1. Field of the Invention
The present invention relates to a print technique of secure documents via a network.
2. Description of the Related Art
In recent years, various PCs and input and output apparatuses handle secure data via networks, the chances of confidential information leakage such as printing and distribution using printers, storage in individual PCs (personal computers), removal of information stored in USB storages, and the like is increasing. For this reason, importance is attached to security that prevents information leak, and various efforts are being made.
As one of such efforts, a scheme that encrypts secure data itself and allows only a user who has an access right to access such data is known. Also, a scheme that encrypts transmission data on a network and shares a decryption key by the sender and recipient, a scheme that manages access to a printer itself using user IDs and passwords, and allows to print only when a user is authenticated, and the like are available.
However, these systems provide security for local processing, and even when various schemes are combined, the load on a person who sets an access right becomes heavier or a security hole is generated due to omission of settings. Especially, it is difficult to prevent information leak by an access right holder.
To prevent such problems, a scheme called a secure document system in which a secure management server unifies management of PCs and input and input and output apparatuses connected to a network, and resulting high security is receiving a lot of attention.
The secure document system has the security management server as its characteristic feature that manages encrypted secure data and an access right. The PCs and input and output apparatuses connected to the network must be authenticated by the security management server as needed when they access encrypted secure data.
In the future, the opportunity of accessing and printing secure data in an office will increase not only in a meeting room which is not connected to the security management server via a network but also when one leaves the office.
On the other hand, when a document to be printed includes image data, the image data is not included in the document, but a URL indicating the location of that image data is described in a print control command called a job ticket (for example, Japanese Patent Application Laid-Open No. 10-275064). By utilizing such a job ticket, a printer outside the office can download image data stored in a server in the office, thus improving convenience.
However, the aforementioned prior art poses a problem when one accesses and prints secure data in a meeting room which is not connected to the security management server via the network or upon leaving the office. This is because a security hole must be formed in a WWW server equipped in the office to implement this.
Of course, the security hole is not desirable in terms of security against computer viruses, hacking, and the like.
In a method in which a WWW server for the outside is started up and required image data is downloaded from there only upon printing from a print control apparatus outside the office, not only extra equipment is required, but also tremendous manpower is required in management and maintenance of this WWW server. When one wants to download image data from the server in the office to a printer outside the office, the image data may be falsified since it goes through the external Internet.