JP2013161123A - Access management system, access management method and access management program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an access management system, an access management method and an access management program which efficiently and accurately manage a one-time key for logging in a system.SOLUTION: A control unit 21 of an access application terminal 20 transmits login keys of a number of people to a manager terminal 30. When use acceptance for a business server 10 is received from the manager terminal 30, the login keys are validated. When an original key is authenticated, the control unit 21 of the access application terminal 20 acquires a security policy of the business server 10 and compares this security policy with a security policy applied to the access application terminal 20. A one-time key is generated on the basis of the comparison result and issue processing for this one-time key is executed. In this case, the control unit 21 registers use states of the login key and the one-time key, and offers a use state report to a manager.

Description

  The present invention relates to an access management system, an access management method, and an access management program for managing a one-time key for logging in to the system.

  When accessing a system shared by a plurality of people, a user ID and a password are used to check the authenticity and access authority of the user (see, for example, Patent Document 1). In the technique described in this document, a management server device is used for allowing the user to use the resources of the server device. The management server device receives a login request from a terminal device connected via a network, and performs user authentication using the user ID and password received from the terminal device. If authentication is successful, login is permitted.

  In addition, if the password is used continuously, the password may be leaked. In order to prevent such leakage, a one-time password may be used (see, for example, Patent Document 2). In the technique described in this document, the management server that has received the password generation request from the mobile phone terminal identifies the user and records the first challenge code. And a management server produces | generates a 2nd challenge code and produces | generates a one-time password using this. When the uniqueness of the one-time password can be ensured, the management server records the one-time password and transmits the second challenge code to the mobile phone terminal. Then, the mobile phone terminal generates and outputs a one-time password. Next, using the client terminal, a login request including data regarding the challenge code and the one-time password is transmitted to the management server. The management server that has received the login request authenticates the user.

Japanese Patent Laying-Open No. 2005-182291 (first page, FIG. 1) Japanese Patent Laying-Open No. 2008-140040 (first page, FIG. 1)

  In a shared server (for example, a business server used in business), when a user ID is assigned to each user and a password is issued, it takes time to register the user ID and password and manage the usage status. Further, when one user accesses a plurality of business servers to perform work, the user side also needs to manage user IDs and passwords for each business server, which is complicated.

In addition, the person in charge of the business server may be changed due to a user change in personnel. When the user ID and password are re-registered each time this change is made, the management burden increases. In particular, when a one-time password is issued to prevent leakage, the burden of security management such as erasing the issued one-time password increases.
Furthermore, the administrator may manage passwords individually for all information processing servers. However, when there are many information processing servers to be managed, the burden of password management on the administrator increases.

  Furthermore, the administrator needs to grasp the access status to the business server for each user. Here, an administrator who manages a plurality of business servers needs to obtain the access status from each business server, and the server setting for obtaining the access status becomes complicated.

  The present invention has been made to solve the above-described problems, and an object of the present invention is to provide an access management system, an access management method, and an access management program for efficiently and accurately managing a password for logging in to the system. It is to provide.

  In order to solve the above problems, the invention described in claim 1 is characterized in that an administrator information storage means storing a contact information of an administrator terminal that transmits a login key, and information accessible in association with the administrator identifier. An access management system comprising: authentication information storage means for storing processing server identification information, login key, original key, issue date; and control means connected to an administrator terminal and an information processing server, wherein the control Means for transmitting a login key to the contact manager terminal stored in the administrator information storage means, and recording the login key and the date of issue in the authentication information storage means; When an original key corresponding to the login key is acquired from a terminal, the original key is recorded in the authentication information storage unit in association with the login key. When the login key and the original key recorded in the authentication information storage unit are acquired, the authentication information storage unit is used to identify an accessible information processing server associated with the login key and the original key. Means for identifying the information, generating a one-time key for logging in to the information processing server, recording a use history of the login key, and outputting the one-time key; and an issue date of each login key The present invention includes a means for invalidating a login key and a means for transmitting a use history of the login key to the administrator terminal when an expiration date specified based on the password expires.

  According to a second aspect of the present invention, in the access management system according to the first aspect, in the one-time key generation process, the control means specifies a security policy of the information processing server, and the access management system The gist is to compare the security policy with the security policy of the information processing server and generate a one-time key based on the comparison result.

  According to a third aspect of the present invention, in the access management system according to the second aspect, the control unit requests a security policy from the information processing server and acquires the security policy from the information processing server. This is the gist.

  The invention according to claim 4 is the access management system according to claim 2, wherein the control means specifies the information processing server and acquires a pre-registered security policy.

  According to a fifth aspect of the present invention, in the access management system according to any one of the first to fourth aspects, the required number of login keys is recorded for each administrator in the administrator information storage means. The gist of the invention is that the control means specifies the required number of login keys for each contact of the manager terminal and transmits the required number of login keys.

  According to a sixth aspect of the present invention, in the access management system according to any one of the first to fifth aspects, the control unit obtains the operational status information of the information processing server, and the operational status information And a means for changing the one-time key issuing method based on the above.

  The invention according to claim 7 is the administrator information storage means storing the contact information of the administrator terminal that transmits the login key, and the authentication information storing the login key, the original key, and the issue date in association with the administrator identifier. A method for managing access using an access management system comprising a storage means and a control means connected to an administrator terminal and an information processing server, wherein the control means is stored in the administrator information storage means. Transmitting a login key to the administrator terminal of the stored contact and recording the login key and the date of issue in the authentication information storage means; and from the administrator terminal, an original corresponding to the login key If a key is obtained, the original key is recorded in the authentication information storage means in association with the login key, and is recorded in the authentication information storage means. When the login key and the original key are acquired, the identification information of the accessible information processing server associated with the login key and the original key is specified using the authentication information storage unit, and the login to the information processing server is performed. A process of generating a one-time key for recording, recording a use history of the login key, outputting the one-time key, and an expiration date specified based on an issue date of each login key has elapsed In this case, the gist is to execute a step of invalidating the login key and a step of transmitting a use history of the login key to the administrator terminal.

  The invention according to claim 8 is the administrator information storage means for storing the contact information of the administrator terminal that transmits the login key, and the authentication information for storing the login key, the original key, and the issue date in association with the administrator identifier. A program for managing access using an access management system comprising a storage means and a control means connected to an administrator terminal and an information processing server, wherein the control means stores the administrator information Means for transmitting a login key to the administrator terminal of the contact stored in the means, and recording the login key and the date of issue in the authentication information storage means; corresponding to the login key from the administrator terminal If the original key is acquired, the original key is recorded in the authentication information storage means in association with the login key, and the authentication information storage means When the recorded login key and original key are acquired, the authentication information storage means is used to identify identification information of an accessible information processing server associated with the login key and original key, and the information processing A process for generating a one-time key for logging in to the server, recording a use history of the login key, outputting means for outputting the one-time key, and an expiration date specified based on an issue date of each login key When it has elapsed, the gist is to function as means for invalidating the login key and means for transmitting the use history of the login key to the administrator terminal.

(Function)
According to the invention described in claim 1, 7, or 8, the control means transmits a login key to the contact manager terminal stored in the administrator information storage means and logs in to the authentication information storage means. Record the key and issue date. When the original key corresponding to the login key is acquired from the administrator terminal, the original key is recorded in the authentication information storage unit in association with the login key. Thus, user authentication can be performed using the login key and the original key.

Further, when the login key and the original key recorded in the authentication information storage means are acquired, the identification information of the accessible information processing server associated with the login key and the original key is specified using the authentication information storage means. Then, a one-time key generation process for logging in to the information processing server is executed. Then, the log-in key usage history is recorded and a one-time key is output. Thus, the user can obtain authentication information for accessing the information processing server associated with the login key and the original key by confirming the one-time key displayed on the output means such as a display. And when the expiration date specified based on the issue date of each login key has passed, it is possible to prevent the login key from being leaked by invalidating the login key.
Furthermore, by transmitting the login key usage history to the administrator terminal, the administrator can grasp the usage status of the user.

  According to the second aspect of the invention, the control means specifies the security policy of the information processing server, compares the security policy in the access management system with the security policy of the information processing server, and based on the comparison result, Generate a time key. Accordingly, even when a plurality of resources having different security policies are used, a password can be generated under accurate security management.

  According to the third aspect of the present invention, a security policy is requested from the information processing server, and the security policy is acquired from the previous information processing server. Thereby, the current security policy in the information processing server can be specified.

  According to the fourth aspect of the present invention, the information processing server is specified, and a pre-registered security policy is acquired. Thereby, the security policy in the information processing server can be specified while reducing the communication load.

  According to the invention described in claim 5, the administrator information storage means records the required number of login keys for each administrator, and specifies the required number of login keys for each contact of the administrator terminal. And send the required number of login keys. Thereby, the administrator can provide different login keys to a plurality of users.

  According to the invention described in claim 6, the control means obtains the operation status information of the information processing server and changes the one-time key issuance method based on the operation status information. For example, when a failure occurs in some information processing servers, maintenance may be required in other related information processing servers. Even in such a case, the user can efficiently access the information processing server according to the operating status of the information processing server.

  According to the present invention, it is possible to provide an access management system, an access management method, and an access management program for efficiently and accurately managing a password for logging in to the system.

The system schematic of embodiment of this invention. It is explanatory drawing of the information storage part of embodiment of this invention, Comprising: (a) is an access authentication information storage part, (b) is a master information storage part, (c) is a login authentication information storage part, (d) is an access. Explanatory drawing of the data recorded on the management information storage part. Explanatory drawing of the process sequence of this embodiment. Explanatory drawing of the process sequence of this embodiment. It is explanatory drawing of the process sequence of this embodiment, (a) is a login key management process, (b) is a one-time key management process, (c) is explanatory drawing of a utilization condition management process. Explanatory drawing of the process sequence of other embodiment. It is explanatory drawing of the management method of other embodiment, Comprising: (a) is explanatory drawing at the time of providing the access application terminal separately in several bases, (b) is explanatory drawing at the time of providing a central server. Explanatory drawing of the process sequence of other embodiment.

Hereinafter, an embodiment embodying the present invention will be described with reference to FIGS. In the present embodiment, it is assumed that the user accesses the business server 10 as shown in FIG. In this case, each user makes a usage application to the administrator. When the use application is approved by the administrator, the access application terminal 20 is used to obtain a one-time key for accessing each business server 10. Then, using this one-time key, each business server 10 is accessed to perform work such as maintenance.
The access application terminal 20 is connected to the business server 10 and the administrator terminal 30 via a network.

  The business server 10 is a computer system that manages the provision of various services. The business server 10 includes an access control unit 11, an access authentication information storage unit 12, and a business processing unit 15.

  The access control unit 11 executes processing for managing access in the business server 10. The access control unit 11 functions as a control unit including a CPU, a RAM, a ROM, and the like, and performs processing (processing including a policy management stage, a one-time key registration stage, a user authentication stage, etc.) described later. By executing the access management program for this purpose, the access control unit 11 functions as the policy management unit 111, the one-time key registration unit 112, the user authentication unit 113, and the like.

  The policy management unit 111 executes a process for managing a security policy for a one-time key used when logging in to the business server 10. Therefore, the policy management unit 111 stores data related to the security policy applied to the business server 10. Specifically, it stores data relating to the user ID used at the time of access and the generation conditions (character type and minimum number of characters) for the password.

The one-time key registration unit 112 executes a process for registering the one-time key acquired from the access application terminal 20 in the access authentication information storage unit 12. When the one-time key registration unit 112 detects the expiration date of the one-time key, the one-time key registration unit 112 executes a process of invalidating the one-time key.
The user authentication unit 113 uses the access authentication information storage unit 12 to execute an authentication process for confirming the access authority of the accessor.

  As shown in FIG. 2A, an access authentication information management record 120 for authenticating a user who can log in to the business server 10 is recorded in the access authentication information storage unit 12. This access authentication information management record 120 is registered when a one-time key issuance request is received. In this access authentication information management record 120, data relating to the issue date, one-time key, and access authority is recorded.

In the issue date data area, data related to the date of issue of the one-time key is recorded. This issue date is used to calculate the expiration date by adding the validity period for the one-time key.
Authentication information for authenticating the accessor is recorded in the one-time key data area. In the present embodiment, as a one-time key, a one-time ID and a one-time password that can be temporarily used are used only for a predetermined period (period until the expiration date).
In the access authority data area, data for specifying authority at the time of accessing the business server 10 is recorded.

  The administrator terminal 30 is a computer terminal used by the administrator of each business server 10. The administrator terminal 30 includes input means such as a keyboard and a mouse, and output means such as a display. Furthermore, the administrator terminal 30 includes a mail transmission / reception means (email client) for transmitting and receiving an e-mail. The mail transmission / reception means includes a received mail memory for storing received electronic mail.

  The access application terminal 20 is a computer terminal that manages a one-time key for logging in to the business server 10. The access application terminal 20 includes a control unit 21, a master information storage unit 22, a login authentication information storage unit 23, and an access management information storage unit 24.

  The control unit 21 functions as a control unit including a CPU, a RAM, a ROM, and the like, and processes (login key registration management stage, business server usage application stage, login key management stage, one-time key management stage, usage described later) Process including the situation management stage). By executing the access management program for this purpose, the control unit 21 causes the login key transmission unit 211, the login key validation unit 212, the login authentication unit 213, the one-time key setting unit 214, the key management unit 215, the usage status management. It functions as the means 216 or the like.

  The login key transmission unit 211 executes a process of transmitting a login key used when logging in to the access application terminal 20 to the administrator terminal 30. Here, a login ID and a login password are used as the login key.

The login key validation unit 212 executes a process for validating the login key used when logging in to the access application terminal 20.
The login authentication unit 213 executes user authentication processing when logging in to the access application terminal 20.

  The one-time key setting unit 214 executes a process for generating a one-time key for logging in to the business server 10 according to the security policy of the business server 10 or the access application terminal 20. For this reason, the one-time key setting unit 214 stores data relating to a security policy (one-time key generation condition) applied to the access application terminal 20.

The key management unit 215 executes processing for managing the expiration date of the login key and the one-time key. For this reason, the key management unit 215 holds data relating to the validity period for calculating the validity period of the login key and the validity period for calculating the validity period of the one-time key for each server identifier of the business server 10. Yes. In the present embodiment, the effective period for the one-time key is set to the same length as the effective period determined in the business server 10. The validity period for the login key can be determined independently of the validity period for the one-time key.
The usage status management means 216 executes processing for managing the usage status of the login key and the one-time key.

  The master information storage unit 22 functions as an authentication information storage unit and an administrator information storage unit. In the master information storage unit 22, as shown in FIG. 2B, a master management record 220 for specifying an administrator who is a login key providing destination is recorded. This master management record 220 is recorded when each administrator of each business server 10 is registered. The master management record 220 includes data relating to an administrator ID and contact information. Furthermore, it is configured to include data relating to the group type, server identifier, and number of people.

In the manager ID data area, data relating to an identifier for identifying each manager is recorded.
In the contact data area, data related to the contact information (e-mail address in the present embodiment) of the administrator terminal 30 is recorded.

  In the group type data area, data relating to an identifier for identifying the group of the business server 10 that the administrator is in charge of is recorded. In the present embodiment, it is assumed that one group that provides a predetermined service includes one or more business servers 10.

In the server identifier data area, data relating to identification information for specifying the business server 10 belonging to the group type for which the administrator is responsible is recorded.
In the number data area, data relating to the number of users who may access the business server 10 belonging to this group type is recorded.

  The login authentication information storage unit 23 functions as an authentication information storage unit. In the login authentication information storage unit 23, as shown in FIG. 2C, a login authentication management record 230 for authenticating a user who can log in to the access application terminal 20 is recorded. The login authentication management record 230 is registered when a login key is transmitted to each administrator, and is updated when use authorization is performed for the login key. The login authentication management record 230 includes data relating to an administrator ID, issue date, group type, login key, usage status, original key, and status.

In the administrator ID data area, data relating to an identifier for specifying the administrator who provided the login key is recorded.
In the issue date data area, data related to the date on which the login key is transmitted to the administrator is recorded.

In the group type data area, data relating to an identifier for specifying the group type of the business server 10 that can use the login key is recorded.
In the login key data area, data relating to an identifier for specifying access authentication information (a login key including a login ID and a login password) provided to the administrator is recorded.

In the usage status data area, data relating to the usage status of the login key is recorded. Specifically, data related to the date on which the login key is validated is recorded.
In the original key data area, authentication information for authenticating a user who can set access authority for the business server 10 in the access application terminal 20 is recorded. This original key is acquired in the use approval received from the administrator terminal 30.

  In the status data area, a flag for determining the validity of the login key is recorded. In this data area, a valid flag is recorded when the login key is validated, and an invalid flag is recorded when the expiration date comes.

  As shown in FIG. 2D, the access management information storage unit 24 records an access management record 240 for managing the usage status of the one-time key for accessing the business server 10. This access management record 240 is registered when a one-time key is issued. The access management record 240 includes data relating to an issue date, a login key, a server identifier, an access authority, a one-time key, and a status.

In the issue date data area, data related to the date of issue of the one-time key is recorded.
In the login key data area, data relating to an identifier for specifying a login person to the access application terminal 20 is recorded. Specifically, a login key used at the time of login is recorded in this data area.

In the server identifier data area, data relating to an identifier for identifying the business server 10 that desires access is recorded.
In the access authority data area, data for specifying authority at the time of accessing the business server 10 is recorded.

In the one-time key data area, data related to authentication information (one-time key including a one-time ID and a one-time password) used when accessing the business server 10 is recorded.
In the status data area, a flag for determining the validity of the one-time key is recorded. In this data area, an effective flag is recorded when a one-time key is registered in the business server 10, and an invalid flag is recorded when an expiration date comes.

Next, a specific example of an access management method used when logging into the business server 10 in the system configured as described above will be described with reference to FIGS.
(Login key registration management process)
First, the login key registration management process will be described with reference to FIG.
Here, first, the control unit 21 of the access application terminal 20 executes a process for specifying a login key transmission destination (step S1-1). Specifically, the login key transmission unit 211 of the control unit 21 extracts the master management record 220 that is the transmission target of the login key from the master information storage unit 22. Next, the login key transmission unit 211 acquires the contact information recorded in the extracted master management record 220.

Then, the following processing is executed for each extracted contact.
Here, the control unit 21 of the access application terminal 20 executes a login key generation process (step S1-2). Specifically, the login key transmission unit 211 of the control unit 21 acquires the number of people for each group type recorded in the master management record 220. And the login key transmission means 211 produces | generates the unique login key (login ID and login password) for this number of people using a random number.

  Next, the control unit 21 of the access application terminal 20 executes a login key registration process (step S1-3). Specifically, the login key transmission unit 211 of the control unit 21 generates a login authentication management record 230 in which the administrator ID is recorded, and records it in the login authentication information storage unit 23. In addition, the login key transmission unit 211 records the issue date (current date) in association with the administrator ID. Furthermore, the login key transmission unit 211 records the login keys for the number of people generated for each group type in association with the administrator ID.

  Next, the control unit 21 of the access application terminal 20 executes mail transmission processing including a login key (step S1-4). Specifically, the login key transmission unit 211 of the control unit 21 generates an e-mail in which the contact address of the administrator terminal 30 is set as the transmission destination. This e-mail includes data related to the number of login keys for each group type. Then, the login key transmission unit 211 transmits this electronic mail to the administrator terminal 30.

  In this case, the administrator terminal 30 executes mail reception processing (step S1-5). Specifically, the mail transmitting / receiving means of the administrator terminal 30 receives an email including a login key and stores it in the received mail memory.

  When the user desires access to the business server 10, a usage application is made to the administrator. In this use application, the group type to which the business server 10 to be accessed belongs is included. Further, the user tells the administrator the original key determined by the user himself / herself.

  Next, the administrator terminal 30 executes mail selection processing (step S1-6). Specifically, the administrator activates the mail transmission / reception means of the administrator terminal 30 when approving the user application. In this case, the administrator terminal 30 displays the list of e-mails recorded in the received mail memory on the display. Then, the administrator specifies an e-mail received from the access application terminal 20 and including the login key in the e-mail list. Further, the e-mail is selected as the e-mail with the latest reception date.

  Next, the administrator terminal 30 executes a login key display process (step S1-7). Specifically, the administrator terminal 30 displays the content of the selected email on the display. In this e-mail, the number of login keys for each group type is displayed. Further, an approval button is displayed in the e-mail in association with the login key. When the administrator approves the use application, the administrator notifies the user of a login key used for the use application. In this case, the user stores a login key. Then, the administrator selects an approval button corresponding to this login key.

  The administrator terminal 30 that has detected the selection of the approval button executes an original key reception process (step S1-8). Specifically, the administrator terminal 30 displays an input screen on the display. This input screen includes an input field for an original key and an execution button. In this case, the administrator sets the original key obtained from the user in the input field. Then, the execution button is selected.

  The administrator terminal 30 that has detected the selection of the execute button executes a use consent transmission process (step S1-9). Specifically, the administrator terminal 30 transmits a use approval to the access application terminal 20. This use approval includes data relating to the selected login key and the input original key.

  Next, the control unit 21 of the access application terminal 20 executes a login key usage status confirmation process (step S1-10). Specifically, the login key validation unit 212 of the control unit 21 specifies the login authentication management record 230 in which the login key included in the received use approval is recorded in the login authentication information storage unit 23. Then, the login key validation unit 212 determines whether or not the original key is recorded in the identified login authentication management record 230. If the original key has already been recorded, it indicates that the login key has been used. Therefore, the login key validation unit 212 notifies the administrator terminal 30 that it cannot be used.

  On the other hand, when the original key is not recorded in the login authentication management record 230, the control unit 21 of the access application terminal 20 executes a login key validation process (step S1-11). Specifically, the current date is recorded in the usage status data area of the login authentication management record 230, and the valid flag is recorded in the status data area.

  Next, the control unit 21 of the access application terminal 20 executes an original key registration process (step S1-12). Specifically, the login key validation unit 212 of the control unit 21 records the original key included in the use application in the login authentication management record 230.

(Business server usage application processing)
Next, a case where the business server 10 is used will be described. In this case, the user activates the access management program on the access application terminal 20.

  In this case, the control unit 21 of the access application terminal 20 executes a login screen display process (step S2-1). Specifically, the login authentication means 213 of the control unit 21 outputs a login screen on the display. This login screen includes a login key input field and an execution button. The user inputs a login key in this input field and selects an execution button. In this case, the login authentication unit 213 of the control unit 21 confirms whether or not the login authentication management record 230 in which the input login key is recorded is registered in the login authentication information storage unit 23. Further, it is confirmed whether or not an invalid flag is recorded in the status data area of the login authentication management record 230 in which the login key is recorded. When the login authentication management record 230 in which the login key is recorded cannot be specified, or when the invalid flag is recorded in the login authentication management record 230, the login authentication unit 213 rejects the login and indicates that the login cannot be performed. Output a message to the display. On the other hand, when the invalid flag is not recorded in the login authentication management record 230 in which the input login key is recorded, the login is permitted.

  Next, the control unit 21 of the access application terminal 20 executes a display process for the one-time key generation screen (step S2-2). Specifically, the one-time key setting unit 214 of the control unit 21 outputs a one-time key setting screen to the display. The one-time key setting screen includes an original key input field, a business server selection field, and an access authority selection field.

  Next, the control unit 21 of the access application terminal 20 executes an input process to the one-time key generation screen (step S2-3). Specifically, the user inputs the original key transmitted to the administrator in the original key input field. Furthermore, the server identifier and access authority of the business server 10 to be accessed are selected in the business server selection field and the access authority selection field.

  The control unit 21 of the access application terminal 20 executes an original key authentication process (step S2-4). Specifically, the one-time key setting unit 214 of the control unit 21 checks whether or not the input original key is recorded in the login authentication management record 230 (condition 1). Furthermore, using the master information storage unit 22, it is confirmed whether or not the server identifier of the selected business server 10 is included in the group type (condition 2). If at least one of the conditions does not match in the confirmation result, the use is rejected. On the other hand, if the two conditions match, the one-time key setting unit 214 of the control unit 21 records the current date in the usage status data area of the login authentication management record 230 of the login authentication information storage unit 23 and status data Record the valid flag in the area. Further, the one-time key setting unit 214 generates an access management record 240 and records it in the access management information storage unit 24. In this access management record 240, an issue date (current date), a login key, a server identifier, and access authority are recorded.

  Next, the control unit 21 of the access application terminal 20 executes a security policy request process (step S2-5). Specifically, the one-time key setting unit 214 of the control unit 21 transmits a security policy request to the selected business server 10.

  In this case, the access control unit 11 of the business server 10 executes a security policy reply process (step S2-6). Specifically, the policy management unit 111 of the access control unit 11 returns an answer about the security policy to the access application terminal 20. This answer includes data related to the one-time key generation condition set in the security policy.

  Next, the control unit 21 of the access application terminal 20 executes a security policy acquisition process (step S2-7). Specifically, the one-time key setting unit 214 of the control unit 21 acquires a user ID and a password generation condition from the business server 10 as a security policy.

  Next, the control unit 21 of the access application terminal 20 executes a security policy comparison process (step S2-8). Specifically, the one-time key setting unit 214 of the control unit 21 compares the generation condition acquired from the business server 10 with the generation condition of the security policy applied to the access application terminal 20. Then, the security policy with strict conditions is identified. Specifically, when the minimum number of characters defined in the generation conditions is different, the one with the minimum minimum number of characters is selected. Further, when a plurality of character types are set in the generation condition, this condition is followed.

  Next, the control unit 21 of the access application terminal 20 executes a one-time key issuing process (step S2-9). Specifically, the one-time key setting unit 214 of the control unit 21 generates a one-time key using a random number in accordance with the specified security policy generation condition. Then, the one-time key setting unit 214 transmits the generated one-time key to the business server 10 as authentication information for use at the time of login.

  Next, the access control unit 11 of the business server 10 executes a one-time key registration process (step S2-10). Specifically, the one-time key registration unit 112 of the access control unit 11 confirms whether or not the received one-time key can be registered. Specifically, it is confirmed whether or not the conditions for generating the security policy are met, and whether or not the same one-time key is already registered. If there is no problem with the one-time key, the one-time key registration unit 112 generates an access authentication information management record 120 and registers it in the access authentication information storage unit 12. The current date is recorded in the issue date data area of the access authentication information management record 120, and the one-time key received from the access application terminal 20 is recorded in the one-time key data area.

  Then, the access control unit 11 of the business server 10 executes a result transmission process (step S2-11). Specifically, the one-time key registration unit 112 of the access control unit 11 returns a determination result as to whether or not the one-time key has been registered to the access application terminal 20. The determination result includes a message indicating registration completion when the one-time key is registered, and a message indicating registration failure when the one-time key is not registered.

  Next, the control part 21 of the access application terminal 20 performs a result reception process (step S2-12). Specifically, the one-time key setting unit 214 of the control unit 21 receives a determination result indicating whether or not registration is possible from the business server 10.

  Next, the control unit 21 of the access application terminal 20 executes a determination process as to whether registration is successful (step S2-13). Specifically, the one-time key setting unit 214 of the control unit 21 makes a determination based on a message included in the determination result of registration availability.

  When a registration failure message is acquired as the determination result (in the case of “NO” in step S2-13), the one-time key setting unit 214 starts over from the process of step S2-9.

  On the other hand, if it is determined that the registration is successful by obtaining a registration completion message (“YES” in step S2-13), the control unit 21 of the access application terminal 20 executes a one-time key display process. (Step S2-14). Specifically, the one-time key setting unit 214 of the control unit 21 outputs the one-time key acquired from the business server 10 to the display. Further, the one-time key setting unit 214 acquires the contact information of the administrator ID recorded in the login authentication management record 230 from the master information storage unit 22. Then, the one-time key setting means 214 transmits an e-mail indicating that the one-time key has been issued to this contact address.

  Next, the control unit 21 of the access application terminal 20 executes usage status registration processing (step S2-15). Specifically, the one-time key setting unit 214 of the control unit 21 generates an access management record 240 in which the one-time key is recorded and records it in the access management information storage unit 24. In the one-time key data area of the access management record 240, a one-time key that has been successfully registered in the business server 10 is recorded. Furthermore, a valid flag is recorded in the status data area.

  When the user accesses the business server 10, the acquired one-time key is input to the business server 10. In this case, the access control unit 11 of the business server 10 executes a login process using a one-time key (step S3-1). Specifically, the user authentication unit 113 of the access control unit 11 confirms whether or not the input one-time key is recorded in the access authentication information storage unit 12. Further, it is confirmed whether or not an invalid flag is set in the access authentication information management record 120. When the access authentication information management record 120 in which the invalid flag is not set is extracted, the user authentication unit 113 permits access.

  Next, the access control unit 11 of the business server 10 executes an operation process (step S3-2). Specifically, the user authentication unit 113 of the access control unit 11 takes over the processing to the business processing unit 15. Thereby, the user can perform an operation in the business processing unit 15.

(Login key management process)
Next, the login key management process will be described with reference to FIG. This process is performed regularly (for example, every day). Here, the process is repeated for each login key recorded in the access management information storage unit 24.

  First, the control unit 21 of the access application terminal 20 executes a process for acquiring the expiration date of the login key (step S4-1). Specifically, the key management unit 215 of the control unit 21 calculates the expiration date by adding the effective period to the issue date recorded in the login authentication management record 230.

  Next, the control unit 21 of the access application terminal 20 executes a determination process as to whether or not the expiration date has passed (step S4-2). Specifically, the key management unit 215 of the control unit 21 determines whether or not the expiration date has passed by comparing the expiration date with the current date.

  When it is determined that the expiration date has not elapsed (in the case of “NO” in step S4-2), the control unit 21 of the access application terminal 20 ends the process for this login key.

  On the other hand, when it determines with the expiration date having passed (in the case of "YES" in step S4-2), the control part 21 of the access application terminal 20 performs the invalidation process of a login key (step S4-3). ). Specifically, the key management unit 215 of the control unit 21 records an invalid flag in the usage status data area of the login authentication management record 230.

(One-time key management process)
Next, the one-time key management process will be described with reference to FIG. This process is performed regularly (for example, every day). This process is repeated for each one-time key recorded in the access management information storage unit 24.

  First, the control unit 21 of the access application terminal 20 executes a process for acquiring a one-time key expiration date (step S5-1). Specifically, the key management means 215 of the control unit 21 specifies the validity period in the business server 10 of the server identifier recorded in the access management record 240. Then, the key management unit 215 calculates the expiration date by adding the validity period to the issue date recorded in the access management record 240.

  Next, the control unit 21 of the access application terminal 20 executes a determination process as to whether or not the expiration date has passed (step S5-2). Specifically, the key management unit 215 of the control unit 21 determines whether or not the expiration date has passed by comparing the expiration date with the current date.

  When it is determined that the expiration date has not elapsed (in the case of “NO” in step S5-2), the control unit 21 of the access application terminal 20 ends the process for this one-time key.

  On the other hand, when it is determined that the expiration date has passed (in the case of “YES” in step S5-2), the control unit 21 of the access application terminal 20 executes a one-time key invalidation process (step S5-). 3). Specifically, the key management unit 215 of the control unit 21 records an invalid flag in the status data area of the access management record 240.

(Usage status management process)
Next, usage status management processing will be described with reference to FIG. This process is performed periodically (for example, every month). This process is repeated for each administrator ID recorded in the master information storage unit 22.

  First, the control unit 21 of the access application terminal 20 executes a login key and one-time key specifying process (step S6-1). Specifically, the usage status management unit 216 of the control unit 21 extracts the login authentication management record 230 in which the processing target administrator ID is recorded from the login authentication information storage unit 23. Further, the usage status management unit 216 extracts the access management record 240 in which the login key of the extracted login authentication management record 230 is recorded from the access management information storage unit 24.

  Next, the control unit 21 of the access application terminal 20 executes usage status report creation processing (step S6-2). Specifically, the usage status management means 216 of the control unit 21 specifies the usage status of the login key for the login key of the extracted login authentication management record 230 and issues a one-time key from the extracted access management record 240. Identify the day. Then, the usage status management means 216 creates a report including the usage status and issue status.

  Next, the control unit 21 of the access application terminal 20 executes a usage status report transmission process (step S6-3). Specifically, the usage status management unit 216 of the control unit 21 acquires a contact address associated with the processing target administrator ID from the master information storage unit 22. Then, the usage status management means 216 transmits the generated usage status report to this contact address.

According to the access management system of the present embodiment, the following effects can be obtained.
(1) In this embodiment, the control unit 21 of the access application terminal 20 specifies a login key transmission destination identification process (step S1-1), a login key generation process (step S1-2), and a login key registration process ( Step S1-3) is executed. And the control part 21 of the access application terminal 20 performs the transmission process of the mail containing a login key (step S1-4). Thereby, a login key required for logging in to the access application terminal 20 can be provided to the administrator. In this case, since the number of login keys for each manager is provided for each administrator, the login key can be provided for each user. In addition, since a login key used when setting a one-time key is provided for the grouped information processing servers, the administrator can manage a plurality of information processing servers collectively. Therefore, the management burden on the information processing server for the administrator can be reduced.

  (2) In this embodiment, when mail is selected on the administrator terminal 30 (step S1-6), a login key display process is executed (step S1-7). Then, the administrator terminal 30 that has detected the selection of the approval button executes an original key reception process (step S1-8) and a use permission transmission process (step S1-9). Next, the control unit 21 of the access application terminal 20 executes an original key registration process (step S1-12). Then, the control unit 21 of the access application terminal 20 displays the login screen (step S2-1), the one-time key generation screen display process (step S2-2), and the original key authentication process (step S2-4). Execute. Thereby, the user authentication in the access application terminal 20 can be performed using the original key set by the user.

  (3) In this embodiment, the control unit 21 of the access application terminal 20 executes a security policy request process (step S2-5) and a security policy acquisition process (step S2-7). Then, the control unit 21 of the access application terminal 20 executes a security policy comparison process (step S2-8) and a one-time key issuance process (step S2-9). Thereby, even if the security policy applied to the business server 10 and the security policy applied to the access application terminal 20 are different, an appropriate one-time key can be set.

  (4) In the present embodiment, when a registration failure message is acquired in the determination result (“NO” in step S2-13), the one-time key setting unit 214 starts over from the process of step S2-9. Thereby, it is possible to prevent duplicate registration of the same one-time key.

  (5) In this embodiment, when it is determined in the login key management process that the expiration date has passed (in the case of “YES” in step S4-2), the control unit 21 of the access application terminal 20 The invalidation process is executed (step S4-3). In the one-time key management process, when it is determined that the expiration date has passed (in the case of “YES” in step S5-2), the control unit 21 of the access application terminal 20 performs the one-time key invalidation process. Is executed (step S5-3). Thereby, long-term use of the same login key or one-time key can be suppressed, and security can be improved.

  (6) In the present embodiment, in the usage status management processing, usage status report creation processing (step S6-2) and usage status report transmission processing (step S6-3) are executed. Since the usage status of the login key and the one-time key is accumulated in the access application terminal 20, it can be efficiently managed collectively.

Moreover, you may change the said embodiment as follows.
In the above embodiment, when a one-time key issuance application is made, a security policy request process is executed (step S2-5). Here, the access application terminal 20 may store the security policy of each business server 10 in advance. In this case, the access application terminal 20 is provided with a policy information storage unit. In the policy information storage unit, the obtained security policy is registered in association with the server identifier of each business server 10 that has obtained the security policy.

  The use application process of the business server 10 in this case will be described with reference to FIG. Here, after the processing of steps S2-1 to S2-3, the control unit 21 of the access application terminal 20 executes the original key authentication processing in the same manner as in step S2-4 (step S7-1).

  Next, the control unit 21 of the access application terminal 20 executes a determination process as to whether or not pre-registration is performed (step S7-2). Specifically, the one-time key setting unit 214 of the control unit 21 confirms whether the security policy of the selected business server 10 is recorded in the policy information storage unit.

  When the security policy is not pre-registered (in the case of “NO” in step S7-2), the control unit 21 of the access application terminal 20 executes a security policy request process in the same manner as in step S2-5 (step S2-5). S7-3). Then, the access control unit 11 of the business server 10 executes a security policy response process (step S7-4) in the same manner as in step S2-6. And the control part 21 of the access application terminal 20 performs the acquisition process of a security policy similarly to step S2-7 (step S7-5). Furthermore, when a new security policy is acquired, the control unit 21 records the security policy in the policy information storage unit in association with the server identifier of the business server 10.

  On the other hand, when the security policy is pre-registered (in the case of “YES” in step S7-2), steps S7-3 and S7-4 are skipped. In this case, the security policy is acquired from the policy information storage unit in the security policy acquisition process (step S7-5).

  Then, the control unit 21 of the access application terminal 20 executes a security policy comparison process (step S7-6) and a one-time key issuance process (step S7-7) in the same manner as steps S2-8 and S2-9. To do.

  Further, the access control unit 11 of the business server 10 executes a one-time key registration process (step S7-8) and a result transmission process (step S7-9), similarly to steps S2-10 and S2-11. In this case, the case where the one-time key cannot be registered includes a case where it does not conform to the security policy and a case where the one-time key has already been registered. Therefore, a message indicating each case is included in the determination result of registration availability.

  Next, similarly to steps S2-12 and S2-13, the control unit 21 of the access application terminal 20 performs a result reception process (step S7-10) and a determination process (step S7-11) as to whether the registration is successful. Run.

  Here, when the registration failure message is acquired (in the case of “NO” in step S7-11), the control unit 21 of the access application terminal 20 determines whether or not the security policy is not satisfied (step S7-12). Specifically, the one-time key setting unit 214 of the control unit 21 determines that the message does not conform when the message acquired from the business server 10 indicates that the message does not conform to the security policy.

  If it is determined that the message does not conform to the security policy and it is determined that the message does not conform (in the case of “YES” in step S7-12), the one-time key setting unit 214 starts over from the process of step S7-3.

On the other hand, if it is determined that it is not incompatible by acquiring a message indicating that the one-time key has already been registered (if “NO” in step S7-12), the one-time key setting unit 214 The processing from step S7-7 is repeated.
When it is determined that the registration is successful by obtaining a registration completion message (in the case of “YES” in step S7-11), the control unit 21 of the access application terminal 20 performs steps S2-14 and S2-15. Similarly, a one-time key display process (step S7-13) and a usage status registration process (step S7-14) are executed.

  In the above embodiment, it is assumed that one access application terminal 20 is used. In a plurality of locations, the access application terminal 20 may be provided at each location (base). In this case, as shown in FIG. 7 (a), the access application terminal 20 installed at each site (A, B) from the access application terminal 20 to the administrator terminal 30 is the number of persons recorded in the master information storage unit 22. Send an email with a login key.

  Here, you may make it transmit the login key for the number of users who work in each base (A, B). In this case, the master information storage unit 22 of each access application terminal 20 records the number of people working at each base.

  Further, as shown in FIG. 7B, a central server 40 that manages the access application terminal 20 installed at each site (A, B) may be provided. In this case, an electronic mail including a login key is transmitted from the central server 40 to the administrator terminal 30. When the use is approved, the original key is acquired from the administrator terminal 30. Furthermore, when logging in to the access application terminal 20, each access application terminal 20 checks the use status of the login key and the presence / absence of registration of the original key in the central server 40. Then, the central server 40 executes a security policy request process (step S2-5) to a registration success determination process (step S2-13) for each business server 10. Then, the central server 40 provides a one-time key to the access application terminal 20 and displays it on the display (step S2-14). Furthermore, the central server 40 executes usage status registration processing (step S2-15). As a result, by using the access application terminals 20 installed in a plurality of locations, the central server 40 can collectively manage the one-time key issuance status while considering the usage status of each key.

  In the above embodiment, the control unit 21 of the access application terminal 20 executes a login key usage status confirmation process (step S1-10). Here, if the login key has been used, the login key validation unit 212 notifies the administrator terminal 30 that the login key cannot be used. Instead, the administrator terminal 30 may display whether the login key has been used. In this case, a script (program) for displaying the fact that it has been used when an approval button is selected in an e-mail including a login key is embedded. Thereby, it is possible to determine whether or not the login key can be used in the electronic mail.

  In the above embodiment, the control unit 21 of the access application terminal 20 executes a one-time key issuance process (step S2-9). In this case, the generated one-time key is transmitted to the selected business server 10 as authentication information for use when logging in. Here, the one-time key issuing method may be changed according to the operating status of the server. Specifically, a one-time key is issued for each business server 10 during normal times, and a one-time key is issued collectively to the business servers 10 belonging to the same group type when a failure occurs.

  In this case, the access application terminal 20 is connected to an integrated monitoring server that monitors the operating state of each business server 10. Then, the business server 10 transmits an alert (failure message) to the integrated monitoring server when a failure occurs. This failure message includes data relating to the content of the failure that has occurred (here, a failure code for identifying the failure) and data relating to a device code for identifying the transmission source business server 10. Moreover, the control part 21 of the access application terminal 20 is provided with an operating state information collecting unit, and acquires operating state information of the business server 10 from the integrated monitoring server.

Hereinafter, the processing procedure will be described with reference to FIG.
First, similarly to step S2-4, the control unit 21 of the access application terminal 20 executes an original key authentication process (step S8-2).

  Next, the control unit 21 of the access application terminal 20 executes a server operation status grasping process (step S8-2). Specifically, the operating status information collecting unit of the control unit 21 acquires operating status information of each business server 10 from the integrated monitoring server.

  Next, the control unit 21 of the access application terminal 20 executes a determination process as to whether or not the operation is normal (step S8-3). Specifically, the operating status information collecting unit of the control unit 21 determines whether each business server 10 is in normal operation based on the acquired operating status information. When the failure occurrence message is not recorded in the operation state information, it is determined that the operation is normal.

  When it determines with normal operation (in the case of "YES" in step S8-3), the process similar to step S2-5-S2-8 is performed. Specifically, the control unit 21 of the access application terminal 20 performs a security policy request process (step S8-4), a security policy acquisition process (step S8-5), and a security policy for the selected business server 10. A comparison process (step S8-6) and a one-time key issuance process (step S8-7) are executed.

  On the other hand, when it is determined that the operation is not normal by acquiring the failure message (in the case of “NO” in Step S8-3), the control unit 21 of the access application terminal 20 sets the security policy for the business servers of the same group type. Request processing is executed (step S8-8). Specifically, the one-time key setting unit 214 of the control unit 21 specifies the business server 10 belonging to the group type associated with the login key in the login authentication management record 230. Then, a security policy request is transmitted to all the specified business servers 10.

  Next, the control unit 21 of the access application terminal 20 executes a security policy acquisition process for each business server (step S8-9). Specifically, the one-time key setting unit 214 of the control unit 21 acquires a security policy (password generation condition) from each business server 10 belonging to the group type.

  Next, the control unit 21 of the access application terminal 20 executes a security policy comparison process (step S8-10). Specifically, the one-time key setting unit 214 of the control unit 21 specifies the strictest security policy among the security policies and the security policies applied to the access application terminal 20 from each business server 10. When incompatible generation conditions are set in the security policy, a one-time key is generated separately for the business server 10 of this security policy.

  Next, the control unit 21 of the access application terminal 20 executes a one-time key issuance process for business servers of the same group type (step S8-11). Specifically, the one-time key setting unit 214 of the control unit 21 generates a one-time key based on the identified security policy.

  Next, similarly to steps S2-12 and S2-13, the control unit 21 of the access application terminal 20 performs a result reception process (step S8-12) and a determination process (step S8-13) as to whether the registration is successful. Run. Here, when a registration failure message is acquired as the determination result (“NO” in step S8-13), the one-time key setting unit 214 repeats from step S8-2. On the other hand, when a registration success message is acquired as the determination result (“YES” in step S8-13), the same processing as that in step S2-14 and subsequent steps is executed.

  For example, when a failure occurs in some of the business servers 10, it may be necessary to deal with other business servers 10 related to the business server 10. Here, since the same one-time key is issued in the business servers 10 belonging to the same group type, it is possible to deal with a failure efficiently and quickly.

  In the above embodiment, when it is determined that the registration is successful (“YES” in step S2-13), the control unit 21 of the access application terminal 20 executes a one-time key display process (step S2-14). . Specifically, the one-time key setting unit 214 of the control unit 21 outputs the one-time key acquired from the business server 10 to the display. Here, the one-time key output method is not limited to the output to the display. For example, the one-time key setting unit 214 may transmit the one-time key to the mail address of the user who uses the business server 10. In this case, the destination mail address is designated on the one-time key generation screen in step S2-3. Further, the user ID may be acquired on the one-time key generation screen, and the mail address associated with the user ID may be specified. In this case, a data storage unit (for example, a user management information storage unit) in which a mail address is recorded for the user ID is used. Then, the one-time key setting unit 214 records the destination mail address in the access management record 240. Thereby, the acquirer of the one-time key can be specified by the mail address.

DESCRIPTION OF SYMBOLS 10 ... Business server, 11 ... Access control part, 111 ... Policy management means, 112 ... One time key registration means, 113 ... User authentication means, 12 ... Access authentication information storage part, 15 ... Business processing part, 20 ... Access application terminal , 21 ... control unit, 211 ... login key transmission means, 212 ... login key validation means, 213 ... login authentication means, 214 ... one-time key setting means, 215 ... key management means, 216 ... usage status management means, 22 ... Master information storage unit, 23... Login authentication information storage unit, 24... Access management information storage unit, 30.

Claims (8)

Administrator information storage means for storing the contact information of the administrator terminal that transmits the login key;
An authentication information storage means for storing identification information of an accessible information processing server, a login key, an original key, and an issue date in association with an administrator identifier;
An access management system comprising a control means connected to an administrator terminal and an information processing server,
The control means is
Means for transmitting a login key to the administrator terminal of the contact stored in the administrator information storage means, and recording the login key and the date of issue in the authentication information storage means;
When obtaining an original key corresponding to the login key from the administrator terminal, means for recording the original key in the authentication information storage means in association with the login key;
When the login key and the original key recorded in the authentication information storage means are acquired, the authentication information storage means is used to obtain identification information of an accessible information processing server associated with the login key and the original key. Identifying, executing a generation process of a one-time key for logging in to the information processing server, recording a use history of the login key, and outputting the one-time key;
When the expiration date specified based on the date of issue of each login key has passed, a means for invalidating the login key;
An access management system comprising: means for transmitting a use history of the login key to the administrator terminal. In the one-time key generation process,
The control means is
Identifying a security policy of the information processing server;
The access management system according to claim 1, wherein a security policy in the access management system is compared with a security policy of the information processing server, and a one-time key is generated based on the comparison result.   The access control system according to claim 2, wherein the control unit requests a security policy from the information processing server and acquires the security policy from the information processing server.   The access control system according to claim 2, wherein the control unit specifies the information processing server and acquires a pre-registered security policy. The administrator information storage means records the required number of login keys for each administrator,
The said control means specifies the required number of login keys for every contact of the said administrator terminal, The said required number of login keys are transmitted, The any one of Claims 1-4 characterized by the above-mentioned. Access management system. The control means is
Means for obtaining operating status information of the information processing server;
6. The access management system according to claim 1, further comprising means for changing a one-time key issuing method based on the operation status information. Administrator information storage means for storing the contact information of the administrator terminal that transmits the login key;
An authentication information storage means for storing identification information of an accessible information processing server, a login key, an original key, and an issue date in association with an administrator identifier;
A method of managing access using an access management system comprising a control means connected to an administrator terminal and an information processing server,
The control means is
Transmitting a login key to the contact manager terminal stored in the administrator information storage means, and recording the login key and the date of issue in the authentication information storage means;
When acquiring an original key corresponding to the login key from the administrator terminal, recording the original key in the authentication information storage means in association with the login key;
When the login key and the original key recorded in the authentication information storage means are acquired, the authentication information storage means is used to obtain identification information of an accessible information processing server associated with the login key and the original key. Identifying, executing a one-time key generation process for logging in to the information processing server, recording a use history of the login key, and outputting the one-time key;
When the expiration date specified based on the issue date of each login key has passed, the step of invalidating the login key,
Transmitting the use history of the login key to the administrator terminal. Administrator information storage means for storing the contact information of the administrator terminal that transmits the login key;
An authentication information storage means for storing identification information of an accessible information processing server, a login key, an original key, and an issue date in association with an administrator identifier;
A program for managing access using an access management system comprising a control means connected to an administrator terminal and an information processing server,
The control means;
Means for transmitting a login key to the contact manager terminal stored in the administrator information storage means, and recording the login key and the date of issue in the authentication information storage means;
Means for recording the original key in the authentication information storage means in association with the login key when an original key corresponding to the login key is obtained from the administrator terminal;
When the login key and the original key recorded in the authentication information storage means are acquired, the authentication information storage means is used to obtain identification information of an accessible information processing server associated with the login key and the original key. Identifying, executing a process of generating a one-time key for logging in to the information processing server, recording a use history of the login key, and outputting the one-time key;
A means for invalidating the login key when the expiration date specified based on the date of issue of each login key has passed,
An access management program that functions as means for transmitting a use history of the login key to the administrator terminal.

Images