JP2017097728A - Security monitoring system and security monitoring method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To disable illegal download by detecting illegal download to a database in a monitoring object room with high accuracy.SOLUTION: A security monitoring system 100 for monitoring illegal download from a personal computer 12 to a database comprises: a determination part 6 for determining propriety of a room access of a user; a login determination part 25 for determining whether to permit the user determined to be accessible to use a personal computer; an access monitoring part 24 for, when it is determined that the user is permitted to use the personal computer, determining presence/absence of a download authority of information to the personal computer accessed by the user himself or herself from a server; and a center control part for, when it is determined that the user has the download authority, and the information downloaded by the user is deviated from a preliminarily set condition, interrupting communication between the personal computer and the server.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a security monitoring system and a security monitoring method.

  In recent years, there have been frequent incidents of illegally downloading personal information, and as a conventional technique for preventing the unauthorized download, the surveillance camera provided in the server room and the video data of the surveillance camera are subjected to image processing. Using the image processing device, the behavior of the person who entered the room is identified, and the action identification result is compared with the work behavior of the person who entered the room for the scheduled work. And a technology for locking the entrance / exit of the server room is disclosed (Patent Document 1).

JP 2011-048547 A

  In the known technology, since important information is stored in a database of a server room separated from a general office room, it is a direct and suitable method to monitor a person's behavior in the server room. it is conceivable that. However, if the person who performs unauthorized download is a person who performs the same behavior as normal (daily) or can perform the same behavior, the behavior will not change even if monitored, so suspicious behavior will be Cannot be identified. For this reason, it is impossible to detect and prevent unauthorized downloads within the range of daily actions.

  The database provided in the server room is connected to a personal computer installed in a different office room from the server room via a locally provided network or the Internet. In that case, it is also possible to illegally download the information in the database of the server room from this personal computer. Therefore, when detecting an unusual action in the office room, that is, the room to be monitored, there are many false detections. can not deny.

  Therefore, the problem to be solved by the present invention is to detect unauthorized downloads with respect to a database in a monitored room with high accuracy and disable unauthorized downloads.

  In order to solve the above-described problems, the present invention provides an information processing apparatus, a management apparatus that manages entry / exit into a room in which the information processing apparatus is installed, and the information processing apparatus and the management apparatus connected via a communication unit. A security monitoring system including a monitoring center in which a database is installed, and an entrance / exit determination means for determining whether the user enters or leaves the room, and the user who is determined to be allowed to enter the room. Availability of determining whether to use the information processing apparatus, and whether the user has authority to download information to the information processing apparatus accessed by the user from the server when it is determined to be usable An authority presence / absence determining means that determines whether there is a download authority, and when the information downloaded by the user satisfies a preset condition, the information processing apparatus and the information processing apparatus And interrupting means for interrupting the communication between the over server, and wherein the security monitoring system with a.

  ADVANTAGE OF THE INVENTION According to this invention, the unauthorized download with respect to the database in a monitoring object room can be detected with high precision, and an unauthorized download cannot be performed. Note that problems, configurations, and effects other than those described above will be clarified in the following description of embodiments.

It is a building partial top view which shows arrangement | positioning of the principal equipment of the building in one Embodiment of the security monitoring system of this invention. It is a block diagram which shows the principal part structure of one Embodiment of the security monitoring system of this invention. It is a flowchart which shows the operation | movement procedure regarding the entrance / exit of-embodiment of the security monitoring system of this invention. It is a flowchart which shows the operation | movement procedure regarding the illegal download response of one Embodiment of the security monitoring system of this invention.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 is an explanatory diagram showing an arrangement of main equipment of a building where a security monitoring system according to an embodiment of the present invention is installed, and FIG. 2 is a block diagram showing a system configuration of the security monitoring system.

  In FIG. 1, an office 50 that is a monitoring target room is provided on the left side of the site 2 that is a building, and a warehouse 51 is provided on the right side of the office 50 and the corridor 45. A first wall 46 is installed between the office 50 and the hallway 45, and a second wall 47 is installed between the warehouse 51 and the hallway 45. As shown in FIG. 2, the first wall 46 is provided with a first door 60A having a first electric lock 11A, and the second wall 47 is provided with a second door 60B having a second electric lock 11C. It has been.

  Also, the first card reader 8A is provided on the office side of the first door 60A, the second card reader 8B is provided on the corridor 45 side of the first door 60A, and the third card reader 8C is provided on the corridor 45 side of the second door 60B. It has been. The first card reader 8A includes a first authentication unit 9A that reads an authentication code stored in advance in an ID card, and a first LED display unit 10A that displays a read result. Similarly, the second card reader 8B includes a second authentication unit 9B and a second LED display unit 10B (not shown), and the third card reader 8C includes a third authentication unit 9C and a third LED display unit 10C.

  The warehouse 51 is provided with a controller 4 for connecting to a monitoring center (hereinafter referred to as a center) 20 for remotely monitoring equipment equipment of a plurality of buildings including the site 2 via the Internet 3. . The controller 4 includes a controller communication unit 5 and a determination unit 6. The controller communication unit 5 transmits / receives information to / from the center 20 via the Internet 3. The determination unit 6 is an authentication code that permits the unlocking of the first electric lock 11A and the third electric lock 11C with respect to the authentication code of the ID card read by the first authentication unit 9A to the third authentication unit 9C. Determine whether or not.

  As shown in FIG. 2, the site 2 includes an entrance / exit device 70, a warehouse communication unit 1, and a plurality of personal computers (hereinafter referred to as personal computers) 12-1, ... 12-N (N is one or more). Integer). The entrance / exit device 70 includes the controller 4, the first card reader 8A to the third card reader 8C, the authentication code storage unit 7, the first electric lock 11A to the second electric lock 11C, and the entrance / exit history storage unit 13. Yes. The controller 4 includes a controller communication unit 5 and a determination unit 6. In the code storage unit 7, authentication codes that are permitted to unlock the first electric lock 11A and the second electric lock 11C in advance are stored in association with each other. The entrance / exit history storage unit 13 stores authentication codes of ID cards read by the first authentication unit 9A to the third authentication unit 9C (the second authentication unit is not shown). The authentication code is stored with its reading date and time. The entrance / exit device 70 unlocks and locks the first electric lock 11A and the second electric lock 11C provided in the first door 60A and the second door 60B.

  The plurality of personal computers 12-1 to 12 -N arranged in the office 50 are respectively connected to a local area network (hereinafter referred to as LAN) 41. The warehouse-side communication unit 1 provided in the warehouse 51 is connected to the LAN 41 and further remotely connected to the center 20 via the Internet 3.

  The center 20 includes a center communication unit 21, a center control unit 22, and a database 30.

  The center communication unit 21 transmits and receives information via the warehouse side communication unit 1, the controller communication unit 5 and the Internet 3. The center control unit 22 is a server that is connected to the center communication unit 21 and performs commands, control, and determination processing for devices provided in the center 20.

  The database 30 includes at least a login password storage unit 31, an entrance / exit authentication code storage unit 32, and an entrance / exit history data storage unit 33, and is connected to the center control unit 22. In the login password storage unit 31, a unique login password given to each user who uses the personal computers 12-1 to 12-N and input when the personal computers 12-1 to 12-N are used is associated with the user. Stored. Also, the login password storage unit 31 stores authority related to download processing for each job described later in association with the login password. In the entrance / exit room authentication code storage unit 32, the authentication code of the ID card is stored in association with the lender of the ID card. The entry / exit history data storage unit 33 stores the entry / exit history data stored in the entry / exit history storage unit 13.

  The center control unit 22 includes a data collection unit 23, an access monitoring unit 24, a login determination unit 25, a login verification unit 26, and a security comprehensive determination unit 27. The data collection unit 23 collects and stores the entry / exit history data related to, for example, the office 50 of the site 2 stored in the entry / exit history storage unit 13 provided in the site 2 at a predetermined time interval, for example, every 10 seconds. . When the user of the personal computers 12-1 to 12 -N disposed in the office 50 logs in to the LAN 41, the login determination unit 25 responds to the input of the login password previously given to the user, and the login password storage unit 31. Determine whether login is possible by referring to the password stored in. The login verification unit 26 stores the entry / exit history data in the office 50 of the site 2 for the authentication code of the ID card lent to the user who is given the login password referred to by the login determination unit 25. With reference to the entry / exit history data stored in the unit 33, it is verified whether or not the room is entered.

  The access monitoring unit 24 determines whether or not there is a download process in response to login from the personal computers 12-1 to 12-N to the database 30, and download using the personal computers 12-1 to 12N from the database 30 is determined. Monitor whether it has been implemented. The security comprehensive determination unit 27 determines that the user to whom the login password is assigned by the login verification unit 26 is different from the user to whom the authentication code of the entry / exit history data is different, and the access monitoring unit 24. When it is determined that the download has not been performed as determined, the authentication code and the login password are stored, and the authentication code and the login password are invalidated. Here, download execution as determined by the access monitoring unit 24 is assumed to be download capacity.

  FIG. 3 is a flowchart showing an operation (control) procedure when leaving the office in the security monitoring system.

  In FIG. 3, when the first authentication unit 9A of the first card reader 8A acquires the authentication code of the ID card (step SA1), the first authentication unit 9A transmits the authentication code to the determination unit 6 via the controller communication unit 5. The determination unit 6 refers to the authentication code storage unit 7 for the transmitted authentication code, and determines whether or not the first electric lock 11A of the first door 60A of the office 50 can be unlocked (step SA2). When the first electric lock 11A can be unlocked, the unlocking signal is transmitted from the determination unit 6 to the first LED display unit 10A of the first card reader 8A and the first electric lock 11A via the controller communication unit 5.

  The first LED display unit 10A that has received the unlockable signal lights the LED in green for a predetermined time, for example, 1 second (step SA3), notifies the unlocking of the first electric lock 11A, and also displays the unlockable signal. The first electric lock 11A is unlocked (step SA4).

  If it is determined in step SA2 that the first electric lamp 11A is unlocked, the unlocking signal is transmitted from the determination unit 6 to the first LED display unit 10A of the first card reader 8A via the controller communication unit 5. Accordingly, the first LED display unit 10A lights the LED in red for a predetermined time, for example, ↑ seconds (step SA5), and notifies that the first electric lock 11A is not unlocked.

  The determination unit 6 that has transmitted the unlocking permission signal of the electric lock 11A uses the ID card authentication code read by the first authentication unit 9A, the read date and time, and the read first authentication unit 9A as the entry / exit history data. Store in the storage unit 13. Also, new data of the entry / exit history data stored in the entry / exit history storage unit 13 is distributed to the data collection unit 23 in accordance with an instruction from the data collection unit 23 of the center 20 (step SA6).

  FIG. 4 is a flowchart showing a security monitoring operation (control) procedure in the security monitoring system.

  4, the operation of the user entering the office 50 in order to use the personal computers 12-1 to 12-N is the same as the operation from the reading of the first card reader 8A in the flowchart shown in FIG. Since it is the same as that replaced with the operation | movement from the reading of 2 card reader 8B, description is advanced as what entered the room by the same operation | movement.

  When the user is determined to be allowed to enter the room in step SA2 and enters the office 50, the data collection unit 23 updates the latest data on the entry / exit history data related to the office 50 stored in the entry / exit history storage unit 13 according to the command. Is received from the controller 4 (step SB1), and the latest data is stored in the entry / exit history data storage unit 33.

  When the user activates the personal computer 12A and detects the input of a unique number for identifying the user and a login password given in advance to log in to the database 30 (step SB2), the login determination unit 25 With reference to the storage unit 31, whether the login password is correct is determined based on the presence or absence of the input login password (step SB3). Here, if the login password is not input in step SB2, the process returns to step SB1 and waits for the input of the login password.

  If the login determination unit 25 determines that the login password is not accepted in step SB3, the login determination unit 25 notifies the personal computer 12-1 of an alarm (step SB4) and informs the user that the input login password is incorrect.

  In addition, the login determination unit 25 counts the number of times the login password is input, for example, three consecutive times (step SB5), and if the login cannot be performed in three consecutive times, in other words, if the login password is mistaken for three times, An audible alarm sound larger than the alarm notification of SB4 is generated (step SB6). As a result, the user is notified that the login password of the user has become invalid, for example, because the input login password has been erroneously repeated three times, which is a predetermined number of times. Here, if the number of login password inputs is less than three consecutive times in step SB5, the process returns to step SB2 and the subsequent processing is repeated.

  When the login determination unit 25 determines in step SB3 that the login password is correct, the login determination unit 25 activates the login verification unit 26. Then, the user associated with the login password determined to be correct is transmitted to the login verification unit 26. The login verification unit 26 refers to the entrance / exit history storage unit 13 and selects an authentication code of a person who is present in the office 50, and the user authentication code associated with the login password is present in the room. It is determined whether or not it exists in the authentication code of the person (step SB7). If it exists, it is determined that the user has entered the room with his / her ID card that has been rented, and has correctly logged in to the database 30 with his / her own login password. It is displayed (step SB8).

  In this way, the login verification unit 26 verifies the user of the personal computer 12A and the person entering the office 50 in step SB7, thereby performing illegal activities involving multiple persons, such as lending an ID card or providing a mouth dine password. It can be detected.

  When the user of the personal computer 12-1 selects a predetermined job on the displayed menu screen, the access monitoring unit 24 determines whether the selected job has been downloaded (step SB9). When the business does not have a download, normal processing is executed on the personal computer 12-1 (step SB10). Then, when the normal processing work by the personal computer 12-1 is finished (step SB11), the personal computer 12-1 is finished (step SB12).

  Further, the access monitoring unit 24 that has determined that there is a download in the job selected in step SB9 refers to the login password storage unit 31 to determine whether the user who has been given the login password has the download authority for the job. Judgment is made (step SB13).

  In step SB13, the user who has received the download processing permission from the access monitoring unit 24 determined to have download authority executes business processing including download on the personal computer 12-1 (step SB14). Then, the access monitoring unit 24 determines whether the download capacity processed by the personal computer 12-1 is equal to or less than a predetermined capacity (step SB15). If it is less than the predetermined capacity, the continuation of the business process including the download is permitted (step SB15: Yes), and when the business process is completed (step SB16: Yes), the termination process of the personal computer 12-1 is executed (step SB12). Finish. If the business process does not end (step SB16: No), the process returns to step SB14 and the subsequent processes are repeated.

  If the login verification unit 26 determines that the authentication code of the user associated with the login password in step SB7 does not exist in the authentication code of the person in the room (step SB7: No), further access When the monitoring unit 24 determines that there is no download authority in step SB13 (step SB13: No), and if it is determined in step SB15 that the download capacity is larger than the predetermined capacity (step SB15: No), login verification The unit 26 and the access monitoring unit 24 activate the security comprehensive determination unit 27. The activated security judgment unit 27 stores the login password and the user authentication code associated with the login password in the database 30 (step SB17). In parallel with this, the login password and the user authentication code are reported to the administrator who manages the database 30, and processing for invalidating the login password is performed (step SB18). Thereafter, the center control unit 22 disconnects communication between the database 30 and the personal computer 12-1 (step SB19), and exits from this process.

  On the other hand, the user authentication code is transmitted to the determination unit 6 of the controller 4 via the communication unit 21 and the Internet 3. The determination unit 6 executes invalidation processing on the user authentication code stored in the authentication code storage unit 7.

  In addition to or instead of checking the download capacity in step SB15, the download target information may be information that cannot be downloaded when the number of downloads exceeds a preset number. it can.

In this embodiment, user fraud can be checked in four stages. The four stages are:
・ Check when entering the room (Step SA2)
・ Verification check of password and occupant authentication code (step SB7)
-Download authority (step SB13)
・ Existence of excessive download capacity (step SB14)
It is.

  Among these, the checks 1 to 3 are performed by normal security monitoring, but the download capacity check 4 is not performed. That is, 1 to 3 cannot be prevented if an unauthorized user borrows an ID card from an authorized user and teaches and uses a login password.

  However, when a download operation is performed while pretending to be an authorized user, or when an authorized user performs a download operation with malicious intent, processing different from a normal operation is often performed. In the present embodiment, processing different from normal work is determined based on the size of the download capacity.

  In a normal business, when a download process is performed from a personal computer permitted to log in according to the business content, for example, the personal computer 12-1, the download capacity is within a certain range. However, if downloading is performed beyond the normal business range, the download capacity inevitably becomes larger than the certain range. Therefore, in the present embodiment, the login password and the entry / exit authentication code that are regarded as illegal when the download amount is larger than the normal business download capacity of each of the personal computers 12-1 to 12-N are invalidated, and communication is performed. It cut | disconnected and it was made to lock the 1st door 60A. Thereby, the user who performed fraud cannot leave the office 50 unless the 1st electric lock 11A and the 2nd electric lock 11B of the 1st door 60 are unlocked from the outside.

  In the present embodiment, the security comprehensive determination unit 27 invalidates the user authentication code in step SSB18, but the same effect can be obtained even if the card reader 8A provided in the office 50 is invalidated.

  As described above, in the present embodiment, the login verification unit 26 authenticates the ID card read by the first authentication unit 9A when the worker enters the office 50 by putting the ID card in the second card reader 8B. The access monitoring unit 24 determines whether or not the code lender and the login password granter who logged in the personal computer 12-1 of the office 50 match, and the access monitoring unit 24 uses the personal computer 12 to which the user is permitted to log in. -1 to determine whether or not the job selected in -1 has been downloaded from the database 30 and whether or not to have download authority for the job, and whether the download capacity to be executed on the personal computer 12-1 is equal to or less than a predetermined capacity When the login verification unit 26 determines that the authentication code lender and the login password grantor do not match, the access monitoring unit 24 When a user who does not have download authority selects a business having download, or when a download exceeding a predetermined capacity is performed, the security comprehensive determination unit 27 is activated, the login password and authentication code invalidation processing, and the personal computer 12- 1 is disconnected and the administrator who manages the database 30 is notified, so that unauthorized downloads can be handled quickly by confining the users who have performed unauthorized logins or unauthorized downloads to the office 50. .

  Here, the notification to the administrator may be, for example, display on a personal computer to which the administrator has logged in, e-mail, or display on a display device provided in the administrator's room.

  In the present embodiment, the access monitoring unit 24 determines the download capacity based on the download capacity, but the same effect can be obtained for the number of downloads and the download target information. Also good.

  As described above, according to the present embodiment, the following effects can be obtained. In the following description, each component in the claims corresponds to each part of the present embodiment, and when the terminology is different, the latter is shown in parentheses.

  (1) Information processing apparatus (personal computers 12-1,... 12-N) and a management apparatus (entrance / exit apparatus 70) for managing entry / exit into the room (office 50) in which the information processing apparatus is installed. And a monitoring center (center 20) connected to the information processing apparatus and the management apparatus via a communication means (Internet 3) and having a database 30 installed therein. Entry / exit determination means (determination unit 6: step SA2) for determining whether to enter or leave the room, and use / non-determination means for determining whether or not the user can use the information processing apparatus, which is determined to be allowed to enter the room. (Login determination unit 25: Step SB3) and, when it is determined that the user can use the user, the user is authorized to download information from the server to the information processing apparatus accessed by the user. An authority presence / absence judging means (access monitoring unit 24: step SB13) for judging non-existence, and when it is judged that there is a download authority and the information downloaded by the user satisfies a preset condition, And a means for shutting off communication with the server (center control unit 22: step SB19). Therefore, it is possible to detect unauthorized download to the database 30 in the monitored room (office 50) with high accuracy. And illegal downloading can be disabled.

  (2) In the security monitoring system according to (1), when the preset condition is that the download capacity is greater than or equal to a preset capacity, the number of downloads is greater than or equal to a preset number, When the download target information is information that cannot be downloaded, it is possible to prevent downloading from an unauthorized database by setting these conditions.

  (3) In the security monitoring system according to (1), since the blocking unit makes the entry / exit of the user non-existent and does not have the download authority, the unauthorized download of the user after the fraud is found Can be reliably prevented.

  (4) In the security monitoring system according to (1), the entry / exit determination means includes a card reader (first card reader 8A, second card reader 8B) for reading an ID card given to the user, and a card Since the authentication unit (first authentication unit 9A, second authentication unit 9B) that checks the authentication code read by the readers 8A and 8B to determine whether it is possible or not is provided, whether to enter the room is based on the ID card Judgment can be made.

  (5) In the security monitoring system according to (1), the availability determination unit (login determination unit 25: step SB3) determines the availability based on a login password input from the information processing apparatus. Therefore, the presence of the user associated with the login password determined to be correct can be further confirmed.

  (6) In the security monitoring system according to (1), the authority presence / absence determining means (access monitoring unit 24: step SB13) is based on the login password input from the information processing apparatus, for example, the database 30 in the center 20. Since the determination is made with reference to the login password storage unit 31, unauthorized download can be reliably prevented in the center 20.

  (7) In the security monitoring system according to (1), when the shut-off means shuts off the communication, the lock means (center control unit 22, electric lock 11A for locking the door 60A for exiting from the room to the outside. ), The fraudulent user can be kept in the room.

  (8) Information processing device (PC 12-1,... 12-N) and a management device (entrance / exit device 70) that manages entry / exit into the room (office 50) in which the information processing device is installed. And a monitoring center (center 20) connected to the information processing apparatus and the management apparatus via a communication means (Internet 3) and having a database 30 installed therein, When it is determined whether to enter or leave the room (step SA2), whether the user who has been determined to be allowed to enter the room is allowed to use the information processing apparatus (step SB3), and when it is determined that the user can use the information processing apparatus Then, the user determines whether or not the user has an authority to download information from the server to the information processing apparatus accessed by the user (step SB13). Since the communication between the information processing apparatus and the server is interrupted when the information downloaded by the user deviates from preset conditions (step SB19), the information in the monitored room (office 50) It is possible to detect unauthorized downloads with respect to the database 30 with high accuracy and disable unauthorized downloads.

  The present invention is not limited to the above-described embodiments, and various modifications can be made without departing from the gist of the present invention, and all technical matters included in the technical idea described in the claims are included. The subject of the present invention. The above embodiment shows a preferable example, but those skilled in the art can realize various alternatives, modifications, variations, and improvements from the contents disclosed in this specification, These are included in the technical scope described in the appended claims.

2 site 3 internet 6 determination unit 8A first card reader 8B second card reader 9A first authentication unit 9B second authentication unit 11A first electric lock 12-1 to 12-N personal computer 20 center 22 center control unit 24 access monitoring Department 25 Login determination part 30 Database 50 Office 60A First door 70 Entrance / exit device 100 Security monitoring system

Claims (8)

An information processing apparatus; a management apparatus that manages entry / exit into a room in which the information processing apparatus is installed; and a monitoring center that is connected to the information processing apparatus and the management apparatus via a communication unit and in which a server is installed A security monitoring system including
Entry / exit determination means for determining whether the user enters or leaves the room;
Availability determination means for determining whether or not the information processing apparatus of the user determined to be allowed to enter the room is usable;
An authority presence / absence judging means for judging whether or not the user has an authority to download information to the information processing apparatus accessed by the user from the server,
A blocking means for blocking communication between the information processing apparatus and the server when the download authority is determined and the information downloaded by the user is in a preset condition;
Security monitoring system with The security monitoring system according to claim 1,
When the preset condition is that the download capacity is greater than or equal to the preset capacity, the number of downloads is greater than or equal to the preset number, and the download target information is information that cannot be downloaded, Security monitoring system that is either. The security monitoring system according to claim 1,
The security monitoring system in which the blocking means makes the entry / exit of the user non-existent and does not have the download authority. The security monitoring system according to claim 1,
The entrance / exit determination means is a security monitoring system comprising a card reader that reads an ID card given to the user, and an authentication unit that verifies the validity by checking an authentication code read by the card reader. The security monitoring system according to claim 1,
The security monitoring system, wherein the availability determination unit determines availability based on a login password input from the information processing apparatus. The security monitoring system according to claim 1,
The security monitoring system, wherein the authority presence / absence determining means determines whether or not there is a download authority based on a login password input from the information processing apparatus. The security monitoring system according to claim 1,
A security monitoring system comprising a lock unit that locks a door for exiting from the room when the blocking unit blocks the communication. An information processing apparatus; a management apparatus that manages entry / exit into a room in which the information processing apparatus is installed; and a monitoring center that is connected to the information processing apparatus and the management apparatus via a communication unit and in which a server is installed , A security monitoring method for performing security monitoring,
Determine whether the user is entering or leaving the room,
When it is determined that the user can enter the room, it is determined whether the user can use the information processing apparatus,
When it is determined that the user can use the information, the user determines whether or not the user has an authority to download information from the server to the information processing apparatus accessed by the user.
A security monitoring method for blocking communication between the information processing apparatus and the server when the download capacity of information downloaded by the user is determined to be downloadable and greater than a preset capacity.