JP2011100268A - Service providing system, authentication device, service providing device, control method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a service whose authority is different according to an authentication result in a plurality of authentication systems. <P>SOLUTION: A service providing system includes: an authentication device 110; and a service providing device 130a, wherein the authentication device 110 includes: an acquisition data reception part 116; a determination part 117; a reliability determination part 119; and a reliability data transmission part 122 for transmitting data indicating the reliability of authentication determined by the reliability determination part 119 to the service providing device 130a, and the service providing device 130a includes: a reliability data reception part 136a for receiving data showing the reliability of authentication transmitted from the authentication device 110; a service authority determination part 138a for determining the authority of a service to be provided to the user based on the data received by the reliability data reception part 136a; and a service providing part 139a for providing a service to a user based on authority determined by the service authority determination part 138a. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a service providing system, an authentication device, a service providing device, a control method, and a program. In particular, the present invention provides a service providing system that provides services with different authorities according to authentication results by a plurality of authentication methods, an authentication device that performs authentication by a plurality of authentication methods, and an authority according to an authentication result performed by the authentication device. The present invention relates to a service providing apparatus that provides different services, a service providing system, an authentication apparatus, a control method for controlling the service providing apparatus, and a program for the service providing system, the authentication apparatus, and the service providing apparatus.

  In a system that provides a service to a user via a communication line, such as a Web service or an ASP (Application Service Provider) service, the right is granted to a person who uses the service by authenticating by a plurality of authentication methods. There has been proposed a method of providing a service after confirming whether there is a person, whether the person is the person himself / herself, etc. (see, for example, Patent Document 1). In such a service providing system, data indicating a user who receives the service, master data of each authentication method registered in advance by the user, and a service provided when identity verification is performed by each of these authentication methods A database in which data indicating the authority is registered in a uniquely associated manner is used.

  FIG. 11 is a diagram showing an example of data registered in such a conventional database in a table format. The database shown in FIG. 11 includes user data “Taro”, semi-fixed password authentication master data “aaa”, fingerprint authentication master data “ddd”, voiceprint authentication master data “ggg”, and IP address authentication master. Data “10.1.1.1” and data indicating permission of “browsing” and “editing” as service authorities are uniquely associated and registered. The database also includes data indicating the user “Hanako”, semi-fixed password authentication master data “bbb”, fingerprint authentication master data “eeee”, voiceprint authentication master data “hh”, and IP address authentication master data. “10.1.1.2” and data indicating that “browsing” and “editing” are permitted as service authorities are uniquely associated and registered. This database also includes data indicating the user “Taichi”, semi-fixed password authentication master data “ccc”, fingerprint authentication master data “fff”, voiceprint authentication master data “iii”, and IP address authentication master data. “10.1.1.3” and data indicating permission of “browsing” and “editing” as service authorities are uniquely associated and registered. Note that the authority of the service registered in the database indicates the authority for the file stored in the server.

  Such a database is generally held by a server installed by a company operating a service providing system. On the other hand, when receiving a service, the user transmits each data necessary for a plurality of authentication methods from a terminal used by the user to the server. When the server receives each data transmitted from the terminal used by the user, the server determines whether each received data matches the master data of each authentication method registered in the database, If all match, the service authority uniquely associated is given to the user. For example, if each data registered in the database is as shown in FIG. 11, the user “Taro” needs semi-fixed password authentication, fingerprint authentication, voiceprint authentication, and IP address authentication in order to receive the service. To do. The terminal used by the user “Taro” must be equipped with hardware and software necessary for performing authentication using these authentication methods. When the server receives each data necessary for the authentication method from the terminal used by the user “Taro”, the semi-fixed password authentication master data “aaa”, the fingerprint authentication master data “ddd”, and the voiceprint authentication It is determined whether the received master data “ggg” and the master data “10.1.1.1.1” for IP address authentication match each received data. Then, when all the received data matches the master data, the server gives the user “Taro” the authority to permit “viewing” and “editing” on the file.

  As described above, in a service providing system such as a Web service or an ASP service, a combination of master data of a plurality of authentication methods used for authenticating a user is given when identity verification is performed by authentication. By uniquely associating the authority of the service to be provided, it is possible to grant the authority of the service for each user using a plurality of authentication methods.

JP 2005-004569 A

  However, the service providing system that uses the database in the above form has various problems. For example, in the database in which each piece of data is uniquely associated as described above, when setting a new authority for each user, as shown in FIG. A record in which a new combination of data is uniquely associated must be set for all users. In such a database, when each user is requested to authenticate using a new authentication method, master data of the new authentication method is newly registered and the authority of the service is changed as shown in FIG. If necessary, individual settings must be changed. Also, in such a database, when the authentication method used becomes obsolete and the authority of the service is changed, the authority of the service uniquely associated with each user is shown in FIG. Must be set again.

  As described above, data indicating the user who receives the service, master data of each authentication method registered in advance by the user, and data indicating the authority of the service provided when the identity verification is performed by each of these authentication methods. A service providing system that uses a database that is uniquely associated and registered has a problem that it is necessary to maintain a large-scale database in accordance with a change in authentication method or service authority.

  In the service providing system using the database in the above form, important personal information such as master data of the authentication method is handled. A business operator handling such personal information must ensure sufficient security from the viewpoint of protecting personal information. However, this situation is a major obstacle to entering the business if it is a business that wants to provide only services.

  In order to solve the above-described problem, according to the first aspect of the present invention, a service providing system that provides services having different authorities according to authentication results obtained by a plurality of authentication methods, wherein authentication is performed using a plurality of authentication methods. An authentication apparatus, and a service providing apparatus that provides a service with different authority according to the authentication result performed by the authentication apparatus, and the authentication apparatus is provided by an individual authentication unit provided in a terminal used by a user. Acquired individual authentication method data received from the terminal, the acquired data receiving unit, the individual authentication method data received by the acquired data receiving unit, and the individual authentication acquired in advance by the individual authentication method A determination unit that determines whether or not the master data of each method matches, and an authentication to which each data determined to match as a result of the determination by the determination unit belongs A reliability determination unit that determines the degree of reliability of authentication based on the determination result, and the authentication determined by the reliability determination unit based on the formula and a combination of authentication methods to which each data determined to be inconsistent belongs. A reliability data transmitting unit that transmits data indicating the degree of trust to the service providing apparatus, and the service providing apparatus receives data indicating the degree of trust of authentication transmitted from the authentication apparatus. A service authority determining unit that determines authority of a service provided to the user based on data received by the reliability data receiving unit, and a service providing unit that provides a service to the user according to the authority determined by the service authority determining unit; Have

  The authentication apparatus further includes a master data storage unit that stores master data acquired in advance by an authentication unit belonging to an individual authentication method, and the acquired data reception unit stores the master data when the master data is received from the terminal. The determination unit determines whether the data of the individual authentication method received by the acquired data reception unit matches the master data of the individual authentication method stored in the master data storage unit. You can do it.

  The authentication apparatus further includes a reliability data storage unit that stores data indicating a pass / fail combination that can be assumed as an authentication result by an individual authentication method and data indicating the degree of authentication reliability in association with each other. The determination unit is determined to be consistent as a result of the determination by the determination unit out of the pass / fail combinations that can be assumed as the authentication result by the individual authentication method indicated by the data stored in the reliability data storage unit The authentication method to which each data belongs, and the authentication indicated by the data associated with the data indicating the specified combination are specified by identifying the authentication method to which the combination of the authentication methods to which each data determined to be inconsistent belongs. May be determined as the degree of trust of authentication to be transmitted to the service providing apparatus.

  The authentication device includes a data log storage unit that stores data received by the acquired data receiving unit as a log, data received by the acquired data receiving unit, and data received by the acquired data receiving unit prior to the data A log determination unit that determines whether or not the data included in the log stored in the log storage unit matches, the reliability determination unit is further based on the result determined by the log determination unit, The degree of trust in authentication may be determined.

  In the reliability data storage unit, the data received by the acquisition data reception unit and the data received by the acquisition data reception unit before that and included in the log stored in the data log storage unit are identical. Further, data indicating a result that can be a verification result indicating whether or not a match is stored in association with each other, and the reliability determination unit includes a verification result indicated by the data associated with the data indicating the specified combination. Authentication that should be further specified that matches the result determined by the log determination unit, and that the degree of reliability of authentication indicated by the data associated with the data indicating the specified verification result is to be transmitted to the service providing apparatus The degree of trust may be determined.

  When the reliability determination unit determines the authentication reliability level, the authentication device notifies the service providing device that the determination has been made, and a data transmission request indicating the authentication reliability level A reliability data transmission request accepting unit that accepts from the service providing device, and the service providing device accepts a notification that the degree of authentication reliability has been determined from the authentication device; A reliability data transmission request unit that requests the authentication device to transmit data indicating the degree of reliability of the authentication when the reliability determination notification reception unit receives a notification that the degree of authentication reliability has been determined; The reliability data transmission unit further includes the authentication data determined by the reliability determination unit when the reliability data transmission request reception unit receives a data transmission request indicating the reliability of authentication. The data indicating the degree of Lai may be transmitted to the service providing apparatus.

  The service providing apparatus further includes an authority data storage unit that stores data indicating the degree of trust of authentication and data indicating service authority in association with each other, and the service authority determining unit is stored in the authority data storage unit. Among the degrees of trust of the authentication indicated by the data being received, the one corresponding to the degree of trust of the authentication indicated by the data received by the reliability data receiving unit is identified, and the degree of trust of the specified authentication is indicated The authority of the service indicated by the data associated with the data may be determined as the authority of the service to be provided to the user.

  The service providing device uses a service provision request accepting unit that accepts a service provision request from a terminal used by the user, and the terminal that made the request when the service provision request accepting unit accepts the service provision request. An authentication request unit that requests the authentication device to authenticate the user who is performing the authentication, the authentication device includes an authentication request reception unit that receives the user authentication request from the service providing device, and the request reception unit issues a user authentication request. If received, the data acquisition unit further includes an acquisition data transmission request unit that requests the terminal used by the user to acquire and transmit individual authentication method data, and the acquisition data reception unit is an acquisition data transmission request unit After requesting the terminal used by the user to acquire and transmit the data of the individual authentication method, the authentication is performed by the individual authentication means included in the terminal. The individual authentication method data may be received from the terminal.

  The service providing apparatus further includes an appropriateness determining unit that determines whether or not the degree of reliability of authentication indicated by the data received by the reliability data receiving unit is appropriate, and the authentication requesting unit includes a degree of authentication reliability When the appropriateness determination unit determines that the authentication is not appropriate, the authentication apparatus may be requested to perform authentication again by a combination of different authentication methods.

  According to the second aspect of the present invention, there is provided a control method for controlling a service providing system that provides services having different authorities according to authentication results obtained by a plurality of authentication methods, wherein an authentication apparatus that performs authentication by a plurality of authentication methods is provided. In the acquisition data reception stage, the authentication apparatus receives the data of the individual authentication method acquired by the individual authentication means provided in the terminal used by the user from the terminal, and in the acquisition data reception stage The determination unit for determining whether the data of the individual authentication method and the master data of the individual authentication method acquired in advance by the individual authentication method match each other, and the authentication device determines in the determination stage As a result, a combination of authentication methods to which each data determined to match and an authentication method to which each data determined to not match belong A reliability determination stage for determining the degree of authentication reliability based on the determination result, and reliability data for transmitting data indicating the authentication reliability determined in the reliability determination stage to the service providing apparatus by the authentication apparatus A reliability data reception stage in which a service providing apparatus that provides a service having different authority according to an authentication result performed by the authentication apparatus receives data indicating a degree of reliability of authentication transmitted from the authentication apparatus; The service providing apparatus determines the authority of the service to be provided to the user based on the data received in the reliability data receiving stage, and the authority provided to the user by the authority determined by the service providing apparatus in the service authority determining stage. A service providing stage for providing a service.

  According to the third aspect of the present invention, there is provided a program for a service providing system that provides services having different authorities according to authentication results by a plurality of authentication methods, and an authentication device that performs authentication by a plurality of authentication methods The data of the individual authentication method acquired from the individual authentication method acquired by the individual authentication means provided in the terminal used by the terminal, the data of the individual authentication method received by the acquisition data receiving unit And the determination unit that determines whether or not the master data of the individual authentication method acquired in advance by the individual authentication method matches each other, and each data that is determined to match as a result of the determination by the determination unit Based on the combination of the authentication method to which the data belongs and the authentication method to which each data determined to be inconsistent belongs, A reliability determination unit to be determined, and a data indicating the reliability of authentication determined by the reliability determination unit to function as a reliability data transmission unit for transmitting to the service providing device, and depending on an authentication result performed by the authentication device A service providing device that provides a different service is provided to a user based on data received by the reliability data receiving unit and data received by the reliability data receiving unit that receives data indicating the reliability of authentication transmitted from the authentication device. A service authority determining unit that determines the authority of the service, and a service providing unit that provides the user with the authority determined by the authority determined by the service authority determining unit.

  According to the fourth aspect of the present invention, there is provided an authentication device that performs authentication by a plurality of authentication methods, and data of individual authentication methods acquired by individual authentication means provided in a terminal used by a user. The acquired data receiving unit that receives the data from the terminal, the data of the individual authentication method received by the acquired data receiving unit, and the master data of the individual authentication method acquired in advance by the individual authentication method respectively match A combination of an authentication method to which each data determined to match, and an authentication method to which each data determined to not match belong. Based on the authentication result, a reliability determination unit that determines the degree of authentication reliability based on the determination result, and data indicating the authentication reliability determined by the reliability determination unit And a reliability data transmission unit that transmits to the service providing apparatus for providing different services with limited.

  According to the fifth aspect of the present invention, there is provided a control method for controlling an authentication apparatus that performs authentication by a plurality of authentication methods, and is obtained by individual authentication means provided in a terminal used by a user. Authentication data received from the terminal, the individual authentication method data received in the acquisition data reception step, and the individual authentication method master acquired in advance by the individual authentication method. A determination stage for determining whether or not each data matches, an authentication method to which each data determined to match as a result of the determination in the determination stage belongs, and each data determined not to match Based on the combination of authentication methods to which the system belongs, determined at the reliability determination stage for determining the degree of authentication reliability based on the determination result, and at the reliability determination stage The data indicating the degree of confidence of the testimony, and a reliability data transmission step of transmitting to the service providing apparatus for providing different services authorized in accordance with the authentication result.

  According to the sixth aspect of the present invention, there is provided a program for an authentication device that performs authentication by a plurality of authentication methods, and the authentication device is acquired by individual authentication means provided in a terminal used by a user. The individual authentication method data received from the terminal, the individual authentication method data received by the acquisition data receiving unit, and the individual authentication method master acquired in advance by the individual authentication method. A determination unit that determines whether or not each data matches, an authentication method to which each data determined to match as a result of determination by the determination unit belongs, and each data that is determined not to match Based on the combination of authentication methods, a reliability determination unit that determines the degree of authentication reliability based on the determination result, data indicating the reliability of authentication determined by the reliability determination unit, Depending on the authentication result to function as a reliability data transmission unit that transmits to the service providing apparatus for providing different services authorized.

  According to the seventh aspect of the present invention, there is provided a service providing apparatus that provides a service having different authority according to an authentication result performed by an authentication apparatus that performs authentication by a plurality of authentication methods. A reliability data receiving unit that receives data indicating a degree of trust, a service authority determining unit that determines authority of a service to be provided to a user based on data received by the reliability data receiving unit, and a service authority determining unit, A service providing unit that provides a service to the user according to the determined authority.

  According to an eighth aspect of the present invention, there is provided a control method for controlling a service providing apparatus that provides a service with different authority according to an authentication result performed by an authentication apparatus that performs authentication by a plurality of authentication methods. A reliability data reception stage for receiving data indicating the degree of trust of the transmitted authentication, and a service authority determination stage for determining the authority of the service provided to the user based on the data received in the reliability data reception stage; The service providing apparatus includes a service providing stage for providing a service to the user according to the authority determined in the service authority determining stage.

  According to a ninth aspect of the present invention, there is provided a program for a service providing apparatus that provides a service with different authority according to an authentication result performed by an authentication apparatus that performs authentication by a plurality of authentication methods, the service providing apparatus comprising: A reliability data receiving unit that receives data indicating the degree of reliability of authentication transmitted from the authentication device, and a service authority determining unit that determines the authority of the service provided to the user based on the data received by the reliability data receiving unit The service authority determining unit functions as a service providing unit that provides a service to the user according to the authority.

  The above summary of the invention does not enumerate all the necessary features of the present invention, and sub-combinations of these feature groups can also be the invention.

  As is apparent from the above description, according to the present invention, even when the authentication method or the authority of the service is changed, a desired setting can be reflected without performing a large-scale maintenance. In addition, it is possible to remove the authentication work from the work of the service provider, and to promote the new entry of the service provider that provides services such as the Web service and the ASP service.

It is a figure which shows an example of the utilization environment of the service provision system 100 which concerns on one Embodiment. It is a figure which shows an example of the information 200 displayed on the display of the client terminal. It is a figure which shows an example of the dialog box 300 displayed on the display of the client terminal 140. FIG. It is a figure which shows an example of the block configuration of the authentication server 110 and the application server 130. 4 is a diagram illustrating an example of an operation sequence of an authentication server 110, an application server 130, and a client terminal 140. FIG. It is a figure which shows an example of the data which the master data storage part 111 has stored in the table format. It is a figure which shows an example of the data which the data log storage part 112 has stored in the table format. It is a figure which shows an example of the data which the reliability data storage part 113 stores in a table format. It is a figure which shows an example of the data which the authority data storage part 131 stores in a table format. It is a figure which shows an example of each hardware constitutions of the authentication server 110 and the application server 130. It is a figure which shows an example of the data which the conventional database has registered in a table format. It is a figure which shows an example of the data which the conventional database has registered in a table format. It is a figure which shows an example of the data which the conventional database has registered in a table format. It is a figure which shows an example of the data which the conventional database has registered in a table format.

  Hereinafter, the present invention will be described through embodiments of the invention. However, the following embodiments do not limit the invention according to the scope of claims, and all combinations of features described in the embodiments are included. It is not necessarily essential for the solution of the invention.

  FIG. 1 shows an example of a usage environment of a service providing system 100 according to an embodiment. The service providing system 100 includes an authentication server 110, a plurality of application servers 130a, b, c,... (Hereinafter collectively referred to as application server 130), and a plurality of client terminals 140a, b, c, d,. (Hereinafter collectively referred to as a client terminal 140) and a communication line 150.

  Note that the communication line 150 includes a computer network such as the Internet, a core network of a communication carrier, and various local networks. The client terminal 140 includes a personal computer, a portable information terminal such as a PDA (Personal Digital Assistant), and a mobile phone. The client terminal 140 may be an example of a terminal used by a user in the present invention.

  A user who wants to receive a service provided by the application server 130 uses the client terminal 140 to transmit data to the application server 130 to request service provision. For example, the user accesses a URL (Uniform Resource Locator) such as a Web service or an ASP service provided by the application server 130 by a Web browser installed on the client terminal 140, and enters the URL of the access destination URL. Click a button such as “Start Service”. As described above, when the user clicks a button such as “service start”, the client terminal 140 transmits data to the application server 130 to request the provision of the service.

  When the application server 130 receives the data requesting the provision of service from the client terminal 140, the application server 130 transmits the data requesting to authenticate the user to the authentication server 110. In addition, the application server 130 transmits data for requesting to authenticate the user to the server 110, and at the same time, data for HTTP (HyperText Transfer Protocol) redirection to the URL for authentication published by the authentication server 110. Is transmitted to the client terminal 140.

  When the authentication server 110 receives the data requesting to authenticate the user from the application server 130, the authentication server 110 receives the data requesting to transmit data necessary for authentication by the user to be authenticated. It is transmitted to the client terminal 140 being used. The data necessary for authentication is data acquired by an authentication unit of an authentication method to which master data for authentication registered in advance in the authentication server 110 from a user belongs.

  When the client terminal 140 receives data requesting to transmit data necessary for authentication from the authentication server 110, the client terminal 140 outputs information prompting the user to input data necessary for authentication. To do. For example, the client terminal 140 displays information 200 as shown in FIG. 2 on the display as information for prompting the user to input data necessary for authentication. Specifically, the information 200 displayed on the display includes content 210 that prompts input of an ID (identifier) and content 220 that prompts input of authentication data by selecting any one or a plurality of authentication methods. When inputting the ID, the user inputs a character string of the ID into a text box 211 configured as content 210 that prompts the input of the ID. In addition, when the user inputs the authentication data, among the plurality of buttons 221a, b, c,... (Hereinafter collectively referred to as the button 221) included in the content 220 that prompts the user to input the authentication data. A button 221 that prompts input of authentication data belonging to the authentication method to be used is clicked. When the button 221 is clicked by the user, on the display of the client terminal 140, for example, a dialog box or the like in which information instructing to input authentication data by a predetermined authentication unit is displayed. The user inputs authentication data by a predetermined authentication means in accordance with an instruction described in the dialog box. For example, when the button 221a that prompts the user to input semi-fixed password authentication is clicked, a dialog box 300 that prompts the user to enter a semi-fixed password is displayed on the display of the client terminal 140 as shown in FIG. The user inputs the semi-fixed password in the text box 310 included in the dialog box 300 and clicks the button 320 on which “OK” is written. When the semi-fixed password is input by the user in this way, information 200 as shown in FIG. 2 is displayed again on the screen of the client terminal 140. When the user inputs authentication data belonging to another authentication method, the user inputs the authentication data of the authentication method by clicking the button 221 of the desired authentication method in the same manner as when the semi-fixed password is input. A dialog box for performing authentication is displayed, and authentication data is input by a predetermined authentication means. When the user finishes inputting authentication data belonging to one or more desired authentication methods, the user clicks a button 230 on which “Send” is written. In this way, when the ID and authentication data belonging to one or a plurality of authentication methods are input by the user and the button 230 labeled “SEND” is clicked, the client terminal 140 displays data indicating the input ID. And the authentication data are transmitted to the authentication server 110.

  When the authentication server 110 receives data input by the user from the client terminal 140, the authentication server 110 authenticates the user. Specifically, the authentication server 110 performs authentication by determining whether each received data belonging to an individual authentication scheme matches each master data belonging to the same authentication scheme. Master data is data registered in advance in the authentication server 110 by the authentication means provided in the client terminal 140 that can be used by the user when the user uses the system. This data is the basic information when performing. When the authentication server 110 determines whether each received data and each master data match, as a result, the authentication method to which the data that matches the master data belongs and the data that does not match belong. The degree of trust of this authentication is determined according to the combination with the authentication method. The degree of trust in authentication is higher as the amount of data that matches the master data increases. For example, the degree of trust of authentication is quantified as 1, 2, 3,... (The smaller the numerical value, the higher the degree of trust of authentication).

  When the authentication server 110 determines the degree of trust of authentication, the authentication server 110 transmits data indicating that the authentication is complete to the application server 130. In addition, the authentication server 110 transmits data for notifying that the authentication has been completed to the application server 130, and at the same time, transmits data for HTTP redirection to a URL for providing a service published by the application server 130 to the client. Transmit to the terminal 140.

  When the application server 130 receives data indicating that the authentication has been completed from the authentication server 110, the application server 130 transmits data indicating a request to transmit data indicating the degree of reliability of the authentication to the authentication server 110. . When the authentication server 110 receives data requesting to transmit data indicating the authentication result from the application server 130, the authentication server 110 transmits data indicating the reliability of authentication to the application server 130.

  Then, when the application server 130 receives data indicating the degree of authentication trust from the authentication server 110, the application server 130 provides the user with a service having authority that matches the degree of authentication trust. Specifically, the application server 130 provides a higher authority service to the user as the degree of authentication trust is higher. For example, there are “1” as the degree of trust of authentication and “2” lower than that, and the authority to permit “viewing and editing” of the file and “viewing only” of the file are permitted as the authority of the service. If there is an authority, the application server 130 gives the user the authority to permit “viewing and editing” the file when the authentication trust degree is “1”, and the authentication trust degree is “2”. Sometimes grants the user permission to “view only” files.

  In the present embodiment, the configuration in which the service providing system 100 includes one authentication server 110 has been described for the purpose of preventing the description from becoming complicated. However, the service providing system 100 includes a plurality of authentication servers 110. It's okay.

  FIG. 4 shows an example of a block configuration of the authentication server 110 and the application server 130. The authentication server 110 includes a master data storage unit 111, a data log storage unit 112, a reliability data storage unit 113, an authentication request reception unit 114, an acquisition data transmission request unit 115, an acquisition data reception unit 116, a determination unit 117, and a log determination unit. 118, a reliability determination unit 119, a reliability determination notification unit 120, a reliability data transmission request reception unit 121, and a reliability data transmission unit 122. The application server 130a includes an authority data storage unit 131a, a service provision request reception unit 132a, an authentication request unit 133a, a reliability determination notification reception unit 134a, a reliability data transmission request unit 135a, a reliability data reception unit 136a, and an appropriateness determination unit 137a. A service authority determining unit 138a and a service providing unit 139a. The authentication server 110 may be an example of an authentication device according to the present invention, and the application server 130 may be an example of a service providing device according to the present invention.

  The application servers 130b, c,... Other than the application server 130a also have the same constituent elements as the constituent elements of the application server 130a. In the following description, when distinguishing which component of the application server 130 the component of the application server 130a is, the same subscript (a, b, c) as that of the application server 130 having each component. Is added to the end of each component to distinguish them. For example, the authority data storage unit 131a, the authority data storage unit 131b, and the authority data storage unit 131c indicate that they are components of the application server 130a, the application server 130b, and the application server 130c, respectively.

  Further, in the following description, the function and operation of a component that is not given a subscript indicates the function and operation of any component that is assigned the same reference numeral. For example, the functions and operations described in the service provision request receiving unit 132 indicate the functions and operations of the service provision request receiving unit 132a, the service provision request receiving unit 132b, the service provision request receiving unit 132c,.

  The function and operation of each component will be described below. The master data storage unit 111 individually stores master data of each user acquired in advance by an authentication unit belonging to an individual authentication method. Specifically, the authentication means belonging to the individual authentication method is an authentication means provided in the client terminal 140. However, some client terminals 140 may not be provided with authentication means belonging to a specific authentication method. Therefore, the master data stored in the master data storage unit 111 may include master data of an authentication method that is not stored depending on the user.

  The data log storage unit 112 stores the data received by the acquired data reception unit 116 as a log. Specifically, the data log storage unit 112 stores each piece of data of the individual authentication method received by the acquired data receiving unit 116 from the client terminal 140 and data indicating the date and time when each piece of data was received. . In addition, when there is authentication method data that has not been transmitted from the client terminal 140, the data log storage unit 112 may store, as a log, that the authentication method data has not been transmitted.

  The reliability data storage unit 113 is data indicating a combination of pass / fail that can be assumed as an authentication result by an individual authentication method, data indicating a result that can be a determination result of the log determination unit 118, and data indicating a degree of authentication reliability. Are stored in association with each other. Specifically, the data indicating the result that can be the determination result of the log determination unit 118 is the data received by the acquisition data reception unit 116 and the data received by the acquisition data reception unit 116 before that, This is data indicating whether or not the data included in the log stored in the data log storage unit 112 matches. Note that the reliability data storage unit 113 may individually store a data table in which these data are associated as a data table for each service provided by each application server 130.

  The authentication request receiving unit 114 receives a user authentication request from the application server 130a. Specifically, the authentication request reception unit 114, when receiving data requesting user authentication from the application server 130a, obtains data indicating that a user authentication request has been received. Send to part 115. In addition, when the authentication request reception unit 114 receives from the application server 130a data requesting to perform authentication again by a combination of different authentication methods, the authentication request reception unit 114 confirms that there is a request to perform authentication again by a combination of different authentication methods. The data to be notified is sent to the acquired data transmission request unit 115.

  When the request reception unit 114 receives a user authentication request, the acquisition data transmission request unit 115 requests the client terminal 140 used by the user to acquire and transmit data of an individual authentication method. . Specifically, when the acquisition data transmission request unit 115 receives data indicating that a user authentication request has been received from the authentication request reception unit 114, the acquisition data transmission request unit 115 acquires and transmits data of an individual authentication method. The request data is transmitted to the client terminal 140 used by the user. In addition, when the acquisition data transmission request unit 115 receives from the authentication request reception unit 114 data indicating that there has been a request to perform authentication again by a combination of different authentication methods, the authentication method by a combination of different authentication methods Is sent to the client terminal 140 used by the target user.

  The acquisition data receiving unit 116 receives data of individual authentication methods acquired by individual authentication means provided in the client terminal 140 from the client terminal 140. Specifically, when the acquired data receiving unit 116 receives individual authentication method data from the client terminal 140, the acquired data receiving unit 116 sends the received data to the determination unit 117 and the log determination unit 118 and stores them in the data log storage unit 112. To do. In addition, when registering master data of an individual authentication method for the user to start using the system, the acquisition data receiving unit 116 receives each master data of the individual authentication method from the client terminal 140 and receives each received master data. Master data is stored in the master data storage unit 111.

  The determination unit 117 determines whether the data of the individual authentication method received by the acquired data reception unit 116 matches the master data of the individual authentication method acquired in advance by the individual authentication method. Specifically, when the determination unit 117 receives individual authentication method data from the acquired data reception unit 116, the determination unit 117 extracts master data of the same authentication method as the received data from the master data storage unit 111. Then, the determination unit 117 determines whether each data of the individual authentication method received from the acquired data reception unit 116 matches each master data extracted from the master data storage unit 111. Then, the determination unit 117 sends data indicating the determination result of the match or mismatch between the data of each authentication method and the master data to the reliability determination unit 119.

  The log determination unit 118 includes data received by the acquisition data reception unit 116 and data received by the acquisition data reception unit 116 before that, and is included in the log stored in the data log storage unit 112 Is matched. Specifically, when the log determination unit 118 receives data of an individual authentication method from the acquisition data reception unit 116, the log determination unit 118 stores the received data as a log transmitted before that from the user who transmitted the authentication server 110. The extracted data is extracted from the data log storage unit 112. Then, the log determination unit 118 determines whether each data of the individual authentication method received from the acquired data reception unit 116 matches each data extracted from the data log storage unit 112, and indicates the determination result. The data is sent to the reliability determination unit 119.

  As a result of the determination by the determination unit 117, the reliability determination unit 119 includes a combination of an authentication method to which each data determined to match, a combination of authentication methods to which each data determined not to match, and a log Based on the determination result of the determination unit 118, the degree of trust of authentication based on these determination results is determined. Specifically, the reliability determination unit 119 receives data indicating a determination result of matching or mismatching between the data of each authentication method and the master data from the determination unit 117, and the data received by the acquired data receiving unit 116, When data indicating that the data received by the acquired data receiving unit 116 matches before is received from the log determination unit 118, based on these data and the data stored in the reliability data storage unit 113, The degree of trust of this authentication is determined. Then, when the reliability determination unit 119 determines the authentication reliability level, the reliability determination unit 119 sends data indicating that the authentication reliability level has been determined to the reliability determination notification unit 120, and also determines the reliability of the determined authentication. Data indicating the degree is retained. Then, when the reliability determination unit 119 receives data from the reliability data transmission request unit 121 for notifying that there is a request to transmit data indicating the degree of authentication reliability, the stored authentication is performed. Data indicating the degree of reliability is sent to the reliability data transmission unit 122.

  When the reliability determination unit 119 determines the authentication reliability level, the reliability determination notification unit 120 notifies the application server 130a that the authentication reliability level has been determined. Specifically, the reliability determination notification unit 120, when receiving data from the reliability determination unit 119 to notify that the degree of authentication reliability has been determined, sends the data to the application server 130a.

  The reliability data transmission request receiving unit 121 receives a data transmission request indicating the degree of authentication reliability from the application server 130a. Specifically, when receiving data indicating a request for transmitting data indicating the degree of authentication reliability from the application server 130a, the reliability data transmission request receiving unit 121 requests to transmit data indicating the degree of authentication reliability. Data to notify that there has been is sent to the reliability determination unit 119.

  The reliability data transmission unit 122 transmits data indicating the reliability of authentication determined by the reliability determination unit 119 to the application server 130a. Specifically, when the reliability data transmission unit 122 receives data indicating the reliability of authentication from the reliability determination unit 119, the reliability data transmission unit 122 transmits the data to the application server 130a.

  The authority data storage unit 131a stores data indicating the degree of trust of authentication and data indicating service authority in association with each other.

  The service provision request accepting unit 132a accepts a service provision request from the client terminal 140 used by the user. Specifically, the service provision request receiving unit 132a receives data indicating a service provision request from the client terminal 140 used by the user, and provides data indicating that there has been a service provision request. This is sent to the authentication request unit 133a.

  When the service provision request receiving unit 132a receives a service provision request, the authentication request unit 133a requests the authentication server 110 to authenticate the user who uses the client terminal 140 that has made the request. Specifically, when the authentication request unit 133a receives data indicating that a service provision request has been received from the service provision request receiving unit 132a, the authentication request unit 133a requests authentication of the user who has made the service provision request. Is sent to the authentication server 110. Further, when the authentication requesting unit 133a receives data indicating that the degree of trust of authentication is not appropriate from the appropriateness determining unit 137a, the authentication requesting unit 133a transmits to the authentication server 110 data requesting to perform authentication again by a combination of different authentication methods. Send.

  The reliability determination notification reception unit 134a receives a notification from the authentication server 110 that the degree of authentication reliability has been determined. Specifically, when the reliability determination notification reception unit 134a receives data indicating that the degree of authentication reliability has been determined from the authentication server 110, the reliability determination data reception request unit 135a receives the data indicating that fact. Send to.

  The reliability data transmission request unit 135a, when the reliability determination notification reception unit 134a receives a notification that the degree of authentication reliability has been determined, transmits an authentication server to transmit data indicating the degree of authentication reliability. 110 is requested. Specifically, when the reliability data transmission request unit 135a receives from the reliability determination notification receiving unit 135a data indicating that it has been notified that the authentication reliability level has been determined, the reliability data transmission requesting unit 135a determines the reliability of the determined authentication. Data indicating that the data indicating the degree is requested is transmitted to the authentication server 110.

  The reliability data receiving unit 136a receives data indicating the reliability of authentication transmitted from the authentication server 110. Specifically, when the reliability data receiving unit 136a receives data indicating the determined reliability of authentication from the authentication server 110, the reliability data receiving unit 136a sends the received data to the appropriateness determining unit 137a and the service authority determining unit 138a.

  The appropriateness determination unit 137a determines whether or not the degree of reliability of authentication indicated by the data received by the reliability data receiving unit 136a is appropriate. Specifically, when the data indicating the degree of authentication reliability is received from the reliability data receiving unit 136a, the appropriateness determination unit 137a determines whether the degree of authentication reliability indicated by the data is appropriate. . If the appropriateness determination unit 137a determines that the degree of reliability of authentication is appropriate, the appropriateness determination unit 137a sends data indicating that to the service authority determination unit 138a. On the other hand, when the appropriateness determination unit 137a determines that the degree of reliability of authentication is not appropriate, the appropriateness determination unit 137a sends data indicating that to the authentication requesting unit 133a.

  The service authority determining unit 138a determines the authority of the service provided to the user based on the data received by the reliability data receiving unit 136a. Specifically, the service authority determining unit 138a receives data indicating the degree of authentication reliability from the reliability data receiving unit 136a. Then, when the service authority determining unit 138a receives data indicating that the degree of trust of the authentication is appropriate from the appropriateness determining unit 137a, the service authority determining unit 138a and the authority data storage unit 131a receive the data received from the reliability data receiving unit 136a. Based on the stored data, the authority of the service to be given to the user is determined, and data indicating the determined authority of the service is sent to the service providing unit 139a.

  The service providing unit 139a provides a service to the user according to the authority determined by the service authority determining unit 138a. Specifically, when the service providing unit 139a receives data indicating the authority of the service to be granted to the user from the service authority determining unit 138a, the service providing unit 139a uses the user so that a service based on the authority is provided to the user. The processing related to the provision of the service is executed for the client terminal 140.

  FIG. 5 shows an example of an operation sequence of the authentication server 110, the application server 130, and the client terminal 140. First, when operated by a user who desires to provide a service, the client terminal 140 transmits data requesting to provide the service to the application server 130a (S101). The service provision request receiving unit 132a of the application server 130a receives this data transmitted from the client terminal 140.

  Then, when the service provision request accepting unit 132a receives the data requesting to provide the service, the authentication requesting unit 133a of the application server 130a authenticates the user who is using the client terminal 140 that has transmitted the data. Data indicating that the request is made is transmitted to the authentication server 110 (S102). The authentication request reception unit 114 of the authentication server 110 receives this data transmitted from the application server 130a.

  Then, when the authentication request receiving unit 114 receives data requesting to authenticate the user, the acquisition data transmission request unit 115 of the authentication server 110 requests acquisition and transmission of data of an individual authentication method. Data to that effect is transmitted to the client terminal 140 used by this user (S103).

  When the client terminal 140 receives from the authentication server 110 data requesting acquisition and transmission of data of an individual authentication method, the client terminal 140 outputs to the user to prompt the user to input the data. Then, the client terminal 140 acquires data of an individual authentication method when the user performs an input operation via an individual authentication unit (S104). Then, the client terminal 140 transmits the acquired individual authentication method data to the authentication server 110 (S105). The acquisition data receiving unit 116 of the authentication server 110 receives this data transmitted from the client terminal 140.

  Then, the determination unit 117 of the authentication server 110 determines whether the data received by the acquired data reception unit 116 matches the master data stored in the master data storage unit 111 (S106). If the acquired data receiving unit 116 has received data of a plurality of authentication methods, the determining unit 117 determines that if there is still data that has not been determined to match (S107: No), the corresponding authentication method for the data Is determined to match the master data.

  When the match determination for all the data received by the acquired data receiving unit 116 is completed (S107: Yes), if the log determination unit 118 of the authentication server 110 needs to determine the match with the log (S108: Yes), The log determination unit 118 includes data received by the acquisition data reception unit 116 and data received by the acquisition data reception unit 116 before that, and is included in the log stored in the data log storage unit 112 Is determined as necessary (S109).

  Then, the reliability determination unit 119 of the authentication server 110 includes the determination result determined by the determination unit 117, the determination result determined by the log determination unit 117 as necessary, and the data stored in the reliability data storage unit 113. Based on the above, the degree of trust of authentication based on these determination results is determined (S110). Then, the reliability determination unit 119 holds data indicating the determined reliability of authentication. When it is not necessary to determine whether the log determination unit 117 matches the log (S108: No), the reliability determination unit 119 stores the determination result determined by the determination unit 117 and the reliability data storage unit 113. The degree of trust of authentication based on the determination result is determined based on the existing data.

  Then, when the reliability determination unit 119 determines the degree of authentication reliability, the reliability determination notification unit 120 of the authentication server 110 transmits data indicating that the authentication reliability level has been determined to the user authentication. The request is transmitted to the requested application server 130a (S111). The reliability determination notification receiving unit 134a of the application server 130a receives this data transmitted from the authentication server.

  Then, the reliability data transmission request unit 135a of the application server 130a indicates the degree of authentication reliability when the reliability determination notification reception unit 134a receives data indicating that the degree of authentication reliability has been determined. Data requesting to transmit data is transmitted to the authentication server 110 (S112). The reliability data transmission request receiving unit 121 of the authentication server 110 receives this data transmitted from the application server 130a.

  Then, when the reliability data transmission request receiving unit 121 receives the data indicating that the reliability data transmission unit 122 of the authentication server 110 requests transmission of data indicating the degree of authentication reliability, the reliability determination unit 119 Data indicating the degree of reliability of the authentication held is transmitted to the application server 130a (S113). The reliability data receiving unit 136a of the application server 130a receives this data transmitted from the authentication server 110.

  Then, when the reliability data receiving unit 136a receives data indicating the reliability of authentication, the appropriateness determination unit 137a of the application server 130a determines whether or not the authentication reliability indicated by this data is appropriate ( S114). For example, the appropriateness determination unit 137a stores the degree of authentication reliability necessary to provide each service. Then, the appropriateness determination unit 137 determines the degree of authentication reliability indicated by the data received by the reliability data receiving unit 136a rather than the authentication reliability necessary to provide the service desired by the user. Is determined to be appropriate.

  When the appropriateness determination unit 137a determines that the degree of trust of authentication is not appropriate (S114: No), the authentication requesting unit 133a sends data to the authentication server 110 requesting to perform authentication again by a combination of different authentication methods. Transmit (S115). The authentication request reception unit 114 of the authentication server 110 receives this data transmitted from the application server 130a. The acquired data transmission request unit 115 of the authentication server 110 receives the data requesting that authentication is performed again by a combination of different authentication methods, and the authentication request reception unit 114 receives the authentication unit combination used first. Data requesting to transmit data acquired by different combinations of authentication means is transmitted to the client terminal 140 used by the target user (S116).

  When the appropriateness determining unit 137a determines that the degree of trust of authentication is appropriate (S114: Yes), the service authority determining unit 138a of the application server 130a stores the data received by the reliability data receiving unit 136a and authority data. Based on the data stored in the unit 131a, the authority of the service to be given to the user who requested the service provision is determined (S117). Then, when the service authority determining unit 138a determines the authority of the service to be granted to the user who has requested the service provision, the service providing unit 139a of the application server 130a provides the user with the service based on this authority (S118).

  FIG. 6 shows an example of data stored in the master data storage unit 111 in a table format. The master data storage unit 111 stores a user ID, master data for semi-fixed password authentication, master data for fingerprint authentication, master data for voiceprint authentication, and master data for IP address authentication in association with each other. The semi-fixed password authentication master data, fingerprint authentication master data, voiceprint authentication master data, and IP address authentication master data are examples of master data of individual authentication methods in the present invention.

  The user ID may be information indicating an ID of a user who wants to receive a service provided by the application server 130. Note that the user ID may be a character string determined by the user, or a character string determined by a provider that provides a service by the application server 130 or a provider that performs an authentication business by the authentication server 110. Also good. In addition, when the same user receives a service provided by different application servers 130, a plurality of user IDs may be registered.

  The semi-fixed password authentication master data may be information composed of an arbitrary character string. The semi-fixed password authentication master data may be a character string determined by a user, or determined by a provider that provides a service by the application server 130 or a provider that performs an authentication business by the authentication server 110. It may be a character string or a character string randomly determined by a computer. Further, the semi-fixed password authentication master data may be changed periodically, and may not be changed once it is determined. The arbitrary character string constituting the master data for semi-fixed password authentication may be a combination of single-byte alphanumeric characters, or may include full-width characters and special symbols.

  The master data for fingerprint authentication may be information indicating a fingerprint that is a pattern of shallow grooves running on the skin of the user's finger. Note that the fingerprint authentication master data may be acquired from the finger of the user's hand or may be acquired from the toe of the user. The fingerprint authentication master data may be acquired from one finger or may be acquired from a plurality of fingers. The master data for fingerprint authentication may be image data acquired by a fingerprint sensor, or may be data obtained by encoding data indicating a feature point of a fingerprint.

  The master data for voiceprint authentication may be information including a pattern obtained by analyzing a user's voice and extracting features. The master data for voiceprint authentication may be user voice data acquired by a microphone, or may be data obtained by encoding pattern data obtained by extracting features from the voice data. The master data for voiceprint authentication may be information including a pattern extracted from features when a user utters a specific word, or information including a pattern from which features are extracted when an arbitrary word is uttered. There may be.

  The master data for IP address authentication may be information indicating the IP address of the client terminal 140 that can be used by the user. Note that the master data of the IP address may be the IP address of the client terminal 140 specified by the user, or specified by the provider that provides the service by the application server 130 or the provider that performs the authentication business by the authentication server 110. The IP address of the client terminal 140 may be used.

  The determination unit 117 determines whether or not the master data stored in the master data storage unit 111 matches the data of the individual authentication method indicated by the data received by the acquired data reception unit 116. For example, when the acquired data reception unit 116 receives data of an individual authentication method transmitted from a user who uses the user ID “taro”, the determination unit 117 stores the master data stored in the master data storage unit 111. Among these, it is determined whether or not it matches the master data associated with the user ID “taro”. For example, the acquired data receiving unit 116 receives the data “aaa” indicating the semi-fixed password and the data “ddd” indicating the fingerprint from the client terminal 140 having the IP address “10.1.1.1”, and the voiceprint data is received. If not received, the determination unit 117 determines that the semi-fixed password, fingerprint, and IP address match the master data, and determines that the voiceprint does not match the master data.

  FIG. 7 shows an example of data stored in the data log storage unit 112 in a table format. The data log storage unit 112 stores reception date / time, user ID, semi-fixed password data, fingerprint data, voiceprint data, and IP address in association with each other. The data indicating the semi-fixed password, the data indicating the fingerprint, the data indicating the voiceprint, and the IP address are examples of the data received by the acquired data receiving unit 116 in the present invention.

  The reception date and time may be information indicating the date and time when the acquisition data reception unit 116 received the data of the individual authentication method transmitted from the client terminal 140. The reception date / time may be information that can be specified up to hour / minute / second, or may be information that can be specified up to hour / minute. Further, when this system is used for a service in which authentication is permitted only once a day, the reception date and time may be information indicating only the date.

  The user ID may be information indicating the ID of the user who transmitted the data received by the acquired data receiving unit 116. Note that the user name may be information indicating an ID input to a text box or the like of the Web browser when the user transmits data of an individual authentication method using the client terminal 140. Further, when an authentication method using Felica, RFID, or the like is adopted, the information may be information indicating an ID read from a Felica card or RFID chip.

  The data indicating the semi-fixed password, the data indicating the fingerprint, and the data indicating the voiceprint may be information indicating the data of the individual authentication method transmitted from the client terminal 140. The IP address may be information indicating the IP address of the client terminal 140 that has transmitted these data. Note that the data indicating the semi-fixed password, the data indicating the fingerprint, and the data indicating the voiceprint do not need to be stored when not transmitted from the client terminal 140.

  The log determination unit 118 determines whether the data stored in the data log storage unit 112 matches the data received by the acquired data reception unit 116. For example, when the acquired data reception unit 116 receives data of an individual authentication method transmitted from a user who uses the user ID “taro”, the log determination unit 118 stores the data stored in the data log storage unit 112. Among these, it is determined whether or not it matches the data indicated by the log most recently received from the user ID “taro”. In the case of this example, among the data stored in the data log storage unit 112, the log most recently received from the user ID “taro” is the data received at the reception date “2009/09/28 13:56:18”. It is a log of. Therefore, the log determination unit 118 determines whether or not the log data associated with the reception date and time “2009/09/28 13:56:18” matches the data received by the acquired data reception unit 116. judge. For example, the acquired data receiving unit 116 receives data “aaa” indicating a semi-fixed password, data “ddd” indicating a fingerprint, and data “ggg” indicating a voiceprint from the client terminal 140 having the IP address “10.1.1.1”. The log determination unit 118 determines that the log does not match the log because the IP address of the log does not match the IP address of the client terminal 140 from which the acquired data reception unit 116 has received the data. I do. When these data are transmitted from the client terminal having the IP address “10.1.1.4”, it goes without saying that the log determination unit 118 determines that the data matches the log. Note that if the date and time when the acquired data 116 received data and the date and time of the latest log of the same user are far apart, the log determination unit 118 may not perform such determination.

  FIG. 8 shows an example of data stored in the reliability data storage unit 113 in a table format. The reliability data storage unit 113 associates a combination of pass / fail that can be assumed as authentication results by semi-fixed password authentication, fingerprint authentication, voiceprint authentication, and IP address authentication, a result of collation with a log, and a degree of authentication reliability. Storing. The combination of pass / fail that can be assumed as an authentication result by semi-fixed password authentication, fingerprint authentication, voiceprint authentication, and IP address authentication is an example of a pass / fail combination that can be assumed as an authentication result by an individual authentication method in the present invention. .

  The combination of pass / fail that can be assumed as authentication results by semi-fixed password authentication, fingerprint authentication, voiceprint authentication, and IP address authentication is assumed as a combination of authentication results indicating whether authentication by each authentication method has been performed or not. It may be information indicating a combination to be obtained. This combination may be determined by a provider that provides a service by the application server 130, or may be determined by a provider that performs an authentication project by the authentication server 110.

  The result of collation with the log may be information indicating a result that can be a determination result of the log determination unit 118. The result that can be the determination result of the log determination unit 118 includes data received by the acquisition data reception unit 116 and data received by the acquisition data reception unit 116 before that, and is stored in the data log storage unit 112. It is a collation result indicating whether or not the data included in the log is consistent.

  The degree of reliability of authentication may be information indicating the degree of reliability of the determination result when the result determined by the determination unit 117 is a possible combination of pass / fail. Note that the degree of trust of authentication may be indicated by a numerical value, or may be indicated by a symbol or a character string. Further, the degree of trust of authentication may be different for each possible pass / fail combination, or may be the same or different for possible pass / fail combinations.

  The reliability determination unit 119 determines the degree of reliability of this authentication based on these data stored in the reliability data storage unit 112 and the determination results of the determination unit 117 and the log determination unit 118. For example, when the determination unit 117 determines that the semi-fixed password, the fingerprint, and the IP address match the master data and the voiceprint does not match the master data, and the log determination unit 118 determines that they match the log, the trust The degree determination unit 119 determines the degree of authentication reliability “corresponding to the combination that matches the combination of the determination results among the degrees of authentication reliability indicated by the data stored in the reliability data storage unit 112. 2 ”is determined as the trust level of authentication to be transmitted to the application server 130. In this example, when the log determination unit 118 determines that the logs do not match, it goes without saying that the reliability determination unit 119 determines the reliability of the authentication associated with the combination that matches the combination in that case. The degree “3” is determined as the degree of authentication reliability to be transmitted to the application server 130.

  FIG. 9 shows an example of data stored in the authority data storage unit 131 in a table format. The authority data storage unit 131 stores authentication reliability, browsing authority, editing authority, and printing authority in association with each other. The viewing authority, the editing authority, and the printing authority are examples of services provided to the user in the present invention.

  The degree of authentication trust may be information indicating the degree of authentication trust that can be transmitted from the authentication server 110. Note that the degree of trust of authentication may be indicated by a numerical value, or may be indicated by a symbol or a character string. However, the degree of trust of authentication must be shown in the same form as the form shown by the authentication server 110 regardless of the form of a numerical value, a symbol, or a character string.

  The viewing authority, the editing authority, and the printing authority may be information indicating authority related to service contents provided by the application server 130. Note that viewing authority, editing authority, and printing authority indicate authority relating to file operations. In this case, the viewing authority, the editing authority, and the printing authority may indicate whether or not these file operations are permitted, or may indicate whether or not a part of the operations is permitted. Good.

  Based on the data stored in the authority data storage unit 131 and the degree of authentication reliability indicated by the data received by the reliability data receiving unit 136, the service authority determining unit 138 determines the degree of authentication reliability. Only when the appropriateness determining unit 137 determines that it is appropriate, the authority of the service to be given to the user is determined. In this example, when the reliability data receiving unit 136 receives data indicating the authentication reliability level “2”, the service authority determining unit 138 includes the service indicated by the data stored in the authority data storage unit 131. Among the authorities, the authority to permit “browsing” and “editing” of the file associated with the authentication reliability degree “2” is determined as the authority of the service to be given to the user.

  As described above, in the service providing system 100, when a service with different authority is provided according to authentication results by a plurality of authentication methods, the processing from the application server 130 that provides such a service is used for authentication. Such a process can be removed, and new entry of a provider who provides a service such as a Web service or an ASP service can be promoted.

  In the service providing system 100, the degree of authentication reliability is determined in advance for combinations of pass / fail that can be assumed as authentication results by individual authentication methods. Therefore, in the service providing system 100, for example, when the technology of the authentication method being used becomes obsolete, out of the degree of authentication reliability indicated by the data stored in the reliability data storage unit 112, the technology The relationship between the degree of trust of authentication stored in the authority data storage unit 131 of each application server 130 and the authority of the service is reset only by lowering the degree of trust that has been set high due to the success of authentication. The quality related to the granting of service authority can be maintained. Further, in the service providing system 100, for example, even when a new technology authentication method is adopted, the same effect can be obtained only by resetting the data stored in the reliability data storage unit 112. Can do.

  FIG. 10 shows an example of a hardware configuration when the authentication server 110 and the application server 130 are each configured by an electronic information processing apparatus such as a computer. The authentication server 110 and the application server 130 include a CPU (Central Processing Unit) peripheral part, an input / output part, and a legacy input / output part. The CPU peripheral section includes a CPU 902, a RAM (Random Access Memory) 903, a graphic controller 904, and a display device 905 that are connected to each other by a host controller 901. The input / output unit includes a communication interface 907, a hard disk drive 908, and a CD-ROM (Compact Disk Read Only Memory) drive 909 connected to the host controller 901 by the input / output controller 906. The legacy input / output unit includes a read only memory (ROM) 910, a flexible disk drive 911, and an input / output chip 912 that are connected to the input / output controller 906.

  The host controller 901 connects the RAM 903, the CPU 902 that accesses the RAM 903 at a high transfer rate, and the graphic controller 904. The CPU 902 operates based on programs stored in the ROM 910 and the RAM 903 to control each unit. The graphic controller 904 acquires image data generated by the CPU 902 or the like on a frame buffer provided in the RAM 903 and displays the image data on the display device 905. Instead of this, the graphic controller 904 may include a frame buffer for storing image data generated by the CPU 902 or the like.

  The input / output controller 906 connects the host controller 901 to the hard disk drive 908, the communication interface 907, and the CD-ROM drive 909, which are relatively high-speed input / output devices. The hard disk drive 908 stores programs and data used by the CPU 902. The communication interface 907 is connected to the network communication device 991 to transmit / receive programs or data. The CD-ROM drive 909 reads a program or data from the CD-ROM 992 and provides it to the hard disk drive 908 and the communication interface 907 via the RAM 903.

  The input / output controller 906 is connected to a ROM 910, a flexible disk drive 911, and a relatively low-speed input / output device such as an input / output chip 912. The ROM 910 stores a boot program executed when the authentication server 110 and the application server 130 are started, or a program depending on the hardware of the authentication server 110 and the application server 130. The flexible disk drive 911 reads a program or data from the flexible disk 993 and provides it to the hard disk drive 908 and the communication interface 907 via the RAM 903. The input / output chip 912 connects various input / output devices via the flexible disk drive 911 or a parallel port, a serial port, a keyboard port, a mouse port, and the like.

  A program executed by the CPU 902 is stored in a recording medium such as a flexible disk 993, a CD-ROM 992, or an IC (Integrated Circuit) card and provided by a user. The program stored in the recording medium may be compressed or uncompressed. The program is installed in the hard disk drive 908 from the recording medium, read into the RAM 903, and executed by the CPU 902. The program executed by the CPU 902 includes the authentication server 110, the master data storage unit 111, the reliability data storage unit 113, the data log storage unit 112, the authentication request reception unit 114, and the acquisition described with reference to FIGS. Data transmission request unit 115, acquisition data reception unit 116, determination unit 117, log determination unit 118, reliability determination unit 119, reliability determination notification unit 120, reliability data transmission request reception unit 121, and reliability data transmission unit 122 The application server 130 is made to function as the authority data storage unit 131, the service provision request reception unit 132, the authentication request unit 133, the reliability determination notification reception unit 134, and the reliability data transmission described with reference to FIGS. The request unit 135, the reliability data receiving unit 136, the appropriateness determining unit 137, the service authority determining unit 138, and the support unit To function as a screw providing unit 139.

  The program shown above may be stored in an external storage medium. As a storage medium, in addition to the flexible disk 993 and the CD-ROM 992, an optical recording medium such as a DVD (Digital Versatile Disk) or a PD (Phase Disk), a magneto-optical recording medium such as an MD (MiniDisk), a tape medium, and an IC card A semiconductor memory or the like can be used. Alternatively, the service providing system 100 may be provided as a program via a network using a storage medium such as a hard disk or RAM provided in a server system connected to a dedicated communication network or the Internet as a recording medium.

  As mentioned above, although this invention was demonstrated using embodiment, the technical scope of this invention is not limited to the range as described in the said embodiment. It will be apparent to those skilled in the art that various modifications or improvements can be added to the above-described embodiment. It is apparent from the scope of the claims that the embodiments added with such changes or improvements can be included in the technical scope of the present invention.

100 service providing system 110 authentication server 111 master data storage unit 112 data log storage unit 113 reliability data storage unit 114 authentication request reception unit 115 acquisition data transmission request unit 116 acquisition data reception unit 117 determination unit 118 log determination unit 119 reliability determination Unit 120 reliability determination notification unit 121 reliability data transmission request reception unit 122 reliability data transmission unit 130 application server 131 authority data storage unit 132 service provision request reception unit 133 authentication request unit 134 reliability determination notification reception unit 135 reliability data Transmission request unit 136 Reliability data receiving unit 137 Appropriateness determining unit 138 Service authority determining unit 139 Service providing unit 140 Client terminal 150 Communication line 200 Information displayed on display 210 Content prompting input of ID 211 Text Box 220 prompts input of authentication data content 230 button 300 dialog box 310 the text box 320 button 901 the host controller 902 CPU
903 RAM
904 Graphic controller 905 Display device 906 Input / output controller 907 Communication interface 908 Hard disk drive 909 CD-ROM drive 910 ROM
911 Flexible disk drive 912 I / O chip 991 Network communication device 992 CD-ROM
993 Flexible disk

Claims (9)

A service providing system that provides services with different authorities according to authentication results by a plurality of authentication methods,
An authentication device that performs authentication by the plurality of authentication methods, and a service providing device that provides a service with different authority according to an authentication result performed by the authentication device,
The authentication device
An acquisition data receiving unit for receiving data of an individual authentication method acquired by an individual authentication means provided in a terminal used by a user from the terminal;
A determination unit that determines whether the data of the individual authentication method received by the acquired data reception unit and the master data of the individual authentication method acquired in advance by the individual authentication method respectively match;
Based on the combination of the authentication method to which each data determined to match as a result of the determination by the determination unit and the authentication method to which each data determined not to match belongs, A reliability determination unit that determines the degree of trust;
A reliability data transmission unit that transmits data indicating the reliability of authentication determined by the reliability determination unit to the service providing device;
The service providing apparatus includes:
A reliability data receiving unit that receives data indicating the degree of trust of the authentication transmitted from the authentication device;
Based on the data received by the reliability data receiving unit, a service authority determining unit that determines authority of a service provided to the user;
A service providing system comprising: a service providing unit that provides a service to the user according to the authority determined by the service authority determining unit. The authentication device
A master data storage unit for storing master data acquired in advance by an authentication unit belonging to the individual authentication method;
The acquisition data receiving unit, when receiving the master data from the terminal, stores in the master data storage unit,
The determination unit determines whether or not the individual authentication method data received by the acquired data reception unit and the individual authentication method master data stored in the master data storage unit match each other. Item 4. The service providing system according to Item 1. The authentication device
A reliability data storage unit that stores data indicating a combination of pass / fail that can be assumed as an authentication result by the individual authentication method and data indicating a degree of authentication reliability in association with each other;
The reliability determination unit matches the result determined by the determination unit out of the pass / fail combinations that can be assumed as authentication results by the individual authentication method indicated by the data stored in the reliability data storage unit. The authentication method to which each data determined to be matched and the combination of the authentication methods to which each data determined to be inconsistent are identified are associated with the data indicating the specified combination. The service providing system according to claim 1, wherein the degree of trust of authentication indicated by the data is determined as the degree of trust of authentication to be transmitted to the service providing apparatus. The authentication device
A data log storage unit that stores data received by the acquired data reception unit as a log;
Whether or not the data received by the acquired data receiving unit and the data received by the acquired data receiving unit before that and included in the log stored in the data log storage unit And a log determination unit for determining
The service providing system according to any one of claims 1 to 3, wherein the reliability determination unit determines the degree of reliability of the authentication based further on a result determined by the log determination unit. The reliability data storage unit is included in data received by the acquired data receiving unit and data received by the acquired data receiving unit prior to the log stored in the data log storage unit Store data indicating results that can be collation results indicating whether or not the data match,
The reliability determination unit further identifies a matching result indicated by the data associated with the data indicating the identified combination that matches the result determined by the log determination unit, and is identified. The service providing system according to claim 4, wherein the degree of authentication reliability indicated by the data associated with the data indicating the matching result is determined as the degree of authentication reliability to be transmitted to the service providing apparatus. A control method for controlling a service providing system that provides services with different authorities according to authentication results by a plurality of authentication methods,
An acquisition data receiving step in which an authentication device that performs authentication by the plurality of authentication methods receives data of an individual authentication method acquired by an individual authentication unit provided in a terminal used by a user from the terminal. When,
The authentication apparatus determines whether the data of the individual authentication method received in the acquisition data reception stage matches the master data of the individual authentication method acquired in advance by the individual authentication method. A determination unit;
As a result of the determination in the determination step, the authentication device is based on a combination of authentication methods to which each data determined to match and an authentication method to which each data determined to not match belong. A reliability determination stage for determining the degree of trust of authentication based on the determination result;
A reliability data transmission step in which the authentication device transmits data indicating the reliability of authentication determined in the reliability determination step to the service providing device;
A reliability data receiving step in which a service providing apparatus that provides services with different authorities according to an authentication result performed by the authentication apparatus receives data indicating a degree of trust of the authentication transmitted from the authentication apparatus;
A service authority determining step in which the service providing apparatus determines the authority of the service provided to the user based on the data received in the reliability data receiving step;
A control method comprising: a service providing stage in which the service providing apparatus provides a service to the user according to the authority determined in the service authority determining stage. A program for a service providing system that provides services with different authorities according to authentication results by a plurality of authentication methods,
An authentication device that performs authentication by the plurality of authentication methods,
An acquisition data receiving unit for receiving data of an individual authentication method acquired by an individual authentication means provided in a terminal used by a user from the terminal;
A determination unit that determines whether the data of the individual authentication method received by the acquired data reception unit and the master data of the individual authentication method acquired in advance by the individual authentication method respectively match.
Based on the combination of the authentication method to which each data determined to match as a result of the determination by the determination unit and the authentication method to which each data determined not to match belongs, A reliability determination unit for determining the degree of trust,
Function as a reliability data transmission unit that transmits data indicating the reliability of authentication determined by the reliability determination unit to the service providing device;
A service providing apparatus that provides a service with different authority according to an authentication result performed by the authentication apparatus;
A reliability data receiving unit that receives data indicating the degree of reliability of the authentication transmitted from the authentication device;
A service authority determining unit that determines authority of a service to be provided to the user based on data received by the reliability data receiving unit as a service providing unit that provides a service to the user according to the authority determined by the service authority determining unit A program to function. An authentication device that performs authentication using a plurality of authentication methods,
An acquisition data receiving unit for receiving data of an individual authentication method acquired by an individual authentication means provided in a terminal used by a user from the terminal;
A determination unit that determines whether the data of the individual authentication method received by the acquired data reception unit and the master data of the individual authentication method acquired in advance by the individual authentication method respectively match;
Based on the combination of the authentication method to which each data determined to match as a result of the determination by the determination unit and the authentication method to which each data determined not to match belongs, A reliability determination unit that determines the degree of trust;
An authentication apparatus comprising: a reliability data transmission unit that transmits data indicating a degree of authentication reliability determined by the reliability determination unit to a service providing apparatus that provides a service with different authority according to the authentication result. A service providing apparatus that provides a service with different authority according to an authentication result performed by an authentication apparatus that performs authentication by a plurality of authentication methods,
A reliability data receiving unit that receives data indicating the degree of trust of the authentication transmitted from the authentication device;
A service providing apparatus comprising: a service authority determining unit that determines authority of a service provided to the user based on data received by the reliability data receiving unit.

Images