316963 A7 B7 經濟部中央標準局員工消費合作社印製 五、發明説明(1 相關發明朱老 本發明之發明人之一亦提出美國專利的合併申請案,標 越爲提供安全通訊之裝置及方法"(Apparatus and Method for Providing Secured Communications)(案號:08/251,486); 硬體媒介之移動软體許可"(Roving Software License for a Hardware Agent)(案號:08/303,084)及'·於一硬體媒介_ 基礎系統中提供一移動軟體許可之方法”(Meth〇d f〇r Providing a Roving Software Iricense in a Hardware Agent-Based System)(案號:08/472,95 1 )。這些申請案由本發明 相同之讓受者所擁有。 發明背景 1. 發明領域 本發明係相關於資料安全之領域。更特別的是,本發明 柄示種系統及方法,以防止機密資訊從一列印節點輸出 ,直到確認機密資訊之授權接收者接近列印節點3 2. 發明相關技藝敘述 由於接連的發展體積小、快速及更有效率的電腦,許多 商業上目前實行”分送,,(distributed)網路(如,區域網路等) =這些網路的優點是每個使用者可透過自己的個人電腦來 控制。再者,由於經濟的考量,多使用者可連接較少使用 的硬體元件,例如:位於可由所有使用者所存取之公用區 域之列印節點。於本發明範圍中,一,,列印節點"爲—獨立 的硬體裝置,可接收、暫時地儲存及列印或顯示來自 人電腦或其他傳送裝置之資料。例如,—列印節點可爲— 表紙張尺錢用tSS家縣(CNS)A4^#( 210X2^i" (請先閱讀背面之注意事項再填寫本頁) 訂 A7 ί β&63 五、 發明説明( 傳眞機器 p表機,一結合—列印伺服器操作之印表機, 1圖機(plotter),_遠端監控器等等。 分送網路絲受;$ & , 資訊(此後二^Γ題包括保護文件中機密或專用的 营音1馬敏感的’,文件),被位授權的人錯誤地或 ® <Ni*' «a 〇 *+γ χ I . 由於列印節點係位於公用區域,一經由列印 即點傅送—X,f -r p工作,傳送者必須立即地趕到列印節點以 〜又件,以保護所包含之機密資訊。在此 ::巧經驗-暫時的_,擁塞、沒有紙二二 ….Γ,寺)’ 4與其他列印工作件列,料者必須於列印 即點會待問題被更正或等待列印工作被執行。 另外,假如可以的話,傳送者可返回其 :敏ir之列印工作。但是,…須冒著當 口甩知的期間’文件有可能被列印或顯示的風險。但β ’假如列印工作錯誤地被傳送至不㈣列印節·點,可^ Υ離站的(0ff-slte)列印節點,則具有較少的選擇以保二: =不被列印或顯示,且可能被一個未授權者所讀:, 假如傳送錯誤在列印工作開始之後才被偵測。 、 超濟部中央標準局員工消費合作社印製 不論分送網路中的列印工作可能或不可能被取消, 者都浪費了寶貴的工作時間在等待列印節點之敏感文件 。如此之時間浪費不幸地影響的傳送,者及其公司 f 力。 玍產 —分送網路所經常產生的另一問題是保護敏感文件中的 岔資訊在列印時不被另—工作站之其他的人公用觀看 ’合作的工作者卜當$,敏感文件可以加密的格式電(: -5- 本紙浪尺度適用家標準(CNS) Α4· (7^297公缝 6&63 五 A7 B7 發明説明(3 經濟部中央橾準局男工消費合作社印製 ,地寄给合作的工作者。然而有時候,由於改變及/或電 也傳送至未預定接收者,可能不經意地以電子式地傳送 敏感文件。當然,文件可被列印且郵寄至合作的工作者 ’二而時間延遲、郵寄安全等顯著的缺點必然會存在。因 ^必頊有效的建立—種系統及方法,以消除有關傳送者 或/、他預疋接收者之保護列印節點列印敏感資訊之缺點。 發明概述 ' 本發明揭7F -種系統及方法,β防止一文件的拷貝從— 列印節點輸出,I到列印節點辨識預定接收者。此系統包 括一個傳送節點,一個列印節點及—個通訊鏈將這些節點 以網路的方式連接。傳送節點存取列印節點的公用鍵,並 =過通訊鏈傳送至列印節點之前,㈣此公用鍵加密— 衣^樓案。列印節點存取其專用鍵以解密表頭,以確定 、,牛疋。爲敏感的’(即,在列印之前要求接收者授權)。 U如如此’列印節點區域地緩衝暫存文件直到接收授權以 輸出該文件。 里式簡述 本發月的叾他特點與優點將由詳細i明及伴隨之圖式加 以突顯,如下: 圖顯示刀送、安全網路系統之钋單的方塊圖,此網 路系統包括一傳送節點及一列印節點。 、圖2 a ^ 2 b顯^T -網路系統之方塊圖,此網路系統利用闞 I卩節...·έ之公用鍵及傳送一加密表頭和從傳送節點至列 印節點之文件的不同辨識方法。 t ® @ cns ) (請先閲讀背面之注意事項再填寫本頁) 訂 f ! A7 B7316963 A7 B7 Printed by the Employees ’Consumer Cooperative of the Central Bureau of Standards of the Ministry of Economy V. Description of Invention (1 Related Invention Zhu Lao One of the inventors of the present invention also filed a merger application for a US patent. ; (Apparatus and Method for Providing Secured Communications) (Case No. 08 / 251,486); Mobile Software License for Hardware Media " (Roving Software License for a Hardware Agent) (Case No. 08 / 303,084) and '· Yuyi Hardware media _ Method for providing a mobile software license in the basic system "(Methodfor providing a Roving Software Iricense in a Hardware Agent-Based System) (Case No. 08 / 472,95 1). These applications are based on this The invention is owned by the same assignee. BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to the field of data security. More particularly, the present invention presents a system and method to prevent confidential information from being output from a printing node until Authorized recipients confirming confidential information are close to the printing node 3 2. Description of related arts due to the successive development of small, fast and more efficient Brain, many businesses currently implement "distributed", (distributed) networks (eg, regional networks, etc.) = The advantage of these networks is that each user can be controlled by their own personal computers. Furthermore, due to economic For the sake of consideration, multiple users can connect less used hardware components, for example: print nodes located in a common area accessible by all users. Within the scope of the present invention, one, the print node " is- An independent hardware device that can receive, temporarily store, print, or display data from a personal computer or other transmission device. For example, the —print node can be — for paper and paper money tSS 家 县 (CNS) A4 ^ # (210X2 ^ i " (Please read the precautions on the back before filling in this page) Order A7 ί β & 63 V. Description of the invention (Punch machine p watch machine, a combination of printers operated by the print server, 1 Graphic machine (plotter), _remote monitor, etc .. Distribute network wire receiver; $ &, information (the next two questions include protection of confidential or dedicated Yingyin 1 horse sensitive files in documents, documents) , The authorized person wrongly or ® < Ni * '«a * + γ χ I. Since the printing node is located in the common area, as soon as printing and point-to-point sending-X, f -rp work, the sender must immediately rush to the printing node to protect the contained Confidential information. Here :: Qiao experience-temporary_, congestion, no paper 22 ... Γ, Temple) '4 and other print job rows, the feeder must wait for the problem to be corrected or wait for printing at the point of printing The work is carried out. In addition, if possible, the sender can return to his: Minir's print job. However,… there is a risk that the document may be printed or displayed during the period of whistleblowing. But β 'If the print job is sent to the non-printing node · point by mistake, ^ Υ Off-site (0ff-slte) print node, there are fewer options to ensure two: = not printed Or display, and may be read by an unauthorized person: If the transmission error is detected after the print job starts. 2. Printed by the Employee Consumer Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs No matter whether the print job in the distribution network may or may not be canceled, precious work time is wasted waiting for printing sensitive documents of the nodes. Such a waste of time unfortunately affects the transmission, the power of the company and its company.玍 产 —Another problem that often arises in distribution networks is to protect the information in sensitive documents from being shared by others when they are printed—others on the workstations are watching in common. The cooperating worker is Budang $, and sensitive documents can be encrypted The format of the electricity (: -5- the paper wave standard is applicable to the home standard (CNS) Α4 · (7 ^ 297 male seam 6 & 63 5 A7 B7 description of invention (3 printed by the Ministry of Economic Affairs Central Bureau of Preparatory Bureau Male Workers Consumer Cooperative, printed To cooperating workers. Sometimes, however, due to changes and / or telegrams also being sent to unintended recipients, sensitive documents may be inadvertently transmitted electronically. Of course, documents can be printed and mailed to cooperating workers ’ Secondly, significant shortcomings such as time delay and postal security will inevitably exist. Because of the effective establishment of a system and method to eliminate the sensitive printing nodes to print sensitive information about the sender or / and his pre-receiver Disadvantages. Summary of the invention 'The present invention discloses a 7F-type system and method, β prevents a copy of a file from being output from a printing node, and I identifies the intended recipient to the printing node. The system includes a transmitting node, a The printing node and a communication chain connect these nodes in a network. The transmission node accesses the printing node's public key, and = before sending it to the printing node through the communication chain, this public key is encrypted — 衣 ^ 楼The printing node accesses its private key to decrypt the header to determine, and is sensitive. (I.e., requires the recipient ’s authorization before printing). Save the file until you receive authorization to export it. The brief description of the features and advantages of this month will be highlighted by the detailed and accompanying drawings, as follows: The figure shows the tool delivery and the safety net system. Block diagram, this network system includes a transmission node and a printing node. Figure 2 a ^ 2 b display ^ T-block diagram of the network system, this network system uses Kan ... Key and send an encrypted header and different identification methods for documents from the send node to the print node. T ® @ cns) (Please read the precautions on the back before filling this page) Order f! A7 B7
SieddS 五、發明説明(4 圖J爲4秩圖,顯示一標示包含機密資訊之敏感文件 在接收者確認之前將不會輸出。 發明詳細敌述 本發明係相關於一種裝置及方法,以防止列·印節點之敏 感文件的列印’直到預定接收者授權如此之列印發生。雖 然利用詳盡的說明以達到對本發明通盤的了解,對於一般 熟知此技蟄者而言,可在不悖離發明精神與範圍之情況下 ,實行所述之實施例以外的不同實施例。另外,習知的電 路、元件等並不加以說明,以避免與本發明造成不必要的 i昆〉有3 在α羊細説明中,夕個岔碼通訊_相關(crypt〇graphy_re}ated) 的名詞通常用以敘述這裡所定義的特定特徵或性質。一個 ’’鍵(key)爲一習知在·碼通訊演釋法知編碼及/或解碼參數 。更特別的是,該鍵爲一循序的"n "位元長度之二進位資 料之分配("字串")’其中"n "爲任意數。一個,,文件"通常 以預定之資料量來定義,例如:以—匯流排週期順序傳送 之一或多頁資料。一"數位辨識··(dlgital certificate)爲一组 數位資訊’由眾所皆知的企業授權(例如,銀行、政府機 構、商業組織、元件製造商、公司保全、系統管理等等) 透過一專用鍵的使用密碼通訊地結合在一起。—個"數位 簽名"(digital signature)爲一相似的技術,以利用訊息發送 者之專用鍵來確保訊息的完整性。 參考圖1,顯示一簡單的分送、保全網路系統,以防止 敏感文件被錯誤地列印。保全網路系統10〇包括至少一傳 本纸張尺度適用中國國家標準(CNS ) A4規格(210X297公釐〉 ^ —-- (請先閱讀背面之注意事項再填寫本頁) 訂 經濟部中央標隼局負工消費合作社印製 A7 ________B7 ~^__ 五、發明説明(5 ) 送節點110 ’透過通訊線U0連接至一列印節點13〇。雖然 未顯示,更多的傳送節點可透過類似線丨20之分享或獨六 通訊,傳送至列印節點130。當保全網路系統獲得較大= 商業容纳’文件在置於商業鏈丨2〇之前,通常於傳送節點 110中加密。此將防止機密資訊之無照増益存取,當其被 傳送至列印節點13 0時。因此,列印節點丨3 〇最好包括軟體 或硬體,例如上述的相關參考申請案所揭示,以於輸出之 前解密文件。 ~ 現在參考圖2a-2b,顯示利用傳送和列印節點i 1〇與13〇 所採用的不對稱鍵技術之網路系統的實施例。此不對稱技 術利用兩個不同的鍵(如一”公用鍵,,及一"專用鍵"),以作 爲加密及解密3爲了建立從傳送節點丨丨〇至列印節點i 3 〇的 單一方向通訊,列印節點(,,PUK")之公用鍵應被初始化爲 可透過多種辨識方法之一’例如透過一網路-基礎的印表 機-鍵伺服器、當該等節點加入網路時,透過一具有相關 印表機公用鍵之所有網路節點之初始化、或透過任一種可 能的方法,來存取傳送節點1 10 ^這些可能的方法的每一 個白可利用一或多個由至少一委祀的授權(trusted auth〇rt;y) 經潦部中央標準局員工消費合作社印裝 (請先閲讀背面之注意事項再填寫本頁) 气! 所發佈之數位辨識,以獲取p U K並實體化列印節點之授 權。 , 圖2a中顯示一種獲取及確認PUIC的方法。一委託的授權 例如一列印節點製造商225製造列印節點13〇,該列印節點 於列印節點130中所完成之非揮發性儲存元件205中具有一 公用鍵("PUK") 210及一專用鍵r’PRK,,)21丨。此外,製造 本紙張尺度適用中國國家標準(CNS ) Α4規格(210Χ 297公釐) 316963SieddS V. Description of the invention (4 Figure J is a 4-rank diagram, showing that a sensitive document marked with confidential information will not be output until the recipient confirms it. Detailed description of the invention The present invention relates to a device and method to prevent listing · Printing of sensitive documents of printing nodes' until the intended recipient authorizes such printing to take place. Although detailed description is used to achieve a comprehensive understanding of the present invention, for those who are generally familiar with this technology, it is possible to do not deviate from the invention In the case of spirit and scope, different embodiments other than those described above are implemented. In addition, conventional circuits, components, etc. are not described in order to avoid unnecessary interference with the present invention. In the detailed description, the term "cryptography_re} ated" is usually used to describe the specific characteristics or properties defined here. A "key" is a common interpretation of code communication Know the encoding and / or decoding parameters. More specifically, the key is a sequential " n " bit length binary data distribution (" string ") 'where " n " Any number. One, the file " is usually defined by a predetermined amount of data, for example: one or more pages of data are sent in order of the bus cycle. A " digital identification · (dlgital certificate) is a set of digital information 'A well-known corporate authorization (for example, banks, government agencies, business organizations, component manufacturers, company security, system management, etc.) is combined together by a dedicated key using password communication.-A " digit "Signature" (digital signature) is a similar technology, which uses the special key of the message sender to ensure the integrity of the message. Referring to Figure 1, a simple distribution and security network system is shown to prevent sensitive documents from being erroneous. Print. The security network system 10 includes at least one copy of the paper. The standard of the paper is applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) ^ --- (please read the precautions on the back before filling this page). Printed by the Central Standard Falcon Bureau of the Ministry of Economic Affairs, Consumer Cooperative A7 ________B7 ~ ^ __ V. Description of the invention (5) Sending node 110 'Connect to a printing node 13 via communication line U0 Although not shown, more transmission nodes can be sent to the printing node 130 through the sharing or similar communication of the similar line 丨 20. When the security network system gets larger = commercial accommodation 'documents are placed in the commercial chain 丨 2 〇Before, it is usually encrypted in the transmission node 110. This will prevent the unauthorized access of confidential information when it is transmitted to the printing node 130. Therefore, the printing node 丨 3 〇 preferably includes software or hardware For example, as disclosed in the above-mentioned related reference application, to decrypt the file before output. ~ Referring now to FIGS. 2a-2b, a network system using asymmetric key technology adopted by the transmission and printing nodes i 10 and 13 is shown.的 实施 例。 Examples. This asymmetric technology uses two different keys (such as a "public key," and a "private key") as encryption and decryption 3 in order to establish a single from the transmission node to the printing node i 3 〇 For directional communication, the public key of the print node (,, PUK ") should be initialized to one of a variety of identification methods' such as through a network-based printer-key server, when these nodes join the network Time, through the initialization of all network nodes with the common key of the associated printer, or through any possible method to access the transmission node 1 10 ^ Each of these possible methods can use one or more At least one commissioned authorization (trusted auth〇rt; y) Printed by the Consumer Cooperative of the Central Bureau of Standards of the Ministry of Education (please read the precautions on the back before filling in this page) Gas! The digital identification issued to obtain p UK And the authorization of the printing node is materialized. Figure 2a shows a method for obtaining and confirming the PUIC. A delegated authorization, for example, a printing node manufacturer 225 manufactures the printing node 130. The printing node is printed The non-volatile storage element 205 completed in point 130 has a public key (" PUK ") 210 and a special key r'PRK ,, 21. In addition, the standard for manufacturing this paper is China National Standard (CNS) Α4 specification (210Χ 297 mm) 316963
商225於非揮發性儲存元件2〇5中儲存一列印節點辨識 ("PNCert") 215 »列印節點辨識PNCert 215至少相當於製造 商225之專用鍵("PRKM") 226所加密的ρυκ 210、在傳送 節點110之非揮發性儲存元件235之Ρυκ的辨識及儲存之後 ,PNCert215亦可儲存於非揮發性儲存元件235中。如此 之儲存爲可選擇的,因爲PNCert215將不再需要除非ρυκ 210毁壞或意外地從傳送節點丨1〇中移除。 在將列印節點連接一網路並將PNCert 215分送連接網路 的傳送節點no之後,傳送節點110可利用PNCert 215以辨 識⑴在初始分送之列印節點公用鍵("ρυκ")之授權(ii)列印 節點之特性(即,是否可實行接受者授權程序)。如此之辨 識可由區域委託的授權230 (即,一系統管理員或一擁有列 “p節點實體之保全公司),發佈一確認辨識Μ。 爲區域文尤授權(PRKLTA”)231所加密之製造商("puKM,,) 227之公用鍵來冗成。區域委託授權("pRKLTA") 232之公 用鍵知可廣之地爲網路使用者所使用。確認辨識24〇可被 解在以獲取PUKM 207 ’其可由解密pNcert 215來獲取PUK 210 〇 經濟部中央橾準局員工消费合作社印製 (請先閲讀背面之注意事項再填寫本頁)The quotient 225 stores a print node identification (" PNCert ") 215 in the non-volatile storage element 205 »The print node identification PNCert 215 is at least equivalent to the manufacturer ’s 225 private key (" PRKM ") 226 encrypted ρυκ 210. After the identification and storage of the Pνκ of the non-volatile storage element 235 of the transmission node 110, the PNCert 215 may also be stored in the non-volatile storage element 235. Such storage is optional because PNCert 215 will no longer be needed unless ρυκ 210 is destroyed or accidentally removed from the transit node. After connecting the printing node to a network and distributing the PNCert 215 to the transmission node no connected to the network, the transmission node 110 can use the PNCert 215 to identify the public key of the printing node (" ρυκ ") at the initial distribution Authorization (ii) Print the characteristics of the node (ie, whether the recipient authorization process can be implemented). Such identification can be authorized by the regional authority 230 (ie, a system administrator or a security company with a “p-node entity”) to issue a confirmation identification M. It is a manufacturer encrypted by the regional Wenyou Authorization (PRKLTA) 231 (&Quot; puKM ,,) The 227 public key is redundant. The regional delegation authorization (" pRKLTA ") 232 public key is widely used by network users. Confirm that identification 24〇 can be deciphered to obtain PUKM 207. It can be obtained by decrypting pNcert 215 to obtain PUK 210. Printed by the Employee Consumer Cooperative of the Central Bureau of Economic Affairs of the Ministry of Economic Affairs (please read the precautions on the back before filling this page)
,1T 圖2b顯tf可獲得確認PUK之另一方法的例子,其中區域 委託的授權230在將其提供给傳送節點q丨〇之前,内部地辨 識P U K 如所示,區域委先的授權2 3 0由利用列印節點製 造商"PUKM” 227之公用鍵來解密PNCert 215,從列印節點 1j〇獲取PUK 210。其後,區域委託的授權23 0建立一區域 產生的確認辨識("LVCert,,)245並將LvCert 245傳送至傳 本紙張中國國家標準(CNS)八砸( A7 B7 五、發明説明(7 ) 送節點110 9與圖2a之PNCert相似的,假如需要的話在 PUK 2 10辨識之後,LVCert 245可错存於非揮發性記憶體 元件235中》傳送節點1 1 0利用廣泛使用的PUKLTA 23 1來 解碼LVCert 245。結果’傳送節點110獲取次順序於儲存 非揮發性記憶體元件235中的PUK 2 10。 如圖2a與2b所示,在優先權節點130之公用鍵"puk" 2 10 可傳送至傳送節點110之後,傳送節點’110可利用PUK 210 之不對稱的"Rivest Shamir Adlemann" ("RSA")演繹法加密 一文件250。此形成一加密的文件255以傳送至列印節點 130。此外,文件之表頭260利用產生一加密表頭265之目 標的列印節點130之公用鍵"PUK" 2 10來加密。替代列印工 作之RSA加密,”表頭”可包括一之後由傳送者與接收者所 用之”區段鍵"(session key),以執行文件所需的密碼通訊 操作。眾所皆知的是:”表頭”爲減少一般相關公用鍵密碼 通訊計算執行’特別是大資料組的_般技術。然而,對於 本發明而言,表頭260包括允許列印節點丨3〇以支援不同功 能之控制資訊。 經濟部中央標準局貝工消費合作社印製 (請先閱讀背面之注意事項再填寫本頁) 訂 例如’表頭260可包括控制資訊’假如機密程度超過一 預定(或正常)的程度,其由選擇文件具有一特定的"機密" 程度,藉此於列印之前要求預定接收者之上站(〇n_site)授 權指7K文件爲一敏感文件。另一例子爲關於表頭26〇包括 一敏感文件之列印拷貝之預定接收者的公用鍵。因此,在 列印,,敏感,,文件之前,列印節點130將透過利用預定接收 者之公用鍵之一種授權技術(於下說明)確認該預定接收者, 1T Figure 2b shows an example of another method for obtaining PUK confirmation by tf, in which the regionally delegated authorization 230 internally recognizes the PUK before providing it to the transfer node q. As shown, the regionally delegated authorization 2 3 0 Decrypt the PNCert 215 by using the public key of the print node manufacturer " PUKM ”227, and obtain the PUK 210 from the print node 1j. Thereafter, the regional delegation authority 23 0 establishes a confirmation identification generated by the area (" LVCert,) 245 and send LvCert 245 to the Chinese National Standard (CNS) of the original paper (A7 B7 V. Description of the invention (7)) Sending node 110 9 is similar to PNCert of FIG. 2a, if required in PUK 2 10 After recognition, LVCert 245 can be misplaced in the non-volatile memory element 235. The transmission node 1 10 uses the widely used PUKLTA 23 1 to decode the LVCert 245. As a result, the transmission node 110 obtains the secondary order and stores the non-volatile memory. PUK 2 10 in the body element 235. As shown in FIGS. 2a and 2b, after the public key " puk " 2 10 of the priority node 130 can be transmitted to the transmission node 110, the transmission node '110 can utilize the asymmetry of the PUK 210 & Qu ot; Rivest Shamir Adlemann " (" RSA ") deductive encryption of a file 250. This forms an encrypted file 255 to be sent to the print node 130. In addition, the header 260 of the file uses the goal of generating an encrypted header 265 The public key "PUK" of the printing node 130 is encrypted. Instead of RSA encryption for printing, the "header" may include a "session key" (session key) used by the sender and receiver afterwards. ), To perform the password communication operations required by the file. It is well known that the “header” is a general technique for reducing the calculation of common related public key password communication, especially for large data sets. However, for the present invention In other words, the header 260 includes control information that allows printing nodes 丨 30 to support different functions. Printed by the Beigong Consumer Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs (please read the precautions on the back before filling in this page) 260 may include control information 'if the confidentiality level exceeds a predetermined (or normal) level, it is selected by the document to have a specific " confidential " level, thereby requesting a reservation before printing The recipient's on-site (〇n_site) authorization refers to the 7K document as a sensitive document. Another example is the public key of the intended recipient of the header 26〇 that includes a printed copy of a sensitive document. Therefore, in printing, Sensitive, before the document, the print node 130 will confirm the intended recipient by using an authorization technology (described below) that uses the public key of the intended recipient
0上6^83 A7 ---------B7_ 五、發明説明(8 ) -- 它,另例子爲控制資訊可包括標籤資訊,例如一”惟獨列 ="(Print 〇nly)標籤。此標籤將允許"敏感"文件2s〇從列印 即點130列印,但不允許文件25〇以文字格式儲存於記憶體 中3此惟獨列印”(print οη1γ)標籤之區域擴展爲控制資訊 包括一指示"敏感"文件可被列印次數之參數。 在—較佳實施例中,列印工作爲一連續的加密表頭265 力名的文件255透過一公用領域(public d〇ina]in) 270轉換 並進入列印節點l30。列印節_^點13〇首先利用pRK 2丨丨解密 加洽的表頭265,以確定加密的文件255是否包括機密資訊 〜要求列印節點13〇以至少避免列印該文件250,直到預 定的接收者在列印節點13〇出現。因此該文件25〇最好暫時 $儲存於列印節點13〇中的緩衝記憶體(未顯示),但是不 而要以加密的格式儲存。一旦接收確認預定的接收者出現 時’加密文件250(i)從緩衝記憶體擷取,(ii)被解密,及 (i i i)被列印。 經濟部中央標準局員工消費合作社印装 —--- — - I - I - J Vi— — — — —— 丁 ft 、-, (請先閱讀背面之注意事項再填寫本頁) s文件未被擷取或緩衝記憶體變成滿的時,預期可能存 在 一6況。在這些及相關的情況下,.從緩衝記憶體,•更 新(即從記憶體刪除)特定未擷取的文件,藉此釋放記憶 體芝間是必須的。此可自動地透過软體及/或硬體或手動 地由系统管理員,網路使用者等等來執行。 有—些授權技術來確認預定接收者存在於列印節點。其 中—個技術是等待一透過鍵盤輸入之預定接收者之個人的 辨識號碼(PIN"),及開始一敏感文件之列印工作之前列印 節點上的數字板(number pad) »在此情況下,列印節點可 --——-___________"11 - 本紙張尺度適用中國國家標準(CNS)从祕(21()><297公董) 五、發明説明(9 ) 包括相關每個辨識公用鍵之記憶體儲存PINS,或PIN可透 過表頭傳送至列印節點。 另一技術爲透過鍵盤輸入,,釋放碼"(releasecode)。釋放 碼馬列印時間由傳送節點所產生的特定-工作並包含於表 頭中。釋放碼係於短時間週期顯示於電腦的顯示螢&上, 以提供使用者足夠的資訊以擷取列印工作。假如預定接受 者不是傳送的使用者,傳送的使用者可透過一電話呼叫、 電子郵件、或其他裝置與預茫接收者通訊釋放碼。 再另一個技術爲利用授權的表徵字(token),例如 PCMCIA辨識元卡或可插入列印節點之智慧卡。取代要求 列印節點以維護表徵字辨識之記錄,表徵字的公用鍵可包 含太农 >員中,並且瑕好以加密的格式傳送至列印節點。因 此,列印節點需要簡化表徵字的公用鍵與之前在列印工作 標頭所接收公用鍵的匹配,並以表徵字執行一標準的詢問 /回應(Chaiienge/resp0nse)協定。如此的challenge/resp〇nse 協定確認該衣徵字由提供具有相應特定-表頭公用鍵專用 鍵之表徵字來授權。 第四個技術爲利用一稱爲"生物測定學"(biometrics)的存 取控穿!技術,该技術起初利用一保全設施(即建築物、房 間等等)之獲取裝置。生物測定學包拾感測一使用者的特 性(即’指紋、虹彩、視網膜等等),以獲取—單一的資料 框(通常稱爲"資料框”),或多個特性的資料框,並將獲取 的資料框與前所儲存的主體(master)相比較。假如每個所 獲取的貝料框與儲存的主體正確地比較,使用者被辨識並 S16&63 經濟部中央標準局員工消费合作社印装 A7 五、發明説明(ίο ) 被授權。 現在參考圖3,顯示一網 該文件必須被辨識爲"敏咸作的流程圖。首先, 有資訊是否包含於文件二二牛件(―:決於機密及,或專 般文件,一旦將文件傳 7驟300 )。假如爲— . 迗至—列印節點,傳送節%建今— .,± 迻貪訊,例如限制文件只被列印0 上 6 ^ 83 A7 --------- B7_ V. Description of the invention (8)-it, another example is that the control information can include label information, such as a "only column = " (Print 〇nly) Label. This label will allow " sensitive " document 2s〇 to be printed from point-in-time printing 130, but will not allow document 25〇 to be stored in memory in text format. 3 This area of "print only οη1γ" label Expanded to control information to include a parameter that indicates the number of times "sensitive" documents can be printed. In a preferred embodiment, the print job is a continuous encrypted header 265, and the file 255 with the name is converted through a public domain 270 and enters the print node 130. Print Festival_Point 13〇 First use pRK 2 to decrypt Gacha ’s header 265 to determine whether the encrypted document 255 includes confidential information. Require the printing node 13 to avoid printing the document 250 at least until scheduled The recipient of appears at the print node 130. Therefore, the file 25〇 is preferably temporarily stored in the buffer memory (not shown) in the print node 130, but it should be stored in an encrypted format. Once the receipt confirms that the intended recipient appears, the encrypted file 250 (i) is retrieved from the buffer memory, (ii) is decrypted, and (i i i) is printed. Printed by the Employees ’Consumer Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs ——————————————————————— Ding ft,-, (please read the precautions on the back before filling this page) s file was not When the capture or buffer memory becomes full, it is expected that there may be a situation. In these and related situations, it is necessary to update (ie, delete) specific unretrieved files from the buffer memory, thereby freeing memory. This can be performed automatically by software administrators, network users, etc. through software and / or hardware or manually. There are some authorization techniques to confirm that the intended recipient exists at the print node. One of the techniques is to wait for a personal identification number (PIN ") of the intended recipient entered through the keyboard, and to print the number pad on the node before starting the printing of a sensitive document »In this case , The print node can be -------___________ " 11-This paper scale is applicable to the Chinese National Standard (CNS) from the secret (21 () > < 297 public director) Fifth, the invention description (9) including each identification The memory of the public key stores PINS, or PIN can be sent to the print node through the header. Another technique is to enter through the keyboard, and release code " (releasecode). The release code horse print time is specific to the job generated by the transmitting node and is included in the header. The release code is displayed on the display screen of the computer in a short period of time to provide the user with enough information to retrieve the print job. If the intended recipient is not the sending user, the sending user can communicate the release code with the intended recipient via a telephone call, email, or other device. Yet another technique is to use authorized tokens, such as PCMCIA identification meta cards or smart cards that can be inserted into print nodes. Instead of requiring the print node to maintain the record of the character recognition, the public key of the character can be included in the staff and sent to the print node in an encrypted format. Therefore, the print node needs to simplify the matching of the public key of the token to the public key previously received in the print job header, and perform a standard challenge / response (Chaiienge / resp0nse) agreement with the token. Such a challenge / response agreement confirms that the clothing sign is authorized by providing a token with a special key for the corresponding specific-table header public key. The fourth technique is to use an access control system called " biometrics " (biometrics)! Technology, which initially used an acquisition device for a security facility (ie, building, room, etc.). Biometrics packs and senses the characteristics of a user (ie, 'fingerprints, iridescents, retinas, etc.) to obtain a single data frame (often referred to as " data frame "), or multiple characteristic data frames, Compare the acquired data frame with the previously stored master. If each acquired shell material frame is correctly compared with the stored master, the user is identified and S16 & 63 Employee Consumer Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs Printed A7 V. Description of invention (ίο) is authorized. Now referring to Figure 3, a flow chart showing that the document on a net must be recognized as " Min Xian Zuo. First of all, whether there is information included in the document 22 or 22 : Depends on confidential and / or special documents, once the document is transferred to step 300). If it is-. Go to-print node, send the section% Jianjin-., ± Move information, such as restricting the document to be listed only Seal
之、減輕修改文件任何機备 P .31〇. 0 , -s , a θ的惟獨列印"標籤(步驟3〇5_ J 1 υ )。其後,表頭及文件右施你…从 . 在被傳运给列印節點之前加密。 然而’假如文件不是,,敏碼" 〜取4又件,一旦將文件傳送给_ 列印節點,傳送節點建立—矣_s r * 一 表顽,该表頭包括必須授權預 疋接收者之資訊(公用鍵 '表徵字等等),及額外揭示保^ 所需的任何資訊(步骤305, 315卜假如授權資訊爲一釋放 碼,釋放碼必須於傳送節點之顯示勞幕上顯示,以致能預 足接收者指示列印節點開始列印敏感文件(步驟32〇及325 ) 。其後,表頭及文件被加密形成一列印工作且此列印工作 被傳送致列印節點(步驟3 3 〇 )。 一旦接收此列印工作,列印節點解密表頭以決定文件是 否爲一,,敏感文件”(步驟335及wo)。假如文件爲一般的文 件,列印節點解密該文件(步驟355 ),並接著列印該文件( 步驟:>60 )。但是’假如爲—敏感文件,列印節點儲存加密 的文件於一内部的緩衝記憶體中(步驟345 ),並等待鄰近 列印節點之預定接收者的授權(步驟35〇 ) s 一旦透過提供 一 PIN、釋放碼、一授權表徵字等接收授權,該列印節點 解密文件且其後列印該文件(步驟355及360)。預期敏感文 -13- 本纸張尺度適用中國國家樣準(CNS ) A4規格(210X297公董) (請先閱讀背面之注意事項再填寫本頁)In other words, the only way to alleviate the modification of files is to print the " label (step 3〇5_J 1 υ). Afterwards, the header and the document are given to you ... from. Encrypted before being transferred to the print node. However, 'If the file is not, the sensitive code " ~ take 4 or more, once the file is sent to the _ print node, the transfer node is established-_ _sr * a list of stubborn, the table header must include authorization to pre-receive the recipient Information (common key 'representation word, etc.), and any additional information required to reveal the security ^ (steps 305, 315) If the authorization information is a release code, the release code must be displayed on the display screen of the transmitting node to enable The pre-receiver instructs the print node to start printing sensitive documents (steps 320 and 325). Thereafter, the header and the document are encrypted to form a print job and this print job is transmitted to the print node (step 3 30). ). Once this print job is received, the print node decrypts the header to determine whether the document is one, sensitive document "(steps 335 and wo). If the document is a general document, the print node decrypts the document (step 355) , And then print the document (step:> 60). But 'if it is a sensitive document, the print node stores the encrypted document in an internal buffer memory (step 345), and waits for the neighboring print node Authorization of the intended recipient (step 35) s Once the authorization is received by providing a PIN, release code, an authorization token, etc., the print node decrypts the document and then prints the document (steps 355 and 360). Expected sensitive text -13- This paper scale is applicable to China National Standards (CNS) A4 specification (210X297 company director) (please read the notes on the back before filling this page)
經濟部中央標隼局員工消費合作社印褽 五、發明説明(11 件可於步驟345之前解密’所以預定 、义祛收者一破辨識,敏 感文件被列佇列印並被列印(步聲36〇 )。 在前所述之説明中,本發明已由畔多 阳斤^不同的万法並利用 許多不同的建構加以說明。然而,友不,降銪太总 在不浮離本發明之精神 及範圍之情況下亦可做不同的修正及改變。本發明所提出 的申請專利範圍如下所述。 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) (請先閱讀背面之注意事項再填寫本頁)Printed by the Central Standard Falcon Bureau Employee Consumer Cooperative of the Ministry of Economy V. Description of invention (11 pieces can be decrypted before step 345 'so the reservation, the right recipient is identified, the sensitive documents are printed and printed (step sound 36〇). In the foregoing description, the present invention has been explained by Pan Duoyangjin ^ different methods and using many different constructions. However, you do n’t, Jiang Yutai is not always floating away from the present invention. Different amendments and changes can be made in the spirit and scope. The scope of the patent application proposed by the present invention is as follows. This paper scale is applicable to the Chinese National Standard (CNS) A4 specification (210X 297 mm) (please read the back (Notes to fill out this page)