JP2005332282A - Method and system for authenticating portable terminal with browser display function - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To secure safety in a web site while obtaining convenience by performing authentication with a simple input work from a portable terminal concerning a method for authenticating the portable terminal with a browser display function. <P>SOLUTION: When the URL of the web site is inputted from the portable terminal (#1), i.e., log-in is requested to the web site, a server device displays an input screen of a substitution authentication number in the portable terminal (#6) when individual identification information corresponding to the web site is not registered (NO in #3) and the substitution authentication number is registered (YES in #5). When the substitution authentication number is inputted from the portable terminal (#7) and the inputted substitution authentication number coincides with the registered substitution authentication number (YES in #8), the log-in to the web site is permitted and the date of the preceding log-in is displayed in the portable terminal (#12). Then the content of the web site is displayed in the portable terminal in response to a request from the portable terminal (#13). <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an authentication method and an authentication system for a mobile terminal with a browser display function for authenticating a user such as a mobile phone homepage that requires authentication.

Conventionally, in order to log in to a website that requires member authentication, a method is generally used in which the user is requested to input a user ID and password, and the user ID and password are checked in a server-side database. . In addition, a method for checking the user ID and the manufacturing number of the portable terminal (for example, see Patent Document 1) and a method for checking the telephone number of the portable terminal (for example, see Patent Document 2) are also known. There is also an example in which the user can select one of a plurality of authentication methods.
Japanese Patent Laid-Open No. 2003-281997 JP 2001-350999 A

  However, in the above-described authentication method for checking the user ID and password, the login user ID issued to the user by the service provider is a random character in consideration of certain rules for security reasons. Is often inconvenient for users and is difficult to remember. The same applies to the authentication method for checking the user ID and the manufacturing number of the portable terminal described in Patent Document 1 described above. Therefore, it may be possible to change the user ID issued by the service provider to a user ID that is easy for the user to remember, but if this is done, the data registered in the server system for each user will be missing. There is a risk of becoming. There is also a problem that the input operation of the user ID and password is troublesome due to the difficulty of inputting characters by the mobile terminal.

  Further, in the authentication method for checking the phone number of the mobile terminal described in Patent Document 2 described above, since the phone number can be known by other people, using the phone number of the other person's mobile terminal obtained, There is a risk of unauthorized login to a website that requires authentication. Further, in the method in which the user can select any one of the plurality of authentication methods described above, there is a problem that a new operation of selection occurs in the user. In addition, there are several hundred types of mobile terminals currently in use, and the functions of the mobile phones of each model are not uniform.

  The present invention has been made to solve the above-mentioned problems, and can be authenticated by a simple input operation from a mobile terminal, and the mobile phone with a browser display function that can ensure both safety and convenience of a website. An object is to provide a terminal authentication method and an authentication system.

  In order to achieve the above object, the invention of claim 1 stores web information that can be browsed via the Internet by a server device to which a mobile terminal is connected via the Internet, and the server device identifies individual web information. When the login request to the website is received from the mobile terminal, it is authenticated whether or not the login request is a request by a valid user, and the valid user In the authentication method of the mobile terminal with a browser display function that permits login to the website when the request is authenticated, the server device is given a password arbitrarily set by the individual, and is uniquely assigned to the mobile terminal At least one of the individual identification information and the proxy authentication number arbitrarily set by the individual instead of the user ID is stored on the website and If the individual identification information corresponding to the website is registered when the login request to the website is received from the mobile terminal, the authentication is performed using the individual identification information. If the individual identification information corresponding to the website is not registered and the proxy authentication number is registered, authentication using the proxy authentication number is performed, and the individual identification information and proxy authentication number corresponding to the website are registered. If not, authentication by the user ID is performed. In the authentication by the individual identification information, the individual identification information stored in the portable terminal is acquired from the portable terminal by the HTTP protocol, and the individual identification information acquired from the portable terminal is registered. Authentication is performed by comparing the individual identification information, and in the authentication by proxy authentication number, the input screen for the proxy authentication number is displayed. Information to be sent to the mobile terminal, the input screen is displayed on the mobile terminal, and then the proxy authentication number input from the mobile terminal and transmitted from the mobile terminal is compared with the registered proxy authentication number In the authentication by the user ID, the information for displaying the user ID and password input screen is transmitted to the mobile terminal, and the input screen is displayed on the mobile terminal. When the user ID and password entered and transmitted from the mobile terminal are compared with the registered user ID and password, and when login to the website is permitted, Sends information indicating the date and time of the previous login to the mobile device, displays the date and time of the previous login on the mobile device, and then responds to requests from the mobile device Then, the web information included in the website is transmitted to the mobile terminal, and the web information is displayed on the mobile terminal.

  The invention of claim 2 stores web information that can be browsed via the Internet by a server device to which a mobile terminal is connected via the Internet, and the server device associates the web information with a user ID for identifying an individual. When managed as a website and receiving a login request to the website from a mobile terminal, it is authenticated whether the login request is a request by a legitimate user, and is authenticated as a request by a legitimate user. In this case, in the authentication method of the mobile terminal with a browser display function that permits login to the website, the server device associates the proxy authentication number arbitrarily set by the individual instead of the user ID with the website and the user ID. To display the proxy authentication number input screen when a login request to the website is received from the mobile device. Information is sent to the mobile terminal, and the input screen is displayed on the mobile terminal. After that, the proxy authentication number input from the mobile terminal and transmitted from the mobile terminal is compared with the registered proxy authentication number. Authentication.

  According to a third aspect of the present invention, there is provided a server device to which a portable terminal is connected via the Internet, the server device storing web information that can be browsed via the Internet and a user ID for identifying an individual, and storage When web site management means for managing the web information stored in the means as a website in association with the user ID and receiving a login request to the website managed by the website management means from the portable terminal, the login request is received. If the request is authenticated by a legitimate user and the request is authorized by a legitimate user, the login permission means for permitting login to the website and the login permission means for the website After permitting login to the website, the web contained in the website is requested in response to a request from the mobile device. In the authentication system for a mobile terminal with a browser display function having web information display means for transmitting information to the mobile terminal and displaying the web information on the mobile terminal, the website management means includes a password arbitrarily set by the individual, Individual identification information uniquely assigned to the mobile terminal and a proxy authentication number arbitrarily set by the individual in place of the user ID are registered in the storage means in association with the website and the user ID, and the login permission means Individual identification authentication means for authenticating by identification information, proxy authentication means for authentication by proxy authentication number, user ID authentication means for authentication by user ID and password, and authentication by any of these authentication means Authentication selection means for selecting whether to perform authentication, the authentication selection means is a login request to the website from the mobile terminal When the individual identification information corresponding to the website is registered in the storage means when received, the authentication by the individual identification authentication means is selected, and the individual identification information corresponding to the website is registered in the storage means. If the proxy authentication number is registered, authentication by proxy authentication means is selected, and if the individual identification information and proxy authentication number corresponding to the website are not registered in the storage means, the user ID authentication means The individual identification authentication means acquires the individual identification information stored in the portable terminal from the portable terminal using the HTTP protocol, and the individual identification information acquired from the portable terminal and the individual registered in the storage means Authentication is performed by comparing the identification information, and the proxy authentication means transmits information for displaying the input screen of the proxy authentication number to the mobile terminal, and An input screen is displayed on the mobile terminal, and then authentication is performed by comparing the proxy authentication number input from the mobile terminal and transmitted from the mobile terminal with the proxy authentication number registered in the storage means, and the user ID authentication means Transmits information for displaying the input screen of the user ID and password to the mobile terminal, displays the input screen on the mobile terminal, and then is input from the mobile terminal and transmitted from the mobile terminal Authentication is performed by comparing the ID and password with the user ID and password registered in the storage means. When the web information display means permits login to the website by the login permission means, first, the website Sends information indicating the date and time of the previous login to the mobile device, displays the date and time of the previous login on the mobile device, and then In response to a request from the end, and transmits the web information included in the web site to the portable terminal, and displays the web information to the portable terminal.

  According to a fourth aspect of the present invention, there is provided a server device to which a mobile terminal is connected via the Internet, the server device storing web information that can be browsed via the Internet and a user ID for identifying an individual, and storage When web site management means for managing the web information stored in the means as a website in association with the user ID and receiving a login request to the website managed by the website management means from the portable terminal, the login request is received. Authenticates whether or not the request is made by a legitimate user, and if the request is authorized by a legitimate user, the login permission means for permitting login to the website and the login permission means After permitting login to the website, the web contained in the website is requested in response to a request from the mobile device. In an authentication system for a mobile terminal with a browser display function that includes a web information display means for transmitting information to a mobile terminal and displaying the web information on the mobile terminal, the website management means is optional for an individual instead of a user ID. The proxy authentication number set in the above is registered in the storage means in association with the website and the user ID, and the login permission means compares the proxy authentication number transmitted from the mobile terminal with the proxy authentication number registered in the storage means. And proxy authentication means for performing authentication.

  According to the first aspect of the present invention, when the individual identification information is registered when logging in to the website, authentication based on the individual identification information is selected, and the individual identification information is not registered and the proxy authentication number is registered. If it is determined that the authentication is based on the proxy authentication number, and if the individual identification information and the proxy authentication number are not registered, the authentication based on the user ID is selected and the user is authenticated. In the authentication based on the individual identification information, the individual identification information recorded in the mobile terminal is automatically acquired, so that the user does not need an operation for authentication. In the authentication using the proxy authentication number, since the input screen for the proxy authentication number is automatically displayed on the mobile terminal, the user only has to input the proxy authentication number that the user can easily remember. In the authentication, a user ID and password input screen is automatically displayed on the portable terminal, so that the user only has to input the user ID and password. These authentications are performed in the same manner regardless of the model or function of the mobile terminal. In this way, since authentication is required for logging in to the website, the safety of the website can be secured, and the authentication can be performed with the minimum necessary operation regardless of the model and function of the mobile terminal. Improves.

  According to the invention of claim 2, when logging in to the website, the user is authenticated using a proxy authentication number arbitrarily set by the individual instead of the user ID. Therefore, the user can be authenticated by the proxy authentication number that the user can easily remember. In addition, when a login request to the website is made from the mobile terminal, the proxy authentication number input screen is automatically displayed on the mobile terminal, so the user only inputs the proxy authentication number that the user can easily remember. You can authenticate with. This authentication is performed in the same manner regardless of the model or function of the mobile terminal. In this way, authentication is required for logging in to the website, so the safety of the website can be secured, and the authentication uses a proxy authentication number that is easy for the user to remember regardless of the model or function of the mobile device. The convenience is improved because it can be done with simple input operations.

  According to the invention of claim 3, the same effect as that of the invention of claim 1 can be obtained.

  According to the invention of claim 4, the same effect as that of the invention of claim 2 can be obtained.

  Hereinafter, a remote monitoring system to which an authentication method and an authentication system of a mobile terminal with a browser display function according to an embodiment of the present invention are applied will be described with reference to the drawings. 1A and 1B show the overall configuration of the remote monitoring system. The remote monitoring system 1 is a system that provides a service that enables confirmation of the in-home information such as the in-home image taken by the camera and the monitoring status of the intruder into the home by the human body sensor, and is installed in the home. Communication is performed between the home device 2 that obtains home information and the home device 2 via the telephone line 5, ISP (Internet Service Provider) 6, and the Internet 7, and the mobile terminal via the mobile phone line 8 and the Internet 7. 3 is a server device 4 (Web server) that communicates with the server 3.

  The in-home device 2 is arranged in a room of a user's house such as a child, an elderly person, a pet, and the like, photographs a predetermined monitoring area with a camera, detects an intruder and the like with a human body sensor, The home information such as the monitoring status of the intruder by the sensor is transmitted to the server device 4. The home device 2 is automatically set to connect to the network just by turning on the power and connecting to the telephone line 5 by the user at the appropriate location in the home, just like ordinary home appliances. The home information can be received and the home information can be uploaded to the server device 4. The in-home device 2 is always connected to the server device 4 via the telephone line 5, the ISP 6, and the Internet 7.

  The server device 4 is a computer that is connected to the Internet 7, operates the remote monitoring system 1, and provides services by the remote monitoring system 1. The server device 4 manages the home information received from the home device 2 as a website in association with the user of the home device 2, that is, the service user of the remote monitoring system 1. When a valid user, that is, a user of the in-home device 2, receives a login request from the mobile terminal 3 to the website, the server device 4 permits the login to the website and requests an image transfer from the mobile terminal 3. In response, the in-home captured image included in the website is transmitted to the mobile terminal 3. In addition, the server device 4 accepts a control command for controlling the in-home device 2 from the mobile terminal 3 in a state where login to the website is permitted, and receives the control command received from the mobile terminal 3. Forward to.

  As the portable terminal 3, one that can access a website managed by the server device 4 can be used. As such a portable terminal 3, a portable terminal 3 having a browser display function for displaying web information via the Internet 7 can be used. There are telephones and PDAs (Personal Digital Assistants). A service user of the remote monitoring system 1 uses such a portable terminal 3 to log in to a website managed by the server device 4 and transmits a control command for controlling the in-home device 2 to transmit the in-home device 2. In addition, it is possible to view in-house information such as an image taken by the camera of the in-home device 2 and monitoring status of an intruder by a human body sensor. In addition to the mobile terminal 3, a personal computer or the like can be used.

  In the remote monitoring system 1, a user ID for individually identifying a service user of the remote monitoring system 1 and a URL (Uniform Resource Locator) of a website managed by the server device 4 corresponding to each user Is notified from the service provider of the remote monitoring system 1 to each service user.

  In addition to the user ID, the user authentication method of the remote monitoring system 1 can be arbitrarily set by the individual identification information such as a manufacturing number and a telephone number uniquely assigned to the mobile terminal 3 and the user instead of the user ID. The user can also be authenticated by the proxy authentication number. Details of the user authentication method of the remote monitoring system 1 will be described later.

  Fig.2 (a) shows the time chart of the operation | movement at the time of remote control of the remote monitoring system 1, FIG.2 (b) shows the time chart of the operation | movement at the time of the sensor reaction of the system. The operation at the time of remote control of the remote monitoring system 1 will be described with reference to FIGS. In FIG. 1 (a) and FIG. 2 (a), the numbers enclosed in parentheses are the operation order and correspond to each other. (1) First, a service user of the remote monitoring system 1 operates the mobile terminal 3 to log in to the website managed by the server device 4 after authentication, and to control the in-home device 2 Is transmitted from the portable terminal 3 to the server device 4. Examples of the control command include an image transmission command and a sensor setting command. The image transmission command is a control command for capturing an image captured by the camera and transmitting the image to the server device 4. The sensor setting command is a control command for setting the sensing function of the human body sensor to be valid or invalid.

  (2) The server device 4 transfers the control command received from the mobile terminal 3 to the in-home device 2. (3) The in-home device 2 executes the control command received from the server device 4, and (4) notifies the server device 4 that the execution of the control command has been completed. At this time, for example, when the control command is an image transmission command, (5) the in-home device 2 transmits the image captured by the camera to the server device 4, and (6) the server device 4 is in the in-home device 2. The image sent from is stored as web information that can be browsed via the Internet, and the image is managed as a website in association with the user ID of the user. (7) Thereafter, the server device 4 notifies the portable terminal 3 by e-mail that the execution of the control command has been completed.

  The user knows that the control command has been executed by the electronic mail that has arrived at the mobile terminal 3. At this time, for example, when the control command is an image transmission command, (8) the user operates the mobile terminal 3 to log in to the website managed by the server 4 after authentication, and request an image transfer. Is transmitted from the portable terminal 3 to the server device 4. (9) Upon receiving the image transfer request from the mobile terminal 3, the server device 4 transmits the image stored as the website information to the mobile terminal 3, and (10) the mobile device 3 transmits the image from the server device 4. The displayed image is displayed. The user can confirm the captured image at home by looking at the display image.

  With reference to FIG.1 (b) and FIG.2 (b), the operation | movement at the time of the sensor reaction of the remote monitoring system 1 is demonstrated. In FIG. 1 (b) and FIG. 2 (b), the numbers enclosed in parentheses are the operation order and correspond to each other. (1) First, when the in-home device 2 detects an intruder or the like by a human body sensor, the in-home device 2 notifies the server device 4 that an abnormality has occurred, and transmits an image captured by the camera to the server device 4 at that time. . The server device 4 (2) stores the image sent from the home device as web information that can be browsed via the Internet, manages the image as a website in association with the user ID of the user, ( 3) Notifying the portable terminal 3 by e-mail that an abnormality has occurred.

  The user learns that an abnormality has occurred due to an e-mail that has arrived at the mobile terminal 3, and (4) operates the mobile terminal 3 to log in to the website managed by the server 4 after receiving authentication. Is transmitted from the portable terminal 3 to the server device 4. (5) Upon receiving the image transfer request from the mobile terminal 3, the server device 4 transmits the image stored as the website information to the mobile terminal 3, and (6) the mobile device 3 transmits the image from the server device 4. The displayed image is displayed. The user can check the image taken when an abnormality occurs by looking at the display image.

  FIG. 3 shows an overall block configuration of the remote monitoring system 1. The configuration and operation of the in-home device 2 of the system will be described. The in-home device 2 includes a control unit 21 including a CPU or the like for controlling the in-home device 2. The in-home device 2 includes a camera 22, a human body sensor 23, an image processing unit 24, an image memory 25, a setting memory 26 for storing various settings of the in-home device 2, and a modem 27 for connecting to a network. Is provided.

  The camera 22 shoots a predetermined monitoring area, and operates based on a control signal input from the control unit 21 to shoot a predetermined monitoring area. The image signal captured by the camera 22 is input to the control unit 21 and captured as a still image. The human body sensor 23 is for detecting illegal intruders and the like. The human body sensor 23 operates based on a control signal input from the control unit 21 and receives infrared rays emitted from the human body. Detects the presence of a human body in the area. A sensor signal indicating the presence or absence of a human body as a detection result by the human body sensor 23 is input to the control unit 21.

  The image processing unit 24 processes a still image captured by the camera 22 and captured by the control unit 21. The image memory 25 stores a still image captured by the camera 22 and captured by the control unit 21. The setting memory 26 stores a user ID that individually identifies a user of the remote monitoring system 1, the IP address of the in-home device 2, and the IP address of the server device 4. The modem 27 modulates a signal transmitted / received to / from the telephone line 5.

  When receiving a control command from the server device 4, the control unit 21 executes the control command. That is, when the control unit 21 receives an image transmission command as a control command, the control unit 21 captures an image captured by the camera 22 at that time, transmits the image to the server device 4, and transmits a sensor command as a control command. When a setting command is received, the sensing function of the human body sensor 23 is switched between valid and invalid according to the command. Then, after executing the control command, the control unit 21 transmits to the server device 4 that the control command has been executed. Further, in a state where the sensing function by the human body sensor 23 is set to be effective, the control unit 21 captures an image captured by the camera 22 at that time when the human body sensor 23 detects the human body, The image and the fact that an abnormality has occurred are transmitted to the server device 4. When the power of the in-home device 2 is turned on, the date / time is transmitted to the server device 4. When transmitting the information to the server device 4, the control unit 21 assigns a user ID to the information.

  Next, the configuration and operation of the mobile terminal 3 will be described. The mobile terminal 3 includes a control unit 31 including a CPU for controlling the mobile terminal 3, an operation unit 32, a display unit 33, a memory 34, a transmission / reception unit 35, and a modem 36 for connecting to a network. Is provided.

  The operation unit 32 inputs characters / numbers / symbols, logs in to a website managed by the server device 4, sets control commands for the home device 2, sends / receives e-mails, and images taken by the home device 2. It is operated to display The operation unit 32 has various operation keys, and inputs signals corresponding to these key operations to the control unit 31. The display unit 33 displays characters / numbers / symbols input by the operation unit 32, display of received electronic mail, images taken by the home device 2, and the like.

  The memory 34 stores the URL of the website managed by the server device 4 corresponding to the user of the remote monitoring system 1, the individual identification information of the mobile terminal 3, and the like. The individual identification information is information uniquely assigned to each mobile terminal in order to identify the individual mobile terminal 3, such as a manufacturing number or a telephone number of the mobile terminal 3. However, some portable terminals 3 do not have individual identification information stored in the memory 34. The transmission / reception unit 35 transmits / receives a signal to / from the mobile phone line 8 in the form of a radio signal via the antenna 35a. The modem 36 modulates a signal transmitted to and received from the mobile phone line 8.

  The control unit 31 controls the login request to the website managed by the server 4, the proxy authentication number used for user authentication, the user ID, the password, and the home device 2 in accordance with the operation of the operation unit 32. A control command, an image transfer request, and the like are transmitted to the server device 4. Further, when receiving the home information such as an image as web information from the server device 4, the control unit 21 displays the home information on the display unit 33.

  Next, the configuration and operation of the server device 4 will be described. The server device 4 includes a control unit (a website management unit, a login permission unit, a web information display unit, an individual identification authentication unit, a proxy authentication unit, a user ID authentication unit, an authentication selection unit including a CPU for controlling the server device 4 and the like. Means) 41, a modem 42 for connecting to a network, an image processing unit 43, and a storage device 44. The modem 42 modulates a signal transmitted / received to / from the Internet 7. The image processing unit 43 processes the image received from the home device 2.

  The storage device 44 stores in-home captured images received from the in-home device 2 as web information that can be browsed via the Internet 7, and also identifies a user ID and password that individually identifies the user of the remote monitoring system 1, The IP address of the server device 4, the IP address of the in-home device 2, the individual identification information of the mobile terminal 3, the proxy authentication number, the mail address, etc. are stored.

  The control unit 41 manages a website for each service user of the remote monitoring system 1. That is, when receiving the home information from the home device 2, the control unit 41 stores the home information specified by the URL address of the corresponding service user's website based on the user ID received together with the home information. The information is stored in the memory area of the device 44, and the home information is managed as a website in association with the user ID of the corresponding service user. And when the login request to the website is received from the mobile terminal 3, it is authenticated whether the login request is a request by a legitimate user, and when it is authenticated as a request by a legitimate user, Allow login to the website. User authentication is performed using individual identification information, a proxy authentication number, or a user ID and password. Details of the user authentication method will be described later.

  After permitting the login to the website, the control unit 41 first transmits information indicating the date and time when the previous login was made to the website to the portable terminal 3, and then controls the in-home device 2. Control requests, image transfer requests for transmitting website images, proxy authentication number registration requests, and the like. And the control part 41 will transfer the control command to the in-home apparatus 2 of a corresponding user ID, if a control command is received from the portable terminal 3. FIG. In addition, the control unit 41 receives an image transfer request from the mobile terminal 3 and transmits home information included in the website to the mobile terminal 3. Further, the control unit 41 receives a proxy authentication number registration request from the mobile terminal 3 and registers the proxy authentication number received from the mobile terminal 3 in the storage device 44 in association with the website and the user ID. Even after registering the proxy authentication number in the storage device 44, the control unit 41 manages the service user, the website, and the file by using the user ID as key data, and obtains the proxy authentication number from the portable terminal 3. For various requests used, the proxy authentication number is converted into a user ID and processed. Thereby, it can prevent that the data preserve | saved and managed in the server apparatus 4 become missing.

  When the control unit 41 receives a notification that the execution of the control command is completed from the in-home device 2, the control unit 41 completes the execution of the control command by e-mail to the corresponding portable terminal 3 based on the user ID received together with the information. Notify that it has been done. At this time, if the control command is an image transmission command, in addition to the completion of execution of the control command, a home-captured image is received, and the control unit 41 uses the received image as the user ID as described above. And manage it as a website. In addition, when the control unit 41 receives a notification that an abnormality has occurred from the in-home device 2, similarly, the control unit 41 notifies the mobile terminal 3 that an abnormality has occurred by e-mail, and the image received simultaneously with the notification. Is managed as a website in association with the user ID as described above.

  Next, the authentication method by the control part 41 of the server apparatus 4 is demonstrated with reference to the flowchart of FIG. When the URL of the website is input from the mobile terminal 3 (# 1), that is, when there is a login request to the website from the mobile terminal 3, the control unit 21 is stored in the mobile terminal 3 by the HTTP protocol. Identification information is acquired (# 2).

  Here, if the individual identification information is registered in the storage device 44 in correspondence with the website for which the login request has been made (YES in # 3), the control unit 41 obtains the individual identification information acquired from the portable terminal 3 and The individual identification information registered in the storage device 44 is compared, and the user is authenticated depending on whether the individual identification information matches (# 4).

  Also, when the individual identification information is not registered in the storage device 44 corresponding to the website (NO in # 3), and the proxy authentication number is registered in the storage device 44 corresponding to the website (YES in # 5), the control unit 41 transmits information for displaying the input screen of the proxy authentication number to the mobile terminal 3, and as shown in FIG. 5A, the display unit 33 of the mobile terminal 3 The proxy authentication number input screen is displayed on the screen (# 6). In the example shown in FIG. 5A, a number display area 51 for displaying the proxy authentication number input by the operation of the operation unit 32, and the operation unit for confirming the proxy authentication number displayed in the number display area 51 are displayed. An “OK” selection button 52 selected by operating 32 is displayed. When the proxy authentication number is input from the mobile terminal 3 (# 7), the control unit 41 compares the input proxy authentication number with the proxy authentication number registered in the storage device 44, and performs proxy processing. The user is authenticated depending on whether the authentication numbers match (# 8).

  Furthermore, when neither the individual identification information nor the proxy authentication number is registered in the storage device 44 corresponding to the website (NO in # 5), the control unit 41 displays a user ID and password input screen. Information to do this is transmitted to the portable terminal 3, and the user ID and password input screen is displayed on the display unit 33 of the portable terminal 3 as shown in FIG. 5B (# 9). In the example shown in FIG. 5B, the user ID and password input by operating the operation unit 32 are displayed in the ID display area 53 and password display area 54, and in the ID display area 53 and password display area 54. An “OK” selection button 55 is displayed that is selected by operating the operation unit 32 when the user ID and password are confirmed. When the user ID and password are input from the portable terminal 3 (# 10), the control unit 41 compares the input user ID and password with the user ID and password registered in the storage device 44. Thus, the user is authenticated based on whether the user ID and the password match (# 11).

  If the individual identification information matches (YES in # 4), the proxy authentication number matches (YES in # 8), or the user ID and password match (YES in # 11), the control unit 41 The login to the website is permitted, and information indicating the date and time of the previous login is transmitted to the mobile terminal 3, and the previous login is displayed on the display unit 33 of the mobile terminal 3 as shown in FIG. The date / time and the type of terminal, and the date / time when the power of the in-home device 2 was turned on are displayed (# 12). In the example shown in FIG. 5C, “2004/02/15” “14:25” is displayed as the date and time when the previous login was performed, “PC” is displayed as the terminal type, and the in-home device 2 “2004/02/13 13:25” is displayed as the date and time when the power source of was turned on. In addition, an “OK” selection button 56 that is selected by operating the operation unit 32 when confirming the information is displayed. Thereafter, when receiving a request from the mobile terminal 3, the control unit 41 transmits the content (photographed image at home) included in the website to the mobile terminal 3 and displays the content on the mobile terminal 3 (# 13).

  The registration of the individual identification information is automatically performed when it is acquired from the portable terminal 3 by the process of # 2 at the first login (authentication by the user ID and password is performed at the first login). . Although there are models in which the mobile terminal 3 cannot acquire individual identification information, in the mobile terminal 3 of such a model, NO is obtained in the process of # 3, authentication by proxy authentication number, or user ID and password Authentication is performed. In addition, registration of the proxy authentication number is freely performed when the user performs a predetermined operation on the mobile terminal 3 when logging in by authentication using individual identification information or authentication using a user ID and a password. The number is registered.

  According to such an authentication method, when logging into a website managed by the server device 4 and individual identification information is registered corresponding to the website, authentication based on the individual identification information is automatically selected. Thus, the user is authenticated by the individual identification number automatically acquired from the portable terminal 3. Therefore, in this case, the user does not need an operation for authentication. If the individual identification information is not registered and the proxy authentication number is registered, authentication based on the proxy authentication number is automatically selected, and the input screen for the proxy authentication number is automatically displayed on the mobile terminal 3. Is done. Therefore, in this case, the user only has to input the proxy authentication number that the user can easily remember into the mobile terminal 3. Further, when neither the individual identification information nor the proxy authentication number is registered, the authentication by the user ID is automatically selected, and the user ID and password input screen is automatically displayed on the portable terminal 3. Therefore, in this case, the user only has to input the user ID and password to the portable terminal 3.

  Thus, according to the above authentication method, it is automatically selected which of the individual identification information, the proxy authentication number, and the user ID / password is used for authentication. There is no need to choose. In addition, in authentication in each method, the user only needs to perform the minimum necessary operations. Such authentication is performed in the same manner regardless of the model and function of the mobile terminal 3.

  Therefore, according to the above authentication method, since authentication is required for logging in to the website, the authentication can be performed with the minimum necessary operation regardless of the model and function of the mobile terminal 3, so that the safety of the website can be ensured. Convenience can be achieved. In addition, according to the remote monitoring system 1 to which such an authentication method is applied, it is possible to secure the safety of the website including the personal information of the user and to facilitate the login operation to the website. Convenience is improved.

  In addition, this invention is not restricted to the structure of the said embodiment, A various deformation | transformation is possible. For example, in the above-described embodiment, the user can select one of the authentication method based on the individual identification information, the authentication method based on the proxy authentication number, and the authentication method based on the user ID / password by operating the mobile terminal 3. Good. The authentication method of the present invention is not limited to the remote monitoring system 1 but can be applied to all systems in which communication is performed between a mobile terminal and a server device via the Internet.

(A) (b) is a system block diagram which shows schematic structure of the remote monitoring system which concerns on one Embodiment of this invention. (A) is a time chart which shows the operation | movement at the time of remote control of the remote monitoring system, (b) is a time chart which shows the operation | movement at the time of the sensor reaction. The electric block block diagram which shows schematic structure of the in-home apparatus of the remote monitoring system, the server apparatus connected to this, and a portable terminal. The flowchart which shows the authentication method by the server apparatus of the remote monitoring system. (A) is a figure which shows the example of a display of the input screen of the proxy authentication number in the portable terminal at the time of logging in to the website of the remote monitoring system, (b) is the input screen of the user ID / password in the portable terminal The figure which shows a display example, (c) is a figure which shows the example of a display of the display screen of the date and time when the last login was in the portable terminal.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Remote monitoring system 2 In-home apparatus 3 Portable terminal 4 Server apparatus 21 Control part 22 Camera 23 Human body sensor 26 Setting memory 31 Control part 32 Operation part 33 Display part 41 Control part (Website management means, login permission means, web information display means Individual identification authentication means, proxy authentication means, user ID authentication means, authentication selection means)
44 storage devices

Claims (4)

A server device connected to a mobile terminal via the Internet stores web information that can be browsed via the Internet,
The server device
The web information is managed as a website in association with a user ID for identifying an individual,
When receiving a login request to the website from the mobile terminal, it authenticates whether the login request is a request by a legitimate user, and if it is authenticated as a request by a legitimate user, In the authentication method for mobile devices with browser display function that allows login to the website,
The server device
At least one of a password arbitrarily set by the individual, individual identification information uniquely given to the mobile terminal, and a proxy authentication number arbitrarily set by the individual instead of the user ID, the website And registered in association with the user ID,
When receiving the login request to the website from the mobile terminal, if the individual identification information corresponding to the website is registered, the individual identification information corresponding to the website is authenticated by authenticating with the individual identification information If the proxy authentication number is not registered, authentication is performed using the proxy authentication number. If the individual identification information corresponding to the website and the proxy authentication number are not registered, authentication is performed using the user ID. And
In the authentication by the individual identification information, the individual identification information stored in the portable terminal is acquired from the portable terminal by the HTTP protocol, and the individual identification information acquired from the portable terminal is compared with the registered individual identification information. Authenticate
In the authentication by the proxy authentication number, information for displaying the input screen of the proxy authentication number is transmitted to the mobile terminal, the input screen is displayed on the mobile terminal, and then input by the mobile terminal. Perform authentication by comparing the proxy authentication number transmitted from the mobile terminal and the registered proxy authentication number,
In the authentication by the user ID, information for displaying an input screen for a user ID and a password is transmitted to the mobile terminal, and the input screen is displayed on the mobile terminal, and then input by the mobile terminal. The user ID and password transmitted from the portable terminal are compared with the registered user ID and password for authentication,
When login to the website is permitted, first, information indicating the date and time of the previous login to the website is transmitted to the mobile terminal, and the date and time of the previous login is transmitted to the mobile terminal. A browser display function for displaying the web information contained in the website and then displaying the web information on the mobile terminal in response to a request from the mobile terminal. Authentication method for mobile phones. A server device connected to a mobile terminal via the Internet stores web information that can be browsed via the Internet,
The server device
The web information is managed as a website in association with a user ID for identifying an individual,
When receiving a login request to the website from the mobile terminal, it authenticates whether the login request is a request by a legitimate user, and if it is authenticated as a request by a legitimate user, In the authentication method for mobile devices with browser display function that allows login to the website,
The server device
A proxy authentication number arbitrarily set by the individual instead of the user ID is registered in association with the website and the user ID,
When a login request to the website is received from the mobile terminal, information for displaying the input screen of the proxy authentication number is transmitted to the mobile terminal, and the input screen is displayed on the mobile terminal. An authentication method for a mobile terminal with a browser display function, wherein authentication is performed by comparing a proxy authentication number input from the mobile terminal and transmitted from the mobile terminal with the registered proxy authentication number. A server device to which a mobile terminal is connected via the Internet;
The server device
Storage means for storing web information that can be browsed via the Internet and a user ID for identifying an individual;
Website management means for managing the web information stored in the storage means as a website in association with the user ID;
When a login request to the website managed by the website management means is received from the portable terminal, it is authenticated whether the login request is a request by a legitimate user, and is a request by a legitimate user. A login permission means for permitting login to the website,
After permitting login to the website by the login permission means, in response to a request from the portable terminal, the web information included in the website is transmitted to the portable terminal, and the web information is transmitted to the portable terminal. In a mobile terminal authentication system with a browser display function having a web information display means for displaying,
The website management means includes a password arbitrarily set by the individual, individual identification information uniquely given to the mobile terminal, and a proxy authentication number arbitrarily set by the individual in place of the user ID. Register in the storage means in association with the site and user ID,
The login permission means includes an individual identification authentication means for authenticating with the individual identification information, a proxy authentication means for authentication with the proxy authentication number, a user ID authentication means for authentication with the user ID and password, and An authentication selection means for selecting which of the authentication means to perform authentication,
When the authentication selection means receives a login request to the website from the portable terminal, and the individual identification information corresponding to the website is registered in the storage means, the authentication by the individual identification authentication means is performed. When the individual identification information corresponding to the website is not registered in the storage means and the proxy authentication number is registered, the authentication by the proxy authentication means is selected, and the website is stored in the storage means. If the individual identification information and proxy authentication number corresponding to is not registered, select authentication by the user ID authentication means,
The individual identification authentication means acquires the individual identification information stored in the portable terminal from the portable terminal using an HTTP protocol, and the individual identification information acquired from the portable terminal and the individual identification information registered in the storage means Authenticate by comparing
The proxy authentication means transmits information for displaying an input screen of the proxy authentication number to the mobile terminal, displays the input screen on the mobile terminal, and is then input by the mobile terminal and Authenticate by comparing the proxy authentication number sent from the mobile terminal with the proxy authentication number registered in the storage means,
The user ID authenticating means transmits information for displaying an input screen of the user ID and password to the mobile terminal, displays the input screen on the mobile terminal, and then inputs on the mobile terminal The user ID and password transmitted from the mobile terminal and the user ID and password registered in the storage means for authentication,
When the web information display means permits the login to the website by the login permission means, first, the web information display means transmits information indicating the date and time when the previous login was made to the website to the portable terminal. The date and time of the previous login is displayed on the mobile terminal, and then, in response to a request from the mobile terminal, the web information included in the website is transmitted to the mobile terminal, and the web information is transmitted to the An authentication system for a mobile terminal with a browser display function, characterized by being displayed on a terminal. A server device to which a mobile terminal is connected via the Internet;
The server device
Storage means for storing web information that can be browsed via the Internet and a user ID for identifying an individual;
Website management means for managing the web information stored in the storage means as a website in association with the user ID;
When a login request to the website managed by the website management means is received from the portable terminal, it is authenticated whether the login request is a request by a legitimate user, and is a request by a legitimate user. A login permission means for permitting login to the website,
After permitting login to the website by the login permission means, in response to a request from the portable terminal, the web information included in the website is transmitted to the portable terminal, and the web information is transmitted to the portable terminal. In a mobile terminal authentication system with a browser display function having a web information display means for displaying,
The website management means registers the proxy authentication number arbitrarily set by the individual instead of the user ID in the storage means in association with the website and user ID,
The login permitting unit includes a proxy authentication unit that performs authentication by comparing a proxy authentication number transmitted from the portable terminal with a proxy authentication number registered in the storage unit, and has a browser display function. Terminal authentication system.

Images