JP5722281B2 - Network system and determination method - Google Patents

Description

  Embodiments described herein relate generally to a network system, a server device, and a determination method.

  2. Description of the Related Art In recent years, services such as virtual hosting have been provided by businesses called virtual hosting businesses, which provide users with an environment for executing virtual machine image files deposited by users. Such a virtual hosting company provides an execution environment for an image file of a virtual machine deposited by a user in a data center or the like managed by the virtual hosting company. And a user will use the virtual machine currently running in the environment which a virtual hosting provider provides via a network.

  As described above, in virtual hosting, a user deposits a virtual machine image file with a virtual hosting company. In other words, since the virtual machine image file is not under the control of the user, the virtual machine image file can be detected by an illegal act of the virtual hosting company or by an unauthorized intrusion by a third party into the environment provided by the virtual hosting company. May be tampered with. Under such circumstances, a technique for confirming the integrity of a file via a network has also been proposed (see Patent Document 1).

JP 2008-90786 A

  However, in the above prior art, there are cases where it takes time to perform arithmetic processing for confirming completeness. Specifically, in the technique described in Patent Document 1, the entire user data is targeted as a range for which the integrity check is performed. Since the power calculation is performed by equating with the binary number notation, it takes time to complete the calculation process of the integrity check.

  Such a problem may occur not only when checking the integrity of an image file managed by a virtual hosting company, but also when checking the integrity of a file existing in an environment via a network.

  A technique using a hash value is widely known as a technique for confirming the presence / absence or completeness of a predetermined file. However, in the technology using the hash value, in order for the verifier to generate the hash value, it is necessary to hold the file to be verified, so when checking the integrity of the file existing in the environment via the network In addition, it is necessary to transfer all files to be verified to the verifier. This increases the amount of data transferred as the file size increases, leading to problems such as an increase in network load and a longer data transfer time.

  The technology disclosed in the present application has been made in view of the above, and an object thereof is to provide a network system, a server device, and a determination method capable of speeding up a process for determining the integrity of a file.

  The network system according to the embodiment is a network system including a server device and a terminal device, and the server device includes a common data storage unit that stores common data used by a plurality of users, and a user of the terminal device. In association with a user identifier for identifying a user information storage unit that stores individual data that is a difference between data used by a user of the terminal device and the common data, and using the individual data, When a verification information generation unit that generates verification information for verifying individual data and an authentication information generation factor that is a generation source of authentication information from the terminal device are received, the authentication information generation factor corresponds to the terminal device. An authentication information generating unit that generates authentication information using the individual data and transmits the generated authentication information to the terminal device. The terminal device generates authentication information for the server device by transmitting a verification information storage unit that stores the verification information generated by the verification information generation unit and a predetermined authentication information generation factor to the server device. The validity of the individual data is determined using a request unit requesting the authentication, authentication information received from the server device as a response to the request by the request unit, and verification information stored in the verification information storage unit It is characterized by comprising a determination unit for performing.

  The network system, server device, and determination method according to the embodiment have an effect of speeding up the process of determining file integrity.

FIG. 1 is a diagram illustrating a configuration example of a network system according to the first embodiment. FIG. 2 is a diagram illustrating an example of a user information storage unit according to the first embodiment. FIG. 3 is a diagram illustrating an example of the verification information storage unit according to the first embodiment. FIG. 4 is a sequence diagram illustrating an initial processing procedure performed by the network system according to the first embodiment. FIG. 5 is a sequence diagram showing a startup processing procedure by the network system according to the first embodiment. FIG. 6 is a sequence diagram illustrating a stop processing procedure by the network system according to the first embodiment. FIG. 7 is a diagram illustrating a configuration example of a network system according to the second embodiment. FIG. 8 is a sequence diagram showing an initial processing procedure by the network system according to the second embodiment. FIG. 9 is a sequence diagram illustrating a startup processing procedure by the network system according to the second embodiment. FIG. 10 is a sequence diagram illustrating a stop processing procedure by the network system according to the second embodiment. FIG. 11 is a diagram illustrating a computer that executes an authentication program.

  Hereinafter, embodiments of a network system, a server device, and a determination method according to the present application will be described in detail with reference to the drawings. Note that the network system, the server device, and the determination method according to the present application are not limited by this embodiment.

(First embodiment)
[Network system configuration]
First, the network system according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram illustrating a configuration example of a network system 1 according to the first embodiment. The network system 1 illustrated in FIG. 1 includes a server device 100 and terminal devices 200 ₁ to 200 _n . Server device 100 and terminal devices 200 ₁ to 200 _n are connected to each other via network 10 so that they can communicate with each other. The number of devices included in the network system 1 is not limited to the example shown in FIG. For example, the network system 1 may include two or more server devices 100.

The server device 100 is an information processing device managed by a virtual hosting company. The terminal devices 200 ₁ to 200 _n are information processing devices used by the user, such as a PC (Personal Computer). The terminal device ₂₀₀ 1 to 200 DEG _n has the same configuration, the following description mainly about the terminal apparatus 200 _1. In the following description, when there is no need to distinguish the terminal devices 200 ₁ to 200 _n , they may be collectively referred to as “terminal device 200”.

  In the network system 1 illustrated in FIG. 1, each user who uses the terminal device 200 places a virtual machine image file on the server device 100 and executes the image file on the server device 100 to use the virtual machine. To do. At this time, the terminal device 200 according to the first embodiment determines the integrity of the image file before starting the virtual machine on the server device 100.

  Specifically, in the first embodiment, the server device 100 stores a common image file that is commonly used by a plurality of users, and for each user, an image file and a common image that are used by the user. An individual image file that is a difference from the file is stored. And the server apparatus 100 produces | generates the verification information for verifying this separate image file for every user using the separate image file corresponding to each user. Each terminal device 200 holds the verification information generated by the server device 100. When starting the virtual machine on the server device 100, the terminal device 200 requests the server device 100 to generate authentication information by transmitting a predetermined authentication information generation factor to the server device 100. In response to the request from the terminal device 200, the server device 100 generates authentication information using the authentication information generation factor and the individual image file corresponding to the terminal device 200, and transmits the generated authentication information to the terminal device 200. To do. Then, the terminal device 200 determines the validity of the individual image file using the authentication information received from the server device 100 and the verification information held in advance.

  Thereby, in the network system 1 according to the first embodiment, it is possible to reduce the amount of data flowing through the network 10 and to speed up the calculation process of the integrity check. Hereinafter, this point will be described in detail together with configurations and processing procedures of the server device 100 and the terminal device 200.

[Configuration of server device]
Next, the configuration of the server apparatus 100 according to the first embodiment will be described with reference to FIG. As illustrated in FIG. 1, the server device 100 according to the first embodiment includes a communication unit 110, a storage unit 120, a virtual machine execution unit 130, and a calculation unit 140.

  The communication unit 110 is realized by, for example, a NIC (Network Interface Card). The communication unit 110 is connected to the network 10 and communicates with the terminal device 200 via the network 10.

The storage unit 120 is realized by, for example, a semiconductor memory device such as a random access memory (RAM) or a flash memory, a hard disk, an optical disk, or the like. As shown in FIG. 1, the storage unit 120 includes a common data storage unit 121, individual data storage units 122 _{1 to} 122 _n, and a user information storage unit 123.

The common data storage unit 121 stores a common image file that is an image file that is commonly used by each user of the terminal devices 200 ₁ to 200 _n . The individual data storage units 122 _{1 to} 122 _n store individual image files that are image files obtained by removing a common image file from image files used by a predetermined user. For example, the individual data storage unit 122 ₁ stores an individual image file corresponding to the terminal device 200 ₁ , and the individual data storage unit 122 _n stores an individual image file corresponding to the terminal device 200 _n .

The user information storage unit 123 stores user information regarding each user of the terminal devices 200 ₁ to 200 _n . Here, FIG. 2 shows an example of the user information storage unit 123 according to the first embodiment. As illustrated in FIG. 2, the user information storage unit 123 includes items such as “user identifier”, “password”, “first value g”, “second value N”, and “individual identifier”.

The “user identifier” is information for identifying each user of the terminal devices 200 ₁ to 200 _n . FIG. 2 shows an example in which “reference identifiers” (such as “200 ₁ ”) attached to the terminal apparatuses 200 ₁ to 200 _n in FIG. 1 are stored in the “user identifier” as information for identifying each user. ing. “Password” is the password of each user. The “first value g” and the “second value N” are arbitrary numerical values paid out for each user by the calculation unit 140 described later.

“Individual identifier” is information for identifying an individual image file corresponding to each user. For example, “individual identifier” stores identification information for identifying the individual data storage units 122 _{1 to} 122 _n , a file path name in which an individual image file corresponding to each user is stored, and the like. In Figure 2, the "individual identifier" represents identification information for identifying the individual data storage unit ₁₂₂ 1 to 122 _n, the individual data storage unit ₁₂₂ 1-122 reference numerals as those in _n ( "122 ₁ 1 ") Is stored.

That is, in FIG. 2, the password of the user (terminal apparatus 200 ₁ of the user) identified by the user identifier "200 _1" is "P1", the first value g paid out to such a user is "4" , and the second value N is "997", an example in which individual image files corresponding to such user is stored in the individual data storage unit 122 _1.

  In the example of FIG. 2, the user information storage unit 123 stores the individual identifier in association with the user identifier. However, the user information storage unit 123 may store the individual image file itself in association with the user identifier.

  Returning to the description of FIG. 1, the virtual machine execution unit 130 performs various controls related to the execution of the virtual machine. For example, when the virtual machine execution unit 130 receives a virtual machine activation instruction from the terminal device 200, the virtual machine execution unit 130 activates the virtual machine using the common image file and the individual image file corresponding to the user of the terminal device 200. . The processing performed by the virtual machine execution unit 130 will be described later.

  As illustrated in FIG. 1, the calculation unit 140 includes a verification information generation unit 141 and an authentication information generation unit 142. The verification information generation unit 141 generates verification information when the terminal device 200 performs processing for determining the integrity of the individual image file. Further, the authentication information generation unit 142 generates authentication information when the terminal device 200 performs processing for determining the integrity of the individual image file. Processing performed by the verification information generation unit 141 and the authentication information generation unit 142 will be described later.

  Note that the virtual machine execution unit 130 and the calculation unit 140 execute programs stored in a storage device (not shown) by using a RAM as a work area, for example, by a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. Is realized. Further, for example, the virtual machine execution unit 130 and the calculation unit 140 are realized by an integrated circuit such as an application specific integrated circuit (ASIC) or a field programmable gate array (FPGA).

[Configuration of terminal device]
Next, the configuration of the terminal device 200 according to the first embodiment will be described with reference to FIG. As illustrated in FIG. 1, the terminal device 200 according to the first embodiment includes a communication unit 210, a virtual machine usage unit 220, a verification information storage unit 230, and a calculation unit 240.

  The communication unit 210 is realized by a NIC or the like, for example. The communication unit 210 is connected to the network 10 and communicates with the server device 100 via the network 10.

  The virtual machine using unit 220 has a function of using a virtual machine executed on the server device 100. The virtual machine using unit 220 is realized by software or the like, and corresponds to, for example, a remote desktop client or a Web browser.

The verification information storage unit 230 is realized by, for example, a semiconductor memory element such as a RAM or a flash memory, a hard disk, an optical disk, or the like. The verification information storage unit 230 stores verification information and the like generated by the server device 100. Here, FIG. 3 shows an example of the verification information storage unit 230 according to the first embodiment. In FIG. 3, it shows an example of verification information storage unit 230 included in the terminal apparatus 200 ₁ shown in FIG. As illustrated in FIG. 3, the verification information storage unit 230 includes items such as “first value g”, “second value N”, and “verification information”.

The “first value g” corresponds to the “first value g” in the user information storage unit 123 illustrated in FIG. The “second value N” corresponds to the “second value N” of the user information storage unit 123 illustrated in FIG. 3, since an example of the verification information storage unit 230 included in the terminal device 200 _1, the "first value g" corresponds to the user identifier "200 _1" shown in FIG. 2 "4" is stored Then, “997” corresponding to the user identifier “200 ₁ ” illustrated in FIG. 2 is stored in the “second value N”. The “verification information” stores verification information generated by the verification information generation unit 141 of the server apparatus 100 (“C (P1)” in this example).

  Returning to the description of FIG. 1, the calculation unit 240 includes a request unit 241 and a determination unit 242. The request unit 241 transmits an authentication information request for generating authentication information to the server apparatus 100 before starting the virtual machine. Further, the determination unit 242 determines the completeness of the individual image file stored in the server device 100. The processing performed by the request unit 241 and the determination unit 242 will be described later.

  Such a calculation part 240 is implement | achieved when a program memorize | stored in the memory | storage device which is not shown in figure is executed by RAM and work area | region by CPU or MPU. For example, the calculation unit 240 is realized by an integrated circuit such as an ASIC or FPGA.

[Processing procedure by network system]
Next, a processing procedure performed by the network system 1 according to the first embodiment will be described with reference to FIGS. The processing procedure by the network system 1 includes an initial processing procedure in which a user registers an image file of a virtual machine in the server device 100, and a virtual machine after the terminal device 200 determines the integrity of the image file held in the server device 100. And a stop process procedure for stopping a virtual machine running on the server apparatus 100. Below, each of these processing procedures is demonstrated in order.

  In the following description, a combination of a user identifier and a password is shared in advance between the server device 100 and the terminal device 200, and the user information storage unit 123 also stores the user identifier and password for a new user. It shall be remembered. However, the user information storage unit 123 does not store the “first value g”, “second value N”, and “individual identifier” of the new user.

[Initial processing procedure]
FIG. 4 is a sequence diagram showing an initial processing procedure by the network system 1 according to the first embodiment. As shown in FIG. 4, when the user of the terminal device 200 registers an image file of the virtual machine in the server device 100, first, user authentication is performed between the terminal device 200 and the server device 100 (step S101).

  For example, the virtual machine using unit 220 of the terminal device 200 transmits an image file registration request including a combination of a user identifier and a password to the server device 100 via the communication unit 210. Then, the virtual machine execution unit 130 of the server device 100 determines that the authentication is successful when the combination of the user identifier and the password received from the terminal device 200 is stored in the user information storage unit 123, and determines the user identifier and password. If the combination is not stored in the user information storage unit 123, it is determined that the authentication has failed. Here, it is assumed that the virtual machine execution unit 130 determines that the authentication is successful.

  Subsequently, the calculation unit 140 of the server device 100 generates a first value g and a second value N (step S102). At this time, the calculation unit 140 sets the second value N to a sufficiently large value, and sets the first value g to a value less than the second value N. Subsequently, the calculation unit 140 transmits the first value g and the second value N to the terminal device 200 via the communication unit 110 (step S103).

  And the virtual machine utilization part 220 of the terminal device 200 receives the 1st value g and the 2nd value N from the server apparatus 100 (step S104). At this time, the virtual machine using unit 220 stores the first value g and the second value N in the verification information storage unit 230.

Subsequently, the virtual machine execution unit 130 of the server apparatus 100 reads the common image file H commonly used by a plurality of users from the common data storage unit 121 of the storage unit 120 (step S105). Subsequently, the virtual machine execution unit 130 generates difference information between the image file used by the user of the terminal device 200 and the common image file H as an individual image file Pi used individually by the user (step S106). ). At this time, the virtual machine execution unit 130 stores the individual image file Pi in the individual data storage unit 122 _i .

  Subsequently, the verification information generation unit 141 generates verification information C (Pi) for verifying the individual image file Pi using the individual image file Pi (step S107).

Specifically, as shown in the following formula (1), the verification information generation unit 141 performs a power operation with the first value g as a base and the numerical value indicated by the individual image file Pi as a power. A value “g ^Pi ” is obtained, and the remainder when the value “g ^Pi ” is divided by the second value N is set as verification information C (Pi). The “numerical value indicated by the individual image file Pi” indicates a numerical value obtained by regarding the individual image file Pi, which is binary data, as a natural number binary notation.

C (Pi) = g ^Pi mod N (1)

  Subsequently, the verification information generation unit 141 transmits the verification information C (Pi) generated in step S107 to the terminal device 200 via the communication unit 110 (step S108). Subsequently, the verification information generation unit 141 associates the first value g and the second value N generated in step S102 with the individual identifier of the individual image file Pi generated in step S106 in association with the user identifier of the terminal device 200. The identifier is registered in the user information storage unit 123 (step S109). The virtual machine execution unit 130 may register the individual identifier in the user information storage unit 123.

  Then, the virtual machine using unit 220 of the terminal device 200 receives the verification information C (Pi) from the server device 100 (step S110). At this time, the virtual machine using unit 220 stores the verification information C (Pi) in the verification information storage unit 230.

[Startup procedure]
FIG. 5 is a sequence diagram showing a startup processing procedure by the network system 1 according to the first embodiment. As illustrated in FIG. 5, when the user of the terminal device 200 activates a virtual machine on the server device 100, first, user authentication is performed between the terminal device 200 and the server device 100 (step S201).

  Subsequently, the request unit 241 of the terminal device 200 generates a predetermined random number r (step S202). And the request | requirement part 241 produces | generates the authentication information production | generation factor R used as the production | generation source of the authentication information which the server apparatus 100 produces | generates using this random number r (step S203).

Specifically, as shown in the following formula (2), the request unit 241 obtains a value “g ^r ” by performing a power operation with the first value g as a base and the random number r as a power, Let the remainder when the value “g ^r ” is divided by the second value N be an authentication information generation factor R.

^{R = g r mod N ··· (} 2)

  And the request | requirement part 241 transmits the authentication information request | requirement containing the authentication information production | generation factor R produced | generated in this way to the server apparatus 100 (step S204). In this way, the request unit 241 requests the server device 100 to generate authentication information.

  And the authentication information generation part 142 of the server apparatus 100 receives the authentication information generation factor R from the terminal device 200 (step S205). Then, the authentication information generation unit 142 generates authentication information R (Pi) using the authentication information generation factor R and the individual image file Pi corresponding to the user of the terminal device 200 (step S206).

Specifically, the authentication information generation unit 142 refers to the user information storage unit 123 to acquire the individual image file Pi corresponding to the user identifier used at the time of authentication in step S201. Then, as shown in the following formula (3), the authentication information generation unit 142 performs the power operation with the authentication information generation factor R as the base and the power indicated by the numerical value indicated by the individual image file Pi as a power. ^Pi ”is obtained, and the remainder when the value“ R ^Pi ”is divided by the second value N is defined as authentication information R (Pi).

R (Pi) = R ^Pi mod N (3)

  Then, the authentication information generation unit 142 transmits the authentication information R (Pi) generated in this way to the terminal device 200 (step S207).

  Then, the determination unit 242 of the terminal device 200 receives the authentication information R (Pi) from the server device 100 (step S208). Subsequently, the determination unit 242 uses the authentication information R (Pi) received from the server device 100 and the verification information C (Pi) stored in the verification information storage unit 230 to determine the authentication information R (Pi). The validity is determined (step S209).

Specifically, as shown in the following formula (4), the determination unit 242 performs a power operation using the verification information C (Pi) as a base and the random number r generated in step S202 as a power. C (Pi) ^r ”is obtained, and a remainder when the value“ C (Pi) ^r ”is divided by the second value N is calculated. Then, the determination unit 242 stores the individual stored in the server device 100 based on whether or not the remainder calculated by the following equation (4) matches the authentication information R (Pi) received from the server device 100. The validity of the image file Pi is determined. In other words, the determination unit 242 determines completeness such as whether or not the individual image file Pi stored in the server device 100 has been tampered with.

C (Pi) ^r mod N (4)

  Here, the reason why the completeness of the individual image file Pi can be determined based on whether or not the authentication information R (Pi) matches the remainder obtained by the above equation (4) will be described. Generally, it is known that the following formula (5) holds as a mathematical law.

^{(G P mod N) r mod} N = (g r mod N) P mod N ··· (5)

(G ^P mod N) on the left side in the equation (5) corresponds to the verification information C (Pi) calculated by the equation (1). Therefore, the left side in the above formula (5) corresponds to the above formula (4). Also, the right side in the above equation (5) ^(g r mod N) corresponds to the authentication information generation factor R calculated by the equation (2). Therefore, the right side in the above equation (5) corresponds to the authentication information R (Pi) calculated by the above equation (3). That is, the value on the left side in the above equation (5) is the result of the above equation (4), and is calculated from the verification information C (Pi) held in advance by the terminal device 200. The value on the right side in the above formula (5) is authentication information R (Pi), and is calculated from the individual image file Pi held by the server device 100 when the terminal device 200 performs the determination process. For this reason, the determination unit 242 determines whether or not the individual image file Pi held in the server device 100 is based on whether or not the authentication information R (Pi) matches the remainder obtained by the above equation (4). It can be determined whether or not falsification or the like has been performed on the image.

  When the authentication information R (Pi) and the remainder obtained by the above equation (4) do not match (No at Step S209), the determination unit 242 determines whether the individual image is displayed between the previous stop of the virtual machine and the current time. It is determined that unauthorized tampering or the like has been performed on the file Pi and the activation of the virtual machine is stopped (step S210). At this time, the determination unit 242 may notify the server device 100 that there is a possibility that the individual image file Pi has been tampered with, or notify the user of the terminal device 200 or the like. Also good.

  On the other hand, when the authentication information R (Pi) and the remainder obtained by the above equation (4) match (Yes at Step S209), the determination unit 242 determines whether the virtual machine is stopped from the previous time until the current time. It is determined that unauthorized tampering or the like has not been performed on the individual image file Pi. In such a case, the virtual machine utilization unit 220 transmits a virtual machine activation instruction to the server apparatus 100 (step S211). Subsequently, since the determination process by the determination unit 242 is completed, the calculation unit 240 deletes the authentication information generation factor R generated in step S203 and the authentication information R (Pi) received in step S208 (step S212). .

  Then, the virtual machine execution unit 130 of the server device 100 receives a virtual machine activation instruction from the terminal device 200 (step S213). Subsequently, since the determination process by the terminal device 200 is completed, the calculation unit 140 deletes the authentication information generation factor R received in step S205 and the authentication information R (Pi) generated in step S206 (step S214). .

Then, the virtual machine execution unit 130 starts the virtual machine using the common image file H stored in the common data storage unit 121 and the individual image file Pi stored in the individual data storage unit 122 _i. (Step S215). As a result, the user of the terminal device 200 can activate the virtual machine on the server device 100 after confirming the integrity of the virtual machine image file stored in the server device 100.

  Here, as in the example illustrated in FIG. 4, the data distributed between the server device 100 and the terminal device 200 in the initial processing procedure in the network system 1 is a first value g or a second value that is a predetermined numerical value. Value N, and verification information C (Pi) that is a remainder. Further, as in the example shown in FIG. 5, the data distributed between the server device 100 and the terminal device 200 in the startup processing procedure in the network system 1 is the authentication information generation factor R or the authentication information R (Pi) that is a surplus. ). For this reason, in the network system 1 according to the first embodiment, the data transfer amount between the server device 100 and the terminal device 200 can be reduced, and as a result, the data transfer time can also be shortened.

  In the network system 1 according to the first embodiment, the verification information C (Pi) and the authentication information R (Pi) are not generated by using the entire image file used by each user, but by each user. Verification information C (Pi) and authentication information R (Pi) are generated using an individual image file that is a difference between the used image file and the common image file. Then, as shown in the above formulas (1) and (3), the individual image file Pi that is regarded as a binary number notation of a natural number is a power of a power calculation. In the network system 1 according to the first embodiment, by using the individual image file Pi instead of the entire image file, the power value in the power calculation can be reduced, so that the calculation for confirming the completeness is performed. It is possible to speed up the processing (calculation processing of formulas (1) and (3)).

  As described above, in the network system 1 according to the first embodiment, the data transfer amount for confirming the integrity of the file can be reduced, and the arithmetic processing for confirming the integrity can be speeded up. .

  Note that, after the virtual machine is activated, various update information for the image file is generated when the user uses the virtual machine. Here, it is assumed that the common image file H is read-only. That is, the virtual machine execution unit 130 writes various update information in the individual image file Pi.

[Stop processing procedure]
FIG. 6 is a sequence diagram illustrating a stop processing procedure by the network system 1 according to the first embodiment. As illustrated in FIG. 6, the virtual machine utilization unit 220 of the terminal device 200 transmits a virtual machine stop instruction to the server device 100 in accordance with an operation by the user (step S301).

  Then, the virtual machine execution unit 130 of the server device 100 receives a virtual machine stop instruction from the terminal device 200 (step S302). In such a case, the virtual machine execution unit 130 stops the virtual machine (step S303). As a result, the virtual machine execution unit 130 ends the process of writing various update information in the individual image file Pi and determines the individual image file (step S304). Here, the updated individual image file is referred to as an individual image file Pi + 1.

  Subsequently, the verification information generation unit 141 generates new verification information C (Pi + 1) using the updated individual image file Pi + 1 as shown in the following formula (6) (step S305).

C (Pi + 1) = g ^{Pi + 1} mod N (6)

  Subsequently, the verification information generation unit 141 transmits the verification information C (Pi + 1) generated in step S305 to the terminal device 200 (step S306).

  Then, the virtual machine using unit 220 of the terminal device 200 receives the verification information C (Pi + 1) from the server device 100 (step S307). At this time, the virtual machine using unit 220 updates the verification information C (Pi) stored in the verification information storage unit 230 to the verification information C (Pi + 1) received from the server device 100 (step S308).

  Subsequently, the virtual machine using unit 220 transmits the update result of the verification information to the server apparatus 100 (Step S309). Specifically, if the verification information C (Pi) stored in the verification information storage unit 230 can be updated to the verification information C (Pi + 1), the virtual machine usage unit 220 indicates that the update is successful. The update result is transmitted to the server apparatus 100. When the verification information C (Pi) cannot be updated to the verification information C (Pi + 1), an update result indicating that the update has failed is transmitted to the server apparatus 100.

  Then, the virtual machine execution unit 130 of the server device 100 receives the update result from the terminal device 200 (step S310). Then, the virtual machine execution unit 130 determines whether or not the update result received from the terminal device 200 indicates success (step S311).

At this time, if the update result indicates a successful update (Yes at step S311), the virtual machine execution unit 130 stores the updated individual image file Pi + 1 in the individual data storage unit 122 _{i + 1} and also the user of the terminal device 200 The individual identifier of the individual image file Pi stored in the user information storage unit 123 in association with the user identifier is updated to the individual identifier of the individual image file Pi + 1 (step S312). Subsequently, the virtual machine execution unit 130 deletes the individual image file Pi (step S313). That is, the virtual machine execution unit 130 deletes the individual data storage unit 122 _i .

  On the other hand, when the update result indicates that the update has failed (No in step S311), the virtual machine execution unit 130 deletes the individual image file Pi + 1 and rolls back the individual image file corresponding to the terminal device 200 individually. Return to the image file Pi (step S314). Finally, the virtual machine execution unit 130 deletes the verification information C (Pi + 1) generated in step S306 (step S315).

The above example has been described on the assumption that the individual image file Pi and the individual image file Pi + 1 exist as different files. However, when the virtual machine is used by the user, the virtual machine execution unit 130 may The file Pi may be updated as needed to generate the individual image file Pi + 1. At this time, the virtual machine execution unit 130, when the update result indicates update success (step S311: Yes), the individual image files Pi + 1 of the updated and remain stored in the individual data storage unit 122 _i, further user information storage The individual identifier of the individual image file Pi stored in the unit 123 may not be updated. The virtual machine execution unit 130, if the update result indicates update failure (step S311: No), the individual image files Pi by rolling back the individual image files Pi + 1 stored in the individual data storage unit 122 _i Only the process of returning to (2) may be performed (step S314).

[Effect of the first embodiment]
As described above, the network system 1 according to the first embodiment includes the server device 100 and the terminal device 200. The server device 100 includes a common data storage unit 121, a user information storage unit 123, a verification information generation unit 141, and an authentication information generation unit 142. The common data storage unit 121 stores a common image file (corresponding to an example of common data) used by a plurality of users. The user information storage unit 123 also associates an individual image file (an example of individual data) that is a difference between an image file used by the user and a common image file in association with a user identifier for identifying the user of the terminal device 200. Equivalent). Further, the verification information generation unit 141 generates verification information for verifying the individual image file using the individual image file. Further, when the authentication information generation unit 142 receives the authentication information generation factor from the terminal device 200, the authentication information generation unit 142 generates and generates authentication information using the authentication information generation factor and the individual image file corresponding to the terminal device 200. The authentication information is transmitted to the terminal device 200. Further, it includes a verification information storage unit 230, a request unit 241, and a determination unit 242. The verification information storage unit 230 stores the verification information generated by the verification information generation unit 141 of the server device 100. The request unit 241 requests the server device 100 to generate authentication information by transmitting a predetermined authentication information generation factor to the server device 100. The determination unit 242 determines the validity of the individual image file using the authentication information received from the server apparatus 100 as a response to the request from the request unit 241 and the verification information stored in the verification information storage unit 230.

  Thereby, the network system 1 according to the first embodiment generates verification information and authentication information using an individual image file that is a difference between an image file used by each user and a common image file. It is possible to reduce the load on the arithmetic processing such as the expressions (1) and (3), and as a result, it is possible to speed up the process of determining the integrity of the file.

  Further, in the network system 1 according to the first embodiment, the verification information generation unit 141 of the server device 100 causes the updated individual image to be updated when the individual image file stored in the user information storage unit 123 is updated. New verification information is generated using the file. In addition, the terminal device 200 updates the verification information stored in the verification information storage unit 230 to new verification information generated by the verification information generation unit 141.

  As a result, in the network system 1 according to the first embodiment, even if the image file is updated by using the virtual machine, the integrity of the updated image file can be confirmed. It becomes possible.

  Further, in the network system 1 according to the first embodiment, the server device 100 and the terminal device 200 transmit and receive a remainder to each other as shown in the above formulas (1) to (3), thereby Perform an integrity check. Thereby, the network system 1 according to the first embodiment can reduce the amount of data transfer between the server device 100 and the terminal device 200, and as a result, the data transfer time can also be shortened.

(Second Embodiment)
In the first embodiment, the example in which the terminal device 200 performs the image file integrity determination process has been described. However, the mobile terminal used by the user of the terminal device 200 may perform the integrity determination process. In the second embodiment, an example in which a mobile terminal performs an integrity determination process will be described. In addition, below, the detailed description is abbreviate | omitted as attaching | subjecting the same code | symbol to the site | part which has the function similar to the already shown component site | part.

[Network system configuration]
First, a network system according to the second embodiment will be described with reference to FIG. FIG. 7 is a diagram illustrating a configuration example of the network system 2 according to the second embodiment. The network system 2 illustrated in FIG. 7 includes a server device 300, a terminal device 400, and a mobile terminal 500. In the example illustrated in FIG. 7, the terminal device 400 and the mobile terminal 500 are used by the same user. The number of devices included in the network system 2 is not limited to the example illustrated in FIG. For example, the network system 2 may include two or more server devices 300, may include two or more terminal devices 400, and may include two or more mobile terminals 500. Also good.

[Configuration of server device]
As illustrated in FIG. 7, the server apparatus 300 according to the second embodiment includes a calculation unit 340 and an image generation unit 350. The calculation unit 340 includes a verification information generation unit 341 and an authentication information generation unit 342. The processing by the calculation unit 340 will be described later.

  The image generation unit 350 generates an image for specifying predetermined information. Specifically, the image generation unit 350 generates an image in which a one-dimensional code such as a barcode or a QR code (registered trademark), a two-dimensional code, or the like is drawn. The image generation unit 350 according to the second embodiment generates a two-dimensional code. The processing performed by the image generation unit 350 will be described later.

[Configuration of terminal device]
As illustrated in FIG. 7, the terminal device 400 according to the second embodiment includes a virtual machine utilization unit 420, a request unit 441, and a display unit 443. Processing by the virtual machine using unit 420 and the request unit 441 will be described later. The display unit 443 is a display device for displaying various information, and is, for example, a liquid crystal display device.

[Configuration of mobile terminal]
The mobile terminal 500 is, for example, a mobile phone or a PDA (Personal Digital Assistant). As shown in FIG. 7, the mobile terminal 500 includes a reading unit 510, a verification information storage unit 520, a display unit 530, and a calculation unit 540.

  The reading unit 510 reads a one-dimensional code or a two-dimensional code displayed on the liquid crystal display device, and generates information indicated by the read code. For example, the reading unit 510 is realized by a camera and a control circuit that controls the camera. The reading unit 510 can also read a one-dimensional code or a two-dimensional code printed on a paper medium or the like.

  The verification information storage unit 520 stores verification information generated by the server device 300. The verification information storage unit 520 has the same configuration as the verification information storage unit 230 shown in FIG. The display unit 530 is a display device for displaying various types of information, such as a liquid crystal display device. The calculation unit 540 includes a request unit 541 and a determination unit 542. The processing by the calculation unit 540 will be described later.

[Processing procedure by network system]
Next, a processing procedure performed by the network system 2 according to the second embodiment will be described with reference to FIGS. Hereinafter, as in the first embodiment, an initial process procedure, a startup process procedure, and a stop process procedure will be described in order.

[Initial processing procedure]
FIG. 8 is a sequence diagram showing an initial processing procedure by the network system 2 according to the second embodiment. As shown in FIG. 8, when the user of the terminal device 400 registers the image file of the virtual machine in the terminal device 400, first, user authentication is performed between the terminal device 400 and the server device 300 (step S401). Here, it is assumed that the virtual machine execution unit 130 of the server apparatus 300 determines that the authentication is successful.

  Subsequently, the calculation unit 340 of the server device 300 generates the first value g and the second value N as in the first embodiment (step S402). Subsequently, the image generation unit 350 generates an image in which a two-dimensional code for specifying the first value g and the second value N generated by the calculation unit 340 is drawn (step S403). Subsequently, the image generation unit 350 transmits an image in which the two-dimensional code generated in this way is rendered to the terminal device 400 (step S404). Hereinafter, an image in which a two-dimensional code for specifying predetermined information is drawn may be simply referred to as “two-dimensional code of predetermined information”.

  When the virtual machine utilization unit 420 of the terminal device 400 receives the two-dimensional code of the first value g and the second value N from the server device 300, the virtual machine utilization unit 420 performs display control of the received two-dimensional code on the display unit 443. (Step S405). Subsequently, the reading unit 510 of the mobile terminal 500 reads the two-dimensional code displayed on the display unit 443 of the terminal device 400 according to the operation by the user (step S406). At this time, the reading unit 510 generates a first value g and a second value N from the read two-dimensional code.

Subsequently, the virtual machine execution unit 130 of the server device 300 reads the common image file H from the common data storage unit 121 of the storage unit 120 (step S407). Subsequently, the virtual machine execution unit 130 uses the common image file H to generate an individual image file Pi that is used individually by the user of the terminal device 400 (step S408). At this time, the virtual machine execution unit 130 stores the individual image file Pi in the individual data storage unit 122 _i .

  Subsequently, the verification information generation unit 341 generates verification information C (Pi) from the individual image file Pi using the above formula (1) (step S409). Subsequently, the image generation unit 350 generates an image in which a two-dimensional code for specifying the verification information C (Pi) generated by the verification information generation unit 341 is drawn (step S410), and the generated verification information C The two-dimensional code (Pi) is transmitted to the terminal device 400 (step S411).

  Subsequently, the verification information generation unit 341 associates the first value g and the second value N generated in step S402 with the individual identifier of the individual image file Pi generated in step S408 in association with the user identifier of the terminal device 400. The identifier is registered in the user information storage unit 123 (step S412).

  Then, when receiving the two-dimensional code of the verification information C (Pi) from the server device 300, the virtual machine using unit 420 of the terminal device 400 controls the display of the received two-dimensional code on the display unit 443 (Step S413). .

  Subsequently, the reading unit 510 of the mobile terminal 500 reads the two-dimensional code of the verification information C (Pi) displayed on the display unit 443 of the terminal device 400 according to the operation by the user (step S414). At this time, the reading unit 510 generates verification information C (Pi) from the read two-dimensional code. Then, the reading unit 510 receives the first value g and the second value N generated from the two-dimensional code read in step S406, and the verification information C (Pi) generated from the two-dimensional code read in step S414. Registration is performed in the verification information storage unit 520 (step S415).

[Startup procedure]
FIG. 9 is a sequence diagram showing a startup processing procedure by the network system 2 according to the second embodiment. As illustrated in FIG. 9, when the user of the terminal device 400 activates a virtual machine on the server device 300, first, user authentication is performed between the terminal device 400 and the server device 300 (step S501).

  Subsequently, the request unit 541 of the mobile terminal 500 generates a predetermined random number r (step S502). Subsequently, the request unit 541 generates an authentication information generation factor R from the random number r using the above equation (2) (step S503). The request unit 541 controls display of the generated authentication information generation factor R on the display unit 530 (step S504).

  And the terminal device 400 receives the input of the authentication information generation factor R from the user of the mobile terminal 500 (step S505). For example, the user of the mobile terminal 500 inputs the authentication information generation factor R displayed on the display unit 530 to the terminal device 400 using an input unit (not shown) such as a keyboard or a mouse. And the request | requirement part 441 of the terminal device 400 transmits the authentication information production | generation factor R input from the user to the server apparatus 300 (step S506).

  Then, the authentication information generation unit 342 of the server device 300 receives the authentication information generation factor R from the terminal device 400 (step S507). Subsequently, the authentication information generation unit 342 generates authentication information R (Pi) from the authentication information generation factor R and the individual image file Pi corresponding to the terminal device 400 using the above formula (3) (step S508). .

  Subsequently, the image generation unit 350 generates a two-dimensional code of the authentication information R (Pi) generated by the authentication information generation unit 342 (Step S509). Subsequently, the image generation unit 350 transmits the two-dimensional code of the authentication information R (Pi) to the terminal device 400 (Step S510).

  When the virtual machine using unit 420 of the terminal device 400 receives the two-dimensional code of the authentication information R (Pi) from the server device 300, the virtual machine using unit 420 controls the display of the received two-dimensional code on the display unit 443 (Step S511). . Subsequently, the reading unit 510 of the mobile terminal 500 reads the two-dimensional code displayed on the display unit 443 of the terminal device 400 according to the operation by the user (step S512). At this time, the reading unit 510 generates authentication information R (Pi) from the read two-dimensional code.

  Then, the determination unit 542 of the mobile terminal 500 uses the authentication information R (Pi) read by the reading unit 510 and the verification information C (Pi) stored in the verification information storage unit 520 to use the authentication information. The validity of R (Pi) is determined (step S513). Such determination processing is the same as the processing shown in step S209 of FIG.

  Then, when the authentication information R (Pi) is not correct (No at Step S513), the determination unit 542 determines that unauthorized tampering or the like has been performed on the individual image file Pi since the virtual machine was previously stopped. The determination result is displayed on the display unit 530 (step S514). Thereby, the user of the mobile terminal 500 and the terminal device 400 can stop starting the virtual machine on the server device 300.

  On the other hand, if the authentication information R (Pi) is correct (Yes at step S513), the determination unit 542 determines that no unauthorized tampering or the like has been performed on the individual image file Pi since the virtual machine was previously stopped. Then, the determination result is displayed on the display unit 530 (step S515). Subsequently, since the determination process by the determination unit 542 is completed, the calculation unit 540 deletes the authentication information generation factor R generated in step S503 and the authentication information R (Pi) read in step S512 (step S516). .

  Then, the user of the mobile terminal 500 and the terminal device 400 determines that the virtual machine can be used on the server device 300 according to the display result displayed on the display unit 530. In such a case, the user inputs to the terminal device 400 to transmit an activation instruction to the server device 300 (step S517). Then, the virtual machine utilization unit 420 of the terminal device 400 transmits a virtual machine activation instruction to the server device 300 in accordance with an operation by the user (step S518).

  Then, the virtual machine execution unit 130 of the server device 300 receives a virtual machine activation instruction from the terminal device 400 (step S519). Subsequently, since the determination process by the terminal device 400 is completed, the calculation unit 340 deletes the authentication information generation factor R received in step S507 and the authentication information R (Pi) generated in step S508 (step S520). .

Then, the virtual machine execution unit 130 starts the virtual machine using the common image file H stored in the common data storage unit 121 and the individual image file Pi stored in the individual data storage unit 122 _i. (Step S521). As a result, the user of the terminal device 400 can activate the virtual machine on the server device 300 after confirming the integrity of the virtual machine image file stored in the server device 300.

[Stop processing procedure]
FIG. 10 is a sequence diagram illustrating a stop processing procedure by the network system 2 according to the second embodiment. As illustrated in FIG. 10, the virtual machine utilization unit 420 of the terminal device 400 transmits a virtual machine stop instruction to the server device 300 in accordance with an operation by the user (step S601).

  Then, the virtual machine execution unit 130 of the server device 300 receives a virtual machine stop instruction from the terminal device 400 (step S602). In such a case, the virtual machine execution unit 130 stops the virtual machine (step S603). As a result, the virtual machine execution unit 130 ends the process of writing various pieces of update information in the individual image file Pi, and determines the individual image file (step S604). Here, the updated individual image file is referred to as an individual image file Pi + 1.

  Subsequently, the verification information generation unit 341 generates new verification information C (Pi + 1) from the updated individual image file Pi + 1 using the above formula (6) (step S605). The image generation unit 350 generates an image in which a two-dimensional code for specifying the verification information C (Pi + 1) generated by the verification information generation unit 341 is drawn (step S606), and the generated verification information C (Pi + 1) The two-dimensional code is transmitted to the terminal device 400 (step S607).

  When the virtual machine utilization unit 420 of the terminal device 400 receives the two-dimensional code of the verification information C (Pi + 1) from the server device 300, the virtual machine utilization unit 420 controls the display of the received two-dimensional code on the display unit 443 (step S608). .

  Subsequently, the reading unit 510 of the mobile terminal 500 reads the two-dimensional code of the verification information C (Pi + 1) displayed on the display unit 443 of the terminal device 400 according to the operation by the user (step S609). At this time, the reading unit 510 generates verification information C (Pi + 1) from the read two-dimensional code. Then, the reading unit 510 updates the verification information C (Pi) stored in the verification information storage unit 520 to the verification information C (Pi + 1) generated from the two-dimensional code read in step S609 (step S610). Then, the reading unit 510 displays the update result of the verification information on the display unit 530 (step S611).

  Then, the user of the mobile terminal 500 and the terminal device 400 inputs the update result of the verification information displayed on the display unit 530 to the terminal device 400 (Step S612). Then, the virtual machine utilization unit 420 of the terminal device 400 transmits the verification information update result to the server device 300 according to the operation by the user (step S613).

  Then, the virtual machine execution unit 130 of the server device 300 receives the update result from the terminal device 400 (step S614). Subsequently, the virtual machine execution unit 130 determines whether or not the update result received from the terminal device 400 indicates success (step S615). The subsequent processing procedures in steps S615 to S619 are the same as the processing procedures in steps S311 to S315 shown in FIG.

[Effects of Second Embodiment]
As described above, in the network system 2 according to the second embodiment, the mobile terminal 500 holds the verification information and determines the integrity of the individual image file. As a result, the user holding the mobile terminal 500 can use the virtual machine on the server device 300 in any terminal device 400. For example, when a user uses a virtual machine on the server apparatus 300 from a home PC, the user performs the integrity determination process using the mobile terminal 500 and the home PC, and then moves the virtual machine from the home PC. Can be used. Further, even when the user uses a virtual machine on the server device 300 from a company PC, the user performs the integrity determination process using the mobile terminal 500 and the company PC, and then uses the PC from the company PC. Virtual machines can be used.

  In the network system 2 according to the second embodiment, the server device 300 generates a two-dimensional code that can be read by the mobile terminal 500. Thereby, the user can easily store verification information and authentication information in the mobile terminal 500.

(Third embodiment)
The network systems 1 and 2 described above may be implemented in various different forms other than the above embodiment. Therefore, in the third embodiment, another embodiment of the network systems 1 and 2 will be described.

[Data to be judged]
In the above embodiment, the example of determining the integrity of the image file of the virtual machine has been described. However, the network systems 1 and 2 described above can also be applied to the case of determining the integrity of not only the image file but also other data (such as a file). For example, when the file server holds various data of each user, the file server uses individual data obtained by excluding common data common to a plurality of users from data used by each user, etc. By generating, it is possible to realize processing similar to the integrity determination processing in the above embodiment.

[Common image file]
In the above embodiment, an example in which the storage unit 120 has one common data storage unit 121 is shown, but the storage unit 120 may store a plurality of common image files. For example, the storage unit 120 may store the common image file F1 corresponding to the predetermined user group G1 and the common image file F2 corresponding to the predetermined user group G2. Then, the virtual machine execution unit 130 generates an individual image file using a common image file corresponding to the user group to which each user belongs.

[Initial processing]
Moreover, in the said embodiment, as shown in FIG.4 and FIG.8, the example which transmits 1st value, 2nd value, and verification information to the terminal device 200 or the mobile terminal 500 from the server apparatus side was shown. . However, the medium in which the first value, the second value, and the verification information are stored may be delivered to the user by mail or the like.

[Second value N]
In the above embodiment, the calculation units 140 and 340 may set the “second value N” used for the divisor in the remainder calculation to a value that is difficult to factorize. Thereby, it becomes difficult to predict the surplus and the safety can be improved.

[System configuration]
In addition, among the processes described in the above embodiment, all or part of the processes described as being automatically performed can be performed manually, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedures, specific names, and information including various data and parameters shown in the document and drawings can be arbitrarily changed unless otherwise specified.

  For example, in the second embodiment, the mobile terminal 500 and the terminal device 400 may send and receive various types of information by mail transmission or the like. For example, the mobile terminal 500 may transmit the authentication information generation factor R to the terminal device 400 by e-mail in step S504 of FIG. At this time, the terminal device 400 transmits the authentication information generation factor R received from the mobile terminal 500 to the server device 300.

  Further, each component of each illustrated apparatus is functionally conceptual, and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured.

  For example, in the example illustrated in FIG. 1, the terminal device 200 includes the calculation unit 240 separately from the virtual machine use unit 220, but the virtual machine use unit 220 may include the calculation unit 240. Similarly, the virtual machine usage unit 420 illustrated in FIG. 7 may include a request unit 441.

[program]
In addition, it is possible to create a program in which processing executed by the server devices 100 and 300 and the terminal devices 200 and 400 described in the above embodiment is described in a language that can be executed by a computer. For example, an authentication program in which processing executed by the server device 100 is described in a language that can be executed by a computer can be created. In this case, when the computer executes the authentication program, the same effect as in the above embodiment can be obtained. Furthermore, the authentication program may be recorded on a computer-readable recording medium, and the authentication program recorded on the recording medium may be read by the computer and executed to execute the same processing as in the above embodiment. Hereinafter, as an example, an example of a computer that executes an authentication program that realizes the same function as that of the server apparatus 100 illustrated in FIG. 1 will be described.

  FIG. 11 is a diagram illustrating a computer 1000 that executes an authentication program. As illustrated in FIG. 11, the computer 1000 includes, for example, a memory 1010, a CPU 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface 1070. These units are connected by a bus 1080.

  The memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM 1012 as illustrated in FIG. The ROM 1011 stores a boot program such as BIOS (Basic Input Output System). The hard disk drive interface 1030 is connected to the hard disk drive 1031 as illustrated in FIG. The disk drive interface 1040 is connected to the disk drive 1041 as illustrated in FIG. For example, a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive. The serial port interface 1050 is connected to a mouse 1051 and a keyboard 1052, for example, as illustrated in FIG. The video adapter 1060 is connected to a display 1061, for example, as illustrated in FIG.

  Here, as illustrated in FIG. 11, the hard disk drive 1031 stores, for example, an OS 1091, an application program 1092, a program module 1093, and program data 1094. That is, the above authentication program is stored in, for example, the hard disk drive 1031 as a program module in which a command to be executed by the computer 1000 is described. For example, a virtual machine execution procedure for executing information processing similar to the virtual machine execution unit 130 illustrated in FIG. 1, a verification information generation procedure for executing information processing similar to the verification information generation unit 141, and an authentication information generation unit 142 The hard disk drive 1031 stores a program module 1093 in which an authentication information generation procedure for executing the same information processing as described above is described.

  Various data held by the storage unit 120 described in the above embodiment is stored as program data in, for example, the memory 1010 or the hard disk drive 1031. Then, the CPU 1020 reads the program module 1093 and program data 1094 stored in the memory 1010 and the hard disk drive 1031 to the RAM 1012 as necessary, and executes a virtual machine execution procedure, a verification information generation procedure, and an authentication information generation procedure.

  Note that the program module 1093 and the program data 1094 related to the authentication program are not limited to being stored in the hard disk drive 1031, but may be stored in, for example, a removable storage medium and read out by the CPU 1020 via the disk drive or the like. Good. Alternatively, the program module 1093 and the program data 1094 related to the authentication program are stored in another computer connected via a network (LAN (Local Area Network), WAN (Wide Area Network), etc.), and via the network interface 1070. May be read by the CPU 1020.

DESCRIPTION OF SYMBOLS 1 Network system 100 Server apparatus 120 Storage part 121 Common data storage part 122 Individual data storage part 123 User information storage part 130 Virtual machine execution part 140 Calculation part 141 Verification information generation part 142 Authentication information generation part 200 Terminal apparatus 210 Communication part 220 Virtual Machine utilization unit 230 Verification information storage unit 240 Calculation unit 241 Request unit 242 Determination unit 500 Mobile terminal 510 Reading unit 520 Verification information storage unit 530 Display unit 540 Calculation unit 541 Request unit 542 Determination unit

Claims (4)

A network system including a server device, a terminal device, and a mobile terminal,
The server device
A common data storage unit for storing common data used by a plurality of users;
A user information storage unit for storing individual data that is a difference between data used by the user of the terminal device and the common data in association with a user identifier for identifying the user of the terminal device;
Using the individual data, a verification information generation unit that generates verification information for verifying the individual data;
When an authentication information generation factor that is a generation source of authentication information is received from the terminal device, authentication information is generated using the authentication information generation factor and individual data corresponding to the terminal device, and the generated authentication information is An authentication information generation unit to be transmitted to the terminal device,
The terminal device
A request unit that requests the server device to generate authentication information by transmitting a predetermined authentication information generation factor to the server device;
The mobile terminal is
A verification information storage unit that stores verification information generated by the verification information generation unit;
A determination unit that determines the validity of the individual data using authentication information received by the terminal device from the server device as a response to the request by the request unit and verification information stored in the verification information storage unit And a network system characterized by comprising: The server device
An image generation unit that generates an authentication information image that is an image for identifying the authentication information generated by the authentication information generation unit, and transmits the generated authentication information image to the terminal device;
The terminal device
A display unit for displaying the authentication information image received from the image generation unit;
The mobile terminal is
A reading unit that reads the authentication information image displayed on the display unit and generates the authentication information based on the read authentication information image;
The determination unit
Network system according to claim 1 with said verification information and the authentication information generated by the reading unit, wherein the determining the validity of the individual data. The image generation unit
Generating a verification information image that is an image for specifying the verification information generated by the verification information generation unit, and transmitting the generated verification information image to the terminal device;
The display unit
Display the verification information image received from the image generation unit,
The reading unit is
Generate the verification information based on the authentication information image read from the displayed verification information image on the display unit, according the generated verification information to Claim 2, characterized in that stored in the verification information storage unit Network system. A determination method executed by a network system including a server device, a terminal device, and a mobile terminal ,
The server device is
A verification information generating step of generating verification information for verifying the individual data using individual data that is a difference between data used by the user of the terminal device and common data used by a plurality of users; Including
It said terminal device,
By transmitting the authentication information generation factor comprising a generator of Jo Tokoro authentication information to the server apparatus, it includes a more requests Engineering for requesting generation of the authentication information to the server apparatus,
The server device is
Authentication that generates authentication information using the authentication information generation factor and individual data corresponding to the terminal device when the authentication information generation factor is received from the terminal device, and transmits the generated authentication information to the terminal device Including an information generation process,
The mobile terminal is
A storage step of storing the verification information generated in the verification information generation step in the verification information storage unit;
A determination step of determining the validity of the individual data using authentication information received by the terminal device from the server device as a response to the request in the request step and verification information stored in the verification information storage unit The determination method characterized by including.

Images