JP3904533B2 - Login management system and method - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a login management system and method thereof, and more particularly to improving both convenience and security related to login work.
[0002]
[Prior art]
In order to permit only a specific client device to log in to a predetermined system or log in to a web service, a system using a password is operated. As such a system, for example, in order to perform maintenance of a corporate system, a person in charge of the system may log in to the corporate system from a personal computer at home (hereinafter referred to as “PC”) to deal with the trouble.
[0003]
When permitting a specific client device to log in, it is necessary to prevent a third party from logging in due to password leakage or the like from the viewpoint of maintaining security. Furthermore, it is preferable to allow only the minimum necessary login to the system staff.
[0004]
Conventionally, for the purpose of permitting the minimum necessary login for a specific client device, the system side issues a temporarily usable one-time password to the specific client device and uses it to log in. Technology is being used. Since it is a one-time password, even if the password is leaked, login is not permitted and security can be maintained.
[0005]
However, according to the prior art, when communication disconnection occurs after the system administrator logs in with the PC, the system administrator who has permitted the login authenticates the system operator using verbal means such as telephone. Therefore, a process for reissuing the one-time password to the person in charge of the system (manual password issuing process) was necessary.
[0006]
As described above, when a plurality of terminal devices connected via a communication network are disconnected due to a failure, a method that allows reconnection without performing complicated processing is as follows: There is a technique in which a simple login password used for reconnection is transmitted from the server side to the terminal device, and the connection with the terminal device is recovered based on the password (see, for example, Patent Document 1).
[0007]
[Patent Document 1]
JP 2002-344484 A (FIG. 5)
[Problems to be solved by the invention]
According to the above-described technique, the user of the terminal device can reconnect without performing complicated processing even when the communication with the server side is interrupted.
[0008]
However, the above simple login password allows multiple logins to cope with communication interruption, and if it is leaked to a third party, there is a possibility that an unauthorized login will be performed by the password. is there. Therefore, as a technique for managing login, a technique that satisfies both convenience of work related to re-login after interruption of communication and safety related to login is desired.
[0009]
SUMMARY OF THE INVENTION The present invention has been made in view of the above demands, and it is an object of the present invention to provide a login management system and method that can improve both convenience and security regarding login work.
[0010]
[Means for Solving the Problems and Effects of the Invention]
  1) The login management system of the present invention
  A login management system comprising a login management device and a terminal device capable of communicating with the login management device,
  The login management device includes:
  Password information generating means for generating password information including at least one of the first password and the second password;
  Transmitting means for transmitting the password information to the terminal device;
  Recording means for recording the password information in a password recording unit;
  Password receiving means for receiving the first password or the second password transmitted from the terminal device;
  With the received first password,Password information recorded in the password recording unitMatches the first password contained inAnd the first passwordNo history of authenticatingA first password authenticating means for authenticating the first password,
  A login permission means for permitting login of the terminal device when the first password is authenticated;
  If the second password is received from the terminal device after the login state is interrupted, the second password and,Password information recorded in the password recording unitMatches the second password contained inA second password authenticating means for authenticating the second password in the case,
  An update password transmitting means for transmitting to the terminal device a first password different from the first password generated by the password information generating means when the second password is authenticated;
  With
  The terminal device
  Receiving means for receiving the password information;
  Password transmission means for transmitting the first password or the second password to the login management device;
  It is provided with.
2) The login management system of the present invention
The first password authentication means changes the value of the login flag at the first authentication of the first password, and determines whether there is a history of authenticating the first password based on the value of the login flag. It is characterized by.
[0011]
With these features, the terminal device can log in again by acquiring a new first password through transmission of the second password even when the login state is interrupted.
[0012]
6) The login management device of the present invention further includes:
A biometric feature data recording unit for preliminarily recording biometric features of the user of the terminal device as biometric feature data;
The first password authentication unit or the second password authentication unit is configured to perform the authentication based on the biometric feature data recording unit and biometric feature data transmitted from the terminal device in addition to the first password or the second password. It is characterized by judging whether or not
The terminal device further includes:
Biometric feature data acquisition means for acquiring biometric features of the user of the terminal device as biometric feature data,
The password transmitting means transmits the acquired biometric feature data in addition to the first password or the second password;
It is characterized by.
[0013]
Based on these features, the login management system can determine whether or not the user who previously recorded the biometric feature data matches the user of the terminal device that transmitted the password. By allowing the login of only the user of a specific terminal device, unauthorized login by a third party can be prevented.
[0014]
7) The update password transmission means of the login management device of the present invention comprises:
If the second password is authenticated, transmitting a first password different from the first password and a second password different from the second password to the terminal device;
It is characterized by.
[0015]
With this feature, the terminal device can acquire a combination of the new first password and the new second password for login to the login management device.
[0016]
8) The second password authentication means of the login management device of the present invention comprises:
Disabling authentication of the second password before the second password after the update password transmitting means completes transmission of the first password and the second password to the terminal device;
It is characterized by.
[0017]
With this feature, the second password can be used only to acquire a password combination for the next re-login after communication interruption. That is, after the terminal device acquires a combination of passwords, the second password used for the acquisition cannot be used. Therefore, the risk of unauthorized access due to leakage of the second password can be reduced.
[0018]
9) The terminal device of the present invention further includes:
Before the terminal device logs in to the login management system, the user is prompted to input the first password. On the other hand, if the login state is interrupted, the user is prompted to input the second password. Password input requesting means for prompting
It is characterized by having.
[0019]
With this feature, the user of the terminal device can easily determine which of the first password and the second password is to be input.
[0020]
10) The terminal device of the present invention further includes:
State monitoring means for outputting a login interruption signal when the login state to the login management system by the terminal device is interrupted,
With
The password transmission means further includes:
When logging in to the login management device, the first password is transmitted to the login management device. On the other hand, when the login interruption signal is acquired, the second password is transmitted to the login management device. ,
It is characterized by.
[0021]
With this feature, the user of the terminal device can save the trouble of inputting the first password and the second password.
[0022]
Hereinafter, definitions of terms will be described.
[0023]
In this invention,
The “password” is a concept including a character string, a symbol, or an identifier in general for identifying a predetermined device or user. This “password” includes those expressed in plain text, encrypted, or converted into another format based on a predetermined rule. In the embodiment, the login password or the reissue request password corresponds to this “password”.
[0024]
DETAILED DESCRIPTION OF THE INVENTION
A “login system” as an embodiment of the login management system of the present invention will be described. This login system is a system that makes it possible to improve both the convenience and security of the operation of the user of the terminal device when the terminal device logs in to the login management device. More specifically, this system enables a user of a terminal device to log in again with a simple operation and prevents unauthorized login by a third party when communication interruption occurs after login. .
[0025]
In the following description, processing from login to log-in to the login management device by the terminal device will be described as the first embodiment. Here, “login” means that a computer system resource can be accessed. On the other hand, “logout” refers to eliminating a state in which the computer system resource can be accessed. Next, as the second to fourth embodiments, a re-login process will be described assuming that communication is interrupted after the login described in the first embodiment. In the fifth embodiment, an example of performing so-called biometric authentication (biometric authentication) processing in addition to password authentication used in the present system will be described.
[0026]
In the description of each embodiment, the description will be focused on the description until the terminal device logs in to the login management device. Therefore, in the embodiment of the present invention, the purpose of permitting a specific user to log in, the operation content permitted to the user after login, and the like are not particularly limited. This system shows an example in which a user of a terminal device uses a predetermined application existing in the login management device after login. As another example, the present invention can be applied to a general system in which a login management device permits a specific terminal device to log in for a predetermined period. Specifically, this system allows only specific system personnel to log in for remote operation (remote login) to deal with computer system troubles, view bank account information, deposit and withdrawal A login management mechanism that allows only the principal, etc., a login management mechanism that allows only specific investors to view information such as price movements and investment / profit status of financial products, and a mechanism that provides information to specific individuals Etc. are applicable.
[0027]
Hereinafter, the outline of the login system, the hardware configuration of the apparatus, the correspondence between the terms described in the claims and the embodiments will be described, and then each embodiment will be described.
table of contents
1. Overview of the login system
2. Hardware configuration etc.
3. Correspondence between terminology described in claims and embodiment
4). First embodiment (login to logout)
5. Second to fourth embodiments
6). Fifth embodiment (fingerprint authentication)
7). Effects of the embodiment
8). Other embodiments
-------------------
--1. Overview of login system
FIG. 1 is a schematic of a login system as a login management system according to an embodiment. The login system includes a client personal computer (hereinafter referred to as “PC”) 100, a fingerprint authentication device 200 connected to the client PC 100, and a login management server 300.
[0028]
The client PC 100 is used by a user who attempts to log in to the login management server 300. The login management server 300 performs login authentication processing by the client PC 100 and the like. The client PC 100 and the login management server 300 can be connected via the Internet 400.
[0029]
The client PC 100 records the password holding table 150. The login management server 300 records a password management database (hereinafter referred to as “DB”) 350 and a fingerprint management DB 370. The contents recorded in each database will be described later. Each of the password holding table 150 and the password management DB 350 is recorded in the hard disk of each device in the embodiment, but is not limited thereto, and is recorded in a device that is physically independent of each device. Also good.
[0030]
Next, the outline of the processing of the login system will be described based on FIG. (1) The login management server 300 transmits the first password and the second password to the specific client PC 100. The first password is a login password, and one of the second passwords is a password for requesting issuance of a new first password and a new second password. (2) After receiving these passwords, the client PC 100 transmits the first password to the login management server 300 and logs in according to the user's operation. At this time, the login management server 300 authenticates the first password. This first password is a so-called one-time password. Therefore, after authenticating the first password once, the login management server 300 does not permit login even if the same first password is received again.
[0031]
If communication is interrupted after login, the following processing is performed. (3) The client PC 100 transmits the second password to the login management server 300 in response to a user operation. (4) After the authentication of the second password, the login management server 300 transmits a new first password and a new second password, which are different from the first password and the second password that have already been transmitted, to the client PC 100. (5) After receiving these passwords, the client PC 100 transmits a new first password to the login management server 300 and logs in again in accordance with a user operation.
[0032]
As described above, the login management server 300 always gives the client PC 100 two passwords (password set), the first password and the second password. The first password is used to log in to the login management server 300. On the other hand, the second password is used to request the login management server 300 to issue a new password set. Specifically, the second password is a password for requesting reissuance of a new password set including a password for re-login after interruption of communication.
[0033]
Since the first password is a one-time password, it cannot be used for re-login after communication interruption. However, the client PC 100 acquires a new password set again by using one of the second passwords. Therefore, the client PC 100 can easily log in again to the login management server 300 even after the communication is interrupted.
[0034]
Note that the concept of “communication interruption” in the embodiment corresponds to “interruption of login state” described in the claims. “Communication interruption” is a concept including a case where a program executed by the CPU of the client PC 100 or the login management server 300 stops after login, in addition to an unintended communication interruption or intentional communication interruption by either of the two devices. is there.
[0035]
In the present embodiment, a program dedicated to this system is used as software for the client PC 100 to access the login management server 300 on the Internet 400. However, not only a dedicated program but also a general browser program such as Microsoft Internet Explorer (trademark) may be used.
[0036]
Details of each processing of FIG. 2 described above will be described in the first to fourth embodiments.
[0037]
--2. Hardware configuration, etc.
2-1. Function block
FIG. 3 shows a functional block diagram of the login system. The client PC 100 includes a receiving unit 500 that receives password information, a password transmitting unit 512 that transmits a password, a password input request unit 514 that requests the user to input a password, and biometric feature data acquisition that acquires biometric feature data of the user. Means 516 and state monitoring means 518 for monitoring whether or not the login state is interrupted.
[0038]
On the other hand, the service server 300 includes a password information generation unit 552 that generates password information, a transmission unit 550 that transmits password information, a recording unit 554 that records password information, and a password reception unit 562 that receives a password transmitted from the client PC 100. The first password authentication means 560 for authenticating the first password, the login permission means 566 for permitting login according to the processing of the means 560, the second password authentication means 558, and the update password transmission for transmitting a new password according to the processing of the means 558 Means 564 includes a biometric feature data recording unit 556 that records biometric feature data.
[0039]
2-2. Client PC
FIG. 4 is an example of a hardware configuration when the client PC 100 of FIG. 3 is realized using a CPU. The client PC 100 includes a CPU 10, a keyboard / mouse 11, a memory 12, a display 13, a hard disk 14, a speaker 15, and a communication circuit 16 for connecting to the Internet 400.
[0040]
The CPU 10 controls the entire client PC 100. The memory 12 provides a work area of the CPU 10 and the like. The hard disk 14 stores a password holding table 150, a program for operating the CPU 10, a browser program for browsing the web, and the like. Operation information generated by operating the keyboard / mouse 11 is input to the CPU 10, and image information and audio information generated by the CPU 10 are output to the display 13 and the speaker 15, respectively.
[0041]
2-3. Login management server
FIG. 5 is an example of a hardware configuration when the service server 300 of FIG. 3 is realized using a CPU. The service server 300 includes a CPU 30, a keyboard / mouse 31, a memory 32, a display 33, a hard disk 34, a speaker 35, and a communication circuit 36 for connecting to the Internet 400.
[0042]
The CPU 30 controls the login management server 300 as a whole. The memory 32 provides a work area of the CPU 30 and the like. The hard disk 34 stores a password management DB 350 and fingerprint management DB 370, a server program for operating the CPU 30, an application program used by the user of the client PC 100, a browser program for browsing the web, and the like. Operation information generated by operating the keyboard / mouse 31 is input to the CPU 30, and image information and audio information generated by the CPU 30 are output to the display 33 and the speaker 35, respectively.
[0043]
In the present embodiment, Windows (registered trademark) XP, NT, 2000 or the like of Microsoft Corporation is used as an example of the operating system (OS) of the client PC 100 and the login management server 300. The program of this embodiment realizes each function in cooperation with the OS. However, the present invention is not limited to this, and each function may be realized by the program alone.
[0044]
2-4. The database
A configuration example of the database of this system will be described. In this system, the login management server 300 records a password management DB 350 and a fingerprint management DB 370. On the other hand, the client PC 100 records the password holding table 150. The fingerprint management DB 370 will be described later in the fifth embodiment.
[0045]
FIG. 6 is a configuration example of the password management DB 350 that the login management server 300 records in the hard disk 34 (or the memory 32, the same applies hereinafter). In the password management DB 350, information related to the password set issued by the login management server 300 to the client PC is recorded. In the figure, a valid password set is recorded for a plurality of users. This password set includes a login password (Password (PW)) as a first password and a reissue request password as a second password.
[0046]
Specifically, the password management DB 350 includes a “user ID”, a “login password”, a “login flag” indicating whether login authentication is performed, a “reissue request password”, a password of the client PC 100 that has issued the password. Each information of “issue time” indicating the transmission time of the set, “expiration date” indicating the expiration date of the password set, and “valid application” requested by the user of the client PC 100 via login is recorded for each user. The
[0047]
FIG. 7 is a configuration example of the password holding table 150 that the client PC 100 records on the hard disk 14 (or the memory 12, the same applies hereinafter). In the password holding table 150, information regarding the password set received from the login management server 300 is recorded for each client PC. In FIG. 7, as an example of the password holding table 150, information related to the password set for the user ID “A001” in the password management DB 350 of FIG. 6 is recorded.
[0048]
Specifically, each information of “valid application”, “login password”, “login flag”, “reissue request password”, “issue time”, and “expiration date” is recorded in the password holding table 150. .
[0049]
--3. Correspondence between Terms and Embodiments described in Claims-
The correspondence between the terms described in the claims and the embodiments is as follows.
[0050]
The “login management device” corresponds to the login management server 300, and the “terminal device” corresponds to the client PC 100. The “first password” corresponds to the login password, and the “second password” corresponds to the reissue request password.
[0051]
“Password information” corresponds to information including a login password and a reissue request password transmitted in step S803 of FIG. 8, step S1007 of FIG. The “password information generating unit” corresponds to the CPU 30 that performs the process of FIG. 8S801, FIG. 10S1005, or the like. The “transmission means” corresponds to the CPU 30 that performs the processing of FIG. 8S803, FIG. 10S1007, or the like.
[0052]
The “recording unit” corresponds to the CPU 30 that performs the process of recording information including the password in the memory 32 in FIG. 8S801 or the process of recording the password in the password management DB 350 in FIG. 9S903. The “password recording unit” corresponds to the memory 32 or the password management DB 350 that records information including a password. The “password receiving unit” corresponds to the CPU 30 that performs a process of receiving a password transmitted by the process of FIG. 8S856 or 10S1056.
[0053]
The “first password authentication unit” corresponds to the CPU 30 that performs the processing of FIG. The “login permission unit” corresponds to the CPU 30 that performs the processing in FIG. The “second password authentication unit” corresponds to the CPU 30 that performs Y1 authentication transmitted by the process of FIG. The “update password transmission unit” corresponds to the CPU 30 that performs the processing in FIG.
[0054]
The “reception unit” corresponds to the CPU 10 of the client PC 100 that performs the process of receiving information including X and Y transmitted by the process of FIG. The “password transmission unit” corresponds to the CPU 10 that performs the processing of FIG. 8S856 or FIG. 10S1056.
[0055]
“Biological feature” corresponds to information about a fingerprint, and “biological feature data” corresponds to fingerprint image data. The “biometric feature data recording unit” corresponds to the fingerprint management DB 370 illustrated in FIG. The “biometric feature data acquisition unit” corresponds to the fingerprint authentication device 200 that operates according to a command from the CPU 10. The “password input request unit” corresponds to the CPU 10 that performs the process of FIG. 8S852 or the process of FIG. 10S1052.
[0056]
--4. First embodiment (login to logout)-
As a first embodiment of the login system, a process from when the client PC 100 logs in to the login management server 300 and using a predetermined application until logging out will be described. This system shows an example in which a user of a terminal device uses a predetermined application existing in the login management device after login. In the second to fourth embodiments described later, an example in which communication interruption occurs after login in the first embodiment will be described. The flowchart of the program described below is an example, and can be modified by a method well known to those skilled in the art.
[0057]
Based on FIGS. 8 and 9, a flowchart of a program executed by the CPU of each device in the first embodiment will be described.
[0058]
After receiving the request from the client PC 100, the CPU 30 of the login management server 300 generates information including the login password and the reissue request password according to the user's operation, and temporarily records it in the memory 32 (step S801). ). Here, the CPU 30 automatically generates a random number password that is not the same as the password already recorded in the password management DB 350 in FIG. 6 (the same applies to the password generation described below). However, the password may be generated manually by the user of the login management server 300.
[0059]
In association with the password, the CPU 30 temporarily records, in the memory 32, each information of a user ID, a login flag, an issue time, an expiration date, and an effective application that specify the user of the client PC 100 that is the password issue destination. These information contents will be described later.
[0060]
Hereinafter, the login password is “X”, and one reissue request password is “Y”. The numbers after “X” and “Y” are for distinguishing from passwords of the same type issued later by the CPU 30. Specifically, the login password in S801 is “X1”, and the reissue request password is “Y1”. The request from the client PC 100, which is the premise of S801, is, for example, by telephone or e-mail contact from the user of the client PC 100 to the user of the login management server 300.
[0061]
The CPU 30 starts up the server program and transmits information including X1 and Y1 to the client PC 100 (S803). Specifically, the CPU 30 transmits information on X1, Y1, issue time, expiration date, and valid application. The identification of the client PC 100 on the Internet 400 by the CPU 30 uses, for example, an IP address. The transmission of the password in S803 may be performed using an e-mail program or the like after encrypting the passwords X1 and Y1.
[0062]
The CPU 10 of the client PC 100 starts up a program (a program dedicated to this system, etc.) in response to a user operation, receives and decodes information including X1 and Y1, records them in the password holding table 150, and displays them. 13 (S850). The reception processing of information including X1 and Y1 by the CPU 10 is not limited to a dedicated program, and a general e-mail program, a browser program, or the like may be used.
[0063]
FIG. 13 is a screen display example of the display 13 of the client PC 100 in the first to fourth embodiments. FIG. 13A is a screen example of the display 13 in S850. Here, “abc02efg” is set as the login password X1, and “xx142” is set as the reissue request password Y1.
[0064]
The CPU 10 displays an X1 input screen on the display 13 in response to a click operation of the “login screen” button shown in FIG. 13A (S852). FIG. 13B is a screen display example of the display 13 in S852. The CPU 10 determines whether or not there is an input of X1 through the operation of the keyboard / mouse 11 by the user (S854). The CPU 10 determines the completion of the input of X1 based on whether or not the “login” button shown in FIG. 13B has been clicked. If the CPU 10 determines that X1 is input, the CPU 10 transmits the X1 to the login management server 300 (S856).
[0065]
The CPU 30 determines whether or not the received X1 can be authenticated (S805). Specifically, the CPU 30 matches the received X1 with one of X (one or a plurality of login passwords) recorded in the password management DB 350 (or the memory 32), and the login flag for the corresponding X is set. If it is “0”, it is determined that X1 can be authenticated. The login flag will be described later. With this process, the CPU 30 checks whether the user who tries to access has the right to access.
[0066]
If the CPU 30 determines that the authentication of X1 could not be performed in S805, the CPU 30 performs an NG notification to notify the client PC 100 that the authentication could not be performed (S807), and ends the process. On the other hand, if the CPU 30 determines that X1 has been authenticated, the CPU 30 notifies the client PC 100 of login permission (S809).
[0067]
The CPU 10 determines whether or not the received notification information is a login permission notification (S858). If the CPU 10 determines that the received notification information is not a login permission notification, the CPU 10 displays an NG screen (screen for notifying login failure) on the display 13 (S860), and ends the process. On the other hand, if the CPU 10 determines that the received notification information is a login permission notification, the CPU 10 displays a login permission screen on the display 13 (step S950 in FIG. 9). FIG. 13C is a screen display example of the display 13 in step S950.
[0068]
After the process of S809, the CPU 30 rewrites the login flag corresponding to the password X1 recorded in the memory 32 from 0 to 1 (step S901 in FIG. 9). The login flag is information recorded in association with the password X, and is set to “0” at the time of password generation (default) in S801. As exemplified in S <b> 901, the CPU 30 authenticates the password X, permits the login of the client PC that is the transmission source of the password X, and then rewrites the login flag from “0” to “1”. When the login flag is “1”, the CPU 30 does not authenticate the password X associated with the login flag. On the other hand, when the login flag is “0” (when the authentication of the password X is the first authentication for the password X), the password X associated with the login flag is authenticated (“first” (If the password has not been authenticated in the past, this corresponds to “authenticating the first password”). Therefore, the password X once used for the login authentication cannot be used again, and even if the client PC 100 attempts to log in again with the same password X, the CPU 30 does not permit the authentication. In the embodiment, the one-time property of the password X is realized by the mechanism of the login flag described above as an example.
[0069]
The CPU 30 reads information including passwords X and Y (here, passwords X1 and Y1) temporarily recorded in the memory 32 and records the information in the password management DB 350 of the hard disk 34 (S903).
[0070]
Here, as shown in FIG. 6, the user ID “A001”, login password (X1) “abc02efg”, login flag “1”, reissue request password (Y1) “xx142”, issue time, expiration date, effective application Are recorded in the password management DB 350.
[0071]
After the processing of S950, the CPU 10 activates a predetermined application recorded on the hard disk 34 of the login management server 300 in response to a click operation of the “use application” button shown in FIG. Is started (S952).
[0072]
In the embodiment, an example in which the login management server 300 includes a plurality of applications is shown, and login authentication is requested for each application. The user specifies the application that the user of the client PC 100 requests to use when logging in to the login management server 300. In the embodiment, as shown in the password management DB 350 in FIG. 6, the application designated by the user is specified in the “valid application” column. Note that, as in the embodiment, use of all (or a plurality of) applications installed in the login management server 300 may be permitted with one login without requiring independent login authentication for each application.
[0073]
In step S809 of FIG. 8, the CPU 30 of the login management server 300 grants an access right to the user with the user ID “A001” based on the information of the “valid application”. The access right is given based on the IP address of the client PC that has been authenticated for login. The user of the client PC 100 uses an application installed on the hard disk 34 of the login management server 300 via a program dedicated to this system.
[0074]
When the use of the user application ends, the CPU 10 transmits a logout request to the login management server 300 through the user operation (step S954 in FIG. 9). The CPU 30 receives the logout request and performs logout processing including cancellation of the access right to the application “A” by the user ID “A001” (S905).
[0075]
The CPU 30 transmits a logout process completion notification to the client PC 100 (S907), and ends the process. The CPU 10 displays the received logout process completion notification on the display 13 (S956), and ends the process. FIG. 13F shows a screen display example of the display 13 in the process of S956.
[0076]
With the above processing, the processing from the login to the login management server 300 by the client PC 100 to the logout is completed.
[0077]
In the embodiment, only the password is determined as a determination target for the authentication of the login password and the reissue request password described later (see step S805 in FIG. 8). Not limited to this, the user ID in the password management DB 350 in FIG. Specifically, in step S803 in FIG. 8, the CPU 30 transmits a “user ID” to the client PC 100 in addition to the password. On the other hand, in step S856, the CPU 10 transmits the “user ID” in addition to the password. As described above, the CPU 30 can process the login authentication or the like based on whether the combination of the password and the user ID received from the client PC 100 matches the one recorded in the password management DB 350 or the like.
[0078]
Here, the “expiration date” of passwords recorded in the password management DB 350 of FIG. 6 and the password holding table 150 of FIG. 7 will be described. “03.01.03.16:32” shown in FIG. 6 means 16:32 on January 3, 2003 (the “issue time” is also the same). CPU 10 and CPU 30 delete the password recorded in the database at the time indicated by the expiration date. For example, the information in the row corresponding to the login password “abc02efg” in FIG. 6 is deleted at 16:32 on January 3, 2003. The password expiration date information may be confirmed by the CPU periodically (for example, every 5 minutes). Specifically, the CPU checks every 5 minutes whether there is an expiration date recorded in the database (or table) before the current time.
[0079]
In addition, instead of periodically checking the database (or table), only the latest expiration time may be set as a schedule for the CPU to check the database (or table). Referring to FIG. 6 as an example, the schedule for the CPU to check the database (or table) is set at 16:32 on January 3, 2003, and at the same time, the CPU sets the login password “abc02efg” line. At the same time as deleting the information, a schedule is set for the CPU to check the database (or table) at the next 16:52. Further, the CPU 30 may delete the information related to the logout target password from the password management DB 350 after the logout process completion notification transmission process in step S907 in FIG.
[0080]
In the embodiment, after the login flag is rewritten from “0” to “1”, the information including the passwords X1 and Y1 temporarily recorded in the memory 32 is read and recorded in the password management DB 350 (see FIG. 9 step S903). The timing for recording the password in the password management DB 350 is not limited to this. As another example, the CPU 30 receives the response (response message) from the client PC 100 with respect to the transmission of the login permission notification in step S809 in FIG. 8, and then includes the information including the passwords X1 and Y1 temporarily recorded in the memory 32. May be read and recorded in the password management DB 350.
[0081]
--5. Second to fourth embodiments--
In the second to fourth embodiments of the login system, an example in which communication interruption occurs after the client PC 100 logs in to the login management server 300 according to the first embodiment described above will be described. There are several possibilities for the timing of communication interruption after login. In the following description, the timing at which such communication interruption occurs is classified into three patterns, and each pattern is defined as the second, third, and fourth embodiments.
[0082]
In each of the following embodiments, a process from the stage where the client PC 100 logs in to the login management server 300 to the process for completing re-login after communication interruption will be described. Accordingly, in the second to fourth embodiments, only the outline of the parts overlapping with the first embodiment including the password issuing process and the login authentication process is described, and the description of the logout process after re-login is omitted. And
[0083]
5-1. Second embodiment (when communication is interrupted immediately after login)
Based on FIG. 10, a flowchart of a program executed by the CPU of each device in the second embodiment will be described. The second embodiment exemplifies a process in which the client PC 100 logs in again when communication interruption occurs immediately after login.
[0084]
The CPU 30 of the login management server 300 generates information including X1 and Y1 and temporarily records it in the memory 32, and then transmits them to the client PC 100 (step S1001 in FIG. 10). The CPU 10 of the client PC 100 receives X1 and Y1, and transmits X1 (login password) to the login management server 300 according to the user's operation (S1050). After authenticating X1, the CPU 30 sends a login permission notification to the client PC 100 (S1003). After login, use of the application by the client PC 100 is started.
[0085]
The processing of each device up to the above is the processing of steps S801, 803, 805, and 809 in FIG. 8 by the CPU 30 of the login management server 300 in the first embodiment, and the CPU 10 of the client PC 100 in steps S901 and 903 in FIG. 8 is the same as the processing in steps S850, 852, 854, 856, and 858 in FIG. 8 and steps S950 and 952 in FIG.
[0086]
In the second embodiment, communication interruption occurs after login. Since the login password X1 is a one-time password, even if it is transmitted to the login management server 300, it is not authenticated. The CPU 10 of the client PC 100 determines that communication has been interrupted after login, and displays an input screen for Y1 (reissue request password) on the display 13 (S1052). The determination that the communication is interrupted after the login is made, for example, by checking the presence or absence of a response (response message or the like) from the login management server 300 to the operation information (inquiry) or the like from the client PC 100 side. Do.
[0087]
  FIG. 13D shows a screen display example of the display 13 in S1052. The CPU 10 determines whether or not there is an input of Y1 through the operation of the keyboard / mouse 11 by the user (S1054). If the CPU 10 determines that Y1 has been input, the CPU 10 transmits Y1 to the login management server 300 (S1056). When the CPU 30 authenticates the received Y1 and determines that the authentication has been successful, the CPU 30 gives the client PC 100 a new login password (X2) different from X1 and a new reissue request password (Y2 different from Y1). ) Is generated and temporarily recorded in the memory 32 (S1005). CPU30 receivedYIf 1 matches one of Y (one or a plurality of login passwords) recorded in the password management DB 350 (or memory 32), it is determined that Y1 can be authenticated.
[0088]
The CPU 30 transmits information including X2 and Y2 to the client PC 100 (S1007). The CPU 10 receives X2 and Y2, and transmits X2 (new login password) to the login management server 300 according to the user's operation (S1058). After authenticating X2, the CPU 30 notifies the client PC 100 of re-login permission (S1009). FIG. 13E is a screen example of a re-login permission notification displayed on the display 13 by the CPU 10.
[0089]
Password generation processing, transmission processing, authentication processing, and the like for passwords X2 and Y2 are the same as the processing described for X1 and Y1. After logging in, as in the first embodiment, use of the application by the client PC 100 is started.
[0090]
The processes of the CPU 30 and the CPU 10 after S1009 and S1058 are the same as those in the flowchart of the program in FIG. In the process of step S903 in FIG. 9 (recording process in the password management DB 350) in the second embodiment, the CPU 30 performs a process of rewriting X1 and Y1 to X2 and Y2, respectively (password update process). Specifically, the CPU 30 replaces, for example, “abc02efg (X1)” and “xx142 (Y1)” in FIG. 6 with other passwords (for example, “ky55cle” (X2) ”and“ psu61er ”(Y2)”). Rewrite to At this time, the CPU 30 similarly rewrites the login flag, issue time, and expiration date columns.
[0091]
Note that Y1 cannot be used by rewriting the reissue request password Y1 to Y2. Therefore, the risk of unauthorized access due to Y1 leakage can be reduced.
[0092]
As a result of the above processing, the client PC 100 obtains a new login password (X2) and a reissue request password (Y2) via the reissue request password (Y1) even if communication is interrupted immediately after login. Then, it is possible to log in again easily with the X2.
[0093]
In the embodiment, the password is manually input by the client PC 100 (see step S854 in FIG. 8 and step S1054 in FIG. 10). However, the present invention is not limited to this, and the CPU 10 of the client PC 100 may automatically input the password. Specifically, the CPU 10 reads the password recorded in the password holding table 150 shown in FIG. 7 and displays it on the display 13 during the password input process in step S854 in FIG. After obtaining the password transmission confirmation based on the user operation, the CPU 10 transmits the password to the login management server 300.
[0094]
In addition, the input and transmission of the password by the CPU 10 of the client PC 100 may be automatically executed without any user operation. For example, the password transmission function is modularized (for example, a plug-in). Specifically, the CPU 10 reads and transmits the login password recorded in the password holding table 150 by the plug-in in conjunction with receiving the information including the password by the process of step S803 in FIG. Further, the CPU 10 reads out and transmits the reissue request password recorded in the password holding table 150 by the plug-in in conjunction with the determination that the communication interruption has occurred (when the “login interruption signal is acquired”). Corresponding to “sending the second password to the login management device”). This saves the user the trouble of inputting a password, and login and re-login after communication interruption are automatically executed.
[0095]
5-2. Third embodiment (when communication interruption occurs immediately after the client PC 100 transmits a reissue request password)
Based on FIG. 11, the flowchart of the program which CPU of each apparatus in 3rd Embodiment performs is demonstrated. In the third embodiment, an example (including communication interruption during transmission) in which communication interruption occurs immediately after the client PC 100 transmits a reissue request password for the purpose of dealing with communication interruption after the first login will be described. Specifically, the third embodiment corresponds to a case where communication interruption occurs after the process of step S1056 in FIG. 10 in the second embodiment.
[0096]
The CPU 30 of the login management server 300 generates information including X1 and Y1 and temporarily records it in the memory 32, and then transmits them to the client PC 100 (S1101 in FIG. 11). The CPU 10 of the client PC 100 receives X1 and Y1, and transmits X1 (login password) to the login management server 300 according to the user's operation (S1150). After authenticating X1, the CPU 30 sends a login permission notification to the client PC 100 (S1103). After login, use of the application by the client PC 100 is started.
[0097]
The processing of each device up to the above is the processing of steps S801, 803, 805, and 809 in FIG. 8 by the CPU 30 of the login management server 300 in the first embodiment, and the CPU 10 of the client PC 100 in steps S901 and 903 in FIG. 8 is the same as the processing in steps S850, 852, 854, 856, and 858 in FIG. 8 and steps S950 and 952 in FIG.
[0098]
In the third embodiment, as in the second embodiment, communication interruption occurs after login. Since the login password X1 is a one-time password, even if it is transmitted to the login management server 300, it is not authenticated. The CPU 10 of the client PC 100 determines that communication has been interrupted after login, prompts the user to input Y1 (reissue request password), and transmits the input Y1 to the login management server 300 ( S1154). The process of transmitting Y1 when the communication interruption occurs after the CPU 10 logs in is the same as the process of S1052, S1054, and S1056 in FIG. 10 by the CPU 10 in the second embodiment.
[0099]
The CPU 10 determines that there is no response (response message or the like) from the login management server 300 to the processing of S1154, and retransmits Y1 (S1156). The process for determining whether or not there is a response from the login management server 300 is executed, for example, when the CPU 10 receives a signal from a timer after a predetermined time has elapsed.
[0100]
When the CPU 30 authenticates the received Y1 and determines that the authentication has been successful, the CPU 30 gives the client PC 100 a new login password (X2) different from X1 and a new reissue request password (Y2 different from Y1). ) Is generated and temporarily recorded in the memory 32, and the information is transmitted to the client PC 100 (S1105).
[0101]
The CPU 10 receives X2 and Y2, and transmits X2 (new login password) to the login management server 300 according to the user's operation (S1158). After authenticating X2, the CPU 30 notifies the client PC 100 of re-login permission (S1107).
[0102]
Password generation processing, transmission processing, authentication processing, and the like for passwords X2 and Y2 are the same as the processing described for X1 and Y1. After logging in, as in the first embodiment, use of the application by the client PC 100 is started.
[0103]
The processes of the CPU 30 and the CPU 10 after S1107 and S1158 are the same as those in the flowchart of the program in FIG. The processing in step S903 in FIG. 9 (recording processing in the password management DB 350) in the third embodiment is the same as that in the second embodiment. The CPU 30 performs a process of rewriting X1 and Y1 to X2 and Y2, respectively (password update process).
[0104]
With the above processing, even if communication interruption occurs immediately after the client PC 100 transmits the reissue request password, the client PC 100 receives a new login password (Y1) through retransmission of the reissue request password (Y1). X2) and the reissue request password (Y2) are acquired, and it becomes possible to log in again easily with X2.
[0105]
In 3rd Embodiment, the case where communication interruption occurred immediately after client PC100 transmitted Y1 was illustrated. In the case of communication interruption (including communication interruption during transmission) immediately after transmission of the password general (X or Y) from the client PC 100 to the login management server 300 as well as the password Y, as in the third embodiment. What is necessary is to process. Since the login password X is a one-time password, once the login authentication is performed, the authentication is not performed again. However, for example, when communication interruption occurs immediately after X is transmitted from the client PC 100, the login management server 300 has not yet authenticated the X. Therefore, the client PC 100 can use X again for re-login.
[0106]
5-3. Fourth embodiment (when communication interruption occurs immediately after the login management server 300 transmits a password)
Based on FIG. 12, the flowchart of the program which CPU of each apparatus in 4th Embodiment performs is demonstrated. The fourth embodiment is an example in which communication interruption occurs immediately after the login management server 300 authenticates the reissue request password Y1 and transmits the passwords X2 and Y2 to the client PC 100 (including communication interruption during transmission). Will be explained. Specifically, the fourth embodiment corresponds to a case where communication interruption occurs after the process of step S1105 in FIG. 11 in the third embodiment.
[0107]
The CPU 30 of the login management server 300 generates information including X1 and Y1 and temporarily records it in the memory 32, and then transmits them to the client PC 100 (S1201 in FIG. 12). The CPU 10 of the client PC 100 receives X1 and Y1, and transmits X1 (login password) to the login management server 300 according to the user's operation (S1250). After authenticating X1, the CPU 30 issues a login permission notification to the client PC 100 (S1203). After login, use of the application by the client PC 100 is started.
[0108]
The processing of each device up to the above is the processing of steps S801, 803, 805, and 809 in FIG. 8 by the CPU 30 of the login management server 300 in the first embodiment, and the CPU 10 of the client PC 100 in steps S901 and 903 in FIG. 8 is the same as the processing in steps S850, 852, 854, 856, and 858 in FIG. 8 and steps S950 and 952 in FIG.
[0109]
In the fourth embodiment, as in the second embodiment, communication interruption occurs after login. Since the login password X1 is a one-time password, even if it is transmitted to the login management server 300, it is not authenticated. The CPU 10 of the client PC 100 determines that communication has been interrupted after login, prompts the user to input Y1 (reissue request password), and transmits the input Y1 to the login management server 300 ( S1252).
[0110]
When the CPU 30 authenticates the received Y1 and determines that the authentication has been successful, the CPU 30 gives the client PC 100 a new login password (X2) different from X1 and a new reissue request password (Y2 different from Y1). ) Is generated and temporarily recorded in the memory 32, and the information is transmitted to the client PC 100 (S1205).
[0111]
In the fourth embodiment, communication interruption occurs after X2 and Y2 are transmitted by the login management server 300 (the same is true for communication interruption during transmission). The CPU 10 determines that there is no response (response message or the like) from the login management server 300 to the processing of S1252, and retransmits Y1 (S1254). The process for determining whether or not there is a response from the login management server 300 is executed, for example, when the CPU 10 receives a signal from a timer after a predetermined time has elapsed.
[0112]
When the CPU 30 authenticates the received Y1 and determines that the authentication has been successful, the CPU 30 gives the client PC 100 a new login password (X3) different from X2 and a new reissue request password (Y3 different from Y2). ) Is generated and temporarily recorded in the memory 32 (S1207). At this time, the CPU 30 rewrites the information including X2 and Y2 temporarily recorded in the memory 32 to X3 and Y3. The CPU 30 transmits information including X3 and Y3 to the client PC 100 (S1209). As another embodiment, the CPU 30 may retransmit X2 and Y2 in S1209 without performing the process of S1207 in which information including X2 and Y2 is rewritten to X3 and Y3.
[0113]
The CPU 10 receives X3 and Y3, and transmits X3 (new login password) to the login management server 300 according to the user's operation (S1256). After authenticating X3, the CPU 30 issues a re-login permission notification to the client PC 100 (S1211).
[0114]
Password generation processing, transmission processing, authentication processing, and the like for passwords X3 and Y3 are the same as the processing described for X1 and Y1. After logging in, as in the first embodiment, use of the application by the client PC 100 is started.
[0115]
Each processing of the CPU 30 and the CPU 10 after S1211, S1256 is the same as the program flowchart of FIG. The processing in step S903 in FIG. 9 (recording processing in the password management DB 350) in the third embodiment is the same as that in the second embodiment. The CPU 30 performs a process of rewriting X1 and Y1 to X3 and Y3, respectively (password update process).
[0116]
Even if communication is interrupted immediately after the login management server 300 transmits the password by the above processing, the client PC 100 receives a new login password (X3) through re-transmission of the reissue request password (Y1). ) And a reissue request password (Y3), and it is possible to easily log in again with X3.
[0117]
--6. Fifth embodiment (fingerprint authentication)-
The fifth embodiment of the login system describes an example in which the level of security (safety) of password authentication in the first to fourth embodiments described above is further increased. In the fifth embodiment, a stage in which the client PC 100 logs into the login management server 300 will be described. Therefore, in the fifth embodiment, only the outline of the parts overlapping with the first embodiment including the password issuing process and the login authentication process will be described, and the description of the logout process will be omitted.
[0118]
FIG. 14 shows a configuration example of the fingerprint management DB 370 recorded by the login management server 300 on the hard disk 34 (or the memory 32, the same applies hereinafter). In the fingerprint management DB 370, information related to a fingerprint of a user who may access the login management server 300 is recorded in advance. In the figure, fingerprint image data relating to a plurality of users is recorded in association with each user. Specifically, fingerprint image data, “registration time (data input time)” of fingerprint image data, and “expiration date” of fingerprint image data are recorded in association with the user ID “A001” of the client PC. A “user ID” that identifies each user of the client PC is distributed separately to the user in advance.
[0119]
Based on FIG. 15, the flowchart of the program which CPU of each apparatus in 5th Embodiment performs is demonstrated. The CPU 30 of the login management server 300 generates information including X1 and Y1 and temporarily records it in the memory 32 (step S1501). The CPU 30 transmits information including X1 and Y1 to the client PC 100 (S1503). The CPU 10 of the client PC 100 launches a program in response to a user operation, receives and decrypts X1 and Y1, records them in the password holding table 150, and displays them on the display 13 (S1550). The CPU 10 displays an input screen for the user ID, X1, and fingerprint image data on the display 13 (S1552).
[0120]
FIG. 16A is a screen display example of the display 13 in S1552. The CPU 10 determines whether or not the user ID, X1, and fingerprint image data have been input through the operation of the keyboard / mouse 11 and the fingerprint authentication device 200 by the user (S1554).
[0121]
A technique well known to those skilled in the art is applied to the input of fingerprint image data through the operation of the fingerprint authentication apparatus 200. For example, fingerprint image data can be obtained by the following method. When the user's finger is placed on the fingerprint sensor surface of the fingerprint authentication device 200, the CPU 10 shines light on the finger. The way in which the confusion light reaches the fingerprint sensor surface is different between the peak portion and the valley portion of the fingerprint. The CPU 10 acquires fingerprint image data by using a change in the pattern of the confusion light with respect to the fingerprint sensor surface. Acquisition of fingerprint image data for recording in the fingerprint management DB 370 of the login management server 300 is performed in the same manner. As the fingerprint image data, for example, bitmap format data or data obtained by encrypting bitmap format image data can be used.
[0122]
The CPU 10 determines the completion of the input of the fingerprint image data based on whether or not the “fingerprint data input completion” button shown in FIG. 16A is clicked. The CPU 10 determines the completion of the input of the user ID, X1, and fingerprint image data based on whether or not the “login” button shown in FIG. 16A is clicked. If the CPU 10 determines that the user ID, X1, and fingerprint image data have been input, the CPU 10 transmits the user ID, X1, and fingerprint image data to the login management server 300 (S1556).
[0123]
The CPU 30 determines whether or not all of the received user ID, X1, and fingerprint image data can be authenticated (S1505). Specifically, the CPU 30 matches the received X1 with one of X recorded in the password management DB 350 (or the memory 32), and records the combination of the received user ID and fingerprint image data in the fingerprint management DB 370. If it matches the combination of the user ID and fingerprint image data, it is determined that authentication is possible. The case where the fingerprint image data matches is, for example, a case where it can be determined that the received fingerprint image data and the fingerprint image data recorded in the fingerprint management DB 370 match (or are similar) by pattern matching. Therefore, when the combination of the received user ID and fingerprint image data matches the combination of the user ID and fingerprint image data recorded in the fingerprint management DB 370, the CPU 30 receives the user ID “A001” in S1505. In this case, the received fingerprint image data matches the fingerprint image data recorded in association with “A001” in the fingerprint management DB 370 (or similar).
[0124]
If the CPU 30 determines that the authentication could not be performed in S1505, the CPU 30 sends an NG notification to the client PC 100 (S1507) and ends the process. On the other hand, if the CPU 30 determines that the authentication is successful, the CPU 30 issues a login permission notification to the client PC 100 (S1509).
[0125]
The CPU 10 determines whether or not the received notification information is a login permission notification (S1558). If the CPU 10 determines that the received notification information is not a login permission notification, the CPU 10 displays an NG screen on the display 13 (S1560) and ends the process. On the other hand, if the CPU 10 determines that the received notification information is a login permission notification, the CPU 10 displays a login permission screen on the display 13 (step S950 in FIG. 9). FIG. 16B is a screen display example of the display 13 in step S950.
[0126]
After logging in, as in the first embodiment, use of the application by the client PC 100 is started. The processes of the CPU 30 and the CPU 10 after S1509 and S1558 are the same as the flowchart of the program in FIG.
[0127]
Through the above processing, the login system can further increase the security level of password authentication. In the fifth embodiment, as an example in which the CPU 30 uses fingerprint authentication in addition to password authentication, a login password authentication process is illustrated (see step S1505 in FIG. 15). In addition to this, fingerprint authentication may be used in addition to the reissue request password authentication processing described in the second to fourth embodiments.
[0128]
In step S1505 in FIG. 15, the CPU 30 determines whether or not authentication is possible based on the login password and the combination of both the user ID and the fingerprint image data. However, the present invention is not limited to this, and whether or not authentication can be performed may be determined based on a login password and fingerprint image data. Specifically, the CPU 30 matches the received X1 with one of X recorded in the password management DB 350 (or the memory 32), and the received fingerprint image data is a fingerprint image recorded in the fingerprint management DB 370. If it matches any of the data, it is determined that authentication is possible.
[0129]
In step S1505 in FIG. 15, authentication of fingerprint image data is performed by pattern matching. However, the present invention is not limited to this. As another authentication method, for example, a feature point extraction method may be used. Specifically, the relative positional relationship or the like of a plurality of feature points in the user's fingerprint is used as feature point data, and whether or not authentication is possible is determined based on the degree of matching between the feature point data serving as comparison targets.
[0130]
In the fifth embodiment, fingerprints are exemplified as “biological features” and fingerprint image data is exemplified as “biological feature data”. However, the present invention is not limited to this. For the “biometric feature data”, other data for biometric authentication (biometric authentication) may be applied by using a device other than the illustrated fingerprint authentication apparatus 200. Other examples of biometric authentication using the “biological features” of the present invention include authentication of eyes (iris or retina), voiceprint authentication, blood vessel pattern authentication of veins on the back of the hand, face matching (authentication by face shape) Such techniques that use physical features, such as handwriting, and keystroke authentication (authentication based on the speed and timing characteristics of keyboard input) can be used.
[0131]
--7. Effects of the embodiment--
The login system according to the embodiment can easily and quickly perform an operation when performing re-login after communication interruption. If a one-time login password is issued to a specific client device from the server side, the security of the system can be ensured. Since it is a one-time password, it can only be used for one login, and even if it is leaked, it cannot be used by a third party. However, in the conventional technique, when communication is interrupted after login, it is necessary to separately issue a login password reissue request by telephone or the like from the client device side.
[0132]
In this regard, according to the embodiment, both the login password and the reissue request password are issued from the server side to the client device. When a communication interruption occurs, the client device can acquire another login password by using the reissue request password, and can easily and quickly perform the operation for re-login.
[0133]
As is clear from the processing of FIGS. 12S1252 and S1254 according to the fourth embodiment, in the embodiment, the login password X is a one-time password, while the reissue request password is authenticated multiple times by the login management server 300. Possible (non-one-time password). That is, even if the reissue request action itself using the reissue request password from the client PC 100 has a failure, a plurality of actions are allowed. Therefore, the work related to the reissue request action can be executed efficiently.
[0134]
According to the fifth embodiment, fingerprint authentication is combined with password authentication. As a result, logins other than the user are rejected, and the security of the system can be improved. Therefore, by applying the embodiment, it is possible to improve the reliability of log-in to the system from a remote place. For example, application to a field such as telecommuting using a computer is also suitable.
[0135]
In the embodiment, the CPU 10 displays a login password and a reissue request password input request for the user according to the communication state. For example, the CPU 10 prompts the user to input a login password in the process of FIG. 8S852, while prompting the user to input a reissue request password in the process of FIG. 10S1052. That is, the CPU 10 determines which of the two types of passwords that prompt the input. Such determination of the input request password is performed by the CPU 10 determining the communication state between the client PC 100 and the login management server 300. For example, in FIG. 8S852, the CPU 10 prompts the input of the login password based on the fact that the login permission notification has not been received. On the other hand, in FIG. 10S1052, the CPU 10 prompts the user to input a reissue request password based on the fact that the login permission notification has already been received and there is no response to the inquiry regarding the work after login.
[0136]
The login management server 300 can also record connection information and processing contents from the client PC 100 as history information. Specifically, the CPU 30 of the login management server 300 records history information regarding login, logout, communication interruption, and the like on the hard disk 34. Based on these pieces of information, for example, it is possible to try monitoring the login status by the client PC, improving the communication environment, and the like.
[0137]
--8. Other embodiments, etc .--
8-1. Password configuration variations
In the embodiment, for example, as shown in the processing of FIGS. 10S1005 and 1007, the CPU 30 of the login management server 300 receives the reissue request password (Y1), and sends a new login password (X2) and a new The issue request password (Y2) is transmitted. Not limited to this, the CPU 30 may receive Y1 and transmit only X2 to the client PC 100. Specifically, the client PC 100 has (X1, Y1) before login, and when communication interruption occurs after login, Y1 is transmitted to acquire X2, and when communication interruption occurs again. Send Y1 to get X3. In this way, the client PC 100 uses Y (not a one-time password) whenever communication is interrupted in order to acquire X (one-time password) for login and re-login.
[0138]
In the embodiment, as shown in FIGS. 6 and 7, the login password (X) and the reissue request password (Y) are set as separate passwords. However, the present invention is not limited to this, and it may be set as a single password combining X and Y. The client PC 100 that has received one password divides and uses the one password into X and Y according to a common agreement between the login management server 300 and the client PC 100.
[0139]
Processing when the password configuration as described above is adopted will be described by taking passwords “abc02efg” and “xx142” shown in FIG. 6 as an example. In step S803 of FIG. 8, the CPU 30 transmits “abc02efgxx142” (13 characters) as one password. On the client PC 100 side, it is determined in advance that the first eight characters of the password are X and the last five characters are Y by an agreement with the login management server 300. Specifically, after receiving the 13-character password, the CPU 10 of the client PC 100 performs password division processing with “abc02efg” as X and “xx142” as Y, and then performs the processing after S850. .
[0140]
The function of each device that performs the above processing can be expressed as follows. The login management device includes password information generation means for generating password information including a combined password obtained by combining the first password and the second password. On the other hand, the terminal device includes password acquisition means for acquiring a first password and a second password from the received password information based on a rule set with the login management device. Alternatively, the terminal device includes password acquisition means for acquiring the first password and the second password by dividing the received password information based on a rule set with the login management device.
[0141]
8-2. Device configuration variation
In the embodiment, the client PC 100 is exemplified as the terminal device, but the present invention is not limited to this, and a mobile terminal such as a mobile phone, PHS, and Personal Digital Assistant (PDA), and other devices may be used.
[0142]
8-3. Examples of program execution methods
In the present embodiment, programs for the operations of the CPU 10 and CPU 30 are stored in the hard disk 14 and the hard disk 34, respectively, but this program can be read from a CD-ROM storing the program and installed in the hard disk or the like. Good. In addition to the CD-ROM, programs such as a DVD-ROM, a flexible disk (FD), and an IC card may be installed from a computer-readable recording medium. Further, the program can be downloaded using a communication line. Also, by installing the program from the CD-ROM, the program stored in the CD-ROM is not directly executed by the computer, but the program stored in the CD-ROM is directly executed. You may do it.
[0143]
Programs that can be executed by a computer are not only programs that can be directly executed by a CPU, but also programs in a source format, programs that need to be converted to another form (for example, a compressed program, encryption) Program), and a program that can be executed in combination with other module parts.
[0144]
In each of the above embodiments, each function of FIG. 3 is realized by a CPU and a program, but a part or all of each function may be configured by hardware logic (logic circuit).
[Brief description of the drawings]
FIG. 1 is an overall view of a login system according to an embodiment.
FIG. 2 is a process overview diagram of the login system according to the embodiment.
FIG. 3 is a functional block diagram of a login system.
FIG. 4 is a diagram illustrating a hardware configuration example of a client PC.
FIG. 5 is a diagram illustrating a hardware configuration example of a login management server.
FIG. 6 is a diagram illustrating a configuration example of a password management database.
FIG. 7 is a diagram illustrating a configuration example of a password holding table.
FIG. 8 is a flowchart of login management processing according to the first embodiment.
FIG. 9 is a flowchart of login management processing according to the first embodiment.
FIG. 10 is a flowchart of login management processing according to the second embodiment.
FIG. 11 is a flowchart of login management processing according to the third embodiment.
FIG. 12 is a flowchart of login management processing according to the fourth embodiment.
FIG. 13A, FIG. 13B, FIG. 13C, FIG. 13D, FIG. 13E, and FIG. 13F are screen display examples of the client PC in the embodiment.
FIG. 14 is a diagram showing a configuration example of a fingerprint management database in the fifth embodiment.
FIG. 15 is a flowchart of login management processing according to the fifth embodiment.
FIGS. 16A and 16B are screen display examples of the client PC in the fifth embodiment. FIGS.
[Explanation of symbols]
100: Client PC
150 ... Password holding DB
200: Fingerprint authentication device
300 ... Login management server
350 ... Password management DB
370 ... Fingerprint management DB
400 ... Internet

Claims (20)

A login management system comprising a login management device and a terminal device capable of communicating with the login management device,
The login management device includes:
Password information generating means for generating password information including at least one of the first password and the second password;
Transmitting means for transmitting the password information to the terminal device;
Recording means for recording the password information in a password recording unit;
Password receiving means for receiving the first password or the second password transmitted from the terminal device;
A first password received, a first password contained in the password information recorded in said password recording unit match, and, if there is no history of authenticating the first password, authenticating the first password First password authenticating means,
A login permission means for permitting login of the terminal device when the first password is authenticated;
When receiving the second password from the terminal device after an interruption of the login state, the when and the second password, and a second password contained in the password information recorded in said password recording unit matches the 2nd password authentication means for authenticating 2 passwords;
An update password transmitting means for transmitting to the terminal device a first password different from the first password generated by the password information generating means when the second password is authenticated;
With
The terminal device
Receiving means for receiving the password information;
Password transmission means for transmitting the first password or the second password to the login management device;
A login management system characterized by comprising:   In the login management system of claim 1,
  The first password authentication means changes a value of a login flag at the first authentication of the first password, and determines whether there is a history of authenticating the first password based on the value of the login flag. thing,
  A login management system. The login management system according to claim 1 or 2,
The login management device further includes:
A biometric feature data recording unit for preliminarily recording biometric features of the user of the terminal device as biometric feature data;
The first password authentication unit or the second password authentication unit is configured to perform the authentication based on the biometric feature data recording unit and the biometric feature data transmitted from the terminal device in addition to the first password or the second password. It is characterized by judging whether or not
The terminal device further includes:
Biometric feature data acquisition means for acquiring biometric features of the user of the terminal device as biometric feature data,
The password transmitting means transmits the acquired biometric feature data in addition to the first password or the second password;
A login management system. In the login management system in any one of Claims 1-3,
The update password transmission means of the login management device includes:
If the second password is authenticated, transmitting a first password different from the first password and a second password different from the second password to the terminal device;
A login management system . The login management system according to claim 4,
The second password authentication means of the login management device is:
Disabling authentication of the second password before the second password after the update password transmitting means completes transmission of the first password and the second password to the terminal device;
A login management system . In the login management system in any one of Claims 1-5,
The terminal device further includes:
Before the terminal device logs in to the login management system, the user is prompted to input the first password. On the other hand, if the login state is interrupted, the user is prompted to input the second password. Password input requesting means for prompting
A login management system characterized by comprising: In the login management system in any one of Claims 1-5,
The terminal device further includes:
State monitoring means for outputting a login interruption signal when the login state to the login management system by the terminal device is interrupted,
With
The password transmission means further includes:
When logging in to the login management device, the first password is transmitted to the login management device. On the other hand, when the login interruption signal is acquired, the second password is transmitted to the login management device. ,
A login management system . A login management device capable of communicating with a terminal device,
The login management device includes:
Password information generating means for generating password information including at least one of the first password and the second password;
Transmitting means for transmitting the password information to the terminal device;
Recording means for recording the password information in a password recording unit;
Password receiving means for receiving the first password or the second password transmitted from the terminal device;
A first password received, a first password contained in the password information recorded in said password recording unit match, and, if there is no history of authenticating the first password, authenticating the first password First password authenticating means,
A login permission means for permitting login of the terminal device when the first password is authenticated;
When receiving the second password from the terminal device after an interruption of the login state, the when and the second password, and a second password contained in the password information recorded in said password recording unit matches the 2nd password authentication means for authenticating 2 passwords;
An update password transmitting means for transmitting to the terminal device a first password different from the first password generated by the password information generating means when the second password is authenticated;
A login management device comprising: The login management device according to claim 8,
The update password transmission means of the login management device includes:
If the second password is authenticated, transmitting a first password different from the first password and a second password different from the second password to the terminal device;
A login management device . 9. The login management device according to claim 9,
The second password authentication means of the login management device is:
Disabling authentication of the second password before the second password after the update password transmitting means completes transmission of the first password and the second password to the terminal device;
A login management device . A computer-readable program for causing a computer to function as a login management device capable of communicating with a terminal device,
The program is
Password information generating means for generating password information including at least one of the first password and the second password;
Transmitting means for transmitting the password information to the terminal device;
Recording means for recording the password information in a password recording unit;
Password receiving means for receiving the first password or the second password transmitted from the terminal device;
A first password received, a first password contained in the password information recorded in said password recording unit match, and, if there is no history of authenticating the first password, authenticating the first password First password authenticating means,
A login permission means for permitting login of the terminal device when the first password is authenticated;
When receiving the second password from the terminal device after an interruption of the login state, the when and the second password, and a second password contained in the password information recorded in said password recording unit matches the 2nd password authentication means for authenticating 2 passwords;
An update password transmitting means for transmitting to the terminal device a first password different from the first password generated by the password information generating means when the second password is authenticated;
A program characterized in that a computer is configured . 12. The program of claim 11, wherein
The program is a computer-readable program for causing a computer including a biometric feature data recording unit that records biometric features of a user of the terminal device in advance as biometric feature data, to function as the login management device,
The first password authentication unit or the second password authentication unit is configured to perform the authentication based on the biometric feature data recording unit and biometric feature data transmitted from the terminal device in addition to the first password or the second password. A program characterized by determining whether or not a program is possible. The program according to claim 11 or 12,
The update password transmission means includes
If the second password is authenticated, transmitting a first password different from the first password and a second password different from the second password to the terminal device;
A program characterized by The program of claim 13,
The second password authentication means,
Disabling authentication of the second password before the second password after the update password transmitting means completes transmission of the first password and the second password to the terminal device;
A program characterized by A computer-readable program for causing a computer to function as a terminal device capable of communicating with a login management device,
The program is
Receiving means for receiving password information including at least one of the first password and the second password generated in the login management device ;
A program that causes a computer to configure password transmission means for transmitting the first password or the second password to the login management device ,
When the login state is interrupted after the login management apparatus is authorized to log in after receiving the first password authentication,
The password transmission means transmits the second password;
The receiving means receives password information including at least a first password different from the first password;
Thereafter, the password transmission means transmits a first password different from the first password,
A program characterized by The program of claim 15,
The program is a computer-readable program for causing a computer including biometric feature data acquisition means for acquiring biometric features of a user of the terminal device as biometric feature data to function as the terminal device,
The password transmission means, in addition to the first password or second password, transmitting a biometric characteristic data acquired in the biometric characteristic data acquiring means,
A program characterized by The program of claim 15 or 16,
The program further includes:
Before the terminal device logs in to the login management system, the user is prompted to input the first password. On the other hand, if the login state is interrupted, the user is prompted to input the second password. Password input requesting means for prompting
A program characterized in that a computer is configured . The program of claim 15 or 16,
The program further includes:
When the login state to the login management system by the terminal device is interrupted, a program for causing the computer to configure state monitoring means for outputting a login interruption signal ,
The password transmission means further includes:
When logging in to the login management device, the first password is transmitted to the login management device. On the other hand, when the login interruption signal is acquired, the second password is transmitted to the login management device. ,
A program characterized by A login management method for managing login of a terminal device,
When the first password is received from the terminal device, if the received first password is valid because it matches the first predetermined password , and there is no history of authenticating the first password , Authenticate the first password,
If the first password is authenticated, the terminal device is permitted to log in,
If the second password is received from the terminal device after the login state is interrupted, the second password is authenticated if the second password is valid because it matches the second predetermined password ;
Transmitting the first password different from the first password to the terminal device when the second password is authenticated;
Login management method characterized by the above. The login management method of claim 19 , further comprising:
Obtaining a biometric feature of the user of the terminal device as biometric feature data;
When receiving the first password or the second password from the terminal device, determining whether the authentication is possible based on the acquired biometric feature data in addition to the received first password or the second password ,
Login management method characterized by the above.

Images