JP2008140143A - Information processing system, terminal device, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information processing system, a terminal device composing the information processing system, and a recording medium which can gradually restrain the use of functions provided by the information processing system in addition to the use of a PC and a server composing the information processing system and furthermore can gradually restrain access to data under control by the information processing system depending on user's privilege. <P>SOLUTION: When device authentication succeeds (step S3:YES) and organization authentication succeeds (step S5:YES), an environment setting information making part 125 makes environment setting information for successful device authentication and organization authentication (step S6). At the same time, an access privilege information making part 126 makes access privilege information for successful device authentication and organization authentication (step S7). <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an information processing system, a terminal device that constitutes the information processing system, and a recording medium.

  In an information processing system composed of a PC, a server, and the like, a technique for restricting the use of functions (applications etc.) provided by the information processing system and a technique for restricting access to data managed by the information processing system have been proposed.

  For example, Patent Literature 1 and Patent Literature 2 disclose a technology capable of restricting, on the information processing system side, a function provided to a user among a plurality of functions provided by the information processing system.

  Further, Patent Document 3 discloses a technique that can limit the types of functions provided by the information processing system by using an authentication function recorded on the user side, that is, in a portable recording medium possessed by the user. .

Patent Document 4 discloses a technique for enhancing information security by strengthening access restriction (user authentication function) for data secretly managed in such an information processing system.
JP 2006-59141 A JP 2003-233586 A JP 2003-271482 A JP 2004-303202 A

  However, the techniques described in Patent Document 1, Patent Document 2, and Patent Document 3 only limit the types of functions provided by the information processing system, and the use of the PC and server itself constituting the information processing system is limited. Could not be restricted. Further, there is a problem that even a user who does not have access authority can easily access data that is secretly managed.

  In addition, the technology described in Patent Document 4 merely strengthens access restrictions, and restricts (limits) the use of functions provided by the information processing system in a stepwise manner according to the user's authority. Access to the data managed by can not be regulated in stages according to the user's authority.

  Furthermore, in recent years, the use of large-capacity portable recording media has been expanded. In order to protect important data for access to data recorded on these portable recording media related to the use of information processing systems. Access restrictions are needed.

  The present invention has been made in view of such circumstances, and not only can restrict the use of the PC and server itself that constitute the information processing system, but also the use of functions provided by the information processing system according to the authority of the user. An information processing system that can be regulated in stages, and that can further regulate access to data managed by the information processing system in accordance with the authority of the user, and that can perform user authentication simply and easily. An object of the present invention is to provide a terminal device and a recording medium.

  The first technical means includes at least one recording medium in which various authentication items are set, and a terminal device to which the recording medium is mounted, and the terminal device is activated by the mounting of the recording medium. An authentication unit that authenticates the activation condition corresponding to the authentication condition, and the authentication unit is set in the authentication item to be satisfied that is set in the condition corresponding to the system environment and the recording medium mounted in the terminal device The information processing system is characterized by authenticating a match with a certified authentication item and activating a regulated system environment corresponding to the setting of the matched authentication item.

  According to a second technical means, in the first technical means, the information processing system is connected to various servers via a network, and the server includes the authentication unit. Information processing system.

  According to a third technical means, in the second technical means, the server includes an authentication unit that authenticates permission of access to one or more specific servers in the network, and the authentication unit includes the specific An information processing system, wherein authentication items to be satisfied are set corresponding to provided information of a server, and a match with an authentication item set on the recording medium mounted on the terminal device or server is authenticated is there.

  According to a fourth technical means, in any one of the first to third technical means, the restricted system environment includes a data access right restricted to be accessible by the information processing system. Information processing system.

  According to a fifth technical means, in any one of the first to third technical means, the restricted system environment is a data access right restricted to be accessible by the information processing system. Information processing system.

  According to a sixth technical means, in any one of the first to fifth technical means, the recording medium stores a program for executing processing for authenticating the plurality of system environments to be activated in the terminal device or the server. The information processing system is characterized in that when the recording medium is loaded in the terminal device or server, the terminal device or server executes the program.

  A seventh technical means is any one of the first to sixth technical means, wherein the recording medium has a plurality of data areas, authentication items corresponding to the data areas are set, and the terminal device or The information processing system is characterized in that the data area can be used only when authentication items set in the server match.

  According to an eighth technical means, in the technical means according to any one of the first to seventh technical means, a lower-level authentication item subordinate to a higher-level authentication item is set as the authentication item, and the higher-level authentication item is a lower-level authentication item. The information processing system is characterized in that authentication is not performed unless satisfaction of the matter is authenticated.

  A ninth technical means is the first technical means according to any one of the first to seventh technical means, wherein the lower authentication item subordinate to the upper authentication item is set and the upper authentication item is satisfied. It is an information processing system characterized by authenticating that the lower level authentication items are also satisfied.

  A tenth technical means sets a certification item corresponding to at least the regulated system environment to be activated constituting the information processing system in any one of the first to ninth technical means. It is.

  According to an eleventh technical means, in the recording medium according to the tenth technical means, the data area of the recording medium includes a secure area where the data is encrypted and a non-secure area where the data is recorded without being encrypted. The recording medium is characterized by being divided into two.

  A twelfth technical means is a recording medium according to the tenth technical means, wherein an OS and / or an application to be executed on a terminal device or a server to which the recording medium is mounted is recorded. It is.

  A thirteenth technical means is a terminal device in which authentication items corresponding to at least the regulated system environment to be activated constituting the information processing system in any one of the first to ninth technical means are set.

  According to the present invention, it is possible to limit the use of a PC and a server constituting an information processing system. Furthermore, the use of the functions provided by the information processing system can be regulated in stages according to the user's authority, and access to data managed by the information processing system can be regulated in stages according to the user's authority. In addition, user authentication can be executed simply and easily.

  Further, in relation to the use of the information processing system, access to data recorded on the portable recording medium can be regulated in stages.

[Example 1]
FIG. 1 is a system configuration diagram for explaining the outline of the present invention.
Reference numerals 11 to 14 denote terminal devices, so-called PCs (personal computers), which are connected to the network N.

Further, the normal PC 11 ₁ to the normal PC 11 ₃ or the specific PC 12 ₁ and the specific PC 12 ₂ are PCs belonging to the organization O1 or the organization O2 such as the accounting section and the development section if they are companies.
The normal PC 11 is a PC that belongs to the organization O1 (for example, the accounting section) or the organization O2 (for example, the development section) and is used for normal business in the organization.
The specific PC 12 is a specific PC that belongs to the organization O1 or the organization O2 and is used for a specific job in the organization.
The administrator PC 13 is a PC that belongs to the organization O1 or the organization O2, and is used by a network administrator or the like.

  The general PC 14 is, for example, a PC that employees can use freely.

21 to 25 are servers.
The servers 21 ₁ to 21 ₂ are servers such as a file server, a printer server, and a mail server.
The authentication server 22 is a server for executing network authentication described later.
The specific server 23 is a server that records applications, data, and the like that are used for specific work of the organization to which the specific server belongs.
The server 21, the authentication server 22, and the specific server 23 belong to the organization O1 or the organization O2, and are connected to the network N.
The server 24 is a server connected to the network N but not belonging to the organization O1 or the organization O2.
The authentication server 25 is a server connected to the network N but not belonging to the organization O1 or the organization O2, and executes network authentication for the general PC.

The present invention automatically sets various environments according to user authority by mounting a portable recording medium described later on the above-described PC or server, and automatically sets user access authority to data. It is given to. Further, access to data recorded on the portable recording medium and access authority to the data area can be freely set.
In the present invention, an information processing system is composed of these PC, server, and recording medium.

  FIG. 2 is a block configuration diagram of the specific PC 12, the authentication server 22, and the above-described portable recording medium that are components of the information processing system 10. In the block configuration diagram of FIG. 2, the block configuration diagram of the specific PC 12 and the authentication server 22 has been described, but even the normal PC 11, the administrator PC 13, the general PC 14, the server 21, the specific server 23, and the authentication server 25. It has the same configuration.

(Specific PC12)
A network I / F unit 111 functions as an interface for connecting to the network N.
An HDD 112 records the OS, application software, and the like, and divides the recording area as will be described later.
A memory 113 records BIOS, various control information, and the like.
A recording medium I / F unit 114 functions as an interface with the portable recording medium 31 (hereinafter simply referred to as the recording medium 31).
Reference numeral 115 denotes a control unit (CPU) that controls each functional block.

After detecting that the recording medium 31 is mounted on the specific PC 12, 120 starts various authentication processes, automatically sets various environments according to user authority (system environment activation), and user access to data It is an authentication processing control unit that controls processing for automatically granting authority (setting of data access authority restricted to be accessible).
The authentication processing control unit 120 refers to various authentication certificates, for example, a device authentication certificate 311 and an organization authentication certificate 312, recorded on an attached recording medium 31 to be described later. Are provided with various authentication units (device authentication unit 121, organization authentication unit 122), an environment setting information creation unit 125 for setting a system activation environment according to the authentication result, and the same access authority information creation unit 126.

That is, as will be described later, authentication items (authentication unit, authentication information of the authentication unit) to be satisfied corresponding to the activation environment of the system are set in the authentication unit. The authentication unit authenticates the match between the authentication item and the authentication item (authentication information of the authentication certificate) set in the recording medium 31 attached to the specific PC 12 (terminal device), and controls authentication processing. The unit 120 activates a regulated system environment corresponding to the setting of the matched authentication item.
Other various authentication processes and various certificates will be described later.

That is, the environment setting information creation unit 125 automatically creates environment setting information according to the certification certificate recorded on the recording medium 31 attached by the user.
Similarly, the access authority information creation unit 126 automatically creates access authority information that defines access authority for data.

  The authentication processing control unit 120 automatically sets various environments and access authorities according to the user authority based on the environment setting information and the access authority information created as described above.

(Authentication server 22)
An N / W authentication unit 123 of the authentication server 22 performs network authentication with reference to the N / W authentication certificate 313 recorded on the attached recording medium 31 via the network N, and Access authority information that defines access authority to various servers is automatically created. Note that the authentication processing control unit 120 of the authentication server also has a function of authenticating access to the system via the server, like other PCs.

(Recording medium 31)
The recording medium 31 is a portable recording medium such as an iVDR (Information Versatile Disk for Removable usage). As will be described later, the recording area in the recording medium 31 is divided into a plurality of recording areas, and a device authentication certificate 311, an organization authentication certificate 312 and an N / W authentication certificate 313 are stored in predetermined areas. It is recorded.

  Further, as shown in FIG. 9, in the case of a large capacity portable recording medium, a data recording area (described later) is set together with recording areas of various certificates.

Next, an outline of processing for automatically setting various environments according to a user and processing for automatically setting user access authority to data will be described with reference to a flowchart.
FIG. 3 is a flowchart for explaining processing for automatically setting various environments and access authorities.

  When the user attaches the recording medium 31 to the specific PC 12 (step S1) and turns on the power of the specific PC 12, the BIOS in the specific PC 12 is activated.

  The device authentication unit 121 of the specific PC 12 refers to the device authentication certificate 311 recorded in the recording medium 31 and executes device authentication processing (step S2). Details of the authentication process will be described later.

  If the device authentication is successful (step S3: YES), the organization authentication unit 122 of the specific PC 12 refers to the organization authentication certificate 312 recorded in the recording medium 31 and executes organization authentication processing (step S4). ).

  When the organization authentication is successful (step S5: YES), the environment setting information creating unit 125 creates environment setting information when the device authentication and the organization authentication are successful (step S6). At the same time, the access authority information creating unit 126 creates access authority information when device authentication and organization authentication are successful (step S7).

  When the organization authentication fails (step S5: NO), the environment setting information creation unit 125 creates environment setting information when the device authentication is successful (step S9). At the same time, the access authority information creating unit 126 creates access authority information when the organization authentication is successful (step S10).

  If the device authentication fails (step S3: NO), the above-described organization authentication process is executed (step S11). If the organization authentication is successful (step S11: YES), the environment setting information creation unit 125 Then, environment setting information when the organization authentication is successful is created (step S13). At the same time, the access authority information creation unit 126 creates access authority information when the organization authentication is successful (step S14).

  Next, the OS of the specific PC 12 is activated based on the created environment setting information and access authority information (step S8). If device authentication and organization authentication have failed (step S3 and step S12: NO), the startup process is terminated (step S15).

In the above-described flowchart, the organization authentication process is executed after the apparatus authentication process is executed, but the order may be changed.
Further, although the device authentication process is executed after the BIOS is started, the authentication process may be executed after the OS is started, and the order of the processes is not limited. In this case, if the authentication process fails, an OS termination process is executed.

(Authentication process)
Here, the authentication process will be described with reference to FIGS.

(Device authentication)
FIG. 4 is a diagram for explaining device authentication processing in the device authentication unit 121.
The device authentication unit 121 executes authentication by comparing the device authentication information 121a with the device authentication information 311a of the device authentication certificate 311 of the recording medium 31. In the illustrated example, information “specific PC 12 ₁ ” is set as the device authentication information 121a.
The device authentication information 311a of the device authentication certificate 311 of the recording medium 31 is information indicating the type of device (PC, server, etc.) that can be used by mounting the recording medium 31.

In the figure, “specific PC 12 ₁ and normal PC 11 ₁ to normal PC 11 ₃ ” are set, and the recording medium 31 in which the device authentication certificate 311 is recorded is attached to the specific PC 12 ₁ and normal PC 11 ₁ to normal PC 11 ₃ . It can be used. For example, when the information can be used by the normal normal PC 11 or the authentication server 22, information to that effect is set. Further, when the apparatus can be used by being mounted on another specific PC or a normal PC, apparatus authentication information corresponding to those apparatuses is recorded.

Reference numeral 311b denotes information indicating the expiration date of the electronic certificate, that is, expiration date information.
Reference numeral 311c denotes information indicating the issuer of the electronic certificate, that is, issuer information.
Reference numeral 311d denotes a digital signature for confirming the validity of the information.
The device authentication unit 121 is provided in each PC and server that configure the information processing system 10 of FIG.

The device authentication unit 121 authenticates whether the user of the recording medium 31 can use the PC (recording medium) with reference to these pieces of information based on a series of processes shown in the flowchart shown in FIG.
The device authentication unit 121 refers to the digital signature 311d to confirm the validity of the device authentication certificate 311 (step S21), confirms the validity of the expiration date of the device authentication certificate 311 (step S22), and Further, it is confirmed whether the issuer is valid (step S23).
When the confirmation process is successful (YES in steps S21 to 23), the device authentication unit 121 includes the device authentication information 121a of the device authentication unit 121 and the device authentication information 311a of the device authentication certificate 311. To determine whether or not both device authentication information (121a, 311a) matches (step S24).

In the example of FIG. 4, since the device authentication information 121a “specific PC 12 ₁ ” of the device authentication unit 121 is set in the device authentication information 311a of the authentication certificate 311 of the recording medium 31, both device authentication information ( 121a, 311a) match (device authentication succeeds: YES in step S3 in FIG. 3). On the other hand, if the device authentication information 311a of the device authentication certificate 311 is set to “administrator PC 13”, for example, it is determined that the device authentication information (121a, 311a) does not match (devices). Authentication failed: Step S3 in FIG. 3 (NO).

  If they match, it is assumed that the authentication was successful, and another authentication process (step S4 in FIG. 3) is executed. When they do not match and when the above-described confirmation process fails (any of steps S21 to 23), another authentication process (step S11 in FIG. 3) is executed.

(Organization certification)
FIG. 6 is a diagram for explaining the organization authentication process in the organization authentication unit 122.
The organization authentication unit 122 performs authentication by collating the organization authentication information 122a with the organization authentication information 312a of the organization authentication certificate 312 described later.
Here, information “Accounting Section” (organization O1) is set as the organization authentication information 122a.
The organization authentication information 312a of the organization authentication certificate 312 is information indicating an organization to which a device (PC, server) that can be used with the recording medium 31 belongs. In the illustrated example, it is shown that the recording medium 31 in which the organization authentication certificate 312 is recorded can be used in a device (PC, server) in the organization (Accounting Section) (“Accounting Section” in the figure).

The organization authenticating unit 122 refers to these pieces of information and attaches the recording medium 31 to a PC in the accounting section to authenticate whether the PC can be used.
That is, after confirming the validity of the organization authentication certificate 312 (corresponding to steps S21 to S23 in FIG. 5), the organization authentication unit 122 receives the organization authentication information 122a of the organization authentication unit 122 and the organization authentication certificate. The organization authentication information 312a of 312 is collated to determine whether or not both organization authentication information (122a, 312a) matches.

  In the example of FIG. 6, the organization authentication information 122a “Accounting Section” of the organization authentication unit 122 and the organization authentication information 312a “Accounting Section” of the organization authentication certificate 312 are the same. 122a, 312a) match. On the other hand, if the organization authentication information 312a of the organization authentication certificate 312 is, for example, “development section”, it is determined that the two organization authentication information (122a, 312a) do not match.

The organization authentication unit 122 is provided in the PC and server that constitute the information processing system 10 of FIG.
The expiration date information 312b, issuer information 312c, and digital signature 312d correspond to the above-described expiration date information 311b, issuer information 311c, and digital signature 311d.

(N / W authentication)
FIG. 7 is a diagram for explaining the N / W authentication process in the N / W authentication unit 123.
The N / W authentication unit 123 performs authentication by comparing the N / W authentication information 123a with N / W authentication information 313a of an N / W authentication certificate 313 described later. That is, when the authentication processing control unit 120 detects that the recording medium 31 is mounted on the normal PC 11 ₁ to the normal PC 11 ₃ or the specific PC 12 ₁ , the authentication processing control unit 120 uses the authentication server 22 connected to the specific PC 12 ₁ via the network N. A control command for executing the above-described authentication processing is issued to the N / W authentication unit 123.

Here, the information “network in accounting section” is set as the above-described N / W authentication information 123a.
The N / W authentication information 313a of the N / W authentication certificate 313 is information indicating the type of network (for example, an in-house LAN network, an accounting department network, or a development department network) that can be used by mounting the recording medium 31. . In the illustrated example, the recording medium 31 on which the N / W authentication certificate 313 is recorded is stored in a PC (ordinary normal PC 11 ₁ to normal PC 11 ₃ , specific PC 12 ₁ or administrator PC 13) connected to the accounting section network. It is shown that it can be used ("Accounting section network" in the figure).

The N / W authentication unit 123 authenticates whether the user of the recording medium 31 can use the network with reference to these pieces of information.
That is, after confirming the validity of the N / W authentication certificate 313 (corresponding to steps S21 to S23 in FIG. 5), the N / W authentication unit 123 uses the N / W authentication unit 123 for N / W authentication. The information 123a and the N / W authentication information 313a of the N / W authentication certificate 313 are collated, and it is determined whether or not both N / W authentication information (123a, 313a) matches.

  In the example of FIG. 7, the N / W authentication information 123 a “Accounting section network” of the N / W authentication unit 123 and the N / W authentication information 313 a “Accounting section network” of the N / W authentication certificate 313 are the same. Therefore, it is determined that both N / W authentication information (123a, 313a) matches. On the other hand, when the N / W authentication information 313a of the N / W authentication certificate 313 is “development section network”, it is determined that the N / W authentication information (123a, 313a) does not match.

The authentication processing control unit 120 of the authentication server 22 also includes a device authentication unit 121 and an organization authentication unit 122.
The expiration date information 313b, issuer information 313c, and digital signature 313d correspond to the expiration date information 311b, issuer information 311c, and digital signature 311d described above.

  The above-described authentication information (121a to 123a) is recorded in an encrypted state in the HDD 112. At the time of authentication, each authentication unit (121 to 123) acquires the authentication information from the HDD 112 and performs authentication. Use. Each information for authentication (121a to 123a) can be changed by an information system administrator as necessary.

  Here, the case where various authentication processes are performed sequentially has been described, but as described later, if at least one of the authentication processes is successful, environment setting information corresponding to the successful authentication process is created. The environment can also be set according to the environment setting information.

(Environment setting process)
Depending on the result of the authentication process described above, the environment in a plurality of PCs (normal PC 11 ₁ to normal PC 11 ₃ , specific PC 12 ₁ to specific PC 12 ₂ , administrator PC 13, general PC 14) or server (server 21, authentication server 22) The setting information creation unit 125 sets the PC startup environment according to the executed authentication.
In this environment setting process, the environment setting information creation unit 125 generates environment setting information based on, for example, the environment setting information correspondence table shown in FIG. 8, and the authentication processing control unit 120 includes an environment setting information creation unit. In accordance with the environment setting information generated by the user 125, the environment on the PC and network that can be used by the user of the recording medium 31 is set. An example of the environment setting information will be described with reference to FIG.

FIG. 8 is a diagram for explaining the environment setting process.
In the environment setting information correspondence table 200 shown in the figure, a mounting destination PC column 202 related to a PC in which the recording medium 31 is mounted corresponds to the authentication combination column 201 indicating a combination of authentication success in the authentication processing described above. .
The environment setting information correspondence table 200 is recorded in the HDD 112.

Here, an example of a system environment that is activated in accordance with the result of the authentication process executed after the recording medium 31 is mounted on each PC (general PC 14, normal PC 11, specific PC 12, administrator PC 13) will be described.
(1) When the recording medium 31 is mounted on the general PC 14.
When the device authentication (A) of the PC 14 is successful, the environment setting information creation unit 125 creates personal environment setting information (FIG. 8: personal environment). This personal environment setting information is information indicating settings such as a usage environment in which a user who is an employee, for example, activates a minimum necessary application that can use the general PC 14 in a stand-alone manner.

  Further, when both device authentication (A) and N / W authentication (N) are successful, the environment setting information creation unit 125, for example, environment setting information for enabling use of the server 24 that can be used in common by employees (FIG. 8). : Common server usable environment). The common server usable environment setting information corresponds to the application (N / W authentication information 123a) provided by the server 24 that does not belong to the organization that the user can commonly use by the user using the general PC 14 as described above. Information provided by the server) and information indicating settings such as a use environment in which data can be accessed. Note that N / W authentication (network authentication) in this case is executed by the authentication server 25. Note that since the PC 14 does not belong to a specific organization, organization authentication is not performed.

(2) When the recording medium 31 is mounted on the normal PC 11 in the tissue.
If the organization authentication (O) or both the device authentication (A) and the organization authentication (O) are successful, the environment setting information creating unit 125 creates the in-organization common environment setting information (FIG. 8: common in-organization environment). To do. This internal common environment setting information is, for example, an application that a member (user) who is a member of the organization (accounting section, etc.) normally uses the PC 11 in a stand-alone manner and is commonly executed by all the members of the organization. This is information indicating the setting of the usage environment of data and the like.

In addition, when both organization authentication (O) and N / W authentication (N), or device authentication (A), organization authentication (O) and N / W authentication (N) succeed, creation of environment setting information The unit 125 creates in-organization common server usable environment setting information (FIG. 8: in-organization common server usable environment). This common server usable environment is, for example, the application, data that each server (21, 22) in the organization provides to the organization members in common via the in-house network using the normal PC 11 This is information indicating the setting of the usage environment such as access.
In this example, it is arbitrary to set common to each of the normal PCs 11 ₁ to 11 ₃ belonging to the organization O1 in FIG. 1 or to set different settings for each of the normal PCs 11 individually.

(3) When the recording medium 31 is mounted on the specific PC 12 in the organization.
When both device authentication (A) and organization authentication (O) are successful, the environment setting information creation unit 125 creates in-organization specific environment setting information (FIG. 8: in-organization specific environment). This internal specific environment setting information is used for specific business such as access of applications, data, etc. specially used for specific business in the organization by a specific person of the organization using the specific PC 12. This is information indicating settings such as a usage environment that is specially set (customized).

  Also, when the three parties of device authentication (A), organization authentication (O), and N / W authentication (N) succeed, the environment setting information creation unit 125 uses usable environment setting information (see FIG. 8: Create environment for specific server in organization). The usable environment setting information of the specific server 23 in the organization is, for example, specified by the specific member of the organization using the specific PC 12 via the in-house network in the organization. In this way, the information indicates the setting of the usage environment such as an application, data access, etc. that are specially provided for a specific business.

(4) When the recording medium 31 is mounted on the administrator PC 13 in the organization.
Only when the device authentication (A), organization authentication (O), and N / W authentication (N) are successful, the environment setting information creation unit 125 creates environment information that can be used for all rights (FIG. 8: all rights). Create a usable environment). The all authority usable environment information is information indicating an authority that a network administrator or the like can change various settings related to the network.

  Note that in the examples described in (1) to (4) above, even if authentication other than that described above or a combination of various authentications succeeds, the PC or the like with the recording medium 31 mounted does not start and is used. (See “-” in FIG. 8).

  As described above, for example, a dependency relationship can be set for two authentication items, that is, organization authentication (A) and device authentication (A).

That is, when the recording medium 31 is attached to the normal PC 11 in the organization, the lower authentication item (device authentication (A)) subordinate to the upper authentication item (organization authentication (O)) is set, and the upper authentication is performed. The matter may not be authenticated unless the satisfaction of the lower level authentication items is authenticated (success of authentication) (success of both device authentication (A) and organization authentication (O)).
In addition, the lower authentication items may be authenticated in combination if the satisfaction of the upper authentication items is authenticated (success in only organization authentication (O) is possible). Thereby, the process of the authentication process control part 120 can be rationalized.

  Moreover, the determination result of the satisfaction of the combination of a plurality of authentication items can be a hierarchical structure. That is, if device authentication (A), organization authentication (O), and N / W authentication (N) are successful (upper layer authentication items), both device authentication (A) and organization authentication (O) ( A system environment (common environment in the organization) that starts when a lower-level authentication item) succeeds may be started.

  It should be noted that the setting of the dependency relationship of the authentication items and the setting of the hierarchical structure of the determination result described above can be arbitrarily set.

In accordance with the environment setting information generated in this way, as described above, the authentication processing control unit 120 sets the usage environment of the PC in stages according to the recording of the authentication information of the recording medium 31 loaded.
Therefore, it is possible to restrict the use of the PC and the server itself constituting the information processing system, and furthermore, it is possible to restrict the use of various functions such as applications provided by the information processing system in a stepwise manner according to the user's authority.
Further, the user's convenience is improved because the user's necessary PC environment is automatically set only by inserting the recording medium 31 into the PC or the like.

(Access authority setting process)
Next, the user's various access authorities set according to the success of various authentications as described above will be described with reference to FIG.
As described above, access authority for data and the like can be set together with restrictions on the system usage environment. However, as with the above-described access authority setting process, it is related to the system usage environment by mounting the recording medium 31. It is also possible to regulate data access independently.

FIG. 9 is a block diagram for explaining the access authority setting process.
As shown in FIG. 9, the recording area of the HDD 112 of the specific PC 12 includes a normal recording area 112x in which data such as OS and applications are recorded, a common area 112a that can be commonly used by users of the specific PC 12, and a predetermined organization. It is divided into organization areas 112b that can be used only by the users to which it belongs.

  Similarly, the recording area of the HDD 112 of the authentication server 22 is divided into a common area 112a, an organization area 112b, and an external server area 112d to which access authority is given only to users authenticated by N / W authentication.

  The access authority information creating unit 126 generates access authority information based on the access authority setting correspondence table shown in FIG. 10 according to the authentication result of each authentication process described above, and the authentication process control unit 120 In accordance with the access authority information generated by the creation unit 126, the access authority for the recording area (common area, organization area) that can be used by the user of the recording medium 31 is set.

  The recording medium 31 has an area 31S (secure area where data is encrypted and recorded) in which an authentication certificate is recorded, and an area 31NS (non-secure area where data is not encrypted and recorded). The divided 31NS in which data is recorded is divided into a common area 31a that can be used in common by all users of the recording medium 31, and an organization area 31b that can be used only by users belonging to a predetermined organization.

FIG. 10 is a diagram for explaining the access authority setting process.
In the access authority setting correspondence table 210 illustrated in FIG. 10, an accessible area 212 is defined corresponding to the authentication combination field 211 indicating the combination of authentication processes, similar to the description of FIG. 8 described above.
The access authority setting correspondence table 210 is recorded in the HDD 112.

  FIG. 10 illustrates an accessible area that is set according to the result of authentication processing executed after the recording medium 31 is mounted on each PC (general PC 14, normal PC 11, specific PC 12, administrator PC 14). Yes.

  In the figure, the common area accessible means that the common area (common area 112a in the HDD 112, common area 31a in the recording medium 31) can be accessed, and the organizational area accessible means the organizational area (organization area in the HDD 112). 112b indicates that the organization area 31b) in the recording medium 31 can be accessed, and the external server area accessible means that the external server area (the external server area 112d in the HDD 112 of the authentication server 22) can be accessed. Note that the tissue region (specific) indicates a specific data region of the tissue region described above.

Further, “all area accessible” indicates that the entire recording area of the HDD 112 and the recording medium 31 can be accessed, and “−” indicates that the above-described recording area cannot be accessed.
The correspondence between the authentication combination and the accessible authority corresponds to the description in FIG. 8 as described in FIG.

In accordance with the accessible information (access authority information) generated in this way, as described above, the authentication processing control unit 120 (OS) can use the recording area (common area, organization area) that can be used by the user of the recording medium 31. Set access permissions for.
As a result, access to data managed by the information processing system can be restricted in stages according to the user's authority, and the security level of information management is increased.

[Example 2]
In the first embodiment, the user (A) who owns the recording medium is not authenticated. Therefore, when another user (B) performs the authentication process described in the first embodiment using this recording medium, even if the application is permitted only to the user (A), the user (B) Can be used. Further, the user (B) can also access data that only the user (A) can access.

Therefore, in the second embodiment, a case where personal authentication is performed on each user as authentication information will be described.
FIG. 11 is a block diagram for explaining such an information processing system, in which a personal authentication unit and a personal authentication certificate are added to the block configuration diagram of FIG.

  The personal authentication unit 124 performs personal authentication with reference to a personal authentication certificate 314 recorded on the recording medium 31 described later.

FIG. 12 is a diagram for explaining personal authentication processing executed by the personal authentication unit 124 with reference to the personal authentication certificate 314 of the recording medium 31.
In the illustrated example, it is shown that information “user name: ○ yama ○ male password: XYZ” has been input by the user (○ mountain ○ male) as the personal authentication information 124a.
The personal authentication information 314a of the personal authentication certificate 314 is verification information for authenticating a user who can use the recording medium 31, and in the figure, personal information “user name: ○ of the user who uses the recording medium 31”. This indicates that “Yamao male, password: XYZ” is recorded.

  The personal authentication unit 124 compares the input user name and password with the personal authentication information recorded on the recording medium 31 (“user name: ○ yama ○ male, password: XYZ”), and the input user When the name and password match the user name and password recorded on the recording medium 31, the personal authentication is successful.

(Environment setting process)
Corresponding to the setting of the personal authentication information 314a of the recording medium 31, a plurality of PCs (normal PC11 ₁ to normal PC11 ₃ , specific PC12 ₁ to specific PC12 ₂ , administrator PC 13, The personal authentication unit 124 is also provided for authenticating the use authority of the general PC 14) or the server (server 21, authentication server 22).

FIG. 13 shows an example of the above-described environment setting corresponding to a combination of authentication including personal authentication. Similar to the environment setting information correspondence table 200 of FIG. 8, the environment setting information correspondence table 220 includes an environment setting for each PC in which the recording medium 31 is mounted corresponding to the authentication combination field 221 indicating the combination of authentication processes described above. Information is defined.
The environment setting information correspondence table 220 is recorded in the HDD 112.

Here, after the recording medium 31 is mounted on each PC (general PC 14, normal PC 11, specific PC 12, administrator PC 14), a part related to personal authentication in various environments activated in accordance with the result of authentication processing executed. Will be described.
(1) When the recording medium 31 is mounted on the general PC 14.
If the device authentication (A) is successful without performing personal authentication (P), the environment setting information creating unit 125 creates guest environment setting information (FIG. 13: guest environment). This guest environment setting is information indicating the setting of a PC environment (for example, an application such as a browser) that can be used by guests other than employees, for example.

  Further, when the three parties of device authentication (A), personal authentication (P), and N / W authentication (N) succeed, the environment setting information creation unit 125 displays personal server usable environment setting information (FIG. 13: personal server use). Possible environment). This personal server usable environment setting information is information indicating a setting of an application and data usage environment, etc., that can be used by a specific individual set by, for example, a common employee server connected to a specific organization member via a network. is there.

(2) When the recording medium 31 is mounted on the normal PC 11 in the tissue.
If both of the organization authentication (O) and personal authentication (P), or device authentication (A), organization authentication (O), and personal authentication (P) succeed, the environment setting information creation unit 125 Personal environment setting information (FIG. 13: Intra-organizational personal environment) is created. This intra-organizational personal environment setting information is information indicating settings such as application and data usage environments that can be used only by specific organizational members.

  If the four parties of device authentication (A), organization authentication (O), personal authentication (P), and N / W authentication (N) succeed, the environment setting information creation unit 125 sets the internal common server personal use environment setting in the organization. Information (FIG. 13: In-organizational common server personal use environment) is created. This intra-organizational common server personal use environment setting information indicates, for example, settings of application and data usage environments that a specific organization member can use in common by the specific member set in the server. Information.

(3) When the recording medium 31 is mounted on the specific PC 12 in the organization.
If the four parties of device authentication (A), organization authentication (O), personal authentication (P), and N / W authentication (N) succeed, the environment setting information creation unit 125 sets the internal specific server personal use environment setting. Create information. This in-organization specific server personal use environment setting information is information indicating settings of a special application and data use environment set in the specific server 23 only by a specific organization member.

(4) When the recording medium 31 is mounted on the administrator PC 13 in the organization.
Only when the device authentication (A), the organization authentication (O), the personal authentication (P), and the N / W authentication (N) succeed, the environment setting information creation unit 125 can use the above-described all-right-use environment information. There is no difference just by adding the requirement of personal authentication to the combination of authentication described in FIG.

  Further, the setting of other usage environments other than those described above is similarly subject to personal authentication, and is not different from the description of FIG.

  By adding the personal authentication process in this way, it is possible to set detailed stepwise regulations and improve the security level.

(Access authority setting process)
Next, the various access authorities of the user set when personal authentication is performed will be described with reference to FIG.
The block diagram of FIG. 14 is obtained by adding the above-described personal authentication unit 124 and personal authentication certificate 314 to the block diagram described in FIG. Further, the HDD 112 is divided into personal areas 112c that can be used for each user, and the recording area 31NS of the recording medium 31 is divided into personal areas 31c.

  Here, FIG. 15 shows an access authority setting process performed after executing the various authentication processes described above after executing the personal authentication. In the present embodiment, when the personal authentication is successful, the personal area (the personal area 112c of the HDD 112, the personal area 31c of the recording medium 31) can be accessed.

In the access authority setting correspondence table 230 illustrated in FIG. 15, an accessible area 232 is defined corresponding to the authentication combination column 231 indicating the combination of authentication processes described above.
In the figure, the personal area accessible means that the personal area (the personal area 112c in the HDD 112 and the personal area 31c in the recording medium 31) can be accessed. The access authority setting correspondence table 230 is recorded in the HDD 112.
Further, the correspondence between the combination of authentication and accessible authority corresponds to the description in FIG. 8 as described in FIG.

In accordance with the accessible information (access authority information) generated in this way, as described above, the authentication processing control unit 120 can record the recording area (common area, personal area, organization area) that can be used by the user of the recording medium 31. The access authority for is set according to the individual user.
As a result, after executing authentication of individual users, access to data managed by the information processing system can be regulated (restricted) step by step according to the user's authority. , The convenience of information management is improved.

Although various authentication processes have been described above, the authentication method is not limited to password authentication, and various authentication methods such as biometric authentication can be used.
The order of authentication is not limited to the embodiment, and the order of authentication can be arbitrarily changed.

Further, the recording area that can be accessed when each authentication is successful is not limited to the embodiment. For example, when the device authentication of the specific PC 12 is successful, the organization authentication can be made unnecessary.
Further, the device authentication of the specific PC 12 can rationalize the authentication process by ranking predetermined authentication information such as the condition of organization authentication.
Further, when the personal authentication is successful for a specific individual, it may be possible to access the specific organization area by omitting the organization authentication, and such a combination of authentications can be arbitrarily set.

  Also, the recording area may be divided for each folder unit or may be divided for each partition unit.

  Further, a program for executing the authentication processing control unit 120 may be recorded on the recording medium 31, and an OS and an application executed on the specific PC 12 or the like may be recorded on the recording medium 31. Thereby, the existing information processing system can be easily improved to the information processing system of the present invention.

  Various certificates 311 to 314 may be recorded in the data recording area 31NS.

  Further, although the PC and server are exemplified as the terminal device, the terminal device may be not only a PC and server but also an information home appliance (television receiver, HDD recorder, etc.), and is limited only to the PC and server. It is not a thing.

  In this way, the use of the functions provided by the information processing system can be variously restricted according to the user's authority, and access to data managed by the information processing system can be freely restricted according to the user's authority. Therefore, not only the authentication process can be simplified, but also security for confidential information is enhanced.

It is a system configuration diagram for explaining an outline of the present invention. 1 is a block configuration diagram for explaining an information processing system according to a first embodiment; It is a flowchart for demonstrating the process which sets various environments and access authority automatically. It is a figure for demonstrating a device authentication process. It is a flowchart for demonstrating a device authentication process. It is a figure for demonstrating a structure | tissue authentication process. It is a figure for demonstrating N / W authentication process. FIG. 6 is a diagram for explaining environment setting processing according to the first embodiment. FIG. 6 is a block diagram for explaining an access authority setting process according to the first embodiment. FIG. 10 is a diagram for explaining an access authority setting process according to the first embodiment. FIG. 6 is a block configuration diagram for explaining an information processing system according to a second embodiment. It is a figure for demonstrating a personal authentication process. FIG. 10 is a diagram for explaining environment setting processing according to the second embodiment. FIG. 10 is a block diagram for explaining an access authority setting process according to the second embodiment. FIG. 10 is a diagram for explaining access authority setting processing according to the second embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 ... Information processing system, 11 ... Normal PC, 12 ... Specific PC, 13 ... Administrator PC, 14 ... General PC, 21, 24 ... Server, 22, 25 ... Authentication server, 23 ... Specific server, 111 ... Network I / F, 112 ... HDD, 113 ... memory, 114 ... recording medium I / F, 115 ... control unit, 120 ... authentication processing control unit, 121 ... device authentication unit, 122 ... organization authentication unit, 123 ... N / W authentication unit , 124 ... personal authentication unit, 125 ... environment setting information creation unit, 126 ... access authority information creation unit, 31 ... recording medium, 311 ... device authentication certificate, 312 ... organization authentication certificate, 313 ... N / W authentication Certificates, 314 ... personal authentication certificates, 200, 220 ... environment setting information correspondence table, 210, 230 ... access authority setting correspondence table, N ... network, O1, O2 ... organization.

Claims (13)

Comprising at least one recording medium in which various authentication items are set, and a terminal device on which the recording medium is mounted,
The terminal device includes an authentication unit that authenticates activation conditions corresponding to a plurality of system environments activated by mounting the recording medium,
The authentication unit authenticates a match between an authentication item to be satisfied that is set in accordance with the system environment and an authentication item that is set in the recording medium attached to the terminal device, and a matching authentication item An information processing system that activates a regulated system environment corresponding to the setting of the system.   The information processing system according to claim 1, wherein the information processing system is connected to various servers via a network, and the server includes the authentication unit.   The server includes an authentication unit that authenticates permission of access to one or a plurality of specific servers in the network, and the authentication unit sets authentication items to be satisfied in correspondence with information provided by the specific server. 3. The information processing system according to claim 2, wherein the information processing system is configured to authenticate a match with an authentication item set in the recording medium mounted on the terminal device or server.   The information processing system according to any one of claims 1 to 3, wherein the restricted system environment includes data access authority restricted by the information processing system to be accessible.   The information processing system according to claim 1, wherein the restricted system environment is a data access authority restricted by the information processing system to be accessible.   The recording medium stores a program for executing a process of authenticating the plurality of system environments to be activated in the terminal device or server, and the terminal device or server when the recording medium is loaded in the terminal device or server The information processing system according to claim 1, wherein the program is executed.   The recording medium has a plurality of data areas, authentication items corresponding to the data areas are set, and the data areas can be used only when the authentication items set in the terminal device or the server match. The information processing system according to any one of claims 1 to 6.   8. The authentication items according to claim 1, wherein a lower-level authentication item subordinate to a higher-level authentication item is set, and the higher-level authentication item is not authenticated unless the satisfaction of the lower-level authentication item is authenticated. The information processing system according to any one of the above.   The lower authentication items subordinate to the upper authentication items are set as the authentication items, and when the upper authentication items are satisfied, it is authenticated that the lower authentication items are also satisfied. 8. The information processing system according to any one of 7.   A recording medium in which authentication items corresponding to at least the regulated system environment to be activated that constitute the information processing system according to claim 1 are set.   11. The recording according to claim 10, wherein the data area of the recording medium is divided into a secure area where data is encrypted and recorded and a non-secure area where data is recorded without being encrypted. Medium.   The recording medium according to claim 10, wherein an OS and / or an application executed on a terminal device or a server to which the recording medium is mounted are recorded.   A terminal device in which authentication items corresponding to at least the regulated system environment to be activated constituting the information processing system according to any one of claims 1 to 9 are set.

Images