JP4931780B2 - Server, electronic device and permission management system - Google Patents

Description

  The present invention relates to a server, an electronic device, and a permission management system.

  2. Description of the Related Art Conventionally, a function that can be used by a user in an electronic device is restricted, and this restriction is removed by performing authentication in response to a request from the user. For this authentication, a user name and a password are often used. For example, it is indicated that a function is permitted according to an input password (see Patent Document 1).

  Here, in the case of electronic devices such as mobile phones, the use of applications such as browsers and e-mails by parents and company managers, for example, when parents are given to children or when employees are provided by the company, etc. It is desirable to limit

  However, if it is necessary to input a password as described above, it is necessary to go to an administrator who knows the password to receive the input in order to cancel the restriction. Furthermore, there is a possibility that the user will be released by trying to release it.

Therefore, it is necessary to adopt a method in which no password is input to the target electronic device. As a technique for this, for example, it has been proposed to set an access right from a remote location via a network by an administrator terminal (see Patent Documents 2 and 3). In particular, Patent Document 3 discloses that access request information is authenticated by interposing an access right setting device.
JP 2001-103078 A JP 2001-282625 A No. 01/082086

  However, since Patent Document 2 or 3 sets an access right by a specific administrator terminal, there may be a case where it is not possible to reply to the above-mentioned restriction release request from the electronic device in a timely manner.

  In other words, if the administrator is absent, the administrator terminal is turned off, or is out of the communicable area, etc., it is not possible to determine whether or not the restriction can be released, which is convenient for the user. There is a possibility of impairing sex.

  SUMMARY OF THE INVENTION Accordingly, an object of the present invention is to improve convenience when a user requests release of a function restriction in an electronic device.

  The server of the present invention is connected to a plurality of administrator terminal devices and user portable terminal devices via a network, and is used in the user portable terminal device in response to a request from the administrator terminal device. First transmission means for transmitting an authentication password for requesting release of the use restriction to the function for which the restriction is set, to the user portable terminal device, the user portable terminal device, and the user Storage means for storing the authentication password transmitted by the first transmission means and the data for identifying at least one terminal device for administrator as association data in association with the data for identifying the function for which use restriction is set In response to receiving a request for releasing the use restriction together with the authentication password from the portable terminal device for user, the storage means Request means for requesting a reply of permission data indicating whether or not to permit the release of the use restriction to each of the administrator terminal devices stored in association with each other, and returned in response to a request from the request means Determination means for determining whether or not to cancel the use restriction based on the permission data, and second transmission means for transmitting determination data indicating a result of the determination by the determination means to the user portable terminal device And comprising.

  Further, the storage means further stores flag data indicating whether or not permission from all of the administrator terminal devices stored in the association data is required to release the use restriction, and the determination means Has received the request when the flag data indicates that permission from all of the manager terminal devices is required for the function targeted by the request to release the use restriction received by the request means. In response to receiving a reply indicating permission to release the use restriction from all of the administrator terminal devices associated with the user portable terminal device, the decision is made to release the use restriction. It is preferable.

  Further, the permission data preferably includes designation information relating to a time or number of times when the use restriction is removed, and the decision means preferably includes the designation information in the decision data when it is decided to remove the use restriction. .

  In addition, when there are a plurality of terminal devices for managers in the association data, the storage unit receives and stores the priority order designation of each of the terminal units for managers, and the determining unit stores the permission Among the data indicating permission to release the use restriction, the designation information included in the permission data received from the administrator terminal device having the highest priority is selected as the determination data. Preferably included.

  Further, the storage means further stores rule data for determining whether or not to cancel the use restriction in the association data regardless of permission data from the manager terminal device, and the determination means Cancels the use restriction based on the stored rule data when it is not possible to determine whether or not to remove the use restriction based on the permission data received from the manager terminal device within a predetermined period. It is preferable to determine whether or not to do so.

  In addition, the electronic device of the present invention is connected to a server via a network, and an authentication password for requesting release of the use restriction is issued from the server to a function for which use restriction is set in the electronic device. A server that receives and stores the request for canceling the use restriction together with the authentication password stored by the storage means in response to receiving a request to execute the function for which the use restriction is set from a user. To each of the administrator terminal device stored in association with the request transmitted from the plurality of administrator terminal devices by the server in response to the request transmitted by the transmitting device. Requesting a reply of permission data indicating whether or not to permit the use restriction to be released, and determining the use system determined based on the returned permission data. The comprises receiving means for receiving a determination of whether the data is released, when the decision data received by said receiving means indicates that releasing the use restriction, and canceling means for canceling the use restriction, the.

  In the permission management system of the present invention, a server is connected to an administrator terminal device and a user portable terminal device via a network, and the server responds to a request from the administrator terminal device. In response, a first transmission for transmitting, to the user portable terminal device, an authentication password for requesting release of the use restriction for the function for which use restriction is set in the user portable terminal device. And an authentication password transmitted by the first transmission unit in association with data identifying the function, the user portable terminal device and the function for which the use restriction is set, and at least one administrator terminal device A request for releasing the use restriction together with the authentication password from storage means for storing identification data as association data and the user portable terminal device Requesting means for requesting a reply of permission data indicating whether or not to permit the release of the use restriction to each of the manager terminal devices stored in association with the storage means according to Deciding means for deciding whether or not to cancel the use restriction based on the permission data returned in response to the request from the request means, and a result of the decision by the deciding means on the user portable terminal device And second transmission means for transmitting determination data indicating the above.

  According to the present invention, it is possible to improve convenience when a user requests release of function restriction.

  Hereinafter, embodiments of the present invention will be described.

  FIG. 1 is a schematic diagram showing a configuration of a permission management system including a server (authentication server 10) and electronic devices (user terminal 20 and administrator terminal 30) according to the present invention.

  The user terminal 20 and the administrator terminal 30 are connected to the authentication server 10 via a predetermined network. Regarding the function for which use restriction is set in the user terminal 20, the authentication server 10 determines whether or not the use restriction can be canceled based on the permission data received from the administrator terminal 30, and notifies the user terminal 20.

  The user terminal 20 is, for example, a mobile phone given to a child by a parent, an employee's mobile phone provided by a company, or the like. By using the administrator terminal 30 used by the parents or the boss, it is possible to instruct to set or cancel the use restriction from a remote place for functions such as browser and mail in the user terminal 20. At this time, the authentication server 10 associates and authenticates the user terminal 20 and the administrator terminal 30, so that it can be expected to prevent an unauthorized use restriction from being released due to the administrator terminal 30 being camouflaged.

  The association between the user terminal 20 and the administrator terminal 30 is registered for each function for which usage restrictions are set, and it is assumed that there are a plurality of administrator terminals 30 for one function. The user terminal 20 can also function as the administrator terminal 30 for other electronic devices. Similarly, the administrator terminal 30 also functions as the user terminal 20 managed by other electronic devices. be able to.

  Hereinafter, the electronic devices (the user terminal 20 and the administrator terminal 30) will be described as mobile phones. However, the present invention is not limited to this, and PHS (Personal Handy Phone System), PDA (Personal Digital Assistant), portable navigation device, notebook personal computer. Etc.

  FIG. 2 is a block diagram showing the configuration of the authentication server 10. The control unit 110, the storage unit 120, the input unit 130, the display unit 140, and the communication unit 150 are connected to each other via a bus 160.

  The control unit 110 is an information processing unit (CPU) that performs calculation and processing of information, and controls the entire authentication server 10. The control unit 110 reads and executes various programs stored in the storage unit 120 as appropriate, thereby realizing various functions according to the present invention in cooperation with the hardware described above.

  The storage unit 120 may include a local memory used for executing a program in combination with the control unit 110, a large-capacity bulk memory, a cache memory used for efficiently searching the bulk memory, and the like. The computer readable medium that implements the storage unit 120 may include an electrical, magnetic, optical, or electromagnetic implementation.

  The storage unit 120 stores a later-described use restriction function table (FIG. 4) and an association information table (FIG. 5) along with a program executed by the control unit 110, and realizes processing according to the present invention.

  The input unit 130 receives input from the user and may include a keyboard, a pointing device, and the like.

  The display unit 140 displays a screen for accepting data input to the user or displays a screen of a calculation processing result by the authentication server 10. The display unit 140 displays a cathode ray tube (CRT) display, a liquid crystal display (LCD), or the like. Including.

  The communication unit 150 is a network adapter that enables the authentication server 10 to be connected to another arithmetic processing system or a storage device via a dedicated network or a public network. Communication with the user terminal 20 and the administrator terminal 30 is realized by the communication unit 150.

  FIG. 3 is a block diagram showing the configuration of the electronic apparatus (user terminal 20 and administrator terminal 30) according to the present invention.

  The control unit 210 is connected to the storage unit 220, the input unit 230, the display unit 240, and the communication unit 250, and controls each of them. Note that the configuration is not limited to this, and the hardware may be connected to each other via a bus, similarly to the authentication server 10.

  The storage unit 220 stores a control program according to the present invention and an application program for which usage restrictions are set as the user terminal 20. Similarly to the authentication server 10, a local memory used for executing the program, a bulk memory, and a cache memory used for efficiently searching the bulk memory may be included.

  The input unit 230 accepts input by the user, and an operation key group corresponds to this in a mobile phone. In response to an input to the input unit 230, the control unit 210 activates a specific application, and makes a cancellation request to the authentication server 10 when usage restrictions are set.

  The display unit 240 displays a screen associated with the execution of the application, or displays a screen for accepting data input to the user. The display unit 240 is a liquid crystal display (LCD), an organic EL (Electro Luminescence) display, or the like. Good.

  The communication unit 250 communicates with an external device using a predetermined use frequency band (for example, 800 MHz). Specifically, the signal received by the antenna is demodulated, and the processed signal is supplied to the control unit 210. Also, the signal supplied from the control unit 210 is modulated and transmitted to an external device via an antenna. A signal transmitted and received by the antenna is communicated with the authentication server 10 via a base station via a predetermined network, thereby realizing the function according to the present invention.

  FIG. 4 is a use restriction function table held in the authentication server 10, the user terminal 20, and the administrator terminal 30. Here, IDs are assigned to functions for which usage restrictions are set. For example, each of the cases where the use of the browser is prohibited or the browsing of a specific site by the browser is prohibited is identified by the ID.

  Note that the data of the use restriction function table is shared by the authentication server 10, the user terminal 20, and the administrator terminal 30. Specifically, when the administrator terminal 30 instructs the authentication server 10 to update data, the authentication server 10 updates the user terminal 20.

  FIG. 5 is an association information table held in the authentication server 10. This table stores a combination of administrator terminals 30 that can release the use restriction for the function for which use restriction is set in the user terminal 20.

  Furthermore, the authentication password for authenticating the cancellation request from the user terminal 20 and the conditions for permitting the cancellation by the authentication server 10 (total time or number of times that can be used for the month, and the usage time that is permitted to be used once) ) Is stored.

  Here, the condition for permitting the release is that the authentication server 10 automatically determines when the authentication server 10 cannot receive information from the administrator terminal 30 that can determine whether or not the permission is permitted. It is a rule. For example, regarding the use restriction of “0x00010001” (use of a browser at a specific site) on the user terminal 20A, if there is no permission from the administrator terminal 30A, the use is permitted for 3 minutes at a time, and a total of 15 minutes per month. Use permission can be given.

  Each of the functions for which usage restrictions are set in the user terminal 20 </ b> A is associated with a plurality of administrator terminals 30 (for example, 30 </ b> A and 30 </ b> B), and the authentication server 10 grants permission from each of the plurality of administrator terminals 30. And permission conditions (time or number of times) are received. A priority order is set for each of the plurality of administrator terminals 30, and the conditions (time and number of times) for permitting use of the user terminal 20A are given priority from a terminal with a higher priority order.

  Further, when a plurality of administrator terminals 30 are associated, flag data indicating whether or not permission from all the administrator terminals is required is held in all authentication fields. When all the authentications are “ON”, permission from all the associated administrator terminals 30 is necessary. For example, regarding the use restriction of “0x0040000” (specific application use), the administrator terminals 30A and 30B are used. It is canceled when it is approved by both parties. On the other hand, when all the authentications are “OFF”, it can be canceled only by permission from any one of the administrator terminals 30. For example, the use restriction of “0x00030001” (call with a specific partner) is managed. It is canceled by permission from either the user terminal 30A or 30B.

  FIG. 6 is a diagram showing a flow of processing for registering association with the user terminal 20A in the authentication server 10 in response to a request from the administrator terminal 30A or 30B.

  In step S <b> 101, the administrator terminal 30 </ b> A transmits a use restriction registration request for functions in the user terminal 20 </ b> A to the authentication server 10.

  In step S102, the authentication server 10 notifies the user terminal 20A of the ID of the use restriction function and the authentication password in response to the request in step S101.

  In step S103, the user terminal 20A stores the ID of the use restriction function notified in step S102 and the authentication password corresponding to the use restriction function. Thereafter, the user terminal 20A can use the stored authentication password to request cancellation of the use restriction.

  In step S104, the user terminal 20A notifies the authentication server 10 that the use restriction function and the authentication password have been stored in step S103.

  In step S105, the authentication server 10 stores association information between the administrator terminal 30A and the user terminal 20A in response to receiving the response notification in step S104. Specifically, a record is added to the association information table (FIG. 5), and the administrator terminal 30A that transmits a release request is registered for the function for which use restriction is set in the user terminal 20A.

  In step S106, the authentication server 10 transmits a completion notification that the association information has been stored in step S105 to the administrator terminal 30A.

  In step S107, a use restriction registration request is transmitted to the authentication server 10 by the administrator terminal 30B different from step S101.

  In steps S108 to S110, as in steps S102 to S104, the authentication server 10 notifies the user terminal 20A of the ID of the use restriction function and the authentication password, and the user terminal 20A uses the ID and authentication of the use restriction function. When the password is stored, a response notification is transmitted to the authentication server 10.

  If the use restriction function at this time is the same as that of the administrator terminal 30A, the authentication password is also the same, and the use restriction function ID and the authentication password are newly stored in the user terminal 20A. Absent.

  In step S111, the authentication server 10 additionally updates the association information. Specifically, a record is added to the association information table (FIG. 5), and the administrator terminal 30B that transmits a release request is additionally registered for the function for which use restriction is set in the user terminal 20A.

  In step S112, the authentication server 10 notifies the administrator terminal 30A that the association information has been registered in step S111. Note that this is a case where the same use restriction function is registered in the administrator terminals 30A and 30B. When different use restriction functions are registered, the administrator terminals 30A and 30B are irrelevant to each other. There is no need.

  In step S113, the authentication server 10 transmits a completion notification that the association information has been stored in step S111 to the administrator terminal 30B.

  FIG. 7 is a flowchart showing a flow of processing for registering association information in the authentication server 10. This flow starts when a use restriction registration request is received from the administrator terminal 30.

  In step S <b> 201, the control unit 110 determines whether association information has already been stored for the user terminal 20 as the requested use restriction target. If stored (YES), the process proceeds to step S205. If not stored (NO), the process proceeds to step S202.

  In step S202, the control unit 110 notifies the user terminal 20 of the ID of the use restriction function and the authentication password.

  In step S203, the control unit 110 waits for a response notification to the notification in step S202, and determines whether this response notification is OK. When the response notification is OK (YES), the process proceeds to step S204, and when the response notification is NG (NO), the process proceeds to step S212.

  In step S204, the control unit 110 updates the association information with the user terminal 20. Specifically, the record is additionally updated in the association information table (FIG. 5) stored by the storage unit 120.

  In step S <b> 205, the control unit 110 determines whether or not the received registration request is a new use restriction function in the user terminal 20. If it is new (YES), the process proceeds to step S206. If it is not new (NO), the process proceeds to step S208.

  In step S206, the control unit 110 notifies the user terminal 20 of the ID of the use restriction function and the authentication password in order to register a new use restriction function.

  In step S207, the control unit 110 waits for the notification in step S206 or the response notification for the additional registration of the administrator terminal 30, and determines whether this response notification is OK. If the response notification is OK (YES), the process proceeds to step S208. If the response notification is NG (NO), the process proceeds to step S212.

  In step S208, the control unit 110 updates the association information with the user terminal 20. Specifically, the record is additionally updated in the association information table (FIG. 5) stored by the storage unit 120.

  In step S209, the control unit 110 determines whether there is another administrator terminal 30 associated with the same use restriction function for the association registered in step S208. If it exists (YES), the process proceeds to step S210, and if it does not exist (NO), the process proceeds to step S211.

  In step S210, the control unit 110 notifies another administrator terminal 30 already associated with the same use restriction function that the association has been changed.

  In step S211, the control unit 110 notifies the administrator terminal 30 that has registered the association in step S204 or step S208 that the registration of the association has been successful (OK).

  In step S212, the control unit 110 has failed to obtain an OK response notification from the user terminal 20 in step S203 or step S207, so registration of the association has failed for the administrator terminal 30 that has received the registration request. A notification of completion (NG) is sent.

  With reference to FIGS. 8 to 13, the flow of processing when the user terminal 20 </ b> A makes a use restriction release request to the authentication server 10 will be described.

  FIG. 8 shows processing when the user terminal 20A is associated with only the administrator terminal 30A.

  When there is a use restriction release request from the user terminal 20A to the authentication server 10 (step S301), the authentication server 10 transmits a use restriction release request to the associated administrator terminal 30A (step S302). . The administrator terminal 30A notifies the authentication server 10 of the release result as to whether or not to permit the use restriction release request (step S303), and the authentication server 10 notifies the user terminal 20A according to the notification from the administrator terminal 30A. Release result notification is performed (step S304).

  Here, since the association is only the administrator terminal 30A, the authentication server 10 determines whether or not to cancel according to the cancellation result notification from the administrator terminal 30A.

  FIG. 9 shows processing when the user terminal 20A is associated with only the administrator terminal 30A and the administrator terminal 30A is outside the communicable range.

  When there is a use restriction release request from the user terminal 20A to the authentication server 10 (step S311), the authentication server 10 attempts to transmit a use restriction release request to the associated administrator terminal 30A (step S312). ). However, since the administrator terminal 30A is out of the service area, it cannot receive this use restriction release request. Therefore, the connection times out. Therefore, the authentication server 10 tries to transmit the use restriction release request again, but the connection timeout is repeated.

  After that, for a function that has made a use restriction release request, when a predetermined time is cut off until the desired start time of use, a condition for permitting release stored in the authentication server 10, that is, an association information table (FIG. 5). ) Is determined according to the automatic cancellation rule (step S313), and the cancellation result is notified to the user terminal 20A (step S314).

  FIG. 10 shows a process when the user terminal 20A is associated with the administrator terminals 30A and 30B and all authentication flags are ON. It is assumed that the priority order is higher for the administrator terminal 30A.

  When there is a use restriction release request from the user terminal 20A to the authentication server 10 (step S321), the authentication server 10 transmits a use restriction release request to the associated administrator terminals 30A and 30B (step S321). S322 and S324). The administrator terminals 30A and 30B notify the authentication server 10 of the release result as to whether or not to permit the use restriction release request (steps S323 and S325).

  The authentication server 10 determines whether or not the use restriction can be canceled based on the notifications from the administrator terminals 30A and 30B. Specifically, since all the authentication flags are ON, the cancellation is permitted only when both notifications permit the cancellation (step S326). In other words, when either one of the administrator terminals 30A and 30B does not permit the release, the authentication server 10 does not release the use restriction. Then, the determined release result is notified to the user terminal 20A (step S327).

  FIG. 11 shows processing when the user terminal 20A is associated with the administrator terminals 30A and 30B, and the administrator terminal 30A is outside the communicable area when all authentication flags are ON. It is assumed that the priority order is higher for the administrator terminal 30A.

  When there is a use restriction release request from the user terminal 20A to the authentication server 10 (step S331), the authentication server 10 attempts to transmit a use restriction release request to the associated administrator terminals 30A and 30B ( Steps S332 and S333).

  However, since the administrator terminal 30A is out of the service area, it cannot receive this use restriction release request. Therefore, the connection times out. Therefore, the authentication server 10 tries to transmit the use restriction release request again, but the connection timeout is repeated. On the other hand, in response to the use restriction cancellation request, the administrator terminal 30B notifies the authentication server 10 of a cancellation result indicating whether cancellation is possible (step S334).

  After that, for a function that has made a use restriction release request, when the predetermined time has passed until the desired start time of use, the authentication server 10 cannot receive the notification of the release result from the administrator terminal 30A, and thus has already received the management. Based on the notification from the person terminal 30B, whether or not to cancel is determined (step S335). And the result which shows the decision | availability of cancellation | release determined is notified to the user terminal 20A (step S336).

  FIG. 12 shows a process when the user terminal 20A is associated with the administrator terminals 30A and 30B and all authentication flags are OFF. It is assumed that the priority order is higher for the administrator terminal 30A.

  When there is a use restriction release request from the user terminal 20A to the authentication server 10 (step S341), the authentication server 10 issues use restriction release requests to the associated administrator terminals 30A and 30B in order of priority. Send. That is, first, a use restriction release request is transmitted to the administrator terminal 30A (step S342).

  Here, when the administrator terminal 30A notifies the authentication server 10 of the result of permitting the release (step S343), since all the authentication flags are OFF, the administrator terminal 30A with the higher priority ranks. In accordance with the notification, the authentication server 10 determines to cancel the use restriction (step S344). Then, the authentication server 10 notifies the release result to the user terminal 20A (step S345).

  Next, there is a use restriction release request from the user terminal 20A to the authentication server 10 (step S351), and the authentication server 10 transmits a use restriction release request to the administrator terminal 30A according to the priority order (step S352). As a result, the administrator terminal 30A notifies the result that the release is not permitted (step S353).

  In this case, the authentication server 10 transmits a use restriction release request to the administrator terminal 30B having the second highest priority after the administrator terminal 30A (step S354). Here, when the administrator terminal 30B makes a notification to permit the release (step S355), since all the authentication flags are OFF, the authentication server 10 determines that at least one of the associated administrator terminals 30 is Since the license has been granted, a decision is made to grant the release (step S356). Then, the authentication server 10 notifies the release result to the user terminal 20A (step S357).

  FIG. 13 shows processing when the user terminal 20A is associated with the administrator terminals 30A and 30B, and the administrator terminal 30A is out of the communicable area when all authentication flags are OFF. It is assumed that the priority order is higher for the administrator terminal 30A.

  There is a use restriction release request from the user terminal 20A to the authentication server 10 (step S361), and the authentication server 10 attempts to send a use restriction release request to the administrator terminal 30A in accordance with the priority order (step S362). However, since the administrator terminal 30A is out of service area, it cannot receive this use restriction release request. Therefore, the connection times out.

  Therefore, the authentication server 10 transmits a use restriction release request to the administrator terminal 30B having the second highest priority after the administrator terminal 30A (step S363). Here, when the administrator terminal 30B makes a notification to permit the release (step S364), since all the authentication flags are OFF, the authentication server 10 determines that at least one of the associated administrator terminals 30 is Since the license has been granted, a decision is made to grant the release (step S365). Then, the authentication server 10 notifies the release result to the user terminal 20A (step S366).

  Next, as in steps S361 to S363, when a use restriction release request is transmitted to the administrator terminal 30B (steps S371 to S373), the administrator terminal 30B notifies the result that the release is not permitted ( Let step S374). Then, the authentication server 10 tries to transmit the use restriction release request again to the administrator terminal 30A, but the connection timeout is repeated.

  After that, for a function that has made a use restriction release request, when the predetermined time is cut off until the desired start time of use, the authentication server 10 cannot receive the notification of the release result from the administrator terminal 30A. In accordance with the conditions for permitting the release stored, that is, according to the automatic release rule of the association information table (FIG. 5), whether or not the release is possible is determined (step S375). Then, the authentication server 10 notifies the user terminal 20A of the release result (step S376).

  8 to 13 exemplify the rule for determining whether to cancel the use restriction based on the notifications from the administrator terminals 30A and 30B, but the present invention is not limited to this. The authentication server 10 stores a predetermined decision rule in advance, thereby making a decision according to this decision rule.

  FIG. 14 shows transmission data of a use restriction release request from the user terminal 20 </ b> A to the authentication server 10. An authentication password, a use period, a use count, and a use time are transmitted together with the ID of the use restriction function. Note that either the number of times of use or the time of use is set.

  FIG. 15 shows transmission data that is a result of permission / inhibition of use restriction cancellation in response to a use restriction release request by the administrator terminal 30A or 30B. Here, together with the result of whether or not to permit the release (OK / NG) and the ID of the use restriction function, the effective period, the number of times of use, the time of use, and the comment are transmitted. That is, in response to a request from the user terminal 20A, the contents actually permitted by the administrator can be notified, and a comment from the administrator can be transmitted as necessary.

  FIGS. 16 to 17 are flowcharts of processing for authenticating the use restriction cancellation in the authentication server 10.

  First, in FIG. 16, in step S <b> 401, the control unit 110 determines whether or not there is association information regarding a use restriction release request. Specifically, it is searched whether or not there is a combination of the requested user terminal 20 and the use restriction function in the association information table (FIG. 5). If it exists (YES), the process moves to step S402, and if it does not exist, the process ends.

  In step S402, the control unit 110 determines whether or not the authentication password included in the use restriction release request is correct. Specifically, it is determined to be correct when it matches the authentication password stored in the association information table (FIG. 5). If it is correct (YES), the process proceeds to step S403. If it is not correct (NO), the process ends.

  In step S403, the control unit 110 sets the unconnected flag for each of the administrator terminals 30 to ON.

  In steps S <b> 404 to S <b> 408, the control unit 110 performs loop processing in order from the top of the priority order for the administrator terminal 30 with which association is registered, and executes steps S <b> 405 to S <b> 407 for each of the administrator terminals 30.

  In step S405, the control unit 110 attempts a use restriction release request to the administrator terminal 30 whose unconnected flag is ON.

  In step S406, the control unit 110 determines whether or not it is possible to connect to the administrator terminal 30 that has attempted the use restriction release request in step S405. If the connection is successful (YES), the process moves to step S407. If the connection cannot be made (NO), the process moves to step S408 and the loop is repeated.

  In step S407, the control unit 110 sets the unconnected flag for the administrator terminal 30 determined to be connected in step S406 to OFF. Then, the process proceeds to step S408, and the loop is repeated.

  In step S409, the control unit 110 determines whether or not all authentication flags relating to the received use restriction release request are OFF. Specifically, the determination is made with reference to all the authentication fields in the association information table (FIG. 5). If it is OFF (YES), the process proceeds to step S410. If it is ON (NO), the process proceeds to step S415 (FIG. 17).

  In step S410, the control unit 110 determines whether or not the administrator terminal 30 that has been connected in step S405 has received a result notification indicating whether the use restriction can be released. When there is a notification (YES), the process proceeds to step S411, and when there is no notification (NO), the process proceeds to step S412.

  In step S411, the control unit 110 determines whether or not the use restriction can be canceled based on the result notification from the administrator terminal 30, and notifies the user terminal 20 of the determination result.

  In step S <b> 412, the control unit 110 determines whether or not the use restriction release start time is within a predetermined time from the request, and whether the notification from the administrator terminal 30 is waiting for the predetermined time from the request. If the determination is YES, the notification from the administrator terminal 30 has not been obtained, but since the release start time is near, the process proceeds to step S413. On the other hand, if the determination is NO, there is room for waiting for notification from the administrator terminal 30, and the process proceeds to step S414.

  In step S413, the control unit 110 determines the use restriction release permission / inhibition result according to the automatic release rule stored together with the association information, and notifies the user terminal 20 of the result.

  In step S414, the control unit 110 determines whether or not there is an unconnected administrator terminal 30. If it exists (YES), the process proceeds to step S404. If it does not exist (NO), the process proceeds to step S410.

  Moving to FIG. 17, in step S415, the control unit 110 determines whether there is an unconnected administrator terminal 30 or not. If it exists (YES), the process proceeds to step S418. If it does not exist (NO), the process proceeds to step S416.

  In step S416, the control unit 110 determines whether or not the administrator terminal 30 that has been connected in step S405 (FIG. 16) has received a result notification indicating whether the use restriction can be released. If there is a notification (YES), the process proceeds to step S417. If there is no notification (NO), the process proceeds to step S418.

  In step S417, the control unit 110 determines the cancellation result only when the notification from the administrator terminal 30 indicates permission (OK), and otherwise determines that the cancellation is not permitted. The release result is notified to the user terminal 20.

  In step S418, the control unit 110 determines whether or not the use restriction release start time is within a predetermined time from the request and whether or not the notification from the administrator terminal 30 is waiting for the predetermined time from the request. If the determination is YES, the cancellation start time is near, and the process moves to step S419. On the other hand, if the determination is NO, there is room for waiting for notification from the administrator terminal 30, and the process proceeds to step S404 (FIG. 16).

  In step S419, the control unit 110 determines whether or not there is a result notification from any of the administrator terminals 30. If this determination is YES, the process proceeds to step S420. If the determination is NO, whether or not the use restriction can be canceled cannot be determined by notification from the administrator terminal 30, and the process proceeds to step S421.

  In step S420, the control unit 110 permits cancellation only when all notifications from the administrator terminal 30 that have received the result notification indicate permission (OK), and otherwise cancels the permission as not to permit the cancellation. The result is determined, and the release result is notified to the user terminal 20.

  In step S <b> 421, the control unit 110 determines the use restriction release permission / inhibition result according to the automatic release rule stored together with the association information, and notifies the user terminal 20 of the result.

  FIG. 18 is a diagram illustrating a processing flow of the authentication server 10 and the user terminal 20 in accordance with a use restriction registration request from the authentication server 10 and a use restriction release request from the user terminal 20. Here, the user terminal 20 includes an application manager that controls activation of an application, and shows a flow of processing along with user operations.

  When the authentication server 10 makes a use restriction registration request to the application manager (step S501), the application manager makes a request for releasing the restriction and the ID of the use restriction function included in the use restriction registration request. The authentication password is stored (step S502), and a use restriction registration response indicating that the registration is completed is returned to the authentication server 10 (step S503).

  Thereafter, when the user of the user terminal 20 inputs an application activation request, the activation request is transmitted to the application manager (step S504). Then, the application manager checks whether or not there is a usage restriction registration for the application requested to be activated (step S505).

  If there is no usage restriction as a result of the check, the application manager makes an application activation request (step S506), and if there is a usage restriction, a confirmation screen for requesting the usage restriction release is displayed (step S507). Accepts input.

  When the user selects to cancel the use restriction on the confirmation screen (step S508), the application manager makes a use restriction release request to the authentication server 10 (step S509).

  When the use restriction release request is made, the application manager waits for the release result in the background, and can accept other operation inputs from the user (step S510).

  On the other hand, the authentication server 10 that has received the use restriction release request checks the authentication password and notifies the administrator terminal 30 of the release request (step S511). As a result, the authentication server 10 receives a notification indicating whether or not cancellation is possible from each of the administrator terminals 30, and determines a cancellation result.

  When the authentication server 10 notifies the application manager of the release result (step S512), the application manager displays the result of use restriction release (step S513).

  Accordingly, when the use restriction is released and the user inputs an application activation request, the activation request is transmitted to the application manager (step S514), and the application manager is activated (step S515).

  In FIG. 18, the use restriction cancellation request is made in response to the application activation request. However, the request is not limited to this, and the use restriction release request for a predetermined period may be requested from the user in advance. In this case, the application activation request in step S504 is a use request in a predetermined period, and step S506 is not executed.

  In steps S510 and S512, the application manager receives the notification of the result of canceling the use restriction in the background. However, the present invention is not limited to this. For example, even if the authentication server 10 notifies that the result can be obtained by a message service such as SMS (Short Message Service), the application manager obtains the use restriction release result in response to a request from the user. Good. Here, when acquiring the use restriction release result, it is preferable to authenticate the authentication password by the authentication server 10 again.

  As described above, according to the present embodiment, a plurality of administrator terminals 30 for managing usage restrictions can be provided for each function of the user terminal 20. As a result, it becomes possible to establish a proxy in the case where a reply indicating whether or not the cancellation is possible cannot be made immediately, so that an improvement in convenience can be expected. Furthermore, since it is possible to require permission from a plurality of administrators in order to remove the use restriction, security can be improved.

  Further, since the automatic release rule is stored in the authentication server 10, even if there is no reply from the administrator terminal 30 indicating whether the release is possible or not, whether the release is possible is determined according to the automatic release rule. can do. As a result, a result can be reliably obtained in response to the use restriction cancellation request from the user terminal 20, and thus the convenience can be expected to be improved.

  As mentioned above, although embodiment of this invention was described, this invention is not restricted to embodiment mentioned above. The effects described in the embodiments of the present invention are only the most preferable effects resulting from the present invention, and the effects of the present invention are limited to those described in the embodiments of the present invention. is not.

It is the schematic which shows the structure of the permission management system which concerns on this invention. It is a block diagram which shows the structure of the authentication server 10 which concerns on this invention. It is a block diagram which shows the structure of the electronic device (user terminal 20, the administrator terminal 30) which concerns on this invention. It is a figure which shows the use restriction function table which concerns on this invention. It is a figure which shows the correlation information table which concerns on this invention. It is a figure which shows the flow of a process which registers the association with the user terminal 20A which concerns on this invention. It is a flowchart which shows the flow of the process which registers association information in the authentication server 10 which concerns on this invention. It is a figure which shows a process in case the user terminal 20A which concerns on this invention is linked | related only with the administrator terminal 30A. It is a figure which shows the process in case the user terminal 20A which concerns on this invention is linked | related only with the administrator terminal 30A, and the administrator terminal 30A is outside a communicable area. It is a figure which shows the process in case the user terminal 20A which concerns on this invention is linked | related with the administrator terminals 30A and 30B, and all the authentication flags are ON. It is a figure which shows a process when the user terminal 20A which concerns on this invention is linked | related with the administrator terminals 30A and 30B, and the administrator terminal 30A is outside a communicable area when all the authentication flags are ON. It is a figure which shows the process in case the user terminal 20A which concerns on this invention is linked | related with the administrator terminals 30A and 30B, and all the authentication flags are OFF. It is a figure which shows a process in case the user terminal 20A which concerns on this invention is linked | related with the administrator terminals 30A and 30B, and the administrator terminal 30A is outside a communicable area when all the authentication flags are OFF. It is a figure which shows the transmission data of a use restriction cancellation request based on this invention. It is a figure which shows the transmission data which are the permission / prohibition result of the use restriction cancellation based on this invention. It is a flowchart of the process which performs authentication of use restriction cancellation which concerns on this invention. It is a flowchart of the process which performs authentication of use restriction cancellation which concerns on this invention. It is a figure which shows the flow of a process of the authentication server 10 and the user terminal 20 accompanying the use restriction registration request | requirement and use restriction cancellation request | requirement which concern on this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Authentication server 20, 20A User terminal 30, 30A, 30B Administrator terminal 110 Control part (request means, determination means)
120 storage unit (storage means)
130 input unit 140 display unit 150 communication unit (first transmission unit, second transmission unit)
160 Bus 210 Control unit (release means)
220 Storage unit (storage means)
230 Input unit 240 Display unit 250 Communication unit (transmission means, reception means)

Claims (7)

A server connected to a manager terminal device and a user portable terminal device via a network,
In response to a request from the administrator terminal device, an authentication password for requesting release of the use restriction is provided to the function for which use restriction is set in the user portable terminal device. First transmission means for transmitting to the mobile terminal device;
The authentication password transmitted by the first transmission means in association with the unique data for identifying the portable terminal device for user and the data for identifying the function for which the use restriction is set, and at least one for the administrator Storage means for storing data for identifying the terminal device as association data;
In response to receiving a request for releasing the use restriction together with the authentication password from the user portable terminal device, the use restriction is provided to each of the administrator terminal devices stored in association with the storage unit. Request means for requesting a reply of permission data indicating whether or not to permit the release of
Determining means for determining whether or not to cancel the use restriction based on the permission data returned in response to the request of the request means;
Second transmission means for transmitting determination data indicating a result of determination by the determination means to the mobile terminal device for user;
A server comprising The storage means further stores flag data indicating whether or not permission from all of the manager terminal devices stored in the association data is required to release the use restriction,
The determining means, when the flag data indicates that permission from all of the manager terminal devices is required for the function targeted by the request to release the use restriction received by the request means, The use restriction is released in response to receiving a reply indicating that the use restriction is released from all of the administrator terminal devices associated with the user portable terminal device that has received The server according to claim 1, wherein the server makes a decision. The permission data includes designation information related to the time or number of times to cancel the use restriction,
3. The server according to claim 1, wherein the determination unit includes the designation information in the determination data when the determination unit determines to release the use restriction. 4. The storage means receives and stores the priority order designation of each of the manager terminal devices when there are a plurality of the manager terminal devices in the association data,
The determination means includes the designation information included in the license data received from the manager terminal device having the highest priority among the license data indicating that the use restriction is to be released. The server according to claim 3, wherein the server is selected and included in the determination data. The storage means further stores rule data for determining whether or not to cancel the use restriction without relying on permission data from the manager terminal device in the association data;
The determining means determines the use based on the stored rule data when it is not possible to determine whether or not to cancel the use restriction based on the permission data that can be received from the manager terminal device within a predetermined period. The server according to any one of claims 1 to 4, wherein it is determined whether to release the restriction. An electronic device connected to a server via a network,
Storage means for receiving and storing an authentication password for requesting release of the use restriction for a function for which use restriction is set in the electronic device;
A transmission means for transmitting to the server a request for releasing the use restriction together with the authentication password stored by the storage means in response to receiving the execution request for the function for which the use restriction is set;
In response to the request transmitted by the transmission means, each of the administrator terminal devices stored in association with the server in response to a request from at least one administrator terminal device is permitted to release the use restriction. Receiving means for requesting a reply of permission data indicating whether or not to perform, and receiving determination data as to whether or not to cancel the use restriction determined based on the returned permission data;
A release means for releasing the use restriction when the decision data received by the receiving means indicates that the use restriction is released;
Electronic equipment comprising. A permission management system in which a server, a manager terminal device, and a user portable terminal device are connected via a network, wherein the server includes:
In response to a request from the administrator terminal device, an authentication password for requesting release of the use restriction is provided to the function for which use restriction is set in the user portable terminal device. First transmission means for transmitting to the mobile terminal device;
The authentication password transmitted by the first transmission means in association with the unique data for identifying the portable terminal device for user and the data for identifying the function for which the use restriction is set, and at least one for the administrator Storage means for storing data for identifying the terminal device as association data;
In response to receiving a request for releasing the use restriction together with the authentication password from the user portable terminal device, the use restriction is provided to each of the administrator terminal devices stored in association with the storage unit. Request means for requesting a reply of permission data indicating whether or not to permit the release of
Determining means for determining whether or not to cancel the use restriction based on the permission data returned in response to the request of the request means;
Second transmission means for transmitting determination data indicating a result of determination by the determination means to the mobile terminal device for user;
A permission management system comprising:

Images