JP2010182081A - Gateway device and access control method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a gateway device allowing safe and efficient access to a site from which a desired content can be acquired. <P>SOLUTION: The gateway device includes: a site information decision part 11 confirming whether or not reliability evaluation of a site to be accessed is completed or not according to an access request to the site received from a client terminal, and specifying an alternative site based on an evaluation result and information on the site to be accessed when the reliability evaluation is not completed; and an access control part 13 executing an access to the site to be accessed when the completion of the reliability evaluation and high reliability are confirmed by the site information decision part 11, and notifying the client terminal about the specified alternative site when the alternative site is specified. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention determines whether or not to permit access to a site indicated by an access request when access to a predetermined site is requested from a client device connected to the same network in the communication network. The present invention relates to a gateway device and an access control method for performing communication control according to a result.

  In recent years, the number of Internet users has increased rapidly, and the number of sites that provide various information (contents) to users has increased. On the other hand, there are malicious sites (harmful sites) that provide harmful content among these sites. Therefore, technology to prevent access to harmful sites is being actively developed. (For example, see Patent Document 1 below).

  The communication terminal described in Patent Document 1 below allows only access to sites that have been designated in advance as connectable sites (sites that are not harmful sites) when the function to prevent access to harmful sites is set. In this way, access to sites that provide content harmful to minors is restricted. Such a restricting method is generally called a white list method. There is also a method for performing control opposite to the white list method, that is, a black list method for restricting access to a previously designated site.

JP 2008-118668 A

  However, in the above-described conventional technology, whether the access safety criterion requested by the user is the confirmed malicious site (harmful site) (blacklist method) and there is no confirmed problem for the access destination. There were problems such as being unable to respond to malicious sites that have not been confirmed or being flexible because it was either a site or not (white list method), or simply a combination thereof.

  For example, with the whitelist method, there is a problem that the site cannot be accessed even though it is actually a problem site, and with the blacklist method, harmful sites that are not confirmed (blacklisted) There was a problem that it could not handle access (cannot restrict access).

  The present invention has been made in view of the above, and a gateway device and access control for performing access control capable of efficiently acquiring desired content while preventing a network user from accessing a malicious site The purpose is to obtain a method.

  In order to solve the above-described problems and achieve the object, the present invention responds to a connection request to a site received from a client terminal in the same network based on the evaluation result of each existing site. Check whether the reliability evaluation of the connection request site, which is the site designated as the connection destination, is completed, and if the reliability evaluation of the connection request site is not completed, the information on the connection request site and the above Based on the evaluation result, the alternative site specifying means for specifying the alternative site of the connection request site, the reliability evaluation of the connection request site being completed, and the reliability of the connection request site being high When it is confirmed by the alternative site specifying means, the connection processing to the connection request site is executed, and when the alternative site is specified, it is specified. And access control means for an alternative site and notifies the sender client terminal of the connection request, characterized in that it comprises a.

  According to the present invention, it is possible to prevent access to a malicious site that has not been confirmed, and to minimize the occurrence of work by the user, such as an alternative site search operation and an alternative site information input operation for acquiring desired content. It is possible to achieve an effect that it is possible to achieve efficient access to a site where desired content can be acquired.

FIG. 1 is a diagram illustrating a configuration example of a first embodiment of a communication system including a gateway device according to the present invention. FIG. 2 is a diagram illustrating an example of site management source reliability information. FIG. 3 is a diagram illustrating an example of a site ranking method. FIG. 4 is a flowchart illustrating an example of an access control operation performed by the gateway device according to the first embodiment. FIG. 5 is a diagram illustrating a configuration example of a second embodiment of a communication system including a gateway device according to the present invention. FIG. 6 is a flowchart illustrating an example of an access control operation performed by the gateway device according to the second embodiment.

  Embodiments of a gateway device and an access control method according to the present invention will be described below in detail with reference to the drawings. Note that the present invention is not limited to the embodiments.

Embodiment 1 FIG.
FIG. 1 is a diagram illustrating a configuration example of a first embodiment of a communication system including a gateway device according to the present invention. This communication system includes a gateway device 1 and a client terminal 2. The gateway device 1 has a function of connecting to an external network such as the Internet, and in response to a request from a client terminal connected to itself (a client terminal in the same network as itself), an access destination ( Control access to the site. The client terminal 2 has a function of connecting to the gateway device 1. When receiving an instruction to access the site from the user, the client terminal 2 sends a connection request to the instructed site to the gateway device 1.

  The gateway device 1 includes a site information determination unit 11, a storage unit 12, an access control unit 13, a client communication unit 14, and an external communication unit 15.

  In the gateway device 1, the site information determination unit 11 having a function as an alternative site specifying unit receives an access request to a predetermined site from the client terminal 2 by the access control unit 13 and is issued from the access control unit 13 accordingly. In accordance with the received instruction, it is determined whether the site indicated by the instruction content (site where the client terminal 2 requests connection) is safe, that is, whether the site is reliable. If the determined site is an unreliable site, an alternative site (details will be described later) of the site indicated by the instruction content is specified from among the reliable sites as necessary.

  The storage unit 12 stores site management source reliability information used by the site information determination unit 11 in the determination process.

  When the access control unit 13 receives an access request to a predetermined site from the client terminal 2, the access control unit 13 instructs the information determination unit 11 to determine whether the site indicated by the access request is a trusted site, When a determination result in the determination process executed accordingly is received, access control to the connection request site of the client terminal 2 is performed based on the received determination result.

  The client communication unit 14 performs communication control with the client terminal 2, and the external communication unit 15 performs communication control with the external network. Although FIG. 1 shows an example in which one client terminal 2 is connected to the gateway device 1 (client communication unit 14), a plurality of client terminals 2 can be connected.

  Although FIG. 1 shows a configuration example when the gateway device 1 includes the site information determination unit 11 and the access control unit 13, the site information determination unit 11 communicates with devices other than the gateway device 1 (communication with the gateway device 1). It may be arranged in other possible devices).

  Here, among the information stored in the storage unit 12, the site management source reliability information, which is information used when the gateway device 1 of the present embodiment executes a characteristic process, will be described. The site management source reliability information is information on a site whose existence has been confirmed by the gateway device 1 (hereinafter referred to as “existing site”), and includes information on the existing site and its management source.

  FIG. 2 is a diagram illustrating an example of site management source reliability information (table). One record of this site management reliability information includes “name (name of the company or individual of the site management company)”, “URL (Uniform Resource Locator)”, “business type information”, and “evaluation (site reliability). The “industry information” includes information of “industry”, “major classification”, “medium classification”, and “small classification”.

  “Evaluation” indicates to which of the five ranks (ranks corresponding to the trustworthiness of the site) the site specified by the URL in the same record belongs, for example, as shown in FIG. It is a numerical value (1-5). In the present embodiment, information about categories is not used. Further, as can be seen from FIG. 3, the larger this value is, the higher the reliability (credibility) of the corresponding site is. The site of rank 5 which is the most reliable site includes a site operated by the administrator of the gateway device 1. The next most reliable site of rank 4 is a site that is known to be operated by a highly reliable administrator (for example, a site affiliated with the administrator of the network to which the gateway device 1 belongs, a major search) Sites, sites of public offices and large corporations). Also, rank 3 sites are sites that have been evaluated using known evaluation methods, etc., and have obtained an evaluation result indicating that there is no problem even if connected (for example, personal Among sites, temporary sites for events, etc., sites that are evaluated as having high reliability) are included. The rank 2 sites include sites for which reliability evaluation has not been completed (sites with unrecognized trustworthiness). As a result of the evaluation, the rank 1 site includes sites that are determined to be malicious sites, and access to the rank 1 site is restricted.

  In addition, the gateway device 1 may acquire the site management source reliability information (see FIG. 2) periodically or irregularly from an external device having a site evaluation and ranking function and hold the information. Alternatively, it may be generated and updated in its own device (for example, the site information determination unit 11). When generating and updating the site operator reliability information, the configuration of the site operator reliability information includes information on the date and time when the evaluation of the site corresponding to the URL stored in each record is executed (Fig. If the evaluation execution date / time information is added to the configuration shown in FIG. 2 and a certain period has elapsed since the evaluation was performed, the value of “evaluation” is returned to the initial value (= 2), or The evaluation may be performed again and the record may be updated. In this case, initialization (or update) may be executed only for the evaluation result of the site once evaluated as rank 3 (reliable), in addition to the evaluation result of the site evaluated as rank 3, The evaluation result of the site evaluated as rank 1 may also be initialized (or updated). In this way, even if the site once evaluated as reliable (evaluation = 3) is updated and the malicious site changes, the possibility of accessing this site can be kept low.

  Next, an access control operation by the gateway device 1 will be described with reference to FIG. Here, FIG. 4 is a flowchart showing an example of an access control operation by the gateway device 1.

  In the gateway device 1, when the access control unit 13 receives a connection request to the site from the client terminal 2, the access control operation shown in FIG. 4 is started. In the access control operation of the present embodiment, the gateway device 1 first checks whether or not the site (connection request site) indicated by the received connection request is registered in the black list (step S11). Specifically, URL information (URL information of the connection request site) included in the connection request received by the access control unit 13 is notified to the site information determination unit 11, and the site information determination unit 11 includes the site operator reliability information. Among the records included in (see FIG. 2), the record is specified in the URL information received from the access control unit 13, and it is confirmed whether the “evaluation” item of the specified record is “1” (see FIG. 3).

  If the connection request site is registered in the black list (“evaluation” of the specified record is “1”) (step S11, Yes), the site information determination unit 11 notifies the access control unit 13 accordingly. And the access control unit 13 determines not to connect to the connection request site. Further, the access control unit 13 notifies the requesting client terminal 2 that the connection to the requested site is not performed (step S17). When the access control unit 13 notifies that the connection is not performed, the access control unit 13 also notifies the reason (for example, that the site requested to be connected is a site registered in the blacklist). May be.

  On the other hand, if the connection request site is not registered in the black list (step S11, No), the site information determination unit 11 further checks whether the connection request site is a reliable site (step S12). Specifically, it is confirmed whether or not the “evaluation” of the specified record is “3” or more. As a result of the confirmation, if the site is reliable (step S12, Yes), the access control unit 13 is notified to that effect, and the access control unit 13 that has received this notification performs connection control to the connection request site (step). S16). Further, it notifies the requesting client terminal 2 that it has connected to the requested site (step S17).

  On the other hand, if the connection request site is an unreliable site (“evaluation” of the above specified record is “2”) (No in step S12), the site information determination unit 11 determines the connection request site operator and It is confirmed whether there is a site that is operated by an operator of the same business category (business type information) and that can be trusted (step S13). An example of the operation is as follows. First, a record in which the same industry information as the industry information registered in the record in which the URL of the connection request site is registered is registered from the site management source reliability information record. Is present, and if it exists, it is further confirmed whether or not there is a record whose “evaluation” is “3” or more among the records having the same business type information.

  As a result of the confirmation in step S13, when the same business type information as the business type information corresponding to the URL of the connection request site is registered, and there is no record whose “evaluation” is “3” or more (step S13, No), the site information The determination unit 11 notifies the access control unit 13 to that effect, and the access control unit 13 determines not to connect to the connection request site. Further, the access control unit 13 notifies the requesting client terminal 2 that the connection to the requested site is not performed (step S17). Note that when the access control unit 13 notifies that the connection is not made, the reason why the connection is not made is the same as the above-described case where the site requested to be connected is a blacklisted site (for example, In addition, it may be notified that the reliability of the site requested to be connected is low and that there is no reliable site that has the same business category.

  Even if the reliability indicated by the site management source reliability information is low (because reliability has not been evaluated, “evaluation” is the initial value “2”), the connection request site can be trusted. There may be a case where the user of the client terminal 2 knows that it is a site. For this reason, the access control unit 13 decides not to connect to the connection requesting site, notifies that effect, and has low reliability (reliability has not been evaluated), but still connects to the connection requesting site. Whether the request is made to the client terminal 2 (user) and then (for example, within a predetermined time), when the connection request to the connection request site is received again, the process proceeds to step S16 and the connection request site You may make it connect to. In addition, when the client terminal 2 receives a connection request again from the client terminal 2 as a result of the above final confirmation, it is determined that the reliability is low (a connection request site whose reliability has not been evaluated). The “evaluation” information of the original reliability information (record) may be updated to “3”. As a result, it is possible to correct the difference between the recognition of the user and the recognition of the gateway device 1, and shorten the time required for access control (time to connect to the site) when a connection to this site is requested thereafter. it can.

  As a result of the confirmation in step S13, if the same business type information as the business type information corresponding to the URL of the connection request site is registered, and there is a record whose “evaluation” is “3” or more (step S13, Yes), the site information The determination unit 11 notifies the access control unit 13 of information on a corresponding site (a site where the business type information corresponding to the URL of the connection request site is the same as the business type information and “evaluation” is “3” or more). The information to be notified includes at least “URL”. When there are a plurality of alternative sites, rearrangement is performed such that the higher the reliability (evaluation) is, the higher the ranking is, and the rearranged information (site list) is notified. The access control unit 13 notifies the requesting client terminal 2 of the site indicated by the notified information as an alternative site (step S14). Then, it is monitored whether or not the connection to the alternative site is requested from the client terminal 2, and when the connection request to the alternative site is received (step S15, Yes), the site (substitute site) indicated by the received connection request is displayed. Connection control is performed (step S16). Further, it notifies the requesting client terminal 2 that it has connected to the requested site (step S17). In step S14, in addition to the notification of the alternative site, it is determined that the reliability of the connection requesting site is low as in the case of the transition from step S13 to step S17 described above. The client terminal 2 (user) may be inquired as to whether or not a connection is desired. The rearrangement of the alternative sites may be performed not by the site information determination unit 11 but by the access control unit 13. In this case, the site information determination unit 11 notifies at least “URL” and “evaluation” as information of each alternative site.

  If the connection request to the alternative site is not received after executing Step S14 (No at Step S15), the access control operation is terminated.

  Here, the reason why the above-described step S13 is executed to search (specify) an alternative site will be described. When the business types of the sites are the same, it is highly likely that some of the contents (various information) obtained from these sites are the same or similar. Therefore, by notifying the client terminal 2 (user) of the alternative site, it is possible to increase the possibility that desired content can be safely acquired from a highly reliable site (alternative site). In addition, the user himself / herself searches for a site that is not reliable and is likely to be a harmful site (malicious site), and performs an operation to request connection to the new site that has been found. The operation by the user can be suppressed as much as possible, and as a result, the user's workload can be reduced.

  In addition, when the record corresponding to the connection request site designated from the client terminal 2 does not exist in the site management source reliability information, the evaluation of this site is 2 (rank 2) or 1 (rank 1). The above operation is considered. However, even if the operation is performed assuming that it is rank 2, the alternative site is naturally identified and is not notified to the requesting client terminal 2.

  As described above, the gateway device according to the present embodiment maintains the reliability (evaluation result) of the existing site and the business type of the operator, and allows the client terminal in the network to which the gateway device belongs to a certain site. When a connection request is received, first check the stored reliability information. If the requested site is a connection-prohibited site, the access control (connection operation) is terminated. If there is no site (a site whose reliability is higher than a predetermined threshold and is considered to be highly reliable), connection to the site is performed. Also, if the site is not forbidden, but it is unclear whether it is a site that is safe to connect to (a site that has not been evaluated for reliability), it is a site operated by another operator of the same industry Therefore, a highly reliable site is extracted, and the extracted site is notified to the client terminal as an alternative site. As a result, connection to a site with unclear reliability can be prevented, and as a result, connection to a malicious site for which evaluation has not been completed can be prevented. In addition, it is possible to suppress the occurrence of an alternative site search operation and an alternative site information input operation for obtaining desired content by the user of the client terminal, and to reduce the user workload. That is, the user of the client terminal can safely and efficiently access a site where desired content can be obtained.

  In this embodiment, an example has been described in which a site having a rank (evaluation) of 3 or more of site management reliability information is determined as a reliable site (a highly reliable site) and a connection is permitted. Alternatively, a site of rank 4 or higher or a site of rank 5 may be treated as a reliable site and access control may be performed.

  In step S13, it is determined whether or not there is a highly reliable site with the same business type. However, a part of the business type (business type information) matches and is highly reliable. You can also check if the site exists. That is, the range extracted as an alternative site may be expanded. For example, it is confirmed whether or not there is a highly reliable site that matches the “major classification”. In this case, in step S14, the sites are rearranged so that the sites with higher degree of coincidence in the business category are ranked higher and the sites with higher reliability are ranked higher, and the user (client terminal 2) is notified. To do. Note that the alternative site extraction range may be adaptively changed. For example, the extraction range is adjusted so that the number of alternative sites to be extracted is at least 10. As a specific example, if the type of business information is exactly the same and the number of highly reliable sites is 10 or more, the extraction range (alternate site) is the site where the business type information is exactly the same and the reliability is high. (Case 1). If the type of business information completely matches and the number of highly reliable sites is less than 10, the extraction range includes sites other than “small classification” that match and have high reliability (case 2). If the number of sites included in the extraction range of Case 2 is less than 10, further extractions are made up to sites that match other than “Small Classification” and “Medium Classification” and have high reliability (Case 3). .

  Further, in the access control operation of the present embodiment, when the rank of the connection request site is 2 (reliability is not evaluated), an alternative site is searched and presented. Alternate site search may also be performed.

Embodiment 2. FIG.
Next, the gateway device according to the second embodiment will be described. FIG. 5 is a diagram illustrating a configuration example of a communication system including the gateway device according to the second embodiment. In addition, the same code | symbol is attached | subjected to the same component as the communication system of Embodiment 1 shown in FIG. That is, the communication system according to the present embodiment has a configuration in which the gateway device 1 included in the communication system according to the first embodiment is replaced with a gateway device 1a. The gateway device 1a includes an access control unit 13a instead of the access control unit 13 of the gateway device 1, and further has a configuration in which a storage unit 16 is added. In the present embodiment, description of the same components (components denoted by the same reference numerals) as those provided in the gateway device 1 of the first embodiment is omitted.

  The storage unit 16 holds a white list. The white list is a list of sites that have been determined to be highly reliable by the site information determination unit 11 and have a track record of connection in the past.

  Similar to the access control unit 13 described above, the access control unit 13a performs access control when receiving an access request to the predetermined site from the client terminal 2, but at this time, the white list held in the storage unit 16 Is used. The access control unit 13a manages (updates) the white list.

  Hereinafter, the access control operation by the gateway device 1a will be described with reference to FIG. Here, FIG. 6 is a flowchart showing an example of an access control operation by the gateway device 1a. In FIG. 6, the same step number is assigned to the same process as the access control operation (see FIG. 4) by the gateway device 1 described in the first embodiment. Here, the description of the same processing as the access control operation by the gateway device 1 is omitted.

  In the access control operation by the gateway device 1a, when the access control unit 13a receives a connection request to the site from the client terminal 2, first, is the site (connection request site) indicated by the received connection request registered in the white list? It is confirmed whether or not (step S21). If the connection request site is registered in the white list (step S21, Yes), the access control unit 13a performs connection control to the connection request site (step S16).

  On the other hand, when not registered in the white list (step S21, No), the access control unit 13a inquires of the site information determination unit 11 whether the connection request site is reliable. That is, the gateway device 1a executes step S11 and subsequent processing.

  Further, when the access control unit 13a receives a response to the “inquiry as to whether or not the connection request site is reliable” from the site information determination unit 11 and finds that the connection request site is a trusted site (step S12, Yes), this site (connection request site) is added to the white list (step S22). When the addition process to the white list is completed, connection control to the connection request site is performed (step S16). The whitelist addition process and the connection control to the connection request site may be performed in parallel.

  As described above, the gateway device according to the present embodiment determines that the reliability is high, registers the actually connected site in the white list, and then receives a connection request to the site registered in the white list. In such a case, it is decided to immediately connect to the requested site (connection request site) without performing the reliability confirmation process using the site management source reliability information. As a result, the same effect as that of the gateway device of the first embodiment can be obtained, and the processing amount for access control and the time required to connect to the connection request site can be shortened.

  In the flowchart of FIG. 6, it is determined as “Yes” in Step S12 and the whitelist addition process (Step S22) is executed when connecting to the connection request site. Even when it is determined as “Yes” in S15 to connect to the alternative site (or connection request site), step S22 is also executed, and after the connection destination site is added to the white list, the process proceeds to step S16. Good.

  In the configuration shown in FIG. 5, an example is shown in which the storage unit 12 that holds the site management source reliability information and the storage unit 16 that holds the white list are configured separately. You may make it hold | maintain by a part.

  As described above, the gateway device according to the present invention is useful for a communication system, and is particularly suitable for access control when a client terminal in the same network desires connection to a site on an external network. .

DESCRIPTION OF SYMBOLS 1, 1a Gateway apparatus 2 Client terminal 11 Site information determination part 12, 16 Storage part 13, 13a Access control part 14 Client communication part 15 External communication part

Claims (18)

In response to a connection request to a site received from a client terminal in the same network, the reliability evaluation of the connection request site, which is the site designated as the connection destination by the connection request, is completed based on the evaluation result of each existing site Alternative site that identifies the alternative site for the connection request site based on the information of the connection request site and the evaluation result when the reliability evaluation of the connection request site has not been completed. Specific means,
When it is confirmed by the alternative site specifying means that the reliability evaluation of the connection request site is completed and the reliability of the connection request site is high, a connection process to the connection request site is executed, When an alternative site is specified, an access control means for notifying the specified alternative site to the client terminal that sent the connection request;
A gateway device comprising:   The alternative site specifying unit specifies, as an alternative site, a site that is shown to be a highly reliable site based on the evaluation result and that is likely to obtain content similar to the content obtained from the connection request site. The gateway device according to claim 1.   The gateway apparatus according to claim 1 or 2, wherein information on a connection request site used in the processing for specifying the alternative site is used as business type information of an operation source of the connection request site. When the alternative site identification means identifies a plurality of alternative sites, the alternative site identification means determines the display order of the alternative sites based on at least one of the reliability of each alternative site and the business type information of the operating source,
The gateway apparatus according to claim 3, wherein the access control means transmits a list of alternative sites arranged in accordance with the determined display order to a client terminal that has transmitted the connection request.   The access control means, when the alternative site specifying means confirms that the reliability evaluation of the connection request site is completed and the reliability of the connection request site is low, The gateway device according to any one of claims 1 to 4, wherein connection processing to the server is not executed.   6. The gateway device according to claim 5, wherein when the access control unit determines not to execute the connection process to the connection request site, the access control unit notifies the client terminal of the connection request of the reason.   After the access control means notifies the alternative site to the connection request source client terminal and then receives a connection request from the client terminal to the connection request site again, the access control means performs connection processing to the connection request site. The gateway device according to claim 1, wherein the gateway device is executed. If the access control means receives the connection request from the client terminal to the connection request site again after notifying the alternative site to the client terminal that sent the connection request, the access control means notifies the alternative site specifying means to that effect. Notify
The said alternative site specific | specification means updates the information regarding the reliability of the said connection request | requirement site among the information contained in the said evaluation result to the value which shows that reliability is high. The gateway apparatus as described in any one. Keep a list of previously connected sites as a white list,
When receiving a connection request to a site from a client terminal in the same network, the access control means first connects to a site designated as a connection destination by referring to the white list in the past. If there is a connection, the connection process to the specified site is started. Ask the site to verify the authenticity of the
When the alternative site specifying means receives the reliability check request for the designated site from the access control means, whether or not the reliability evaluation has been completed for the site indicated by the reliability check request The gateway device according to any one of claims 1 to 8, wherein the confirmation processing and the alternative site identification processing are executed.   10. The gateway device according to claim 9, wherein when the access control unit connects to a site that is not registered in the white list, information on the site is registered in the white list. An access control method executed by a gateway device that has received a connection request to a site from a client terminal in the same network,
Based on the evaluation result of each existing site, it is confirmed whether or not the reliability evaluation of the connection request site that is the site indicated by the connection request is completed, and the reliability evaluation of the connection request site is not completed An alternative site specifying step for specifying an alternative site for the connection request site based on the information on the connection request site and the evaluation result;
An alternative site notification step of notifying the identified alternative site to the client terminal of the connection request;
An access control method comprising:   In the alternative site specifying step, a site that is shown to be a highly reliable site based on the evaluation result and that is likely to obtain content similar to the content obtained from the connection request site is specified as an alternative site. The access control method according to claim 11.   The access control method according to claim 11 or 12, wherein information on a connection request site used when specifying the alternative site is business type information of an operation source of the connection request site. In the alternative site specifying step, when a plurality of alternative sites are specified, the display order of the alternative sites is determined based on at least one of the reliability of each alternative site and the business type information of the operating source,
14. The access control method according to claim 13, wherein, in the alternative site notification step, a list of alternative sites arranged in accordance with the determined display order is transmitted to a client terminal that has transmitted the connection request. A connection processing execution step of performing connection processing to the connection requesting site when notifying the connection requesting client terminal of the connection request again after receiving the connection request from the client terminal to the connection requesting site. ,
The access control method according to claim 11, further comprising: When the connection request from the client terminal to the connection request site is received again after notifying the alternative site to the connection request source client terminal, the connection request site of the information included in the evaluation result An evaluation result update step for updating the reliability information to a value indicating high reliability,
The access control method according to claim 11, further comprising:   When receiving a connection request to a site, refer to the white list in which the information of the sites connected in the past is registered, and check whether there has been a connection to the site specified as the connection destination by the connection request in the past. The access control method according to any one of claims 11 to 16, wherein the alternative site specifying step and the alternative site notifying step are executed when the information is confirmed and never connected. A whitelist update step of registering information of the site in the whitelist when connected to a site that has never been connected in the past;
The access control method according to claim 17, further comprising:

Images