apparatus with the apparatus address stored in the RAM. If the two apparatus addresses match, a service request from the terminal apparatus is permitted to allow the terminal apparatus to be registered in the service providing apparatus of the MFP.
These proposals implement an access restriction function or MAC address filtering function which can register, in a target apparatus, a terminal apparatus for which communication and service request are permitted without making the user manually input a MAC address.
There has also been proposed a technique of reducing the load of user authentication on a device which provides services for a network by eliminating any service requests from users having no use right, and reducing network load by preventing the generation of useless service request packets.
For example, Japanese Patent Laid-Open No. 2003-330801 discloses the following technique. This technique registers device information such as a use right in a directory server and makes a user PC acquire device information from the directory server. The user PC then checks whether it has a use right of a service from the device, i.e., the self-address is registered in a service use right item. If the address is registered, the user PC transmits a service request job to the device. If no service use right is available, the user PC searches for, from the previously obtained device information, a device which can provide a service similar to the requested service and for which the PC has a use right. If an alternative device exists, the user PC transmits a service request job to the alternative device upon obtaining permission from a job issuer. If no alternative device exists, the user PC notifies the job issuer that the PC has no service use right, and terminates the processing.
Japanese Patent Laid-Open No. 2003-132029 discloses techniques in a network system shared by visitors who are unfamiliar with the installed system and staff who are familiar with the system. These techniques are designed to prevent troubles caused by operation errors by visitors who are unfamiliar with the system and prevent confusion due to complicated function display. According to Japanese Patent Laid-Open No. 2003-132029, this system comprises a means for specifying the user of a second device which can communicate with a first device, refers to the use history of the first device by the specified user, and restricts a function of permitting the use of the first device in accordance with the use history.
Peripherals connecting to a conventional network include one having a so-called scanner function of transmitting data generated by reading a document (which will be referred to as scan data, image data, or document data hereinafter) to an information terminal apparatus.
This scanner function includes a pull scan function and a push scan function. The pull scan function is a function of transmitting scan data from a peripheral to an information terminal apparatus when the peripheral activates the scanner function upon operation on the information terminal apparatus side. The push scan function is a function of determining, by operation on the peripheral side, an information terminal apparatus to which scan data is to be transmitted, and transmitting the scan data to the information terminal apparatus. With regard to this push scan function, several techniques have been disclosed.
In an image reading system including an image reading apparatus which reads a document image and outputs image data and an information processing terminal which inputs the output image data, for example, the following image data transmission/reception control is performed. Japanese Patent Laid-Open No. 10-150520 discloses a technique of checking, by referring to information held by an image reading apparatus, whether the operation unit of the image reading apparatus has issued an image read instruction, and instructs the image reading apparatus to start reading an image, when an image read instruction has been issued. The information processing terminal receives image data obtained by causing the image reading apparatus to read an image in accordance with this instruction.
In addition, Japanese Patent Laid-Open No. 2002-077504 discloses a method in which, in order to transmit image data to a desired terminal apparatus through a network by scanner operation, mail is generated and transmitted upon attachment of the image data thereto.
Furthermore, Japanese Patent Laid-Open No. 2004-215009 discloses a technique of reading an image and transmitting image data by selecting a transmission destination information terminal apparatus and an application with respect to the push scan function of an image reading apparatus connecting to a network. This technique allows transmission of image data in accordance with the application executed by the transmission destination information terminal apparatus.
In general, a network system which comprises a plurality of clients and a server and in which communication between a specific client and the server is not occupied has two methods of recognizing event notification from the server to a specific client.
One is a method of making the server notify all or a specific one of the clients of the occurrence of an event. According to this method, in a system comprising PCs as clients and an MFP as a server, in order to make the MFP body notify a PC of an event, the MFP notifies the PC of the occurrence of the event.
More specifically, the MFP itself notifies all the PCs on the network of the occurrence of the event by using broadcasting based on UDP (User Datagram Protocol) communication. Thereafter, the corresponding PC alone recognizes the notification of the event, and requests the MFP to provide a service using TCP communication. This method is simple as an event notification method, and produces only a small time difference from event occurrence. However, from the client viewpoint, unintended communication is performed. In order to cope with sudden event notification from the server, each client must always open a specific communication port, resulting in instability in terms of security. Some firewall function comprising security software, in particular, shuts off event notification communication from the above server. As a consequence, the clients cannot detect any event occurrence.
The other is a method of making the clients poll the server. According to this method, in a system comprising PCs as clients and an MFP as a server, in order to detect event occurrence in the MFP, each PC polls the MFP.
More specifically, a PC issues a polling request to the MFP by UDP communication, and at the same time, the MFP holds the list information of the PC with which the MFP is communicating. Upon occurrence of the polling request event from the PC, the MFP notifies the occurrence of the event through only the polling response to the PC as an event target. This makes the PC recognize the notification of the event and request the MFP to provide a service using TCP communication. Although this method is more complicated in operation than the above method, the server reflects the occurrence of an event in a polling response, and hence can reliably notify only a predetermined client of event occurrence. In addition, since no client receives any unintended communication, the reliability of security is high.
This method, however, produces a time difference from the occurrence of an event. Therefore, simply shortening the polling cycle will increase the loads on the network and its constituent devices. In contrast, simply prolonging the polling cycle will increase the time difference from the occurrence of an event to the detection of the event. That is, it is necessary to properly set a polling cycle, and hence a polling cycle changing method has been proposed as disclosed in Japanese Patent Laid-Open No. 2005-260987.
According to Japanese Patent Application No. 2006-203422 and Japanese Patent Laid-Open No. 2003-110551, however, the access restriction or MAC address filtering function is one-sidedly set in a peripheral, and any information about the setting is not notified to a terminal apparatus which tries to access the peripheral or receive a service therefrom. When, for example, a terminal apparatus which is set so as not to receive any service from the peripheral tries to communicate with the peripheral without knowing this fact, the terminal apparatus receives no response. Therefore, the terminal apparatus repeats retry until timeout, thus producing useless traffic and processing. The user of the terminal apparatus is not either notified that the apparatus is set so as not to receive any service from the peripheral. For this reason, the user performs operation for the use of a service from the peripheral. As a result, the user wastes much effort and time.
According to Japanese Patent Laid-Open No. 2003-330801, a directory server registers device information such as a use right, but does not notify any user PCs of the information. Each user PC must therefore inquire of the directory server, and hence traffic occurs between the user PC and the directory server, and the user PC needs to perform processing for an inquiry.
According to Japanese Patent Laid-Open No. 2003-132029, the timing at which restriction contents are determined coincides with the timing at which the user tries to use a first device from a second device, and the user is notified of the contents upon determination thereof. When the second device requests the first device to execute a print job or executes processing for actually using the first device, e.g., detecting the state of the first device, the user is specified, and restriction contents are determined. The user is then notified of the contents. In addition, this technique notifies the user of the contents by screen display, voice output, or the like by the second device at best. Therefore, after performing some kind of operation for the use of the function of the first device by using the second device, the user is notified of the restriction of the function if the function is restricted. Therefore, the operation and time during this period are wasted.
The push scan operation disclosed in Japanese Patent Laid-Open No. 10-150520 is based on the assumption that an image reading apparatus and an information processing terminal directly and locally, i.e., one-to-one, connect to each other by IEEE1284 or the like. In order to allow a plurality of information processing terminals to share an image reading apparatus through a network, this technique can use an arrangement in which one of the information processing terminals connects to the network, and the remaining information processing terminals receive image data through the information processing terminal connecting to the network. This reference, however, makes no reference to a case wherein the image reading apparatus connects to the network. Therefore, an intermediary information terminal apparatus is always required to allow the remaining information terminal apparatuses to receive image data. In order to allow an information processing terminal to check, for example, whether the operation unit of an image reading apparatus has issued an image read instruction, it is necessary to store the information input from the operation unit in the memory of the image reading apparatus and make the information processing terminal read out the information stored in the memory. It is therefore inefficient for a plurality of information processing terminals to read out information from the memory of the image reading apparatus, and this reference does not clearly indicate any means for specifying to which information processing terminal image data is to be transmitted.
For the push scan operation disclosed in Japanese Patent Laid-Open No. 2002-077504, a scanner apparatus needs to have a mail generation function and mail transmission function, and requires a means for processing image data into an attached file to be attached to mail. This imposes a processing load on the scanner apparatus and increases the apparatus cost. In addition, it is cumbersome to input an mail address to the scanner apparatus for every transmission and register information in advance.
The push scan function disclosed in Japanese Patent Laid-Open No. 2004-215009 registers in advance an information terminal apparatus to which read image data is to be transmitted, and allows the user to select one of the pieces of registered information terminal information at the start of push scan operation, thereby eliminating the cumbersomeness of address input operation and the like.
According to the technique disclosed in Japanese Patent Laid-Open No. 2004-215009, however, when push scan operation is performed for the image reading apparatus, the image reading apparatus requests the information terminal apparatus to transmit a read command. In other words, the image reading apparatus issues a read command transmission request to the information terminal apparatus by a so-called interrupt system. In this case, if, for example, an information terminal apparatus cannot receive image data for some reason, for example, because the apparatus is in a power OFF state, timeout occurs and the image data cannot be transmitted. In such a case, the push scan operation is useless operation, and time is wasted. Assume that such information is notified by the interrupt system. In this case, since the notification packet is abruptly transmitted, the firewall of the information terminal apparatus may discard the packet, and the notification may not reach the information terminal apparatus. In addition, this technique is based on the assumption that information terminal apparatuses and a scanner apparatus are arranged in one-to-one correspondence or many-to-one correspondence, and gives no consideration to a case wherein a plurality of scanner apparatuses connect to a network.
The method disclosed in Japanese Patent Laid-Open No. 2005-260987 needs to additionally have a mechanism of explicitly transmitting a request to set a polling cycle, and hence requires an additional arrangement on the system.
While a server which periodically receives polling signals for state acquisition from a plurality of clients is processing a high-load service request, polling from the clients becomes a load. This may affect processing for a service. In addition, when polling from a plurality of clients concentrate on the server, it imposes a load on the server. As a result, if the server cannot receive a service request from a client which is generated as a result of polling during the processing of a service, polling causes useless network traffic. On the other hand, when performing polling in accordance with a requested cycle on the server side, the client side cannot perform operation in consideration of the processing load on the client, resulting in a reduction in the degree of freedom of the client.