WO2017149779A1 - Device monitoring system, device monitoring method, and program - Google Patents
Device monitoring system, device monitoring method, and program Download PDFInfo
- Publication number
- WO2017149779A1 WO2017149779A1 PCT/JP2016/056860 JP2016056860W WO2017149779A1 WO 2017149779 A1 WO2017149779 A1 WO 2017149779A1 JP 2016056860 W JP2016056860 W JP 2016056860W WO 2017149779 A1 WO2017149779 A1 WO 2017149779A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- password
- authentication
- address
- determination
- input
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Definitions
- the present invention relates to a device monitoring system, a device monitoring method, and a program for monitoring whether or not information is leaked from a device.
- a mode of permitting use of the device by authentication with a password is disclosed.
- the password is not set or when the password is easy to guess, there is a possibility that the device is easily used by an unauthorized user and information is leaked.
- Patent Document 1 it is a countermeasure after a device password is leaked to an unauthorized user, and it cannot be determined whether or not such a password is easily broken in the first place. .
- an object of the present invention is to provide a device monitoring system, a device monitoring method, and a program capable of determining whether a password set in a device is easily broken. To do.
- the present invention provides the following solutions.
- the invention according to the first feature is a receiving means for receiving an input of an IP address corresponding to a device to be monitored; Access means for accessing the device based on the accepted IP address; A judging means for judging whether or not a password set in the device is easily broken; Output means for outputting the result of the determination; A device monitoring system is provided.
- the device monitoring system receives an input of an IP address corresponding to a device to be monitored, accesses the device based on the received IP address, and sets the device It is determined whether or not the password being entered is easily broken, and the result of the determination is output.
- the determining means determines whether or not the security level of the password set in the device is greater than or equal to a predetermined threshold value, so that it is easily broken.
- the device monitoring system according to the first feature is easily broken depending on whether the security level of the password set in the device is equal to or higher than a predetermined threshold. Determine if it is in a state.
- the invention according to the third feature includes dictionary means in which a password that is easily broken is described; With The determination unit determines whether the password is easily broken by checking the password set in the device with the dictionary unit; There is provided an apparatus monitoring system which is an invention according to a first feature.
- the device monitoring system according to the first aspect of the invention describes a password that is easily broken, and collates the password set in the device with the dictionary means. To determine whether the password is easily broken.
- the invention according to the fourth feature is a step of receiving an input of an IP address corresponding to a device to be monitored; Accessing the device based on the accepted IP address; Determining whether a password set in the device is easily broken; Outputting the result of the determination; A device monitoring method is provided.
- the invention according to the fifth feature provides a device monitoring system, Receiving an IP address corresponding to a device to be monitored; Accessing the device based on the accepted IP address; Determining whether a password set in the device is easily broken; Outputting the result of the determination; A program characterized in that is executed is provided.
- the present invention it is possible to provide a device monitoring system, a device monitoring method, and a program capable of determining whether or not a password set in a device is easily broken.
- FIG. 1 is a diagram showing an outline of the device monitoring system 1.
- FIG. 2 is an overall configuration diagram of the device monitoring system 1.
- FIG. 3 is a functional block diagram of the operator terminal 100, the device 200, and the user terminal 300.
- FIG. 4 is a flowchart showing device monitoring processing executed by the operator terminal 100, the device 200, and the user terminal 300.
- FIG. 5 is an IP address input acceptance screen.
- FIG. 6 is a diagram showing a dictionary table.
- FIG. 7 is a determination result screen when the authentication ID and password are not set.
- FIG. 8 is a determination result screen in a state where the authentication ID and password are easily broken.
- FIG. 9 is a determination result screen in a state where the authentication ID and password are not easily broken.
- FIG. 1 is a diagram for explaining an overview of a device monitoring system 1 which is a preferred embodiment of the present invention.
- the device monitoring system 1 includes an operator terminal 100, a device 200, and a user terminal 300.
- the operator terminal 100, the device 200, and the user terminal 300 are not limited to one, but may be plural.
- Each device may be realized by either or both of an actual device and a virtual device.
- each process to be described later may be realized by any one or combination of each device of the operator terminal 100, the device 200, and the user terminal 300.
- the operator terminal 100 is a terminal device owned by a service provider capable of data communication with the device 200 and the user terminal 300.
- the operator terminal 100 is, for example, an electric appliance such as a netbook terminal, a slate terminal, an electronic book terminal, and a portable music player in addition to a mobile phone, a portable information terminal, a tablet terminal, and a personal computer.
- the device 200 is a monitoring target device capable of data communication with the operator terminal 100 and the user terminal 300.
- the device 200 is an article that is connected to a network such as a multifunction peripheral, a printer, a server, and a network camera and can be operated by the operator terminal 100, the user terminal 300, or another terminal device.
- the user terminal 300 is a terminal device owned by a service target person capable of data communication with the operator terminal 100 and the device 200.
- the user terminal 300 is an electrical appliance similar to the operator terminal 100 described above.
- the operator terminal 100 receives an input of an IP address corresponding to the device 200 to be monitored (step S01).
- the operator terminal 100 accesses the device 200 based on the accepted IP address (step S02).
- the operator terminal 100 determines whether the authentication ID and password of the device 200 are set. When the operator terminal 100 determines that the authentication ID and password are not set in the device 200, the operator terminal 100 outputs a determination result indicating that. When the operator terminal 100 determines that the authentication ID and password are set, the operator terminal 100 determines whether or not the authentication ID and password are easily broken.
- the operator terminal 100 may, for example, analyze the authentication ID and password, determine whether or not it is easily broken based on the analysis result, evaluate the security level based on the analysis result, It may be determined whether or not the evaluation is easily broken based on whether or not the evaluation is equal to or higher than a predetermined threshold, or a dictionary in which authentication IDs and passwords that are generally used frequently are registered in advance is stored.
- the operator terminal 100 outputs determination result data indicating the determination result to the user terminal 300 (step S03).
- the operator terminal 100 may determine only the password, not the authentication ID and password. In this case, it may be determined whether or not the password is easily broken.
- the user terminal 300 receives the determination result data, and based on this determination result data, displays the determination result regarding the authentication ID and the password easily breached by the operator terminal 100.
- FIG. 2 is a diagram showing a system configuration of the device monitoring system 1 which is a preferred embodiment of the present invention.
- the device monitoring system 1 includes an operator terminal 100, a device 200, a user terminal 300, and a public line network (Internet network, third and fourth generation communication network, etc.) 5.
- the operator terminal 100, the device 200, and the user terminal 300 are not limited to one, but may be plural.
- Each device is not limited to a real device, and may be a virtual device.
- each process described below may be executed by any one or a combination of the apparatuses.
- the operator terminal 100 has the functions described later and is the terminal device described above.
- the device 200 has the functions described later and is the above-described article.
- the user terminal 300 has the functions described below and is the terminal device described above.
- FIG. 3 is a functional block diagram of the operator terminal 100, the device 200, and the user terminal 300.
- the operator terminal 100 includes a CPU (Central Processing Unit), a RAM (Random Access Memory), a ROM (Read Only Memory), and the like, and as a communication unit 120, a device for enabling communication with other devices, such as IEEE802. 11 compatible with WiFi (Wireless Fidelity) compatible devices.
- the operator terminal 100 also includes a data storage unit such as a hard disk, a semiconductor memory, a recording medium, or a memory card as the storage unit 130. Further, the operator terminal 100 includes, as the input / output unit 140, a display unit that outputs and displays data and images controlled by the control unit 110, an input unit such as a touch panel, a keyboard, and a mouse that receives input from the user.
- the control unit 110 when the control unit 110 reads a predetermined program, the device access module 150, the determination result output module 151, and the device determination module 152 are realized in cooperation with the communication unit 120. Further, in the operator terminal 100, the control unit 110 reads a predetermined program, thereby realizing the dictionary storage module 160 in cooperation with the storage unit 130. Also, in the operator terminal 100, the IP address input receiving module 170 is realized in cooperation with the input / output unit 140 by the control unit 110 reading a predetermined program.
- the device 200 includes a CPU, RAM, ROM, and the like as the control unit 210, and a wireless device and the like for enabling communication with other devices as the communication unit 220.
- the device 200 implements the connection request receiving module 250 in cooperation with the communication unit 220 when the control unit 210 reads a predetermined program.
- the user terminal 300 includes a CPU, RAM, ROM, and the like as the control unit 310, and includes a wireless device and the like for enabling communication with other devices as the communication unit 320, and an input / output unit.
- a display part, an input part, etc. are provided.
- the user terminal 300 implements the determination result receiving module 350 in cooperation with the communication unit 320 when the control unit 310 reads a predetermined program. In addition, the user terminal 300 implements the determination result display module 360 in cooperation with the input / output unit 340 by the control unit 310 reading a predetermined program.
- FIG. 4 is a flowchart of device monitoring processing executed by the operator terminal 100, the device 200, and the user terminal 300. The processing executed by the modules of each device described above will be described together with this processing.
- the IP address input reception module 170 determines whether or not an input of an IP address corresponding to the device 200 to be monitored has been received (step S10).
- the IP address input reception module 170 activates a dedicated application, an Internet browsing application, or the like, and determines whether or not an input of an IP address is received in a predetermined input field.
- FIG. 5 is a diagram showing an IP address input acceptance screen displayed by the IP address input acceptance module 170.
- the IP address input reception module 170 displays a message display area 400, an IP address input area 410, a determination icon 420, and a cancel icon 430 as an IP address input reception screen.
- the message display area 400 is an area for displaying a message that prompts the device 200 to input an IP address.
- the IP address input area 410 is an area for receiving an input of the global IP address of the target device 200.
- the IP address input area 410 receives an input of the global IP address of the device 200 and displays the received global IP address.
- the determination icon 420 receives an input operation
- the device access module 150 executes access to the global IP address received in the IP address input area 410.
- a cancel icon 430 terminates this screen upon accepting an input operation.
- the IP address input receiving module 170 may receive an input of an IP address directly from an operator, or may receive an input for selecting an IP address of the device 200 to be accessed from a plurality of preset IP addresses.
- the IP address input receiving module 170 may receive an input from a touch panel or a keyboard from an operator, or may receive an IP address input by receiving a voice input from the operator. Further, the IP address input reception module 170 may receive input of other information such as a port number and a MAC address in addition to the input of the global IP address.
- step S10 the IP address input reception module 170 determines that the input of the IP address has not been received (NO in step S10), that is, when the input operation of the cancel icon 430 has been received, If no IP address is input and the input of the determination icon 420 is received, this process is repeated until the input of the IP address is received.
- the IP address input reception module 170 When the IP address input reception module 170 receives an input of the determination icon 420 when no IP address is input in the IP address input area 410, the IP address input reception module 170 displays an error notification to that effect and inputs the IP address again. It may be configured to display an urging message and accept an input of an IP address.
- step S10 determines in step S10 that the input of the IP address has been received (YES in step S10), that is, the IP address is input to the IP address input area 410 and the determination icon 420 is input. If accepted, the device access module 150 transmits connection request data indicating a connection request to the device 200 having the accepted IP address (step S11).
- the connection request receiving module 250 receives the connection request data transmitted by the operator terminal 100.
- the operator terminal 100 and the device 200 establish network communication (step S12).
- the device access module 150 determines whether an authentication ID and a password are set for the accessed device 200 (step S13). In step S13, the device access module 150 may determine whether an authentication ID and a password are set based on whether the device 200 can be used. The device access module 150 may determine whether or not the authentication ID and password are set by another method.
- step S13 when the device access module 150 determines that the authentication ID and password are not set (NO in step S13), the determination result output module 151 sends the determination result data indicating the determination result to the user terminal 300. Output (step S16).
- step S13 when the device access module 150 determines that the authentication ID and password are set (YES in step S13), that is, when the device 200 cannot be used, the device determination module 152 The authentication ID and password set in (2) are analyzed (step S14).
- step S14 the device determination module 152 analyzes the authentication ID and password based on, for example, an authentication ID and password analogy, a dictionary, and a brute force method as an analysis method. Note that the device determination module 152 may analyze the authentication ID and password by other methods.
- the device determination module 152 performs analysis based on information such as an authentication ID and password that are frequently used, a user's name or login name, a birthday, and an address as an analogy method. Further, as a dictionary method, the device determination module 152 stores an authentication ID and a password that are frequently used in a dictionary table in the dictionary storage module 160 in advance as a dictionary table, and performs analysis by collating the dictionary table. Alternatively, analysis may be performed based on a character string or the like posted in a general dictionary. Further, the device determination module 152 may analyze by trying all possible authentication IDs and passwords. The device determination module 152 may analyze the authentication ID and password by combining the above-described methods, or may analyze the authentication ID and password by other methods.
- FIG. 6 is a diagram showing a dictionary table stored in the dictionary storage module 160.
- the dictionary storage module 160 stores authentication IDs and passwords that are frequently used in association with each other.
- the operator terminal 100 acquires authentication IDs and passwords that are frequently used from an external site or a database, and creates and stores them as a dictionary table.
- “admin”, “user”, “abc123”, and “123456” are authentication IDs that are frequently used.
- frequently used passwords are “admin”, “user”, “qwerty”, and “56789”.
- dictionary storage module 160 may store an authentication ID and password that are frequently used other than the authentication ID and password described above, or may store only one of the authentication ID and password described above. Further, the dictionary storage module 160 does not associate the authentication ID with the password, and may store them separately.
- the device determination module 152 determines the strength indicating whether or not the analyzed authentication ID and password are easily broken (step S15).
- the device determination module 152 uses a string of frequently used authentication IDs and passwords, a user name, a birthday, personal information, the number of characters, uppercase letters, lowercase letters, numbers, or symbols.
- the security level of the authentication ID and password is determined based on a determination criterion such as a combination, a character string having a sequential order, or a number having a sequential order.
- the device determination module 152 determines whether or not the authentication ID and password are strong based on whether or not the security level is equal to or higher than a predetermined threshold.
- the device determination module 152 determines that the strength of the authentication ID and password is low when it is lower than the predetermined threshold, and determines that the authentication ID and password are easily broken.
- the device determination module 152 determines that the strength of the authentication ID and password is high, and determines that the authentication ID and password are not easily broken.
- the device determination module 152 compares the analyzed authentication ID and password with the authentication ID and password stored in the dictionary table, and determines the strength of the authentication ID and password based on whether or not they match. If they match, the device determination module 152 determines that the strength of the authentication ID and password is low, and determines that the authentication ID and password are easily broken. Further, if they do not match, the device determination module 152 determines that the strength of the authentication ID and password is high, and determines that the authentication ID and password are not easily broken.
- the device determination module 152 may determine whether the authentication ID and the password are easily broken by another method.
- the determination result output module 151 outputs determination result data indicating the determination result in step S15 to the user terminal 300 (step S16).
- the judgment result receiving module 350 receives judgment result data.
- the determination result display module 360 displays a determination result screen based on the received determination result data (step S17).
- FIG. 7 is a diagram illustrating a determination result screen when the authentication ID and password displayed by the determination result display module 360 are not set.
- the determination result display module 360 displays a determination result display area 500, a determination content display area 510, a recommended display area 520, a setting icon 530, and an end icon 540.
- the determination result display area 500 displays a message indicating that this screen is a screen showing a diagnosis result regarding the strength of the authentication ID and password.
- the determination content display area 510 displays a notification message that the authentication ID and password are not set and a notification message that prompts the user to set the authentication ID and password.
- the recommended display area 520 displays a plurality of authentication ID and password candidates that are difficult to break.
- the authentication ID and password candidates displayed in the recommended display area 520 are authentication IDs and passwords that are not easily broken such as randomly generated character strings or character strings created by an external site or database.
- the setting icon 530 receives an operation input from the user and displays a setting screen for the authentication ID and password of the device 200.
- the end icon 540 receives an operation input from the user and ends the display of this screen.
- FIG. 8 is a diagram illustrating a determination result screen when the authentication ID and password displayed by the determination result display module 360 are easily broken.
- the determination result display module 360 displays a determination result display area 600, a determination content display area 610, an intensity display area 620, a recommended display area 630, a setting icon 640, and an end icon 650.
- the judgment result display area 600 is the same as the judgment result display area 500 described above.
- the determination content display area 610 displays a notification message indicating that the authentication ID and password are easily broken and a notification message prompting resetting of the authentication ID and password.
- the strength display area 620 displays the currently set authentication ID and password strength.
- the intensity display area 620 displays the intensity as a bar graph. The longer the bar graph, the higher the strength, and the shorter the bar graph, the lower the strength. In the present embodiment, the length of the bar graph is indicated by hatching processing.
- the recommended display area 630, the setting icon 640, and the end icon 650 are the same as the recommended display area 520, the setting icon 530, and the end icon 540 described above.
- the intensity display area 620 may display the intensity in other forms such as a numerical value, a color, and a character string.
- FIG. 9 is a diagram illustrating a determination result screen when the authentication ID and password displayed by the determination result display module 360 are not easily broken.
- the determination result display module 360 displays a determination result display area 700, a determination content display area 710, an intensity display area 720, and an end icon 730.
- the judgment result display area 700 is the same as the judgment result display area 500 described above.
- the determination content display area 710 displays a notification message indicating that the authentication ID and password are not easily broken.
- the intensity display area 720 and the end icon 730 are the same as the intensity display area 620 and the end icon 540 described above.
- processing may be executed every predetermined period, for example, every month, every week, every 10 days, or every 20 days. Moreover, you may perform every other period and may be performed at another timing.
- the above is the device monitoring process.
- the user can check whether information on the device 200 connected to the network owned by the user is leaked. It is possible to determine whether the password is easily broken.
- the means and functions described above are realized by a computer (including a CPU, an information processing apparatus, and various terminals) reading and executing a predetermined program.
- the program is provided in a form recorded on a computer-readable recording medium such as a flexible disk, CD (CD-ROM, etc.), DVD (DVD-ROM, DVD-RAM, etc.).
- the computer reads the program from the recording medium, transfers it to the internal storage device or the external storage device, stores it, and executes it.
- the program may be recorded in advance in a storage device (recording medium) such as a magnetic disk, an optical disk, or a magneto-optical disk, and provided from the storage device to a computer via a communication line.
- 1 device monitoring system 100 operator terminals, 200 devices, 300 user terminals
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
Description
前記受け付けたIPアドレスに基づいて、前記機器にアクセスするアクセス手段と、
前記機器に設定されているパスワードが破られやすい状態になっているかどうかを判断する判断手段と、
前記判断の結果を出力する出力手段と、
を備えることを特徴とする機器監視システムを提供する。 The invention according to the first feature is a receiving means for receiving an input of an IP address corresponding to a device to be monitored;
Access means for accessing the device based on the accepted IP address;
A judging means for judging whether or not a password set in the device is easily broken;
Output means for outputting the result of the determination;
A device monitoring system is provided.
ことを特徴とする第1の特徴に係る発明である機器監視システムを提供する。 In the invention according to the second feature, the determining means determines whether or not the security level of the password set in the device is greater than or equal to a predetermined threshold value, so that it is easily broken.
There is provided an apparatus monitoring system which is an invention according to a first feature.
を備え、
前記判断手段が、前記機器に設定されているパスワードと、前記辞書手段とを照合して、当該パスワードが破られやすい状態であるかどうかを判断する、
ことを特徴とする第1の特徴に係る発明である機器監視システムを提供する。 The invention according to the third feature includes dictionary means in which a password that is easily broken is described;
With
The determination unit determines whether the password is easily broken by checking the password set in the device with the dictionary unit;
There is provided an apparatus monitoring system which is an invention according to a first feature.
前記受け付けたIPアドレスに基づいて、前記機器にアクセスするステップと、
前記機器に設定されているパスワードが破られやすい状態になっているかどうかを判断するステップと、
前記判断の結果を出力するステップと、
を備えることを特徴とする機器監視方法を提供する。 The invention according to the fourth feature is a step of receiving an input of an IP address corresponding to a device to be monitored;
Accessing the device based on the accepted IP address;
Determining whether a password set in the device is easily broken;
Outputting the result of the determination;
A device monitoring method is provided.
監視対象にする機器に対応するIPアドレスの入力を受け付けるステップ、
前記受け付けたIPアドレスに基づいて、前記機器にアクセスするステップ、
前記機器に設定されているパスワードが破られやすい状態になっているかどうかを判断するステップ、
前記判断の結果を出力するステップ、
を実行させることを特徴とするプログラムを提供する。 The invention according to the fifth feature provides a device monitoring system,
Receiving an IP address corresponding to a device to be monitored;
Accessing the device based on the accepted IP address;
Determining whether a password set in the device is easily broken;
Outputting the result of the determination;
A program characterized in that is executed is provided.
本発明の概要について、図1に基づいて説明する。図1は、本発明の好適な実施形態である機器監視システム1の概要を説明するための図である。機器監視システム1は、オペレータ端末100、機器200、ユーザ端末300から構成される。なお、オペレータ端末100、機器200及びユーザ端末300は、各々が1つに限らず、複数であってもよい。また、各装置は、実在する装置又は仮想的な装置のいずれか又は双方により実現されてもよい。また、後述する各処理は、オペレータ端末100、機器200、ユーザ端末300各装置のいずれか又は組合せにより実現されてもよい。 [Outline of device monitoring system 1]
The outline of the present invention will be described with reference to FIG. FIG. 1 is a diagram for explaining an overview of a device monitoring system 1 which is a preferred embodiment of the present invention. The device monitoring system 1 includes an
図2に基づいて、機器監視システム1のシステム構成について説明する。図2は、本発明の好適な実施形態である機器監視システム1のシステム構成を示す図である。機器監視システム1は、オペレータ端末100、機器200、ユーザ端末300及び公衆回線網(インターネット網や、第3、第4世代通信網等)5から構成される。なお、オペレータ端末100、機器200及びユーザ端末300は、各々が1つに限らず複数であってもよい。また、各装置は、実在する装置に限らず、仮想的な装置であってもよい。また、後述する各処理は、各装置のいずれか又は組合せにより実行されてもよい。 [System configuration of device monitoring system 1]
The system configuration of the device monitoring system 1 will be described based on FIG. FIG. 2 is a diagram showing a system configuration of the device monitoring system 1 which is a preferred embodiment of the present invention. The device monitoring system 1 includes an
図3に基づいて、オペレータ端末100、機器200、ユーザ端末300の機能について説明する。図3は、オペレータ端末100、機器200、ユーザ端末300の機能ブロック図を示す図である。 [Description of each function]
Based on FIG. 3, functions of the
図4に基づいて、オペレータ端末100、機器200、ユーザ端末300が実行する機器監視処理について説明する。図4は、オペレータ端末100、機器200、ユーザ端末300が実行する機器監視処理のフローチャートを示す図である。上述した各装置のモジュールが実行する処理について、本処理に併せて説明する。 [Device monitoring processing]
A device monitoring process executed by the
図6に基づいて、辞書テーブルについて説明する。図6は、辞書記憶モジュール160が記憶する辞書テーブルを示す図である。辞書記憶モジュール160は、使用頻度が高い認証IDとパスワードとを対応付けて記憶する。辞書記憶モジュール160は、オペレータ端末100が、使用頻度が高い認証ID及びパスワードを、外部サイトやデータベース等から取得し、辞書テーブルとして作成し、記憶する。使用頻度が高い認証IDとしては、例えば、「admin」、「user」、「abc123」、「123456」である。また、使用頻度が高いパスワードとしては、例えば、「admin」、「user」、「qwerty」、「56789」である。なお、辞書記憶モジュール160は、上述した認証ID及びパスワード以外の使用頻度が高い認証ID及びパスワードを記憶してもよいし、上述した認証ID及びパスワードのいずれかのみを記憶していてもよい。また、辞書記憶モジュール160は、認証IDとパスワードとは対応付けられておらず、別個に記憶していてもよい。 [Dictionary table]
The dictionary table will be described with reference to FIG. FIG. 6 is a diagram showing a dictionary table stored in the dictionary storage module 160. The dictionary storage module 160 stores authentication IDs and passwords that are frequently used in association with each other. In the dictionary storage module 160, the
Claims (5)
- 監視対象にする機器に対応するIPアドレスの入力を受け付ける受付手段と、
前記受け付けたIPアドレスに基づいて、前記機器にアクセスするアクセス手段と、
前記機器に設定されているパスワードが破られやすい状態になっているかどうかを判断する判断手段と、
前記判断の結果を出力する出力手段と、
を備えることを特徴とする機器監視システム。 Receiving means for receiving input of an IP address corresponding to a device to be monitored;
Access means for accessing the device based on the accepted IP address;
A judging means for judging whether or not a password set in the device is easily broken;
Output means for outputting the result of the determination;
A device monitoring system comprising: - 前記判断手段は、前記機器に設定されているパスワードのセキュリティレベルが所定の閾値以上であるかどうかで、破られやすい状態であるかどうかを判断する、
ことを特徴とする請求項1に記載の機器監視システム。 The determination means determines whether the security level of the password set in the device is a predetermined threshold or more, and determines whether the password is easily broken.
The apparatus monitoring system according to claim 1. - 破られやすいパスワードが記載されている辞書手段と、
を備え、
前記判断手段は、前記機器に設定されているパスワードと、前記辞書手段とを照合して、当該パスワードが破られやすい状態であるかどうかを判断する、
ことを特徴とする請求項1に記載の機器監視システム。 Dictionary means with passwords that are easy to break,
With
The determination unit compares the password set in the device with the dictionary unit to determine whether the password is easily broken.
The apparatus monitoring system according to claim 1. - 監視対象にする機器に対応するIPアドレスの入力を受け付けるステップと、
前記受け付けたIPアドレスに基づいて、前記機器にアクセスするステップと、
前記機器に設定されているパスワードが破られやすい状態になっているかどうかを判断するステップと、
前記判断の結果を出力するステップと、
を備えることを特徴とする機器監視方法。 Receiving an input of an IP address corresponding to a device to be monitored;
Accessing the device based on the accepted IP address;
Determining whether a password set in the device is easily broken;
Outputting the result of the determination;
A device monitoring method comprising: - 機器監視システムに、
監視対象にする機器に対応するIPアドレスの入力を受け付けるステップ、
前記受け付けたIPアドレスに基づいて、前記機器にアクセスするアステップ、
前記機器に設定されているパスワードが破られやすい状態になっているかどうかを判断するステップ、
前記判断の結果を出力するステップ、
を実行させることを特徴とするプログラム。 In equipment monitoring system,
Receiving an IP address corresponding to a device to be monitored;
Accessing the device based on the accepted IP address;
Determining whether a password set in the device is easily broken;
Outputting the result of the determination;
A program characterized by having executed.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2018502497A JPWO2017149779A1 (en) | 2016-03-04 | 2016-03-04 | Device monitoring system, device monitoring method and program |
PCT/JP2016/056860 WO2017149779A1 (en) | 2016-03-04 | 2016-03-04 | Device monitoring system, device monitoring method, and program |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2016/056860 WO2017149779A1 (en) | 2016-03-04 | 2016-03-04 | Device monitoring system, device monitoring method, and program |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017149779A1 true WO2017149779A1 (en) | 2017-09-08 |
Family
ID=59743677
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2016/056860 WO2017149779A1 (en) | 2016-03-04 | 2016-03-04 | Device monitoring system, device monitoring method, and program |
Country Status (2)
Country | Link |
---|---|
JP (1) | JPWO2017149779A1 (en) |
WO (1) | WO2017149779A1 (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001337919A (en) * | 2000-05-24 | 2001-12-07 | Mitsubishi Electric Corp | Security hole diagnostic system |
JP2003203051A (en) * | 2002-01-07 | 2003-07-18 | Yamatake Corp | Security measure execution device and method, security measure execution program, and storage medium with the program stored therein |
JP2004133720A (en) * | 2002-10-11 | 2004-04-30 | Yamatake Corp | Password strength checking method and device, password strength checking program, and recording med |
JP2008257577A (en) * | 2007-04-06 | 2008-10-23 | Lac Co Ltd | Security diagnostic system, method and program |
JP2012037948A (en) * | 2010-08-04 | 2012-02-23 | Hitachi Ltd | Method for changing device setting |
JP2012073904A (en) * | 2010-09-29 | 2012-04-12 | Pfu Ltd | Information processor, password diagnostic method and program |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001134491A (en) * | 1999-11-02 | 2001-05-18 | Mitsubishi Electric Corp | System for supporting selection of password |
US9122867B2 (en) * | 2007-06-08 | 2015-09-01 | International Business Machines Corporation | Techniques for presenting password feedback to a computer system user |
JP2012161059A (en) * | 2011-02-03 | 2012-08-23 | Konica Minolta Business Technologies Inc | Image processing apparatus, printing system, printing method, and computer program |
WO2015198463A1 (en) * | 2014-06-27 | 2015-12-30 | 楽天株式会社 | Information processing device, information processing method, program, storage medium, and password entering device |
-
2016
- 2016-03-04 JP JP2018502497A patent/JPWO2017149779A1/en active Pending
- 2016-03-04 WO PCT/JP2016/056860 patent/WO2017149779A1/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001337919A (en) * | 2000-05-24 | 2001-12-07 | Mitsubishi Electric Corp | Security hole diagnostic system |
JP2003203051A (en) * | 2002-01-07 | 2003-07-18 | Yamatake Corp | Security measure execution device and method, security measure execution program, and storage medium with the program stored therein |
JP2004133720A (en) * | 2002-10-11 | 2004-04-30 | Yamatake Corp | Password strength checking method and device, password strength checking program, and recording med |
JP2008257577A (en) * | 2007-04-06 | 2008-10-23 | Lac Co Ltd | Security diagnostic system, method and program |
JP2012037948A (en) * | 2010-08-04 | 2012-02-23 | Hitachi Ltd | Method for changing device setting |
JP2012073904A (en) * | 2010-09-29 | 2012-04-12 | Pfu Ltd | Information processor, password diagnostic method and program |
Also Published As
Publication number | Publication date |
---|---|
JPWO2017149779A1 (en) | 2018-08-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10305889B2 (en) | Identity authentication method and device and storage medium | |
US9838384B1 (en) | Password-based fraud detection | |
US20170140137A1 (en) | Multi-System Entering Method, Apparatus and Terminal | |
US10574697B1 (en) | Providing a honeypot environment in response to incorrect credentials | |
US9503451B1 (en) | Compromised authentication information clearing house | |
US20150319173A1 (en) | Co-verification method, two dimensional code generation method, and device and system therefor | |
JP5514890B1 (en) | How to prevent continuous unauthorized access | |
US9172692B2 (en) | Systems and methods for securely transferring authentication information between a user and an electronic resource | |
US20140380463A1 (en) | Password setting and verification | |
JP2013528841A (en) | Biometric sensor and associated method for detecting human presence | |
JP2008059173A (en) | Authentication method | |
JP5568696B1 (en) | Password management system and program for password management system | |
US10509903B2 (en) | Computer system, IoT device monitoring method, and program | |
US10621332B2 (en) | Computer system, IoT device monitoring method, and program | |
TWI634450B (en) | High-safety user multi-authentication system and method | |
Adhatrao et al. | A secure method for signing in using quick response codes with mobile authentication | |
WO2017149779A1 (en) | Device monitoring system, device monitoring method, and program | |
JP5511449B2 (en) | Information processing apparatus, information processing apparatus authentication method, and program | |
CN110875921B (en) | Printer network access security detection method and device and electronic equipment | |
KR20110071366A (en) | Verification apparatus and its method, recording medium having computer program recorded | |
JP6928302B2 (en) | Computer systems, IoT device monitoring methods and programs | |
KR20090037613A (en) | Computing system and method for managing use information of the same, and smart card apparatus for computer security and security method of the same | |
JP2011118631A (en) | Authentication server, authentication method, and program | |
JP2016200869A (en) | Authentication server, authentication system, and authentication method | |
KR20080033682A (en) | Server authentication system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref document number: 2018502497 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16892618 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 10/12/2018) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 16892618 Country of ref document: EP Kind code of ref document: A1 |