JP2017156993A - Authentication server and authentication server program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To easily increase authentication intensity by an authentication method using a user ID and a password and a login history.SOLUTION: An illegitimate access terminal 5 which has made an illegitimate login request to a service providing site 4 is determined such that a service is not made available unless a user ID and password of a legitimate user terminal 2 are input by a preliminarily designated number of times. Further, when terminal information of the user terminal 2 is the same, and multiple user IDs are input within a fixed time, it is determined that the user terminal is the illegitimate access terminal 5 on the basis of a history of login to the service providing site 4. Furthermore, even when the terminal information of the user terminal 2 is the same, and the user ID and password of the legitimate user terminal 2 are input first, it is determined that the user terminal is the illegitimate access terminal 5 unless the next login is tried within the fixed time.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an authentication server and an authentication server program for authenticating a person to be authenticated using a password.

  When logging in to a service or system on the network, the person to be authenticated enters a user ID and password and is registered in association with the user ID in order to confirm whether the person to be logged in is valid. An authentication technique that enables login only when the registered password and the input password match is common.

  In such an authentication method using a user ID and password, a method of periodically changing the registered password or the number of characters of the registered password can be used as a method to prevent a third party's password estimation and unauthorized attacks attempting to log in to the list type. A method for increasing the number of times has been proposed. In the authentication method described in Patent Document 1, in order to increase the authentication strength, the user ID and password are held in the IC card, and the ID and password in the IC card are read using an IC card reader or the like. The password is encrypted by another password entered by the user and sent to the server for authentication.

  Further, as a method for preventing unauthorized login to the user ID and password registered in the system, WAF (Web Application Firewall), IDS (Instruction Detection System), IPS (Instruction Prevention System), and the like are known. In these methods, a user terminal device that attempts unauthorized login based on continuous login attempts to the same user ID or login attempts / access tendency to the entire system is detected, and based on information such as an IP address, Block access.

JP 2003-178034 A

  However, in the above authentication method, there is a possibility that a third party may be able to log in if an unauthorized login is attempted using a list of user IDs and passwords obtained from another website (list type attack). It was.

  Therefore, an object of the present invention is to provide an authentication server and an authentication server program for realizing more accurate authentication for preventing login by a list type attack.

  In the first aspect of the present invention, storage means for registering the first authentication information set by the user terminal, acceptance means for accepting input of the second authentication information from the user terminal, and the second The recording means for recording the number of times the authentication information is accepted by the acceptance means, the first authentication information registered in the storage means, and the second authentication information accepted by the acceptance means are collated. A verification unit that determines whether or not authentication is possible for authentication information that is input when the number of times of input reception recorded by the recording unit satisfies a predetermined number of times of start of authentication set in advance. A result storage unit that stores the date and time when the authentication information is input, the user terminal information for specifying the input user terminal, and the authentication result in the authentication determination unit in association with each other; A history storage means for recording as a history each time the storage of the result storage means is rewritten, a fraud determination means for judging fraud of a login request from a user terminal based on the history recorded in the result storage means, There is provided an authentication server characterized in that the result storage means comprises authentication result monitoring means for confirming the date and time when the user authentication result and the authentication information are inputted at regular intervals.

  In the invention according to claim 2, the fraud determination means includes the first authentication information in the history recorded by the history storage means, wherein the user terminal information is the same and more than a set number of times. The second authentication information whose degree of coincidence with a predetermined threshold value is input in a time shorter than the time set by the difference in input date and time, and a user terminal whose authentication result is “authentication rejected” is an unauthorized user terminal The authentication server according to claim 1 is provided.

  In the invention according to claim 3, the fraud determination unit is not authenticated by the authentication determination unit, and the user ID is changed when the user ID is changed a certain number of times even though the user terminal information is the same. 3. The authentication server according to claim 1, wherein the determination as to whether or not authentication is possible is stopped for a user ID.

  In the invention according to claim 4, the fraud determination unit includes the second terminal in which the user terminal information is the same in the history recorded by the history storage unit and is longer than a set time. The authentication server according to any one of claims 1 to 3, wherein an unauthorized user terminal is determined from user terminals whose authentication information is not input more than the set number of times.

  According to a fifth aspect of the present invention, there is provided an authentication server program for controlling the authentication server according to any one of the first to fourth aspects, wherein the authentication server is first authentication information set by a user terminal. Storing means for registering, receiving means for receiving input of second authentication information from the user terminal, recording means for recording the number of times the authentication information has been received by the receiving means, and the storage The first authentication information registered in the means and the second authentication information for which the input is accepted by the accepting means, and the number of input acceptances recorded by the recording means is a predetermined authentication set in advance. For the authentication information input when the start count is satisfied, the authentication determination means for determining whether authentication is possible, the date and time when the second authentication information is input, and the user terminal that has made the input And the result storage means for recording the user terminal information and the authentication result in the authentication determination means in association with each other, and based on the history recorded in the result storage means, the login request from the user terminal is fraudulent. There is provided an authentication server program characterized in that a fraud determination means for judging and the result storage means function as an authentication result monitoring means for confirming a date and time when a user authentication result and authentication information are inputted at regular intervals.

ADVANTAGE OF THE INVENTION According to this invention, the more accurate authentication which can suppress the unauthorized login by list type | mold attack can be provided.
It should be noted that the above summary of the invention does not enumerate all the necessary features of the present invention. A sub-combination of these feature groups can also be an invention.

An example of the communication environment of the system 1 is shown schematically. An example of a functional composition of password authentication server 42 is shown roughly. An example of the flow of user setting registration processing is schematically shown. An example of the flow of authentication processing will be schematically shown. An example of the flow of the status management process, which is a part of the authentication process flow, is schematically shown. An example of the flow of the status management table check process in the password authentication server 42 is schematically shown. An example of the flow of the log check process in the password authentication server 42 is shown schematically. An example of the registration authentication information table in the password authentication server 42 is shown schematically. An example of the setting information table in the password authentication server 42 is shown schematically. An example of a user registration screen is shown roughly. An example of a user display screen at the first time is schematically shown. An example of a user display screen at the time of an authentication failure response is shown roughly. An example of a user display screen at the time of account lock is shown roughly. An example of a log is shown roughly. An example of a log when timeout exists is shown roughly. An example of the status management table in the password authentication server 42 is shown schematically.

  Hereinafter, the present invention will be described through embodiments of the invention, but the following embodiments do not limit the invention according to the claims. In addition, not all the combinations of features described in the embodiments are essential for the solving means of the invention.

  FIG. 1 schematically shows an example of a communication environment of a network service providing system 1. The network service providing system 1 may be a system provided by a business operator that operates the service providing site 4. The network service providing system 1 may be an example of a wireless communication system.

  The network service providing system 1 includes a user terminal 2 having a communication function, a service providing server 41 that provides a service providing site 4, and a password authentication server 42.

  The user terminal 2 is a terminal used by a legitimate user having access authority, and communicates with the password authentication server 42 via the service providing server 41 that connects to the network 3 and provides the service providing site 4. The network 3 includes a telephone network and the Internet. The user terminal 2 is a device having a communication function, and is, for example, a mobile phone such as a smartphone, a tablet terminal, a PC (Personal Computer), or the like.

  The unauthorized access terminal 5 is a terminal used by a malicious user who does not have access authority, and is a virtual terminal that appears in the description of this embodiment. The unauthorized access terminal 5 is a terminal that can communicate with the service providing server 41 and the password authentication server 42 via the network 3, and is, for example, a PC or a tablet terminal.

  FIG. 2 schematically shows an example of the functional configuration of the password authentication server 42. The password authentication server 42 includes an authentication information storage unit 202, an input reception unit 204, an input reception number recording unit 206, a communication unit 208, a verification unit 210, an authentication determination unit 212, a history storage unit 214, a time counting unit 216, a control unit 218, The result recording unit 220, the fraud determination unit 222, and the authentication result monitoring unit 224 are provided.

  The control unit 218 is an arithmetic processing device such as a CPU that performs various arithmetic processes necessary for controlling each unit of the password authentication server 42. In addition, each unit 202 to 224 to be described later is controlled by executing a predetermined program such as OS and firmware in the control unit 218, and a semiconductor device, an electronic circuit, other hardware, or software having the function, Or it can comprise as a functional module comprised by these combination. In the present embodiment, the control unit 218 executes the authentication server program according to the present invention to constitute a functional module as the authentication server of the present invention.

  The authentication information storage unit 202 is a storage unit that receives input from the user terminal 2 in the input reception unit 204 and registers the set first authentication information. The first authentication information may include, for example, a name, an address, a telephone number, an email address, a user ID, a password, and the number of login attempts (authentication start number). In addition, when the account lock function is provided, the number of locks may be included.

The input reception number recording unit 206 is a recording unit that records the number of times the second authentication information is received from the user terminal 2 via the input reception unit 204 as the reception number.
The communication unit 208 includes a wired communication interface circuit such as Ethernet (registered trademark). The communication unit 208 communicates with the user terminal 2 and the like via the network 3. Then, the communication unit 208 supplies data received from the user terminal 2 and the like to each unit via the control unit 218. The communication unit 208 may include a wireless communication interface circuit.

  The collation unit 210 collates the input reception number recorded in the input reception number recording unit 206 with the number of login attempts stored in the authentication information storage unit 202, and the collated data is sent to the authentication determination unit 212 via the control unit 218. It is the collation means to transmit. The collation unit 210 may collate the authentication information stored in the authentication information storage unit 202 with the authentication information received in the input reception unit 204 and transmit the verification information to the authentication determination unit 212.

  The authentication determination unit 212 is an authentication determination unit that compares the number of input receptions verified by the verification unit 210 with the number of login attempts and determines whether or not to authenticate. Further, it is determined whether or not the authentication information verified in the verification unit 210 should be authenticated.

  The history storage unit 214 is a history storage unit that stores each time a log history received using the user terminal 2 or another terminal such as the unauthorized access terminal 5 is rewritten. The log history includes, for example, the source IP address, the date and time when the second authentication information was input, the user ID as user terminal information for specifying the input user terminal, and the response content for the login attempt. Good.

The timer unit 216 records the date and time when the input receiving unit 204 has received the input of authentication information, and transmits the date and time to the history storage unit 214 and the result recording unit 220.
The result recording unit 220 is a result storage unit that registers the result of the authentication determination unit 212, the date / time received from the time measuring unit 216 (the date / time when the second authentication information is input), and the user ID (user terminal information) in association with each other. Storage device.

  The fraud determination unit 222 is a module for determining whether or not the login request from the user terminal 2 is illegal based on the log history stored in the history storage unit 214, and whether or not the user who attempted the login is illegal at each set time. Fraud determination means for determining For example, the fraud determination unit 222 has the same user terminal information (or user ID or the like) in the log history recorded in the history storage unit 214 and more than the set number of times. The second authentication information whose degree of coincidence falls below a predetermined threshold is input in a time shorter than the set time, and the user terminal 2 whose authentication result is “authentication rejected” is regarded as an unauthorized user terminal. to decide.

  In addition, the fraud determination unit 222 performs authentication determination for the user ID when the user ID is changed more than a certain number of times even though the authentication determination unit 212 is not authenticated and the transmission source information is the same. It also has a function of stopping the determination of whether or not authentication is possible. Further, the fraud determination unit 222 has the same second authentication information in the log history recorded in the history storage unit 214, with the same user terminal information (or user ID, etc.) and longer than the set time. There is also a function of determining an unauthorized user terminal 2 for a user terminal 2 in which the number of times of not inputting is larger than the set number of times.

  The authentication result monitoring unit 224 calculates the difference between the date and time when the input of authentication is received at the end of each user ID registered in the result recording unit 220 and the current time at a set fixed time, and after the set time or more It is an authentication result monitoring means for confirming a user ID and updating information. The confirmation process includes a process of comparing the difference with a predetermined threshold value, and the user ID information itself may be deleted depending on the comparison result and the authentication result.

  FIG. 3 is a flowchart showing an example of processing executed for registering user information in the authentication server in the network service providing system 1. In FIG. 3, when the service is used in the user terminal 2, a state where the service is accessed for the first time will be described as a start state. The service here is, for example, a web-based electronic commerce site, an SNS site, a paid news providing site, or the like.

  First, a predetermined URL is input from the browser of the user terminal 2 to access the service providing server 41, and a service home screen is displayed on the browser of the user terminal 2. On the service home screen, there are both a login input guide for user registrants who can log in by entering a user ID and password, and a user registration request guide for unregistered users who do not have a user ID and password. Is displayed. In order to receive service provision, it is necessary to first register as a user and set and register a user ID / password as first authentication information. Therefore, an unregistered user presses the user registration request button according to the user registration request guide. Then, in step S302, a user information setting request is transmitted from the user terminal 2 to the service providing server 41.

  Subsequently, in step S304, the service providing server 41 transmits a user information setting input screen to the user terminal 2 in response to receiving the user information setting request. In S304, when the service providing server 41 receives a user information setting request from the user terminal 2, the service providing server 41 acquires user terminal information that is identification information of the user terminal 2, for example, a transmission source MAC address, as a setting request history. May be stored. In addition, a list of MAC addresses registered as unauthorized access terminals 5 is held in the service providing server 41, and if it is determined that the user is an unauthorized user terminal by comparing with the MAC address, the function is made not to perform step S304. May be. If the service providing server 41 holds a list of IP addresses of the user terminals 2 registered as the unauthorized access terminal 5 and is compared with the IP address of the user terminal 2 and is determined to be an unauthorized user terminal, You may make it function so that step S304 may not be performed.

  In step S306, the user terminal 2 displays the user information setting input screen received in S304 on the browser. The data format of the user information setting input screen is, for example, an HTML format that can be displayed by a Web browser.

  FIG. 10 is an example of a user information setting input screen displayed on the browser of the user terminal 2 in S306. The user information to be registered includes, for example, the user's name, phonetic, postal code, address, telephone number, e-mail address, user ID, password, which is the first authentication information that the user desires to register, and whether to authenticate Or the number of login attempts. However, the present invention is not limited to this, and another type of user information may be input. Here, the number of login attempts for determining whether or not to authenticate is the number of times (authentication start number) for determining how many times the login information input is used for authentication. That is, when the number of login attempts is input as 3 in FIG. 10, even if the user ID / password that is the correct second authentication information is input from the user terminal at the time of authentication, The screen in FIG. 12 is displayed on the user terminal 2 as an authentication failure by an instruction from the service providing server 41. At this time, on the service providing server 41 side, the number of times of accepting input by the accepting means is stored.

  In FIG. 12, when authentication fails, for example, “Authentication is not possible. Please enter again.” Is displayed, and the user ID and password, which are the second authentication information, are displayed again in the user ID input field 1202 and password input field 1204. Prompt for Subsequently, the user re-enters the user ID and password as the second authentication information, but FIG. 12 is displayed until the total number of inputs within a predetermined time reaches the number of trials 3, and the number of input Only when the total reaches the number of trials 3, authentication is executed by the password authentication server 42 whether the entered ID and password are correct. If the authentication is OK, the user terminal 2 receives a service from the service providing server 41. It becomes possible.

  In addition to the user information setting items in FIG. 10, the input screen is not shown, but the setting information in FIG. 9 may be registered. For example, FIG. 10 illustrates the case where the number of login attempts is 3 and the user-specified fixed value has been described. From the first time, the login input is stopped, that is, the input screen is locked out (the number of consecutive inputs). It may be possible to select a setting that is randomized between the number of times out. If the setting to be random is selected, for example, as shown in FIG. 11, the setting is displayed in an authentication reception number display field 1106 indicating the number of login attempts for determining whether or not to authenticate. Further, when the number of trials is 3, even if the ID / password is erroneously entered at the number of trials 3, it may be possible to set the number of times to operate the authentication function as a predetermined number of times after receiving the number of trials. Moreover, you may set the frequency | count of continuous input used as the frequency | count of lockout. Furthermore, as a condition for determining the number of continuous inputs, a time interval regarded as continuous input may be set. These settings may be reset and changed after user registration. With these settings, the strength and convenience of security can be changed.

  Subsequently, in step S308, the user terminal 2 transmits a user information registration request including the user information input in S306 to the service providing server 41. Upon receiving the user information registration request, the service providing server 41 transfers the user information registration request to the password authentication server 42. In S308, the user terminal 2 may be operated to directly transmit to the password authentication server 42 without using the service providing server 41.

  In step S <b> 310, the password authentication server 42 confirms whether there is a description defect in the user information received from the user terminal 2, such as a lack of information or a difference in data format. Alternatively, it is also checked whether an already registered ID is used or whether it is already registered and duplicate registration is performed. If it is determined that there is no problem in registration, registration is performed in the authentication information storage unit 402. The user information necessary for authentication may be determined by the service provider, and for example, a user ID, a password, and the number of login attempts may be stored in association with each other.

  FIG. 8 shows an example of registered authentication information registered in the authentication information storage unit 202 in step S310. In the example shown in FIG. 8, the user information input on the user information setting input screen of FIG. 8 is recorded in association with each user.

  Next, in step S312, the password authentication server 42 transmits to the service providing server 41 that the received user information has been stored as a user information registration completion report.

In step S <b> 314, the service providing server 41 transmits a registration completion screen to the user terminal 2 in response to receiving the registration completion report from the password authentication server 42.
The registration completion screen may be transmitted directly from the password authentication server 42 to the user terminal 2 without using the service providing server 41.

  In step S316, the user terminal 2 receives the registration completion screen from the service providing server 41, and displays the registration completion screen on the screen of the user terminal 2. According to the process of this flowchart, the user information of the user terminal 2 can be correctly registered. Note that an input screen displayed in S406 of FIG. 11, that is, a login input screen for starting a service may be displayed in the registration completion screen. This is because the user can start the authentication flow of FIG. 4 from step S406 as soon as registration is completed.

  FIG. 4 is a flowchart showing an example of processing executed when the network service providing system 1 authenticates whether or not the user is correct. The processing represented by this flowchart is executed as part of the processing by the authentication service process executed when the user terminal 2 tries to receive service provision at the service providing server 41, for example. The process of this flowchart is a state started when the user information input from the user terminal is stored in the authentication server.

  In step S402, the user terminal 2 transmits a service content acquisition request to the service providing server 41 in order to use the service. Specifically, for example, the user terminal 2 inputs a predetermined URL into the browser. Based on this URL, the browser accesses the service providing server 41 and requests transmission of the home screen to the user terminal 2 as a content acquisition request. In S402, when the service providing server 41 receives the service content acquisition request from the user terminal 2, the service providing server 41 may acquire and store the identification information of the user terminal 2, for example, the transmission source MAC address as the setting request history. Good. Further, a list of MAC addresses registered in advance as the unauthorized access terminal 5 is held in the service providing server 41, and if it is determined that the user is an unauthorized user terminal by comparing with the MAC address, step S404 is not performed. May function.

  In step S404, the service providing server 41 that has received a content acquisition request, for example, a request to transmit a home screen to the user terminal 2, determines whether or not the user terminal 2 that has transmitted the content acquisition request is a correct user. An instruction to display the authentication request screen is transmitted to the user terminal 2.

In step S406, the user terminal 2 displays an authentication information input screen in response to receiving an instruction to display an authentication request screen from the service providing server 41.
An example of the authentication information input screen displayed on the user terminal 2 is shown in FIG. The authentication information input screen may be a case where the user terminal 2 logs in for the first time to receive a service. Information input by the user includes, for example, a user ID input field 1002 and a password input field 1104. Further, it may be displayed in an authentication reception number display field 1106 indicating the number of login attempts for determining whether or not to authenticate. Note that the display field 1106 is a number based on an image and can only be read by a person. This makes it possible for the user to know in advance how many times authentication will be performed when the user ID and password are entered consecutively without the number of login attempts (authentication acceptance number) being known to the list-type unauthorized access terminal. The user ID and password can be input without mistakes in the number of times authentication is performed. When the user presses the OK button 1108 after entering the user ID and password, FIG. 12 is displayed until the number of consecutive inputs reaches the authentication acceptance number. As described above, the user ID and password are requested to be input again in FIG.

  Returning to FIG. 4, when the user terminal 2 selects the OK button 1108 in step S <b> 408, the user terminal 2 transmits the input authentication information to the service providing server 41. The authentication information includes a user ID and a password.

Subsequently, in step S410, the service providing server 41 transfers the input authentication information to the password authentication server 42 in response to receiving the authentication information from the user terminal 2.
In step S412, the password authentication server 42 receives the authentication information from the service providing server 41 and performs status management processing.

FIG. 5 is a flowchart showing an example of the status management process in step S412 in the password authentication server 42.
In step S502, authentication information is received from the service providing server 41, and the process proceeds to step S504.

  In step S504, it is determined whether the authentication ID included in the authentication information exists in the status management table as shown in FIG. If it exists in the status management table, the process proceeds to step S506. If not, the process proceeds to step S528.

  FIG. 16 is an example of a status management table. The user ID input at the user terminal 2 that attempted the authentication, the date and time when the last authentication was attempted with the user ID, the status indicating the result of the authentication attempt, and the number of times the authentication was accepted with the user ID may be stored. The status is an example of setting CORRECT, FAIL, CORRECT_TIMEOUT, LOCK, but this is not the case.

In step S506, the authentication ID reception count in the status management table is incremented by 1, and the last trial date is updated to the current date. Thereafter, the process proceeds to step S508.
In step S508, the status of the authentication ID is determined. If the status is CORRECT, the process proceeds to step S512. If the status is FAIL, the process proceeds to step S520. If the status is LOCK, the process proceeds to step S510.

In step S510, the status LOCK of the authentication ID and the current date and time are output to the log as shown in FIG. 14, and the process proceeds to step S536.
FIG. 14 is an example of a log recorded by the password authentication server 42. The source IP address for which authentication was attempted, the date and time when authentication was attempted, the input user ID and the authentication result are output.

  In step S512, the number of receptions and the number of authentication starts are compared. If the authentication start count is larger than the reception count, the process proceeds to step S536. If the reception count and the authentication start count are the same, the process proceeds to step S514. If the authentication start count is smaller than the reception count, the process proceeds to step S522.

  In step S514, it is determined whether or not the password input as the authentication information is an authentication ID. If the password is an authentication ID, the process proceeds to step S516. If the password is not an authentication ID, the process proceeds to step S520.

In step S516, the status of authentication ID SUCCESS and the current date and time are output to the log, and the process proceeds to step S518.
In step S518, the authentication ID information is deleted from the status management table, and the process proceeds to step S536.

  In step S520, the status corresponding to the authentication ID in the status management table is set to FAIL, the authentication ID status FAIL and the current date and time are output to the log, and the process proceeds to step S536.

  In step S522, it is determined whether the number of receptions and the number of lockouts match. If they match, the process proceeds to step S526. If not, the process proceeds to step S524.

  In step S524, the status corresponding to the authentication ID in the status management table is set to FAIL, the authentication ID status FAIL and the current date and time are output to the log, and the process proceeds to step S536.

  In step S526, the status corresponding to the authentication ID in the status management table is set to LOCK, the status LOCK of the authentication ID and the current date and time are output to the log, and the process proceeds to step S536.

  In step S528, the input authentication information is registered in the status management table. At that time, the number of times the corresponding authentication ID is accepted in the status management table is set to 1, and the current date and time are set as the last trial date and time.

  In step S530, it is determined whether or not the password input as authentication information is an authentication ID. If the password is for the authentication ID, the process proceeds to step S532. If the password is not an authentication ID, the process proceeds to step S534.

In step S532, the status SUCCESS of the authentication ID and the current date and time are output to the log, and the process proceeds to step S536.
In step S534, the status FAIL of the authentication ID and the current date and time are output to the log, and the process proceeds to step S536.
In step S536, the status output to the log in the previous step of step S536 is transmitted to the service providing server 41.

Returning to FIG. 4, in step S <b> 414, the password authentication server 42 transmits the result of the status management in step S <b> 412 to the service providing server 41.
In step S 416, the service providing server 41 determines the status management result received from the password authentication server 42. If the result of status management is CORRECT, the authentication re-request screen shown in FIG. 12 is transmitted to the user terminal 2 (step S418). If the result of status management is SUCCESS, service content distribution is performed to the user terminal 2 (step S422). If the status management result is LOCK, the lock screen shown in FIG. 13 is transmitted to the user terminal 2 (step S426). As a condition for releasing the lockout, the lockout may be released automatically when a predetermined time elapses or may not be released unless the system administrator performs a reset operation. Alternatively, the user terminal 2 that has been locked out may be regarded as an unauthorized access terminal 5 and the acquired MAC address or IP address of the user terminal may be added to the black list for connection rejection.

  In step S418, in response to the status management result CORRECT or FAIL being received from the password authentication server 42, the service providing server 41 prompts the user terminal 2 to re-enter the authentication information and the authentication information. An instruction to display an authentication re-request screen, for example, FIG. 12, is transmitted.

  In step S420, as shown in FIG. 12, the user terminal 2 displays on the browser that the authentication has failed, and prompts the user to input authentication information again. In FIG. 12, information input by the user includes, for example, a user ID input field 1102 and a password input field 1104. Further, although the authentication reception number is displayed in the display column 1006 on the initial login screen of FIG. 11, an authentication reception number display column may be provided in FIG.

Since the flow after input in the re-input screen display of FIG. 12 is the same as the flow after step S408, description thereof is omitted.
In step S420, the user terminal 2 displays the authentication re-request screen received from the service providing server 41 on the screen of the user terminal 2 and prompts the user to re-enter authentication information.

  In step S424, the user terminal 2 displays the service content received from the service providing server 41 on the screen of the user terminal 2. The user terminal executes the content and ends the process of this flowchart.

  In step S428, the user terminal 2 displays the lock screen of FIG. 13 received from the service providing server 41. After displaying the lock screen, authentication may not be performed with an ID input by the user terminal 2 for a certain period of time.

  FIG. 6 is a flowchart schematically showing an example of the status management table check processing flow in the password authentication server 42. The process represented by this flowchart is performed at regular intervals for each authentication ID registered in the status management table, for example.

  In step S602, the password authentication server 42 determines the status of the authentication ID. When the status of the authentication ID is other than CORRECT or LOCK, the status of another authentication ID is determined. If the status of the authentication ID is CORRECT, the process proceeds to step S604. If the status of the authentication ID is LOCK, the process proceeds to step S606.

  In step S604, the password authentication server 42 determines whether or not the difference between the current date and time and the last trial date and time of the authentication ID is within a preset valid trial time. If the determination result is within the trial valid time, the process proceeds to the status check process for the next authentication ID. If it is outside the trial valid time, the process proceeds to step S608.

  In step S606, the password authentication server 42 determines whether or not the difference between the current date and time and the last attempt date and time of the authentication ID is within a preset unlock time. If the determination result is within the lock release time, the process proceeds to the status check process for the next authentication ID. If the determination result is outside the unlock time, the process proceeds to step S610.

  In step S608, the password authentication server 42 outputs the authentication ID, the authentication date and time, and CORRECT_TIMEOUT indicating that the effective validity time has passed since the previous authentication in the log of FIG. After outputting, the process proceeds to step S610.

FIG. 15 is an example of a log that outputs CORRECT_TIMEOUT. The source IP address for which authentication was attempted, the date and time when authentication was attempted, the input user ID and the authentication result are output.
In step S610, the password authentication server 42 deletes the authentication ID whose status has been confirmed from the status management table. After the deletion process, the process proceeds to the status check process for the next authentication ID.

FIG. 7 is a flowchart showing an example of processing for extracting the user terminal 2 that attempted to illegally access from the output log in the password authentication server 42.
In step S <b> 702, the password authentication server 42 extracts a log for a predetermined time for the fraud check.

  In step S704, the password authentication server 42 calculates the number of times CORRECT_TIMEOUT has occurred in the same user terminal 2 and with a different user ID from the extracted log.

  In step S706, the password authentication server 42 determines whether or not the number of times that the CORRECT_TIMEOUT is reached is equal to or greater than the preset number of fraud determinations. If the number of times of CORRECT_TIMEOUT is equal to or greater than the number of fraud attempt determinations, the user terminal 2 may be determined to be an unauthorized access terminal and may not be accessed thereafter. In addition, the service manager may be contacted (step S708).

  According to the above flow, in order to manage the status of each user terminal that has attempted access, the number of receptions, and the date and time of the last attempt, and to output to the log, identify the user terminal that attempts unauthorized access with multiple user IDs in a short time Can increase security strength.

DESCRIPTION OF SYMBOLS 1 ... Network service provision system 2 ... User terminal 3 ... Network 4 ... Service provision site 5 ... Unauthorized access terminal 41 ... Service provision server 42 ... Password authentication server 202 ... Authentication information storage part 204 ... Input reception part 206 ... Input reception frequency record 208: Communication unit 210 ... Verification unit 212 ... Authentication determination unit 214 ... History storage unit 216 ... Timekeeping unit 218 ... Control unit 220 ... Result recording unit 222 ... Fraud determination unit 224 ... Authentication result monitoring unit 402 ... Authentication information storage unit 1002 ... Input field 1006 ... Display field 1102 ... Input field 1104 ... Input field 1106 ... Display field 1108 ... OK button 1202 ... Input field 1204 ... Password input field

Claims (5)

Storage means for registering the first authentication information set by the user terminal;
Accepting means for accepting input of second authentication information from the user terminal;
Recording means for recording the number of times of accepting the input by the accepting means of the second authentication information;
Collating means for collating the first authentication information registered in the storage means with the second authentication information received by the accepting means;
Authentication determination means for determining whether or not authentication is possible for authentication information input when the number of times of input reception recorded by the recording means satisfies a predetermined number of authentication start times set in advance;
A result storage unit that stores the date and time when the second authentication information is input, the user terminal information for specifying the input user terminal, and the authentication result in the authentication determination unit in association with each other;
History storage means for recording as a history each time the memory of the result storage means is rewritten;
Based on the history recorded in the result storage means, fraud determination means for determining fraud of a login request from a user terminal;
An authentication result monitoring means for confirming a date and time when the result storage means is input with a user authentication result and authentication information at regular intervals;
An authentication server comprising:   In the history recorded by the history storage means, the fraud determination means has the same user terminal information and more than the set number of times, and the degree of coincidence with the first authentication information has a predetermined threshold value. The second authentication information that falls below is input in a time shorter than the set time, and the user terminal whose authentication result is authentication failure is determined as an unauthorized user terminal. The authentication server according to Item 1.   The fraud determination means determines whether the authentication is possible or not for the user ID when the user ID is not authenticated by the authentication determination means and the user ID is changed more than a certain number of times even though the user terminal information is the same. The authentication server according to claim 1, wherein the authentication server is stopped.   In the history recorded by the history storage unit, the fraud determination unit sets the number of times that the user terminal information is the same and the same second authentication information is not input in a longer time than the set time. The authentication server according to any one of claims 1 to 3, wherein an unauthorized user terminal is determined based on a user terminal more than the number of times of the authentication. An authentication server program for controlling the authentication server according to claim 1,
The authentication server,
Storage means for registering the first authentication information set by the user terminal;
Accepting means for accepting input of second authentication information from the user terminal;
Recording means for recording the number of times the input is accepted by the acceptance means of the authentication information;
Collating means for collating the first authentication information registered in the storage means with the second authentication information received by the accepting means;
Authentication determination means for determining whether or not authentication is possible for authentication information input when the number of times of input reception recorded by the recording means satisfies a predetermined number of authentication start times set in advance;
A result storage unit that records the date and time when the second authentication information is input, the user terminal information related to the input user terminal, and the authentication result of the authentication determination unit as a history;
Based on the history recorded in the result storage means, fraud determination means for determining fraud of a login request from a user terminal;
An authentication server program that causes the result storage means to function as an authentication result monitoring means for confirming a date and time when a user authentication result and authentication information are input at regular intervals.