WO2013153601A1 - Authentication program and authentication method - Google Patents

Authentication program and authentication method Download PDF

Info

Publication number
WO2013153601A1
WO2013153601A1 PCT/JP2012/059701 JP2012059701W WO2013153601A1 WO 2013153601 A1 WO2013153601 A1 WO 2013153601A1 JP 2012059701 W JP2012059701 W JP 2012059701W WO 2013153601 A1 WO2013153601 A1 WO 2013153601A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
information
computer
unit
device information
Prior art date
Application number
PCT/JP2012/059701
Other languages
French (fr)
Japanese (ja)
Inventor
那由他 石井
泰大 山本
恭平 倉世古
拓嗣 島田
Original Assignee
株式会社Synclogue
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Synclogue filed Critical 株式会社Synclogue
Priority to PCT/JP2012/059701 priority Critical patent/WO2013153601A1/en
Publication of WO2013153601A1 publication Critical patent/WO2013153601A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs

Definitions

  • the present invention relates to an authentication program and an authentication method.
  • the authentication information input method includes, for example, reading from a non-contact IC card in which authentication information is recorded, and reading a fingerprint or vein pattern used as authentication information.
  • Patent Document 1 discloses a system for performing authentication by transmitting fingerprint data read by a fingerprint reading unit to a fingerprint management server.
  • the general authentication information input method described above requires a dedicated device for inputting authentication information, such as a non-contact IC card reader or a fingerprint authentication device.
  • an object of the present invention is to enable authentication information to be input without using a dedicated device.
  • An authentication program includes an authentication information storage unit that stores authentication information for using a second computer, a first computer having a sensor that reads an image, and device information about the second computer.
  • An image reading unit that reads a device information image including a sensor, and an authentication information transmission unit that transmits authentication information to a third computer to use the second computer based on the reading result of the device information image It is for making it happen.
  • an authentication program comprising: an authentication server configured to acquire device information about a second computer read by a sensor from a first computer having a sensor that reads an image; and the second computer.
  • An authentication information receiving unit that receives authentication information for use, instruction information transmission that transmits to the second computer instruction information that instructs the second computer to execute a predetermined process based on the apparatus information and the authentication information It is for functioning as a part.
  • a first computer having a sensor for reading an image stores authentication information for using the second computer in an authentication information storage unit, and the second computer relates to the second computer.
  • a device information image including device information is read using a sensor, and authentication information is transmitted to the third computer in order to use the second computer based on the reading result of the device information image.
  • the authentication server obtains device information related to the second computer read by the sensor from the first computer having a sensor for reading an image, and the second computer. Authentication information to be used is received, and based on the device information and the authentication information, instruction information for instructing the second computer to execute a predetermined process is transmitted to the second computer.
  • the “unit” does not simply mean a physical means, but includes a case where the function of the “unit” is realized by software. Also, even if the functions of one “unit” or device are realized by two or more physical means or devices, the functions of two or more “units” or devices are realized by one physical means or device. May be.
  • authentication information can be input without using a dedicated device.
  • FIG. 1 is a diagram illustrating a configuration example of an authentication system according to the first embodiment.
  • the authentication system includes a personal computer (PC) 10, a mobile terminal 12, and an authentication server 14.
  • the PC 10 is an information processing apparatus used by a user. As shown in FIG. 1, the PC 10 can display a QR code (registered trademark) 20.
  • the QR code (registered trademark) 20 is an image (device information image) including device information that is information about the PC 10.
  • the device information includes, for example, the computer name of the PC 10.
  • the QR code (registered trademark) 20 including the device information of the PC 10 may be printed in advance.
  • the printed QR code (registered trademark) 20 may be attached to a display of the PC 10 or a housing of the PC 10, for example.
  • the PC 10 requires user authentication when executing a predetermined process, for example, when logging in or starting an application.
  • the authentication system shown in FIG. 1 can perform user authentication without using a dedicated device such as a non-contact IC card reader or a fingerprint authentication device connected to the PC 10.
  • the portable terminal 12 is a portable information processing apparatus possessed by a user using the PC 10, such as a smartphone or a tablet terminal.
  • the mobile terminal 12 includes a camera 30 that is a sensor for reading the QR code (registered trademark) 20.
  • the portable terminal 12 can acquire device information of the PC 10 by reading and analyzing the QR code (registered trademark) 20 with the camera 30.
  • the mobile terminal 12 stores authentication information for the user to use the PC 10.
  • the authentication information is information such as a user ID, a password, and an e-mail address.
  • the mobile terminal 12 can be connected to the Internet via, for example, a mobile phone base station (BS). And the portable terminal 12 can transmit the apparatus information obtained from the QR code (registered trademark) 20 to the authentication server 14 together with the authentication information.
  • BS mobile phone base station
  • the authentication server 14 is an information processing apparatus that performs authentication processing.
  • the authentication server 14 can execute an authentication process based on device information and authentication information received from the mobile terminal 12. For example, when the user authentication can be normally performed, the authentication server 14 can transmit instruction information for causing the PC 10 to execute a predetermined process to the PC 10 via the network.
  • the IP (Internet Protocol) address of the PC 10 may be a private address. Therefore, in order for the authentication server 14 to transmit the instruction information to the PC 10, for example, a global address of a router to which the PC 10 is connected and a port number for accessing the PC 10 via the router may be required.
  • the authentication server 14 may transmit the instruction information to the PC 10 using the global address and port number included in the device information. it can.
  • the PC 10 can register information for associating a global address and a port number necessary for accessing the PC 10 with the computer name of the PC 10 in the DNS server.
  • the authentication server 14 can transmit the instruction information to the PC 10 by acquiring the computer name of the PC 10 from the device information of the PC 10 and acquiring the global address and port number corresponding to the computer name.
  • the PC 10 that has received the instruction information from the authentication server 14 can execute a login process for the user to use the PC 10 or a specific application activation process in accordance with the instruction information.
  • a login process for the user to use the PC 10 or a specific application activation process in accordance with the instruction information.
  • FIG. 2 is a block diagram illustrating an example of functional units constituting the PC 10.
  • the PC 10 includes a device information storage unit 50, an authentication information storage unit 52, a device information image generation unit 54, a device information image display unit 56, an authentication server communication unit 58, an instruction information reception unit 60, and an instruction.
  • An information processing unit 62 is included.
  • Each unit constituting the PC 10 is realized by using a storage area such as a memory or a storage device, a processor executing a program stored in the storage area, or using various devices for input / output and communication. be able to.
  • the device information storage unit 50 stores device information of the PC 10.
  • the device information is information for identifying the PC 10 in the authentication server 14, and may include a computer name, for example. Further, information necessary for transmitting the instruction information from the authentication server 14 to the PC 10 may be included in the device information.
  • the device information may include the IP address of the PC 10.
  • the device information may include a global address of a router to which the PC 10 is connected and a port number for accessing the PC 10 via the router. If the global address of the router is not fixed, the PC 10 can have a function of acquiring the global address of the router and storing it in the device information storage unit 50.
  • the authentication information storage unit 52 stores authentication information of a user who uses the PC 10.
  • the authentication information includes, for example, a user ID and a password.
  • the PC 10 can perform user authentication based on this authentication information.
  • the device information image generation unit 54 generates a QR code (registered trademark) 20 (device information image) including device information based on the device information stored in the device information storage unit 50.
  • a QR code (registered trademark) 20 (device information image) including device information based on the device information stored in the device information storage unit 50.
  • the QR code (registered trademark) 20 generated outside the PC 10 may be stored in the PC 10.
  • the PC 10 may acquire a QR code (registered trademark) 20 including device information of the PC 10 from an external device such as the authentication server 14.
  • the device information image display unit 56 displays the QR code (registered trademark) 20 generated by the device information image generation unit 54 on the display of the PC 10.
  • the device information image display unit 56 can display the QR code (registered trademark) 20 on a screen for logging in to the PC 10.
  • the device information image display unit 56 may display the QR code (registered trademark) 20 in the desktop area displayed after logging in to the PC 10.
  • the device information image display unit 56 may display the QR code (registered trademark) 20 on the screen of an application executed on the PC 10.
  • the authentication server communication unit 58 can communicate with the authentication server 14. For example, the authentication server communication unit 58 can transmit a communication establishment request to the authentication server 14. When communication is established by this request, the authentication server 14 can recognize a global address and a port number for transmitting information to the PC 10.
  • the communication establishment between the PC 10 and the authentication server 14 can be performed at an arbitrary timing before the authentication server 14 transmits the instruction information to the PC 10. For example, communication may be established in a state where login to the PC 10 is not performed. If the authentication server 14 does not need to recognize in advance the global address and port number for transmitting information to the PC 10, the PC 10 may not include the authentication server communication unit 58.
  • the instruction information receiving unit 60 receives instruction information from the authentication server 14.
  • the instruction information processing unit 62 executes processing according to the received instruction information.
  • the instruction information processing unit 62 can execute a user login process in accordance with the instruction information.
  • the instruction information can include authentication information.
  • the instruction information processing unit 62 can execute a login process for the user to use the PC 10 using the authentication information included in the instruction information.
  • the authentication information included in the instruction information is a user ID
  • the instruction information processing unit 62 can log in the user with the user ID.
  • the instruction information processing unit 62 refers to the authentication information storage unit 52 and executes an authentication process using the received user ID and password. May be.
  • the process executed by the instruction information processing unit 62 is not limited to the login process, and may be an arbitrary process.
  • the instruction information processing unit 62 may start an application according to the instruction information.
  • the application to be activated may be determined in advance, or information indicating the application to be activated may be included in the instruction information.
  • the instruction information processing unit 62 may execute a predetermined process according to the instruction information in the activated application.
  • FIG. 3 is a block diagram illustrating an example of functional units constituting the mobile terminal 12.
  • the mobile terminal 12 includes an authentication information storage unit 70, an image reading unit 72, a device information image storage unit 74, a device information image analysis unit 76, and an authentication information transmission unit 78.
  • Each unit constituting the mobile terminal 12 uses a storage area such as a memory or a storage device, a processor executes a program stored in the storage area, or uses various devices for input / output and communication Can be realized.
  • the authentication information storage unit 70 stores authentication information of a user who uses the PC 10.
  • the authentication information includes, for example, a user ID and a password.
  • the authentication information may be stored in advance in the authentication information storage unit 70 or may be input from the user at the mobile terminal 12 when an authentication process using the mobile terminal 12 is executed.
  • the image reading unit 72 reads the QR code (registered trademark) 20 using the camera 30 and stores it in the device information image storage unit 74.
  • the device information image analysis unit 76 analyzes the QR code (registered trademark) 20 stored in the device information image storage unit 74 and extracts the device information included in the QR code (registered trademark) 20.
  • the authentication information transmission unit 78 transmits the authentication information stored in the authentication information storage unit 70 to the authentication server 14 together with the device information extracted by the device information image analysis unit 76.
  • the authentication information transmitting unit 78 can receive an authentication result based on the authentication information from the authentication server 14 after transmitting the authentication information to the authentication server 14. Note that the authentication result may be transmitted from the authentication server 14 only when the authentication fails.
  • the authentication information transmission part 78 is good also as displaying an authentication result on a display, when an authentication result is received from the authentication server 14. FIG. When the authentication result received from the authentication server 14 indicates that the authentication has failed, the authentication information transmitting unit 78 may output a message that prompts the user to re-enter the authentication information.
  • FIG. 4 is a block diagram illustrating an example of functional units constituting the authentication server 14.
  • the authentication server 14 includes an authentication database 90, a PC communication unit 92, an authentication information receiving unit 94, an authentication processing unit 96, and an instruction information transmitting unit 98.
  • Each unit constituting the authentication server 14 uses a storage area such as a memory or a storage device, a processor executes a program stored in the storage area, or uses various devices for input / output and communication. Can be realized.
  • the authentication database 90 stores information necessary for executing the authentication process based on the device information and the authentication information received from the mobile terminal 12.
  • FIG. 5 is a diagram illustrating an example of the configuration of the authentication database. As shown in FIG. 5, for example, the authentication database can store device information and authentication information in association with each other.
  • the device information and authentication information received from the mobile terminal 12 need not be completely the same as the device information and authentication information stored in the authentication database.
  • the device information stored in the authentication database 90 may include information that is not included in the device information received from the mobile terminal 12.
  • the device information received from the mobile terminal 12 may include information that is not included in the device information stored in the authentication database 90.
  • the device information received from the mobile terminal 12 includes a global address or port number for accessing the PC 10 in addition to the computer name of the PC 10
  • the device stored in the authentication database 90 The information may not include a global address or a port number.
  • the PC communication unit 92 can communicate with the PC 10.
  • the PC communication unit 92 can establish communication with the PC 10 in response to a request from the authentication server communication unit 58 of the PC 10.
  • the PC communication unit 92 can recognize a global address and a port number for transmitting information to the PC 10 by a request from the authentication server communication unit 58 of the PC 10.
  • Communication establishment with the PC 10 can be performed at an arbitrary timing before the authentication server 14 transmits the instruction information to the PC 10. If the authentication server 14 does not need to recognize in advance the global address and port number for transmitting information to the PC 10, the authentication server 14 may not include the PC communication unit 92.
  • the authentication information receiving unit 94 receives device information and authentication information from the mobile terminal 12.
  • the authentication processing unit 96 refers to the authentication database 90 and executes authentication processing based on the received device information and authentication information. Specifically, the authentication processing unit 96 can perform user authentication depending on whether or not the combination of the received device information and authentication information matches the contents registered in the authentication database 90.
  • the instruction information transmission unit 98 can transmit instruction information for causing the PC 10 to execute a predetermined process when the user authentication by the authentication processing unit 96 is successful. In addition, when the user authentication by the authentication processing unit 96 fails, the instruction information transmission unit 98 can transmit an authentication result indicating that the user authentication has failed to the mobile terminal 12.
  • FIG. 6 is a flowchart showing an example of authentication processing in the authentication system of the first embodiment.
  • the authentication server communication unit 58 establishes communication with the authentication server 14 by transmitting a request to the authentication server 14 at an arbitrary timing (S601, S602).
  • the device information image generation unit 54 generates a QR code (registered trademark) 20 (device information image) based on the device information stored in the device information storage unit 50 (S603).
  • the device information image display unit 56 displays the generated QR code (registered trademark) 20 on the display (S604).
  • the image reading unit 72 reads the QR code (registered trademark) 20 using the camera 30 and stores it in the device information image storage unit 74 (S605).
  • the device information image analysis unit 76 analyzes the QR code (registered trademark) 20 and extracts device information (S606).
  • the authentication information transmission unit 78 transmits the authentication information stored in the authentication information storage unit 70 together with the extracted device information to the authentication server 14 (S607).
  • the authentication information receiving unit 94 receives device information and authentication information from the portable terminal 12 (S608).
  • the authentication processing unit 96 refers to the authentication database 90 and executes an authentication process based on the received device information and authentication information (S609).
  • the instruction information transmission unit 98 transmits an authentication result indicating that the authentication has failed to the mobile terminal 12 (S611).
  • the authentication information transmitting unit 78 of the portable terminal 12 receives the authentication result from the authentication server 14 (S612), and displays the authentication result on the display (S613).
  • the instruction information transmitting unit 98 transmits instruction information for causing the PC 10 to execute a predetermined process to the PC 10 (S614).
  • the instruction information receiving unit 60 of the PC 10 receives the instruction information from the authentication server 14 (S615).
  • the instruction information processing unit 62 of the PC 10 executes processing according to the received instruction information (S616).
  • the mobile terminal 12 reads the QR code (registered trademark) 20 including the device information of the PC 10 and transmits the device information and the authentication information to the authentication server 14. Then, the authentication server 14 performs an authentication process based on the device information and the authentication information, and transmits instruction information for causing the PC 10 to execute a predetermined process to the PC 10.
  • authentication information for using the PC 10 is used without using a dedicated device for inputting the authentication information, such as a non-contact IC card reader or a fingerprint authentication device, in the PC 10. Can be entered.
  • FIG. 7 is a diagram illustrating a configuration example of an authentication system according to the second embodiment.
  • the authentication system includes a PC 200 and a mobile terminal 210.
  • a QR code (registered trademark) 20 is displayed on the PC 200.
  • the mobile terminal 210 includes a camera 30 for reading the QR code (registered trademark) 20.
  • the mobile terminal 210 can acquire device information of the PC 200 by reading and analyzing the QR code (registered trademark) 20 with the camera 30.
  • the device information of the PC 200 includes information for accessing the PC 200.
  • the device information of the PC 200 may include a global address of a router to which the PC 200 is connected and a port number for accessing the PC 200 via the router.
  • the mobile terminal 210 stores authentication information for the user to use the PC 200.
  • the mobile terminal 210 transmits the stored authentication information to the PC 200 via, for example, a mobile phone base station (BS) or the Internet based on the device information analyzed from the QR code (registered trademark) 20.
  • BS mobile phone base station
  • the PC 200 can execute an authentication process for the user to use the PC 200 based on the authentication information received from the mobile terminal 210.
  • FIG. 7 each structure of the authentication system shown in FIG. 7 is demonstrated in detail.
  • FIG. 8 is a block diagram showing an example of functional units constituting the PC 200.
  • the PC 200 includes a device information storage unit 50, an authentication information storage unit 52, a device information image generation unit 54, a device information image display unit 56, an authentication information reception unit 300, and an authentication processing unit 310. Composed.
  • Each unit constituting the PC 200 is realized by using a storage area such as a memory or a storage device, a processor executing a program stored in the storage area, or using various devices for input / output and communication. be able to.
  • the device information storage unit 50, the authentication information storage unit 52, the device information image generation unit 54, and the device information image display unit 56 have the same configurations as those in the first embodiment, and thus description thereof is omitted.
  • Authentication information receiving unit 300 receives authentication information from portable terminal 210.
  • the authentication processing unit 310 refers to the authentication information storage unit 52 and executes authentication processing based on the received authentication information.
  • the authentication processing unit 310 can execute processing according to the authentication result. For example, when the user authentication is successful, the authentication processing unit 310 can perform login processing, application startup, execution of predetermined processing in the application, and the like. For example, when user authentication fails, the authentication process part 310 can transmit the authentication result which shows that user authentication failed to the portable terminal 210. FIG.
  • FIG. 9 is a block diagram illustrating an example of functional units constituting the mobile terminal 210.
  • the mobile terminal 210 includes an authentication information storage unit 70, an image reading unit 72, a device information image storage unit 74, a device information image analysis unit 76, and an authentication information transmission unit 400.
  • Each unit constituting the portable terminal 210 uses a storage area such as a memory or a storage device, a processor executes a program stored in the storage area, or uses various devices for input / output and communication Can be realized.
  • the authentication information storage unit 70 Since the authentication information storage unit 70, the image reading unit 72, the device information image storage unit 74, and the device information image analysis unit 76 have the same configuration as that of the first embodiment, description thereof is omitted.
  • the authentication information transmission unit 400 transmits the authentication information stored in the authentication information storage unit 70 to the PC 200 based on the device information extracted by the device information image analysis unit 76. For example, when the device information includes a global address and a port number for accessing the PC 200, the authentication information transmitting unit 400 can transmit the authentication information to the PC 200 based on such information. When the computer name of the PC 200 is included in the device information, the authentication information transmission unit 400 acquires, for example, a global address and port number for accessing the PC 200 from the DNS server, and transmits the authentication information to the PC 200. Also good.
  • the authentication information transmission unit 400 can receive the authentication result based on the authentication information from the PC 200 after transmitting the authentication information to the PC 200. Note that the authentication result may be transmitted from the PC 200 only when the authentication fails.
  • the authentication information transmitting unit 400 may display the authentication result on the display. If the authentication result received from the PC 200 indicates that the authentication has failed, the authentication information transmitting unit 400 may output a message that prompts the user to re-enter the authentication information.
  • FIG. 10 is a flowchart showing an example of authentication processing in the authentication system of the second embodiment.
  • the device information image generation unit 54 generates a QR code (registered trademark) 20 (device information image) based on the device information stored in the device information storage unit 50 (S1001). Then, the device information image display unit 56 displays the generated QR code (registered trademark) 20 on the display (S1002).
  • the image reading unit 72 reads the QR code (registered trademark) 20 using the camera 30 and stores it in the device information image storage unit 74 (S1003).
  • the device information image analysis unit 76 analyzes the QR code (registered trademark) 20 and extracts device information (S1004).
  • the authentication information transmission unit 400 transmits the authentication information stored in the authentication information storage unit 70 to the PC 200 based on the extracted device information (S1005).
  • the authentication information receiving unit 300 receives the authentication information from the portable terminal 210 (S1006).
  • the authentication processing unit 310 refers to the authentication information storage unit 52 and executes an authentication process based on the received authentication information (S1007).
  • the authentication processing unit 310 transmits an authentication result indicating that the authentication has failed to the portable terminal 210 (S1009).
  • the authentication information transmission unit 400 of the portable terminal 210 receives the authentication result from the PC 200 (S1010), and displays the authentication result on the display (S1011).
  • the authentication processing unit 310 executes predetermined processing such as login processing and application activation (S1012).
  • the mobile terminal 210 reads the QR code (registered trademark) 20 including the device information of the PC 200 and transmits the authentication information to the PC 200. Then, the PC 200 can perform an authentication process based on the authentication information. As described above, according to the second embodiment, authentication information for using the PC 200 is used without using a dedicated device for inputting authentication information such as a non-contact IC card reader or a fingerprint authentication device. Can be entered.
  • QR code registered trademark
  • the PC 200 can perform an authentication process based on the authentication information.
  • authentication information for using the PC 200 is used without using a dedicated device for inputting authentication information such as a non-contact IC card reader or a fingerprint authentication device. Can be entered.
  • the information processing apparatus used by the user is not limited to a PC, and may be any information processing apparatus.
  • the device information image including the device information of the information processing device used by the user is not limited to the QR code (registered trademark), and any image can be used as long as the image can represent the device information.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Facsimiles In General (AREA)

Abstract

The present invention enables the input of authentication information without using a dedicated device. A first computer having a sensor that reads an image records, at an authentication information recording unit, authentication information for using a second computer, uses the sensor to read a device information image containing device information pertaining to the second computer, and on the basis of the result of reading the device information image, transmits to a third computer the authentication information for using the second computer.

Description

認証プログラム及び認証方法Authentication program and authentication method
 本発明は、認証プログラム及び認証方法に関する。 The present invention relates to an authentication program and an authentication method.
 コンピュータを利用するユーザの認証を行うためには、認証に必要な認証情報を入力する必要がある。認証情報の入力方法としては、例えば、認証情報が記録された非接触ICカードからの読み取りや、認証情報として用いられる指紋や静脈パターンの読み取りなどがある。例えば、特許文献1には、指紋読み取り手段によって読み取られた指紋のデータを指紋管理サーバに送信することによって認証を行うシステムが開示されている。 In order to authenticate users who use computers, it is necessary to input authentication information necessary for authentication. The authentication information input method includes, for example, reading from a non-contact IC card in which authentication information is recorded, and reading a fingerprint or vein pattern used as authentication information. For example, Patent Document 1 discloses a system for performing authentication by transmitting fingerprint data read by a fingerprint reading unit to a fingerprint management server.
特開2000-57341号公報JP 2000-57341 A
 しかしながら、上述した一般的な認証情報の入力方法では、非接触ICカードリーダや指紋認証デバイスなど、認証情報を入力するための専用のデバイスが必要となる。 However, the general authentication information input method described above requires a dedicated device for inputting authentication information, such as a non-contact IC card reader or a fingerprint authentication device.
 そこで、本発明は、専用のデバイスを用いることなく認証情報を入力可能とすることを目的とする。 Therefore, an object of the present invention is to enable authentication information to be input without using a dedicated device.
 本発明の一側面に係る認証プログラムは、画像を読み取るセンサを有する第1のコンピュータを、第2のコンピュータを利用するための認証情報を記憶する認証情報記憶部、第2のコンピュータに関する装置情報を含む装置情報画像をセンサを用いて読み取る画像読取部、装置情報画像の読み取り結果に基づいて、第2のコンピュータを利用するために認証情報を第3のコンピュータに送信する認証情報送信部、として機能させるためのものである。 An authentication program according to an aspect of the present invention includes an authentication information storage unit that stores authentication information for using a second computer, a first computer having a sensor that reads an image, and device information about the second computer. An image reading unit that reads a device information image including a sensor, and an authentication information transmission unit that transmits authentication information to a third computer to use the second computer based on the reading result of the device information image It is for making it happen.
 また、本発明の一側面に係る認証プログラムは、認証サーバを、画像を読み取るセンサを有する第1のコンピュータから、該センサによって読み取られた第2のコンピュータに関する装置情報と、該第2のコンピュータを利用するための認証情報とを受信する認証情報受信部、装置情報及び認証情報に基づいて、第2のコンピュータに所定の処理の実行を指示する指示情報を第2のコンピュータに送信する指示情報送信部、として機能させるためのものである。 According to another aspect of the present invention, there is provided an authentication program comprising: an authentication server configured to acquire device information about a second computer read by a sensor from a first computer having a sensor that reads an image; and the second computer. An authentication information receiving unit that receives authentication information for use, instruction information transmission that transmits to the second computer instruction information that instructs the second computer to execute a predetermined process based on the apparatus information and the authentication information It is for functioning as a part.
 また、本発明の一側面に係る認証方法では、画像を読み取るセンサを有する第1のコンピュータが、第2のコンピュータを利用するための認証情報を認証情報記憶部に記憶し、第2のコンピュータに関する装置情報を含む装置情報画像をセンサを用いて読み取り、装置情報画像の読み取り結果に基づいて、第2のコンピュータを利用するために認証情報を第3のコンピュータに送信する。 In the authentication method according to one aspect of the present invention, a first computer having a sensor for reading an image stores authentication information for using the second computer in an authentication information storage unit, and the second computer relates to the second computer. A device information image including device information is read using a sensor, and authentication information is transmitted to the third computer in order to use the second computer based on the reading result of the device information image.
 また、本発明の一側面に係る認証方法では、認証サーバが、画像を読み取るセンサを有する第1のコンピュータから、該センサによって読み取られた第2のコンピュータに関する装置情報と、該第2のコンピュータを利用するための認証情報とを受信し、装置情報及び認証情報に基づいて、第2のコンピュータに所定の処理の実行を指示する指示情報を第2のコンピュータに送信する。 In the authentication method according to one aspect of the present invention, the authentication server obtains device information related to the second computer read by the sensor from the first computer having a sensor for reading an image, and the second computer. Authentication information to be used is received, and based on the device information and the authentication information, instruction information for instructing the second computer to execute a predetermined process is transmitted to the second computer.
 なお、本発明において、「部」とは、単に物理的手段を意味するものではなく、その「部」が有する機能をソフトウェアによって実現する場合も含む。また、1つの「部」や装置が有する機能が2つ以上の物理的手段や装置により実現されても、2つ以上の「部」や装置の機能が1つの物理的手段や装置により実現されてもよい。 In the present invention, the “unit” does not simply mean a physical means, but includes a case where the function of the “unit” is realized by software. Also, even if the functions of one “unit” or device are realized by two or more physical means or devices, the functions of two or more “units” or devices are realized by one physical means or device. May be.
 本発明によれば、専用のデバイスを用いることなく認証情報を入力可能となる。 According to the present invention, authentication information can be input without using a dedicated device.
本発明の第1の実施形態における認証システムの構成例を示す図である。It is a figure which shows the structural example of the authentication system in the 1st Embodiment of this invention. PCを構成する機能部の一例を示すブロック図である。It is a block diagram which shows an example of the function part which comprises PC. 携帯端末を構成する機能部の一例を示すブロック図である。It is a block diagram which shows an example of the function part which comprises a portable terminal. 認証サーバを構成する機能部の一例を示すブロック図である。It is a block diagram which shows an example of the function part which comprises an authentication server. 認証データベースの構成の一例を示す図である。It is a figure which shows an example of a structure of an authentication database. 第1の実施形態の認証システムにおける認証処理の一例を示すフローチャートである。It is a flowchart which shows an example of the authentication process in the authentication system of 1st Embodiment. 本発明の第2の実施形態における認証システムの構成例を示す図である。It is a figure which shows the structural example of the authentication system in the 2nd Embodiment of this invention. PCを構成する機能部の一例を示すブロック図である。It is a block diagram which shows an example of the function part which comprises PC. 携帯端末を構成する機能部の一例を示すブロック図である。It is a block diagram which shows an example of the function part which comprises a portable terminal. 第2の実施形態の認証システムにおける認証処理の一例を示すフローチャートである。It is a flowchart which shows an example of the authentication process in the authentication system of 2nd Embodiment.
 ==第1の実施形態==
 まず、本発明の第1の実施形態について説明する。図1は、第1の実施形態における認証システムの構成例を示す図である。図1に示すように、認証システムは、パーソナルコンピュータ(PC)10、携帯端末12、及び認証サーバ14を含んで構成されている。 == First Embodiment ==
First, a first embodiment of the present invention will be described. FIG. 1 is a diagram illustrating a configuration example of an authentication system according to the first embodiment. As shown in FIG. 1, the authentication system includes a personal computer (PC) 10, a mobile terminal 12, and an authentication server 14.
 PC10は、ユーザが利用する情報処理装置である。図1に示すように、PC10はQRコード(登録商標)20を表示することができる。このQRコード(登録商標)20は、PC10に関する情報である装置情報を含む画像(装置情報画像)である。装置情報には、例えば、PC10のコンピュータ名などが含まれる。なお、PC10がQRコード(登録商標)20を表示するのではなく、あらかじめPC10の装置情報を含むQRコード(登録商標)20が印刷されていてもよい。印刷されたQRコード(登録商標)20は、例えば、PC10のディスプレイやPC10の筺体に貼り付けられていてもよい。 The PC 10 is an information processing apparatus used by a user. As shown in FIG. 1, the PC 10 can display a QR code (registered trademark) 20. The QR code (registered trademark) 20 is an image (device information image) including device information that is information about the PC 10. The device information includes, for example, the computer name of the PC 10. In addition, instead of the PC 10 displaying the QR code (registered trademark) 20, the QR code (registered trademark) 20 including the device information of the PC 10 may be printed in advance. The printed QR code (registered trademark) 20 may be attached to a display of the PC 10 or a housing of the PC 10, for example.
 PC10では、例えば、ログインしたり、アプリケーションを起動したりする際など、所定の処理を実行する際にユーザ認証が必要となる。詳細は後述するが、図1に示す認証システムでは、PC10に接続された非接触ICカードリーダや指紋認証デバイスなどの専用のデバイスを用いることなくユーザ認証を行うことができる。 The PC 10 requires user authentication when executing a predetermined process, for example, when logging in or starting an application. Although details will be described later, the authentication system shown in FIG. 1 can perform user authentication without using a dedicated device such as a non-contact IC card reader or a fingerprint authentication device connected to the PC 10.
 携帯端末12は、例えば、スマートフォンやタブレット端末など、PC10を利用するユーザが所持する携帯可能な情報処理装置である。携帯端末12は、QRコード(登録商標)20を読み取るためのセンサであるカメラ30を備えている。携帯端末12は、QRコード(登録商標)20をカメラ30で読み取って解析することにより、PC10の装置情報を取得することができる。また、携帯端末12は、ユーザがPC10を利用するための認証情報を記憶している。認証情報は、例えば、ユーザIDやパスワード、電子メールアドレスなどの情報である。携帯端末12は、例えば、携帯電話の基地局(BS:Base Station)を介してインターネットに接続することができる。そして、携帯端末12は、QRコード(登録商標)20から得られた装置情報を、認証情報とともに、認証サーバ14に送信することができる。 The portable terminal 12 is a portable information processing apparatus possessed by a user using the PC 10, such as a smartphone or a tablet terminal. The mobile terminal 12 includes a camera 30 that is a sensor for reading the QR code (registered trademark) 20. The portable terminal 12 can acquire device information of the PC 10 by reading and analyzing the QR code (registered trademark) 20 with the camera 30. The mobile terminal 12 stores authentication information for the user to use the PC 10. The authentication information is information such as a user ID, a password, and an e-mail address. The mobile terminal 12 can be connected to the Internet via, for example, a mobile phone base station (BS). And the portable terminal 12 can transmit the apparatus information obtained from the QR code (registered trademark) 20 to the authentication server 14 together with the authentication information.
 認証サーバ14は、認証処理を行う情報処理装置である。認証サーバ14は、携帯端末12から受信する装置情報及び認証情報に基づいて認証処理を実行することができる。そして、認証サーバ14は、例えば、正常にユーザ認証を行うことができた場合は、PC10に所定の処理を実行させるための指示情報をネットワークを介してPC10に送信することができる。 The authentication server 14 is an information processing apparatus that performs authentication processing. The authentication server 14 can execute an authentication process based on device information and authentication information received from the mobile terminal 12. For example, when the user authentication can be normally performed, the authentication server 14 can transmit instruction information for causing the PC 10 to execute a predetermined process to the PC 10 via the network.
 なお、例えば、PC10が社内ネットワークや家庭内ネットワーク等の中にある場合、PC10のIP(Internet Protocol)アドレスがプライベートアドレスである可能性がある。そのため、認証サーバ14が指示情報をPC10に送信するためには、例えば、PC10が接続されるルータのグローバルアドレスや、ルータを介してPC10へアクセスするためのポート番号が必要となることがある。 Note that, for example, when the PC 10 is in an in-house network or a home network, the IP (Internet Protocol) address of the PC 10 may be a private address. Therefore, in order for the authentication server 14 to transmit the instruction information to the PC 10, for example, a global address of a router to which the PC 10 is connected and a port number for accessing the PC 10 via the router may be required.
 解決策の一つとしては、例えば、PC10からのリクエストによって、PC10と認証サーバ14との間であらかじめ通信を確立しておく手法がある。PC10と認証サーバ14との間で通信が確立されていれば、認証サーバ14は、PC10に指示情報を送信するために用いるグローバルアドレスやポート番号を認識した状態となっている。 As one of the solutions, for example, there is a method of establishing communication between the PC 10 and the authentication server 14 in advance by a request from the PC 10. If communication is established between the PC 10 and the authentication server 14, the authentication server 14 is in a state of recognizing the global address and port number used for transmitting the instruction information to the PC 10.
 また、別の解決策としては、例えば、PC10の装置情報に、PC10に指示情報を送信するために必要となるグローバルアドレスやポート番号を含ませておく手法がある。この場合、PC10と認証サーバ14との間であらかじめ通信が確立されていなくても、認証サーバ14は、装置情報に含まれるグローバルアドレスやポート番号を用いて、指示情報をPC10に送信することができる。 Further, as another solution, for example, there is a method of including the global address and port number necessary for transmitting the instruction information to the PC 10 in the device information of the PC 10. In this case, even if communication is not established in advance between the PC 10 and the authentication server 14, the authentication server 14 may transmit the instruction information to the PC 10 using the global address and port number included in the device information. it can.
 また、さらに別の解決策としては、ダイナミックDNS(Domain Name System)を用いる手法がある。この場合、PC10は、例えば、PC10にアクセスするために必要となるグローバルアドレスやポート番号をPC10のコンピュータ名に対応づけるための情報をDNSサーバに登録することができる。認証サーバ14は、PC10の装置情報からPC10のコンピュータ名を取得し、該コンピュータ名に対応するグローバルアドレスやポート番号を取得することにより、指示情報をPC10に送信することができる。 Further, as another solution, there is a technique using a dynamic DNS (Domain Name System). In this case, for example, the PC 10 can register information for associating a global address and a port number necessary for accessing the PC 10 with the computer name of the PC 10 in the DNS server. The authentication server 14 can transmit the instruction information to the PC 10 by acquiring the computer name of the PC 10 from the device information of the PC 10 and acquiring the global address and port number corresponding to the computer name.
 認証サーバ14から指示情報を受信したPC10では、該指示情報に応じて、ユーザがPC10を利用するためのログイン処理や、特定のアプリケーションの起動処理を実行することができる。以下に、図1に示した認証システムの各構成について詳細に説明する。 The PC 10 that has received the instruction information from the authentication server 14 can execute a login process for the user to use the PC 10 or a specific application activation process in accordance with the instruction information. Below, each structure of the authentication system shown in FIG. 1 is demonstrated in detail.
 図2は、PC10を構成する機能部の一例を示すブロック図である。図2に示すように、PC10は、装置情報記憶部50、認証情報記憶部52、装置情報画像生成部54、装置情報画像表示部56、認証サーバ通信部58、指示情報受信部60、及び指示情報処理部62を含んで構成される。PC10を構成する各部は、メモリや記憶装置等の記憶領域を用いたり、記憶領域に格納されているプログラムをプロセッサが実行したり、入出力や通信用の各種デバイスを用いたりすることにより実現することができる。 FIG. 2 is a block diagram illustrating an example of functional units constituting the PC 10. As shown in FIG. 2, the PC 10 includes a device information storage unit 50, an authentication information storage unit 52, a device information image generation unit 54, a device information image display unit 56, an authentication server communication unit 58, an instruction information reception unit 60, and an instruction. An information processing unit 62 is included. Each unit constituting the PC 10 is realized by using a storage area such as a memory or a storage device, a processor executing a program stored in the storage area, or using various devices for input / output and communication. be able to.
 装置情報記憶部50は、PC10の装置情報を記憶する。装置情報は、認証サーバ14においてPC10を識別するための情報であり、例えば、コンピュータ名を含むことができる。また、認証サーバ14からPC10に指示情報を送信するために必要となる情報が装置情報に含まれることとしてもよい。例えば、装置情報は、PC10のIPアドレスを含むこととしてもよい。また、PC10のIPアドレスがプライベートアドレスの場合、装置情報は、PC10が接続されたルータのグローバルアドレスと、該ルータを介してPC10にアクセスするためのポート番号とが含まれていてもよい。なお、ルータのグローバルアドレスが固定ではない場合、PC10は、ルータのグローバルアドレスを取得して装置情報記憶部50に格納する機能を備えることができる。 The device information storage unit 50 stores device information of the PC 10. The device information is information for identifying the PC 10 in the authentication server 14, and may include a computer name, for example. Further, information necessary for transmitting the instruction information from the authentication server 14 to the PC 10 may be included in the device information. For example, the device information may include the IP address of the PC 10. When the IP address of the PC 10 is a private address, the device information may include a global address of a router to which the PC 10 is connected and a port number for accessing the PC 10 via the router. If the global address of the router is not fixed, the PC 10 can have a function of acquiring the global address of the router and storing it in the device information storage unit 50.
 認証情報記憶部52は、PC10を利用するユーザの認証情報を記憶する。認証情報には、例えば、ユーザIDやパスワードが含まれる。PC10では、この認証情報に基づいてユーザ認証を行うことができる。 The authentication information storage unit 52 stores authentication information of a user who uses the PC 10. The authentication information includes, for example, a user ID and a password. The PC 10 can perform user authentication based on this authentication information.
 装置情報画像生成部54は、装置情報記憶部50に記憶されている装置情報に基づいて、装置情報を含むQRコード(登録商標)20(装置情報画像)を生成する。なお、装置情報画像生成部54においてQRコード(登録商標)20を生成するのではなく、PC10の外部で生成されたQRコード(登録商標)20がPC10において記憶されていることとしてもよい。例えば、PC10は、PC10の装置情報を含むQRコード(登録商標)20を認証サーバ14等の外部の装置から取得することとしてもよい。 The device information image generation unit 54 generates a QR code (registered trademark) 20 (device information image) including device information based on the device information stored in the device information storage unit 50. Instead of generating the QR code (registered trademark) 20 in the apparatus information image generation unit 54, the QR code (registered trademark) 20 generated outside the PC 10 may be stored in the PC 10. For example, the PC 10 may acquire a QR code (registered trademark) 20 including device information of the PC 10 from an external device such as the authentication server 14.
 装置情報画像表示部56は、装置情報画像生成部54によって生成されるQRコード(登録商標)20をPC10のディスプレイに表示する。例えば、装置情報画像表示部56は、PC10にログインするための画面にQRコード(登録商標)20を表示することができる。また、例えば、装置情報画像表示部56は、PC10にログインした後に表示されるデスクトップ領域にQRコード(登録商標)20を表示することとしてもよい。また、例えば、装置情報画像表示部56は、PC10において実行されるアプリケーションの画面上にQRコード(登録商標)20を表示することとしてもよい。 The device information image display unit 56 displays the QR code (registered trademark) 20 generated by the device information image generation unit 54 on the display of the PC 10. For example, the device information image display unit 56 can display the QR code (registered trademark) 20 on a screen for logging in to the PC 10. Further, for example, the device information image display unit 56 may display the QR code (registered trademark) 20 in the desktop area displayed after logging in to the PC 10. For example, the device information image display unit 56 may display the QR code (registered trademark) 20 on the screen of an application executed on the PC 10.
 認証サーバ通信部58は、認証サーバ14と通信を行うことができる。例えば、認証サーバ通信部58は、認証サーバ14に対して通信確立のリクエストを送信することができる。このリクエストにより通信が確立されると、認証サーバ14は、PC10に情報を送信するためのグローバルアドレスやポート番号を認識することができる。ここで、PC10と認証サーバ14との間の通信確立は、認証サーバ14がPC10に指示情報を送信する前の任意のタイミングに行うことができる。例えば、PC10へのログインが行われていない状態において通信が確立されることとしてもよい。なお、PC10に情報を送信するためのグローバルアドレスやポート番号を認証サーバ14が事前に認識する必要がない場合、PC10は認証サーバ通信部58を備えなくてもよい。 The authentication server communication unit 58 can communicate with the authentication server 14. For example, the authentication server communication unit 58 can transmit a communication establishment request to the authentication server 14. When communication is established by this request, the authentication server 14 can recognize a global address and a port number for transmitting information to the PC 10. Here, the communication establishment between the PC 10 and the authentication server 14 can be performed at an arbitrary timing before the authentication server 14 transmits the instruction information to the PC 10. For example, communication may be established in a state where login to the PC 10 is not performed. If the authentication server 14 does not need to recognize in advance the global address and port number for transmitting information to the PC 10, the PC 10 may not include the authentication server communication unit 58.
 指示情報受信部60は、認証サーバ14から指示情報を受信する。指示情報処理部62は、受信された指示情報に応じた処理を実行する。例えば、指示情報処理部62は、指示情報に応じてユーザのログイン処理を実行することができる。この場合、指示情報には認証情報が含まれることとすることができる。そして、指示情報処理部62は、指示情報に含まれる認証情報を用いて、ユーザがPC10を利用するためのログイン処理を実行することができる。例えば、指示情報に含まれる認証情報がユーザIDである場合、指示情報処理部62は、該ユーザIDのユーザをログインさせることができる。また、例えば、指示情報に含まれる認証情報がユーザID及びパスワードである場合、指示情報処理部62は、認証情報記憶部52を参照し、受信したユーザID及びパスワードを用いて認証処理を実行してもよい。 The instruction information receiving unit 60 receives instruction information from the authentication server 14. The instruction information processing unit 62 executes processing according to the received instruction information. For example, the instruction information processing unit 62 can execute a user login process in accordance with the instruction information. In this case, the instruction information can include authentication information. Then, the instruction information processing unit 62 can execute a login process for the user to use the PC 10 using the authentication information included in the instruction information. For example, when the authentication information included in the instruction information is a user ID, the instruction information processing unit 62 can log in the user with the user ID. For example, when the authentication information included in the instruction information is a user ID and a password, the instruction information processing unit 62 refers to the authentication information storage unit 52 and executes an authentication process using the received user ID and password. May be.
 なお、指示情報処理部62が実行する処理はログイン処理に限られず、任意の処理とすることができる。例えば、指示情報処理部62は、指示情報に応じてアプリケーションを起動することとしてもよい。起動されるアプリケーションはあらかじめ定められていてもよいし、起動対象のアプリケーションを示す情報が指示情報に含まれていてもよい。また、例えば、指示情報処理部62は、起動されているアプリケーションにおいて、指示情報に応じた所定の処理を実行することとしてもよい。 Note that the process executed by the instruction information processing unit 62 is not limited to the login process, and may be an arbitrary process. For example, the instruction information processing unit 62 may start an application according to the instruction information. The application to be activated may be determined in advance, or information indicating the application to be activated may be included in the instruction information. For example, the instruction information processing unit 62 may execute a predetermined process according to the instruction information in the activated application.
 図3は、携帯端末12を構成する機能部の一例を示すブロック図である。図3に示すように、携帯端末12は、認証情報記憶部70、画像読取部72、装置情報画像記憶部74、装置情報画像解析部76、及び認証情報送信部78を含んで構成される。携帯端末12を構成する各部は、メモリや記憶装置等の記憶領域を用いたり、記憶領域に格納されているプログラムをプロセッサが実行したり、入出力や通信用の各種デバイスを用いたりすることにより実現することができる。 FIG. 3 is a block diagram illustrating an example of functional units constituting the mobile terminal 12. As illustrated in FIG. 3, the mobile terminal 12 includes an authentication information storage unit 70, an image reading unit 72, a device information image storage unit 74, a device information image analysis unit 76, and an authentication information transmission unit 78. Each unit constituting the mobile terminal 12 uses a storage area such as a memory or a storage device, a processor executes a program stored in the storage area, or uses various devices for input / output and communication Can be realized.
 認証情報記憶部70は、PC10を利用するユーザの認証情報を記憶する。認証情報には、例えば、ユーザIDやパスワードが含まれる。認証情報は、認証情報記憶部70にあらかじめ記憶されていることとしてもよいし、携帯端末12を用いた認証処理が実行される際に携帯端末12においてユーザから入力されることとしてもよい。 The authentication information storage unit 70 stores authentication information of a user who uses the PC 10. The authentication information includes, for example, a user ID and a password. The authentication information may be stored in advance in the authentication information storage unit 70 or may be input from the user at the mobile terminal 12 when an authentication process using the mobile terminal 12 is executed.
 画像読取部72は、カメラ30を利用してQRコード(登録商標)20を読み取り、装置情報画像記憶部74に記憶する。 The image reading unit 72 reads the QR code (registered trademark) 20 using the camera 30 and stores it in the device information image storage unit 74.
 装置情報画像解析部76は、装置情報画像記憶部74に記憶されたQRコード(登録商標)20を解析し、QRコード(登録商標)20に含まれる装置情報を抽出する。 The device information image analysis unit 76 analyzes the QR code (registered trademark) 20 stored in the device information image storage unit 74 and extracts the device information included in the QR code (registered trademark) 20.
 認証情報送信部78は、装置情報画像解析部76によって抽出された装置情報とともに、認証情報記憶部70に記憶されている認証情報を認証サーバ14に送信する。また、認証情報送信部78は、認証情報を認証サーバ14に送信した後、認証情報に基づく認証結果を認証サーバ14から受信することができる。なお、認証結果は、認証が失敗した場合にのみ認証サーバ14から送信されてくることとしてもよい。認証情報送信部78は、認証サーバ14から認証結果を受信した場合は、認証結果をディスプレイに表示することとしてもよい。また、認証サーバ14から受信した認証結果が、認証が失敗したことを示すものである場合、認証情報送信部78は、ユーザに認証情報の再入力を促すメッセージを出力することとしてもよい。 The authentication information transmission unit 78 transmits the authentication information stored in the authentication information storage unit 70 to the authentication server 14 together with the device information extracted by the device information image analysis unit 76. The authentication information transmitting unit 78 can receive an authentication result based on the authentication information from the authentication server 14 after transmitting the authentication information to the authentication server 14. Note that the authentication result may be transmitted from the authentication server 14 only when the authentication fails. The authentication information transmission part 78 is good also as displaying an authentication result on a display, when an authentication result is received from the authentication server 14. FIG. When the authentication result received from the authentication server 14 indicates that the authentication has failed, the authentication information transmitting unit 78 may output a message that prompts the user to re-enter the authentication information.
 図4は、認証サーバ14を構成する機能部の一例を示すブロック図である。図4に示すように、認証サーバ14は、認証データベース90、PC通信部92、認証情報受信部94、認証処理部96、及び指示情報送信部98を含んで構成される。認証サーバ14を構成する各部は、メモリや記憶装置等の記憶領域を用いたり、記憶領域に格納されているプログラムをプロセッサが実行したり、入出力や通信用の各種デバイスを用いたりすることにより実現することができる。 FIG. 4 is a block diagram illustrating an example of functional units constituting the authentication server 14. As shown in FIG. 4, the authentication server 14 includes an authentication database 90, a PC communication unit 92, an authentication information receiving unit 94, an authentication processing unit 96, and an instruction information transmitting unit 98. Each unit constituting the authentication server 14 uses a storage area such as a memory or a storage device, a processor executes a program stored in the storage area, or uses various devices for input / output and communication. Can be realized.
 認証データベース90は、携帯端末12から受信する装置情報及び認証情報に基づいて認証処理を実行するために必要な情報を記憶している。図5は、認証データベースの構成の一例を示す図である。図5に示すように、例えば、認証データベースは、装置情報と認証情報とを対応づけて記憶しておくことができる。 The authentication database 90 stores information necessary for executing the authentication process based on the device information and the authentication information received from the mobile terminal 12. FIG. 5 is a diagram illustrating an example of the configuration of the authentication database. As shown in FIG. 5, for example, the authentication database can store device information and authentication information in association with each other.
 なお、携帯端末12から受信する装置情報及び認証情報と、認証データベースに記憶されている装置情報及び認証情報とは完全に同一である必要はない。例えば、認証データベース90に記憶されている装置情報には、携帯端末12から受信する装置情報には含まれない情報があってもよい。また、例えば、携帯端末12から受信する装置情報には、認証データベース90に記憶されている装置情報には含まれない情報があってもよい。具体的には、例えば、携帯端末12から受信する装置情報に、PC10のコンピュータ名に加えて、PC10にアクセスするためのグローバルアドレスやポート番号が含まれる場合、認証データベース90に記憶されている装置情報にはグローバルアドレスやポート番号は含まれていなくてもよい。 Note that the device information and authentication information received from the mobile terminal 12 need not be completely the same as the device information and authentication information stored in the authentication database. For example, the device information stored in the authentication database 90 may include information that is not included in the device information received from the mobile terminal 12. Further, for example, the device information received from the mobile terminal 12 may include information that is not included in the device information stored in the authentication database 90. Specifically, for example, when the device information received from the mobile terminal 12 includes a global address or port number for accessing the PC 10 in addition to the computer name of the PC 10, the device stored in the authentication database 90 The information may not include a global address or a port number.
 図4に戻り、PC通信部92は、PC10との間で通信を行うことができる。例えば、PC通信部92は、PC10の認証サーバ通信部58からのリクエストに応じてPC10と通信を確立することができる。PC通信部92は、PC10の認証サーバ通信部58からのリクエストにより、PC10に情報を送信するためのグローバルアドレスやポート番号を認識することができる。PC10との通信確立は、認証サーバ14がPC10に指示情報を送信する前の任意のタイミングに行うことができる。なお、PC10に情報を送信するためのグローバルアドレスやポート番号を認証サーバ14が事前に認識する必要がない場合、認証サーバ14はPC通信部92を備えなくてもよい。 Returning to FIG. 4, the PC communication unit 92 can communicate with the PC 10. For example, the PC communication unit 92 can establish communication with the PC 10 in response to a request from the authentication server communication unit 58 of the PC 10. The PC communication unit 92 can recognize a global address and a port number for transmitting information to the PC 10 by a request from the authentication server communication unit 58 of the PC 10. Communication establishment with the PC 10 can be performed at an arbitrary timing before the authentication server 14 transmits the instruction information to the PC 10. If the authentication server 14 does not need to recognize in advance the global address and port number for transmitting information to the PC 10, the authentication server 14 may not include the PC communication unit 92.
 認証情報受信部94は、携帯端末12から装置情報及び認証情報を受信する。認証処理部96は、認証データベース90を参照し、受信した装置情報及び認証情報に基づいて認証処理を実行する。具体的には、認証処理部96は、受信した装置情報及び認証情報の組み合わせが、認証データベース90に登録された内容と整合するかどうかにより、ユーザ認証を行うことができる。 The authentication information receiving unit 94 receives device information and authentication information from the mobile terminal 12. The authentication processing unit 96 refers to the authentication database 90 and executes authentication processing based on the received device information and authentication information. Specifically, the authentication processing unit 96 can perform user authentication depending on whether or not the combination of the received device information and authentication information matches the contents registered in the authentication database 90.
 指示情報送信部98は、認証処理部96によるユーザ認証が成功した場合、PC10に所定の処理を実行させるための指示情報をPC10に送信することができる。また、指示情報送信部98は、認証処理部96によるユーザ認証が失敗した場合、ユーザ認証が失敗したことを示す認証結果を携帯端末12に送信することができる。 The instruction information transmission unit 98 can transmit instruction information for causing the PC 10 to execute a predetermined process when the user authentication by the authentication processing unit 96 is successful. In addition, when the user authentication by the authentication processing unit 96 fails, the instruction information transmission unit 98 can transmit an authentication result indicating that the user authentication has failed to the mobile terminal 12.
 図6は、第1の実施形態の認証システムにおける認証処理の一例を示すフローチャートである。PC10において、認証サーバ通信部58は、任意のタイミングで認証サーバ14にリクエストを送信することにより、認証サーバ14との間で通信を確立する(S601,S602)。装置情報画像生成部54は、装置情報記憶部50に記憶されている装置情報に基づいてQRコード(登録商標)20(装置情報画像)を生成する(S603)。そして、装置情報画像表示部56は、生成されたQRコード(登録商標)20をディスプレイに表示する(S604)。 FIG. 6 is a flowchart showing an example of authentication processing in the authentication system of the first embodiment. In the PC 10, the authentication server communication unit 58 establishes communication with the authentication server 14 by transmitting a request to the authentication server 14 at an arbitrary timing (S601, S602). The device information image generation unit 54 generates a QR code (registered trademark) 20 (device information image) based on the device information stored in the device information storage unit 50 (S603). Then, the device information image display unit 56 displays the generated QR code (registered trademark) 20 on the display (S604).
 携帯端末12において、画像読取部72は、カメラ30を用いてQRコード(登録商標)20を読み取り、装置情報画像記憶部74に格納する(S605)。装置情報画像解析部76は、QRコード(登録商標)20を解析し、装置情報を抽出する(S606)。認証情報送信部78は抽出された装置情報とともに、認証情報記憶部70に記憶されている認証情報を認証サーバ14に送信する(S607)。 In the portable terminal 12, the image reading unit 72 reads the QR code (registered trademark) 20 using the camera 30 and stores it in the device information image storage unit 74 (S605). The device information image analysis unit 76 analyzes the QR code (registered trademark) 20 and extracts device information (S606). The authentication information transmission unit 78 transmits the authentication information stored in the authentication information storage unit 70 together with the extracted device information to the authentication server 14 (S607).
 認証サーバ14において、認証情報受信部94は、装置情報及び認証情報を携帯端末12から受信する(S608)。認証処理部96は、認証データベース90を参照し、受信した装置情報及び認証情報に基づいて認証処理を実行する(S609)。 In the authentication server 14, the authentication information receiving unit 94 receives device information and authentication information from the portable terminal 12 (S608). The authentication processing unit 96 refers to the authentication database 90 and executes an authentication process based on the received device information and authentication information (S609).
 認証サーバ14における認証が失敗した場合(S610:N)、指示情報送信部98は、認証が失敗したことを示す認証結果を携帯端末12に送信する(S611)。携帯端末12の認証情報送信部78は、認証サーバ14から認証結果を受信し(S612)、認証結果をディスプレイに表示する(S613)。 When the authentication in the authentication server 14 fails (S610: N), the instruction information transmission unit 98 transmits an authentication result indicating that the authentication has failed to the mobile terminal 12 (S611). The authentication information transmitting unit 78 of the portable terminal 12 receives the authentication result from the authentication server 14 (S612), and displays the authentication result on the display (S613).
 認証サーバ14における認証が成功した場合(S610:Y)、指示情報送信部98は、PC10において所定の処理を実行させるための指示情報をPC10に送信する(S614)。PC10の指示情報受信部60は、指示情報を認証サーバ14から受信し(S615)する。そして、PC10の指示情報処理部62は、受信した指示情報に応じた処理を実行する(S616)。 When the authentication in the authentication server 14 is successful (S610: Y), the instruction information transmitting unit 98 transmits instruction information for causing the PC 10 to execute a predetermined process to the PC 10 (S614). The instruction information receiving unit 60 of the PC 10 receives the instruction information from the authentication server 14 (S615). Then, the instruction information processing unit 62 of the PC 10 executes processing according to the received instruction information (S616).
 以上、本発明の第1の実施形態について説明した。第1の実施形態では、携帯端末12は、PC10の装置情報を含むQRコード(登録商標)20を読み取り、装置情報及び認証情報を認証サーバ14に送信する。そして、認証サーバ14は、装置情報及び認証情報に基づいて認証処理を行い、PC10に所定の処理を実行させるための指示情報をPC10に送信する。このように、第1の実施形態によれば、非接触ICカードリーダや指紋認証デバイスなど、認証情報を入力するための専用のデバイスをPC10において用いることなく、PC10を利用するための認証情報を入力することができる。 The first embodiment of the present invention has been described above. In the first embodiment, the mobile terminal 12 reads the QR code (registered trademark) 20 including the device information of the PC 10 and transmits the device information and the authentication information to the authentication server 14. Then, the authentication server 14 performs an authentication process based on the device information and the authentication information, and transmits instruction information for causing the PC 10 to execute a predetermined process to the PC 10. Thus, according to the first embodiment, authentication information for using the PC 10 is used without using a dedicated device for inputting the authentication information, such as a non-contact IC card reader or a fingerprint authentication device, in the PC 10. Can be entered.
 ==第2の実施形態==
 次に、本発明の第2の実施形態について説明する。図7は、第2の実施形態における認証システムの構成例を示す図である。図7に示すように、認証システムは、PC200及び携帯端末210を含んで構成されている。第1の実施形態の場合と同様に、PC200ではQRコード(登録商標)20が表示されている。また、携帯端末210は、QRコード(登録商標)20を読み取るためのカメラ30を備えている。 == Second Embodiment ==
Next, a second embodiment of the present invention will be described. FIG. 7 is a diagram illustrating a configuration example of an authentication system according to the second embodiment. As shown in FIG. 7, the authentication system includes a PC 200 and a mobile terminal 210. As in the case of the first embodiment, a QR code (registered trademark) 20 is displayed on the PC 200. The mobile terminal 210 includes a camera 30 for reading the QR code (registered trademark) 20.
 第1の実施形態の場合と同様に、携帯端末210は、QRコード(登録商標)20をカメラ30で読み取って解析することにより、PC200の装置情報を取得することができる。ここで、PC200の装置情報には、PC200にアクセスするための情報が含まれている。例えば、PC200の装置情報には、PC200が接続されるルータのグローバルアドレスや、該ルータを介してPC200へアクセスするためのポート番号が含まれていてもよい。また、携帯端末210は、ユーザがPC200を利用するための認証情報を記憶している。そして、携帯端末210は、記憶している認証情報を、QRコード(登録商標)20から解析された装置情報に基づいて、例えば、携帯電話の基地局(BS)やインターネットを介してPC200に送信する。PC200は、携帯端末210から受信する認証情報に基づいて、ユーザがPC200を利用するための認証処理を実行することができる。以下に、図7に示した認証システムの各構成について詳細に説明する。 As in the case of the first embodiment, the mobile terminal 210 can acquire device information of the PC 200 by reading and analyzing the QR code (registered trademark) 20 with the camera 30. Here, the device information of the PC 200 includes information for accessing the PC 200. For example, the device information of the PC 200 may include a global address of a router to which the PC 200 is connected and a port number for accessing the PC 200 via the router. The mobile terminal 210 stores authentication information for the user to use the PC 200. Then, the mobile terminal 210 transmits the stored authentication information to the PC 200 via, for example, a mobile phone base station (BS) or the Internet based on the device information analyzed from the QR code (registered trademark) 20. To do. The PC 200 can execute an authentication process for the user to use the PC 200 based on the authentication information received from the mobile terminal 210. Below, each structure of the authentication system shown in FIG. 7 is demonstrated in detail.
 図8は、PC200を構成する機能部の一例を示すブロック図である。図8に示すように、PC200は、装置情報記憶部50、認証情報記憶部52、装置情報画像生成部54、装置情報画像表示部56、認証情報受信部300、及び認証処理部310を含んで構成される。PC200を構成する各部は、メモリや記憶装置等の記憶領域を用いたり、記憶領域に格納されているプログラムをプロセッサが実行したり、入出力や通信用の各種デバイスを用いたりすることにより実現することができる。 FIG. 8 is a block diagram showing an example of functional units constituting the PC 200. As shown in FIG. 8, the PC 200 includes a device information storage unit 50, an authentication information storage unit 52, a device information image generation unit 54, a device information image display unit 56, an authentication information reception unit 300, and an authentication processing unit 310. Composed. Each unit constituting the PC 200 is realized by using a storage area such as a memory or a storage device, a processor executing a program stored in the storage area, or using various devices for input / output and communication. be able to.
 装置情報記憶部50、認証情報記憶部52、装置情報画像生成部54、及び装置情報画像表示部56は、第1の実施形態と同様の構成であるため説明を省略する。 The device information storage unit 50, the authentication information storage unit 52, the device information image generation unit 54, and the device information image display unit 56 have the same configurations as those in the first embodiment, and thus description thereof is omitted.
 認証情報受信部300は、携帯端末210から認証情報を受信する。認証処理部310は、認証情報記憶部52を参照し、受信した認証情報に基づいて認証処理を実行する。認証処理部310は、認証結果に応じた処理を実行することができる。例えば、ユーザ認証が成功した場合、認証処理部310は、ログイン処理やアプリケーションの起動、アプリケーションにおける所定の処理の実行などを行うことができる。また、例えば、ユーザ認証が失敗した場合、認証処理部310は、ユーザ認証が失敗したことを示す認証結果を携帯端末210に送信することができる。 Authentication information receiving unit 300 receives authentication information from portable terminal 210. The authentication processing unit 310 refers to the authentication information storage unit 52 and executes authentication processing based on the received authentication information. The authentication processing unit 310 can execute processing according to the authentication result. For example, when the user authentication is successful, the authentication processing unit 310 can perform login processing, application startup, execution of predetermined processing in the application, and the like. For example, when user authentication fails, the authentication process part 310 can transmit the authentication result which shows that user authentication failed to the portable terminal 210. FIG.
 図9は、携帯端末210を構成する機能部の一例を示すブロック図である。図9に示すように、携帯端末210は、認証情報記憶部70、画像読取部72、装置情報画像記憶部74、装置情報画像解析部76、及び認証情報送信部400を含んで構成される。携帯端末210を構成する各部は、メモリや記憶装置等の記憶領域を用いたり、記憶領域に格納されているプログラムをプロセッサが実行したり、入出力や通信用の各種デバイスを用いたりすることにより実現することができる。 FIG. 9 is a block diagram illustrating an example of functional units constituting the mobile terminal 210. As illustrated in FIG. 9, the mobile terminal 210 includes an authentication information storage unit 70, an image reading unit 72, a device information image storage unit 74, a device information image analysis unit 76, and an authentication information transmission unit 400. Each unit constituting the portable terminal 210 uses a storage area such as a memory or a storage device, a processor executes a program stored in the storage area, or uses various devices for input / output and communication Can be realized.
 認証情報記憶部70、画像読取部72、装置情報画像記憶部74、及び装置情報画像解析部76は、第1の実施形態と同様の構成であるため説明を省略する。 Since the authentication information storage unit 70, the image reading unit 72, the device information image storage unit 74, and the device information image analysis unit 76 have the same configuration as that of the first embodiment, description thereof is omitted.
 認証情報送信部400は、装置情報画像解析部76によって抽出された装置情報に基づいて、認証情報記憶部70に記憶されている認証情報をPC200に送信する。例えば、装置情報にPC200にアクセスするためのグローバルアドレスやポート番号が含まれる場合、認証情報送信部400は、これらの情報に基づいてPC200に認証情報を送信することができる。また、装置情報にPC200のコンピュータ名が含まれる場合、認証情報送信部400は、例えば、DNSサーバからPC200にアクセスするためのグローバルアドレスやポート番号を取得し、認証情報をPC200に送信することとしてもよい。 The authentication information transmission unit 400 transmits the authentication information stored in the authentication information storage unit 70 to the PC 200 based on the device information extracted by the device information image analysis unit 76. For example, when the device information includes a global address and a port number for accessing the PC 200, the authentication information transmitting unit 400 can transmit the authentication information to the PC 200 based on such information. When the computer name of the PC 200 is included in the device information, the authentication information transmission unit 400 acquires, for example, a global address and port number for accessing the PC 200 from the DNS server, and transmits the authentication information to the PC 200. Also good.
 また、認証情報送信部400は、認証情報をPC200に送信した後、認証情報に基づく認証結果をPC200から受信することができる。なお、認証結果は、認証が失敗した場合にのみPC200から送信されてくることとしてもよい。認証情報送信部400は、PC200から認証結果を受信した場合は、認証結果をディスプレイに表示することとしてもよい。また、PC200から受信した認証結果が、認証が失敗したことを示すものである場合、認証情報送信部400は、ユーザに認証情報の再入力を促すメッセージを出力することとしてもよい。 Further, the authentication information transmission unit 400 can receive the authentication result based on the authentication information from the PC 200 after transmitting the authentication information to the PC 200. Note that the authentication result may be transmitted from the PC 200 only when the authentication fails. When receiving the authentication result from the PC 200, the authentication information transmitting unit 400 may display the authentication result on the display. If the authentication result received from the PC 200 indicates that the authentication has failed, the authentication information transmitting unit 400 may output a message that prompts the user to re-enter the authentication information.
 図10は、第2の実施形態の認証システムにおける認証処理の一例を示すフローチャートである。装置情報画像生成部54は、装置情報記憶部50に記憶されている装置情報に基づいてQRコード(登録商標)20(装置情報画像)を生成する(S1001)。そして、装置情報画像表示部56は、生成されたQRコード(登録商標)20をディスプレイに表示する(S1002)。 FIG. 10 is a flowchart showing an example of authentication processing in the authentication system of the second embodiment. The device information image generation unit 54 generates a QR code (registered trademark) 20 (device information image) based on the device information stored in the device information storage unit 50 (S1001). Then, the device information image display unit 56 displays the generated QR code (registered trademark) 20 on the display (S1002).
 携帯端末12において、画像読取部72は、カメラ30を用いてQRコード(登録商標)20を読み取り、装置情報画像記憶部74に格納する(S1003)。装置情報画像解析部76は、QRコード(登録商標)20を解析し、装置情報を抽出する(S1004)。認証情報送信部400は抽出された装置情報に基づいて、認証情報記憶部70に記憶されている認証情報をPC200に送信する(S1005)。 In the mobile terminal 12, the image reading unit 72 reads the QR code (registered trademark) 20 using the camera 30 and stores it in the device information image storage unit 74 (S1003). The device information image analysis unit 76 analyzes the QR code (registered trademark) 20 and extracts device information (S1004). The authentication information transmission unit 400 transmits the authentication information stored in the authentication information storage unit 70 to the PC 200 based on the extracted device information (S1005).
 PC200において、認証情報受信部300は、認証情報を携帯端末210から受信する(S1006)。認証処理部310は、認証情報記憶部52を参照し、受信した認証情報に基づいて認証処理を実行する(S1007)。 In the PC 200, the authentication information receiving unit 300 receives the authentication information from the portable terminal 210 (S1006). The authentication processing unit 310 refers to the authentication information storage unit 52 and executes an authentication process based on the received authentication information (S1007).
 PC200における認証が失敗した場合(S1008:N)、認証処理部310は、認証が失敗したことを示す認証結果を携帯端末210に送信する(S1009)。携帯端末210の認証情報送信部400は、PC200から認証結果を受信し(S1010)、認証結果をディスプレイに表示する(S1011)。 When the authentication in the PC 200 has failed (S1008: N), the authentication processing unit 310 transmits an authentication result indicating that the authentication has failed to the portable terminal 210 (S1009). The authentication information transmission unit 400 of the portable terminal 210 receives the authentication result from the PC 200 (S1010), and displays the authentication result on the display (S1011).
 PC200における認証が成功した場合(S1008:Y)、認証処理部310は、ログイン処理やアプリケーションの起動等の、所定の処理を実行する(S1012)。 When the authentication in the PC 200 is successful (S1008: Y), the authentication processing unit 310 executes predetermined processing such as login processing and application activation (S1012).
 以上、本発明の第2の実施形態について説明した。第2の実施形態では、携帯端末210は、PC200の装置情報を含むQRコード(登録商標)20を読み取り、認証情報をPC200に送信する。そして、PC200は、認証情報に基づいて認証処理を行うことができる。このように、第2の実施形態によれば、非接触ICカードリーダや指紋認証デバイスなど、認証情報を入力するための専用のデバイスをPC200において用いることなく、PC200を利用するための認証情報を入力することができる。 The second embodiment of the present invention has been described above. In the second embodiment, the mobile terminal 210 reads the QR code (registered trademark) 20 including the device information of the PC 200 and transmits the authentication information to the PC 200. Then, the PC 200 can perform an authentication process based on the authentication information. As described above, according to the second embodiment, authentication information for using the PC 200 is used without using a dedicated device for inputting authentication information such as a non-contact IC card reader or a fingerprint authentication device. Can be entered.
 なお、本実施形態は、本発明の理解を容易にするためのものであり、本発明を限定して解釈するためのものではない。本発明は、その趣旨を逸脱することなく、変更/改良され得るととともに、本発明にはその等価物も含まれる。
 例えば、ユーザが利用する情報処理装置はPCに限られず、任意の情報処理装置とすることができる。また、ユーザが利用する情報処理装置の装置情報を含む装置情報画像はQRコード(登録商標)に限られず、装置情報を表すことが可能な画像であれば任意の画像とすることができる。 Note that this embodiment is intended to facilitate understanding of the present invention and is not intended to limit the present invention. The present invention can be changed / improved without departing from the spirit thereof, and the present invention includes equivalents thereof.
For example, the information processing apparatus used by the user is not limited to a PC, and may be any information processing apparatus. Further, the device information image including the device information of the information processing device used by the user is not limited to the QR code (registered trademark), and any image can be used as long as the image can represent the device information.
 10 PC
 12 携帯端末
 14 認証サーバ
 20 QRコード(登録商標)
 30 カメラ
 50 装置情報記憶部
 52 認証情報記憶部
 54 装置情報画像生成部
 56 装置情報画像表示部
 58 認証サーバ通信部
 60 指示情報受信部
 62 指示情報処理部
 70 認証情報記憶部
 72 画像読取部
 74 装置情報画像記憶部
 76 装置情報画像解析部
 78 認証情報送信部
 90 認証データベース
 92 PC通信部
 94 認証情報受信部
 96 認証処理部
 98 指示情報送信部
 200 PC
 210 携帯端末
 300 認証情報受信部
 310 認証処理部
 400 認証情報送信部 10 PC
12 Mobile terminal 14 Authentication server 20 QR code (registered trademark)
Reference Signs List 30 camera 50 device information storage unit 52 authentication information storage unit 54 device information image generation unit 56 device information image display unit 58 authentication server communication unit 60 instruction information reception unit 62 instruction information processing unit 70 authentication information storage unit 72 image reading unit 74 device Information image storage unit 76 Device information image analysis unit 78 Authentication information transmission unit 90 Authentication database 92 PC communication unit 94 Authentication information reception unit 96 Authentication processing unit 98 Instruction information transmission unit 200 PC
210 mobile terminal 300 authentication information receiving unit 310 authentication processing unit 400 authentication information transmitting unit

Claims (8)

  1.  画像を読み取るセンサを有する第1のコンピュータを、
     第2のコンピュータを利用するための認証情報を記憶する認証情報記憶部、
     前記第2のコンピュータに関する装置情報を含む装置情報画像を前記センサを用いて読み取る画像読取部、
     前記装置情報画像の読み取り結果に基づいて、前記第2のコンピュータを利用するために前記認証情報を第3のコンピュータに送信する認証情報送信部、
     として機能させるためのプログラム。     A first computer having a sensor for reading an image;
    An authentication information storage unit for storing authentication information for using the second computer;
    An image reading unit that reads a device information image including device information related to the second computer using the sensor;
    An authentication information transmitting unit configured to transmit the authentication information to a third computer in order to use the second computer based on the reading result of the device information image;
    Program to function as.
  2.  請求項1に記載のプログラムであって、
     前記第3のコンピュータは、前記第2のコンピュータを利用する際の認証を制御する認証サーバであり、
     前記認証情報出力部は、前記装置情報及び前記認証情報を前記認証サーバに送信する、
     プログラム。     The program according to claim 1,
    The third computer is an authentication server that controls authentication when using the second computer,
    The authentication information output unit transmits the device information and the authentication information to the authentication server.
    program.
  3.  請求項1に記載のプログラムであって、
     前記第3のコンピュータは前記第2のコンピュータであり、
     前記認証情報出力部は、前記装置情報に基づいて、前記認証情報を前記第2のコンピュータに送信する、
     プログラム。     The program according to claim 1,
    The third computer is the second computer;
    The authentication information output unit transmits the authentication information to the second computer based on the device information.
    program.
  4.  認証サーバを、
     画像を読み取るセンサを有する第1のコンピュータから、該センサによって読み取られた第2のコンピュータに関する装置情報と、該第2のコンピュータを利用するための認証情報とを受信する認証情報受信部、
     前記装置情報及び前記認証情報に基づいて、前記第2のコンピュータに所定の処理の実行を指示する指示情報を前記第2のコンピュータに送信する指示情報送信部、
     として機能させるためのプログラム。     Authentication server
    An authentication information receiving unit for receiving device information related to the second computer read by the sensor and authentication information for using the second computer from a first computer having a sensor for reading an image;
    An instruction information transmitting unit that transmits instruction information for instructing the second computer to execute a predetermined process based on the device information and the authentication information;
    Program to function as.
  5.  請求項4に記載のプログラムであって、
     前記指示情報送信部は、認証処理の実行を指示する指示情報として、前記認証情報を前記第2のコンピュータに送信する、
     プログラム。     The program according to claim 4,
    The instruction information transmission unit transmits the authentication information to the second computer as instruction information for instructing execution of an authentication process.
    program.
  6.  請求項4に記載のプログラムであって、
     前記認証サーバを、さらに、前記装置情報及び前記認証情報に基づいて、前記第2のコンピュータを利用するための認証を行う認証部として機能させ、
     前記指示情報送信部は、認証後の所定の処理の実行を指示する指示情報として、前記認証部による認証結果を前記第2のコンピュータに送信する、
     プログラム。     The program according to claim 4,
    The authentication server further functions as an authentication unit that performs authentication for using the second computer based on the device information and the authentication information,
    The instruction information transmission unit transmits an authentication result by the authentication unit to the second computer as instruction information for instructing execution of a predetermined process after authentication.
    program.
  7.  画像を読み取るセンサを有する第1のコンピュータが、
     第2のコンピュータを利用するための認証情報を認証情報記憶部に記憶し、
     前記第2のコンピュータに関する装置情報を含む装置情報画像を前記センサを用いて読み取り、
     前記装置情報画像の読み取り結果に基づいて、前記第2のコンピュータを利用するために前記認証情報を第3のコンピュータに送信する、
     認証方法。     A first computer having a sensor for reading an image;
    Storing authentication information for using the second computer in the authentication information storage unit;
    A device information image including device information related to the second computer is read using the sensor,
    Transmitting the authentication information to a third computer to use the second computer based on the reading result of the device information image;
    Authentication method.
  8.  認証サーバが、
     画像を読み取るセンサを有する第1のコンピュータから、該センサによって読み取られた第2のコンピュータに関する装置情報と、該第2のコンピュータを利用するための認証情報とを受信し、
     前記装置情報及び前記認証情報に基づいて、前記第2のコンピュータに所定の処理の実行を指示する指示情報を前記第2のコンピュータに送信する、
     認証方法。     The authentication server
    Receiving, from a first computer having a sensor for reading an image, device information relating to the second computer read by the sensor and authentication information for using the second computer;
    Based on the device information and the authentication information, the instruction information for instructing the second computer to execute a predetermined process is transmitted to the second computer.
    Authentication method.
PCT/JP2012/059701 2012-04-09 2012-04-09 Authentication program and authentication method WO2013153601A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2012/059701 WO2013153601A1 (en) 2012-04-09 2012-04-09 Authentication program and authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2012/059701 WO2013153601A1 (en) 2012-04-09 2012-04-09 Authentication program and authentication method

Publications (1)

Publication Number Publication Date
WO2013153601A1 true WO2013153601A1 (en) 2013-10-17

Family

ID=49327211

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2012/059701 WO2013153601A1 (en) 2012-04-09 2012-04-09 Authentication program and authentication method

Country Status (1)

Country Link
WO (1) WO2013153601A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009037328A (en) * 2007-07-31 2009-02-19 Uie Japan:Kk Content data transfer system and content controller
JP2009104264A (en) * 2007-10-22 2009-05-14 Oki Electric Ind Co Ltd Log-in authentication method, log-in authentication server, and log-in authentication program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009037328A (en) * 2007-07-31 2009-02-19 Uie Japan:Kk Content data transfer system and content controller
JP2009104264A (en) * 2007-10-22 2009-05-14 Oki Electric Ind Co Ltd Log-in authentication method, log-in authentication server, and log-in authentication program

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"Mobile-ban OAuth no Benri na Katsuyo Hoho, Yahoo!", JAPAN TECH BLOG, 18 December 2009 (2009-12-18), Retrieved from the Internet <URL:http://techblog.yahoo.co.jp/web/auth/oauth> [retrieved on 20120612] *

Similar Documents

Publication Publication Date Title
JP3610341B2 (en) Network device and remote control relay server
US9866388B2 (en) Portable device interface methods and systems
US10299118B1 (en) Authenticating a person for a third party without requiring input of a password by the person
CN103716483B (en) Communication system, client device, trunking and method
US10362026B2 (en) Providing multi-factor authentication credentials via device notifications
EP3200417B1 (en) Method and device for information interaction and association between human biological feature data and account
EP3203709B1 (en) Cloud service server and method for managing cloud service server
US9794252B2 (en) Information processing system and device control method
US9137419B2 (en) Communication apparatus capable of executing a direct wireless communication, communication apparatus control method, and program
KR102400580B1 (en) Electronic device for performing an authentication of another electronic device and method of operating the same
WO2018133678A1 (en) Device configuration method, apparatus and system
KR20080062445A (en) User authentication method in internet site using mobile and device thereof
EP3180714A1 (en) Form filling method and related terminal
US20170093833A1 (en) System, method, and program for sharing screen
US20190288998A1 (en) Providing multi-factor authentication credentials via device notifications
JP5845742B2 (en) Information processing apparatus, information processing method, and program
JP2006202052A (en) User authentication program, its recording medium, method and apparatus for authenticating user, and secret information acquisition program
JP5368044B2 (en) Client authentication system
WO2013171858A1 (en) Synchronization program and synchronization method
JP2020024764A (en) Computer-readable recording medium, system, and method for executing authentication
WO2013153601A1 (en) Authentication program and authentication method
JP2006285648A (en) Authentication support system, authentication support device, authentication support method and program
US11716331B2 (en) Authentication method, an authentication device and a system comprising the authentication device
JP5298418B2 (en) Portable terminal, login support system, portable terminal control method, portable terminal control program, and recording medium
JP2012138047A (en) Log-in authentication apparatus, log-in authentication method and program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12874249

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12874249

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP