Information processing system, image processing device, user device, control method and data medium

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to an information processing system, an image processing device, a user device, a control method and a data medium. The technical result is achieved through a service intermediary that receives a coordination command from a web browser to coordinate a web application server with a coordination device, generates a script to be authenticated by an authentication method which corresponds to the server, and forwards the generated script to the service provider system of the coordination addressee indicated by said coordination command. The web browser forwards to the coordination device authentication information or an authentication marker obtained in response to an input operation on a screen for inputting authentication information displayed by executing the script. The coordination device then receives and stores the authentication information or authentication marker.

EFFECT: low probability of leakage of authentication information and low probability of interception of authentication information in a communication channel by preventing storage of authentication information in a proxy server and preventing input of authentication information by a user directly into an image processing device.

9 cl, 24 dwg

 

The technical FIELD TO WHICH the INVENTION RELATES.

[0001] the Present invention relates to a data processing system, imaging device, user device, control method and storage medium.

The LEVEL of TECHNOLOGY

[0002] the technology Exists to create and maintain content in a web application by accessing the web application user using a web browser provided in the user device. The web application can not only create and save data in a web browser, but also to register for and receive content from a third-party application using the API (Application programming interface).

[0003] the Main feature of cloud computing is that cloud computing performs data conversion and data processing distributed way, using many computing resources to simultaneously process requests from multiple clients. Currently increased the number of suppliers that provide different types of services through the implementation of web services in a cloud computing environment (hereinafter called "cloud") for the implementation of cloud computing.

[0004] it is Proposed an information processing system in which a web application that acts as serverregistry services located in the cloud, provides a service in response to a request from a user device. In such a system, information processing device, information processing, such as a printer, a mobile device or etc., specified by the user, executes the corresponding service processing in coordination with the web application. For example, the web application generates and stores the print data in response to a print request from the user device, and the information-processing device, for example, the imaging device receives the print data from the web application and prints the print data.

[0005] To third-party application implemented in the imaging device, perform the processing for the print data in a web application, you need to establish communication in accordance with API for web applications. Also, to a third-party application to communicate with the web application using the API, you need to authenticate in some way authentication in response to the web application.

[0006] There is proposed a traditional technology that makes the web application to perform authentication processing in response to the web application as follows. The user directly enters authentication information, such as your user ID, password, or similar, which is used for autentificat is evident treatment, when the web application provides, in a third-party application implemented in the imaging device. Then a third-party application makes a request to receive print data including authentication information, for example, in a web application. The web application performs authentication processing using the authentication information included in the request for the print data, and transmits the print data to the imaging device, if the authentication is successful.

[0007] Also paved the Japan patent No. 2011-3100 discloses a system in which the conversion device transmits the authentication request to the third-party application authentication information used for authentication processing that is executed by the web application when providing services. The conversion device forwards the authentication request authentication information such as user ID, password, etc. by adding in the form of URL parameters third-party application in response to access from a web browser provided in the user device. If the device converting the authentication request is used to provide authentication information to the imaging device, the device query transform is autentifikacii functions as a mediation server, who is mediating in obtaining authentication information of the imaging device.

[0008] However, in the above conventional technology in which a user directly enters authentication information to the third-party application implemented in the imaging device, the introduction of the authentication information is very complicated, and accordingly the user requires considerable time and effort. Also, if a third-party application is implemented in the shared device that is shared by multiple users, the shared device is undesirable engaged in some user during the time in which the user enters authentication information.

[0009] Also, when using the unit conversion of the authentication request, disclosed in laid the Japan patent No. 2011-3100, conversion device of the authentication request (proxy server) first of all itself stores the authentication information. Therefore, the proxy server can be attacked from the outside, which will lead to the leakage of the authentication information such as user ID, password, or etc., in Addition, there is a likelihood of intercepting authentication information in the communication channel. Thus, the desired processing system info the information, which makes the imaging device to receive authentication information without storing authentication information of a proxy-server and without the introduction of authentication information by the user directly in the imaging device.

DISCLOSURE of INVENTIONS

[0010] the information processing System of the present invention induces the imaging device in coordination with the server providing services to receive authentication information without storing authentication information of a proxy-server and without the introduction of authentication information by the user directly in the imaging device.

[0011] In accordance with a feature of the present invention is the information processing system, which includes service delivery system that provides a web service in response to a request from a user device; an imaging device that performs image processing using web services in coordination with the service delivery system; and a system of intermediary, which is mediating in the provision of authentication information, which must use the imaging device when the imaging device is coordinated with the system to provide the management services. System proxy includes the unit of adoption, designed to take team coordination to coordinate the delivery of services with the imaging device from the user device over the network; and a processing unit configured to generate the script, which must be authenticated by the authentication method corresponding to the service delivery system, and transmitting the generated script to the user device. Also the user device includes a display unit configured to display the screen for entering authentication information corresponding to the service delivery system that is the target of coordination, by running a script transmitted from the intermediary; and a transmission unit configured to transmit authentication information entered on the input screen of the authentication information or authentication token issued by the service delivery system depending on the input authentication information input screen of the authentication information, the imaging device specified by the script. The imaging device includes a persistence unit configured to receive authentication information or uantification token from the transmission unit, provided in the user device, and save the authentication information or authentication token; and an authentication unit configured to receive authentication from the service using the stored authentication information or authentication token.

[0012] Additional features of the present invention will become apparent from the following description of exemplary embodiments with reference to the accompanying drawings.

BRIEF DESCRIPTION of DRAWINGS

[0013] Fig. 1 is a diagram illustrating an exemplary configuration of a system in accordance with the first embodiment.

[0014] Fig. 2 is a diagram illustrating the hardware configuration of the devices composing the system coordinate.

[0015] Fig. 3 is a diagram illustrating the software configuration of the devices composing the system coordinate.

[0016] Fig. 4 is a diagram illustrating functions implemented in the control software for the device coordinate.

[0017] Fig. 5 is a diagram illustrating functions implemented by the service proxy.

[0018] Fig. 6 is a diagram illustrating functions implemented by the web application.

[0019] Fig. 7A is a diagram illustrating an example scenario that uses the OAuth authentication method.

[0020] Fig. 7B is a diagram illustrating an example scenario using the existing basic authentication method.

[0021] Fig. 8A - 8D is a diagram illustrating screens for coordination device coordination with the web application.

[0022] Fig. 9A is a diagram illustrating a table stored by the device coordinate.

[0023] Fig. 9B and 9C is a diagram illustrating a table stored by the server proxy.

[0024] Fig. 9D and 9E is a diagram illustrating a table stored by the server the web application.

[0025] Fig. 10 is a sequence diagram illustrating processing for saving the authentication information to the web application on the device coordination through the service proxy.

[0026] Fig. 11A is a diagram illustrating the software configuration of the service proxy in accordance with the third embodiment.

[0027] Fig. 11B is a diagram illustrating a software configuration of the device coordinate in accordance with the third embodiment.

[0028] Fig. 12 is a sequence diagram illustrating processing for obtaining the status of coordination between the device interaction and the web application by using the services of a proxy through a web browser.

[0029] Fig. 13 is a sequence diagram illustrating processing for saving the authentication information to the web application on the device coordination through a web browser that uses the proxy.

[0030] Fig. 14 is a diagram illustrating a screen of a list of ve the applications, displayed by a device coordinate.

[0031] Fig. 15 is a sequence diagram illustrating processing for saving the authentication information to the web application on the device coordination through the implementation of the access device coordination directly from the web browser.

DESCRIPTION of embodiments of the INVENTION

[0032] Fig. 1 is a diagram illustrating an exemplary configuration of a system in accordance with the first embodiment of the present invention. System 1000 of coordination is an information processing system of this variant implementation. System 1000 coordination includes the client computer 104 and the device 101 coordination. The client computer 104 and the device 101 coordination are devices that are placed in the user environment and are connected to each other via the network 100. The network 100 connects to the Internet 110.

[0033] Also, the system 1000 coordination includes a server 103 web applications (hereinafter referred to as "server 103 application") and the intermediary server 102. The server 103 application and the intermediary server 102 are connected to the network 100 and the network 100 connects to the Internet 110. Device and server components of the system 1000 of coordination, have the ability to connect to each other via the Internet 110, and can perform data transmission with each other.The number of the respective devices, it is shown in Fig. 1, is equal to one, but the number of affected devices may also be numerous.

[0034] Fig. 2 is a diagram illustrating the hardware configuration of the devices composing the system 1000 coordination. Device 201 constitute a system 1000 coordination. CPU 202 (CPU) is a unit that executes various programs, and implements various functions.

[0035] the ROM 203 (permanent memory) is a block that stores various programs. RAM 204 (random access memory) is a storage device that functions as a work area or a temporary storage area for the CPU 202. The CPU 202 loads into RAM 204 the program stored in the ROM 203, to thereby execute the program. The interface 205 I/o transfers data to the display (not shown) connected to each of the devices and groups of servers.

[0036] the interface 205 I/o accepts input from the pointing device (not shown). NIC 206 (network interface card) connects devices, components of system 1000 coordination with the network 100. Units can transmit/receive data via the bus 207.

[0037] the device 101 of coordination is an imaging device in the present embodiment. The device 101 coordination is, for example, eliminate the STV imaging. If the device 101 coordination is a device of the imaging device 101 coordination includes the print unit (not shown), and the print unit can transmit/receive data to/from the units via the bus 207. Note that the print unit can print a bitmap image on the recording media.

[0038] the Following is a description of the functions performed by the devices and servers. Fig. 3 is a diagram illustrating an example software configuration of the devices composing the system 1000 coordination. Program for implementing the functions of the software shown in Fig. 3, are stored in the ROM 203 of each of the devices and servers. The CPU 202 loads the program into the RAM 204 and executes them in order to realize these functions.

[0039] Hereinafter with reference to Fig. 4 describes the functions of the control software 301. Block 401 display displays various screens. Block 402 coordination application is an application that implements the function to coordinate with the web application 303. Block 402 coordination application performs processing to register, read, modify, or delete content in a web application 303, using the API. Block 402 coordination application stores the content that you want to register in the web application 303, or content that is processed in block 409 content storage.

[0040] Block 403 job control etc which receives the command to call the function device 101 coordination from block 402 coordination of applications and manages the team as a job. Also block 403 job control manages the job that directly ordered by the user from the block 401 of the display. For example, if the device 101 coordination is a device imaging, block 403 job control manages the print job, a scan job.

[0041] Block 404, the process performs a particular function performed by the device 101 coordination. For example, if the device 101 coordination is a device imaging, block 404, the process performs printing or scanning. When accessed from a web browser 304, block 406 web-reply causes the block 405 local authentication to determine whether the user making the access by the authorized person. Authentication, which must be checked by block 405 local authentication is authentication in the network separately from the authentication for the web application 303.

[0042] In the present embodiment, authentication information used in the local network, known as a "local authentication information" to distinguish it from the authentication information for the web application 303. Block 405 local authentication authenticates using, for example, authentication through the form, when the access block 406, the web response. Authentication through the form is the authentication method for entering the name and password of the user and is the basic way, serving as a method used to log in to the device 101 coordination. Although block 405 local authentication may correspond to other authentication methods, any authentication method can be available in the present invention, and, accordingly, no additional description will not be given.

[0043] When the block 406 web-reply receives from block 405 local authentication response indicating that the user is an authorized person, the block 406 web-reply responds to the web browser 304 over the network. Also block 405 local authentication parses the URL parameter, in order thereby to obtain the authentication information, when accessed from a web browser 304. In the present embodiment, authentication information is a pair of user ID and password or authentication token. Authentication token is information that allows reception of all or part of the services without performing authentication processing for entering authentication information such as user ID, password, or etc., Also block 406, the web response to receiving a local user ID from block 405 local authentication, associates PR is natou authentication information from the local user ID and stores the resulting authentication information table 900 authentication information, stored block 407 storing authentication information.

[0044] With reference to Fig. 9A provides a detailed description of the table 900 authentication information stored by block 407 storing authentication information. Local ID 901 user is the user ID that is used for authentication in the above-mentioned local network. The local user ID may be an ID that is used when logging in to the device 101 coordination. ID 902 is ID to identify the web application 303.

[0045] the Authentication information stored in block 407 storing authentication information used for identifying the authentication information corresponding to the web application by accessing ID 903 user and password 904 or authentication token 905. ID 903 user is the user ID of the web application 303. Password 904 is the password to the web application 303. Authentication token 905 is an authentication token that is used to interact with the web application 303.

[0046] in Other words, block 407 storing authentication information, stores the information about the correspondence between the authentication information or authentication token used for authentication device 101 coordination through the web p. the application 303, and the local authentication information (local user ID) corresponding to the user. The local user ID is used for local authentication processing performed by the user.

[0047] Next, block 402 coordination application provides access to information about the correspondence stored in block 407 storing authentication information, and transmits the authentication request (a request for content that includes authentication information or authentication token associated with the local user ID, block 408 API interaction. Block 408 API interaction transmits to the web application passed the authentication request. Thus, when many users accept the provision of web services from web applications using device coordination, device coordination may take the authentication using the authentication information or authentication token associated with the local authentication information about each user. Consequently, it is possible to avoid the employment of the shared device coordination some user.

[0048] Block 408 API interaction is called by block 402 coordination of applications and interacts with block 602 API interaction in a web application 303. Thus the m block 402 coordination application performs actions on the content of the web application 303. Block 409 content storage stores the content received from the web application unit 303 408 API interaction through the block 402 coordination applications.

[0049] Fig. 5 is a diagram illustrating features of the service proxy 302. The service proxy 302 is a mediator that mediates in providing authentication information to be used by the device 101 coordination, when the device 101 coordination coordinated with the web application 303. Block 501 web answer service intermediary 302 responds to the client computer 104 from the web browser 304 over the network, when it accesses the web browser 304. Block 502 control causes the block 503 formation scenarios, block 504 storing information about the device coordinate or block 505 storing information about the service as a result of calling from block 501 web response.

[0050] Block 504 storage device information coordination stores the table 920 device coordination, shown in Fig. 9C. In other words, each of the unit 502 and control unit 504 storing information about the device coordinate functions as a storage unit that stores information coordination, indicating the status of coordination between the web application 303 and the device 101 coordination. In the table 920 devices to which rdinatio ID 921 device is an ID for uniquely specifying devices 101 coordination. IP address 922 is the IP address of the device 101 coordination in the local network. Name 923 device is the name that should be displayed by the web browser 304, when the user selects the device 101 coordination.

[0051] Also, the service 924 A and service 925 B are ID services and indicate whether coordinated device 101 coordination with these ID services. In the present embodiment, for each device coordination is stored, coordinated whether the device 101 coordination with ID services. However, the service proxy 302 may also store information about the device coordination by Association with local authentication information in coordination with local web-based authentication. Information about the structure of the interaction, shown in Fig. 9C, is merely an example, and accordingly, the service proxy 302 can store any information about your device coordination, such as information about the position, information about the model or etc.

[0052] Block 505 storing information about the service stores information about the web application 303, which is shown in Fig. 9B. ID 911 services, as shown in Fig. 9B is an ID for specifying the web application 303. The name of the 912 is the display name of the web application 303 and is displayed when the user selects a web application 303 recipient coordination using the UI shown in Fig. 8A.

[0053] SP is the FDS 913 authentication is an authentication method, specified for each web application 303. In the present embodiment are applied the way OAuth and Basic way, but can also use other authentication methods. Block 503 generate script generates a script for the response to the web browser 304 using block 501 web response. Block 503 generate script receives an authentication method for authenticating a service selected by the user in Fig. 8A, from block 505 to store information about the service and generates a script in accordance with the authentication method.

[0054] Fig. 7A is a diagram illustrating an example scenario that uses the OAuth authentication method. This script is a script to redirect to the OAuth authentication screen provided by the web application 303. Here callback_url refers to the URL of the destination to which you want to redirect using the authentication token obtained using OAuth authentication in the form of a URL parameter. In the present embodiment, because the service proxy 302 does not receive the authentication information, the service proxy 302 directly specifies the IP address of the device 101 coordination. Block 503 formation scenarios obtains an IP address by accessing the block 504 storage device information coordination and inserts the IP address in the script.

[0055] Fig. 7B is a diagram illustrating an example scene is arias, using the basic authentication method. This script is a script to display the dialog for entering authentication information for the web application 303 and redirect user information and password entered in this dialogue, in the form of URL parameters to the device 101 interaction. The URL of the destination of the redirection is based on the IP address of the device 101 coordination. Block 503 generate script obtains the IP address of the device 101 coordination through the implementation of the access unit 504 storing information about the device coordinate.

[0056] As shown in the scenarios in Fig. 7A and 7B, block 503 generate script generates a script that corresponds to the authentication method for each application server. Block 502, the control transmits the scenario corresponding to the authentication method, the block 501 web response. Block 501 web-reply sends the script to the web browser 304. In other words, each block 503 formation scenarios and unit 501 web-reply functions as a processing unit that generates a script that must be authenticated according to the authentication method corresponding to the web application recipient coordination, and transmits the generated script to the web browser 304.

[0057] Fig. 6 is a diagram illustrating the functions of the server 103 applications. The server 103 application is a system give the Deposit services, which provides a web service in response to a request from a user device. Block 602 API interaction causes the block 604 management in accordance with the request from block 408 API communication device 101 coordination. More specifically, the block 402 coordination of the applications in the device 101 coordination carries out a request for content to a web application 303 by block 408 API interaction. A request for content is a request to retrieve the data content stored by the web application 303. In the present embodiment, interaction with block 602 API interaction is the HTTP interaction. Block 408 API interaction inserts the authentication information or authentication token for the user in the HTTP header in the HTTP packet communication corresponding to the request for content.

[0058] When the block 602 API interaction causes a block 604, the control unit 602 API interaction receives authentication information or authentication token from the HTTP header and sends them to the block 604 management. Block 604 management performs authentication processing of the user using the authentication information or authentication token received from block 602 API interaction. If the authentication is successful in the authentication processing, the Blo is 604 control generates a reply includes the content data corresponding to the request for content, and sends the response in block 602 API interaction. Block 602 API interaction transmits the response received from block 604, the control unit 408 API communication device 101 coordination. In other words, each block 408 API interaction and block 402 coordination application functions as authentication unit that receives authentication from the web application 303, using the stored authentication information or authentication token.

[0059] Block 601 web-reply causes the block 604 management in accordance with the request from the web browser 304 to the client computer 104. At the same time block 601 web response to receiving authentication information from the HTTP header and sends it to block 604 management. Then block 601 web-reply forwards the response generated by block 604 control.

[0060] Block 604, the control causes the block 605 authentication, to verify the validity of the authentication information. Block 605 authentication store table 940 authentication information shown in Fig. 9E. Table 940 authentication information, stores the pair of the user ID and password for user (user), registered in the web application 303. When the pair of the user ID and password is valid, the unit 605 authentication meets Blo is the 604 control by specifying in the test result is acceptable. When the pair of the user ID and password is invalid, block 605 authentication meets the block 604 control by specifying that the result of the check is not acceptable.

[0061] Also block 604, the control causes the block 605 authentication to validate the authentication token. The authentication token is an authentication token, which must be issued by block 605 authentication, when the authentication request OAuth to block 601 web response. Block 605 authentication store table 930 authentication tokens, shown in Fig. 9D, and validates the authentication token by verifying that the caller ID of the application coincides with the authentication token.

[0062] When the authentication token is valid, the unit 605 authentication meets the block 604 control by specifying that the test result is acceptable. Block 602 API interaction receives the check result from block 604 management and meets the block 408 API interaction. When the authentication token is invalid, block 605 authentication meets the block 604 control by specifying that the result of the check is not acceptable. Block 602 API interaction receives the check result from block 604 control the Oia and meets the block 408 API interaction.

[0063] Block 602 API interaction causes the block 604 management. At the same time block 604 management receives authentication information from block 602 API interaction. Block 604, the control transmits the authentication information unit 605 authentication and causes the unit 605 authentication to confirm the validity of the authentication information. When the verification result obtained by block 605 authentication is acceptable, block 604 control registers, receives, modifies, or deletes content in block 603 store content in response to a request received from block 408 API interaction through the block 602 API interaction. Next, block 604, the control passes the result in block 602 API interaction. When the verification result is not acceptable, block 604, the control transmits the error response in block 602 API interaction.

[0064] the block 601 web-reply causes the block 604 control to work with the content. At the same time block 604 management receives authentication information from block 601 web response. Block 604 control makes the unit 605 authentication to confirm the validity of the authentication information. When the verification result obtained by block 605 authentication is acceptable, block 604 control registers, receives, modifies, or deletes content in block 603 storing content in accordance with the activities of the receiving user in the web browser 304 and transmits the result of the action in block 601, the web response. When the verification result is not acceptable, block 604 control passes to block 601 web response error response indicating that the authentication fails, and promotes re-authentication. The block 601 web-reply causes the block 604 management to encourage it to form a response to OAuth authentication. At the same time block 604 management accepts authentication information, the application ID and callback_url from block 601 web response.

[0065] Block 604 control makes the unit 605 authentication to confirm the validity of the authentication information. When the verification result obtained by block 605 authentication is acceptable, block 604, the control generates a screen 802 authorization, shown in Fig. 8B, and transmits the screen 802 authorization unit 601 web response. When the button is pressed "OK" on the screen 802 authorization in the web browser 304 of the client computer 104, block 601 web-reply again causes a block 604 management. Next, block 605 authentication accepts the command from block 604 controls, forms authentication token in response to the authentication information and the application ID, and transmits the block 601 web-reply reply to redirect in callback_url authentication token as a URL parameter. At the same time block 605 authentication associating the generated authentication token with the application ID and stores resultrowitemstartposition the information in the table 930 authentication token.

[0066] When the user pressed the "Cancel" button on the screen 802 authorization block 604, the control generates a screen (not shown), indicating that the transaction is cancelled, and transmits the generated screen to block 601 web response. Also, when the check result is not acceptable, block 604 control passes to block 601 web-reply screen (not shown), indicating that the authentication fails, and promotes re-authentication.

[0067] Next, with reference to Fig. 10 describes the processing for registering the authentication information in the device 101 coordination through the implementation of access to the service proxy 302 using the web browser 304.

[0068] first, it is assumed that the device ID, IP address and device name for a device 101 coordination pre-registered in the service intermediary 302. Registration can be done by the device 101 coordination automatically or may be performed manually by the user using a web browser.

[0069] At step S1001, the web browser 304 queries the list of devices coordination at block 501 web answer service intermediary 302. The web browser 304 queries the list of devices coordination in the form of the input screen team coordination. Block 501 web-reply causes the block 502 control. Caused by block 502, the control generates a device list screen coordinate. Block 502 performs control on the access to the table 920 device coordination stored in block 504 storing information about the device coordination, in order thereby to generate a device list screen coordinate. The screen, which must be generated by the block 502 control and displayed by the web browser 304 is, for example, shown in Fig. 8A screen. On the device list screen coordinate shown in Fig. 8A, the user can confirm the list of devices coordinate and provide team coordination for coordination device (s), in coordination with the web application.

[0070] At step S1002 block 501 web answer service intermediary 302 transmits the device list screen coordinate generated by block 502, the control at step S1001, the web browser 304 in response to the request the list of devices coordination. In other words, the web browser 304 receives the data provided by the device 101 coordination through the web application 303, and displays the command block (Fig. 8A), configured to run services through which image processing is subject to the accepted data.

[0071] At step S1003, when the user clicks in a web browser 304 button 805 coordination, shown in Fig. 8A, the web browser 304 provides the coordination services unit 501 web answer service intermediary 302. At the same time, team coordination is a service corresponding to the pressed button position the nation. Block 502 management forks processing to step S1004, when the authentication method to authenticate the web application corresponding to the pressed button is the OAuth authentication method, or forks processing to step S1003, when the authentication method is basic authentication method. In other words, the web browser 304 functions as a unit of access, which provides access to some address to receive services authentication in response to the fact that the ordered launch of the service, which is subjected to image processing by the device 101 coordination.

[0072] When at step S1003, the user clicks coordination for device B, which must be coordinated with service B, the process goes to step S1004. At step S1004 block 501 web answer service intermediary 302 takes team coordination. In other words, the block 501 web-reply functions as the unit of adoption that takes team coordination to coordinate the web application 303 to the device 101 coordination across the network. Block 501 web-reply causes the block 502 management through the adoption of team coordination. Block 502 control causes the block 504 storage device information coordination and accesses information about the web application 303 shown in Fig. 9B. When the authentication method corresponding to the EB application 303, is the OAuth authentication method, block 502 control causes the block 503 formation scenarios.

[0073] At step S1004 block 503 formation scenarios in the service intermediary 302 generates a script for OAuth authentication method and passes the script block 502 control. Block 502, the control transmits the generated script block 501 web response. In the present embodiment, the block 503 generate script generates, for example, shown in Fig. 7A scenario. At the same time block 503 generate script generates a script to set the IP address of the device 101 coordination as callback_url, and accordingly, the web browser 304 can transmit device 101 coordination of the redirection command together with the authentication token. At step S1005 block 501 web-reply in response sends to the web browser 304 scenario, taken from block 502 control.

[0074] At step S1006, the web browser 304 executes the script. In the present embodiment, the web browser 304 is pre-configured for immediate execution of the script when it is received. Immediate execution of the script on the side of the web browser 304 is a known technology to a person skilled in the art. The web browser 304 executes the script shown in Fig. 7A, and performs the authorization request to the block 601 web response web application 303.

[0075] When the block 601 in the b-response in web application 303 receives the authorization request from the web browser 304 at step S1007, block 601 web-reply causes the block 604 management. Block 604 control makes the unit 605 authentication to confirm the validity of the authorization request. In other words, the block 604 management confirms that included whether the web browser 304 in the web application 303. When the web browser 304 included in the web application 303, block 605 authentication determines that the test result is acceptable, the forms shown in Fig. 8B screen (in the present embodiment, called "screen 802 authorization") and transmits the screen to block 601 web response.

[0076] Also, when the unit 605 authentication determines that the check result is not acceptable, block 604 control passes to block 601 web-reply screen, indicating that the authentication fails, and promotes re-authorization. When re-authorization for a user who is not logged in, the user enters their user ID and password on the screen re-authorization (not shown), in order thereby to re-authorize. Next, block 601 web response web application 303 transmits the screen 802 authorization to the web browser 304.

[0077] At step S1008 screen 802 authorization, shown in Fig. 8B is displayed in the web browser 304. In the present embodiment, the screen 802 authorization, also referred to as "input screen of the authentication information". When the user is eh clicks "OK" on the screen 802 authorization the web browser 304 provides the authorization unit 601 web response web application 303. When the user clicks the "Cancel" button, the processing for issuing the token at step S1009 is not running. In other words, the web browser 304 functions as a transmission unit that transmits to the web application authentication information, which is entered via the screen of the authentication provided by access to a certain address to receive services authentication.

[0078] In step S1009 block 601 web response web application 303 accepts the command authorization from the web browser 304. Block 601 web-reply, which took command authorization, causes the block 604 management. Block 604 control is called from block 601 web-reply to respond to OAuth authentication. At the same time block 604 management accepts authentication information, the application ID and callback_url from block 601 web response. Next, block 604, the control generates an authentication token corresponding to the authentication information and the application ID, and meets the block 601 web-reply-redirection command in callback_url, using the generated authentication token as a URL parameter.

[0079] for Example, as shown in Fig. 7A, block 601 web-reply provides the redirection command, using the authentication token type "http://192.168.0.2?AuthToken=1d04otkbmldohnn" as a URL parameter. At the same time block 605 authentication saves the generated authentication token associated with the application ID in the table 930 authentication token.

[0080] At step S1010 block 601 web response web application 303 sends to the web browser 304 response to redirect authentication token generated at step S1009, the device 101 coordination.

[0081] In step S1011, the web browser 304 transmits the authentication token to block 406 web response device 101 coordination in accordance with the redirection command at step S1010.

[0082] In step S1012 block 406 web response device 101 coordination causes block 405 local authentication. When the block 405 local authentication has determined that the user is an authorized person, the block 406 web-reply executes the following processing, and then is responsible for the network. Block 406 web response device 101 coordination parses the URL parameter and retrieves the authentication token as the authentication information. Also block 406, the web response to receiving a local user ID from block 405 local authentication, associating passed the authentication token with a local user ID and service ID and stores the resulting authentication token in the table 900 authentication information stored by block 407 storing authentication information.

[0084] In the present embodiment describes the case where authentication is performed on the local network. However, if only one user is using the device 101 coordination, the need for authentication in the local network is eliminated, and accordingly, the authentication token may be stored together with the local authentication information.

[0085] When the user on the screen shown in Fig. 8A, clicks coordination for device B, which must be coordinated with A service that uses basic authentication method. At step S1013 block 503 formation scenarios in the service intermediary 302 generates a script for the basic authentication method, and transmits the generated script block 502 control. Block 502, the control transmits the received script block 501 web response. In the present embodiment, the block 503 generate script generates, for example, the scenario shown in Fig. 7B. Block 503 formation scenarios C which gives the IP address of the device 101 coordination as the destination URL redirection and accordingly, the web browser 304 can transmit device 101 coordination user ID and password from the web application 303.

[0086] In step S1014, the web browser 304 receives the script generated by block 503 formation scenarios. At step S1015, the web browser 304 executes the script. As described above, typically a web browser 304 executes the script immediately when it is received. The web browser 304 displays a screen 803 input authentication information shown in Fig. 8C, in the script, shown in Fig. 7B.

[0087] the Web browser 304 displays a screen 802 authorization, shown in Fig. 8B, or the screen 803 input authentication information shown in Fig. 8C, by running a script. In other words, the web browser 304 functions as a display unit that displays a screen for entering authentication information corresponding to the web application 303 recipient coordination by running a script.

[0088] In step S1016, the user enters their user ID and password on the screen 803 input authentication information. At step S1017, when the user presses the "OK" button shown on the screen 803 input authentication information, the web browser 304 transmits the command redirection to redirect to block 406 web response device 101 coordination using the user ID and password as couples who metres URL.

[0089] When the user presses the "OK" button on the screen 802 authorization, which is described above, the web browser 304 transmits the authentication token to the block 406, the web response. Also, when the user clicks "OK" on the screen 803 input authentication information, the web browser 304 sends his user ID and password to block 406, the web response. In other words, the web browser 304 functions as a transmission unit that transmits the authentication token issued by the web application 303, in response to the input information entered on the input screen of the authentication information or authentication information entered on the input screen of the authentication information.

[0090] In step S1018 block 406 web response device 101 coordination causes block 405 local authentication. When the block 405 local authentication has determined that the user is an authorized person, the block 406 web-reply executes the following processing, and then is responsible for the network. Block 406 web response device 101 coordination parses the URL parameter and receives a pair of user ID and password as authentication information. Also block 406, the web response to receiving a local user ID from block 405 local authentication, associating adopted a pair of user ID and password from the local user ID and service ID and stores the resulting p is PN of the user ID and password in the table 900 authentication information, stored block 407 storing authentication information. In the present embodiment describes the case where authentication is performed on the local network. However, when only one user uses the device 101 coordination, the need for authentication in the local network disappears, and accordingly his user ID and password may not be preserved together with the local authentication information.

[0091] At step S1019 block 406 web response device 101 coordination provides the web browser 304 the redirection command for redirection to the service proxy 302. The redirection command includes information coordination, indicating that the authentication token or a pair of user ID and password already established coordination with the service that you want to establish coordination. Coordination information may directly notify the service proxy 302 about the service that needs to be coordinated from the device 101 coordination. In other words, the block 406 web-reply functions as a block notifications, which provides the notification information indicating that the device 101 coordination has already established coordination with the web application 303.

[0092] In step S1020, the web browser 304 forwards the authentication information unit 501 web-reply service-sales area is ke 302 in accordance with the redirection command at step S1019.

[0093] At step S1021 block 501 web answer service intermediary 302 causes the block 502 control. As described above, the block 501 web-reply includes information coordination, indicating that the device 101 coordination has already established coordination with the web application 303. Block 502, the control generates a screen 804 a list of devices coordination, shown in Fig. 8D, on the basis of information coordination. At the same time on the screen 804 list of device interaction shows that you have the coordination between the services for which authentication information is registered using the algorithm described in this embodiment. In other words, the unit 502 functions as an imaging unit that generates an input screen team coordination and encourages web application 303 to display this screen. Block 501 web-reply sends to the web browser 304 screen 804 a list of devices coordination, formed by block 502 control.

[0094] As described above, in the first embodiment, the device 101 coordination can obtain authentication information for the web application 303 without obtaining authentication information for the web application 303 using the services of a proxy 302. Thus, it is possible to prevent leakage of the authentication information from the mediation server that fixes the prob is the possibility of interception of authentication information in the communication channel between the server proxy and the external device. Also in accordance with the information processing system of the first variant implementation of the imaging device, which is coordinated with the server services, you may receive authentication information without the introduction of authentication information by the user directly in the imaging device. Thus, the user can save the time and effort to enter authentication information directly to the imaging device.

[0095] Then, the device 101 coordination performs the authentication request to the web application 303 on the basis of the authentication information. If the authentication is successful, the device 101 coordination can receive the content data or similar coordination System of this variant implementation eliminates the need for the user to directly enter the authentication information through the block 401 of the display device 101 coordination, which leads to ensure convenience for the user. Also the service proxy 302 does not receive authentication information for the web application 303, and accordingly, it is possible to prevent leakage of authentication information. In addition, you can avoid the employment of the shared device coordination some user.

[0096] In the first embodiment Khujand the exercise of the service proxy 302 prompts the web browser 304 to display the status of coordination between the device 101 coordination and web application 303 on the screen 801 team coordination by accessing table information 920 about device coordination. However, when the authentication information entered by the user through the block 401 of the display device 101 coordination, service proxy 302 can know that you have the coordination between the device 101 coordination and web application 303.

[0097] the following description of the second variant of implementation with reference to Fig. 12. The processing that must be described in the second embodiment, is processed to update the status of coordination. At step S2001, the web browser 304 queries the list of devices coordination at block 501 web answer service intermediary 302. Block 501 web-reply causes the block 502 control and block 502, the control generates a device list screen coordinate. Block 502 control accesses table 920 device coordination stored in block 504 storing information about the device coordination, in order thereby to generate a device list screen coordinate. The screen, which should be formed at this time is, for example, the screen shown in Fig. 8A. On the device list screen coordinate shown in Fig. 8A, the user can confirm the list of devices coordinate and provide team coordination for coordination device (s), in coordination with the web application.

[0098] In step S2002 block 501 web response in condition the uge intermediary 302 responds to the web browser 304 the device list screen coordinate, formed on the step S2001.

[0099] In step S2003 block 501 web answer service intermediary 302 provides the command to get the status of the web browser 304 asynchronous interaction. In other words, the block 501 web-reply functions as a unit status request making a request to get the status of coordination between the device 101 coordination and web application 303 to the device 101. The command receiving state at step S2003 is provided by an asynchronous HTTP request XML using AJAX. The term "AJAX" refers to technology which displays HTML can be overwritten dynamically using asynchronous communication, using a web browser.

[0100] On the stage aerosol s2004 web browser 304 makes a request to get the status of the device 101 coordination in accordance with the receiving state at step S2003. At the same time, the request receiving state is in the form of, for example, "http://192.168.0.2?ResponseServiceStatus=ServiceA". The term "ResponseServiceStatus" refers to the web application whose status is confirmed.

[0101] In step S2005 block 406 web response device 101 coordination accesses table 900 authentication information stored by block 407 storing authentication information, and receives the status of coordination with the web application 303, the specified phase aerosol s2004.

[0102]In step S2006 block 406 web response device 101 coordination informs the web browser 304 on the status of coordination, obtained in step S2005. Although in the present embodiment, the web application 303 is set on the stage aerosol s2004, the block 406 web response can also inform the web browser 304 on all States coordination between devices 101 coordination and web application 303 without specifying the web application 303. In addition, when the service proxy 302 is authenticated and is coordinated with the device 101 coordination, the device 101 coordination stores authentication information for the web application 303 through its Association with the local authentication information, as described in the first embodiment. In the above case, the device 101 receives the status of the coordination of the user by accessing the block 407 storing authentication information and informs the web browser 304 about this condition.

[0103] Note that the device 101 coordination can also use the refresh token to make a request to re-obtain the authentication token with equal intervals. In this case, the block 402 coordination of the applications in the device 101 coordination manage unit 407 storing authentication information. Then after the expiration of a predetermined time unit 402 coordination application invokes block 408 API interaction to update the specified time. Also block 402 coordination applications UGT is made by the refresh token in the request to re-obtain an authentication token.

[0104] Then block 408 API interaction transmits to the web application 303 request re-obtain an authentication token. When the web application 303 receives the refresh token included in the request to re-obtain the authentication token, the web application 303 returns the authentication token with the same value as the value of the refresh token, and transmits the authentication token to the device 101 coordination. With the above structure of the system can prevent the completion of the operation of the authentication token by the request is re-obtain the authentication token with equal intervals.

[0105] Also, assume that the refresh token stored by block 407 storing authentication information, ceased functioning when the confirmation status. In this case, the block 402 coordination of the applications in the device 101 coordination causes block 408 API interaction and sends to the web browser 304 login screen. When the user clicks authorization in the web browser 304, block 605 authentication in the web application 303 returns an authentication token. In other words, the block 402 coordination application functions as a unit token request that requests re-obtaining an authentication token with equal online what rvalue and makes a request to re-issue an authentication token to the web application 303, when the authentication token is invalid.

[0106] In step S2007, the web browser 304 transmits the service proxy 302 response status. In step S2008, the service proxy 302 updates the block 504 storing information about the structure of coordination in accordance with state adopted at step S2007. In step S2009, the service proxy 302 updates the device list screen coordinate mode asynchronous communication in accordance with state adopted at step S2008.

[0107] As described above, in accordance with the second embodiment, when the screen 801 of the list of devices coordination in the service intermediary 302 is displayed by the user in the web browser 304, the service proxy 302 correctly reflects the state of the coordination to the screen 801 of the list of devices coordination could display the current status of coordination.

[0108] In the first embodiment, the service proxy 302 contains block 503 formation scenarios and responds to the web browser 304. In the third embodiment will describe a configuration in which the device 101 coordination contains block 410 formation scenarios, and the block 501 web answer service intermediary 302 only redirects to the block 406 web response in the device coordinate.

[0109] Fig. 11A and 11B diagrams, respectively illustrating a software configuration of the mediation server 102 and ustroystva coordination in accordance with the third embodiment. As shown in Fig. 11A, software configuration services proxy 302 is the same as in the first embodiment shown in Fig. 5, except that the excluded block 503 formation scenarios and unit 505 storing information about the service. Software configuration block 503 formation scenarios and unit 505 storing information about the service is embedded in the software configuration of the device 102 coordination, shown in Fig. 11B. Block 410 formation scenarios and unit 411 storing information about the service provides the same functions as in block 503 the generate script and block 505 storing information about the service in software configuration services intermediary 302 described in the first embodiment. In other words, in the present embodiment, block 410 generate script functions as a processing unit that generates a script that must be authenticated according to the authentication method corresponding to the web application 303. Also block 505 storing information about the service acts as a persistence unit that stores authentication information or authentication token.

[0110] hereinafter will be described the processing algorithm in the present embodiment, with reference to Fig. 13. Since the processes in steps S3001 on S3003 same, ka is on the steps S1001 through S1003 of the first variant implementation, their description is not given here. At step S3004 block 501 web answer service intermediary 302 generates a redirect response to the web browser 304 to block 406 web response device 101 coordination. In other words, the block 501 web response functions also as a transmission unit that transmits the device 101 coordination team coordination, adopted at step S3003.

[0111] In step S3005, the web browser 304 accesses the device 101 coordination in accordance with the redirect response to step S3004. At the same time ID service from a web application 303 is added to the URL of the redirect response. For example, a service ID is added in the form of "http://192.168.0.2?ServiceID=ServiceA". Also block 406 web response device 101 coordination causes block 410 formation scenarios. Block 410 formation scenarios causes the storage unit to the information about the service and specifies the authentication method for the web application 303 of the service ID. When the result of determination by the authentication method is an authentication method OAuth, the process proceeds to step S3006, and if the authentication method is basic authentication method, the process goes to step S3015. Although in the present embodiment, will be described processing algorithm for two types of authentication methods can also support other authentication methods.

[0112] In step S3006 block 410 F. is Mirovaya scenarios in the device 101 coordination generates a script for OAuth authentication and passes the script block 406, the web response.

[0113] In step S3007 block 406 web response device 101 coordination sends to the web browser 304 scenario, taken from block 410 formation scenarios. Here, since the adopted scenario is to redirect, the redirect response can be created using HTTP instead instruct the web browser 304 to perform something in response to the scenario. Since the processes at steps S3008 on S3014 are the same as in steps S1006 in S1012 of the first variant of implementation, their description will not be repeated here.

[0114] Next, in step S3015 block 410 formation scenarios in the device 101 coordination generates a script for basic authentication and passes the script block 406, the web response. As in the first embodiment, each block 406, the web response and block 410 generate script functions as a processing unit that generates a script that must be authenticated according to the authentication method corresponding to the web application 303, and transmits the generated script to the web browser 304. Since the processes at steps S3016 on S3023 the same as on the steps S1014 on S1021 of the first variant of implementation, their description will not be repeated here.

[0115] As described above, in the third embodiment, the service broker performs only the forwarding processing, and the device 101 coordination forms expect a downward trend is for authentication. In the above configuration in the third embodiment can provide the same results as in the first embodiment. In addition, the service proxy 302 does not have a function to generate the script, and accordingly, it is possible to reduce the load of processing on the service proxy 302.

[0116] In the third embodiment, the user provides the coordination of services on the device list screen coordinate in the service intermediary 302 to redirect to the device 101 coordination. In the fourth embodiment will describe a case where there is no service proxy 302 and coordination authentication is established by the access device 101 coordination directly from the web browser 304.

[0117] the Software configuration of the device 101 coordination in the fourth embodiment is the same as in the third embodiment, in the present embodiment, there is no service proxy 302. The following is a description of the processing algorithm in the fourth embodiment, with reference to Fig. 15.

[0118] At step S4001, the user makes a request screen coordinate from the device 101 by specifying the IP address or host name, using the web browser 304. At step S4002 block 406 web response device 101 coordination responds to the web browser 304 screen is 1400 nom list of web applications, it is shown in Fig. 14.

[0119] In step S4003, the user clicks coordinate on the screen 1400 list of web applications in the web browser 304. Thus, the block 406 web response device 101 coordination accepts the request coordination. In other words, in the fourth embodiment, the block 406 web-reply functions as the unit of adoption, which receives from the web browser 304 team coordination to establish coordination between the web application 303 and device coordination. Since the processes at steps S4004 on S4018 are the same as in steps S1004 through S1018 of the first variant of implementation, there will be given no description.

[0120] As described above, in the fourth embodiment, the user directly accesses the device 101 coordination using the web browser 304 to thereby establish coordination authentication. In the above configuration in the fourth embodiment, the service proxy 302 is not needed. In the configuration in the fourth embodiment, the user can easily register authentication information for the web application 303 in the device 101 coordination only using functions provided by the device 101 coordination.

OTHER embodiments of the

[0121] the Features of the present invention can also be implementing is designed using the computer in the system or the device (or devices such as CPU or MPU) that reads out and executes a program recorded in a memory device to perform the functions of the above embodiments, and with the help of the method, the steps of which are performed by a computer system or device, for example by reading and executing programs stored in a memory device to perform the functions of the above embodiments. To this end, the program is provided to the computer for example via a network or a storage medium of various types serving as the memory device (for example, machine-readable media).

[0122] Although the present invention is described with reference to exemplary embodiments of the exercise, you should understand that the invention is not limited to the disclosed exemplary embodiments of the implementation. The volume of the following claims must comply with the broadest interpretation to encompass all such modifications and equivalent structures and functions.

[0123] This application claims the priority of patent application of Japan No. 2011-226746 registered on October 14, 2011, which is hereby fully included in this document by reference.

1. The information processing system, comprising:
a service delivery system that provides a web service in response to a request from Paul is outerscope device;
the imaging device that performs image processing using web services in coordination with the service delivery system; and
system of a proxy, which is mediating in the provision of authentication information, which must use the imaging device when the imaging device is aligned with the service delivery system,
the system proxy contains:
the unit of adoption, designed to take from custom devices team coordination to coordinate the delivery of services with the imaging device; and
a forming unit configured to generate the script, which must be authenticated by the authentication method corresponding to the service delivery system, and transmitting the generated script to the user device,
moreover, the user device includes:
a display unit configured to display the screen for entering authentication information corresponding to the service delivery system that is the target of coordination, by running a script transmitted from the intermediary; and
a transmission unit configured for transmitting the input authentication information with the authentication input screen inform the tion or authentication token, issued by the service delivery system based on the input authentication information input screen of the authentication information, the imaging device specified by the script, and
moreover, the imaging device includes:
the persistence unit configured to receive authentication information or authentication token from the transmission unit provided in the user device, and save the authentication information or authentication token; and
the authentication unit configured to receive authentication from the service using the stored authentication information or authentication token.

2. The information processing system according to p. 1,
in which the imaging device further comprises:
block notifications configured for direct notification system proxy information indicating that the imaging device is aligned with the service delivery system, or notification system proxy information via the user device in response to the fact that the storage unit has already saved authentication information or authentication token,
in which the system proxy further comprises:
the storage unit, konfigurera the config to save the information coordination indicates the status of coordination between at least the service delivery system and the imaging device; and
the imaging unit configured to generate input screen team coordination based on the information of the coordinate stored in the storage unit, in response to the transmission request entry screen team coordination from the user device and to encourage the user device to display the generated input screen team coordination.

3. The information processing system according to p. 1,
in which the power saving provided in the imaging device, stores information about the mapping between authentication information or authentication token that is used by the service delivery system for authenticating an imaging device, and the local authentication information corresponding to the user, and
in which the authentication unit provided in the imaging device, provides access to information about the correspondence stored in the save block, and performs the authentication request to the service delivery system, which includes authentication information or authentication token associated with the local authentication information used by the ri local authentication processing for the user.

4. The information processing system according to p. 1, in which the imaging device further comprises:
block token request, configured to query the system for the provision of services to re-obtain the authentication token with equal intervals, when the power save stores the authentication token, or to query the system for the provision of services re-issuing an authentication token, when the authentication token is invalid.

5. The information processing system according to p. 2,
in which the system proxy further comprises:
unit status request, configured to query the state of coordination between the imaging device and the service delivery system to the imaging device through the user device, and
in which the storage unit updates the information of the coordinate stored in the storage unit, based on the state coordination transmitted from the device information processing through the user device in response to a request for state coordination.

6. The imaging device that performs image processing using web services in coordination with the service delivery system that provides a web service in response to the request is from the user device, moreover, the imaging device includes:
the unit of adoption, designed to take from the user device over the network team coordination to coordinate the delivery of services with the imaging device;
a forming unit configured to generate the script, which must be authenticated by the authentication method corresponding to the service delivery system, and transmitting the generated script to the services recipient coordination specified team coordination;
a storage unit configured to accept input of the authentication information input screen of the authentication information, which is displayed by executing the script corresponding to the service provision system of the recipient coordination, or authentication token issued by the service delivery system depending on the input authentication information input screen of the authentication information from the user device over the network and save the authentication information or authentication token; and
the authentication unit configured to receive authentication from the service using the stored authentication information or authentication token.

7. The way in which the management information processing system, contains:
a service delivery system that provides a web service in response to a request from a user device;
the imaging device that performs image processing using web services in coordination with the service delivery system; and
system of a proxy, which is mediating in the provision of authentication information, which must use the imaging device when the imaging device is aligned with the service delivery system,
moreover, the method comprises the steps are:
take using system proxy command coordination from the user device to coordinate the delivery of services with the imaging device; and
form using system proxy script, which must be authenticated by the authentication method corresponding to the service delivery system, and transmit the generated script to the user device,
display using a custom device, a screen for entering authentication information corresponding to the service delivery system that is the target of coordination, by running a script transmitted from the intermediary; and
pass through the user device input autentification the second screen information input authentication information or authentication token, issued by the service delivery system depending on the input authentication information input screen of the authentication information, the imaging device specified by the script, and
take using the imaging device authentication information or authentication token from the transmission unit provided in the user device, and stores authentication information or authentication token; and
take using the imaging device is authenticated from the system services using the stored authentication information or authentication token.

8. Permanent storage medium on which is stored a computer program for prompting a computer to execute a method for controlling information processing system, comprising:
a service delivery system that provides a web service in response to a request from a user device;
the imaging device that performs image processing using web services in coordination with the service delivery system; and
system of a proxy, which is mediating in the provision of authentication information, which must use the imaging device when the processing device depicted is th is coordinated service delivery system,
moreover, the method includes:
receiving via the system proxy the team coordination from the user device to coordinate the delivery of services with the imaging device; and
the formation using the system proxy script, which must be authenticated by the authentication method corresponding to the service delivery system, and transmitting the generated script to the user device,
display using a custom device entry screen of the authentication information corresponding to the service delivery system that is the target of coordination, by running a script transmitted from the intermediary; and
the transmission of the user input device authentication information input screen of the authentication information or authentication token issued by the service delivery system depending on the input authentication information input screen of the authentication information, the imaging device specified by the script, and
reception using the imaging device authentication information or authentication token from the transmission unit provided in the user device, and saving the authentication information or authentication is being used the include token; and
reception using the imaging device authentication system services, using the stored authentication information or authentication token.

9. A user device that has the ability to communicate with a service delivery system that includes a web service to provide data in response to receiving the command with the provision of the external device and the user device comprises:
displaying device configured to display means of the commands configured to run services, which provides data to the imaging device and causes the imaging device to print data;
accessor configured to access a certain address by running the command that is issued to the access address to receive authentication provided in the service delivery system, in response to issuing command to launch the service by means of commands; and
a transmission unit configured to transmit the service delivery system authentication information, which is entered via the screen of the authentication provided by accessing the address,
moreover, the authentication token indicating that the authentication process is TKA based on the transmitted authentication information is successful, stored in the imaging device.



 

Same patents:

Receiver // 2539880

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to communication, particularly to a receiver in which an input module is formed, the input module receiving analogue broadcast television signals and digital broadcast signals. The technical result is achieved due to that the receiver 10 includes, on a module installation board 11, a first ground wave tuner 16 and a second ground wave tuner 17, which receive broadcast signals in a first frequency band, and a first satellite wave tuner 14 which receives broadcast signals in a second frequency band different from the first frequency band, wherein the first satellite wave tuner 14 is located between the first ground wave tuner 16 and the second ground wave tuner 17.

EFFECT: reducing effect of waves which generate interference and enabling reception of analogue and digital broadcast signals without mutual interference using one input module.

45 cl, 18 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to satellite communication. A communication satellite transmits a high-power content beam to different geographic areas at different moments in time. A holding beam allows a receiving device to remain synchronised with the communication satellite when the high-power content beam is directed to another location. The holding beam can be a lower-power beam. Determination that the high-power content beam can be received can be performed based on information in the holding beam. Determination that the high-power content beam can be received can be performed by monitoring intensity of a frequency signal associated with the high-power content beam.

EFFECT: enabling transmission of the content within a large area.

19 cl, 7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to information transmission. Disclosed is a receiver for receiving information signals in a text format, which receives the information content using the text format divided into information objects, wherein the receiver is a radio broadcast receiver and the text information signal is a text information signal for forwarding in a carousel data transmission mode, wherein the information objects are transmitted in the carousel mode, which includes a user-controlled selector; and a processor designed to analyse an information object, which includes a selected object ID from a plurality of unique objects IDs, which determines whether the analysed information object is a link object which supports automatic processing, comprising link items indicating other object IDs from the plurality of the unique objects IDs; if so, the method includes verifying if conditional data associated with the link items for the link object supporting automatic processing are satisfied; and automatically assigning an ID to an object indicated by the link item for the link object supporting automatic processing, having conditional data associated with the conditional data that were satisfied for a recently selected object ID, or providing a user with a presentation relating to the link object supporting automatic processing using a method which depends on the verification result and assigning an ID to the object indicated by the said link item for the link object supporting automatic processing, selected by the user using the user-controlled selector as a newly selected object ID.

EFFECT: reduced navigation costs when transmitting text information.

22 cl, 8 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to hybrid broadcast broadband television (HBBTV), particularly an information processing apparatus, capable of receiving data via broadcast or over a network, as well as a data management method which is based on information defining the life cycle of data. A browser acquires, via a network, description information which includes second defining information (XML-AIT) having content equivalent to a broadcast application information table (AIT) defining a life cycle of a broadcast application while voice over data (VoD) content is reproduced after being switched from the broadcast application. The browser manages the broadcast application based on the XML-AIT and resumes the reception of the broadcast application after the reproduction of the VoD content is ended. The processing for separating two transport streams at the same time becomes unnecessary, and one demultiplexer only needs to be provided.

EFFECT: realising processing for switching a reproduction state from broadcast data to network data and resuming the reproduction of the original broadcast data.

6 cl, 3 dwg

FIELD: physics, video.

SUBSTANCE: invention relates to television, particularly receivers of radio television signals in at least two different formats. The method comprises storing in a first table a first plurality of programs of said plurality of radio-television networks received by said receiver in a first signal format, in accordance with a first sorting criterion of said first programs; storing in a second table a second plurality of programs of said plurality of radio-television networks received by said receiver in a second signal format, in accordance with a second sorting criterion of said second programs, including a step of storing in a third table programs stored in said first and second tables based on existing matches between said first and second sorting criteria.

EFFECT: designing a receiver and a method for automatically programming a receiver, wherein received radio-television programs are positioned in accordance with the expectations of users in a certain broadcasting area, and providing a user with a single table of radio-television programs in different signal formats, wherein said table is automatically generated by the receiver without needing manual intervention of the user.

22 cl, 8 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a broadcasting service provision method, in particular, the one based on an electronic service guide (ESG). The method is proposed for the provision of the electronic service guide in a network, which provides multiple broadcasting services. The said network contains at least one client device connected to the first device. The subset of the broadcasting services broadcasts to the said client device via the mentioned first device, and the service guide provides for the list of the multiple broadcasting services in the second order. The method contains the following stages at the client device side: determination of the broadcasting service list in the first order. The latter is changed from the second to the first, based on the broadcasting services from the subset and the presentation of the said service list in the first order.

EFFECT: decrease of an average programme tuning time.

14 cl, 7 dwg

FIELD: information technology.

SUBSTANCE: client of media resources is provided with the first interface to receive a control command by media reproduction from the client of media resources, as well as to provide the client of media resources with interface for loading of media resources. Client of control function is provided with the second interface to provide to it the interface for control of determination of subscriber data and personal subscriber resources. Portal of services and/or control portal is provided with the third interface to provide to them the interface for updating and receiving of information of configuration of subscribers. Server of additional services and applications is provided with the fourth interface to provide to it the interface for calling of service server, which allows server of additional services and applications to receive media resources subject to reproduction and to control reproduction on call and information on services, and server of services allows receiving control commands of media reproduction from server of additional services and applications.

EFFECT: providing possible control of multimedia for different services.

16 cl, 11 dwg

FIELD: physics, video.

SUBSTANCE: invention relates to digital video broadcasting (DVB). The apparatus and method for channel switching comprise encapsulating a plurality of IP datagrams associated with a plurality of real time audio/visual (A/V) streams or a plurality of file objects onto a plurality of multi-protocol encapsulation (MPE) sections; inserting the plurality of MPE sections into one of a plurality of elementary streams; and multiplexing the plurality of elementary streams associated with the plurality of real time A/V streams or the plurality of file objects into a plurality of non-consecutive bursts, wherein the plurality of elementary streams are adjacent in a channel line-up. The plurality of non-consecutive bursts is transmitted to a DVB-H receiver with a limited memory size for enabling fast channel switching, and the channel line-up is presented in an electronic service guide (ESG).

EFFECT: faster channel switching and saving receiver memory.

40 cl, 11 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to wireless communication methods. The technical result of the invention is improving coverage and throughput at the edge of a cell in a communication system for a mobile user using fixed transponders which are part of the infrastructure without an intermediate wire link. The transponders transmit or "relay" downlink messages between a base station (BS) and mobile terminals (MS) through a multi-interval link.

EFFECT: invention provides a method and a system for supporting a multi-user mobile broadband communication network which includes relay equipment suitable for user equipment during downlink transmission to the user equipment.

24 cl, 12 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering and specifically to a control device for modifying images on the display of a smartphone. The control device for modifying images on the display of a smartphone is provided with a monitor that is installed with a resident screen device driver. The resident screen device driver comprises a real-time operating system which controls a TCP/IP communication protocol, a USB-Host communication protocol, a network and display server, a mobile telephone driver and processes data transmitted via a link and a Bluetooth-Host communication protocol. Said mobile telephone drive and processing of data transmitted via a link provide synchronous transmission of instructions to the mobile telephone via a peripheral input device to said monitor. The mobile telephone has a resident mobile telephone driver installed in the mobile telephone casing. The resident mobile telephone driver comprises a resident operation detection service, a remote human-machine interface, a remote disc, a screen resolution control device, a remote operation event handler and a virtual display driver.

EFFECT: providing synchronous display and synchronous reception of instructions for providing said device with different functions.

8 cl, 8 dwg

FIELD: weapons and ammunition.

SUBSTANCE: automated evaluation system of combat potential of a military unit consists of the following: an automated workstation (AWS) of an administrator; an expansion unit; a display board; a switch of a local area network (LAN); an operator's AWS; a data exchange server; an interface unit; a selection module of basic addresses of data records of a military unit (MU) in the server data base; a shaping module of readout addresses of the server data base; a selection module of data of the specified MU; an identification module of weapons and military equipment (WME) included in the specified MU; a receiving module of data records of the server and a shaping module of integral evaluation of WME combat potential of the specified MU.

EFFECT: enhancing quick action and reliability of calculations at evaluation of combat potential of a military unit.

6 cl, 6 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of settlement in trade. The system comprises: a server centre linked to server centres and partner banks of a program, cards and card reading terminals, wherein the payment unit for said cards is certificates with predetermined discounts, and an operator bank through which cash payments are made. The server centre for servicing cards with certificates credited to said cards comprises a card account database, a certificate identifier database, a database of a store of available certificates and a database of personal accounts of program participants.

EFFECT: high reliability and faster operation owing to safer settlements between partners.

2 dwg

FIELD: physics, computer engineering.

SUBSTANCE: group of inventions relates to means of controlling a graphic user interface. The invention enables to modify an associated user interface in order to add, remove, disable, enable and reassign new or existing user interface components.

EFFECT: faster modification of a graphic user interface.

24 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to a system for evaluating safety and efficiency of design solutions to ensure safety of a hazardous production facility. The system includes workstations, a server for collecting, processing and storing data and constructing models, a server for evaluating efficiency and making design decisions, devices for collecting, processing and inputting data for simulation, a local area network, devices for outputting and displaying information, a server communication switch, a subsystem for collecting and processing data, a databank, a simulation subsystem, a calculation subsystem, an analysis and decision making subsystem.

EFFECT: safer and more reliable design solutions obtained when designing hazardous production facilities.

4 cl, 2 dwg

FIELD: radio engineering, communication.

SUBSTANCE: method comprises breaking up the entire observation interval of an input signal into a series of cycles, the period of which approximately matches the average value of intervals between adjacent pulses of the detected sequence, intra-period processing of the input signal which includes selecting the maximum values thereof within each cycle period, and inter-period accumulation of the intra-period processing results.

EFFECT: improved detection of a random pulse sequence.

1 dwg

FIELD: information technology.

SUBSTANCE: method for interactive creation of film products "BuRiMe" is based on saving materials onto a media server and an associated data network of peripheral computers, accessing the saved materials from the peripheral computers, creating derivatives of the materials based on previously saved materials, identifying each participant whose materials were used to create the derivatives of materials associated with previously saved materials. The new distinctive features of the method are that it includes making a synopsis of a film product and performing phased shooting of the film in the form of video fragments of the film product based on the synopsis, saving on the media server the synopsis, film and derivatives of the material created by participants and performed in the form of film scenes which link two adjacent films, receiving information on section by users of the peripheral computers of the participant that created a scene linking two adjacent films and received the highest number of votes, wherein the film product includes results of shooting and montage of a scene that received the highest number of votes from users of peripheral computers, and the final film product is created in the form of a set of scenes. The system for interactive creation of film products "BuRiMe", intended to implement the method, comprises a central computer with a computer interface, a network of peripheral computers with a computer interface, an input/output device, a means of communication between the central computer and the peripheral computers and a network of communication links to which the computer interfaces are connected for communication between the central computer and the peripheral computers, wherein the central computer has a timer for determining the beginning and end of a session for users of peripheral computers, a data storage unit and a means of determining a preferred participant. The system is characterised by that the central computer is provided with a media file player configured to save initial materials and associated derivatives created by participants, a data sampling unit, a comparison and analysis unit, an information processing and film product creation unit, the means of determining the preferred participant is in the form of a unit for evaluating and recording the voting results users of peripheral computers for the best scene of the film product.

EFFECT: method and system widen the range of means of creating film products in interactive mode and provides a range of tools and additional functions compared to existing means.

14 cl, 4 dwg

FIELD: radio engineering, communication.

SUBSTANCE: information control system for integrated safety control of a hazardous production facility comprises means of obtaining field data of a technological process and the environment, which include sensors 1 for detecting concentration of vapour of a liquid substance in the air, sensors 2 for detecting level and loss at equipment for transfer of hazardous substances at areas 3, sensors 1 for detecting concentration of vapour in air, sensors 2 for detecting the level and loss, temperature sensors, placed on areas 4 for storage of hazardous substances, a pump control apparatus 23, connected to a panel 22 of an emergency response area 4, sensors 1 for detecting concentration of vapour of a liquid substance in air, sensors for the level of the liquid substance and loss and video cameras 5, placed on racks 6, programmable switches 7, the inputs of which are connected to the sensors 1, 2, and the outputs are connected through primary information routers 8 to virtual data panels 9 of the technological process and the environment and to local process networks 10 of storage areas 4, each provided with a foreman's automated workstation 11, each of the networks 10 of the areas being connected through an area router 12 to a single process network 13 of the enterprise, connected through a video hub 14 to video cameras 5, and through a router 15 to an administration network 16, which is connected to a shop foreman's automated workstation 24, a shop service automated workstation 25, a database server 18, and through a central router 19 to an information analytical centre 20 for integrated production safety evaluation, as well as an enterprise monitoring service 21, configured for different-level local and centralised control action with simultaneous information of territorial monitoring services 26 on emergency situations.

EFFECT: wider range of systems for controlling safety of facilities, high reliability and broader functional capabilities of an integrated monitoring system for preventing possible emergency situations, using programmed integrated evaluation of safety of a hazardous production facility.

6 cl, 3 dwg

FIELD: information technology.

SUBSTANCE: result is achieved by adaptive digital differentiating and predicting device, which comprises: a smoothing unit, a single-channel subunit of smoothing from the adder and register, the subunit of deviation ratio setting, the subunit of valid deviations, the subunit of unit incrementation, the subunit of control of dynamic characteristic, the information, the first control and timing inputs of the device; the timing node of the prediction unit, the prediction unit comprising the subunits of the quadratic and linear prediction, the control node of prediction dynamics, two subunits of calculation of second derivatives and the adaptation unit, in order to improve the forecast accuracy in the control node of prediction dynamics the clock rate divider (CRD) is integrated for recovery of time setting (interval) of the prediction.

EFFECT: improving the accuracy of prediction at the stage of recovery of the predetermined time of prediction after completion of the transitional operating regime of the device and its entry to a new steady regime.

9 dwg

FIELD: physics.

SUBSTANCE: apparatus comprises: an input realisation storage unit, a dilatation unit, a unit for determining quasi-stationarity areas, a mask forming unit, an element-by-element multiplier, an approximation unit, an estimate storage unit, an estimate averaging unit, a useful component estimate storage unit, a current line counter, an averaging signal generator, a current column counter, a first delay unit, a second delay unit, a third delay unit, a fourth delay unit, a fifth delay unit, a sixth delay unit, a seventh delay unit, an eighth delay unit, a unit for obtaining a median estimate and a clock-pulse generator.

EFFECT: reduced error in determining distance from scene objects to a sensor camera.

3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of accessing a processing system. The method of accessing a processing system comprises steps of: receiving an ordered sequence of biometric data inputs from a user through a biometric sensor connected to the processing system; determining presence of a match of each of the biometric data inputs of the ordered sequence with a corresponding record stored in the table of non-volatile memory of the processing system, wherein the table includes the stored ordered sequence of biometric data inputs corresponding to a user password combination; and if there is match, providing the user with access to the processing system, and if there is no match, denying the user access to the processing system, wherein each of the biometric data inputs of the ordered sequence corresponds to a different finger of the user and an element of the password combination selected by the user, wherein the first finger of the user corresponds to the first alphanumeric character selected by the user, and the second finger of the user corresponds to the second alphanumeric character selected by the user.

EFFECT: high reliability of access to a processing system.

20 cl, 6 dwg

FIELD: message boards and mail servers.

SUBSTANCE: electronic message board is provided with database in form of several known words, which are selected in specific order, while each word is connected to respective URI. Message text from user computer is checked using a plurality of known words. When message text does not include a known word of plurality of known words, message is placed at electronic board. Each known word is found in text, known in text is converted to hypertext format with URI connected to word, as destination of link, and message is placed at message board.

EFFECT: higher efficiency.

7 cl, 4 dwg

Up!