JPH064480A - Security checking system - Google Patents

Abstract

PURPOSE:To improve the responsiveness of checking, to reduce line traffic, to shorten holding time and to reduce the loads on a center by preventing the concentration of a security checking function at the center. CONSTITUTION:Card information and a password obtained from a card reader (a) and a keyboard (b) by a card information obtaining part 1 on the terminal side are sent from a card information checking request part 2 to an user qualification checking part 5 on the center side to be collated with a card information data base (g) and the user qualification is checked. An operation extraction part 10 extracts the accessable operation of a pertinent card ID from a system providing operation data base (h) to be down-loaded on the terminal side. An operation information preparation part 8 on the terminal side stores the operation at an usable operation data base (i). When an user selects a requesting operation from an operation menu on a screen at an operation selection part 3, a selected operation checking part 9 checks an access right by collating the operation with the usable operation data base (i), the approved operation is requested from an operation request part 4 to the center side and an operation starting part 7 is started.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a security check method, and more particularly to a security check method in a computer system including a host computer and a plurality of terminals.

[0002]

2. Description of the Related Art In a conventional security check method for a computer system including a host computer and a plurality of terminals, all checks are performed using an application program in the host computer on the center side.

An example of a conventional security check method will be described in detail below with reference to the drawings. FIG. 3 is a functional block diagram showing the configuration of the main part of the conventional security check method, and FIG. 4 is a block diagram showing the device configuration of the system.

The equipment configuration of the computer system is shown in FIG.
As shown in, the terminal T'has a card reader a and a keyboard b as input devices for the central processing unit c ', which are used for inputting ID card information, password and selecting menu screen. On the other hand, the center M ′ has a host computer f ′ that performs each business process and security check process, a card information database g in which card information (card ID etc.) and a password are registered,
Business security information provided by Center M '(Job I
D and an access right of the business) are registered in the system providing business database h. The terminal T ′ and the center M ′ are connected via modems e and f and public telephone lines to form a nationwide network.

Next, the security check method of FIG. 3 will be described in detail. The security check method of FIG. 3 is roughly divided into processing by the terminal side AP in the central processing unit c ′ of the terminal T ′ and processing by the center side AP in the host computer f ′ of the center M ′.

The terminal side AP has a card information acquisition unit 1 for inputting card information and a password from a card reader a and a keyboard b, and a card for requesting the center side to check whether the card user is the person based on the input information. An information check request unit 2, a work selection unit 3 that displays a work menu on the screen to prompt the user to select a requested work, and a work request unit that requests the center side to start the work selected by the work selection unit 3. 4 and.

On the other hand, the center side AP receives a request from the card information check request unit 2 and checks whether the card information and password are the same as those registered in the card information database g to check the usage qualification. The user qualification checking unit 5a to be performed and the business access right in the card information at the request of the business requesting unit 4 are collated with the access right of the business registered in the system-provided business database h, and the activation request is made. It is composed of a requested job check unit 6 that checks whether the job is accessible by the ID card holder, and a job start unit 7a that actually starts the job whose use is approved by the requested job check unit 6. Has been done. The check results of the user qualification check unit 5a and the requested work check unit 6 are returned to the terminal side.

[0008]

However, the above-mentioned conventional security check method is a method in which all checks are performed by the host computer on the center side, so if the center side does not actually request the work, There is a drawback that the terminal side cannot be aware of whether or not it can access the business. Further, there is a problem that the response is poor until the result of checking whether or not the business is accessible is obtained, the line holding time is increased, the line traffic is increased due to the extra line connection, and the center load is increased.

It is an object of the present invention to provide a security check system capable of improving response and reducing center load and traffic by performing a part of the security check conventionally performed on the center side by a terminal. is there.

[0010]

The security of the present invention
The check method is, in a center having a host computer, a card information database in which card IDs and passwords of user cards are registered, and a system providing business database in which accessible card IDs corresponding to system providing business are registered. , A user qualification check unit for checking the user qualification by comparing the card ID and password transferred from the terminal with the card information database, and the card ID confirmed by this user qualification check unit
A terminal that uses a center, including a business information extraction unit that searches the system-provided business database with the above to extract accessible business that can be downloaded and downloads to the terminal, and a business activation unit that activates the business provided by the terminal In addition, the card information acquisition unit that acquires the password and the card ID of the user card, the card information check request unit that transfers the acquired card ID and password to the center, and requests the confirmation of the usage qualification, and the information downloaded from the center. Business information creation unit that correlates the business information provided by the system with the card ID and stores it in the available business database, and the business that displays the business menu on the screen and prompts the user who has confirmed the usage qualification to select the business requested to the center Check whether the selection part and the work selected by this work selection part are registered in the available work database. And selecting operational check unit for checking the access rights for requesting business, it is configured to include a operation request unit for requesting the confirmed business check result access to the center.

[0011]

Embodiments of the present invention will now be described with reference to the drawings.

FIG. 1 is a functional block diagram showing a configuration of a main part of an embodiment of the present invention, and FIG. 2 is a block diagram showing a device configuration of the entire system.

As shown in FIG. 2, the device configuration of this embodiment is composed of a center M and a terminal T. In addition to the card reader a and the keyboard b as an input device for the central processing unit c, the terminal T has It has an available business database i that stores accessible business information of each ID card downloaded from the center M. On the other hand, the center M includes a host computer f, a card information database g,
It is composed of a system providing business database h.

The security check method of FIG. 1 is divided into a process at the terminal side AP by the central processing unit c and a process at the center side AP by the host computer f.
The terminal side AP is a card information acquisition unit 1 for inputting card information and a password from a card reader a and a keyboard b.
From the input information, the card information check request unit 2 that requests the center side to check whether the card user is who he / she is, and the system-provided business information downloaded from the business extraction unit 10 of the center-side AP, to the terminal T. The work information creation unit 8 that accumulates in the available work database i, the work selection unit 3 that displays the work menu on the terminal screen and prompts the user to select the requested work, and the work selected by the work selection unit 3 can be used. A selected job check unit 9 that checks whether or not it is registered in the job database i and checks the access right of the selected job by the ID card, and a job request unit that requests the center to request the job whose usage is approved as a result of the check. Four
It consists of and.

On the other hand, the center side AP, upon receiving the request from the card information check request unit 2, checks whether the card information and the password are the same as those registered in the card information database g and checks the usage qualification. A user qualification check unit 5 and a business information extraction unit that extracts all the businesses accessible to the card holder from the system-provided business database h and downloads the extracted information to the business information creation unit 8 of the terminal side AP. 10 and a work starting unit 7 that actually starts the requested work.

As described above, by adding the business information extracting unit 10 and the business information creating unit 8 and storing the accessible business information in the available business database i, it is possible to recognize the accessible business in the terminal. This becomes possible, and by adding the selected job check unit 9, the same function as that performed by the requested job check unit 6 of the conventional center is realized on the terminal side. In the above description of the specific example, each functional block shown in FIG. 1 may be realized by hardware, firmware or software, or a combination thereof. Needless to say.

[0017]

As described above, according to the security check method of the present invention, the security check conventionally performed on the side of the center is disassembled and the usable business database is added to the terminal to improve the response and the center. It is effective in reducing load, reducing line traffic, and reducing line hold time.

[Brief description of drawings]

FIG. 1 is a functional block diagram showing a configuration of a main part of an embodiment of the present invention.

FIG. 2 is a block diagram showing a device configuration of the entire system according to an exemplary embodiment of the present invention.

FIG. 3 is a functional block diagram of a main part of a conventional security check method.

FIG. 4 is a block diagram showing a device configuration of a conventional security check system.

[Explanation of symbols]

 1 information acquisition section 2 card information check request section 3 business selection section 4 business request section 5 user qualification check section 6 requested business check section 7 business activation section 8 business information creation section 9 selected business check section 10 business information extraction section M, M'center T, T 'terminal a card reader b keyboard c, c' central processing unit d, e modem f, f 'host computer g card information database h system provision business database i available business database

Claims (1)

[Claims] 1. A center having a host computer,
A card information database in which card IDs and passwords of user cards are registered, a system providing business database in which accessible card IDs corresponding to system providing business are registered, and card IDs and passwords transferred from terminals And the user qualification check unit for checking the user qualification by checking the above with the card information database, and the system providing work database is searched with the card ID confirmed by this user qualification checking unit to extract accessible providing works. A card information acquisition unit that includes a business information extraction unit that downloads to the terminal and a business activation unit that activates the provided business requested by the terminal, and acquires the password and the card ID of the user card from the terminal that uses the center. Department, and transfer the acquired card ID and password to the center Card information check request unit that requests authorization, a business information creation unit that correlates the business information provided by the system downloaded from the center with the card ID in the available business database, and a business menu displayed on the screen A job selection unit that prompts the confirmed user to select a requested job to the center, and whether the job selected by this job selection unit is registered in the available job database, and the access right to the requested job is checked. A security check method characterized by comprising a selected job check unit and a job request unit for requesting the center to perform a job whose access right is confirmed as a result of the check.