JP5163042B2 - Information processing apparatus, security countermeasure method, and computer program - Google Patents

Description

  The present invention relates to an information processing apparatus having a user authentication function and a security countermeasure method thereof.

  In recent years, along with an increase in the capacity of a nonvolatile memory of a mobile terminal such as a mobile phone terminal or a PHS terminal and an improvement in display resolution, a large amount of information can be stored and viewed in a portable device.

  On the other hand, when a mobile terminal is lost or stolen, there is a risk that a greater amount of information may be leaked than before.

  Therefore, a method as described in Patent Document 1 has been proposed. According to the method described in Patent Document 1, when an incorrect password is input to a mobile terminal, the key operation of the mobile terminal is invalidated.

Also in desktop personal computers, the following methods are widely known as methods for preventing leakage of data stored therein. The personal computer is locked by inputting a predetermined command when the user leaves the room. If an incorrect password is input, the user account of the user is invalidated.
JP 2003-61151 A

  However, if a key operation or a user account is uniformly invalidated when an incorrect password is input, even if a true user makes an input mistake, it becomes invalid. This is very inconvenient for the user.

  The present invention has been made in view of such a problem, and an object of the present invention is to improve the usability of a device as compared with the conventional device while ensuring the security of a device such as a mobile terminal or a personal computer.

An information processing apparatus according to an embodiment of the present invention includes a password storage unit that stores a predetermined password, an input unit corresponding to the Nth character of the password stored in the password storage unit, and an input input from performing the determination processing of determining the degree of potential rogue users, the security processing corresponding to the degree in accordance with the positional relationship between the input unit corresponding to been N-th character password , possess and security processing means, wherein the in the determination process, the password storage means and the password stored in the (j-1) th of the input unit and the j-th input of the character The degree is increased when the positional relationship and the positional relationship between the input portion of the (j-1) th character and the input portion of the jth character of the input password are different.

  Alternatively, the security countermeasure processing means executes processing for deleting or encrypting specific data as the security countermeasure processing.

  Alternatively, the security measure processing means deletes or encrypts the specific data according to the importance of the specific data.

  According to the present invention, it is possible to improve the usability of the apparatus as compared with the conventional apparatus while ensuring the security of the apparatus such as a mobile terminal or a personal computer.

  FIG. 1 is a diagram showing an example of the overall configuration of the mobile phone system KYS, FIG. 2 is a diagram showing an example of the hardware configuration of the mobile phone terminal 1, and FIG. 3 is an example of the functional configuration of the mobile phone terminal 1. FIG.

  As shown in FIG. 1, the mobile phone system KYS is a wireless communication system based on a mobile phone communication standard such as CDMA2000 or W-CDMA, and includes a mobile phone terminal 1, a server 2, a communication line 3, and the like. The

  The communication line 3 includes a radio access network (RAN) and a core network (CN).

  The mobile phone terminal 1 conventionally makes a call with another mobile phone terminal or a fixed phone via the communication line 3 and exchanges data such as e-mail or multimedia data with another mobile phone terminal or a personal computer. Can be done. Further, the server 2 can be connected via the communication line 3.

  As shown in FIG. 2, the cellular phone terminal 1 includes a CPU 10a, a memory 10b, a wireless circuit 10c, a liquid crystal panel 10d, an operation button group 10e, an antenna 10f, a microphone 10g, a speaker 10h, an input / output interface 10i, and the like. . Thus, the hardware configuration of the mobile phone terminal 1 is basically the same as the hardware configuration of the conventional mobile phone terminal.

  The software stored in the memory 10b is basically the same as that of the conventional one. However, management software such as an address book for managing information related to the address book, call history, and e-mail transmission / reception history more securely than before is installed.

  This address book management software includes a password storage unit 101, an address book storage unit 102, a table update unit 103, an address data search unit 104, a password reception unit 105, a user authentication processing unit 106, and data leakage prevention shown in FIG. The processing unit 107, the decryption key requesting unit 108, the decryption processing unit 109, and the like are configured by a program and data.

  Programs included in these software are executed by the CPU 10a. Note that some or all of the functions of the units illustrated in FIG. 3 may be realized only by hardware such as a dedicated circuit.

  4 is a diagram showing an example of the address book table TL1, FIG. 5 is a diagram showing an example of the outgoing call history table TL2, FIG. 6 is a diagram showing an example of the configuration of the data leakage prevention processing unit 107, and FIG. 7 is an operation button group 10e. FIG. 8 is a flowchart for explaining an example of the flow of dissimilarity determination processing, FIG. 9 is a flowchart for explaining an example of the flow of data leakage prevention processing, and FIG. 10 is designated type data. FIG. 11 is a diagram illustrating an example of scramble processing, and FIG. 12 is a diagram illustrating an example of automatic data 6J. Next, the processing contents of each unit shown in FIG. 3 will be described in detail.

  The password storage unit 101 in FIG. 3 stores the password PW1. The password PW1 is arbitrarily determined by the manufacturer or the dealer when the mobile phone terminal 1 is shipped, but can be arbitrarily changed later by the user who owns the mobile phone terminal 1.

  Hereinafter, characters such as alphabets, numbers “0” to “9”, and symbols such as “#” or “*” used for passwords are collectively referred to as “characters”.

  The address book storage unit 102 stores an address book table TL1, outgoing call history table TL2, incoming call history table TL3, transmission history table TL4, and reception history table TL5.

  The table updating unit 103 updates these tables by newly storing data in these tables or changing or deleting the contents of data already stored in these tables.

  As shown in FIG. 4, the address book table TL1 stores address data 4A for each of the user's friends, acquaintances, family members, business partners, facilities such as shops to be used, and various other people or facilities. Yes.

  The address data 4A includes data such as the name of the person or facility, a telephone number, an e-mail address, an address, a short mail (SMS) address, or a photograph, and data indicating the degree of importance of these data, that is, the importance. And are included. There are five levels of importance: “highest”, “high”, “medium”, “low”, and “none”. In particular, in the present embodiment, it is desirable to determine the importance level according to the degree that should not be leaked, that is, the magnitude of security importance (security level).

  When the user wants to register (store) the new address data 4A in the address book table TL1, basically, the user can input an e-mail address or telephone number to the address book (phone book) as usual. Good. However, in this embodiment, the user must also specify the importance such as the e-mail address or telephone number.

  The user can arbitrarily specify the importance level, but it is preferable to specify a higher importance level for a highly confidential item, that is, one that should not be leaked. However, as will be explained later, the higher the importance, the more likely it is to be scrambled (encrypted) or deleted from the table if there is a password entry error to prevent leakage. Become. Therefore, the user must determine the importance level in consideration of both the importance level and convenience with this in mind.

  The table updating unit 103 newly generates address data 4A indicating the content input or designated by the user and stores it in the address book table TL1.

  Further, the user can change the e-mail address or the telephone number indicated in the existing address data 4A by performing a conventional operation. You can also change the importance. The table update unit 103 updates the contents of the address data 4A according to the user's operation. The address data 4A can also be deleted as usual.

  The call history table TL2 stores a history of calls made from the mobile phone terminal 1, that is, a so-called call history. Specifically, as shown in FIG. 5, one transmission attribute data 4B is stored in the transmission history table TL2 for each transmission (call).

  The transmission attribute data 4B includes at least data indicating the telephone number of the other party and the date and time of transmission. Further, when a telephone number is called using the address data 4A registered in the address book table TL1, the name and importance data indicated in the address data 4A are also included in the outgoing attribute data 4B. .

  Each time the mobile phone terminal 1 makes a call (makes a call), the table update unit 103 generates the call attribute data 4B related to the call and stores it in the call history table TL2.

  The incoming call history table TL3 stores a history of calls made to the mobile phone terminal 1, that is, a so-called incoming call history. The transmission history table TL4 stores a history of electronic mail transmitted from the mobile phone terminal 1, that is, a so-called transmission history. The reception history table TL5 stores a history of e-mails received by the mobile phone terminal 1, that is, a so-called reception history.

  The contents of the incoming history, outgoing history, and incoming history are basically the same as before, and the date, time of incoming, outgoing, or incoming, as well as the telephone number of the sender, the email address of the recipient, or the sender E-mail address etc. are shown. Furthermore, in the present embodiment, if the address data 4A corresponding to those telephone numbers or e-mail addresses is stored in the address book table TL1, the importance of the address data 4A is set to the incoming call history, the transmission history, or the reception history. Also shown in the history.

  Alternatively, the importance may be specified by the user each time there is an outgoing call, incoming call, transmission, and reception.

  Returning to FIG. 3, the address data search unit 104 receives the data stored in the address book table TL1 through the reception history table TL5 in response to a request from the address book display means or various history display means. Search and output.

  Password accepting unit 105 accepts password PW2 input by the user. When the mobile phone terminal 1 is set to the security mode, when the power is turned on from the off state, when the user presses the lock button, or when no operation continues for a predetermined time or more. , Lock (so-called password lock). The user cannot use the mobile phone terminal 1 in a locked state. To unlock, you must enter the correct password.

  The user authentication processing unit 106 performs user authentication by comparing the password PW2 received by the password receiving unit 105 with the password PW1 stored in the password storage unit 101.

  As shown in FIG. 6, the data leakage prevention processing unit 107 includes a suspicious user determination unit 171, a processing content determination unit 172, a scramble processing unit 173, a data deletion processing unit 174, a setting value storage unit 175, a processing result display processing unit. 176, a dissimilarity point counter CA, a suspicious input number counter CB, a non-input period timer TR, and the like. With these configurations, the data leakage prevention processing unit 107 stores the password PW1 and the password PW2 in the address book table TL1 or the reception history table TL5 as necessary when the password PW1 and the password PW2 do not match in the processing by the user authentication processing unit 106. Executes processing to more reliably prevent leaked data.

  The non-input period timer TR is a timer for measuring the time that has elapsed since the erroneous input of the password for unlocking. The initial value is “0”. When a correct password is input or a predetermined time elapses, the password is reset to “0”. The dissimilarity point counter CA and the suspicious input number counter CB will be sequentially described later. The initial values of both counters are “0”.

  The setting value storage unit 175 stores various threshold values and data for leakage prevention processing (specified type data 6S or automatic type data 6J), which will be described later, and the like. Further, button position data 5 indicating the positional relationship of each button constituting the operation button group 10e is stored. For example, when 12 buttons of 4 rows and 3 columns are arranged as shown in FIG. 7A, the button position indicating the row number and the column number of each button as shown in FIG. 7B. Data 5 is stored in advance in the set value storage unit 175.

  The suspicious user determining unit 171 determines how much the password PW2 received by the password receiving unit 105 and the password PW1 stored in the password storage unit 101 are different, that is, the degree of dissimilarity between the two passwords ( Hereinafter, a process of determining whether or not a person who is not a true user has input a password is performed. This process is performed according to the procedure shown in FIG. 8, for example.

  The first (first) characters of the passwords PW1 and PW2 are compared (# 201 in FIG. 8). If they do not match (No in # 202), 5 points are added to the dissimilar score counter CA (# 203). If they match (Yes in # 202), no points are added.

  For the second character to the second character from the end of the password PW2, the processes of steps # 205 to # 212 are performed.

  That is, the j-th characters (where 2 ≦ j ≦ k, “k” is the number of characters of the password PW2) of the passwords PW1 and PW2 are compared (# 205). If they do not match (No in # 206), the position of the j-th character button viewed from the (j-1) -th character button of the password PW1 and the (j-1) -th character of the password PW2 The position of the button of the j-th character viewed from the button is compared (# 210). That is, the relative positional relationship between the (j-1) th character button and the jth character button is compared between the passwords PW1 and PW2. The position of each button can be understood by referring to the button position data 5 in FIG.

More specifically, the position of the button of the (j−1) th character of the password PW1 is (X _j−1 , Y _j−1 ), and the position of the button of the jth character is (X _j , Y _j ), The position of the button of the (j−1) th character of the password PW2 is (X ′ _j−1 , Y ′ _j−1 ), and the position of the button of the jth character is (X ′ _j , If Y ′ _j ), it can be determined that the relative positional relationship matches if the following equation (1) is satisfied, and it can be determined that they do not match if the following expression (1) is satisfied.
(X _j−1 , Y _j−1 ) − (X _j , Y _j )
= (X ′ _j−1 , Y ′ _j−1 ) − (X ′ _j , Y ′ _j ) (1)

If they do not match (No in # 211), 3 points are added to the dissimilar score counter CA (# 212). If they match (Yes in # 211), no points are added.

  When the comparison from the last to the second character of the password PW2 is finished (Yes in # 208), the last character of the password PW2, that is, the kth character is compared with the kth character of the password PW1 (# 213). If they do not match (No in # 214), 5 points are added to the dissimilar score counter CA (# 215). If they match (Yes in # 214), no points are added.

  If uncompared characters remain in the password PW1 despite the comparison with the last character of the password PW2 (No in # 216), the score is added to the dissimilarity score counter CA by the number of characters. (# 217). For example, if 3 characters remain, add 3 points.

As a result of the above processing, when the score of the dissimilar score counter CA is equal to or greater than the threshold value, the suspicious user determination unit 171 determines that a person who is not a true user has input a password. Then, “1” is added to the suspicious input number counter CB. Or, when there is a predetermined percentage of dissimilarities with respect to the correct password length (number of characters), that is, for example, when the following equation (2) is satisfied, a person who is not a true user inputs the password You may determine that you have done so.
{(5 × L) −M} / (5 × L) <α (2)

However, “M” is a value indicated by the dissimilarity point counter CA. “L” is the number of characters of the password PW1. “Α” is a threshold value less than 1.

  The value of α can be arbitrarily set by the user. This value is stored in the set value storage unit 175.

  Returning to FIG. 6, when the suspicious user determination unit 171 determines that a person who is not a true user has entered a password, the processing content determination unit 172 stores each table in the address book table TL1 to the reception history table TL5. The contents of processing for preventing leakage of stored data (hereinafter referred to as “leakage prevention processing”) are determined.

  The scramble processing unit 173 performs a scramble process on a part or all of the record (address data 4A, transmission attribute data 4B, etc.) determined by the processing content determination unit 172. The procedure of this process will be described later.

  The data deletion processing unit 174 deletes a part or all of the record determined by the processing content determination unit 172 from the address book table TL1 or the reception history table TL5.

  The processing result display processing unit 176 controls the liquid crystal panel 10d so that a message indicating the execution result of the leakage prevention processing is displayed.

  Here, the processing procedure by the processing content determination unit 172, the scramble processing unit 173, and the data deletion processing unit 174 will be described in detail with reference to the flowchart of FIG.

  When the designated type data 6S indicating the designated type processing pattern is stored in the setting value storage unit 175 (Yes in # 231 in FIG. 9), the processing content determination unit 172 responds to the designated type data 6S. The target and contents of the leakage prevention process are determined (# 232).

  In the designated type data 6S, for example, as shown in FIG. 10, the data in which field is stored in accordance with the number of times that a person who is not a true user has entered a password, that is, the number of times indicated in the suspicious input number counter CB. It is set whether to process.

  According to the specification type data 6S of FIG. 10, when the suspicious input number counter CB is “1”, the processing content determination unit 172 sets the “e-mail address” of each of the five tables of the address book table TL1 to the reception history table TL5. To delete the data in the field.

  The user can arbitrarily set, in the designated type data 6S, which field data is to be processed for each number of times.

  The scramble processing unit 173 and the data deletion processing unit 174 execute the processing determined by the processing content determination unit 172 on the field data determined by the processing content determination unit 172 (# 233).

  Specifically, the scramble processing unit 173 scrambles the data by exchanging characters at predetermined positions in the data as shown in FIG. 11A or FIG. 11B, for example. That is, the scramble processing unit 173 encrypts the data to be prevented from leaking.

  The encryption key AK indicating the replacement method is stored in the setting value storage unit 175 in advance. A decryption key FK for decrypting data encrypted with the encryption key AK is stored in advance in the server 2 as will be described later. In the case of the public key method, one of a pair of public key and secret key is used as one of the encryption key AK and the decryption key FK, and the other is the encryption key AK and the decryption key FK. Used for the other of them. In the case of the common key cryptosystem, the same key is used for both the encryption key AK and the decryption key FK.

  The data deletion processing unit 174 deletes the data of the field determined by the processing content determination unit 172.

  Returning to the flowchart, when the automatic type data 6J indicating the automatic type processing pattern is stored in the setting value storage unit 175 (Yes in # 234), the data corresponding to the condition indicated by the automatic type data 6J Are searched from each of the five tables of the address book table TL1 to the reception history table TL5 (# 235), and the content of the leakage prevention process for the found data is determined (# 236).

  For example, as shown in FIG. 12A or FIG. 12B, the automatic type data 6J includes the number of times that a person who is not a true user has entered a password, that is, the number of times indicated in the suspicious input number counter CB. In addition, data conditions and processing contents to be subjected to leakage prevention processing are set.

  According to the automatic type data 6J of FIG. 12A, when the suspicious input number counter CB is “1”, the processing content determination unit 172 includes a record (address data 4A) including “stock” or “company” in the name. For example, the top five records with the highest number of outgoing / incoming calls and the top five records with the highest number of transmissions / receptions are deleted.

  Alternatively, as shown in FIG. 12 (b), the automatic data 6J may be set so that data with higher importance is subjected to leakage prevention processing even if the value of the suspicious input number counter CB is smaller. it can.

  Then, the scramble processing unit 173 and the data deletion processing unit 174 perform the processing determined by the processing content determination unit 172 on the data and records determined by the processing content determination unit 172 (# 237).

  In order to continue the detection of unauthorized password entry, the dissimilarity point counter CA is reset (# 238). The processing result display processing unit 176 displays a message indicating the result of the processing executed in steps # 233 and # 237 on the liquid crystal panel 10d (# 239).

  Returning to FIG. 3, the decryption key request unit 108 performs processing for requesting and acquiring the decryption key FK of the mobile phone terminal 1 from the server 2. The detailed procedure of this process will be described later.

  The decryption processing unit 109 decrypts the scrambled (encrypted) data using the decryption key FK received from the server 2.

  FIG. 13 is a diagram illustrating an example of a functional configuration of the server 2, and FIG. 14 is a flowchart illustrating an example of a flow of decoding processing.

  As illustrated in FIG. 13, the server 2 includes a decryption key management unit 201, a decryption key request reception unit 202, an authentication processing unit 203, a decryption key transmission unit 204, and the like.

  The decryption key management unit 201 stores and manages the decryption key FK and password for each mobile phone terminal 1. This password is different from the password for unlocking the cellular phone terminal 1. The decryption key request accepting unit 202 accepts a request for the decryption key FK from the mobile phone terminal 1.

  The authentication processing unit 203 performs processing for confirming whether or not the user of the mobile phone terminal 1 that is the request source is the user. That is, user authentication is performed. The decryption key transmission unit 204 transmits the decryption key FK related to the request to the mobile phone terminal 1 that is the request source.

  A so-called server machine or workstation is used as the server 2. It may be realized by adding software or hardware to an existing system for managing user data.

  Here, the procedure of the process for decoding the scrambled data will be described with reference to FIG.

  When the user inputs a predetermined command, the decryption key request unit 108 of the mobile phone terminal 1 displays a password input screen on the liquid crystal panel 10d (# 311). The user enters a password. However, here, the password set (stored) in the server 2 is input instead of the password for unlocking.

  When the decryption key request unit 108 accepts the password entered by the user (# 312), the decryption key request unit 108 transmits the accepted password to the server 2 together with the identification information (for example, the mobile phone number) of the mobile phone terminal 1 itself. Request FK (# 313).

  In the server 2, when the decryption key request accepting unit 202 accepts the identification number and password from the mobile phone terminal 1 (# 321), the authentication processing unit 203 calls the password corresponding to the identification information from the decryption key etc. management unit 201. Then, user authentication is performed by comparing the received password with the called password (# 322).

  If they match, that is, if the authentication is successful, the decryption key transmission unit 204 calls the decryption key FK corresponding to the identification information from the decryption key management unit 201 and transmits it to the mobile phone terminal 1 that is the request source. (# 323). If they do not match, that is, if authentication fails, the request is rejected.

  When the mobile phone terminal 1 receives the decryption key FK (# 314), the decryption processing unit 109 decrypts the scrambled data using the decryption key FK (# 315).

  FIG. 15 is a flowchart for explaining an example of the overall processing flow of the mobile phone terminal 1.

  Next, the overall processing flow of the cellular phone terminal 1 in which the password is input when the lock is applied will be described with reference to the flowchart of FIG.

  When the password for unlocking, that is, the password PW2 is input (# 1 in FIG. 15), the cellular phone terminal 1 calls the registered password, that is, the password PW1 (# 4), and collates the user to verify the user. Authentication is performed (# 5). If the non-input period timer TR has counted a predetermined time or more at the time of input (Yes in # 2), the non-input period timer TR, the dissimilarity number counter CA, and the suspicious input number counter CB are set to “ Reset to "0" (# 3).

  If they match (Yes in # 6), authentication is given and the lock is released (# 7). Then, the non-input period timer TR, the dissimilar score counter CA, and the suspicious input count counter CB are reset to “0” (# 8).

  If they do not match (No in # 6), if designated type data 6S or automatic type data 6J is set (Yes in # 7), whether or not a person who is not a true user has entered a password A process of determining whether or not is performed (# 10). The procedure of this process is as described above with reference to FIG.

  If neither the designated type data 6S nor the automatic type data 6J is set (No in # 9), a message prompting the user to re-enter the password is displayed (# 12), and a re-input is awaited. If it is not determined in step # 10 that the user who made the input is not a true user (No in # 11), a similar message is displayed (# 12), and a re-input is awaited.

  If it is determined in step # 10 that the user who made the input is not a true user (Yes in # 11), "1" is added to the suspicious input number counter CB (# 13), and the suspicious input number counter CB is added. A leakage prevention process corresponding to the number of suspicious inputs indicated is executed (# 14). The procedure of the leakage prevention process is as described above with reference to FIG.

  According to the present embodiment, it is determined whether or not to take security measures such as leakage prevention processing according to the similarity between the password registered in advance and the input password. That is, when the user himself / herself makes a password entry mistake, no security measure is taken, and when another person enters the password, a security measure can be taken. Therefore, it is possible to improve the usability of the mobile phone terminal 1 as compared with the prior art while ensuring the security of the mobile phone terminal 1. In addition, the content of the data leakage prevention process can be changed according to the importance.

  Moreover, even when the mobile phone terminal 1 is in a place where communication with the base station is impossible (so-called out of service area), leakage prevention processing can be performed.

  In this embodiment, as described with reference to FIG. 8, it is checked whether or not the first character of the k-character password PW2 matches the first character of the password PW1 (# 201), and the k-th password of the password PW2 is checked. It is checked whether or not the character and the k-th character of the password PW1 match (# 213), the matching degree of the number of characters is checked (# 216), and each of the second to (k-1) th characters Is checked by checking the relative positions of the buttons viewed from the button of the previous character (# 210), and it is determined whether or not the password PW2 is input by a true user. The determination may be made by other methods.

  For example, the determination may be made only by checking whether or not the first characters of the passwords PW1 and PW2 match and whether or not the last characters of the passwords PW1 and PW2 match.

  Or you may determine only by comparing the change of a relative position irrespective of whether the first characters correspond and the last characters correspond. That is, for example, if the password PW1 is “1241”, the change in the position of the button corresponding to each character is “right, lower left, up”, but the change in the button position is the password as the password PW2 is “5686”. If it is the same as that of PW1, it may be determined that the user has made an input error, and if the change is different, it may be determined that the user is an unauthorized person. Or you may determine with an improper person when the difference of both change exceeds the predetermined range.

  FIG. 16 is a flowchart illustrating another example of the flow of dissimilarity determination processing. Alternatively, when the passwords PW1 and PW2 do not match, it may be determined whether or not a person who is not a user has input the password by a method as shown in FIG.

  , The k-th character buttons of the password PW2 and the positional relationship between the password PW1, 1, 2,..., And the k-th character buttons are checked (# 401 to # 404).

  It is checked whether or not there is a combination that does not match and is not adjacent to each other in the left and right directions (# 405). If there is even one such combination (Yes in # 406), the dissimilar score counter CA 5 are added to (# 407), and the process of counting the number of dissimilar points is completed.

  The presence / absence of a combination adjacent to each other is checked (# 408). If such a combination exists (Yes in # 409), three points are added to the dissimilarity point counter CA (# 410), The process of counting the number of similar points is finished.

  If there is a combination that is adjacent to the left and right (No in # 409), one point is added to the dissimilar score counter CA (# 410), and the dissimilar score count process is terminated.

  According to the processing of FIG. 16, if the buttons of the operation button group 10e are arranged as shown in FIG. 7A, one point is added if the passwords PW1 and PW2 are “2234” and “1134”, respectively. The If the passwords PW1 and PW2 are “1534” and “1264”, respectively, three points are added. If the passwords PW1 and PW2 are “1238” and “5234”, 5 points are added.

  In the present embodiment, the case of input to the operation button group 10e of the mobile phone terminal, that is, the numeric keypad has been described as an example. However, the present invention is also applied to the case of input to a keyboard of a personal computer or a PDA (Personal Digital Assistant). be able to.

  In this embodiment, the encryption key AK and the decryption key FK are prepared in advance in the mobile phone terminal 1 and the server 2, respectively. However, the encryption key AK and the decryption key FK are generated in the mobile phone terminal 1 each time scrambling is performed. The decryption key FK may be transmitted from the mobile phone terminal 1 to the server 2.

  In the present embodiment, the mobile phone terminal 1 performs the data decoding, but the server 2 may perform the data decoding.

  In addition, the configuration of the whole or each part of the mobile phone system KYS, the mobile phone terminal 1, and the server 2, the processing content, the processing order, the configuration of the table, and the like can be appropriately changed in accordance with the spirit of the present invention.

In the embodiment described above, the following notes are also disclosed.
(Appendix 1)
Password storage means for storing a first password which is a predetermined password;
Based on the relative positional relationship between the Nth character of the first password stored in the password storage means and the Nth character of the second password, which is the input password, the second password An unauthorized person determination means for determining a degree of possibility that an input person of the password is an unauthorized person;
Security measure processing means for executing security measure processing for security measures when the degree determined by the unauthorized person determination means exceeds a predetermined height;
An information processing apparatus comprising:
(Appendix 2)
The fraudulent determination means determines the relative positional relationship between the (j−1) th character input button and the jth character input button of the first password and the second password (j−1). ) When the relative positional relationship between the input button for the th character and the input button for the j th character is different, the degree of being an unauthorized person is determined to be high.
The information processing apparatus according to attachment 1.
(Appendix 3)
The security countermeasure processing means executes processing of contents as the security countermeasure processing at a high level determined by the unauthorized person determination means.
The information processing apparatus according to Supplementary Note 1 or Supplementary Note 2.
(Appendix 4)
The security countermeasure processing means executes a process of deleting or encrypting specific data as the security countermeasure processing.
The information processing apparatus according to any one of appendix 1 to appendix 3.
(Appendix 5)
The security measure processing means deletes or encrypts the specific data according to the importance of the specific data;
The information processing apparatus according to attachment 4.
(Appendix 6)
The fraudulent determination means determines a high degree of fraud when the first character of the first password is different from the first character of the second password,
The information processing apparatus according to attachment 1.
(Appendix 7)
The fraudulent determination means determines a high degree of being the fraudster when the last character of the first password is different from the last character of the second password,
The information processing apparatus according to attachment 1.
(Appendix 8)
A security countermeasure method for an information processing apparatus,
The first password, which is a predetermined password, is stored in the password storage means,
Based on the relative positional relationship between the Nth character of the first password stored in the password storage means and the Nth character of the second password, which is the input password, the second password Determine the likelihood that the person who entered your password is a fraudster,
When the determined degree exceeds a predetermined height, execute processing for security measures.
A security countermeasure method characterized by that.
(Appendix 9)
A security countermeasure method for an information processing apparatus,
The first password, which is a predetermined password, is stored in the password storage means,
Based on the relative positional relationship between the Nth character of the first password stored in the password storage means and the Nth character of the second password, which is the input password, the second password Determine the likelihood that the person who entered your password is a fraudster,
If the determined degree exceeds a certain height, the specific data is encrypted,
When the authentication of the user of the information processing apparatus is successful in the other apparatus, the decryption key is received from the other apparatus,
Decrypting the specific data using the received decryption key;
A security countermeasure method characterized by that.
(Appendix 10)
A computer program for security measures of an information processing device,
In the information processing apparatus,
The relative position relationship between the Nth character of the first password, which is a predetermined password, and the Nth character of the second password, which is the password input when the information processing apparatus is used. On the basis of the second password input person to determine the possibility of being an unauthorized person,
When the determined degree exceeds a predetermined height, the process for security measures is executed.
A computer program characterized by the above.

It is a figure which shows the example of the whole structure of a mobile telephone system. It is a figure which shows the example of the hardware constitutions of a mobile telephone terminal. It is a figure which shows the example of a functional structure of a mobile telephone terminal. It is a figure which shows the example of an address book table. It is a figure which shows the example of a transmission log | history table. It is a figure which shows the example of a structure of a data leakage prevention process part. It is a figure which shows the example of an operation button group and button position data. It is a flowchart explaining the example of the flow of a dissimilarity determination process. It is a flowchart explaining the example of the flow of a data leakage prevention process. It is a figure which shows the example of designation | designated type data. It is a figure for demonstrating the example of a scramble process. It is a figure which shows the example of automatic type data. It is a figure which shows the example of a functional structure of a server. It is a flowchart explaining the example of the flow of a decoding process. It is a flowchart explaining the example of the flow of the whole process of a mobile telephone terminal. It is a flowchart explaining the other example of the flow of dissimilarity determination processing.

Explanation of symbols

1 Mobile phone terminal (information processing device)
101 Password storage unit (password storage means)
171 Suspicious user determination unit (unauthorized person determination means)
173 Scramble processing unit (security measure processing means)
174 Data deletion processing unit (security countermeasure processing means)
2 servers (other devices)
PW1 password (first password)
PW2 password (second password)

Claims (6)

Password storage means for storing a predetermined password;
The input person is an unauthorized person according to the positional relationship between the input unit corresponding to the Nth character of the password stored in the password storage means and the input unit corresponding to the Nth character of the input password. executing the determination processing of determining the degree of a possible, a security process corresponding to the degree and security processing means,
I have a,
In the determination process, the positional relationship between the (j−1) th character input portion and the jth character input portion of the password stored in the password storage means and the (j -1) Increasing the degree when the positional relationship between the input portion of the j th character and the input portion of the j th character is different.
An information processing apparatus characterized by that. The security countermeasure processing means executes a process of deleting or encrypting specific data as the security countermeasure processing.
Claim 1 Symbol placement of the information processing apparatus. The security measure processing means deletes or encrypts the specific data according to the importance of the specific data;
The information processing apparatus according to claim 2 . A security countermeasure method for an information processing apparatus,
Store a predetermined password in the password storage means,
Depending on the positional relationship between the input unit corresponding to the Nth character of the password stored in the password storage means and the input unit corresponding to the Nth character of the input password, the input person is an unauthorized person Execute a determination process to determine the degree of possibility of
Run the security processing corresponding to the degree of the judgment,
In the determination process, the positional relationship between the (j−1) th character input portion and the jth character input portion of the password stored in the password storage means and the (j -1) Increasing the degree when the positional relationship between the input portion of the j th character and the input portion of the j th character is different.
A security countermeasure method characterized by that. A security countermeasure method for an information processing apparatus,
Store a predetermined password in the password storage means,
Depending on the positional relationship between the input unit corresponding to the Nth character of the password stored in the password storage means and the input unit corresponding to the Nth character of the input password, the input person is an unauthorized person Execute a determination process to determine the degree of possibility of
When the determined degree exceeds a predetermined height, specific data is encrypted,
When the authentication of the user of the information processing apparatus is successful in the other apparatus, the decryption key is received from the other apparatus,
It received using the decryption key to decrypt the particular data,
In the determination process, the positional relationship between the (j−1) th character input portion and the jth character input portion of the password stored in the password storage means and the (j -1) Increasing the degree when the positional relationship between the input portion of the j th character and the input portion of the j th character is different.
A security countermeasure method characterized by that. A computer program for security measures of an information processing device,
In the information processing apparatus,
Input according to the positional relationship between the input unit corresponding to the Nth character of the predetermined password and the input unit corresponding to the Nth character of the password input when the information processing apparatus is used To determine the degree of possibility that the person is an unauthorized person,
Execute security countermeasure processing according to the determined degree ,
In the determination process, the positional relationship between the (j−1) th character input portion and the jth character input portion of the password stored in the password storage means and the (j -1) Increasing the degree when the positional relationship between the input portion of the j th character and the input portion of the j th character is different.
A computer program characterized by the above.

Images