JP2022178679A - Terminal device, information processing method and information processing program - Google Patents

Abstract

To enhance security of an existing password authentication system while maintaining password-based authentication means and an interface therefor.SOLUTION: A terminal device comprises: a reception part which receives a request for a password from an authentication server; a requesting part which requests an authenticator to perform local authentication at the request for the password; a generation part which automatically generates a password when the authenticator performs the local authentication to successfully verify the identity of a user; and a sending part which sends the generated password to the authentication server.SELECTED DRAWING: Figure 1

Description

The present invention relates to a terminal device, an information processing method and an information processing program.

A technology related to FIDO (Fast Identity Online), which uses an external authenticator, is disclosed.

JP 2020-141331 A

However, in the conventional technology described above, no consideration is given to enhancing security while maintaining the password-based authentication means and its interface in the existing password authentication system.

The present application has been made in view of the above, and it is an object of the present invention to enhance security in an existing password authentication system while maintaining password-based authentication means and its interface.

A terminal device according to the present application includes a reception unit that receives a request for a password from an authentication server, a request unit that requests local authentication to an authenticator in response to the request for the password, a result of local authentication by the authenticator, and a user and a sending unit for sending the generated password to the authentication server.

According to one aspect of the embodiments, security can be enhanced in existing password authentication systems while maintaining password-based authentication means and interfaces thereof.

FIG. 1 is an explanatory diagram showing an outline of a password registration method according to an embodiment. FIG. 2 is an explanatory diagram showing an outline of a password authentication method according to the embodiment. FIG. 3 is a diagram illustrating a configuration example of an authentication system according to the embodiment; FIG. 4 is a diagram illustrating a configuration example of a terminal device according to the embodiment; FIG. 5 is a diagram illustrating a configuration example of an authentication server according to the embodiment; FIG. 6 is a diagram showing an example of a user information database. FIG. 7 is a diagram showing an example of a history information database. FIG. 8 is a diagram showing an example of an authentication information database. FIG. 9 is a flow chart showing a processing procedure according to the embodiment. FIG. 10 is a diagram illustrating an example of a hardware configuration;

Embodiments for implementing a terminal device, an information processing method, and an information processing program according to the present application (hereinafter referred to as "embodiments") will be described in detail below with reference to the drawings. In addition, the terminal device, the information processing method, and the information processing program according to the present application are not limited to this embodiment. Also, in the following embodiments, the same parts are denoted by the same reference numerals, and overlapping descriptions are omitted.

[1. Outline of information processing method]
First, an outline of an information processing method performed by an information processing apparatus according to an embodiment will be described with reference to FIGS. 1 and 2. FIG. FIG. 1 is an explanatory diagram showing an outline of a password registration method according to an embodiment. FIG. 2 is an explanatory diagram showing an outline of a password authentication method according to the embodiment.

As shown in FIGS. 1 and 2, the authentication system 1 includes a terminal device 10, an authenticator 50, and an authentication server 100. FIG. The terminal device 10 and the authentication server 100 are connected to communicate with each other by wire or wirelessly via a network N (see FIG. 3). In this embodiment, the terminal device 10 cooperates with the authentication server 100 .

The terminal device 10 is a client device used by a user U (user). For example, the terminal device 10 is a smart device such as a smartphone or a tablet, and is a mobile terminal device capable of communicating with any server device via a wireless communication network such as 4G (Generation) or LTE (Long Term Evolution). is. The terminal device 10 has a screen such as a liquid crystal display and has a touch panel function. Accepts various operations for . An operation performed on an area where content is displayed on the screen may be an operation on the content. In addition, the terminal device 10 may be an information processing device such as a desktop PC (Personal Computer) or a notebook PC as well as a smart device.

The terminal device 10 according to the present embodiment is equipped with a FIDO-enabled Password Manager and functions as a FIDO authentication server instead of the authentication server 100 . In FIDO authentication, a user's identity is verified by an authenticator built into or externally attached to a client device such as a smart phone. In this embodiment, the identity of the user U is verified by the authenticator 50 built into or externally attached to the terminal device 10 of the user U. FIG.

Some existing password managers apply FIDO authentication using a screen lock as an authentication means for starting to use the password manager. However, this is local authentication (screen unlocking) in the terminal device, and does not perform FIDO authentication for using other websites. The FIDO-compatible password manager according to the present embodiment enhances security in an existing password authentication system while maintaining password-based authentication means and its interface.

The authenticator 50 is an authenticator built in or externally attached to the terminal device 10 of the user U, and verifies the user U's identity. For example, the authenticator 50 may be a biometric authentication function of a smartphone, or may be an external authenticator such as a USB (Universal Serial Bus) key. Also, the authenticator 50 may be implemented inside the terminal device 10 of the user U in the form of an application (application) or the like. That is, the authenticator 50 may be the user U's terminal device 10 . Also, the authenticator 50 may be an authenticator capable of communicating with the terminal device 10 of the user U by wired communication or short-range wireless communication. Note that the authenticator 50 may be an existing technology authenticator. That is, in this embodiment, the authenticator 50 has no technical features.

The authentication server 100 is an information processing device that functions as an authentication server having both FIDO authentication function and password authentication function, and is realized by a server device, a cloud system, or the like. That is, the authentication server 100 has both the FIDO authentication function and the password authentication function. For example, an authentication server of a company or the like that provides a wide variety of large-scale services may already support both the FIDO authentication function and the password authentication function.

For example, the authentication server 100 activates FIDO authentication through an existing password UI (user interface) screen of the terminal device 10 and receives authentication result information from the terminal device 10 . Thereby, the authentication server 100 introduces the FIDO authentication function into the terminal device 10 without modifying the existing interface of the terminal device 10 such as password authentication. The authentication server 100 also strengthens/updates passwords in password authentication.

In this embodiment, when the authentication server 100 already has both the FIDO authentication function and the password authentication function, when introducing a new FIDO-compatible password manager to the terminal device 10, the authentication server 100 and the terminal device 10 To provide a FIDO authentication function without altering an existing password-based interface while ensuring consistency of FIDO authentication between That is, the authentication server 100 simultaneously introduces a "local authentication means" such as a device or the like into the terminal device 10 while leaving the password-based authentication means unchanged. Here, FIDO authentication is exemplified as a local authentication means, but in practice it is not limited to FIDO authentication.

In addition, the authentication server 100 cooperates with the terminal device 10 of each user U, and provides the terminal device 10 of each user U with API (Application Programming Interface) services for various applications and various data. may At this time, the authentication server 100 may cooperate with the terminal device 10 of each user U to provide the terminal device 10 with a function as a FIDO-compatible password manager.

Also, the authentication server 100 may be an information processing device that provides some kind of web service online to the terminal device 10 of each user U. FIG. For example, the authentication server 100 serves as Web services such as Internet connection, search service, SNS (Social Networking Service), electronic commerce, electronic payment, online game, online banking, online trading, accommodation/ticket reservation, video/music distribution, etc. may provide services. In practice, the authentication server 100 may cooperate with various servers that provide web services as described above, mediate web services, or take charge of web service processing.

Also, the authentication server 100 can acquire user information about the user U. FIG. For example, the authentication server 100 acquires information about attributes of the user U, such as the user U's sex, age, and area of residence. The authentication server 100 stores and manages identification information indicating the user U (user ID, etc.) and information about the attributes of the user U. FIG.

Further, the authentication server 100 acquires various types of history information (log data) indicating actions of the user U from the terminal device 10 of the user U or from various servers based on the user ID or the like. For example, the authentication server 100 acquires a location history, which is a history of the user U's location and date and time, from the terminal device 10 . The authentication server 100 also acquires a search history, which is a history of search queries input by the user U, from a search server (search engine). Further, the authentication server 100 acquires a viewing history, which is a history of content viewed by the user U, from the content server. The authentication server 100 also acquires a purchase history (payment history), which is a history of user U's product purchases and payment processing, from an electronic commerce server or a payment processing server. Further, the authentication server 100 may acquire the exhibition history and the sales history, which are the history of the user U's exhibition in the marketplace, from the electronic commerce server or the settlement server. The authentication server 100 also acquires the posting history, which is the posting history of the user U, from a posting server that provides a word-of-mouth posting service or an SNS server.

Traditionally, security and usability issues have been widely pointed out with respect to password authentication. For example, security issues include the risk of unauthorized access from an attacker who has illegally obtained a password in some way, and the risk of cyberattacks that lure users to fake sites and steal their passwords. Also, as a usability issue, users must remember passwords for multiple online services. In addition, when small devices such as mobile phones and smartphones are required to input mixed half-width alphanumeric characters and long character strings, input is often inconvenient. In order to solve these problems with passwords, authentication methods that replace passwords and methods that implement other authentication methods in addition to passwords, such as two-factor authentication, have been introduced. It is often difficult to eliminate (abolish password authentication).

For example, even if you try to introduce a new authentication system, if password authentication is introduced in the existing authentication system, if you lose the password and introduce a new authentication method, you will be forced to change the UI and change the user experience. , which confuses the user. Also, even if a new authentication means is introduced, it is necessary to provide recovery means when the new authentication means becomes unusable. For example, since FIDO is also device-based, another means of recovery is required when a device is lost or stolen. As a means of recovery, the use of an existing password authentication system is most rational and tends to be preferred in terms of the load and cost required for introduction. Therefore, it is difficult to lose the password.

Therefore, this embodiment provides a method of enhancing security in an existing password authentication system while maintaining password-based authentication means and its interface. That is, while leaving password-based authentication methods intact, password-based authentication methods will be strengthened and local authentication methods such as devices will be introduced at the same time.

[1-1. Password registration method]
Here, a password registration method according to the embodiment will be described with reference to FIG.

For example, as shown in FIG. 1, the terminal device 10 of the user U performs password authentication on the authentication server 100 using a registered password (step S0). Note that if the user U is a new user and has not yet registered a password, this process does not have to be performed. Also, the terminal device 10 may log into the authentication server 100 by password authentication. That is, password authentication may be performed between the terminal device 10 and the authentication server 100 .

Subsequently, if the user U is a new user and has not yet registered a password, or if it is time to update the registered password, the authentication server 100 sends the password to the terminal device 10 of the user U. Request registration (step S1). Password update is also one of password registration. At this time, the authentication server 100 sends a password screen, password policy, and update recommendation to the terminal device 10 as a password registration request.

For example, the authentication server 100 provides the terminal device 10 with a UI (user interface) for ID (Identifier) and password authentication as a password screen. Note that the authentication server 100 may provide the terminal device 10 with a UI for ID and password authentication in advance in the form of an application or the like. In this case, the authentication server 100 requests the terminal device 10 to display a UI for ID and password authentication.

Also, the password policy is registered in the memory area 40A inside the terminal device 10 . Memory area 40A may be a secure area. A secure area is a memory area in which security is ensured. The password policy indicates password generation requirements for each authentication server. For example, the password must be "alphanumeric characters and symbols", "8 to 32 characters", "required to be changed periodically (every XXX months)", and "prohibited from setting the same password as the last 10 times". indicates A password policy may be written in a predetermined policy description language. Also, the password policy may be obtained in advance (by some method). Alternatively, the password policy (expressed in a policy description language) may be included in the password request sent from the authentication server to the user.

Further, the authentication server 100 confirms whether or not the current password satisfies the requirements at the time of registration/authentication request, and if it should be updated, sets a flag of "Renewal recommendation". By doing so, the password can be updated without modifying the existing UI for password authentication.

Subsequently, the terminal device 10 of the user U displays a password screen for entering the ID and password of the user U (step S2). At this time, the terminal device 10 displays a UI for authenticating the ID and password provided by the authentication server 100 .

Subsequently, the terminal device 10 of the user U requests local authentication from the authenticator 50 (step S3). For example, the terminal device 10 requests user verification from the authenticator 50 . At this time, the terminal device 10 may send a challenge to the authenticator 50 .

Subsequently, the authenticator 50 performs user verification in response to the local authentication request from the terminal device 10 (step S4). For example, the authenticator 50 performs FIDO authentication based on the biometric information acquired from the user U, and verifies the identity of the user U. The biometric information may be fingerprints, veins, faces, irises, voiceprints, or any combination thereof. Incidentally, in practice, the means for verifying the identity is not limited to biometric authentication. For example, authenticator 50 may verify identity by authentication using a token that generates a one-time password. That is, FIDO authentication based on biometric information is only an example.

Subsequently, when the identity of the user U can be verified, the authenticator 50 makes an authentication response to the terminal device 10 of the user U (step S5). That is, the authenticator 50 sends the authentication result to the terminal device 10 of the user U when the identity of the user U can be verified. At the time of initial registration, the authenticator 50 generates a key pair of a private key and a public key, and sends the public key of the generated key pair to the terminal device 10. may At this time, the authenticator 50 generates a key pair of a private key and a public key, generates a signature (electronic signature) with the private key for the challenge sent from the terminal device 10, and generates a signed challenge and the public key. and may be sent to the terminal device 10 .

Subsequently, the terminal device 10 of the user U confirms the authentication response from the authenticator 50 (step S6). At this time, the terminal device 10 may perform signature verification using the signed challenge sent from the authenticator 50 and the public key.

Subsequently, when the identity of the user U can be verified by confirming the authentication response from the authenticator 50, the terminal device 10 of the user U, in response to the "renewal recommendation" from the authentication server 100, A password is generated or updated based on the policy (step S7). That is, the terminal device 10 generates or updates the password based on the password policy when the "update recommended" flag is set.

At this time, the terminal device 10 uses the password update function 34A to generate or update the password based on the password policy. Then, the terminal device 10 associates the ID of the user U with the password and registers them in the memory area 40B inside the terminal device 10 by the password management function 34B. Memory area 40B may be a secure area. Also, the memory area 40B may be the same memory area as the memory area 40A. Note that the user U ID may be the user U's telephone number, e-mail address, or the like, or may be an arbitrary account (ID number, etc.) issued by the authentication server 100 . In addition, the terminal device 10 registers a set of the ID and password of the user U for each authentication server.

In this embodiment, the terminal device 10 automatically generates a password based on the password policy using the password update function 34A. In practice, the user U may manually set the password. For example, the terminal device 10 uses the password update function 34A to check whether the password input by the user U satisfies the password policy. Then, if the password entered by the user U satisfies the password policy, the existing password is updated to the password entered by the user U.

Subsequently, the terminal device 10 of the user U makes a registration response to the authentication server 100 (step S8). At this time, as a response to the registration request from the authentication server 100, the terminal device 10 links the ID and password of the user U and sends them to the authentication server 100 by the password sending function 34C. Note that the terminal device 10 may send the authentication assertion together with the password as a response to the registration request from the authentication server 100 . In this case, the FIDO authentication function is on the side of the authentication server 100 instead of the terminal device 10 . For example, the terminal device 10 sends an authentication assertion together with a password to the authentication server 100 through a password transmission/reception interface. Then, the authentication server 100 verifies the authentication assertion. Alternatively, the terminal device 10 may indicate to the authentication server 100 that the FIDO authentication has been completed by sending the password.

Subsequently, the authentication server 100 updates the password based on the ID and password of the user U sent from the terminal device 10 (step S9). At this time, the authentication server 100 associates the ID and password of the user U and registers them in the authentication information database 123 inside the authentication server 100 using the password management function 132A.

[1-2. Password authentication method]
Next, a password authentication method according to the embodiment will be described with reference to FIG. Note that steps S13 to S16 shown in FIG. 2 are basically the same as steps S3 to S6 shown in FIG.

For example, as shown in FIG. 2, when the authentication server 100 receives access from the terminal device 10 of the user U, the authentication server 100 requests password authentication (input) to the terminal device 10 (step S11). At this time, the authentication server 100 sends a password screen to the terminal device 10 as a password authentication request.

For example, the authentication server 100 provides the terminal device 10 with a UI (user interface) for ID and password authentication as a password screen. Note that the authentication server 100 may provide the terminal device 10 with a UI for ID and password authentication in advance in the form of an application or the like. In this case, the authentication server 100 requests the terminal device 10 to display a UI for ID and password authentication.

At this time, the authentication server 100 may raise a flag of "renewal recommendation" based on the password policy. For example, if the password policy has a requirement of “update every XX months”, the authentication server 100 flags “Renewal recommended” if XX months have passed since the previous update.

Subsequently, the terminal device 10 of the user U displays a password screen for entering the ID and password of the user U (step S12). At this time, the terminal device 10 displays a UI for authenticating the ID and password provided by the authentication server 100 .

Subsequently, the terminal device 10 of the user U requests local authentication from the authenticator 50 (step S13). That is, the terminal device 10 requests user verification from the authenticator 50 . At this time, the terminal device 10 may send a challenge to the authenticator 50 .

Subsequently, the authenticator 50 performs user verification in response to the local authentication request from the terminal device 10 (step S14). For example, the authenticator 50 performs FIDO authentication based on the biometric information acquired from the user U, and verifies the identity of the user U. FIDO authentication based on biometric information is merely an example.

Subsequently, when the identity of the user U can be verified, the authenticator 50 makes an authentication response to the terminal device 10 of the user U (step S15). That is, the authenticator 50 sends an authentication result (authentication assertion) to the terminal device 10 of the user U when the identity of the user U can be verified. At this time, the authenticator 50 may generate a signature with a private key for the challenge sent from the terminal device 10 and send the signed challenge to the terminal device 10 . At the time of authentication, there is already a public key, so there is no need to send the public key.

Subsequently, the terminal device 10 of the user U confirms the authentication response from the authenticator 50 (step S16). That is, the terminal device 10 confirms the authentication result sent from the authenticator 50 . At this time, the terminal device 10 may perform signature verification using the signed challenge sent from the authenticator 50 . Thereby, the terminal device 10 recognizes that the identity of the user U has been verified in the authenticator 50 .

Subsequently, the terminal device 10 of the user U extracts the ID and password of the user U when the identity of the user U can be verified by confirming the authentication response from the authenticator 50 (step S17). ). At this time, the terminal device 10 extracts the ID and password of the user U from the memory area 40B inside the terminal device 10 by the password management function 34B. That is, the terminal device 10 extracts the ID and password of the user U when the "renewal recommendation" flag is not set.

Subsequently, the terminal device 10 of the user U makes a registration response to the authentication server 100 (step S18). At this time, as a response to the registration request from the authentication server 100, the terminal device 10 links the ID and password of the user U and sends them to the authentication server 100 by the password sending function 34C. Also, the terminal device 10 indicates to the authentication server 100 that the FIDO authentication has been completed by sending the password.

Subsequently, the authentication server 100 verifies the ID and password sent from the terminal device 10 of the user U (step S19). At this time, the authentication server 100 uses the password management function 132A to combine the ID and password sent from the terminal device 10 of the user U with the ID of the user U registered in the authentication information database 123 inside the authentication server 100. and password to determine if they match. If they match, it is determined that the authentication is successful. Conversely, if they do not match, it is determined that authentication has failed.

[1-3. Features of the present embodiment]
In this embodiment, the terminal device 10 receives a request for a password from the authentication server 100, requests local authentication (user verification) from the authenticator 50, and as a result of the local authentication at the authenticator 50, the identity of the user U is determined. can be verified, a password is automatically generated, and the generated password is sent to the authentication server 100. - 特許庁

For example, the terminal device 10 accepts a request for a password and a password policy from the authentication server 100, and if the identity of the user U can be verified as a result of local authentication by the authenticator 50, the password is automatically set based on the password policy. and send the generated password to the authentication server 100 .

In addition, the terminal device 10 receives a request for password registration from the authentication server 100, requests local authentication from the authenticator 50 in response to the request for password registration, and as a result of the local authentication at the authenticator 50, the identity of the user U is determined. If the identity can be verified, a password is automatically generated, the generated password is managed, and the generated password is registered in the authentication server 100 .

In addition, the terminal device 10 receives a request for password authentication from the authentication server 100, requests local authentication from the authenticator 50 in response to the request for password authentication, and as a result of the local authentication at the authenticator 50, the identity of the user U is determined. If the identity can be verified, the managed password is extracted and the extracted password is sent to the authentication server 100 .

In addition, the terminal device 10 automatically generates a password that is used up to the upper limit of the password character limit specified in the password policy, manages the generated password, and registers the generated password in the authentication server 100. do. Then, when the identity of the user U can be verified, the terminal device 10 extracts the password it manages and sends the extracted password to the authentication server 100 .

Further, when a password update time is set in the password policy, the terminal device 10 automatically generates a password when the update time arrives, and updates the managed password to the generated password. , the updated password is registered in the authentication server 100 .

Note that the local authentication is FIDO authentication based on user U's biometric information, for example. Moreover, the terminal device 10 increases the strength of the password when the strength of the FIDO authentication is low. For example, the terminal device 10 can set a password policy that changes the strength of the update password according to the strength of FIDO authentication.

According to this embodiment, the user can continue to use the password authentication system without modifying the UI and protocol. In addition, although the reliability of the client device is a prerequisite, since the local authentication is performed while maintaining the password authentication, the authentication strength can be increased.

Also, the user can set a long password (to the extent that it cannot be remembered) that satisfies the password policy, and the strength of authentication can be increased. And you don't have to memorize it. For example, even if a password of 8 characters or more and 32 characters or less is allowed, conventionally, a password of 8 characters is often set because a user cannot remember a long password. However, in this embodiment, since the user does not need to memorize the password, it is possible to set a password of 32 characters, which is the upper limit of the number of characters, and security is greatly improved. In addition, a password policy can be set to flexibly change the password update frequency according to the security policy of the authentication server. In the past, users themselves had to consciously update their passwords, which took a lot of time and effort. , it can be implemented smoothly without any major barriers, triggered by daily authentication processing.

Note that 32 characters or less is just an example. In practice, the password may be longer than 32 characters. For example, a password of 64 characters or 128 characters may be used. That is, the upper limit of the character limit is arbitrary.

Also, since the password remains, even if local authentication is not possible (for some reason) and account recovery is required, the password can be used for recovery and resetting.

[2. Configuration example of authentication system]
Next, the configuration of the authentication system 1 including the authentication server 100 according to the embodiment will be described with reference to FIG. FIG. 3 is a diagram showing a configuration example of the authentication system 1 according to the embodiment. As shown in FIG. 3, the authentication system 1 according to the embodiment includes a terminal device 10, an authenticator 50, and an authentication server 100. FIG. The terminal device 10 and the authentication server 100 are communicatively connected via a network N by wire or wirelessly. The network N is, for example, a LAN (Local Area Network) or a WAN (Wide Area Network) such as the Internet.

Also, the number of devices included in the authentication system 1 shown in FIG. 3 is not limited to the illustrated one. For example, only one terminal device 10 and one authentication server 100 are shown in FIG. 3 for simplification of illustration, but this is merely an example and is not limited, and two or more of each may be used. good too.

The terminal device 10 is an information processing device used by the user U. FIG. For example, the terminal device 10 may be a smart device such as a smartphone or a tablet terminal, a PC (Personal Computer), a feature phone, a PDA (Personal Digital Assistant), a game machine with a communication function, a car navigation system, a smart watch, or a head-mounted display. and other wearable devices, smart glasses, and the like.

In addition, the terminal device 10 is compatible with wireless communication networks such as LTE (Long Term Evolution), 4G (4th Generation), 5G (5th Generation: fifth generation mobile communication system), Bluetooth (registered trademark), wireless LAN (Local It is possible to connect to the network N via short-range wireless communication such as Area Network) and communicate with the authentication server 100 .

The authentication server 100 is, for example, a PC, a server device, a mainframe, a workstation, or the like. Note that the authentication server 100 may be realized by cloud computing.

[3. Configuration example of terminal device]
Next, the configuration of the terminal device 10 will be described with reference to FIG. FIG. 4 is a diagram showing a configuration example of the terminal device 10. As shown in FIG. As shown in FIG. 4, the terminal device 10 includes a communication unit 11, a display unit 12, an input unit 13, a positioning unit 14, a sensor unit 20, a control unit 30 (controller), and a storage unit 40. Prepare.

(Communication unit 11)
The communication unit 11 is connected to the network N (see FIG. 3) by wire or wirelessly, and transmits and receives information to and from the authentication server 100 via the network N. For example, the communication unit 11 is implemented by a NIC (Network Interface Card), an antenna, or the like.

(Display unit 12)
The display unit 12 is a display device that displays various information such as position information. For example, the display unit 12 is a liquid crystal display (LCD) or an organic EL display (Organic Electro-Luminescent Display). Also, the display unit 12 is a touch panel display, but is not limited to this.

(Input unit 13)
The input unit 13 is an input device that receives various operations from the user U. For example, the input unit 13 has buttons and the like for inputting characters, numbers, and the like. The input unit 13 may be an input/output port (I/O port), a USB (Universal Serial Bus) port, or the like. Moreover, when the display unit 12 is a touch panel display, a part of the display unit 12 functions as the input unit 13 . Also, the input unit 13 may be a microphone or the like that receives voice input from the user U. FIG. The microphone may be wireless.

(Positioning unit 14)
The positioning unit 14 receives signals (radio waves) transmitted from GPS (Global Positioning System) satellites, and based on the received signals, position information (for example, latitude and longitude). That is, the positioning unit 14 positions the position of the terminal device 10 . GPS is merely an example of GNSS (Global Navigation Satellite System).

Also, the positioning unit 14 can measure the position by various methods other than GPS. For example, the positioning unit 14 may measure the position using various communication functions of the terminal device 10 as described below as auxiliary positioning means for position correction and the like.

(Wi-Fi positioning)
For example, the positioning unit 14 measures the position of the terminal device 10 using the Wi-Fi (registered trademark) communication function of the terminal device 10 or the communication network provided by each communication company. Specifically, the positioning unit 14 performs Wi-Fi communication or the like and measures the position of the terminal device 10 by measuring the distance to a nearby base station or access point.

(beacon positioning)
The positioning unit 14 may also use the Bluetooth (registered trademark) function of the terminal device 10 to measure the position. For example, the positioning unit 14 measures the position of the terminal device 10 by connecting with a beacon transmitter connected by the Bluetooth (registered trademark) function.

(geomagnetic positioning)
Further, the positioning unit 14 positions the position of the terminal device 10 based on the geomagnetism pattern of the structure measured in advance and the geomagnetic sensor provided in the terminal device 10 .

(RFID positioning)
Further, for example, if the terminal device 10 has an RFID (Radio Frequency Identification) tag function equivalent to a contactless IC card used at station ticket gates, stores, etc., or has a function of reading an RFID tag In this case, the location used is recorded together with the information that the payment was made by the terminal device 10 . The positioning unit 14 may measure the position of the terminal device 10 by acquiring such information. Also, the position may be measured by an optical sensor provided in the terminal device 10, an infrared sensor, or the like.

The positioning unit 14 may measure the position of the terminal device 10 using one or a combination of the positioning means described above, if necessary.

(Sensor unit 20)
The sensor unit 20 includes various sensors mounted on or connected to the terminal device 10 . The connection may be wired connection or wireless connection. For example, the sensors may be detection devices other than the terminal device 10, such as wearable devices and wireless devices. In the example shown in FIG. 4, the sensor unit 20 includes an acceleration sensor 21, a gyro sensor 22, an atmospheric pressure sensor 23, an air temperature sensor 24, a sound sensor 25, an optical sensor 26, a magnetic sensor 27, and an image sensor ( camera) 28.

The sensors 21 to 28 described above are only examples and are not limited. That is, the sensor unit 20 may be configured to include a part of the sensors 21 to 28, or may include other sensors such as a humidity sensor in addition to or instead of the sensors 21 to 28. .

The acceleration sensor 21 is, for example, a three-axis acceleration sensor, and detects physical movements of the terminal device 10 such as movement direction, speed, and acceleration of the terminal device 10 . The gyro sensor 22 detects physical movements of the terminal device 10 such as inclination in three axial directions based on the angular velocity of the terminal device 10 and the like. The atmospheric pressure sensor 23 detects the atmospheric pressure around the terminal device 10, for example.

Since the terminal device 10 includes the above-described acceleration sensor 21, gyro sensor 22, barometric pressure sensor 23, etc., techniques such as pedestrian dead-reckoning (PDR: Pedestrian Dead-Reckoning) using these sensors 21 to 23, etc. , the position of the terminal device 10 can be determined. This makes it possible to acquire indoor position information that is difficult to acquire with a positioning system such as GPS.

For example, a pedometer using the acceleration sensor 21 can calculate the number of steps, walking speed, and distance walked. Further, by using the gyro sensor 22, it is possible to know the traveling direction, the direction of the line of sight, and the inclination of the body of the user U. Also, from the atmospheric pressure detected by the atmospheric pressure sensor 23, the altitude at which the terminal device 10 of the user U is present and the number of floors can be known.

The temperature sensor 24 detects the temperature around the terminal device 10, for example. The sound sensor 25 detects sounds around the terminal device 10, for example. The optical sensor 26 detects the illuminance around the terminal device 10 . The magnetic sensor 27 detects, for example, geomagnetism around the terminal device 10 . The image sensor 28 captures an image around the terminal device 10 .

The atmospheric pressure sensor 23, the temperature sensor 24, the sound sensor 25, the optical sensor 26, and the image sensor 28 described above detect the atmospheric pressure, temperature, sound, and illuminance, respectively, or capture an image of the surroundings to detect the terminal device 10. It is possible to detect the surrounding environment and situations. In addition, it is possible to improve the accuracy of the location information of the terminal device 10 based on the surrounding environment and situation of the terminal device 10 .

(control unit 30)
The control unit 30 includes, for example, a microcomputer having a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM, an input/output port, and various circuits. Also, the control unit 30 may be configured by hardware such as an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array). The control unit 30 includes a transmission unit 31 , a reception unit 32 , a processing unit 33 and a management unit 34 .

(Sending unit 31)
The transmission unit 31 receives, for example, various information input by the user U using the input unit 13, various information detected by the sensors 21 to 28 mounted on or connected to the terminal device 10, and information measured by the positioning unit 14. The location information of the terminal device 10 and the like can be transmitted to the authentication server 100 via the communication unit 11 .

(Receiver 32)
The receiving unit 32 can receive various information provided by the authentication server 100 and requests for various information from the authentication server 100 via the communication unit 11 .

(Processing unit 33)
The processing unit 33 controls the entire terminal device 10 including the display unit 12 and the like. For example, the processing unit 33 can output various types of information transmitted by the transmitting unit 31 and various types of information received by the receiving unit 32 from the authentication server 100 to the display unit 12 for display.

(Management section 34)
The management unit 34 is implemented by a FIDO-compatible password manager, and performs FIDO authentication with the authenticator 50 . Note that the management unit 34 may be realized by the processing unit 33 described above. The management unit 34 has a password update function 34A, a password management function 34B, and a password sending function 34C.

(Password update function 34A)
The password update function 34A registers the password policy sent from the authentication server 100 in the internal memory area 40A of the terminal device 10 and manages it. Also, the password update function 34A creates or updates a password based on the password policy.

(Password management function 34B)
The password management function 34B associates the ID (Identifier) of the user U with the password, registers them in the memory area 40B inside the terminal device 10, and manages them. The password management function 34B also extracts the ID and password of the user U from the internal memory area 40B of the terminal device 10 .

(Password sending function 34C)
The password sending function 34C sends the user U ID and password to the authentication server 100 . The password sending function 34C may also receive a challenge from the authentication server 100. FIG. The password sending function 34C may also send a challenge to the authenticator 50 . Further, the password sending function 34C may send the ID, password, and verification result of the signature sent from the authenticator 50 to the authentication server 100 . At this time, the password sending function 34C signs the second challenge sent from the authentication server 100 instead of/together with the verification result of the signature sent from the authenticator 50, and sends the signature to the second challenge to the authentication server. You can send it to 100. Note that the password sending function 34C may be realized by the transmitting section 31 and the receiving section 32 described above.

In this way, the control unit 30 includes a reception unit that receives a request for a password from the authentication server 100, a request unit that requests local authentication (user verification) from the authenticator 50, and a result of the local authentication at the authenticator 50. It includes a generation unit that automatically generates a password when the identity of a person U can be verified, a management unit that manages the generated password, and a transmission unit that transmits the generated password to the authentication server 100. - 特許庁At this time, the transmission unit 31, the reception unit 32, the processing unit 33, and the management unit 34 function as a reception unit, a request unit, a generation unit, a management unit, and a transmission unit.

The reception unit also receives a request for a password and a password policy from the authentication server 100 . The generator automatically generates a password based on the password policy when the identity of the user U can be verified as a result of local authentication by the authenticator 50 . The sending unit then sends the generated password to the authentication server 100 .

The reception unit also receives a password registration request from the authentication server 100 . The request unit requests local authentication from the authenticator 50 in response to the password registration request. The generator automatically generates a password when the identity of the user U can be verified as a result of local authentication by the authenticator 50 . The management section manages the generated password. The sending unit then registers the generated password in the authentication server 100 .

The reception unit also receives a request for password authentication from the authentication server 100 . The request unit requests local authentication from the authenticator 50 in response to the request for password authentication. When the identity of the user U can be verified as a result of the local authentication by the authenticator 50, the management section extracts the managed password. Then, the sending unit sends the extracted password to the authentication server 100 .

In addition, the generation unit automatically generates a password that uses up to the upper limit of the password character limit specified by the password policy. The management unit manages the generated password, and extracts the managed password when the identity of the user U can be verified. Then, the sending unit registers the generated password in the authentication server 100, and sends the extracted password to the authentication server 100 when the identity of the user U can be verified.

In addition, when the password policy includes a password update time, the generation unit automatically generates a password when the update time arrives. The management unit updates the password it manages to the generated password. The sending unit then registers the updated password in the authentication server 100 .

Also, local authentication is FIDO authentication based on user U's biometric information, for example. Also, when the strength of FIDO authentication is low, the generation unit increases the strength of the password.

(storage unit 40)
The storage unit 40 is realized by, for example, a semiconductor memory device such as RAM (Random Access Memory) or flash memory, or a storage device such as HDD (Hard Disk Drive), SSD (Solid State Drive), or optical disk. be. Various programs, various data, and the like are stored in the storage unit 40 . In this embodiment, the password policy is stored in the memory area 40A inside the terminal device 10 in the storage unit 40 . Also, the ID and password of the user U are stored in the memory area 40B inside the terminal device 10 .

[4. Configuration example of the authentication server]
Next, the configuration of the authentication server 100 according to the embodiment will be described using FIG. FIG. 5 is a diagram showing a configuration example of the authentication server 100 according to the embodiment. As shown in FIG. 5, the authentication server 100 has a communication unit 110, a storage unit 120, and a control unit .

(Communication unit 110)
The communication unit 110 is realized by, for example, a NIC (Network Interface Card) or the like. Also, the communication unit 110 is connected to the network N (see FIG. 3) by wire or wirelessly.

(storage unit 120)
The storage unit 120 is realized by, for example, a semiconductor memory device such as a RAM (Random Access Memory) or flash memory, or a storage device such as a hard disk or an optical disk. As shown in FIG. 5 , storage unit 120 has user information database 121 , history information database 122 , and authentication information database 123 .

(User information database 121)
The user information database 121 stores user information about the user U. FIG. For example, the user information database 121 stores various information such as user U attributes. FIG. 6 is a diagram showing an example of the user information database 121. As shown in FIG. In the example shown in FIG. 6, the user information database 121 has items such as "user ID (Identifier)", "age", "sex", "home", "place of work", and "interest".

“User ID” indicates identification information for identifying the user U. The “user ID” may be the user U's contact information (telephone number, e-mail address, etc.), or may be identification information for identifying the user U's terminal device 10 .

"Age" indicates the age of the user U identified by the user ID. Note that the "age" may be information indicating a specific age of the user U (for example, 35 years old) or information indicating the age of the user U (for example, 30's). . Alternatively, the "age" may be information indicating the date of birth of the user U, or information indicating the generation of the user U (for example, born in the 80's). "Gender" indicates the gender of the user U identified by the user ID.

"Home" indicates location information of the home of the user U identified by the user ID. In the example shown in FIG. 6, "home" is represented by an abstract code such as "LC11", but may be latitude/longitude information or the like. Also, for example, "home" may be an area name or an address.

"Place of work" indicates location information of the place of work (school in the case of a student) of the user U identified by the user ID. In the example shown in FIG. 6, the "place of work" is illustrated as an abstract code such as "LC12", but may be latitude/longitude information or the like. Also, for example, the "place of work" may be an area name or an address.

"Interest" indicates the interest of the user U identified by the user ID. That is, "interest" indicates an object in which the user U identified by the user ID is highly interested. For example, the "interest" may be a search query (keyword) that the user U has entered into a search engine and searched for. In the example shown in FIG. 6, one "interest" is shown for each user U, but there may be more than one.

For example, in the example shown in FIG. 6, the age of the user U identified by the user ID "U1" is "twenties" and the gender is "male". Also, for example, the user U identified by the user ID "U1" indicates that the home is "LC11". Also, for example, the user U identified by the user ID "U1" indicates that the place of work is "LC12". Also, for example, the user U identified by the user ID "U1" indicates that he is interested in "sports".

Here, in the example shown in FIG. 6 , abstract values such as “U1”, “LC11” and “LC12” are used, but “U1”, “LC11” and “LC12” have specific values. It is assumed that information such as character strings and numerical values is stored. Hereinafter, abstract values may also be illustrated in diagrams relating to other information.

The user information database 121 is not limited to the above, and may store various types of information depending on the purpose. For example, the user information database 121 may store various types of information regarding the user U's terminal device 10 . In addition, the user information database 121 stores user U's demographics (demographic attributes), psychographics (psychological attributes), geographics (geographical attributes), behavioral attributes (behavioral attributes), etc. Information about attributes may be stored. For example, the user information database 121 includes name, family structure, hometown (local), occupation, position, income, qualification, residence type (detached house, condominium, etc.), presence or absence of car, commuting time, commuting time, commuting time. Information such as routes, commuter pass sections (stations, lines, etc.), frequently used stations (other than the nearest station to your home or place of work), lessons (places, time zones, etc.), hobbies, interests, lifestyle, etc. may

(History information database 122)
The history information database 122 stores various types of information related to history information (log data) indicating user U's actions. FIG. 7 is a diagram showing an example of the history information database 122. As shown in FIG. In the example shown in FIG. 7, the history information database 122 has items such as "user ID", "location history", "search history", "browsing history", "purchase history", and "posting history".

“User ID” indicates identification information for identifying the user U. "Position history" indicates a position history, which is a history of the user's U position and movement. Also, "search history" indicates a search history that is a history of search queries input by the user U. FIG. "Browsing history" indicates a browsing history that is a history of contents browsed by the user U. FIG. "Purchase history" indicates the purchase history of the user U's purchases. In addition, “posting history” indicates a posting history that is a history of posts by the user U. FIG. In addition, the “posting history” may include questions about user U's property.

For example, in the example shown in FIG. 7, the user U identified by the user ID "U1" moves along the "location history #1", searches along the "search history #1", and performs the "viewing". It indicates that the content was browsed according to the "Purchase history #1", the predetermined product etc. was purchased at the predetermined store etc. according to the "Purchase history #1", and the content was posted according to the "Posting history".

Here, in the example shown in FIG. 7, abstract history such as "U1", "location history #1", "search history #1", "browsing history #1", "purchase history #1" and "posting history #1" "U1", "location history #1", "search history #1", "browsing history #1", "purchase history #1" and "posting history #1" , information such as specific character strings and numerical values are stored.

Note that the history information database 122 may store various types of information, not limited to the above, depending on the purpose. For example, the history information database 122 may store the user U's usage history of a predetermined service. In addition, the history information database 122 may store the user U's store visit history, facility visit history, and the like. In addition, the history information database 122 may store a history of payment (electronic payment) using the terminal device 10 of the user U, and the like.

(Authentication information database 123)
The authentication information database 123 stores various kinds of information regarding user U's authentication information. FIG. 8 is a diagram showing an example of the authentication information database 123. As shown in FIG. In the example shown in FIG. 8, the authentication information database 123 has items such as "user ID" and "password".

“User ID” indicates identification information for identifying the user U. "Password" indicates a password used for user U authentication. The password is associated with the user ID. That is, the authentication information database 123 stores pairs of user IDs and passwords.

For example, in the example shown in FIG. 8, the user ID "U1" is associated with "password #1". This indicates that the password authentication of the user U identified by the user ID "U1" will be successful if the password authentication is performed using the "password #1".

Here, in the example shown in FIG. 7 , abstract values such as “U1” and “password #1” are used, but “U1” and “password #1” may contain specific character strings or numerical values. and other information are stored.

Note that the authentication information database 123 is not limited to the above, and may store various types of information depending on the purpose. For example, the authentication information database 123 may store the public key of the key pair of the private key and the public key generated by the terminal device 10 of the user U. FIG. At this time, the authentication information database 123 may store the public key sent from the terminal device 10 of the user U in association with the user ID and password. In addition, the authentication information database 123 may store information relating to the authentication request or challenge sent to the terminal device 10 of the user U and/or the second challenge. At this time, the authentication information database 123 may store information about the UI for ID and password authentication.

(control unit 130)
Returning to FIG. 5, the description is continued. The control unit 130 is a controller, and for example, a CPU (Central Processing Unit), an MPU (Micro Processing Unit), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array), or the like controls the authentication server 100. Various programs (corresponding to an example of an authentication program) stored in an internal storage device are executed by using a storage area such as a RAM as a work area. In the example shown in FIG. 5 , the control unit 130 has an acquisition unit 131 , an authentication processing unit 132 and a provision unit 133 .

(Acquisition unit 131)
The acquisition unit 131 acquires the ID and password of the user U from the terminal device 10 of the user U via the communication unit 110 . For example, the acquisition unit 131 acquires the ID and password of the user U from the terminal device 10 of the user U via the communication unit 110 when the user U is registered or authenticated.

The acquisition unit 131 also acquires user information about the user U via the communication unit 110 . For example, the acquisition unit 131 acquires identification information (user ID, etc.) indicating the user U, location information of the user U, attribute information of the user U, and the like, from the terminal device 10 of the user U. FIG. Further, the acquiring unit 131 may acquire identification information indicating the user U, attribute information of the user U, and the like when the user U is registered as the user U. Acquisition unit 131 then registers the user information in user information database 121 of storage unit 120 .

In addition, the acquisition unit 131 acquires various types of history information (log data) indicating actions of the user U via the communication unit 110 . For example, the acquisition unit 131 acquires various types of history information indicating actions of the user U from the terminal device 10 of the user U or from various servers based on the user ID or the like. The acquisition unit 131 then registers various types of history information in the history information database 122 of the storage unit 120 .

(Authentication processing unit 132)
The authentication processing unit 132 has a function of performing password authentication (password server function). Also, the authentication processing unit 132 manages authentication information of each user U. FIG. For example, the authentication processing unit 132 manages the ID and password of each user U registered from the terminal device 10 of each user U. The authentication processing unit 132 has a password management function 132A.

(Password management function 132A)
The password management function 132A associates and manages the ID and password of each user U. For example, the password management function 132</b>A registers a set of each user U's ID and password in the authentication information database 123 of the storage unit 120 . The password management function 132A also checks the ID and password sent from the terminal device 10 of the user U against the ID and password registered in the authentication information database 123 .

Further, the authentication processing unit 132 may have a function of performing FIDO authentication (FIDO server function). That is, the authentication processing unit 132 may have both the FIDO authentication function and the password authentication function.

Also, the authentication processing unit 132 may generate and manage a challenge. Also, the authentication processing unit 132 may verify a challenge sent (returned) from the terminal device 10 of the user U. For example, the authentication processing unit 132 may compare the challenge sent to the terminal device 10 of the user U with the challenge sent (returned) from the terminal device 10 of the user U. Also, the authentication processing unit 132 may perform signature verification on the signed challenge sent from the terminal device 10 of the user U using the public key.

(Providing unit 133)
The providing unit 133 transmits a registration request (password screen, password policy, update recommendation) to the terminal device 10 of the user U via the communication unit 110 . For example, the providing unit 133 provides a UI for password authentication and a password policy to the terminal device 10 of the user U via the communication unit 110 .

The providing unit 133 also transmits an authentication request (password screen) to the terminal device 10 of the user U via the communication unit 110 . For example, the providing unit 133 provides the terminal device 10 of the user U with a UI for ID and password authentication via the communication unit 110 .

The providing unit 133 may also transmit a challenge to the terminal device 10 of the user U via the communication unit 110 .

[5. Processing procedure]
Next, processing procedures by the terminal device 10, the authenticator 50, and the authentication server 100 according to the embodiment will be described with reference to FIG. FIG. 9 is a flow chart showing a processing procedure according to the embodiment. The processing procedure described below is repeatedly executed by the control unit 30 of the terminal device 10 , the authenticator 50 and the control unit 130 of the authentication server 100 .

As shown in FIG. 9, the reception unit 32 of the terminal device 10 receives a password request from the authentication server 100 via the communication unit 11 (step S101). At this time, the receiving unit 32 receives a request for password registration or a request for password authentication from the authentication server 100 . The receiving unit 32 also receives the password policy together with the password registration request.

Subsequently, the management unit 34 of the terminal device 10 requests local authentication from the authenticator 50 in response to the password request from the authentication server 100 (step S102).

Subsequently, the management unit 34 of the terminal device 10 receives the authentication response from the authenticator 50 and confirms whether the identity of the user U has been verified (step S103). At this time, if the identity of the user U cannot be verified (step S103: No), the management unit 34 terminates the series of processes.

Subsequently, when the identity of the user U can be verified (step S103: Yes), the management unit 34 of the terminal device 10 confirms whether or not the update recommendation flag is set (step S104). The update recommendation flag is set according to a request from the authentication server 100 and password policy.

Subsequently, when the update recommendation flag is set (step S104: Yes), the management unit 34 of the terminal device 10 generates a password based on the password policy and manages the generated password (step S105). For example, the management unit 34 updates the password managed by the terminal device 10 to the generated password. Note that the management unit 34 manages the password for each authentication server.

Subsequently, the transmission unit 31 of the terminal device 10 transmits the generated password to the authentication server 100 via the communication unit 11 (step S106).

Subsequently, the authentication processing unit 132 of the authentication server 100 uses the password management function 132A to register the password sent from the terminal device 10 (step S107). For example, the authentication processing unit 132 updates the password registered in the authentication server 100 with a new password sent from the terminal device 10 .

If the update recommendation flag is not set (step S104: No), the management unit 34 of the terminal device 10 extracts the managed password (step S108). For example, the management unit 34 extracts the password corresponding to the authentication server that is the response destination.

Subsequently, the transmission unit 31 of the terminal device 10 transmits the extracted password to the authentication server 100 via the communication unit 11 (step S109).

Subsequently, the authentication processing unit 132 of the authentication server 100 verifies the password sent from the terminal device 10 by the password management function 132A (step S110). For example, the authentication processing unit 132 checks the password registered in the authentication server 100 against the password sent from the terminal device 10 .

[6. Modification]
The terminal device 10 and the authentication server 100 described above may be implemented in various different forms other than the above embodiments. So, below, the modification of embodiment is demonstrated.

In the above embodiment, part or all of the processing executed by the authentication server 100 may actually be executed by the terminal device 10 . For example, the processing may be completed stand-alone (by the terminal device 10 alone). In this case, it is assumed that the terminal device 10 has the function of the authentication server 100 in the above embodiment. In addition, in the above-described embodiment, the terminal device 10 cooperates with the authentication server 100, so from the user U's point of view, it appears that the terminal device 10 is executing the processing of the authentication server 100 as well. That is, from another point of view, it can be said that the terminal device 10 includes the authentication server 100 .

Further, in the above embodiment, the sensor section 20 (various sensors 21 to 28) of the terminal device 10 may be used as the authenticator 50. FIG. In this case, the terminal device 10 also functions as the authenticator 50 . For example, the terminal device 10 estimates the context (situation) of the user U based on sensor information indicating the detection result of the sensor unit 20 . Then, the terminal device 10 performs user verification using the user U's context information. The context information of the user U may be any or a combination of behavior such as acceleration and angular velocity, ambient sounds, temperature/humidity/illuminance of the location, location information, and the like.

[7. effect〕
As described above, the terminal device 10 according to the present application includes a reception unit that receives a request for a password from the authentication server 100, a request unit that requests local authentication from the authenticator 50, a local authentication result from the authenticator 50, It includes a generation unit that automatically generates a password when the identity of the user U can be verified, and a transmission unit that transmits the generated password to the authentication server 100 .

The reception unit also receives a request for a password and a password policy from the authentication server 100 . The generator automatically generates a password based on the password policy when the identity of the user U can be verified as a result of local authentication by the authenticator 50 . The sending unit then sends the generated password to the authentication server 100 .

Moreover, the terminal device 10 according to the present application further includes a management unit that manages the generated password. Then, the reception unit receives a password registration request from the authentication server 100 . The request unit requests local authentication from the authenticator 50 in response to the password registration request. The generator automatically generates a password when the identity of the user U can be verified as a result of local authentication by the authenticator 50 . The management section manages the generated password. The sending unit then registers the generated password in the authentication server 100 .

The reception unit also receives a request for password authentication from the authentication server 100 . The request unit requests local authentication from the authenticator 50 in response to the request for password authentication. When the identity of the user U can be verified as a result of the local authentication by the authenticator 50, the management section extracts the managed password. Then, the sending unit sends the extracted password to the authentication server 100 .

In addition, the generation unit automatically generates a password that uses up to the upper limit of the password character limit specified by the password policy. The management unit manages the generated password, and extracts the managed password when the identity of the user U can be verified. Then, the sending unit registers the generated password in the authentication server 100, and sends the extracted password to the authentication server 100 when the identity of the user U can be verified.

In addition, when the password policy includes a password update time, the generation unit automatically generates a password when the update time arrives. The management unit updates the password it manages to the generated password. The sending unit then registers the updated password in the authentication server 100 .

Local authentication is FIDO authentication based on user U's biometric information. Also, when the strength of FIDO authentication is low, the generation unit increases the strength of the password.

By any one or a combination of the above processes, the information processing apparatus according to the present application can enhance security in an existing password authentication system while maintaining password-based authentication means and its interface.

[8. Hardware configuration]
Also, the terminal device 10 and the authentication server 100 according to the above-described embodiments are implemented by a computer 1000 configured as shown in FIG. 10, for example. The authentication server 100 will be described below as an example. FIG. 10 is a diagram illustrating an example of a hardware configuration; The computer 1000 is connected to an output device 1010 and an input device 1020, and an arithmetic device 1030, a primary storage device 1040, a secondary storage device 1050, an output I/F (Interface) 1060, an input I/F 1070, and a network I/F 1080 are buses. It has a form connected by 1090.

The arithmetic device 1030 operates based on programs stored in the primary storage device 1040 and the secondary storage device 1050, programs read from the input device 1020, and the like, and executes various processes. The arithmetic unit 1030 is implemented by, for example, a CPU (Central Processing Unit), MPU (Micro Processing Unit), ASIC (Application Specific Integrated Circuit), FPGA (Field Programmable Gate Array), or the like.

The primary storage device 1040 is a memory device such as a RAM (Random Access Memory) that temporarily stores data used for various calculations by the arithmetic device 1030 . The secondary storage device 1050 is a storage device in which data used for various calculations by the arithmetic device 1030 and various databases are registered. State Drive), flash memory, or the like. The secondary storage device 1050 may be an internal storage or an external storage. Also, the secondary storage device 1050 may be a removable storage medium such as a USB (Universal Serial Bus) memory or an SD (Secure Digital) memory card. Also, the secondary storage device 1050 may be a cloud storage (online storage), a NAS (Network Attached Storage), a file server, or the like.

The output I/F 1060 is an interface for transmitting information to be output to the output device 1010 that outputs various information such as a display, a projector, and a printer. (Digital Visual Interface), HDMI (registered trademark) (High Definition Multimedia Interface), and other standardized connectors. Also, the input I/F 1070 is an interface for receiving information from various input devices 1020 such as a mouse, keyboard, keypad, buttons, scanner, etc., and is realized by, for example, USB.

Also, the output I/F 1060 and the input I/F 1070 may be wirelessly connected to the output device 1010 and the input device 1020, respectively. That is, the output device 1010 and the input device 1020 may be wireless devices.

Also, the output device 1010 and the input device 1020 may be integrated like a touch panel. In this case, the output I/F 1060 and the input I/F 1070 may also be integrated as an input/output I/F.

Note that the input device 1020 includes, for example, optical recording media such as CDs (Compact Discs), DVDs (Digital Versatile Discs), PDs (Phase change rewritable discs), magneto-optical recording media such as MOs (Magneto-Optical discs), and tapes. It may be a device that reads information from a medium, a magnetic recording medium, a semiconductor memory, or the like.

Network I/F 1080 receives data from other devices via network N and sends the data to arithmetic device 1030, and also transmits data generated by arithmetic device 1030 via network N to other devices.

Arithmetic device 1030 controls output device 1010 and input device 1020 via output I/F 1060 and input I/F 1070 . For example, arithmetic device 1030 loads a program from input device 1020 or secondary storage device 1050 onto primary storage device 1040 and executes the loaded program.

For example, when computer 1000 functions as authentication server 100 , computing device 1030 of computer 1000 implements the functions of control unit 130 by executing a program loaded on primary storage device 1040 . Further, arithmetic device 1030 of computer 1000 may load a program acquired from another device via network I/F 1080 onto primary storage device 1040 and execute the loaded program. Further, the arithmetic unit 1030 of the computer 1000 may cooperate with another device via the network I/F 1080, and call functions, data, etc. of the program from another program of the other device for use.

[9. others〕
Although the embodiments of the present application have been described above, the present invention is not limited by the contents of these embodiments. In addition, the components described above include those that can be easily assumed by those skilled in the art, those that are substantially the same, and those within the so-called equivalent range. Furthermore, the components described above can be combined as appropriate. Furthermore, various omissions, replacements, or modifications of components can be made without departing from the gist of the above-described embodiments.

Further, among the processes described in the above embodiments, all or part of the processes described as being automatically performed can be manually performed, or the processes described as being performed manually can be performed manually. All or part of this can also be done automatically by known methods. In addition, information including processing procedures, specific names, various data and parameters shown in the above documents and drawings can be arbitrarily changed unless otherwise specified. For example, the various information shown in each drawing is not limited to the illustrated information.

Also, each component of each device illustrated is functionally conceptual, and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution and integration of each device is not limited to the illustrated one, and all or part of them can be functionally or physically distributed and integrated in arbitrary units according to various loads and usage conditions. Can be integrated and configured.

For example, the authentication server 100 described above may be implemented by a plurality of server computers, and depending on the function, an external platform may be called using an API (Application Programming Interface), network computing, or the like. Flexible to change.

Also, the above-described embodiments and modifications can be appropriately combined within a range that does not contradict the processing contents.

Also, the above-mentioned "section, module, unit" can be read as "means" or "circuit". For example, the acquisition unit can be read as acquisition means or an acquisition circuit.

1 authentication system 10 terminal device 34 management unit 34A password update function 34B password management function 34C password sending function 40A memory area 40B memory area 50 authenticator 100 authentication server 110 communication unit 120 storage unit 121 user information database 122 history information database 123 authentication Information database 130 Control unit 131 Acquisition unit 132 Authentication processing unit 132A Password management function 133 Provision unit

A terminal device according to the present application includes a reception unit that receives a request for a password from an authentication server that has both a FIDO authentication function and a password authentication function; a request unit that requests FIDO authentication from an authenticator in response to the password request; a generation unit that automatically generates a password when the user's identity can be verified as a result of FIDO authentication by the authenticator; and a sending unit that sends the generated password to the authentication server , The sending unit is characterized by sending the password to indicate to the authentication server that the FIDO authentication has been completed .

A terminal device according to the present application includes a reception unit that receives a request for FIDO authentication and a password from an authentication server having both FIDO authentication function and password authentication function, and an authenticator in response to the request for FIDO authentication and password from the authentication server. a request unit for requesting FIDO authentication to the authentication device; a generation unit for automatically generating a password when the identity of the user can be verified as a result of the FIDO authentication by the authenticator; and sending the generated password to the authentication server. and a sending unit that sends the generated password to the authentication server as an authentication assertion in FIDO authentication, and sends the password to the authentication server to indicate that FIDO authentication has been completed. and both FIDO authentication and password authentication in the authentication server succeed .

Claims (10)

a reception unit that receives a request for a password from an authentication server;
a request unit that requests local authentication from an authenticator in response to the request for the password;
a generator that automatically generates a password when the identity of the user is verified as a result of the local authentication by the authenticator;
a sending unit for sending the generated password to the authentication server;
A terminal device comprising: The reception unit receives a password request and a password policy from the authentication server,
The generating unit automatically generates a password based on the password policy when the identity of the user can be verified as a result of the local authentication by the authenticator,
The terminal device according to claim 1, wherein the sending unit sends the generated password to the authentication server. It further has a management unit that manages the generated password,
The reception unit receives a password registration request from the authentication server,
The request unit requests local authentication from the authenticator in response to the password registration request,
The generating unit automatically generates a password when the identity of the user can be verified as a result of the local authentication by the authenticator,
The management unit manages the generated password,
3. The terminal device according to claim 2, wherein the sending unit registers the generated password in the authentication server. The reception unit receives a request for password authentication from the authentication server,
The request unit requests local authentication from the authenticator in response to the request for password authentication,
When the identity of the user can be verified as a result of the local authentication by the authenticator, the management unit extracts the managed password,
The terminal device according to claim 3, wherein the sending unit sends the extracted password to the authentication server. The generation unit automatically generates a password that is used up to the upper limit of the password character limit specified in the password policy,
The management unit manages the generated password, extracts the managed password when the identity of the user can be verified,
5. The sending unit registers the generated password in the authentication server, and sends the extracted password to the authentication server when the identity of the user can be verified. Terminal equipment as described. The generating unit automatically generates a password when the password update time is set in the password policy, and
The management unit updates the password under management to the generated password,
The terminal device according to any one of claims 3 to 5, wherein the sending unit registers the updated password in the authentication server. The terminal device according to any one of claims 1 to 6, wherein said local authentication is FIDO authentication based on user's biometric information. The terminal device according to any one of claims 1 to 7, wherein the generation unit increases the strength of the password when the strength of FIDO authentication is low. An information processing method executed by a terminal device,
a receiving step of receiving a request for a password from an authentication server;
a requesting step of requesting local authentication from an authenticator in response to the request for the password;
a generation step of automatically generating a password when the user's identity can be verified as a result of local authentication by the authenticator;
a sending step of sending the generated password to the authentication server;
An information processing method comprising: a reception procedure for receiving a request for a password from an authentication server;
a request procedure for requesting local authentication from an authenticator in response to a request for said password;
a generation procedure for automatically generating a password when the identity of a user can be verified as a result of local authentication by the authenticator;
a sending procedure for sending the generated password to the authentication server;
An information processing program for causing a computer operating as a terminal device to execute.

Images