JP4885683B2 - Authentication device, authentication method for authentication device, and authentication program for authentication device - Google Patents

Description

  The present invention relates to a system for performing user authentication, for example, authentication for determining the state of a user / device to be authenticated and issuing an authentication rule for use of the device by the user as an electronic token. The present invention relates to an authentication method for an apparatus, an authentication apparatus, and an authentication program for the authentication apparatus.

In the conventional technology, when authenticating a user, a logical expression that can determine whether or not the authentication is possible is defined as an authentication rule based on the user's attributes, for example, identity information such as an in-house job rank and an organization to which the user belongs. . The authentication rule is associated with a pair of device and application software (or application program, hereinafter referred to as an application) on a table storing authentication information.
In the prior art, an authentication system that authenticates a user for use of a device and an application extracts an authentication rule in which the authentication rule is described from a table in which the authentication rule is defined, and obtains information necessary for authentication. A search is performed from the user's identity information, the authentication rule is compared with each attribute value of the user, and if it is determined to be significant, the user is allowed to use each device or application.

In addition, in the conventional technology, when the use of a device or application is temporarily permitted, the device or application is authenticated in advance, and an electronic token is issued to permit temporary access to the device or application. When the token is valid, use of the device and application is permitted.
This electronic token is registered in a device having an externally connectable security function such as an IC (Integrated Circuit) card or a USB (Universal Serial Bus) token owned by the user. The user connects a device in which an electronic token is registered to the device to be used, and the device reads the token as an electronic certificate and performs authentication processing.
JP 2003-208404 A

At present, management of confidential information within a company and periodic review of security policies are frequently performed. For this reason, the number of times of changing the authentication rules of devices and applications is increasing.
In the conventional technology, when the user authenticates the device and application, the information on the table in which the authentication rule is described is fixed for the device and application, and the authentication rule of the device or application is changed. When performing the above, it is necessary to change the contents of the table storing the authentication information.
Also, every time the authentication rule is changed, it is necessary to verify the authentication rule, and the workload is heavy.

Further, in the conventional method, since the authentication rule cannot be temporarily changed, it is necessary to temporarily delegate authority when permitting unauthorized users to use the device temporarily.
In the case of a system that performs ID (Identifier) / password authentication, temporary authority delegation is temporarily disclosed to an unauthorized user or a security device such as an IC card or a USB key is temporarily used. It was necessary to give it to an unauthorized user.
When a password or the like is disclosed to others or a security device is temporarily lent to others, monitoring by an administrator is required. In addition, if you forget to change the temporarily disclosed password, an unauthorized user who has been temporarily disclosed the password can use the device and application at any time, increasing the possibility of leakage of confidential information . In addition, when a security device is lent to a user, the user who is temporarily lent the security device can use devices and applications other than the intended purpose, and the user can access confidential information other than the intended purpose. The possibility of leakage of confidential information increases.

  Further, in the conventional technology, ID / password authentication is performed based on a fixed authentication rule that passwords match, so an unauthorized user illegally obtains the password of an authorized user by eavesdropping or the like. It was possible to impersonate a legitimate user and use the device and application. Until now, there have been cases where information leakage occurs due to such unauthorized use. Further, when such authentication by impersonation is performed, the executor who has illegally used is unknown, and it is difficult to identify the executor even after information leakage. Further, in such a case, since the detection of unauthorized use with respect to the device and application is delayed, it is too late to change the authentication information.

In the conventional system, the room / building entry / entry and the linkage between the application and the application are performed based on a fixed authentication rule. For example, in the conventional method, the same IC card is used for authentication when entering a room and authentication when operating an application, and an entrance / exit device that performs occupancy management or a PC (Personal Computer) installed in the room, At the time of authentication in an application operating on the PC, authentication is performed by checking an ID registered in the IC card.
This method enables cooperation between devices, but has the following problems. Within the security area, all the people in the room are given the same authority, and those who are allowed to enter the room can freely use devices such as PCs. This means that when an IC card is stolen, a device such as a PC is freely used by a person who has illegally obtained the IC card.

  An object of the present invention is to enable an authentication process according to, for example, a user attribute and a state of a user / electronic device.

  An authentication apparatus according to the present invention inputs an authentication content storage unit that stores a user attribute, a user detection location, and a user authentication content for an electronic device in association with each other, and inputs user attribute information from an input device. An attribute information acquisition unit, a user detection unit that detects the user's location using a central processing unit, the user attribute information acquired by the attribute information acquisition unit, and the user detection unit detected by the user detection unit An authentication content acquisition unit for acquiring the authentication content of the user for the electronic device from the authentication content storage unit based on the detection location; and electronic data indicating the authentication content of the user for the electronic device acquired by the authentication content acquisition unit. A token registration unit that stores a token in a storage device, and when the user uses the electronic device, the user's use authority is determined based on the authentication content indicated by the token stored by the token registration unit. Characterized by comprising a user authentication unit to notify the electronic equipment used.

  According to the present invention, the user detection unit detects an electronic device to which the user identification information is input as a user detection location, and the authentication content acquisition unit detects the user attribute information and the user. The token registration unit stores the token indicating the authentication content, and the user authentication unit can perform the authentication process based on the token. Thereby, for example, the authentication process can be performed according to the attribute of the user and the state of the user / electronic device.

Below, each embodiment of an authentication system and an authentication method is described based on a drawing.
In the description of each embodiment, a token is electronic data indicating user authentication details for each electronic device or each application. For example, a token, which is electronic data, is registered in a security device such as an IC card or a USB key, and a storage device included in the authentication device, and used for authentication processing. As an example, the authentication system and the authentication method in each embodiment register a token in a storage device included in the authentication device. The token management table 44 and the token-rule management table 45 described in each embodiment are examples of tokens.

Embodiment 1 FIG.
FIG. 1 is a conceptual diagram illustrating a schematic configuration of an authentication system and an authentication method according to the first embodiment.
The authentication system and authentication method according to the first embodiment gives the user A1 the authority to use the business terminal 5 when the user A1 is authenticated by the door 4 when entering the security area 6.
The door 4 is provided with an arbitrary authentication device that uses a CPU (Central Processing Unit) to perform an arbitrary authentication process for the user A1 who intends to enter the security area 6. An arbitrary authentication device has, for example, a storage device that stores user identification information such as a user ID and a password and a card reader that reads the user ID set in the ID card or a user A1 that has a user ID and password. An input device such as a touch panel is provided. And this arbitrary authentication apparatus performs an authentication process by collating the user input information which the input device input with the user identification information memorize | stored in the memory | storage device. The authentication device installed on the door 4 unlocks the door 4 when the user A1 is allowed to enter the room by an arbitrary authentication process.
The authentication device installed in the door 4 outputs a signal when the door 4 is unlocked, and notifies the token generation device 3 that the door 4 is unlocked, that is, the user A1 enters the room.
The token generation device 3 (part of the authentication device using the token) is used when the door 4 is unlocked (the user A1 enters the room) by the notification from the authentication device installed in the door 4. The token A is registered in the token management table 44 in association with the user ID (user A) of the user A1. At this time, the token generating device 3 associates the rule ID (rule 1) of the rule indicating the use permission of the business terminal 5 as the authentication content with the token A registered for the user A1 in the token-rule management table 45. sign up. The authentication content of the rule user A1 (use permission of the business terminal 5) is set in the rule content management table 46.
The business terminal 5 is a terminal that can access confidential information, transmits a user ID (user A) input by the user A1 when logging in to the business terminal 5, and performs authentication processing based on the token as a user authentication device. 2 is requested. The business terminal 5 processes or rejects the command of the user A1 according to the usage authority given by the user authentication device 2 through the authentication process based on the token.
The user authentication device 2 (a part of the authentication device using a token) is a user based on the user ID (user A) input by the business terminal 5 when an authentication process is requested from the business terminal 5. The token ID registered for A1 (token A) is acquired from the token management table 44, and the rule ID registered for the token (rule 1) is acquired from the token-rule management table 45. Then, the user authentication device 2 notifies the business terminal 5 of the usage authority given to the user A1 based on the authentication content indicated by the rule defined in the rule content management table 46.
The token generation device 3, the door 4, the user authentication device 2, and the business terminal 5 perform data communication via a communication network using a communication device.
The token generation device 3 and the user authentication device 2 constitute an authentication device using a token. The authentication device using the token may be a plurality of devices as shown in FIG. 1 or a single device.

FIG. 2 is a diagram illustrating an example of hardware resources of the user authentication device 2 and the token generation device 3 according to the first embodiment.
In FIG. 2, the user authentication device 2 and the token generation device 3 include a CPU 911 (also referred to as a central processing unit, a central processing unit, a processing unit, an arithmetic unit, a microprocessor, a microcomputer, and a processor) that executes a program. ing. The CPU 911 is connected to the ROM 913, the RAM 914, the communication board 915, the display device 901, the keyboard 902, the mouse 903, the FDD 904 (Flexible Disk Drive), the CDD 905 (compact disk device), and the magnetic disk device 920 via the bus 912. Control these hardware devices. Instead of the magnetic disk device 920, a storage device such as an optical disk device or a memory card read / write device may be used.
The RAM 914 is an example of a volatile memory. The storage media of the ROM 913, the FDD 904, the CDD 905, and the magnetic disk device 920 are an example of a nonvolatile memory. These are examples of a storage device, a storage device, or a storage unit.
The communication board 915, the keyboard 902, the FDD 904, and the like are examples of an input device, an input device, or an input unit.
The communication board 915, the display device 901, and the like are examples of output devices, output devices, or output units.

The communication board 915 is connected to a communication network such as a LAN (local area network), the Internet, or a WAN (wide area network).
The magnetic disk device 920 stores an OS 921 (operating system), a window system 922, a program group 923, and a file group 924. The programs in the program group 923 are executed by the CPU 911, the OS 921, and the window system 922.

The program group 923 stores a program executed by each device in the embodiment. The program is read and executed by the CPU 911.
The file group 924 includes result data such as “determination result of”, “calculation result of”, and “processing result of” when each device in the embodiment executes the program, and data passed between the programs. Other information, data, signal values, variable values, and parameters are stored as items of “˜file” and “˜database”. The “˜file” and “˜database” are stored in a recording medium such as a disk or a memory. Information, data, signal values, variable values, and parameters stored in a storage medium such as a disk or memory are read out to the main memory or cache memory by the CPU 911 via a read / write circuit, and extracted, searched, referenced, compared, and calculated. Used for CPU operations such as calculation, processing, output, printing, and display. Information, data, signal values, variable values, and parameters are temporarily stored in the main memory, cache memory, and buffer memory during the CPU operations of extraction, search, reference, comparison, operation, calculation, processing, output, printing, and display. Is remembered.
The token management table 44, token-rule management table 45, rule content management table 46, token registration point management table 47, rule requirement management table 48, and user attribute information management table 49 are examples of data stored in the file group 924. is there.
In addition, arrows in the flowcharts described in the embodiments mainly indicate input / output of data and signals. The data and signal values are the RAM 914 memory, the FDD 904 flexible disk, the CDD 905 compact disk, and the magnetic disk device 920 magnetic field. It is recorded on a recording medium such as a disc, other optical discs, mini discs, DVD (Digital Versatile Disc). Data and signal values are transmitted online via a bus 912, signal lines, cables, or other transmission media.

  In addition, each apparatus in the embodiment executes each process described in the embodiment, and may be realized by firmware stored in the ROM 913. Alternatively, it may be implemented only by software, or only by hardware such as an element, a device, a board, and wiring, by a combination of software and hardware, or by a combination of firmware. Firmware and software are stored as programs in a recording medium such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, and a DVD. The program is read by the CPU 911 and executed by the CPU 911. That is, the authentication program causes the computer to execute the functions of each device described in the embodiment, and causes the computer to execute the processing procedure and processing method of each device described in the embodiment.

FIG. 3 is a functional configuration diagram of the authentication system according to the first embodiment.
The functional configuration of the authentication system in the first embodiment will be described below with reference to FIG.

The user authentication device 2 (a part of the authentication device using a token) includes an authentication information acquisition device 21, an authentication information determination device 22, a token analysis device 23, and a rule analysis device 24.
The authentication information acquisition device 21 communicates with an electronic device that requires authentication based on a token via a communication network. For example, the authentication information acquisition apparatus 21 receives the identification information of the user A1 from the business terminal 5 and transmits the usage authority of the user A1 to the business terminal 5.
The authentication information determination device 22 is an example of a user authentication unit that determines a user's use authority based on the authentication content indicated by the token when the user uses an electronic device. For example, the authentication information determination device 22 determines the business terminal for the user A1 based on the identification information of the user A1 received from the business terminal 5 by the authentication information acquisition device 21 and the token registered for the user A1. 5 usage authority is determined.
The token analysis device 23 acquires a token registered for the user from the token management DB 41 and provides it to the authentication information determination device 22.
The rule analysis device 24 acquires the authentication rule indicated by the token from the authentication rule information DB 43 and provides it to the authentication information determination device 22.

The token generation device 3 (a part of the authentication device using a token) includes a state monitoring device 31, a generation device 32, and a registration device 33.
The state monitoring device 31 is an example of a user detection unit that detects, as a user's location, an electronic device that the user uses, passes, or has entered identification information. The token registration point described below is an example indicating the location of the user. For example, the state monitoring device 31 detects that the user A1 has received permission to pass, the door 4 is unlocked, and the user A1 has passed the door 4.
The generation device 32 is an example of an attribute information acquisition unit that inputs user attribute information from an input device. The generation device 32 is an example of an authentication content acquisition unit that acquires the authentication content of the user for the electronic device based on the user attribute information and the user detection location. For example, the generation device 32 acquires the attribute information of the user A1 detected by the state monitoring device 31 from the user information DB 42. Further, for example, the generation device 32 authenticates the user A1 with respect to the business terminal 5 based on the attribute information of the user A1 and information indicating that the user A1 detected by the state monitoring device 31 has passed through the door 4. A rule is acquired from the authentication rule information DB 43.
The registration device 33 is an example of a token registration unit that stores, in a storage device, a token that is electronic data indicating the authentication content of the user with respect to the electronic device. For example, the registration device 33 registers the token in the token management DB 41 in association with the authentication rule acquired by the generation device 32.

The state management DB 34 is a storage device that stores a token registration point management table 47 described later.
The token management DB 41 is a storage device that stores a token management table 44 and a token-rule management table 45 as shown in FIG. The token management table 44 has a record in which a user ID for identifying a user is associated with a token ID for identifying a token. The token-rule management table 45 has a record in which a token ID is associated with a rule ID that identifies an authentication rule.
The user information DB 42 is a storage device that stores a user attribute information management table 49 in which attribute information of each user is defined. The user attribute information management table 49 defines user ID, employee / non-employee type, department to which the user belongs, job title, password, and the like as user attribute information.
The authentication rule information DB 43 is an example of an authentication content storage unit (storage device) that stores user attributes, user detection locations, and user authentication details for electronic devices in association with each other. For example, the authentication rule information DB 43 stores a rule requirement management table 48 and a rule content management table 46 described later.

FIG. 4 is a diagram showing an example of the token registration point management table 47 in the first embodiment.
An example of the token registration point management table 47 in the first embodiment will be described below with reference to FIG.
The token registration point management table 47 is stored in the state management DB 34 and indicates requirements for registering (generating or deleting) a token.
For example, as illustrated in FIG. 4, the token registration point management table 47 includes “device ID” and “event” indicating the states of the user and the electronic device as items of token registration requirements. The door 4 and the business terminal 5 indicated by the item “device ID” in FIG. 4 are examples of electronic devices (token registration points) that cause registration of tokens. “Entering room”, “leaving”, “starting use”, “ending use”, and “authentication NG (not authorized as a result of authentication)” are examples of “events”.
For example, when the state monitoring device 31 detects that the user has “entered” from the door identified by “door 4” (item number 1 in FIG. 4), it determines that token registration is necessary.

FIG. 5 is a diagram illustrating an example of the rule requirement management table 48 according to the first embodiment.
An example of the rule requirement management table 48 in the first embodiment will be described below with reference to FIG.
The rule requirement management table 48 is stored in the authentication rule information DB 43 and indicates “registration rules” that are registered in association with “registration points” of tokens and “attributes” of users.
For example, as shown in FIG. 5, the rule requirement management table 48 includes a “generation rule ID” for identifying an authentication rule to be generated as an item indicating “registration rule”, a “deletion rule ID” for identifying an authentication rule to be deleted, and It has a “subject” who is the target for generating or deleting an authentication rule.
“Person (the user)”, “All (users whose tokens are registered)”, “Others (users whose tokens are registered other than the users) [not shown]” It is an example of a “subject” who generates or deletes a set token.
For example, when the token registration point “device ID” is “door 4”, “state” is “entry”, the user attribute “type” is “employee”, and “affiliation” is “part A” (No. 1 in FIG. 5), the generation device 32 generates a token that associates the rule identified by “Rule 1”, and the registration device 33 associates the token generated by the generation device 32 with “Rule 1” and creates a token- Register in the rule management table 45 and register in the token management table 44 for the user.

FIG. 6 is a diagram illustrating an example of the rule content management table 46 according to the first embodiment.
An example of the rule content management table 46 in the first embodiment will be described below with reference to FIG.
The rule content management table 46 is stored in the authentication rule information DB 43 and indicates “authentication content” of a rule identified by “rule ID”.
For example, as shown in FIG. 6, the rule content management table 46 has “use authority” given to the user as an item indicating “authentication content”, “authentication condition” giving the use authority, and “use authority and authentication condition”. It has a meaning. Further, the rule content management table 46 is an example of an item indicating “usage authority”, “user” indicating a subject who gives the usage authority, “device ID” indicating an object to which the usage authority is given, and “authority” indicating the contents of the usage authority. Is included. Further, the rule content management table 46 has “token presence / absence” and “use period” as an example of items indicating “authentication conditions”. Further, the rule content management table 46 includes “rule ID”, “presence / absence” of the rule, and “target person” as a determination target of the presence / absence of the rule as examples of items indicating “token presence / absence”. Further, the rule content management table 46 includes “date and time” and “number of times” as an example of items indicating “use period”.
For example, the authentication information determination apparatus 22 permits the use of “business terminal 5” for “until N days” to the user in which the token indicating “rule 7” is registered, and after “N + 1 days”, The use of the business terminal 5 ″ is not permitted.
Further, for example, the authentication information determination apparatus 22 permits the use of “business terminal 5” “M times” to the user in which the token indicating “rule 11” is registered, and the “business terminal” after the M + 1th time. Use of 5 "is not permitted. The number of uses is set and managed in the token or token management table 44. When managing the number of uses in the token management table 44, the token management table 44 has “use number” as an item in addition to “user ID” and “token ID”, and “user ID” and “token ID”. Correspond with “Number of times of use”. If the number of uses set in the token or token management table 44 is less than or equal to the number of uses set in the rule content management table 46, the authentication information determination device 22 permits use of the electronic device and token or token management table. If the usage count set in 44 is increased by 1 and the usage count set in the token management table 44 exceeds the usage count set in the rule content management table 46, the use of the electronic device is not allowed. Permission.

  Next, the operation of each device will be described for the authentication system and the authentication method in the first embodiment.

FIG. 7 is a flowchart showing a token registration process executed by the token generation device 3 according to the first embodiment.
The token registration process executed by the token generation device 3 in the first embodiment will be described below with reference to FIG.
Each device constituting the token generating device 3 executes processing described below using the CPU 911.

Here, it is assumed that an electronic device that has been used by a user and whose state has changed notifies the token generating device 3 of the user's identification information.
The door 4 on which the arbitrary authentication device described in FIG. 1 is installed is an example of an electronic device, and unlocking or opening / closing the door 4 is an example of a state change.
Hereinafter, when an arbitrary authentication device installed in the door 4 inputs the ID “user A” of the user A1 and permits entry into the security area 6 in an arbitrary authentication process, the door 4 is unlocked. A case will be described in which the token generating device 3 is notified of the ID “door 4” of the door 4, the ID “user A” of the user A1, and the event “entry”.

<S1: User detection process>
First, the state monitoring device 31 detects an electronic device whose state has changed and a user who uses the electronic device.
For example, the state monitoring device 31 uses the ID “door 4” of the door 4, the ID “user A” of the user A 1, and the event “entrance” included in the notification from an arbitrary authentication device installed in the door 4. , The door 4 is unlocked / opened / closed, and it is detected that the user A1 has entered the security area 6.

<S2: Token generation determination process>
Next, the state monitoring device 31 determines whether the electronic device whose state has changed is a token registration point.
For example, the state monitoring device 31 has a token registration point management table 47 (FIG. 5) in which a record in which the “device ID” is the ID “door 4” of the door 4 and the “event” is “entry” is stored in the state management DB 34. 4)). Then, the state monitoring device 31 determines that it is a token registration point when there is the record, and determines that it is not a token registration point when there is no record.

<S3: Attribute information acquisition process>
When the state monitoring device 31 determines in step S2 that it is a token registration point, the generation device 32 acquires user attributes from the user information DB.
For example, the generation device 32 searches the user information DB 42 using the ID “user A” of the user A1 notified by the state monitoring device 31 in step S1 as a search key, and attributes the user A1 from the record extracted by the search. To get.
In the following description, it is assumed that the state monitoring device 31 has acquired the type “employee” and the affiliation “A section” as attributes of the user A1 from the user information DB 42.

<S4: Authentication condition acquisition process>
Next, the generating device 32 selects an authentication rule from the authentication rule information DB 43 based on the token registration point determined by the state monitoring device 31 in process S2 and the user attribute acquired in process S3.
For example, the generation device 32 searches the rule requirement management table 48 (see FIG. 5) stored in the authentication rule information DB 43, and the “registration point” is the device ID “door 4” and the state “room entry”. Records whose “attribute” is the type “employee” and the affiliation “part A” are extracted. Then, the generation device 32 selects “registration rule” set in the extracted record as an authentication rule. When the rule requirement management table 48 shown in FIG. 5 is searched, the generation device 32 extracts the record of item number 1 and selects “rule 1” as the authentication rule. Here, “rule 1” indicates an ID of a rule associated with a newly generated token for “person”. Hereinafter, a case where the generation device 32 searches the rule requirement management table 48 illustrated in FIG. 5 and selects “Rule 1” as the authentication rule will be described.

<S5 to S6: Token registration process>
Next, the generating device 32 generates a token indicating the authentication rule selected in the process S4 (S5).
For example, the generation device 32 generates a unique ID “token A” that does not overlap with other tokens as a token ID.

Then, the registration device 33 registers the token generated by the generation device 32 in the process S5 in the token management DB 41 (S6).
For example, as illustrated in FIG. 1, the registration device 33 registers a record in which the user ID is “user A” and the token ID is “token A” in the token management table 44. In addition, as illustrated in FIG. 1, the registration device 33 registers a record in which the token ID is “token A” and the rule ID is “rule 1” in the token-rule management table 45.

  If the state monitoring device 31 determines in S2 that it is not a token registration point, the token is not registered.

  The token deletion will be described in a second embodiment described later.

FIG. 8 is a flowchart showing user authentication processing executed by the user authentication device 2 according to the first embodiment.
User authentication processing executed by the user authentication apparatus 2 in the first embodiment will be described below with reference to FIG.
Each device constituting the user authentication device 2 executes processing described below using the CPU 911.

Here, it is assumed that an electronic device that requires authentication based on a token when used by a user inputs user identification information and transmits the input identification information to the user authentication device 2.
The business terminal 5 described in FIG. 1 is an example of an electronic device that requires authentication based on a token when used by a user.
Hereinafter, when the user A1 who enters the security area 6 logs in to the business terminal 5, the business terminal 5 inputs the ID “user A” of the user A1 and the password of the user A1, and the user authentication device The case of transmitting to 2 will be described.

<S11 to S12: User identification processing>
First, the authentication information acquisition apparatus 21 receives user identification information from an electronic device (S11).
For example, the authentication information acquisition device 21 receives the ID “user A” of the user A1 and the password of the user A1 from the business terminal 5.

Next, the authentication information determination apparatus 22 collates the user identification information received by the authentication information acquisition apparatus 21 in the process S11 with the user information DB 42 (S12).
For example, the authentication information determination device 22 searches the user information DB 42 using the ID “user A” of the user A1 as a search key, and the password set in the record extracted by the search and the authentication information acquisition device 21 in step S11. Compare with the password received by. Then, the authentication information determination device 22 has a record of “user A” in the user information DB 42, and the password set in the record matches the password received by the authentication information acquisition device 21 in step S11. If it is determined that the verification is OK, it is determined that the verification is NG.

<S13 to S17: User Authentication Process>
Next, the token analysis device 23 acquires the token of the user from the token management DB 41 based on the user identification information received by the authentication information acquisition device 21 in step S11 (S13).
For example, the token analysis device 23 searches the token management table 44 (see FIG. 1) stored in the token management DB 41 and extracts a record whose “user ID” is “user A”. Then, the token analysis device 23 acquires the token ID “token A” set in the extracted record.

Next, the rule analysis device 24 acquires an authentication rule from the token management DB 41 based on the token acquired by the token analysis device 23 in process S13 (S14).
For example, when the token ID acquired by the token analysis device 23 in process S13 is “token A”, the rule analysis device 24 searches the token-rule management table 45 (see FIG. 1) stored in the token management DB 41. Then, a record whose “token ID” is “token A” is extracted. Then, the rule analysis device 24 acquires the rule ID “rule 1” set in the extracted record.

Next, the authentication information determination device 22 acquires the authentication content from the authentication rule information DB 43 based on the authentication rule acquired by the rule analysis device 24 in the process S14 (S15).
For example, when the ID of the authentication rule acquired by the rule analysis device 24 in process S14 is “rule 1”, the authentication information determination device 22 stores the rule content management table 46 (see FIG. 6) stored in the authentication rule information DB 43. ) To extract a record whose “rule ID” is “rule 1”. And the authentication information determination apparatus 22 acquires the authentication content set to the extracted record. Hereinafter, a case where the authentication information determination device 22 acquires the authentication content set in the record whose “rule ID” is “rule 1” in FIG. 6 will be described.

Next, the authentication information determination device 22 determines the authentication condition indicated by the authentication content acquired in step S15 (S16).
For example, if there is no “authentication condition” of the authentication content acquired in step S15, the authentication information determination device 22 determines that the authentication is OK. Also, if there is an “authentication condition” that does not match the “authentication condition”, for example, if “date and time” and “number of times” defined as “use period” are exceeded, the authentication information determination device 22 It determines with authentication NG.
In this embodiment, “token presence / absence” is not used as the authentication condition. The case where “token presence / absence” is used as an authentication condition will be described in Embodiment 3 and Embodiment 5 described later.

And the authentication information acquisition apparatus 21 transmits an authentication result to an electronic device based on the collation result which the authentication information determination apparatus 22 collated in process S12, or the determination result which the authentication information determination apparatus 22 determined in process S16 (S17). ).
If the authentication information determination device 22 determines that the authentication is OK in step S16, the authentication information acquisition device 21 sets the “use authority” of the authentication content acquired by the authentication information determination device 22 in S15 as the authentication result and sets the authentication result in the business terminal 5. Send. For example, if the “usage authority” is the user “person”, the device ID “business terminal 5”, and the authority “usable”, the authentication information acquisition apparatus 21 transmits “usable” to the business terminal 5 as an authentication result. To do.
Further, when the authentication information determination device 22 determines that the verification is NG in the process S12 or when the authentication information determination device 22 determines that the authentication is NG in the process S16, the authentication information acquisition device 21 sets “unusable” as the authentication result as a business terminal Send to 5.

Thereafter, the electronic device that has received the authentication result from the authentication information acquisition device 21 operates in accordance with the authentication result.
For example, when the business terminal 5 receives “available” from the authentication information acquisition apparatus 21 as an authentication result, the business terminal 5 subsequently processes a processing command (such as an application operation) input from the user A1. That is, the user A1 can operate the business terminal 5.
Further, for example, when the business terminal 5 receives “unusable” from the authentication information acquisition device 21 as an authentication result, the business terminal 5 displays on the display device that the login by the user A1 is illegal and accepts a processing instruction other than login. Absent. That is, the user A1 cannot operate the business terminal 5.

  This embodiment is an authentication system that performs authentication based on tokens for devices that require authentication of the user A1, such as the business terminal 5, and issues an electronic token by adding a rule for authentication. An authentication system has been described in which the attribute and authentication rule of the user A1 are verified based on the authentication rule, and authentication is possible based on an authentication rule that is not fixed to the device.

  The authentication system of the present embodiment monitors the status of users and devices such as entering / leaving rooms according to the use of devices such as the business terminal 5, and dynamically issues a token issuing function ( A token generating device 3).

  In this embodiment, an authentication system has been described in which an authentication rule for each device and application is added to an electronic token that gives permission to use the device and application. By analyzing the authentication rule added to the token in the authentication system, security can be enhanced.

Embodiment 2. FIG.
FIG. 9 is a conceptual diagram illustrating a schematic configuration of the authentication system and the authentication method according to the second embodiment.
In the first embodiment, the registration point of the token is only the door 4, but the second embodiment is an example in which the business terminal 5 is added to the registration point of the token. In the second embodiment, when the user A1 starts using the business terminal 5, the token is deleted and newly generated.
Hereinafter, items different from the first embodiment will be described, and items not described will be the same as those of the first embodiment.

FIG. 10 is a flowchart showing a token registration process executed by the token generation device 3 according to the second embodiment.
A token registration process executed by the token generation device 3 according to the second embodiment will be described below with reference to FIG.
Each device constituting the token generating device 3 executes processing described below using the CPU 911.

In FIG. 10, processes S21 to S26 correspond to processes S1 to S6 in the first embodiment (FIG. 7), respectively.
In the second embodiment, in the rule requirement management table 48 (FIG. 5), when the “generation rule ID” has a set value, a token indicating the rule is generated and registered as in the first embodiment (see FIG. 5). In addition to S25 and S26), when the “deletion rule ID” has a set value, the registered token indicating the rule is deleted (S27).
A specific example will be described below with reference to FIG.

Here, as in the specific example described in the first embodiment, the door 4 notifies the token generation device 3 that the user A1 who has given the room permission by any authentication process has entered the security area 6. And In addition, it is assumed that a user B1a who has not received a room entry permission enters the security area 6 illegally when the user A1 enters the room.
Then, the token generation device 3 executes the following processing as in the first embodiment.

  First, the state monitoring device 31 detects that the user A1 has entered the security area 6 from the door 4 by a notification from the door 4 (S21), and detects it by referring to the token registration point management table 47 [FIG. 4]. It is determined that the room entry [item 1] from the door 4 is a token registration point (S22).

  Next, the generation device 32 acquires the attribute (type “employee”, affiliation “A section”) of the user A1 from the user information DB 42 (S23), refers to the rule requirement management table 48 [FIG. The generation rule ID “rule 1” [item number 1] corresponding to the registration point and the attribute of the user A1 is selected (S24).

  Then, the generation device 32 generates a token ID “token A” (S25), and the registration device 33 associates “token A” with “rule 1” in the token management table 44 and the token-rule management table 45. Register for A1 (S26).

  Next, the user B1a who is registered with "Token A" with the permission to enter the room uses the business terminal 5 and the user B1a who enters the room illegally and is not registered with "Token A" uses the business terminal 5. The token registration process (FIG. 10) in the case of performing will be described.

  First, a token registration process in the case where a user A1 who has been registered with “token A” upon receiving an entry permission uses the business terminal 5 will be described with reference to FIG. Here, as a premise for explanation, the user A1 registered with “token A” can use the business terminal 5 because the user authority is given by the user authentication process (FIG. 8).

  In the second embodiment, when the user A1 starts using, the business terminal 5 whose state has changed from the login waiting state to the available state notifies the token generating device 3 that the user A1 has started using the business terminal 5. .

  In the token generation device 3, the state monitoring device 31 detects that the user A1 has started using the business terminal 5 based on the notification from the business terminal 5 (S21), and refers to the token registration point management table 47 [FIG. 4]. Then, it is determined that the detected usage start [item 6] of the business terminal 5 is a token registration point (S22).

  Next, the generation device 32 acquires the attribute (type “employee”, affiliation “A section”) of the user A1 from the user information DB 42 (S23), refers to the rule requirement management table 48 [FIG. The generation rule ID “rule 2” and the deletion rule ID “rule 1” [item number 8] corresponding to the registration point and the attribute of the user A1 are selected (S24).

  Then, the generation device 32 generates a new unique token ID “token B” (S25), and the registration device 33 sets “token B” to “rule 2” in the token management table 44 and the token-rule management table 45. The user A1 is associated and registered (S26).

  In FIG. 6, “Rule 2” indicates that the user has the right to leave the security area 6 through the door 4.

Further, the registration device 33 executes the process S27 as follows.
First, the registration apparatus 33 extracts a record in which the ID “user A” of the user A1 is “user ID” from the token management table 44, and the “token ID” set in the extracted record of the token management table 44. Is obtained.
Next, the registration device 33 extracts a record having the acquired token ID as “token ID” from the token-rule management table 45.
Then, the registration device 33 deletes the record having “rule 1” as “rule ID” from the extracted records of the token-rule management table 45 and also deletes the token ID “of the record of the deleted token-rule management table 45”. The token A ″ is deleted from the record of the user A1 extracted from the token management table 44.

Thereafter, the user A1 to whom the “token B” indicating “rule 2” is registered is given the authority to leave the security area 6 through the door 4 by the user authentication process (FIG. 8).
Further, the user A1 from whom the “token A” indicating “rule 1” has been deleted cannot use the business terminal 5 again.

  Next, a token registration process when a user B1a who has illegally entered a room and has not registered “token A” uses the business terminal 5 will be described with reference to FIG. As a premise of the description here, the business terminal 5 that has been logged in from the user B1a to whom “Token A” is not registered is authenticated by the user authentication device 2 by the user authentication process (FIG. 8). Will be notified.

  In the second embodiment, when the user B1a logs in, the business terminal 5 whose state has changed from the login waiting state to the authentication NG state notifies the token generating device 3 that the user B1a has changed the business terminal 5 to authentication NG. Notice.

  In the token generation device 3, the state monitoring device 31 detects that the user B1a has authenticated the business terminal 5 by the notification from the business terminal 5 (S21), and stores the token registration point management table 47 [FIG. 4]. Referring to this, it is determined that the detected authentication NG [item number 7] of the business terminal 5 is a token registration point (S22).

  Then, the generation device 32 acquires the attribute (type “employee”, affiliation “A section”) of the user B1a from the user information DB 42 (S23), refers to the rule requirement management table 48 [FIG. 5], and registers the token. The generation rule ID “rule 3” [item number 10] corresponding to the point and the attribute of the user A1 is selected (S24).

  Next, the generation device 32 generates a new unique token ID “token C” (S25), and the registration device 33 stores the token-rule management table 45 in association with “token C” and “rule 3”. A record is registered, and “token C” is registered for all users (user A1 and user B1a) registered in the token management table 44 (S26).

  In FIG. 6, “Rule 3” indicates that there is no authority to leave the security area 6 through the door 4.

Further, the registration device 33 executes the process S27 as follows.
First, the registration apparatus 33 extracts a record in which the ID “user A” of the user A1 is “user ID” from the token management table 44, and the “token ID” set in the extracted record of the token management table 44. Is obtained.
Next, the registration device 33 extracts a record having the acquired token ID as “token ID” from the token-rule management table 45.
Then, the registration device 33 deletes the record having “rule 1” as “rule ID” from the extracted records of the token-rule management table 45 and also deletes the token ID “of the record of the deleted token-rule management table 45”. The token A ″ is deleted from the record of the user A1 extracted from the token management table 44.
At this time, the registration device 33 removes the “token C (rule 3)” registered in step S26 from the token to be deleted.

Thereafter, the user A1 and the user B1a in which the “token C” indicating “rule 3” is registered are given the authority to leave the security area 6 through the door 4 by the user authentication process (FIG. 8). Absent.
Further, the user A1 from whom the “token A” indicating “rule 1” has been deleted cannot use the business terminal 5.

  The authentication system according to the present embodiment monitors the status of users and devices according to the start / end of the use of devices such as the business terminal 5, and dynamically deletes electronic tokens (token generation) Device 3).

  In the present embodiment, even if the user B1a impersonates the user A1 and tries to illegally use the business terminal 5 in the security area 6, the business terminal 5 cannot be used because the necessary token does not exist. . In addition, because of illegal use, all the people in the room (user A1 and user B1a) possess a token in which a rule prohibiting the passage of the door 4 is set, so that the user cannot leave the room. As a result, it is possible to prevent unauthorized use of the business terminal 5 even if it is illegally entered, and to further enhance security by allowing unauthorized persons to be identified by confining unauthorized persons in the room. Become.

Embodiment 3 FIG.
FIG. 11 is a conceptual diagram illustrating a schematic configuration of the authentication system and the authentication method according to the third embodiment.
This embodiment relates to the operation of the business terminal 5 by the user B7b who does not have the usage authority in the security area 6 that handles confidential information separated by the door 4.
For example, when the user B7b, who is usually a non-employee who does not have usage authority, works with the user A7a, who is an employee, the authentication system has the convenience of giving the authority to use the business terminal 5. I want to let
Therefore, in the present embodiment, an example will be described in which a relation between users that authentication is performed based on a token registered for another user is set in the token.
Hereinafter, matters different from those in the first embodiment and the second embodiment will be described, and matters not described will be the same as those in the first embodiment or the second embodiment.

FIG. 12 is a flowchart showing the inter-user authentication determination process executed by the user authentication device 2 according to the third embodiment.
The user authentication device 2 according to the third embodiment is characterized by the process “the authentication information determination device 22 determines the authentication condition” in the process S16 in the user authentication process (FIG. 8) described in the first embodiment to be executed. Have Details of the process S16 executed by the user authentication device 2 in the third embodiment will be described below as an inter-user authentication determination process based on FIG.
Each device constituting the user authentication device 2 executes processing described below using the CPU 911.

Here, as a precondition in the following description, when the user A7a, who is an employee belonging to the B section, enters the room through the door 4 by the token registration process (FIG. 7 or FIG. 10), It is assumed that “token D” indicating rule 4 ”is registered. “Rule 4” indicates that the authority to use the business terminal 5a and the business terminal 5b is given to the person (user A7a) as shown in FIG.
Further, it is assumed that when the user B7b who is a non-employee enters the room through the door 4, "Token E" indicating "Rule 5" is registered for the user B7b. As shown in FIG. 6, “Rule 5” is based on the condition that another user (user A 7 a) has a token indicating “Rule 6” with respect to the person (user B 7 b). It also indicates that the authority to use the business terminal 5b is given.
Further, when the user A7a who has been given the use authority by the “token D” indicating “rule 4” starts using the business terminal 5a, the “token F” indicating “rule 6” to the user A7a. Is registered. “Rule 6” indicates that the authority to use the business terminal 5a and the business terminal 5b is given to another person (user B7b) as shown in FIG.
As a result, as shown in FIG. 11, “token D (rule 4)” and “token E (rule 6)” are registered for user A7a, and “token F (rule 5) is registered for user B7b. ) ”Is registered.

As shown in FIG. 11, when the user B7b logs in to the business terminal 5b when the token is registered, the token analysis device 23 is registered with the user B7b in the user authentication process (FIG. 8). (S13), the rule analysis device 24 acquires “Rule 5” indicated by “Token F” (S14), and the authentication information determination device 22 acquires the authentication content of “Rule 5”. (S15).
And since the authentication content acquired in process S15 uses the token (rule 6) of another person (user A7a) as the authentication condition, the authentication information determination apparatus 22 uses the authentication determination process between users (FIG. 12), S16 is executed.

First, the token analysis device 23 acquires tokens registered for other users from the token management table 44 (S41).
At this time, according to the precondition, the token acquired by the token analysis device 23 includes “token F” registered for the user A7a.

Next, the rule analysis device 24 acquires a rule corresponding to the token of the other user acquired in the process S41 from the token-rule management table 45 (S42).
At this time, according to the precondition, the rule acquired by the rule analysis device 24 includes “rule 6” associated with “token C”.

Next, the authentication information determination device 22 determines whether a rule corresponding to the authentication condition exists in the rule indicated by the token of the other user acquired in the process S42 (S43).
At this time, based on the precondition, the authentication information determination device 22 determines that “rule 6” corresponding to the authentication condition exists in the rule acquired in step S42.

If it is determined in step S43 that the corresponding rule exists, the authentication information determination device 22 sets the use authority in the authentication result (S44).
At this time, according to the precondition, the authentication information determination device 22 gives the right to use the “rule 5” indicated by the “token E” registered for the user B7b (use of the business terminal 5b by the user B7b). Set in the authentication result. In step S17 of the user authentication process (FIG. 8), the authentication result is notified to the business terminal 5b, and the user B 7b can use the business terminal 5b.

If it is determined in step S43 that the corresponding rule does not exist, the authentication information determination device 22 sets use prohibition (no use authority) as an authentication result (S45).
For example, when the user A7a ends the use of the business terminal 5a, the registration of “token F” indicating “rule 6” is deleted by the token registration process (FIG. 10) (items 8 and 5 in FIG. 4). In step S43, the authentication information determination apparatus 22 determines that “rule 6” does not exist. In this case, the authentication information determination device 22 sets the use prohibition in the authentication result. In step S17 of the user authentication process (FIG. 8), the authentication result is notified to the business terminal 5b, and the user B 7b cannot use the business terminal 5b.

  The authentication system according to the present embodiment issues an electronic token having an authentication rule that can describe a relationship between users in the electronic token authentication rule.

In the present embodiment, since the user A7a is an employee, he / she has the authority to handle the work terminal 5 in the security area 6 and perform work. Further, since the user B 7 b is a non-employee, the user B 7 b does not have the authority to use the business terminal 5 alone in the security area 6. However, the user B7b is in the security area 6 only when an employee who has the authority to use the business terminal 5 (user A7a) is in the room and the employee is operating another business terminal 5. Has authority to use the business terminal 5.
By applying this embodiment, the authentication system can prevent unauthorized use of devices and applications such as the business terminal 5 by an unauthorized user B7b in the security area 6 that handles confidential information. . In addition to preventing unauthorized use, the authentication system can have the convenience of giving the use authority to the user B7b when the user A7a having the use authority is present in the security area 6.

Embodiment 4 FIG.
FIG. 13 is a conceptual diagram illustrating a schematic configuration of an authentication system and an authentication method according to the fourth embodiment.
In this embodiment, the operation is limited to the operation of the business terminal 5 by the user A1 in the security area 6 that handles confidential information separated by the door 4. Further, the present invention relates to authentication performed based on a plurality of tokens. Further, the present invention relates to authentication performed based on a token having a use period such as date and time as an authentication condition.
For example, the user A1 is an employee who is seconded to a customer for a long time. Since user A1 is an employee, he usually has the authority to use business terminal 5, but since he is usually an employee working at the customer's site, user A1 restricts the use of business terminal 5 in security area 6 by user A1. Want to.
Therefore, in the present embodiment, a token to which a rule that serves as a base for the authentication rule is registered in advance, and the logical product of the authentication result for the token registered in advance and the authentication result for the token registered when entering the room from the door 4 To determine the authentication result.
Hereinafter, matters different from those in the first embodiment and the second embodiment will be described, and matters not described will be the same as those in the first embodiment or the second embodiment.

FIG. 14 is a flowchart illustrating a multi-token authentication determination process executed by the user authentication device 2 according to the fourth embodiment.
The user authentication apparatus 2 according to the fourth embodiment is characterized by the process “the authentication information determination apparatus 22 determines the authentication condition” in the process S16 in the user authentication process (FIG. 8) described in the first embodiment to be executed. Have Details of the process S16 executed by the user authentication device 2 in the fourth embodiment will be described below as a multi-token authentication determination process based on FIG.
Each device constituting the user authentication device 2 executes processing described below using the CPU 911.

In the fourth embodiment, token registration is performed in advance as described above. The following description is based on the precondition that the administrator C7c has registered “token G” indicating “rule 7 (or rule 11)” with the user A1 from the management terminal 10. As shown in FIG. 6, this “rule 7” indicates that the right to use the business terminal 5 is given to the person (user A1) for up to N days. “Rule 11” indicates that the authority to use the business terminal 5 is given up to M times to the person (user A1) as shown in FIG.
Further, as a precondition for the following explanation, when the user A1 who is an employee belonging to the A section enters the room through the door 4 by the token registration process (FIG. 7 or FIG. 10), a “rule” is given to the user A1. It is assumed that “token H” indicating “1” is registered. “Rule 1” indicates that the authority to use the business terminal 5 is given to the person (user A1) as shown in FIG.
As a result, as shown in FIG. 13, it is assumed that “token G (rule 7 or rule 11)” and “token H (rule 1)” are registered for user A1.

As shown in FIG. 13, when the user A1 logs in to the business terminal 5 when the token is registered, the token analysis device 23 is registered with the user A1 in the user authentication process (FIG. 8). "Token G" and "token H" are acquired (S13), and the rule analysis device 24 "rule 7 (or rule 11)" indicated by "token G" and "rule 1" indicated by "token H" (S14), and the authentication information determination device 22 acquires the authentication contents of "Rule 7 (or Rule 11)" and "Rule 1" (S15).
And since the number of tokens acquired in the process S13 is plural, the authentication information determination apparatus 22 executes the process S16 by the inter-user authentication determination process (FIG. 14) described below.

First, the authentication information determination device 22 determines whether or not authentication determination has been performed for all tokens acquired in step S13 (S61).
At this time, the authentication information determination apparatus 22 determines that “token G” and “token H” have not been authenticated according to the precondition.

If it is determined in step S61 that there is a token that has not been authenticated, the authentication information determination device 22 selects one token that has not been authenticated (S62).
For example, the authentication information determination device 22 selects “token G”.

Next, the authentication information determination device 22 performs authentication determination for the token selected in step S62 (S63).
At this time, the authentication information determination device 22 performs authorization determination based on the authentication content of “Rule 7 (or Rule 11)” indicated by “Token G” acquired in the process S15. If “Token G” indicates “Rule 7” and the date is before N days, the authentication information determination device 22 determines that “authentication is OK (user A1 can use the business terminal 5 until N days)”. If “token G” indicates “rule 7” and the date exceeds N days, the authentication information determination device 22 determines that it is “authentication NG”. If “token G” indicates “rule 11” and the number of times the business terminal 5 is used is M or less, the authentication information determination device 22 can authenticate OK (user A1 can use the business terminal 5 up to M times. ), And the use frequency of the business terminal 5 based on “token G” is increased by 1. The usage count of the business terminal 5 based on “token G” is set in “token G” or in the “token G” record in the token management table 44. If “token G” indicates “rule 11” and the usage count of the business terminal 5 exceeds M times, the authentication information determination device 22 determines that it is “authentication NG”.

  Next, returning to the process S61, the authentication information determination device 22 determines that the authentication determination for the “token H” is not made (S61).

  The authentication information determination apparatus 22 that has determined that the authentication determination for “token H” has not been performed in process S61 selects “token H” (S62).

  Next, the authentication information determination device 22 is “authentication OK (user A1 can use the business terminal 5)” based on the authentication content of “rule 1” indicated by “token H” acquired in step S15. (S63).

  Next, it returns to process S61 again, and the authentication information determination apparatus 22 determines with there being no token which has not been authenticated (S61).

If it is determined in step S61 that there is no token that has not been authenticated, the authentication information determination device 22 determines an authentication determination result based on the logical product of the authentication determination results for all tokens (S64).
At this time, if the authentication determination result for both “token G” and “token H” is “authentication OK”, the authentication information determination device 22 determines the authentication determination result to be “authentication OK”.

When the authentication determination result is determined as “authentication OK” in the process S64, the authentication information determination device 22 sets the use authority to the authentication result based on the logical product of the use authorities for all tokens (S65).
At this time, in the authentication information determination device 22, the usage authority based on “Token G” is “User A1 can use business terminal 5 until N days”, and the usage authority based on “Token H” is “User A1 Since “business terminal 5 can be used”, “user A1 can use business terminal 5 until N days” is set in the authentication result. Then, in step S17 of the user authentication process (FIG. 8), the authentication result is notified to the business terminal 5, and the user A1 can use the business terminal 5 for up to N days.

If the authentication determination result is determined as “authentication NG” in step S64, the authentication information determination device 22 sets use prohibition (no use authority) as the authentication result (S66).
For example, when the current date is after the Nth day, or when the number of uses of the business terminal 5 exceeds M times, the authentication information determination device 22 sets the use prohibition as the authentication result. Then, the authentication result is notified to the business terminal 5 in the process S17 of the user authentication process (FIG. 8), and the user A1 cannot use the business terminal 5.

  In the present embodiment, the authentication system and the authentication method that enable the temporary use of the user by temporarily adding the use authority of the device and the application to the authentication rule added to the token have been described.

The authentication system of the present embodiment issues an electronic token for authentication to the user according to the usage status of the user's device, and authenticates based on the information of the multiple token. I do.
In addition, the authentication system of the present embodiment designates an expiration date / number of times of use as an authentication condition for an authentication rule attached to an electronic token, and if that condition is satisfied, the user's device usage is controlled. Make it possible.

In this embodiment, by performing authentication determination based on a plurality of tokens, and by performing authentication determination based on a token having a usage period as an authentication condition, a specific restriction is imposed on a specific user. Usage authority can be given to the original.
Further, in the present embodiment, the authentication information determination device 22 determines the final authentication determination result by determining the “logical product” of the authentication determination results for a plurality of tokens (S64). The usage authority “logical product” is given to the user (S65). However, the authentication information determination apparatus 22 determines the final authentication determination result by determining the “logical sum” of each authentication determination result for a plurality of tokens (S64), and the “logical sum” of the usage authority of each of the plurality of tokens. May be used (S65). Thereby, in this Embodiment, the use authority which relaxed the specific restrictions can be given with respect to a specific user.

  In the present embodiment, the administrator C7c registers the token in advance, but the registered token is deleted when a specific token registration point is detected in the token registration process (FIG. 10). By defining the token registration point management table 47 and the rule requirement management table 48 as described above, post processing for a token registered in advance becomes unnecessary. In other words, in the present embodiment, it is possible to eliminate the work of returning a table updated to temporarily give a specific usage right to the original contents after the elapse of the period. For example, the authentication system according to the present embodiment includes a token registration point management table 47 in which “exit” from “door 4” is set as a token registration point as shown in item number 2 in FIG. As shown in FIG. 4, it is preferable to have a rule requirement management table 48 in which deletion of all rules is set in a “registration rule” in which “exit” from “door 4” is a “registration point” of a token. Thereby, when the user A1 leaves the door 4, the token generating device 3 can delete the previously registered “token G” in the process S27 of the token registration process (FIG. 10). That is, the subsequent work of the administrator C7c deleting “token G” becomes unnecessary.

Embodiment 5 FIG.
FIG. 15 is a conceptual diagram illustrating a schematic configuration of an authentication system and an authentication method according to the fifth embodiment.
In the fourth embodiment, authentication by a plurality of tokens is individually verified, and the authority to use devices and applications is given based on the logical product of the verification results.
In the present embodiment, the authority to use devices and applications is given based on tokens that cooperate with each other.
In the present embodiment, the operation for the second token to be issued next is set in the issued first token.
In the present embodiment, the token registration points are the door A4a, the door B4b, and the business terminal 5. In the present embodiment, the door is based on the token registered when entering from the door A4a, the token registered when entering from the door B4b, and the token registered when the use of the business terminal 5 is terminated. The authority to leave the room from B4b is given.

FIG. 16 is a flowchart showing inter-device authentication determination processing executed by the user authentication device 2 according to the fifth embodiment.
The user authentication device 2 according to the fifth embodiment is characterized by the process “the authentication information determination device 22 determines the authentication condition” of S16 in the user authentication processing (FIG. 8) described in the first embodiment to be executed. Have. Details of the process S16 executed by the user authentication device 2 in the fifth embodiment will be described below as an inter-apparatus authentication determination process based on FIG.
Each device constituting the user authentication device 2 executes processing described below using the CPU 911.

Here, as a precondition in the following description, when the user A1 who is an employee belonging to the A section enters the security area A6a from the door A4a by the token registration process (FIG. 7 or FIG. 10), the user A1 It is assumed that “token I” indicating “rule 8” is registered. “Rule 8” indicates that the person (user A1) is authorized to enter from the door B4b as shown in FIG.
In addition, when the user A1 who is authorized by the “token I” enters the security area B6b through the door B4b, “token J” indicating “rule 1” and “rule 9” is registered to the user A1. It shall be assumed. As shown in FIG. 6, “Rule 1” indicates that the right to use the business terminal 5 is given to the person (user A1). Also, “Rule 9” gives the person (user A1) the right to leave the door B4b on condition that the tokens indicating “Rule 1”, “Rule 8”, and “Rule 10” are provided. It shows that.
Further, it is assumed that when the user A1 who has obtained the authority by the “token J” ends the use of the business terminal 5, “token K” indicating “rule 10” is registered for the user A1. “Rule 10” indicates that the person (user A1) is authorized to leave the door B4b as shown in FIG.
As a result, as shown in FIG. 15, “token I (rule 8)”, “token J (rule 1, rule 9)” and “token K (rule 10)” are registered for user A1. It shall be.

As shown in FIG. 15, when the user A1 leaves the door B4b when the token is registered, the token analysis device 23 is registered for the user A1 in the user authentication process (FIG. 8). “Token I”, “Token J” and “Token K” are acquired (S13), and the rule analysis device 24 “Rule 8” indicated by “Token I”, “Rule 1” indicated by “Token J” and “Rule” “Rule 10” indicated by “9” and “Token K” is acquired (S14), and the authentication information determination device 22 acquires the authentication contents of “Rule 8”, “Rule 1”, “Rule 9”, and “Rule 10”. (S15).
The authentication information determination device 22 uses the presence or absence of a token indicating that the authentication content of “rule 9” acquired in step S15 indicates “rule 1”, “rule 8”, and “rule 10” as an authentication condition. The process S16 is executed by the inter-user authentication determination process (FIG. 16) to be described.

First, the authentication information determination device 22 determines whether a rule corresponding to the authentication condition exists in the rule acquired in the process S15 (S71).
At this time, based on the precondition, the authentication information determination device 22 determines that “rule 1”, “rule 8”, and “rule 10” corresponding to the authentication condition exist in the rule acquired in step S15.

If it is determined in step S71 that the corresponding rule exists, the authentication information determination apparatus 22 sets the use authority in the authentication result (S72).
At this time, the authentication information determination device 22 authenticates the use authority of “rule 9” indicated by the “token J” registered for the user A1 (user A1 is permitted to leave the door B4b) according to the precondition. Set to result. In step S17 of the user authentication process (FIG. 8), the authentication result is notified to the door B4b, and the user A1 can leave the security area B6b through the door B4b.

If it is determined in step S71 that the corresponding rule does not exist, the authentication information determination device 22 sets use prohibition (cannot leave the room) as an authentication result (S45).
For example, if the user A1 has not logged out (end of use) the business terminal 5, since the “rule 10” does not exist, the authentication information determination device 22 sets the use prohibition in the authentication result. In step S17 of the user authentication process (FIG. 8), the authentication result is notified to the door B4b, and the user A1 cannot leave the security area B6b through the door B4b.

  In the present embodiment, by providing the authentication rule for adding linkage information between tokens, multiple rules are authenticated for the device and application, and the user is allowed to pass the door and operate the device in a legitimate procedure. I can do things. Thus, the present embodiment provides a means for preventing authentication that does not follow the procedures such as impersonation.

  In the present embodiment, since the user using the business terminal 5 cannot leave the room unless the use of the business terminal 5 is terminated, the user having the use right leaves the room without forgetting to log out from the business terminal 5. Unauthorized use such that a user who does not have the use authority uses the business terminal 5 in the login state (usable state) can be prevented.

1 is a conceptual diagram illustrating a schematic configuration of an authentication system and an authentication method according to Embodiment 1. FIG. FIG. 3 is a diagram illustrating an example of hardware resources of a user authentication device 2 and a token generation device 3 according to the first embodiment. FIG. 3 is a functional configuration diagram of the authentication system in the first embodiment. FIG. 6 shows an example of a token registration point management table 47 in the first embodiment. FIG. 6 is a diagram illustrating an example of a rule requirement management table 48 according to the first embodiment. FIG. 5 is a diagram showing an example of a rule content management table 46 according to the first embodiment. 6 is a flowchart illustrating token registration processing executed by the token generation device 3 according to the first embodiment. 5 is a flowchart showing user authentication processing executed by the user authentication device 2 according to the first embodiment. The conceptual diagram which illustrated schematic structure of the authentication system in Embodiment 2, and the authentication method. 10 is a flowchart showing token registration processing executed by the token generation device 3 according to the second embodiment. The conceptual diagram which illustrated schematic structure of the authentication system and authentication method in Embodiment 3. FIG. 10 is a flowchart showing an inter-user authentication determination process executed by the user authentication device 2 according to the third embodiment. The conceptual diagram which illustrated schematic structure of the authentication system and authentication method in Embodiment 4. FIG. 10 is a flowchart showing a multi-token authentication determination process executed by the user authentication device 2 according to the fourth embodiment. The conceptual diagram which illustrated schematic structure of the authentication system in Embodiment 5, and an authentication method. 10 is a flowchart showing an inter-device authentication determination process executed by the user authentication device 2 according to the fifth embodiment.

Explanation of symbols

  1 User A, 1a User B, 2 User authentication device, 3 Token generation device, 4 Door, 4a Door A, 4b Door B, 5, 5a, 5b Business terminal, 6 Security area, 6a Security area A, 6b Security area B, 7a User A, 7b User B, 7c Administrator C, 10 Management terminal, 21 Authentication information acquisition device, 22 Authentication information determination device, 23 Token analysis device, 24 Rule analysis device, 31 Status monitoring device, 32 generation device, 33 registration device, 34 status management DB, 41 token management DB, 42 user information DB, 43 authentication rule information DB, 44 token management table, 45 token-rule management table, 46 rule content management table, 47 token Registration point management table, 48 rule requirement management table, 49 users Attribute information management table, 901 display device, 902 keyboard, 903 mouse, 904 FDD, 905 CDD, 911 CPU, 912 bus, 913 ROM, 914 RAM, 915 communication board, 920 magnetic disk device, 921 OS, 922 window system, 923 Program group, 924 file group.

Claims (8)

An authentication content storage unit that stores user attributes, user detection locations, and user authentication content for electronic devices in association with each other;
An attribute information acquisition unit for inputting user attribute information from an input device;
A user detection unit for detecting a user's location using a central processing unit;
Authentication content for acquiring the user authentication content for the electronic device from the authentication content storage unit based on the user attribute information acquired by the attribute information acquisition unit and the user detection location detected by the user detection unit An acquisition unit;
A token registration unit that stores, in a storage device, a token that is electronic data indicating a user's authentication content for the electronic device acquired by the authentication content acquisition unit;
A user authentication unit that notifies a user's usage authority to the electronic device using a communication device based on the authentication content indicated by the token stored by the token registration unit when the user uses the electronic device. An authentication apparatus characterized by that. The authentication apparatus according to claim 1, wherein the token registration unit stores a token indicating a user authentication content for another electronic device when the user uses the specific electronic device. The token registration unit, when using the user in the electronic device to which the user authentication unit is notified of the use authority, deletes the token indicating the authentication content of the user for the electronic device. The authentication device according to claim 1. The user authentication unit outputs a permission command permitting use by the user to the electronic device when it is determined using a central processing unit that satisfies a plurality of authentication conditions indicated by a plurality of tokens. The authentication apparatus in any one of Claims 1-3. The token registration unit stores a token whose authentication condition is the presence or absence of a specific token stored for other users,
The said user authentication part outputs the permission command which permits the use by the said user, when a specific token is memorize | stored with respect to the other user, The electronic device is characterized by the above-mentioned. 4. The authentication device according to any one of 4. The token registration unit stores a token having an authentication condition that is at least one of a use time limit for an electronic device and a use count for the electronic device,
The user authentication unit outputs, to the electronic device, a permission command for permitting use by the user when it is determined using the central processing unit that at least one of the use time limit and the use frequency indicated by the token is satisfied. The authentication apparatus according to claim 1, wherein: The attribute information acquisition unit performs the attribute information acquisition process to input the user's attribute information from the input device,
The user detection unit performs user detection processing for detecting the user's location using the central processing unit,
The authentication content acquisition unit, based on the user attribute information acquired by the attribute information acquisition unit and the user detection location detected by the user detection unit, user attributes, user detection location and electronic An authentication content acquisition process for acquiring the user authentication content for the electronic device from the authentication content storage unit that stores the user authentication content for the device in association with each other,
The token registration unit performs token registration processing for storing a token, which is electronic data indicating the authentication content of the user for the electronic device acquired by the authentication content acquisition unit, in a storage device,
A user who, when a user uses an electronic device, notifies a user's usage authority to the electronic device using a communication device based on the authentication content indicated by the token stored by the token registration unit. An authentication method for an authentication apparatus, characterized by performing authentication processing.   An authentication program for an authentication apparatus, which causes a computer to execute the authentication method according to claim 7.

Images