Search

US-12625988-B2 - Communication device, terminal device, non-transitory computer-readable recording medium storing computer-readable instructions thereof and control method thereof

US12625988B2US 12625988 B2US12625988 B2US 12625988B2US-12625988-B2

Abstract

A communication device may include: a database storing, for each of a plurality of OIDs of MIB, a value in association with the OID; and a controller configured to execute access to a value in the database according to an access request, wherein in a case where the access request includes a first OID and the user of a terminal device is not authenticated as a specific user, the controller executes access to the first value, and in a case where the access request includes a second OID and the user of the terminal device is not authenticated as the specific user, the access to the second value is not executed.

Inventors

  • Munehisa MATSUDA
  • Tetsuya Okuno
  • Koki IZUMI
  • Satoshi Matsushita
  • Satoru Yanagi
  • Kiyotaka Ohara
  • Katsunori Enomoto
  • Yuki Yada
  • Kyohei Mori
  • Hideki Nogawa

Assignees

  • BROTHER KOGYO KABUSHIKI KAISHA

Dates

Publication Date
20260512
Application Date
20230720
Priority Date
20220729

Claims (20)

  1. 1 . A communication device comprising: a database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, the plurality of OIDs including a first OID associated with a first value and a second OID associated with a second value where the second value has a higher security level than the first value; and a controller configured to: receive an access request from a terminal device, the access request being for requesting access to a value in the database, and the access request including one or more OIDs among the plurality of OIDs; determine whether the access request is for the first OID and/or the second OID; and execute access to a value in the database according to the determination, wherein in a case where it is determined that the access request contains the first OID, the controller executes access to the first value stored in the database in association with the first OID without authenticating a user of the terminal device as a specific user, in a case where it is determined that the access request includes the second OID, authenticating the user of the terminal device and in a case that the user of the terminal device is authenticated as the specific user, the controller executes access to the second value stored in the database in association with the second OID, and in a case where it is determined that the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the access to the second value in the database is not executed.
  2. 2 . The communication device according to claim 1 , wherein the user of the terminal device not being authenticated as the specific user includes that the user of the terminal device is authenticated as a user different from the specific user.
  3. 3 . The communication device according to claim 2 , wherein the plurality of OIDs further includes a third OID corresponding to a third value, and wherein in a case where the access request includes the third OID, which is different from the first OID, and the user of the terminal device is authenticated as an individual user different from the specific user, the controller executes access to the third value stored in the database in association with the third OID, and in a case where the access request includes the third OID and the user of the terminal device is not authenticated as any one of the specific user and the individual user, the access to the third value in the database is not executed.
  4. 4 . The communication device according to claim 1 , wherein the access request is a command according to Hypertext Transfer Protocol Secure (HTTPS).
  5. 5 . The communication device according to claim 1 , wherein the controller is further configured to: in the case where it is determined that the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, send a failure response to the terminal device as a response to the access request, the failure response indicating that the access to the second value has failed.
  6. 6 . The communication device according to claim 1 , wherein the access request is one of an acquisition request for acquiring a value stored in the database from the database and a writing request for writing a new value in the database.
  7. 7 . The communication device according to claim 1 , wherein the communication device further comprises a memory storing an indication of a security level for a value associated with the OID, and the controller is further configured to determine, by using the indication of the security level, the security level of a value associated with an OID in the access request.
  8. 8 . The communication device according to claim 1 , wherein authentication of the user of the terminal device uses digest authentication.
  9. 9 . The communication device according to claim 1 , wherein the controller is further configured to in a case that it is determined that the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, send the terminal device a response including information for causing the terminal device to display an input screen for input of a user name and a password.
  10. 10 . A non-transitory computer-readable recording medium storing computer-readable instructions for a terminal device, wherein the computer-readable instructions, when executed by a processor of the terminal device, cause the terminal device to: send an access request to a communication device, the access request being a command for requesting access to a value in a database of the communication device, the database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, the plurality of OIDs including a first OID associated with a first value and a second OID associated with a second value where the second value has a higher security level than the first value, and the access request including one or more OIDs among the plurality of OIDs that are specified by a user of the terminal device; and receive a response to the access request from the communication device, wherein in a case where the access request includes the first OID, the response includes first information indicating that access to a first value stored in the database in association with the first OID has succeeded without a user of the terminal device being authenticated as a specific user, in a case where the access request includes the second OID, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, the response includes second information indicating that access to a second value stored in the database in association with the second OID has succeeded, and in a case where the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the response does not include the second information.
  11. 11 . The non-transitory computer-readable recording medium according to claim 10 , wherein the user of the terminal device not being authenticated as the specific user includes that the user of the terminal device is a user different from the specific user.
  12. 12 . The non-transitory computer-readable recording medium according to claim 10 , wherein the plurality of OIDs further includes a third OID corresponding to a third value, and wherein in a case where the access request includes the third OID, which is different from the first OID, and the user of the terminal device is authenticated as an individual user different from the specific user, the response includes third information indicating that access to the third value stored in the database in association with the third OID has succeeded, and in a case where the access request includes the third OID and the user of the terminal device is not authenticated as any one of the specific user and the individual user, the response does not include the third information.
  13. 13 . The non-transitory computer-readable recording medium according to claim 10 , wherein the access request is a command according to Hypertext Transfer Protocol Secure (HTTPS).
  14. 14 . The non-transitory computer-readable recording medium according to claim 10 , wherein in the case where the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the response includes failure information indicating that the access to the second value has failed, and the computer-readable instructions further cause the terminal device to: in a case where the response including the failure information is received from the communication device, notify that authentication for the specific user is required.
  15. 15 . The non-transitory computer-readable recording medium according to claim 10 , wherein the access request is one of an acquisition request for acquiring a value stored in the database from the database and a writing request for writing a new value in the database.
  16. 16 . The non-transitory computer-readable recording medium according to claim 10 , wherein the terminal device comprises a memory storing an indication of a security level for a value respectively with the OID, the computer-readable instructions further cause the terminal device to: determine, by using the indication of the security level, whether authentication is required for a value associated with an OID to be included in the access request, and in a case where it is determined, by using the indication of the security level, that authentication as the specific user is required for the value associated with the OID, add information indicating that the user of the terminal device is the specific user to the access request.
  17. 17 . A non-transitory computer-readable recording medium storing computer-readable instructions for a communication device, wherein the communication device comprises: a processor; and a database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, the plurality of OIDs including a first OID associated with a first value and a second OID associated with a second value where the second value has a higher security level than the first value, wherein the computer-readable instructions, when executed by the processor, cause the communication device to: receive an access request from a terminal device, the access request being for requesting access to a value in the database, and the access request including one or more OIDs among the plurality of OIDs; determine whether the access request is for the first OID and/or the second OID; and execute access to a value in the database according to the determination, wherein in a case where it is determined that the access request includes the first OID the computer-readable instructions cause the communication device to access the first value stored in the database in association with the first OID without authenticating a user of the terminal device as a specific user, in a case where it is determined that the access request includes the second OID, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, the computer-readable instructions cause the communication device to access the second value stored in the database in association with the second OID, and in a case where it is determined that the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the access to the second value in the database is not executed.
  18. 18 . A control method of a communication device, wherein the communication device comprises a database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, the plurality of OIDs including a first OID associated with a first value and a second OID associated with a second value where the second value has a higher security level than the first value, wherein the control method comprises: receiving an access request from a terminal device, the access request being for requesting access to a value in the database, and the access request including one or more OIDs among the plurality of OIDs; determining whether the access request is for the first OID and/or the second OID; and executing access to a value in the database according to the determination, wherein in a case where it is determined that the access request includes the first OID, access to a first value stored in the database in association with the first OID is executed without authenticating a user of the terminal device as a specific user, in a case where it is determined that the access request includes the second OID, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, access to a second value stored in the database in association with the second OID is executed, and in a case where it is determined that the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the access to the second value in the database is not executed.
  19. 19 . A terminal device, comprising a controller, wherein the controller is configured to: send an access request to a communication device, the access request being a command for requesting access to a value in a database of the communication device, the database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, the plurality of OIDs including a first OID associated with a first value and a second OID associated with a second value where the second value has a higher security level than the first value, and the access request including one or more OIDs among the plurality of OIDs that are specified by an user of the terminal device; and receive a response to the access request from the communication device, wherein in a case where the access request includes the first OID, the response includes first information indicating that access to the first value stored in the database in association with the first OID has succeeded without a user of the terminal device being authenticated as a specific user, in a case where the access request includes the second OID, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, the response includes second information indicating that access to the second value stored in the database in association with the second OID has succeeded, and in a case where the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the response does not include the second information.
  20. 20 . A control method of a terminal device, the method comprising: sending an access request to a communication device, the access request being a command for requesting access to a value in a database of the communication device, the database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, the plurality of OIDs including a first OID associated with a first value and a second OID associated with a second value where the second value has a higher security level than the first value, and the access request including one or more OIDs among the plurality of OIDs that are specified by an user of the terminal device; and receiving a response to the access request from the communication device, wherein in a case where the access request includes the first OID, the response includes first information indicating that access to the first value stored in the database in association with the first OID has succeeded without a user of the terminal device being authenticated as a specific user, in a case where the access request includes the second OID, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, the response includes second information indicating that access to the second value stored in the database in association with the second OID has succeeded, and in a case where the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the response does not include the second information.

Description

REFERENCE TO RELATED APPLICATION This application claims priority from Japanese Patent Application No. 2022-121740 filed on Jul. 29, 2022. The entire content of the priority application is incorporated herein by reference. BACKGROUND ART A peripheral device including an MIB (Management Information Base) database is known. DESCRIPTION Values with different security levels coexist in an MIB database. The disclosure herein provides technologies for accessing to an MIB database with consideration given to coexistence of values with different security levels. A communication device disclosed herein may comprise a database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID; and a controller. The controller may be configured to: receive an access request from a terminal device, the access request being for requesting access to a value in the database, and the access request including one or more OIDs among the plurality of OIDs; and in a case where the access request is received from the terminal device, execute access to a value in the database according to the access request, wherein in a case where the access request includes a first OID among the plurality of OIDs and a user of the terminal device is authenticated as a specific user, the controller executes access to a first value stored in the database in association with the first OID, in a case where the access request includes a second OID among the plurality of OIDs, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, the controller executes access to a second value stored in the database in association with the second OID, in a case where the access request includes the first OID and the user of the terminal device is not authenticated as the specific user, the controller executes access to the first value in the database, and in a case where the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the access to the second value in the database is not executed. Also disclosed herein is a non-transitory computer-readable recording medium storing computer-readable instructions for a terminal device. The computer-readable instructions, when executed by a processor of the terminal device, may cause the terminal device to: send an access request to a communication device, the access request being a command for requesting access to a value in a database of the communication device, the database storing, for each of a plurality of object IDs (OIDs) of Management Information Base (MIB), a value in association with the OID, and the access request including one or more OIDs among the plurality of OIDs that are specified by an user of the terminal device; and receive a response to the access request from the communication device, wherein in a case where the access request includes a first OID among the plurality of OIDs and the user of the terminal device is authenticated as a specific user, the response includes first information indicating that access to a first value stored in the database in association with the first OID has succeeded, in a case where the access request includes a second OID among the plurality of OIDs, which is different from the first OID, and the user of the terminal device is authenticated as the specific user, the response includes second information indicating that access to a second value stored in the database in association with the second OID has succeeded, in a case where the access request includes the first OID and the user of the terminal device is not authenticated as the specific user, the response includes the first information, and in a case where the access request includes the second OID and the user of the terminal device is not authenticated as the specific user, the response does not include the second information. For example, it can be conceived that the second value has a higher security level than the first value. According to the configuration above, access to the first value is permitted regardless of whether the user of the terminal device is authenticated as the specific user or not, whereas access to the second value is not permitted unless the user of the terminal device is authenticated as the specific user. Access to an MIB database can be realized with consideration given to coexistence of values with different security levels. A computer program for implementing the above-described communication device and a computer-readable storage medium storing the computer program are also novel and useful. Further, a method performed by the above-described communication device is novel and useful. Further, the above-described terminal device and a computer program for implementing the terminal device are also novel and useful. Further, a method performed by the above-described terminal device is novel and useful. FIG.