WO2017159106A1 - Monitoring device, aggregation system, monitoring method, and program - Google Patents

Monitoring device, aggregation system, monitoring method, and program Download PDF

Info

Publication number
WO2017159106A1
WO2017159106A1 PCT/JP2017/003995 JP2017003995W WO2017159106A1 WO 2017159106 A1 WO2017159106 A1 WO 2017159106A1 JP 2017003995 W JP2017003995 W JP 2017003995W WO 2017159106 A1 WO2017159106 A1 WO 2017159106A1
Authority
WO
WIPO (PCT)
Prior art keywords
input
input operation
terminal
user
unit
Prior art date
Application number
PCT/JP2017/003995
Other languages
French (fr)
Japanese (ja)
Inventor
伸行 尾張
洋輔 竹内
Original Assignee
三菱重工メカトロシステムズ株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱重工メカトロシステムズ株式会社 filed Critical 三菱重工メカトロシステムズ株式会社
Priority to KR1020187026581A priority Critical patent/KR102156025B1/en
Priority to MYPI2018703245A priority patent/MY193759A/en
Publication of WO2017159106A1 publication Critical patent/WO2017159106A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3438Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment monitoring of user actions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B15/00Arrangements or apparatus for collecting fares, tolls or entrance fees at one or more control points

Definitions

  • the present invention relates to a monitoring device, a counting system, a monitoring method, and a program.
  • tollgate offices On toll roads such as expressways, offices (tollgate offices) are set up for each toll gate, and sales processing at each tollgate is tabulated using terminal devices installed in this tollgate office.
  • the terminal device for aggregation processing used in the toll office is limited in its use, and there are few opportunities to be replaced for the purpose of multi-functionality and high performance. Therefore, once installed, it is used as it is for a relatively long period of time. Due to such circumstances, there is a concern that the terminal device used in the tollgate office is usually developed at an old time and is not sufficiently robust against an unauthorized operation by an operator.
  • the above-described terminal device for aggregation processing often does not have more resources than necessary for the purpose of cost reduction. Therefore, even if a new application for preventing unauthorized operation by a worker (terminal device user) is incorporated as software, resources are occupied by the application and the functions necessary for the original use are fully operational. It is assumed that it cannot be made.
  • the monitoring device sends the terminal body (21) of the terminal device (20) that performs information processing and the electric signal pattern associated with the input operation of the user toward the terminal body.
  • an input operation specifying unit (301) for specifying a user's input operation related to the electric signal pattern, and a recording target input operation specified in advance among the specified input operations is recorded on a recording medium.
  • the monitoring device described above includes an input command configured by one input operation or a combination of a plurality of the input operations, and a predetermined input restriction target command. , And when the input command matches the input restriction target command, an input for restricting transmission of the electric signal pattern associated with the input operation instructing execution of the input command to the terminal body A limiting unit (303) is further provided. By doing in this way, it can prevent that a user performs the specific input command which should be restrict
  • the input restriction unit is an input time series indicating a change with time of the electric signal pattern associated with one input operation or a combination of the plurality of input operations. If the input time-series pattern deviates from the standard time-series pattern indicating the change over time of the electric signal pattern that is assumed to be generated as a result of an input operation by a human, the input time-series pattern is The transmission of the included electric signal pattern to the terminal body is restricted. In this way, when an input time series pattern that deviates from the standard time series pattern that is defined on the assumption that a human input operation is assumed, an operation from the input device was performed by a malicious program.
  • control software built in the input device is infected with a malicious program (malware), which prevents commands that are not intended by the operator from being input or the terminal body from being illegally operated. can do.
  • a malicious program malware
  • the monitoring apparatus described above collates the specified input operation with a predetermined image extraction target input operation, and the input operation is the image extraction target input operation.
  • the monitoring device described above performs an authentication process for a user and, when correctly authenticated, an authentication processing unit that connects between the terminal body and the input device ( 300). By doing so, it is possible to disconnect the connection between the terminal body and the input device before it is correctly authenticated, thus preventing unauthorized persons from performing unauthorized operations. can do.
  • the monitoring device further includes a light emission control unit (306) that causes the lighting unit to emit light in accordance with the timing when the input operation of the user is specified.
  • a light emission control unit (306) that causes the lighting unit to emit light in accordance with the timing when the input operation of the user is specified.
  • the monitoring device described above further includes a display control unit (305) that causes the display unit to display information associated with the specified input operation.
  • the monitoring device can visually notify the user that the input operation performed by the user himself / herself is accurately detected by the monitoring device 3.
  • the tabulation system (2A) includes the monitoring device described above and the terminal device, and the terminal device collects and collects information at a toll gate on the toll road as the information processing. The totaled charges are collected.
  • a monitoring method includes: a terminal body of a terminal device that performs information processing; and an input device that transmits an electric signal pattern associated with a user's input operation toward the terminal body.
  • a monitoring method using a monitoring device connected between the main body side connection interface connected to the terminal main body and a device side connection interface connected to the input device, wherein the electric signal pattern A step of specifying an input operation of a related user, and a step of recording a recording target input operation defined in advance among the specified input operations on a recording medium.
  • a program includes: a terminal body of a terminal device that performs information processing; and an input device that sends an electric signal pattern associated with a user's input operation toward the terminal body.
  • a monitoring device computer connected between and connected to the terminal body and connected to the input device and a device-side connection interface connected to the input device is input to a user related to the electrical signal pattern.
  • An input operation specifying unit that specifies an operation, and an input operation recording unit that records a predetermined recording target input operation on the recording medium among the specified input operations.
  • the monitoring device the counting system, the monitoring method, and the program described above, it is possible to appropriately record information related to the input operation performed by the user on the terminal device, thereby reducing the burden of subsequent analysis work.
  • post-mortem analysis here is, for example, specifying whether the worker has performed an illegal act (unauthorized operation), whether the worker has made a mistake or whether the work declaration is false. -There are things such as specifying whether there is no error and checking the consistency between the work contents of the operator and the operation contents of the terminal body (whether the terminal body is malfunctioning or malware infection is present).
  • FIG. 1 is a diagram illustrating an overall configuration of a toll gate and a toll gate office according to the first embodiment.
  • the toll booth 1 has a manned booth 10 installed on the side of a lane L on which a vehicle A about to leave a toll road travels.
  • a receiver who performs toll collection processing for the driver of the vehicle A and the like waits.
  • the toll collector performs toll collection processing using a toll collecting machine 10 ⁇ / b> A installed in the manned booth 10.
  • the fee collection machine 10A performs a fee collection process for the user in accordance with an operation by the collection member. Specifically, the toll collector 10A receives entrance information indicating an entrance through which the vehicle A has passed, information indicating the vehicle type of the vehicle A, and the like, and determines a fee (charged amount) for the vehicle A. Further, the toll collection machine 10A accepts the input of money (banknotes, coins) received from the driver of the vehicle A, etc., calculates the change, or issues a receipt after the delivery of money is completed. The toll collector 10A records and accumulates various information indicating the sales amount, vehicle type, entrance, etc. received from the vehicle A traveling in the lane L on an internal recording medium. These pieces of information accumulated in the toll collector 10A are transmitted to the toll office 2 (described later) in predetermined time units (for example, in units of one day) by the operation of the toll collector.
  • the toll gate 1 is provided with a plurality of manned booths 10 and toll collectors 10A for each lane L.
  • the various information recorded and accumulated by the plurality of fee collectors 10A is collected.
  • the toll booth office 2 is a facility for monitoring the toll booth 1 and collecting and managing various information acquired at the toll booth 1.
  • a monitor who monitors the toll booth 1 through a monitoring camera or the like is stationed.
  • the monitor uses a counting system 2A installed in the toll booth office 2 to perform tabulation processing on the sales amount acquired and collected at the toll booth 1.
  • the counting system 2A includes a terminal device 20 and a monitoring device 3.
  • the terminal device 20 includes a terminal main body 21, a monitor 22, and an input device 23.
  • the terminal device 20 is a terminal device in which a dedicated application for performing a totaling process of charges (sales amount) received at the toll gate 1 is installed.
  • the terminal main body 21 has main hardware (motherboard, CPU, memory, hard disk, power supply unit, etc.) of the terminal device 20 inside.
  • the monitor 22 is a display device that transmits information to the user (monitor) of the terminal device 20 through vision, and is, for example, a liquid crystal display.
  • the input device 23 is a human interface used when the user gives a command related to the tabulation process to the terminal device 20. In the present embodiment, the input device 23 is specifically a mouse, a keyboard, or a panel computer that receives a predetermined input operation from the user.
  • These human interfaces send out an electric signal pattern (associated with the input operation) corresponding to the input operation of the user toward the terminal body 21.
  • the electric signal pattern is an array pattern of logical information “1” and “0” associated with two kinds of voltage levels “High” and “Low”.
  • the monitoring device 3 is connected to the terminal device 20 and monitors an input operation performed on the terminal device 20.
  • FIG. 2 is a diagram illustrating a functional configuration of the aggregation system according to the first embodiment.
  • the monitoring device 3 is connected between the terminal main body 21 of the terminal device 20 that performs aggregation processing and the input device 23 (mouse 23 a, keyboard 23 b, panel computer 23 c) of the terminal device 20. Yes.
  • the monitoring device 3 includes a CPU 30, a main body side connection interface 31, a device side connection interface 32, a signal transmission unit 33, a connection switch 34, a display 35, and a card reader 36.
  • the CPU 30 is a processor that controls the overall operation of the monitoring device 3. Various functions of the CPU 30 in the monitoring device 3 will be described later.
  • the main body side connection interface 31 is a connection interface connected to the terminal main body 21 (connection interface 21a) of the terminal device 20.
  • the device side connection interface 32 is a connection interface connected to the input device 23 of the terminal device 20.
  • the input device 23 is originally directly connected to the connection interface 21 a of the terminal body 21.
  • standards such as PS / 2, USB (Universal Serial Bus), and RS-232C are used. Therefore, the main body side connection interface 31 and the device side connection interface 32 have a plurality of connection interfaces compliant with the standard.
  • the signal transmission unit 33 is provided on the transmission line ⁇ connecting the main body side connection interface 31 and the device side connection interface 32 inside the monitoring device 3.
  • the signal transmission unit 33 temporarily retains the electrical signal pattern received from each of the input devices 23 and transmits the retained electrical signal pattern to the terminal body 21 according to control by the CPU 30.
  • connection switch 34 is provided on the transmission line ⁇ connecting the main body side connection interface 31 and the device side connection interface 32 inside the monitoring device 3, and can switch connection / disconnection of each transmission line ⁇ according to control by the CPU 30. It is an element to do.
  • connection switch 34 When the connection switch 34 is in a connected state, the terminal main body 21 and the input device 23 are connected, and an electric signal pattern can be transmitted from the input device 23 to the terminal main body 21.
  • connection switch 34 is in a disconnected state, the electrical signal pattern sent from the input device 23 is not transmitted to the terminal body 21.
  • the display 35 is a display means incorporated in the housing of the monitoring device 3, and is, for example, a liquid crystal display.
  • the display 35 displays information indicating the input operation of the user.
  • the card reader 36 reads an ID card in which identification information unique to the user (user identification information) is recorded.
  • the LED 37 is an aspect of lighting means attached to the housing of the monitoring device 3.
  • the recording medium 38 is a recording medium built in the monitoring apparatus 3, and is, for example, an HDD (Hard Disk Drive), an SSD (Solid State Drive) or the like.
  • the monitoring device 3 is also connected between the terminal body 21 and the monitor 22.
  • the transmission line ⁇ to which the monitor 22 is connected via the device side connection interface 32 directly connects the main body side connection interface 31 and the device side connection interface 32.
  • FIG. 3 is a diagram illustrating a configuration of the CPU and the recording medium according to the first embodiment.
  • the configurations of the CPU 30 and the recording medium 38 will be described with reference to FIGS. 2 and 3.
  • the CPU 30 includes an authentication processing unit 300, an input operation specifying unit 301, an input operation recording unit 302, an input restriction unit 303, a monitor image recording unit 304, a display control unit 305, and a light emission control unit 306. It has the function of
  • the authentication processing unit 300 performs an authentication process for the user of the terminal device 20 and connects the terminal main body 21 and the input device 23 when correctly authenticated. Specifically, the authentication processing unit 300 acquires user identification information read from the ID card through the card reader 36. Then, the authentication processing unit 300 refers to the authentication table 380 recorded on the recording medium 38 and determines whether or not the acquired user identification information is registered in the authentication table 380.
  • the authentication table 380 is an information table in which user identification information of a person who uses the terminal device 20 is recorded.
  • the authentication processing unit 300 outputs a connection instruction signal to the connection switch 34 to connect The switch 34 is connected.
  • the input operation specifying unit 301 specifies the user's input operation related to the electrical signal pattern received from the input device 23. Specifically, the input operation specifying unit 301 refers to the electric signal pattern temporarily held in the signal transmission unit 33 and specifies the input operation of the user related to the electric signal pattern.
  • the “input operation” is an operation (behavior) that is specifically performed on the input device 23 when the user gives a command to the terminal device 20. More specifically, for example, operations performed on the keyboard 23b include operations of pressing various input keys such as “pressing the Enter key” and “pressing the Delete key”.
  • the input operation specifying unit 201 refers to the input operation specifying table 381 and acquires the input operation associated with the electric signal pattern held in the signal transmission unit 33. In this way, the input operation specifying unit 201 specifies the user's input operation related to the electric signal pattern.
  • the input action recording unit 302 records a predetermined (predetermined) recording target input action on the recording medium 38 among the input actions specified by the input action specifying unit 201.
  • the input operation recording unit 302 refers to the recording target input operation table 382 recorded in advance on the recording medium 38, and inputs specified as “recording target input operation” in the recording target input operation table 382.
  • the operation is recorded on the recording medium 38.
  • Information (input operation information) indicating the input operation recorded by the input operation recording unit 302 is accumulated in the input operation log 385 together with time information indicating the input date and time.
  • the input restriction unit 303 restricts transmission of an electric signal pattern related to an input operation that satisfies a predetermined condition to the terminal main body 21. Specifically, the input restriction unit 303 collates an input command input from the user with a predetermined input restriction target command, and whether the input command matches the input restriction target command. Determine whether or not. When the input command that has been input matches the input restriction target command, the input restriction unit 303 restricts transmission of an electric signal pattern related to an input operation that instructs execution of the input command.
  • an input restriction target command table 383 is recorded in advance on the recording medium 38.
  • the input restriction target command table 383 is an information table in which input commands defined as “input restriction target commands” are recorded.
  • the “input command” is a character string composed of a combination of a plurality of input operations (key presses) received by the keyboard 23b, and specifies a process to be executed by the terminal device 20.
  • the input command includes “copy” for designating a copy of a file, “delete” for designating deletion of the file, and the like.
  • the process specified by such an input command is actually executed at the time when a special key press (for example, Enter key press) is received following the input operation of the input command. That is, in this embodiment, the input operation “pressing the Enter key” is an input operation that instructs the terminal device 20 to execute the input command input immediately before the Enter key is pressed.
  • the monitor image recording unit 304 acquires an image displayed on the monitor 22 of the terminal device 20 and records it on the recording medium 38 when the input operation specified by the input operation specifying unit 201 satisfies a predetermined condition. Specifically, the monitor image recording unit 304 compares the specified input operation with a predetermined image extraction target input operation, and whether the specified input operation matches the image extraction target input operation. Determine whether or not. When the input operation matches the image extraction target input operation, the monitor image recording unit 304 acquires the image displayed on the monitor 22 of the terminal device 20 and records it on the recording medium 38.
  • an image extraction target input operation table 384 is recorded in the recording medium 38 in advance.
  • the image extraction target input operation table 384 is an information table in which an input operation defined as “image extraction target input operation” is recorded.
  • the image recorded by the monitor image recording unit 304 is accumulated in the monitor image log 386 together with time information indicating the input date and time.
  • the display control unit 305 causes the display 35 to display information indicating the input operation specified by the input operation specifying unit 201.
  • the light emission control unit 306 causes the LED 37 to emit light according to the timing when the user input operation is specified.
  • FIG. 4 is a diagram illustrating a first processing flow of the CPU according to the first embodiment.
  • FIG. 5 and FIG. 6 are a first diagram and a second diagram, respectively, showing the input operation specifying table according to the first embodiment.
  • FIGS. 7 and 8 are a first diagram and a second diagram, respectively, showing a recording target input operation table according to the first embodiment.
  • the first processing flow of the CPU will be described with reference to FIGS.
  • the first processing flow shown in FIG. 4 is executed at a stage where the user operates the terminal device 20 after the user is correctly authenticated through the authentication processing by the authentication processing unit 300.
  • the input operation specifying unit 301 acquires the electrical signal pattern held in the signal transmission unit 33 (step S00).
  • the input operation specifying unit 301 specifies the input operation associated with the electrical signal pattern acquired from the signal transmission unit 33 (step S01).
  • the input operation specifying unit 301 refers to the input operation specifying table 381 recorded in advance on the recording medium 38.
  • the input operation specifying table 381 shown in FIG. 5 records an input operation received by the keyboard 23b (such as pressing the Enter key) and an electric signal pattern sent out by the keyboard 23b according to the received input operation in association with each other. Yes. Further, the input operation specifying table 381 shown in FIG. 6 records the input operation (double click or the like) received by the mouse 23a and the electric signal pattern sent out by the mouse 23a in accordance with the received input operation in association with each other. ing.
  • the input operation specifying unit 301 acquires the electric signal pattern held in the signal transmission unit 33, and refers to the input operation specifying table 381 shown in FIGS. Identify the associated input action.
  • the display control unit 305 causes the display 35 to display information indicating the input operation specified by the input operation specifying unit 301 (step S02). For example, when the specified input operation is “pressing the Enter key” on the keyboard 23 b, the display control unit 305 displays “Enter” or the like on the display 35. Further, for example, when the specified input operation is “double click” with the mouse 23 a, the display control unit 305 displays “double click” or the like on the display 35.
  • the light emission control unit 306 turns on the LED 37 for a predetermined time (for example, about several tens to several hundreds of milliseconds) at the timing when the input operation is specified by the input operation specifying unit 301 (step S03).
  • the input action recording unit 302 collates the input action specified in step S01 with the recording target input action table 382, and determines whether or not the specified input action is a “recording target input action”. Is determined (step S04).
  • the recording target input operation table 382 shown in FIG. 7 defines which input operation among the various input operations accepted by the keyboard 23b is the recording target (recording target input operation). For example, according to the recording target input operation table 382 shown in FIG. 7, the input operations of “Enter key pressed”, “Delete key pressed”, “Space key pressed”, and “BackSpace key pressed” are recording target input operations. It is prescribed. Further, according to the recording target input operation table 382 shown in FIG. 7, it is specified that input operations such as “F (function) 1 key press”, “F2 key press”, etc. are not recording target input operations. In addition, the recording target input operation table 382 shown in FIG.
  • the recording target input operation table 382 shown in FIG. 8 it is specified that the input operations of “single click”, “double click”, and “right click” are recording target input operations. Further, according to the recording target input operation table 382 shown in FIG. 8, it is defined that input operations such as “cursor movement” and “drag” are not recording target input operations.
  • the input operation recording unit 302 displays the specified input operation.
  • the information (input operation information) is recorded on the recording medium 38 in association with the time information indicating the specified time and the user identification information indicating the user who performed the input operation (step S05). It is assumed that the user identification information recorded here is acquired through an authentication process performed by the authentication processing unit 300.
  • the input operation information, time information, and user identification information recorded in step S05 are stored as an input operation log 385.
  • the input operation recording unit 302 records the input operation. The process ends without recording on the medium 38.
  • FIG. 9 is a diagram illustrating a second processing flow of the CPU according to the first embodiment.
  • FIG. 10 is a diagram illustrating an input restriction target table according to the first embodiment.
  • the second processing flow of the CPU will be described with reference to FIGS. 9 and 10.
  • the second processing flow shown in FIG. 9 is after the user is correctly authenticated through the authentication processing by the authentication processing unit 300, and in step S01 (FIG. 4) of the first processing flow, It is executed at the stage when the input operation for the input device 23 is specified.
  • the input restriction unit 303 When the input operation specified in step S01 of the first processing flow is an input operation accepted from the keyboard 23b, the input restriction unit 303 temporarily stores key information indicating the input operation (which key has been pressed). Recording is performed in a memory (not shown in FIGS. 2 and 3) (step S11).
  • the temporary memory may be a memory provided inside the CPU 30 or a memory (DRAM (Dynamic Random Access Memory) or the like) connected to the outside of the CPU 30.
  • DRAM Dynamic Random Access Memory
  • the input restriction unit 303 determines whether or not the input operation received from the keyboard 23b (the input operation specified in step S01 (FIG. 4)) is “Enter key pressed” (step S12).
  • the input restriction unit 303 outputs a transmission instruction signal to the signal transmission unit 33 (FIG. 2) and is retained.
  • the received electrical signal pattern (that is, the electrical signal pattern associated with the input operation received from the keyboard 23b) is sent to the terminal body 21 (step S13).
  • step S13 an electric signal pattern associated with an input operation (for example, “d” key press) performed by the user on the keyboard 23b is sent to the terminal body 21, and the result is reflected on the monitor 22 or the like ( For example, the letter “d” is displayed on the monitor 22).
  • the input restriction unit 303 returns to step S11 again and records the input operation from the keyboard 23b specified for the second time in the temporary memory.
  • the input restriction unit 303 temporarily stores the key information “e” following “d” recorded for the first time. Record in memory.
  • a character string (input command) “de” is formed on the temporary memory.
  • step S ⁇ b> 13 an electrical signal pattern associated with the input operation “e” key press ”is sent to the terminal body 21.
  • step S12 when the input operation received from the keyboard 23b is “Enter key pressed” (step S12: YES), the input restriction unit 303 inputs the input command (for example, a character string “de”) recorded in the temporary memory. Is equal to the “input restriction target command” (step S14).
  • the input command for example, a character string “de”
  • the input restriction target command table 383 illustrated in FIG. 10 defines which input command among the various input commands to be input is the input restriction target (input restriction target command). According to the input restriction target command table 383 shown in FIG. 10, it is specified that character strings (input commands) such as “format” and “delete” are input restriction target commands.
  • step S14 When the input command recorded in the temporary memory does not match any “input restriction target command” (step S14: NO), the input restriction unit 303 sends a transmission instruction signal to the signal transmission unit 33. The output and the electric signal pattern associated with the input operation of “Enter key pressed” are sent to the terminal body 21 (step S15). In this case, the input restriction unit 303 deletes the input command recorded in the temporary memory (step S16). Thereafter, the input restriction unit 303 returns to step S11 and repeatedly executes the same processing flow.
  • step S14 when the input command recorded in the temporary memory matches any “input restriction target command” (step S14: YES), the input restriction unit 303 does not perform the processes of steps S15 and S16. . Thereby, even if the user presses the Enter key, the electric signal pattern associated with the input operation of “Enter key press” is blocked inside the monitoring device 3 and is not transmitted to the terminal body 21. Thereafter, the input restriction unit 303 returns to step S11 and repeatedly executes the same processing flow.
  • FIG. 11 is a diagram illustrating a third processing flow of the CPU according to the first embodiment.
  • FIG. 12 is a diagram illustrating an image extraction target input operation table according to the first embodiment.
  • the third processing flow of the CPU will be described with reference to FIGS. 11 and 12.
  • step S01 (FIG. 4) of the first processing flow, the user's input operation to the input device 23 is specified. It is executed in the stage where
  • the monitor image recording unit 304 collates the input operation specified in step S01 of the first processing flow with the image extraction target input operation table 384, and the specified input operation is “image extraction target input operation”. It is determined whether or not (step S21).
  • the image extraction target input operation table 384 shown in FIG. 12 indicates which screen shot recording (image extraction processing) is executed when any input operation is specified among various input operations. (I.e., the input operation to perform screen shot recording). According to the image extraction target input operation table 384 shown in FIG. 12, it is defined that input operations such as “single click” and “double click” are image extraction target input operations.
  • the monitor image recording unit 304 When the specified input operation is the image extraction target input operation (step S21: YES), the monitor image recording unit 304 performs a screen shot of the image displayed on the monitor 22 (step S22).
  • the monitor image recording unit 304 acquires an image through a transmission line ⁇ (see FIG. 2) connected between the terminal main body 21 and the monitor 22.
  • the monitor image recording unit 304 records the acquired image on the recording medium 38 in association with time information indicating the date and time when the image was acquired and user identification information.
  • the acquired image, time information, and user identification information recorded in step S22 are accumulated as a monitor image log 386.
  • the monitor image recording unit 304 ends the process without executing step S22.
  • the monitoring device 3 sends the terminal main body 21 that is the main body of the terminal device 20 and the electric signal pattern associated with the input operation of the user toward the terminal main body 21. It is connected between the input device 23. Further, the monitoring device 3 includes a main body side connection interface 31 connected to the terminal main body 21 and a device side connection interface 32 connected to the input device 23. Further, the CPU 30 of the monitoring device 3 includes an input operation specifying unit 301 that specifies a user's input operation related to the electric signal pattern, and a recording target input operation that is defined in advance among the specified input operations. And an input operation recording unit 302 for recording.
  • the monitoring apparatus 3 is not the electric signal pattern itself but the information which shows the input operation which the user actually performed for the electric signal pattern sent toward the terminal main body 21 from the input device 23. Record with. Thereby, by referring to the recorded input operation log, it is possible to easily analyze the work performed on the terminal device 20 by the user.
  • the input operation to be recorded is limited to a predetermined recording target input operation, only the information necessary for specifying the user's work is recorded, and unnecessary information is not recorded. Can be.
  • the input operation related to the cursor movement of the mouse 23a is often not required to specifically specify the work performed by the user even if recording is performed one by one. Therefore, it is possible not to leave a log for the input operation related to the cursor movement of the mouse 23a.
  • the monitoring device 3 includes an input restriction unit 303.
  • the input restriction unit 303 collates an input command configured by a combination of a plurality of input operations related to the keyboard 23b with a predetermined input restriction target command.
  • the input restriction unit 303 uses the terminal of the electric signal pattern associated with the input operation (for example, “Enter key press”) instructing the execution of the input command. Restrict sending to the main body 21. By doing in this way, it can prevent that a user performs the specific input command which should be restrict
  • the input command “format” is an input command for erasing all information recorded on the recording medium of the terminal device 20, and should be restricted in use in normal business.
  • the input restriction unit 303 restricts transmission of an electric signal pattern associated with an input operation (pressing the Enter key) instructing execution of the input command when a character string “input” (an input command) is configured. To do. As a result, the user cannot execute the process related to “format” on the terminal device 20.
  • the monitoring device 3 further includes a monitor image recording unit 304.
  • the monitor image recording unit 304 collates the input operation specified by the input operation specifying unit 301 with the image extraction target input operation specified in advance as described above.
  • the monitor image recording unit 304 acquires the image displayed on the monitor 22 of the terminal device 20 and records it on the recording medium 38 when the specified input operation matches the image extraction target input operation. In this way, the image displayed on the monitor 22 can be recorded as a log when a predetermined image extraction target input operation is received.
  • a “single click” input operation on the mouse 23a it is often impossible to know what work the user is actually performing by using only information related to the input operation. . Therefore, when an input operation of “single click” is received from the mouse 23a, the operation performed by the user through the input operation of “single click” is grasped in more detail by separately recording an image at that time. can do.
  • the monitoring device 3 further includes an authentication processing unit 300 that performs authentication processing for the user and connects the terminal body 21 and the input device 23 when correctly authenticated. ing.
  • an authentication processing unit 300 that performs authentication processing for the user and connects the terminal body 21 and the input device 23 when correctly authenticated.
  • the monitoring device 3 further includes a light emission control unit 306 that causes the lighting unit (LED 37) to emit light according to the timing when the user's input operation is specified.
  • the light emission control unit 306 whenever the user performs some input operation on the input device 23, the LED 37 of the monitoring device 3 is turned on.
  • the monitoring apparatus 3 can make a user recognize simply that the own apparatus (monitoring apparatus 3) is functioning effectively. Therefore, it is possible to reduce the consciousness of the user who intends to perform fraud, and to suppress fraudulent operations.
  • the monitoring device 3 further includes a display control unit 305 that displays information indicating the input operation specified by the input operation specifying unit 301 on the display unit (display 35).
  • a display control unit 305 displays information indicating the input operation specified by the input operation specifying unit 301 on the display unit (display 35).
  • information indicating the input operation character string information “Enter”
  • the user of the terminal device 20 grasps that the input operation performed by the user is correctly recognized by the monitoring device 3.
  • the monitoring device 3 can visually notify the user that the input operation performed by the user himself / herself is accurately detected by the monitoring device 3. Therefore, unauthorized operation by the user can be further suppressed.
  • the monitoring device 3 according to the first embodiment has been described in detail above, the specific aspect of the monitoring device 3 according to the first embodiment is not limited to the above-described one, and departs from the gist. It is possible to add various design changes and the like within the range not to be performed.
  • the monitoring device 3 may further include the following functions.
  • the monitoring device 3 performs an input operation at a speed significantly exceeding the speed of the input operation from the input device 23 performed in normal business (for example, the number of times the key is pressed per predetermined time if the input is from the keyboard 23b).
  • the transmission of the electric signal pattern corresponding to the input operation and all electric signal patterns thereafter (or until a predetermined time elapses) may be restricted.
  • the input restriction unit 303 acquires an “input time-series pattern” indicating a change with time of an electric signal pattern associated with one input operation or a combination of a plurality of input operations. .
  • This “input time-series pattern” is obtained, for example, by sampling a set of electrical signal patterns that are continuously transmitted from the input device 23 when an input operation is continuously performed at regular time intervals. Then, when the input time series pattern deviates from the “standard time series pattern” indicating the temporal change of the electric signal pattern assumed to be generated as a result of the input operation by a human, the input restriction unit 303 The transmission of the electric signal pattern included in the input time series pattern to the terminal body 21 is restricted.
  • the “standard time series pattern” matches, for example, a set of electrical signal patterns that are continuously transmitted from the keyboard 23b when the key is pressed “20 times” per second from the keyboard 23b. Predefined.
  • BAD USB refers to charging malware into control software (firmware) built in a USB device.
  • firmware firmware
  • PC side it seems that the user has just entered the key from the keyboard, and generally, the USB firmware cannot be accessed from the PC side, so detection and removal cannot be performed, and it is difficult to take a complete countermeasure in principle. Has been.
  • the monitoring device 3 when an “input time series pattern” that deviates from a “standard time series pattern” that is defined assuming normal input operations by human beings is input, a malicious program (malware ), It is determined that the key operation of the keyboard 23b has been performed, and transmission of the input time series pattern to the terminal body 21 can be restricted. Therefore, it is possible to prevent the control software built in the input device 23 from being infected with a malicious program, thereby causing a command not intended by the operator to be input or the terminal body to be illegally operated. Can do.
  • the monitor image recording unit 304 extracts an image displayed on the monitor 22 when an input operation that matches a predetermined image extraction target input operation is specified (screenshot).
  • screenshot an input operation that matches a predetermined image extraction target input operation is specified
  • the monitor image recording unit 304 according to the modification of the first embodiment measures time, and takes a screen shot at a timing when a predetermined time has elapsed (or timing when a predetermined time is reached). It may be done.
  • the input operation recording unit 302 (monitor image recording unit 304) according to the first embodiment is described as recording the input operation log 385 (monitor image log 386) in the recording medium 38 built in the monitoring device 3 itself.
  • the input operation recording unit 302 (monitor image recording unit 304) according to the modified example of the first embodiment has an input operation log 385 (monitor image log 386) installed in a remote place via a network. It may be a mode of recording.
  • the monitoring device 3 may have a mode in which a recording medium for recording various logs (the input operation log 385 and the monitor image log 386) is not provided.
  • the monitoring device 3 according to the first embodiment has been described as including the card reader 36 and performing the authentication process based on the user identification information read through the card reader 36.
  • the form is not limited to this aspect.
  • the monitoring device 3 according to the modified example of the first embodiment may include an input unit (for example, a numeric keypad) that receives a login ID and a password from a user, instead of including the card reader 36. Good.
  • the monitoring device 3 may divert the keyboard 23b, which is the input device 23 of the terminal device 20, as an input unit for authentication processing with respect to the monitoring device 3.
  • the monitoring apparatus 3 which concerns on 1st Embodiment was demonstrated as an aspect which has the display 35 and the display control part 305, in other embodiment, it is not limited to this aspect.
  • the monitoring apparatus 3 according to the modification of the first embodiment may not include the display 35 and the CPU 30 may not include the display control unit 305.
  • the monitoring apparatus 3 which concerns on 1st Embodiment was demonstrated as an aspect which has LED37 and the light emission control part 306, in other embodiment, it is not limited to this aspect.
  • the monitoring device 3 according to the modification of the first embodiment may not include the LED 37, and the CPU 30 may not include the light emission control unit 306.
  • the CPU 30 of the monitoring device 3 according to the first embodiment has been described as having the functions of the input restriction unit 303 and the monitor image recording unit 304, other embodiments are not limited to this mode. That is, for the monitoring device 3 according to another embodiment, the input restriction unit 303, the monitor image recording unit 304, the input restriction target command table 383, and the image extraction target input operation table 384 are not essential components.
  • the “input command” has been described as a combination (character string) of a plurality of input operations from the keyboard 23b.
  • a single input operation For example, there may be an input command consisting of only one alphabetic character.
  • the “electric signal pattern” is an array pattern of logical information “1” and “0” associated with two kinds of voltage levels of “High” and “Low”. Although described, other embodiments are not limited to this aspect. That is, the electric signal pattern may be in any form as long as the input operation accepted by the input device 23 can be distinguished on the terminal body 21 side.
  • the processes of the various processes of the monitoring device 3 described above are stored in a computer-readable recording medium in the form of a program.
  • the computer-readable recording medium is a magnetic disk, a magneto-optical disk, a CD-ROM, a DVD-ROM, a semiconductor memory, or the like.
  • the computer program may be distributed to the computer via a communication line, and the computer that has received the distribution may execute the program.
  • the above program may be for realizing a part of the above-described functions. Furthermore, what can implement

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • Debugging And Monitoring (AREA)
  • Devices For Checking Fares Or Tickets At Control Points (AREA)

Abstract

Provided is a monitoring device (3), which is connected between a terminal main body (21) of a terminal device which carries out an information process and input peripherals (23) which transmit to the terminal main body (21) electrical signal patterns which are associated with a user's input operations, said monitoring device (3) comprising: a main body-side connection interface which is connected to the terminal main body (21); a peripheral-side connection interface which is connected to the input peripherals (23); an input operation identification unit which identifies the user's input operations which are associated with the electrical signal patterns; and an input operation recording unit which records in a recording medium, among the identified input operations, a predefined input operation to be recorded.

Description

監視装置、集計システム、監視方法及びプログラムMonitoring device, aggregation system, monitoring method and program
 本発明は、監視装置、集計システム、監視方法及びプログラムに関する。
 本願は、2016年3月18日に、日本に出願された特願2016-055308号に基づき優先権を主張し、その内容をここに援用する。 The present invention relates to a monitoring device, a counting system, a monitoring method, and a program.
This application claims priority on March 18, 2016 based on Japanese Patent Application No. 2016-055308 filed in Japan, the contents of which are incorporated herein by reference.
 高速道路等の有料道路においては、料金所別に事務所(料金所事務所)が設置されており、この料金所事務所内に設けられた端末装置を用いて各料金所における売上等の集計処理を行っている(例えば、特許文献1参照)。
 料金所事務所で用いられる集計処理用の端末装置は、その用途が限定されていることもあり、多機能化、高性能化等を目的として取り替えられる機会が少ない。そのため、一旦設置された後は、比較的長期に渡ってそのまま使用される。このような事情により、通常、料金所事務所で用いられている端末装置は、開発された時期が古く、作業者の不正操作に対する堅牢性が十分でないことが懸念されている。 On toll roads such as expressways, offices (tollgate offices) are set up for each toll gate, and sales processing at each tollgate is tabulated using terminal devices installed in this tollgate office. (For example, refer to Patent Document 1).
The terminal device for aggregation processing used in the toll office is limited in its use, and there are few opportunities to be replaced for the purpose of multi-functionality and high performance. Therefore, once installed, it is used as it is for a relatively long period of time. Due to such circumstances, there is a concern that the terminal device used in the tollgate office is usually developed at an old time and is not sufficiently robust against an unauthorized operation by an operator.
特開2003-203254号公報Japanese Patent Laid-Open No. 2003-203254
 上述の集計処理用の端末装置は、コスト削減等の目的で、必要以上のリソースを搭載していない場合が多い。そのため、作業者(端末装置の使用者)の不正操作を防止するための新たなアプリケーションをソフトウェアとして組み入れたとしても、当該アプリケーションにリソースを占有されて、本来の用途に必要な機能を十分に稼働させることができないことが想定される。 The above-described terminal device for aggregation processing often does not have more resources than necessary for the purpose of cost reduction. Therefore, even if a new application for preventing unauthorized operation by a worker (terminal device user) is incorporated as software, resources are occupied by the application and the functions necessary for the original use are fully operational. It is assumed that it cannot be made.
 また、操作内容がある程度限定されている端末装置に対して、例えば、別途のハードウェア機器(例えば、ラインモニタ等のような入力情報の監視装置)を用いたとしても、当該端末装置の監視において必要な情報のみを適切に記録することができないことが想定される。そうすると、例えば、必要以上に大量に記録されたログ情報の中から使用者が具体的に行った作業を適切に特定することが困難となり、事後的な解析作業の負担を増加させる場合がある。 In addition, even if a separate hardware device (for example, an input information monitoring device such as a line monitor) is used for a terminal device whose operation content is limited to some extent, It is assumed that only necessary information cannot be properly recorded. In this case, for example, it is difficult to appropriately specify the work specifically performed by the user from the log information recorded in a larger amount than necessary, which may increase the burden of subsequent analysis work.
 本発明の目的は、使用者の作業を特定することが可能な入力動作情報を適切に記録して、事後的な解析作業の負担を軽減することが可能な監視装置、集計システム、監視方法及びプログラムを提供することにある。 It is an object of the present invention to appropriately record input operation information that can identify a user's work, and to reduce the burden of subsequent analysis work, a monitoring system, a counting system, a monitoring method, and To provide a program.
 本発明の一態様によれば、監視装置は、情報処理を行う端末装置(20)の端末本体(21)と、使用者の入力動作に関連付けられた電気信号パターンを前記端末本体に向けて送出する入力機器(23)との間に接続された監視装置(3)であって、前記端末本体と接続される本体側接続インタフェース(31)と、前記入力機器と接続される機器側接続インタフェース(32)と、前記電気信号パターンに関連する使用者の入力動作を特定する入力動作特定部(301)と、特定された前記入力動作のうち、予め規定された記録対象入力動作を記録媒体に記録する入力動作記録部(302)と、を備える。
 このようにすることで、記録すべき入力動作が、予め規定された記録対象入力動作に限定されるので、使用者の作業を特定する上で必要な情報に限定して記録し、不必要な情報を記録しないようにすることができる。したがって、使用者の作業を特定することが可能な入力動作を適切に記録して、事後的な解析作業の負担を軽減することができる。 According to one aspect of the present invention, the monitoring device sends the terminal body (21) of the terminal device (20) that performs information processing and the electric signal pattern associated with the input operation of the user toward the terminal body. A monitoring device (3) connected to the input device (23) to be connected to the main body side connection interface (31) connected to the terminal main body, and a device side connection interface (31) connected to the input device. 32), an input operation specifying unit (301) for specifying a user's input operation related to the electric signal pattern, and a recording target input operation specified in advance among the specified input operations is recorded on a recording medium. And an input operation recording unit (302).
In this way, since the input operation to be recorded is limited to a predetermined recording target input operation, recording is limited to information necessary for specifying the user's work, which is unnecessary. Information can be prevented from being recorded. Therefore, it is possible to appropriately record the input operation that can identify the user's work, and to reduce the burden of the subsequent analysis work.
 また、本発明の一態様によれば、上述の監視装置は、一の前記入力動作によって、又は、複数の前記入力動作の組み合わせによって構成される入力コマンドと、予め規定された入力制限対象コマンドと、を照合し、前記入力コマンドが前記入力制限対象コマンドと一致する場合には、前記入力コマンドの実行を指示する入力動作に関連付けられた電気信号パターンの、前記端末本体への送出を制限する入力制限部(303)を更に備える。
 このようにすることで、使用者が、端末装置に対して特定の制限すべき入力コマンドを実行することを防止することができる。 Moreover, according to one aspect of the present invention, the monitoring device described above includes an input command configured by one input operation or a combination of a plurality of the input operations, and a predetermined input restriction target command. , And when the input command matches the input restriction target command, an input for restricting transmission of the electric signal pattern associated with the input operation instructing execution of the input command to the terminal body A limiting unit (303) is further provided.
By doing in this way, it can prevent that a user performs the specific input command which should be restrict | limited with respect to a terminal device.
 また、本発明の一態様によれば、前記入力制限部は、一の前記入力動作に、又は、複数の前記入力動作の組み合わせに関連付けられた前記電気信号パターンの経時的変化を示す入力時系列パターンを取得し、当該入力時系列パターンが、人間による入力動作の結果生じると想定される電気信号パターンの経時的変化を示す標準時系列パターンから逸脱している場合には、前記入力時系列パターンに含まれる前記電気信号パターンの、前記端末本体への送出を制限する。
 このようにすることで、人間による入力動作が想定されて規定された標準時系列パターンから逸脱した入力時系列パターンが入力された場合には、悪意のあるプログラムによって入力装置からの操作が行われたものと判断し、当該入力時系列パターンに含まれる電気信号パターンの、端末本体への送出を制限することができる。したがって、入力装置に内蔵される制御用ソフトウェアが悪意のあるプログラム(マルウェア)に感染しており、それによって作業者の意図しないコマンドが入力されたり、端末本体が不正に操作されたりすることを防止することができる。 Further, according to one aspect of the present invention, the input restriction unit is an input time series indicating a change with time of the electric signal pattern associated with one input operation or a combination of the plurality of input operations. If the input time-series pattern deviates from the standard time-series pattern indicating the change over time of the electric signal pattern that is assumed to be generated as a result of an input operation by a human, the input time-series pattern is The transmission of the included electric signal pattern to the terminal body is restricted.
In this way, when an input time series pattern that deviates from the standard time series pattern that is defined on the assumption that a human input operation is assumed, an operation from the input device was performed by a malicious program. Therefore, it is possible to limit transmission of the electric signal pattern included in the input time series pattern to the terminal body. Therefore, the control software built in the input device is infected with a malicious program (malware), which prevents commands that are not intended by the operator from being input or the terminal body from being illegally operated. can do.
 また、本発明の一態様によれば、上述の監視装置は、特定された前記入力動作と、予め規定された画像抽出対象入力動作と、を照合し、前記入力動作が前記画像抽出対象入力動作と一致する場合には、前記端末装置のモニタに表示されている画像を取得して記録媒体に記録するモニタ画像記録部(304)を更に備える。
 このようにすることで、所定の画像抽出対象入力動作を受け付けた時点で、モニタに表示されている画像をログとして記録することができる。 Moreover, according to one aspect of the present invention, the monitoring apparatus described above collates the specified input operation with a predetermined image extraction target input operation, and the input operation is the image extraction target input operation. A monitor image recording unit (304) for acquiring an image displayed on the monitor of the terminal device and recording it on a recording medium.
In this way, the image displayed on the monitor can be recorded as a log when a predetermined image extraction target input operation is received.
 また、本発明の一態様によれば、上述の監視装置は、使用者に対する認証処理を行うとともに、正しく認証された場合に、前記端末本体と前記入力機器との間を接続する認証処理部(300)を更に備える。
 このようにすることで、正しく認証される前の段階では、端末本体と入力機器との接続を切り離しておくことが可能となるため、認証処理を行っていない者が不正操作を行うことを防止することができる。 Moreover, according to one aspect of the present invention, the monitoring device described above performs an authentication process for a user and, when correctly authenticated, an authentication processing unit that connects between the terminal body and the input device ( 300).
By doing so, it is possible to disconnect the connection between the terminal body and the input device before it is correctly authenticated, thus preventing unauthorized persons from performing unauthorized operations. can do.
 また、本発明の一態様によれば、上述の監視装置は、使用者の前記入力動作が特定されたタイミングに応じて点灯手段を発光させる発光制御部(306)を更に備える。
 これにより、監視装置は、使用者に対し、監視装置が有効に機能していることを簡易的に認識させることができる。 Moreover, according to one aspect of the present invention, the monitoring device further includes a light emission control unit (306) that causes the lighting unit to emit light in accordance with the timing when the input operation of the user is specified.
Thereby, the monitoring apparatus can make a user recognize simply that the monitoring apparatus is functioning effectively.
 また、本発明の一態様によれば、上述の監視装置は、特定された前記入力動作に関連付けられた情報を表示手段に表示させる表示制御部(305)を更に備える。
 これにより、監視装置は、使用者に対し、使用者自身が行う入力動作が監視装置3において正確に検知されていることを視覚的に伝えることができる。 Moreover, according to one aspect of the present invention, the monitoring device described above further includes a display control unit (305) that causes the display unit to display information associated with the specified input operation.
Thereby, the monitoring device can visually notify the user that the input operation performed by the user himself / herself is accurately detected by the monitoring device 3.
 また、本発明の一態様によれば、集計システム(2A)は、上述の監視装置と、前記端末装置と、を備え、前記端末装置は、前記情報処理として、有料道路の料金所にて収受された料金の集計処理を行う。 According to another aspect of the present invention, the tabulation system (2A) includes the monitoring device described above and the terminal device, and the terminal device collects and collects information at a toll gate on the toll road as the information processing. The totaled charges are collected.
 また、本発明の一態様によれば、監視方法は、情報処理を行う端末装置の端末本体と、使用者の入力動作に関連付けられた電気信号パターンを前記端末本体に向けて送出する入力機器との間に接続され、前記端末本体と接続される本体側接続インタフェースと、前記入力機器と接続される機器側接続インタフェースと、を有する監視装置を用いた監視方法であって、前記電気信号パターンに関連する使用者の入力動作を特定するステップと、特定された前記入力動作のうち、予め規定された記録対象入力動作を記録媒体に記録するステップと、を有する。 Moreover, according to one aspect of the present invention, a monitoring method includes: a terminal body of a terminal device that performs information processing; and an input device that transmits an electric signal pattern associated with a user's input operation toward the terminal body. A monitoring method using a monitoring device connected between the main body side connection interface connected to the terminal main body and a device side connection interface connected to the input device, wherein the electric signal pattern A step of specifying an input operation of a related user, and a step of recording a recording target input operation defined in advance among the specified input operations on a recording medium.
 また、本発明の一態様によれば、プログラムは、情報処理を行う端末装置の端末本体と、使用者の入力動作に関連付けられた電気信号パターンを前記端末本体に向けて送出する入力機器との間に接続され、前記端末本体と接続される本体側接続インタフェースと、前記入力機器と接続される機器側接続インタフェースと、を有する監視装置のコンピュータを、前記電気信号パターンに関連する使用者の入力動作を特定する入力動作特定部、特定された前記入力動作のうち、予め規定された記録対象入力動作を記録媒体に記録する入力動作記録部、として機能させる。 According to another aspect of the present invention, a program includes: a terminal body of a terminal device that performs information processing; and an input device that sends an electric signal pattern associated with a user's input operation toward the terminal body. A monitoring device computer connected between and connected to the terminal body and connected to the input device and a device-side connection interface connected to the input device is input to a user related to the electrical signal pattern. An input operation specifying unit that specifies an operation, and an input operation recording unit that records a predetermined recording target input operation on the recording medium among the specified input operations.
 上述の監視装置、集計システム、監視方法及びプログラムによれば、使用者が端末装置に対して行う入力動作に関する情報を適切に記録して、事後的な解析作業の負担を軽減することができる。
 なお、ここでいう「事後的な解析作業」を行う目的としては、例えば、作業者が不正行為(不正操作)を行ったかどうかの特定、作業者に作業ミスがあったかどうかあるいは作業申告内容に虚偽・錯誤がないかの特定、作業者の作業内容と端末本体の動作内容との整合性確認(端末本体の誤作動の有無、マルウェア感染の有無)といったものがある。 According to the monitoring device, the counting system, the monitoring method, and the program described above, it is possible to appropriately record information related to the input operation performed by the user on the terminal device, thereby reducing the burden of subsequent analysis work.
In addition, the purpose of “post-mortem analysis” here is, for example, specifying whether the worker has performed an illegal act (unauthorized operation), whether the worker has made a mistake or whether the work declaration is false. -There are things such as specifying whether there is no error and checking the consistency between the work contents of the operator and the operation contents of the terminal body (whether the terminal body is malfunctioning or malware infection is present).
第1の実施形態に係る料金所及び料金所事務所の全体構成を示す図である。It is a figure which shows the whole structure of the toll gate and the toll gate office which concern on 1st Embodiment. 第1の実施形態に係る集計システムの機能構成を示す図である。It is a figure which shows the function structure of the total system which concerns on 1st Embodiment. 第1の実施形態に係るCPU及び記録媒体の構成を示す図である。It is a figure which shows the structure of CPU and a recording medium which concern on 1st Embodiment. 第1の実施形態に係るCPUの第1の処理フローを示す図である。It is a figure which shows the 1st processing flow of CPU which concerns on 1st Embodiment. 第1の実施形態に係る入力動作特定用テーブルを示す第1の図である。It is the 1st figure showing the table for input operation specification concerning a 1st embodiment. 第1の実施形態に係る入力動作特定用テーブルを示す第2の図である。It is a 2nd figure which shows the table for input operation specification which concerns on 1st Embodiment. 第1の実施形態に係る記録対象入力動作テーブルを示す第1の図である。It is a 1st figure which shows the recording target input operation table which concerns on 1st Embodiment. 第1の実施形態に係る記録対象入力動作テーブルを示す第2の図である。It is a 2nd figure which shows the recording target input operation table which concerns on 1st Embodiment. 第1の実施形態に係るCPUの第2の処理フローを示す図である。It is a figure which shows the 2nd process flow of CPU which concerns on 1st Embodiment. 第1の実施形態に係る入力制限対象テーブルを示す図である。It is a figure which shows the input restriction | limiting object table which concerns on 1st Embodiment. 第1の実施形態に係るCPUの第3の処理フローを示す図である。It is a figure which shows the 3rd processing flow of CPU which concerns on 1st Embodiment. 第1の実施形態に係る画像抽出対象入力動作テーブルを示す図である。It is a figure which shows the image extraction object input operation table which concerns on 1st Embodiment.
<第1の実施形態>
 以下、第1の実施形態に係る料金収受機について、図1~図12を参照しながら説明する。 <First Embodiment>
Hereinafter, a toll collector according to the first embodiment will be described with reference to FIGS.
(全体構成)
 図1は、第1の実施形態に係る料金所及び料金所事務所の全体構成を示す図である。
 図1に示すように、料金所1は、有料道路を退出しようとする車両Aが走行する車線Lの路側に有人ブース10が設置されてなる。 (overall structure)
FIG. 1 is a diagram illustrating an overall configuration of a toll gate and a toll gate office according to the first embodiment.
As shown in FIG. 1, the toll booth 1 has a manned booth 10 installed on the side of a lane L on which a vehicle A about to leave a toll road travels.
 有人ブース10には、車両Aの運転者等に対し料金収受処理を行う収受員が待機する。収受員は、有人ブース10の内部に設置された料金収受機10Aを用いて料金収受処理を行う。 In the manned booth 10, a receiver who performs toll collection processing for the driver of the vehicle A and the like waits. The toll collector performs toll collection processing using a toll collecting machine 10 </ b> A installed in the manned booth 10.
 料金収受機10Aは、収受員による操作に従って利用者に対する料金収受処理等を行う。具体的には、料金収受機10Aは、車両Aが通過した入口を示す入口情報、車両Aの車種等を示す情報を受け付けて、車両Aに対する料金(支払請求額)を決定する。また、料金収受機10Aは、車両Aの運転者等から受け取った金銭(紙幣、硬貨)の入力を受け付けて釣銭の計算を行ったり、金銭の受け渡しが完了した後に領収書を発行したりする。
 また、料金収受機10Aは、車線Lを走行する車両Aから収受した売上金額、車種、入口等を示す各種情報を内部の記録媒体に記録して蓄積する。料金収受機10Aに蓄積されたこれらの情報は、収受員の操作等により、所定の時間単位(例えば、1日単位)で料金所事務所2(後述)に送信される。 The fee collection machine 10A performs a fee collection process for the user in accordance with an operation by the collection member. Specifically, the toll collector 10A receives entrance information indicating an entrance through which the vehicle A has passed, information indicating the vehicle type of the vehicle A, and the like, and determines a fee (charged amount) for the vehicle A. Further, the toll collection machine 10A accepts the input of money (banknotes, coins) received from the driver of the vehicle A, etc., calculates the change, or issues a receipt after the delivery of money is completed.
The toll collector 10A records and accumulates various information indicating the sales amount, vehicle type, entrance, etc. received from the vehicle A traveling in the lane L on an internal recording medium. These pieces of information accumulated in the toll collector 10A are transmitted to the toll office 2 (described later) in predetermined time units (for example, in units of one day) by the operation of the toll collector.
 なお、図示を省略しているが、本実施形態に係る料金所1には複数の車線Lが敷設されている。また、料金所1には各車線L別に複数の有人ブース10及び料金収受機10Aが設置されている。後縦する料金所事務所2では、複数の料金収受機10Aにて記録、蓄積された上記各種情報が収集される。 Although not shown, a plurality of lanes L are laid in the toll gate 1 according to the present embodiment. The toll gate 1 is provided with a plurality of manned booths 10 and toll collectors 10A for each lane L. In the toll booth office 2 in the vertical direction, the various information recorded and accumulated by the plurality of fee collectors 10A is collected.
 料金所事務所2は、料金所1の監視、及び、当該料金所1で取得された各種情報を収集し、管理する設備である。料金所事務所2には、監視カメラ等を通じて料金所1を監視する監視員が駐在する。監視員は、料金所事務所2に設置された集計システム2Aを用いて、料金所1で取得され、収集された売上金額の集計処理等を行う。 The toll booth office 2 is a facility for monitoring the toll booth 1 and collecting and managing various information acquired at the toll booth 1. In the toll booth office 2, a monitor who monitors the toll booth 1 through a monitoring camera or the like is stationed. The monitor uses a counting system 2A installed in the toll booth office 2 to perform tabulation processing on the sales amount acquired and collected at the toll booth 1.
 図1に示すように、集計システム2Aは、端末装置20と、監視装置3と、を備えている。また、端末装置20は、端末本体21と、モニタ22と、入力機器23と、を有してなる。 As shown in FIG. 1, the counting system 2A includes a terminal device 20 and a monitoring device 3. The terminal device 20 includes a terminal main body 21, a monitor 22, and an input device 23.
 端末装置20は、料金所1にて収受された料金(売上金額)の集計処理を行うための専用のアプリケーションがインストールされた端末装置である。端末本体21は、端末装置20の主要なハードウェア(マザーボード、CPU、メモリ、ハードディスク、電源ユニット等)を内部に有する。モニタ22は、端末装置20の使用者(監視員)に対し、視覚を通じて情報を伝達する表示装置であって、例えば、液晶ディスプレイ等である。入力機器23は、端末装置20に対し、使用者が集計処理に係る指令を与える際に用いるヒューマンインタフェースである。本実施形態においては、入力機器23は、具体的には、使用者から所定の入力動作を受け付けるマウス、キーボード、パネルコンピュータである。これらのヒューマンインタフェース(入力機器23)は、使用者の入力動作に応じた(入力動作に関連付けられた)電気信号パターンを端末本体21に向けて送出する。
 ここで、電気信号パターンとは、「High」及び「Low」の2種類の電圧レベルで関連付けられた論理情報「1」、「0」の配列パターンである。 The terminal device 20 is a terminal device in which a dedicated application for performing a totaling process of charges (sales amount) received at the toll gate 1 is installed. The terminal main body 21 has main hardware (motherboard, CPU, memory, hard disk, power supply unit, etc.) of the terminal device 20 inside. The monitor 22 is a display device that transmits information to the user (monitor) of the terminal device 20 through vision, and is, for example, a liquid crystal display. The input device 23 is a human interface used when the user gives a command related to the tabulation process to the terminal device 20. In the present embodiment, the input device 23 is specifically a mouse, a keyboard, or a panel computer that receives a predetermined input operation from the user. These human interfaces (input device 23) send out an electric signal pattern (associated with the input operation) corresponding to the input operation of the user toward the terminal body 21.
Here, the electric signal pattern is an array pattern of logical information “1” and “0” associated with two kinds of voltage levels “High” and “Low”.
 監視装置3は、端末装置20に接続され、当該端末装置20に対して行われる入力動作を監視する。 The monitoring device 3 is connected to the terminal device 20 and monitors an input operation performed on the terminal device 20.
(集計システムの機能構成)
 図2は、第1の実施形態に係る集計システムの機能構成を示す図である。
 図2に示すように、監視装置3は、集計処理を行う端末装置20の端末本体21と、端末装置20の入力機器23(マウス23a、キーボード23b、パネルコンピュータ23c)との間に接続されている。 (Functional configuration of aggregation system)
FIG. 2 is a diagram illustrating a functional configuration of the aggregation system according to the first embodiment.
As shown in FIG. 2, the monitoring device 3 is connected between the terminal main body 21 of the terminal device 20 that performs aggregation processing and the input device 23 (mouse 23 a, keyboard 23 b, panel computer 23 c) of the terminal device 20. Yes.
 また、図2に示すように、監視装置3は、CPU30と、本体側接続インタフェース31と、機器側接続インタフェース32と、信号伝送部33と、接続スイッチ34と、ディスプレイ35と、カードリーダ36と、LED(Light Emitting Diode)37と、記録媒体38と、を備えている。 As shown in FIG. 2, the monitoring device 3 includes a CPU 30, a main body side connection interface 31, a device side connection interface 32, a signal transmission unit 33, a connection switch 34, a display 35, and a card reader 36. LED (LightLEDEmitting Diode) 37 and a recording medium 38.
 CPU30は、監視装置3全体の動作を司るプロセッサである。監視装置3におけるCPU30が有する各種機能については後述する。 The CPU 30 is a processor that controls the overall operation of the monitoring device 3. Various functions of the CPU 30 in the monitoring device 3 will be described later.
 本体側接続インタフェース31は、端末装置20の端末本体21(接続インタフェース21a)と接続される接続インタフェースである。また、機器側接続インタフェース32は、端末装置20の入力機器23と接続される接続インタフェースである。
 ここで、入力機器23は、本来、端末本体21の接続インタフェース21aに直接接続されるものである。また、端末本体21と入力機器23との接続インタフェースには、例えば、PS/2、USB(Universal Serial Bus)、RS-232C等の規格が用いられる。したがって、本体側接続インタフェース31、機器側接続インタフェース32は、上記規格に準拠した複数の接続インタフェースを有するものとされている。 The main body side connection interface 31 is a connection interface connected to the terminal main body 21 (connection interface 21a) of the terminal device 20. The device side connection interface 32 is a connection interface connected to the input device 23 of the terminal device 20.
Here, the input device 23 is originally directly connected to the connection interface 21 a of the terminal body 21. For the connection interface between the terminal body 21 and the input device 23, standards such as PS / 2, USB (Universal Serial Bus), and RS-232C are used. Therefore, the main body side connection interface 31 and the device side connection interface 32 have a plurality of connection interfaces compliant with the standard.
 信号伝送部33は、監視装置3の内部において本体側接続インタフェース31と機器側接続インタフェース32とを結ぶ伝送ラインα上に設けられる。信号伝送部33は、入力機器23の各々から受け付けた電気信号パターンを一時的に保持するとともに、CPU30による制御に従って、保持した当該電気信号パターンを端末本体21へと伝送する。 The signal transmission unit 33 is provided on the transmission line α connecting the main body side connection interface 31 and the device side connection interface 32 inside the monitoring device 3. The signal transmission unit 33 temporarily retains the electrical signal pattern received from each of the input devices 23 and transmits the retained electrical signal pattern to the terminal body 21 according to control by the CPU 30.
 接続スイッチ34は、監視装置3の内部において本体側接続インタフェース31と機器側接続インタフェース32とを結ぶ伝送ラインα上に設けられ、CPU30による制御に従って、各伝送ラインαの接続/切断を切り替え可能とする素子である。接続スイッチ34が接続状態となることによって端末本体21と入力機器23との間が接続され、入力機器23から端末本体21への電気信号パターンの伝送が可能となる。他方、接続スイッチ34が切断状態となっている間は、入力機器23から送出された電気信号パターンは、端末本体21へと伝送されない。 The connection switch 34 is provided on the transmission line α connecting the main body side connection interface 31 and the device side connection interface 32 inside the monitoring device 3, and can switch connection / disconnection of each transmission line α according to control by the CPU 30. It is an element to do. When the connection switch 34 is in a connected state, the terminal main body 21 and the input device 23 are connected, and an electric signal pattern can be transmitted from the input device 23 to the terminal main body 21. On the other hand, while the connection switch 34 is in a disconnected state, the electrical signal pattern sent from the input device 23 is not transmitted to the terminal body 21.
 ディスプレイ35は、監視装置3の筐体に組み込まれた表示手段であって、例えば、液晶ディスプレイ等である。ディスプレイ35は、使用者の入力動作を示す情報等を表示する。 The display 35 is a display means incorporated in the housing of the monitoring device 3, and is, for example, a liquid crystal display. The display 35 displays information indicating the input operation of the user.
 カードリーダ36は、使用者固有の識別情報(使用者識別情報)が記録されたIDカードを読み取る。 The card reader 36 reads an ID card in which identification information unique to the user (user identification information) is recorded.
 LED37は、監視装置3の筐体に取り付けられた点灯手段の一態様である。 The LED 37 is an aspect of lighting means attached to the housing of the monitoring device 3.
 記録媒体38は、監視装置3に内蔵された記録媒体であって、例えば、HDD(Hard Disk Drive)、SSD(Solid State Drive)等である。 The recording medium 38 is a recording medium built in the monitoring apparatus 3, and is, for example, an HDD (Hard Disk Drive), an SSD (Solid State Drive) or the like.
 なお、図2に示すように、端末本体21とモニタ22との間にも監視装置3が接続される。モニタ22が機器側接続インタフェース32を介して接続される伝送ラインβは、本体側接続インタフェース31と機器側接続インタフェース32とを直接接続している。 As shown in FIG. 2, the monitoring device 3 is also connected between the terminal body 21 and the monitor 22. The transmission line β to which the monitor 22 is connected via the device side connection interface 32 directly connects the main body side connection interface 31 and the device side connection interface 32.
(CPU及び記録媒体の構成)
 図3は、第1の実施形態に係るCPU及び記録媒体の構成を示す図である。
 以下、図2、図3を参照しながら、CPU30及び記録媒体38の構成について説明する。 (Configuration of CPU and recording medium)
FIG. 3 is a diagram illustrating a configuration of the CPU and the recording medium according to the first embodiment.
Hereinafter, the configurations of the CPU 30 and the recording medium 38 will be described with reference to FIGS. 2 and 3.
 図3に示すように、CPU30は、認証処理部300、入力動作特定部301、入力動作記録部302、入力制限部303、モニタ画像記録部304、表示制御部305、及び、発光制御部306としての機能を有している。 As illustrated in FIG. 3, the CPU 30 includes an authentication processing unit 300, an input operation specifying unit 301, an input operation recording unit 302, an input restriction unit 303, a monitor image recording unit 304, a display control unit 305, and a light emission control unit 306. It has the function of
 認証処理部300は、端末装置20の使用者に対する認証処理を行うとともに、正しく認証された場合に、端末本体21と入力機器23との間を接続する。具体的には、認証処理部300は、カードリーダ36を通じてIDカードから読み取られた使用者識別情報を取得する。そして、認証処理部300は、記録媒体38に記録されている認証用テーブル380を参照し、取得した使用者識別情報が、認証用テーブル380に登録されているか否かを判定する。ここで、認証用テーブル380とは、端末装置20を使用する者の使用者識別情報が記録された情報テーブルである。
 IDカードから読み取られた使用者識別情報が、認証用テーブル380に記録されている場合(即ち、正しく認証された場合)、認証処理部300は、接続スイッチ34に接続指示信号を出力し、接続スイッチ34を接続状態とする。 The authentication processing unit 300 performs an authentication process for the user of the terminal device 20 and connects the terminal main body 21 and the input device 23 when correctly authenticated. Specifically, the authentication processing unit 300 acquires user identification information read from the ID card through the card reader 36. Then, the authentication processing unit 300 refers to the authentication table 380 recorded on the recording medium 38 and determines whether or not the acquired user identification information is registered in the authentication table 380. Here, the authentication table 380 is an information table in which user identification information of a person who uses the terminal device 20 is recorded.
When the user identification information read from the ID card is recorded in the authentication table 380 (that is, when correctly authenticated), the authentication processing unit 300 outputs a connection instruction signal to the connection switch 34 to connect The switch 34 is connected.
 入力動作特定部301は、入力機器23から受け付けた電気信号パターンに関連する使用者の入力動作を特定する。具体的には、入力動作特定部301は、信号伝送部33に一時的に保持された電気信号パターンを参照して、当該電気信号パターンに関連する使用者の入力動作を特定する。
 ここで、「入力動作」とは、使用者が、端末装置20に指令を与える際に、入力機器23に対して具体的に行う動作(行動)である。より具体的には、例えば、キーボード23bに対して行われる動作としては、「Enterキーの押下」、「Deleteキーの押下」等、各種入力キーを押下する動作がある。また、マウス23aに対しては、「シングルクリック」、「ダブルクリック」、「右クリック」、「カーソル移動」、「ドラッグ」(左ボタンを押したままカーソル移動)等がある。更に、パネルコンピュータ23cについては、「タップ」(パネルを指で叩く)、「フリック」(パネルを指で払う)、「ドラッグ」(パネルに触れたまま指を動かす)、「スワイプ」(パネルに触れた状態で指を滑らせる)等がある。
 記録媒体38には、上記のような入力動作と、上記入力動作を受け付けることで各入力機器23が送出する電気信号パターンと、を関連付ける入力動作特定用テーブル381が予め記録されている。入力動作特定部201は、入力動作特定用テーブル381を参照して、信号伝送部33に保持された電気信号パターンに関連付けられた入力動作を取得する。このようにして、入力動作特定部201は、電気信号パターンに関連する使用者の入力動作を特定する。 The input operation specifying unit 301 specifies the user's input operation related to the electrical signal pattern received from the input device 23. Specifically, the input operation specifying unit 301 refers to the electric signal pattern temporarily held in the signal transmission unit 33 and specifies the input operation of the user related to the electric signal pattern.
Here, the “input operation” is an operation (behavior) that is specifically performed on the input device 23 when the user gives a command to the terminal device 20. More specifically, for example, operations performed on the keyboard 23b include operations of pressing various input keys such as “pressing the Enter key” and “pressing the Delete key”. For the mouse 23a, there are “single click”, “double click”, “right click”, “cursor move”, “drag” (move the cursor while pressing the left button), and the like. Further, regarding the panel computer 23c, “tap” (tap the panel with a finger), “flick” (pay the panel with a finger), “drag” (move the finger while touching the panel), “swipe” (to the panel) Slide your finger while touching).
In the recording medium 38, an input operation specifying table 381 for associating the input operation as described above with the electric signal pattern transmitted from each input device 23 upon receiving the input operation is recorded in advance. The input operation specifying unit 201 refers to the input operation specifying table 381 and acquires the input operation associated with the electric signal pattern held in the signal transmission unit 33. In this way, the input operation specifying unit 201 specifies the user's input operation related to the electric signal pattern.
 入力動作記録部302は、入力動作特定部201によって特定された入力動作のうち、予め規定された(所定の)記録対象入力動作を記録媒体38に記録する。具体的には、入力動作記録部302は、記録媒体38に予め記録された記録対象入力動作テーブル382を参照して、当該記録対象入力動作テーブル382において“記録対象入力動作”として規定された入力動作を記録媒体38に記録する。
 なお、入力動作記録部302が記録する入力動作を示す情報(入力動作情報)は、入力日時を示す時刻情報等と併せて入力動作ログ385に蓄積されていく。 The input action recording unit 302 records a predetermined (predetermined) recording target input action on the recording medium 38 among the input actions specified by the input action specifying unit 201. Specifically, the input operation recording unit 302 refers to the recording target input operation table 382 recorded in advance on the recording medium 38, and inputs specified as “recording target input operation” in the recording target input operation table 382. The operation is recorded on the recording medium 38.
Information (input operation information) indicating the input operation recorded by the input operation recording unit 302 is accumulated in the input operation log 385 together with time information indicating the input date and time.
 入力制限部303は、所定の条件を満たす入力動作に関連する電気信号パターンの、端末本体21への送出を制限する。具体的には、入力制限部303は、使用者から入力された入力コマンドと、予め規定された入力制限対象コマンドと、を照合し、当該入力された入力コマンドが入力制限対象コマンドと一致するか否かを判定する。そして、入力された入力コマンドが入力制限対象コマンドと一致する場合には、入力制限部303は、入力コマンドの実行を指示する入力動作に関連する電気信号パターンの送出を制限する。
 なお、記録媒体38には、入力制限対象コマンドテーブル383が予め記録されている。入力制限対象コマンドテーブル383は、“入力制限対象コマンド”として規定された入力コマンドが記録された情報テーブルである。
 また、「入力コマンド」とは、キーボード23bが受け付けた複数の入力動作(キーの押下)の組み合わせによって構成される文字列であって、端末装置20が実行すべき処理を指定するものである。例えば、入力コマンドには、あるファイルのコピーを指定する“copy”、ファイルの削除を指定する“delete”等がある。また、このような入力コマンドで指定される処理は、当該入力コマンドの入力動作に続き、特別なキーの押下(例えば、Enterキーの押下)を受け付けた時点で実際に実行される。即ち、本実施形態において、「Enterキーの押下」なる入力動作は、端末装置20に対し、Enterキーが押下される直前に入力された入力コマンドの実行を指示する入力動作である。 The input restriction unit 303 restricts transmission of an electric signal pattern related to an input operation that satisfies a predetermined condition to the terminal main body 21. Specifically, the input restriction unit 303 collates an input command input from the user with a predetermined input restriction target command, and whether the input command matches the input restriction target command. Determine whether or not. When the input command that has been input matches the input restriction target command, the input restriction unit 303 restricts transmission of an electric signal pattern related to an input operation that instructs execution of the input command.
Note that an input restriction target command table 383 is recorded in advance on the recording medium 38. The input restriction target command table 383 is an information table in which input commands defined as “input restriction target commands” are recorded.
The “input command” is a character string composed of a combination of a plurality of input operations (key presses) received by the keyboard 23b, and specifies a process to be executed by the terminal device 20. For example, the input command includes “copy” for designating a copy of a file, “delete” for designating deletion of the file, and the like. Further, the process specified by such an input command is actually executed at the time when a special key press (for example, Enter key press) is received following the input operation of the input command. That is, in this embodiment, the input operation “pressing the Enter key” is an input operation that instructs the terminal device 20 to execute the input command input immediately before the Enter key is pressed.
 モニタ画像記録部304は、入力動作特定部201によって特定された入力動作が所定の条件を満たす場合に、端末装置20のモニタ22に表示されている画像を取得して記録媒体38に記録する。具体的には、モニタ画像記録部304は、特定された入力動作と、予め規定された画像抽出対象入力動作と、を照合し、当該特定された入力動作が画像抽出対象入力動作と一致するか否かを判定する。そして、入力動作が画像抽出対象入力動作と一致する場合には、モニタ画像記録部304は、端末装置20のモニタ22に表示されている画像を取得して記録媒体38に記録する。なお、記録媒体38には、画像抽出対象入力動作テーブル384が予め記録されている。画像抽出対象入力動作テーブル384は、“画像抽出対象入力動作”として規定された入力動作が記録された情報テーブルである。
 なお、モニタ画像記録部304が記録する画像は、入力日時を示す時刻情報等と併せてモニタ画像ログ386に蓄積されていく。 The monitor image recording unit 304 acquires an image displayed on the monitor 22 of the terminal device 20 and records it on the recording medium 38 when the input operation specified by the input operation specifying unit 201 satisfies a predetermined condition. Specifically, the monitor image recording unit 304 compares the specified input operation with a predetermined image extraction target input operation, and whether the specified input operation matches the image extraction target input operation. Determine whether or not. When the input operation matches the image extraction target input operation, the monitor image recording unit 304 acquires the image displayed on the monitor 22 of the terminal device 20 and records it on the recording medium 38. Note that an image extraction target input operation table 384 is recorded in the recording medium 38 in advance. The image extraction target input operation table 384 is an information table in which an input operation defined as “image extraction target input operation” is recorded.
The image recorded by the monitor image recording unit 304 is accumulated in the monitor image log 386 together with time information indicating the input date and time.
 表示制御部305は、入力動作特定部201によって特定された入力動作を示す情報をディスプレイ35に表示させる。 The display control unit 305 causes the display 35 to display information indicating the input operation specified by the input operation specifying unit 201.
 発光制御部306は、使用者の入力動作が特定されたタイミングに応じてLED37を発光させる。 The light emission control unit 306 causes the LED 37 to emit light according to the timing when the user input operation is specified.
(CPUの第1の処理フロー)
 図4は、第1の実施形態に係るCPUの第1の処理フローを示す図である。
 図5、図6は、それぞれ、第1の実施形態に係る入力動作特定用テーブルを示す第1の図、第2の図である。
 また、図7、図8は、それぞれ、第1の実施形態に係る記録対象入力動作テーブルを示す第1の図、第2の図である。
 以下、図4~図8を参照しながら、CPUの第1の処理フローについて説明する。 (First processing flow of CPU)
FIG. 4 is a diagram illustrating a first processing flow of the CPU according to the first embodiment.
FIG. 5 and FIG. 6 are a first diagram and a second diagram, respectively, showing the input operation specifying table according to the first embodiment.
FIGS. 7 and 8 are a first diagram and a second diagram, respectively, showing a recording target input operation table according to the first embodiment.
Hereinafter, the first processing flow of the CPU will be described with reference to FIGS.
 図4に示す第1の処理フローは、認証処理部300による認証処理を経て使用者が正しく認証された後、当該使用者が端末装置20を操作する段階において実行される。 The first processing flow shown in FIG. 4 is executed at a stage where the user operates the terminal device 20 after the user is correctly authenticated through the authentication processing by the authentication processing unit 300.
 ある入力機器23が所定の入力動作を受け付けて当該入力動作に関連付けられた電気信号パターンを送出すると、当該電気信号パターンが信号伝送部33(図2)に一時的に保持される。入力動作特定部301は、信号伝送部33に保持された電気信号パターンを取得する(ステップS00)。
 次に、入力動作特定部301は、信号伝送部33から取得した電気信号パターンに関連付けられた入力動作を特定する(ステップS01)。ここで、入力動作特定部301は、記録媒体38に予め記録された入力動作特定用テーブル381を参照する。 When a certain input device 23 receives a predetermined input operation and sends out an electric signal pattern associated with the input operation, the electric signal pattern is temporarily held in the signal transmission unit 33 (FIG. 2). The input operation specifying unit 301 acquires the electrical signal pattern held in the signal transmission unit 33 (step S00).
Next, the input operation specifying unit 301 specifies the input operation associated with the electrical signal pattern acquired from the signal transmission unit 33 (step S01). Here, the input operation specifying unit 301 refers to the input operation specifying table 381 recorded in advance on the recording medium 38.
 図5に示す入力動作特定用テーブル381は、キーボード23bが受け付ける入力動作(Enterキー押下等)と、受け付けた入力動作に応じて当該キーボード23bが送出する電気信号パターンと、を関連付けて記録している。
 また、図6に示す入力動作特定用テーブル381は、マウス23aが受け付ける入力動作(ダブルクリック等)と、受け付けた入力動作に応じて当該マウス23aが送出する電気信号パターンと、を関連付けて記録している。
 ステップS01において、入力動作特定部301は、信号伝送部33に保持された電気信号パターンを取得するとともに、図5、図6に示す入力動作特定用テーブル381を参照して、当該電気信号パターンに関連付けられた入力動作を特定する。 The input operation specifying table 381 shown in FIG. 5 records an input operation received by the keyboard 23b (such as pressing the Enter key) and an electric signal pattern sent out by the keyboard 23b according to the received input operation in association with each other. Yes.
Further, the input operation specifying table 381 shown in FIG. 6 records the input operation (double click or the like) received by the mouse 23a and the electric signal pattern sent out by the mouse 23a in accordance with the received input operation in association with each other. ing.
In step S01, the input operation specifying unit 301 acquires the electric signal pattern held in the signal transmission unit 33, and refers to the input operation specifying table 381 shown in FIGS. Identify the associated input action.
 次に、表示制御部305は、入力動作特定部301によって特定された入力動作を示す情報をディスプレイ35に表示させる(ステップS02)。例えば、特定された入力動作がキーボード23bにおける「Enterキーの押下」であった場合、表示制御部305は、“Enter”等とディスプレイ35に表示させる。また、例えば、特定された入力動作がマウス23aにおける「ダブルクリック」であった場合、表示制御部305は、“ダブルクリック”等とディスプレイ35に表示させる。 Next, the display control unit 305 causes the display 35 to display information indicating the input operation specified by the input operation specifying unit 301 (step S02). For example, when the specified input operation is “pressing the Enter key” on the keyboard 23 b, the display control unit 305 displays “Enter” or the like on the display 35. Further, for example, when the specified input operation is “double click” with the mouse 23 a, the display control unit 305 displays “double click” or the like on the display 35.
 また、発光制御部306は、入力動作特定部301によって入力動作が特定されたタイミングで、LED37を所定時間(例えば、数十~数百ミリ秒程度)だけ点灯させる(ステップS03)。 In addition, the light emission control unit 306 turns on the LED 37 for a predetermined time (for example, about several tens to several hundreds of milliseconds) at the timing when the input operation is specified by the input operation specifying unit 301 (step S03).
 次に、入力動作記録部302は、ステップS01で特定された入力動作と、記録対象入力動作テーブル382と、を照合して、特定された入力動作が“記録対象入力動作”であるか否かを判定する(ステップS04)。 Next, the input action recording unit 302 collates the input action specified in step S01 with the recording target input action table 382, and determines whether or not the specified input action is a “recording target input action”. Is determined (step S04).
 ここで、図7に示す記録対象入力動作テーブル382は、キーボード23bが受け付ける各種入力動作のうち、何れの入力動作を記録対象(記録対象入力動作)とするか、を規定している。例えば、図7に示す記録対象入力動作テーブル382によれば、「Enterキー押下」、「Deleteキー押下」、「Spaceキー押下」、「BackSpaceキー押下」との入力動作は記録対象入力動作であることが規定されている。また、図7に示す記録対象入力動作テーブル382によれば、「F(ファンクション)1キー押下」、「F2キー押下」等の入力動作は記録対象入力動作ではないことが規定されている。
 また、図8に示す記録対象入力動作テーブル382は、マウス23aが受け付ける各種入力動作のうち、何れの入力動作を記録対象(記録対象入力動作)とするか、を規定している。例えば、図8に示す記録対象入力動作テーブル382によれば、「シングルクリック」、「ダブルクリック」、「右クリック」との入力動作は記録対象入力動作であることが規定されている。また、図8に示す記録対象入力動作テーブル382によれば、「カーソル移動」、「ドラッグ」等の入力動作は記録対象入力動作ではないことが規定されている。 Here, the recording target input operation table 382 shown in FIG. 7 defines which input operation among the various input operations accepted by the keyboard 23b is the recording target (recording target input operation). For example, according to the recording target input operation table 382 shown in FIG. 7, the input operations of “Enter key pressed”, “Delete key pressed”, “Space key pressed”, and “BackSpace key pressed” are recording target input operations. It is prescribed. Further, according to the recording target input operation table 382 shown in FIG. 7, it is specified that input operations such as “F (function) 1 key press”, “F2 key press”, etc. are not recording target input operations.
In addition, the recording target input operation table 382 shown in FIG. 8 defines which input operation among the various input operations received by the mouse 23a is the recording target (recording target input operation). For example, according to the recording target input operation table 382 shown in FIG. 8, it is specified that the input operations of “single click”, “double click”, and “right click” are recording target input operations. Further, according to the recording target input operation table 382 shown in FIG. 8, it is defined that input operations such as “cursor movement” and “drag” are not recording target input operations.
 ステップS01で特定された入力動作が、記録対象入力動作テーブル382に規定されている記録対象入力動作であった場合(ステップS04:YES)、入力動作記録部302は、当該特定された入力動作を示す情報(入力動作情報)を、特定された時刻を示す時刻情報、入力動作を行った使用者を示す使用者識別情報と関連付けて記録媒体38に記録する(ステップS05)。なお、ここで記録される使用者識別情報は、認証処理部300が行った認証処理を通じて取得されたものとする。ステップS05で記録された入力動作情報、時刻情報及び使用者識別情報は、入力動作ログ385として蓄積される。
 他方、ステップS01で特定された入力動作が、記録対象入力動作テーブル382に記録されている記録対象入力動作ではなかった場合(ステップS04:NO)、入力動作記録部302は、当該入力動作を記録媒体38に記録することなく処理を終了する。 When the input operation specified in step S01 is the recording target input operation defined in the recording target input operation table 382 (step S04: YES), the input operation recording unit 302 displays the specified input operation. The information (input operation information) is recorded on the recording medium 38 in association with the time information indicating the specified time and the user identification information indicating the user who performed the input operation (step S05). It is assumed that the user identification information recorded here is acquired through an authentication process performed by the authentication processing unit 300. The input operation information, time information, and user identification information recorded in step S05 are stored as an input operation log 385.
On the other hand, when the input operation specified in step S01 is not the recording target input operation recorded in the recording target input operation table 382 (step S04: NO), the input operation recording unit 302 records the input operation. The process ends without recording on the medium 38.
(CPUの第2の処理フロー)
 図9は、第1の実施形態に係るCPUの第2の処理フローを示す図である。
 図10は、第1の実施形態に係る入力制限対象テーブルを示す図である。
 以下、図9、図10を参照しながら、CPUの第2の処理フローについて説明する。 (Second processing flow of CPU)
FIG. 9 is a diagram illustrating a second processing flow of the CPU according to the first embodiment.
FIG. 10 is a diagram illustrating an input restriction target table according to the first embodiment.
Hereinafter, the second processing flow of the CPU will be described with reference to FIGS. 9 and 10.
 図9に示す第2の処理フローは、認証処理部300による認証処理を経て使用者が正しく認証された後であって、第1の処理フローのステップS01(図4)にて、使用者の入力機器23に対する入力動作が特定された段階において実行される。 The second processing flow shown in FIG. 9 is after the user is correctly authenticated through the authentication processing by the authentication processing unit 300, and in step S01 (FIG. 4) of the first processing flow, It is executed at the stage when the input operation for the input device 23 is specified.
 第1の処理フローのステップS01において特定された入力動作がキーボード23bから受け付けた入力動作であった場合、入力制限部303は、当該入力動作(どのキーが押下されたか)を示すキー情報を一時メモリ(図2、図3には図示せず)に記録する(ステップS11)。ここで、一時メモリとは、CPU30の内部に設けられたメモリでもよいし、CPU30の外部に接続されたメモリ(DRAM(Dynamic Random Access Memory)等)であってもよい。例えば、ステップS01で特定された入力動作が「“d”キー押下」であった場合、入力制限部303は、ステップS11にて、“d”なるキー情報を一時メモリに記録する。 When the input operation specified in step S01 of the first processing flow is an input operation accepted from the keyboard 23b, the input restriction unit 303 temporarily stores key information indicating the input operation (which key has been pressed). Recording is performed in a memory (not shown in FIGS. 2 and 3) (step S11). Here, the temporary memory may be a memory provided inside the CPU 30 or a memory (DRAM (Dynamic Random Access Memory) or the like) connected to the outside of the CPU 30. For example, when the input operation specified in step S01 is “pressing“ d ”key”, the input restriction unit 303 records key information “d” in the temporary memory in step S11.
 次に、入力制限部303は、キーボード23bから受け付けた入力動作(ステップS01(図4)において特定された入力動作)が「Enterキー押下」であったか否かを判定する(ステップS12)。
 キーボード23bから受け付けた入力動作が「Enterキー押下」ではなかった場合(ステップS12:NO)、入力制限部303は、信号伝送部33(図2)に対して伝送指示信号を出力し、保持されていた電気信号パターン(即ち、キーボード23bから受け付けた入力動作に関連付けられた電気信号パターン)を、端末本体21に向けて送出させる(ステップS13)。これにより、使用者がキーボード23bに対して行った入力動作(例えば“d”キー押下)に関連付けられた電気信号パターンが端末本体21へと送出され、その結果がモニタ22等に反映される(例えば、モニタ22上に“d”との文字が表示される)。
 ステップS13の処理の後、入力制限部303は、再度ステップS11に戻り、2回目に特定されたキーボード23bからの入力動作を一時メモリに記録する。ここで、2回目に特定された入力動作が「“e”キー押下」であった場合、入力制限部303は、1回目に記録された“d”に続き、“e”なるキー情報を一時メモリに記録する。これにより、一時メモリ上において“de”なる文字列(入力コマンド)が構成される。そして、ステップS13において、「“e”キー押下」なる入力動作に関連付けられた電気信号パターンが端末本体21に向けて送出される。 Next, the input restriction unit 303 determines whether or not the input operation received from the keyboard 23b (the input operation specified in step S01 (FIG. 4)) is “Enter key pressed” (step S12).
When the input operation received from the keyboard 23b is not “Enter key pressed” (step S12: NO), the input restriction unit 303 outputs a transmission instruction signal to the signal transmission unit 33 (FIG. 2) and is retained. The received electrical signal pattern (that is, the electrical signal pattern associated with the input operation received from the keyboard 23b) is sent to the terminal body 21 (step S13). As a result, an electric signal pattern associated with an input operation (for example, “d” key press) performed by the user on the keyboard 23b is sent to the terminal body 21, and the result is reflected on the monitor 22 or the like ( For example, the letter “d” is displayed on the monitor 22).
After the process of step S13, the input restriction unit 303 returns to step S11 again and records the input operation from the keyboard 23b specified for the second time in the temporary memory. Here, if the input operation specified for the second time is “pressing the“ e ”key”, the input restriction unit 303 temporarily stores the key information “e” following “d” recorded for the first time. Record in memory. Thus, a character string (input command) “de” is formed on the temporary memory. In step S <b> 13, an electrical signal pattern associated with the input operation “e” key press ”is sent to the terminal body 21.
 他方、キーボード23bから受け付けた入力動作が「Enterキー押下」であった場合(ステップS12:YES)、入力制限部303は、一時メモリに記録されている入力コマンド(例えば“de”なる文字列)が、“入力制限対象コマンド”と一致しているか否かを判定する(ステップS14)。 On the other hand, when the input operation received from the keyboard 23b is “Enter key pressed” (step S12: YES), the input restriction unit 303 inputs the input command (for example, a character string “de”) recorded in the temporary memory. Is equal to the “input restriction target command” (step S14).
 ここで、図10に示す入力制限対象コマンドテーブル383は、入力された各種入力コマンドのうち、何れの入力コマンドを入力制限の対象(入力制限対象コマンド)とするか、を規定している。
 図10に示す入力制限対象コマンドテーブル383によれば、“format”、“delete”等の文字列(入力コマンド)が入力制限対象コマンドであることが規定されている。 Here, the input restriction target command table 383 illustrated in FIG. 10 defines which input command among the various input commands to be input is the input restriction target (input restriction target command).
According to the input restriction target command table 383 shown in FIG. 10, it is specified that character strings (input commands) such as “format” and “delete” are input restriction target commands.
 一時メモリに記録されている入力コマンドが、いずれの“入力制限対象コマンド”にも一致していない場合(ステップS14:NO)、入力制限部303は、信号伝送部33に対して伝送指示信号を出力し、「Enterキー押下」の入力動作に関連付けられた電気信号パターンを、端末本体21に向けて送出させる(ステップS15)。
 この場合、入力制限部303は、一時メモリに記録されていた入力コマンドを消去する(ステップS16)。
 この後、入力制限部303は、ステップS11に戻り、同処理フローを繰り返し実行する。 When the input command recorded in the temporary memory does not match any “input restriction target command” (step S14: NO), the input restriction unit 303 sends a transmission instruction signal to the signal transmission unit 33. The output and the electric signal pattern associated with the input operation of “Enter key pressed” are sent to the terminal body 21 (step S15).
In this case, the input restriction unit 303 deletes the input command recorded in the temporary memory (step S16).
Thereafter, the input restriction unit 303 returns to step S11 and repeatedly executes the same processing flow.
 他方、一時メモリに記録されている入力コマンドが、いずれかの“入力制限対象コマンド”に一致している場合(ステップS14:YES)、入力制限部303は、ステップS15、S16の処理を行わない。これにより、使用者がEnterキーを押下したとしても、当該「Enterキー押下」の入力動作に関連付けられた電気信号パターンが監視装置3内部で遮断され、端末本体21に伝送されなくなる。
 この後、入力制限部303は、ステップS11に戻り、同処理フローを繰り返し実行する。 On the other hand, when the input command recorded in the temporary memory matches any “input restriction target command” (step S14: YES), the input restriction unit 303 does not perform the processes of steps S15 and S16. . Thereby, even if the user presses the Enter key, the electric signal pattern associated with the input operation of “Enter key press” is blocked inside the monitoring device 3 and is not transmitted to the terminal body 21.
Thereafter, the input restriction unit 303 returns to step S11 and repeatedly executes the same processing flow.
(CPUの第3の処理フロー)
 図11は、第1の実施形態に係るCPUの第3の処理フローを示す図である。
 また、図12は、第1の実施形態に係る画像抽出対象入力動作テーブルを示す図である。
 以下、図11、図12を参照しながら、CPUの第3の処理フローについて説明する。 (Third processing flow of CPU)
FIG. 11 is a diagram illustrating a third processing flow of the CPU according to the first embodiment.
FIG. 12 is a diagram illustrating an image extraction target input operation table according to the first embodiment.
Hereinafter, the third processing flow of the CPU will be described with reference to FIGS. 11 and 12.
 図11に示す第3の処理フローは、第2の処理フロー(図9)と同様に、第1の処理フローのステップS01(図4)にて、使用者の入力機器23に対する入力動作が特定された段階において実行される。 The third processing flow shown in FIG. 11 is similar to the second processing flow (FIG. 9). In step S01 (FIG. 4) of the first processing flow, the user's input operation to the input device 23 is specified. It is executed in the stage where
 モニタ画像記録部304は、第1の処理フローのステップS01で特定された入力動作と、画像抽出対象入力動作テーブル384と、を照合して、特定された入力動作が“画像抽出対象入力動作”であるか否かを判定する(ステップS21)。 The monitor image recording unit 304 collates the input operation specified in step S01 of the first processing flow with the image extraction target input operation table 384, and the specified input operation is “image extraction target input operation”. It is determined whether or not (step S21).
 ここで、図12に示す画像抽出対象入力動作テーブル384は、入力された各種入力動作のうち、何れの入力動作が特定された際に、スクリーンショットの記録(画像抽出処理)を実行するかを(すなわち、スクリーンショットの記録を実行するための入力動作を)規定している。
 図12に示す画像抽出対象入力動作テーブル384によれば、“シングルクリック”、“ダブルクリック”等の入力動作が画像抽出対象入力動作であることが規定されている。 Here, the image extraction target input operation table 384 shown in FIG. 12 indicates which screen shot recording (image extraction processing) is executed when any input operation is specified among various input operations. (I.e., the input operation to perform screen shot recording).
According to the image extraction target input operation table 384 shown in FIG. 12, it is defined that input operations such as “single click” and “double click” are image extraction target input operations.
 特定された入力動作が、画像抽出対象入力動作であった場合(ステップS21:YES)、モニタ画像記録部304は、モニタ22に表示されている画像のスクリーンショットを行う(ステップS22)。ここで、モニタ画像記録部304は、端末本体21とモニタ22との間に接続される伝送ラインβ(図2参照)を通じて、画像を取得する。モニタ画像記録部304は、取得した画像を、当該画像が取得された日時を示す時刻情報、及び、使用者識別情報と関連付けて記録媒体38に記録する。ステップS22で記録された取得された画像、時刻情報及び使用者識別情報は、モニタ画像ログ386として蓄積される。
 他方、特定された入力動作が、画像抽出対象入力動作でなかった場合(ステップS21:NO)、モニタ画像記録部304は、ステップS22を実行せずに処理を終了する。 When the specified input operation is the image extraction target input operation (step S21: YES), the monitor image recording unit 304 performs a screen shot of the image displayed on the monitor 22 (step S22). Here, the monitor image recording unit 304 acquires an image through a transmission line β (see FIG. 2) connected between the terminal main body 21 and the monitor 22. The monitor image recording unit 304 records the acquired image on the recording medium 38 in association with time information indicating the date and time when the image was acquired and user identification information. The acquired image, time information, and user identification information recorded in step S22 are accumulated as a monitor image log 386.
On the other hand, when the specified input operation is not the image extraction target input operation (step S21: NO), the monitor image recording unit 304 ends the process without executing step S22.
(作用、効果)
 以上のように、第1の実施形態に係る監視装置3は、端末装置20の本体である端末本体21と、使用者の入力動作に関連付けられた電気信号パターンを端末本体21に向けて送出する入力機器23との間に接続される。また、監視装置3は、端末本体21と接続される本体側接続インタフェース31と、入力機器23と接続される機器側接続インタフェース32と、を備えている。更に、監視装置3のCPU30は、電気信号パターンに関連する使用者の入力動作を特定する入力動作特定部301と、特定された入力動作のうち、予め規定された記録対象入力動作を記録媒体38に記録する入力動作記録部302と、を備えている。
 このようにすることで、監視装置3は、入力機器23から端末本体21に向けて送出される電気信号パターンを、当該電気信号パターンそのものではなく、使用者が実際に行った入力動作を示す情報で記録する。これにより、記録された入力動作ログを参照することで、使用者が端末装置20に対して行った作業を簡便に解析することができる。 (Function, effect)
As described above, the monitoring device 3 according to the first embodiment sends the terminal main body 21 that is the main body of the terminal device 20 and the electric signal pattern associated with the input operation of the user toward the terminal main body 21. It is connected between the input device 23. Further, the monitoring device 3 includes a main body side connection interface 31 connected to the terminal main body 21 and a device side connection interface 32 connected to the input device 23. Further, the CPU 30 of the monitoring device 3 includes an input operation specifying unit 301 that specifies a user's input operation related to the electric signal pattern, and a recording target input operation that is defined in advance among the specified input operations. And an input operation recording unit 302 for recording.
By doing in this way, the monitoring apparatus 3 is not the electric signal pattern itself but the information which shows the input operation which the user actually performed for the electric signal pattern sent toward the terminal main body 21 from the input device 23. Record with. Thereby, by referring to the recorded input operation log, it is possible to easily analyze the work performed on the terminal device 20 by the user.
 また、記録すべき入力動作が、予め規定された記録対象入力動作に限定されるので、使用者の作業を特定する上で必要な情報に限定して記録し、不必要な情報を記録しないようにすることができる。例えば、キーボード23bに対する入力動作の場合、一部のファンクションキー等、端末装置20では使用されない(何らの処理が実行されない)キーの押下については、ログを残さないようにすることができる。
 また、例えば、マウス23aのカーソル移動に係る入力操作については、逐一記録を行ったとしても、使用者が行った作業を具体的に特定する上では必要とされない場合が多い。したがって、マウス23aのカーソル移動に係る入力操作についてはログを残さないようにすることができる。
 以上より、使用者が行った作業を特定可能な入力動作のみを適切に記録して、事後的な解析作業の負担を軽減することができる。また、不必要な情報が記録されないため、記録媒体38の記憶容量の節約を図ることができる。 In addition, since the input operation to be recorded is limited to a predetermined recording target input operation, only the information necessary for specifying the user's work is recorded, and unnecessary information is not recorded. Can be. For example, in the case of an input operation with respect to the keyboard 23b, it is possible not to leave a log for pressing of a key that is not used in the terminal device 20 (no processing is performed) such as some function keys.
In addition, for example, the input operation related to the cursor movement of the mouse 23a is often not required to specifically specify the work performed by the user even if recording is performed one by one. Therefore, it is possible not to leave a log for the input operation related to the cursor movement of the mouse 23a.
As described above, it is possible to appropriately record only the input operation that can identify the work performed by the user, and to reduce the burden of the subsequent analysis work. Further, since unnecessary information is not recorded, the storage capacity of the recording medium 38 can be saved.
 また、第1の実施形態に係る監視装置3は、入力制限部303を備えている。ここで、入力制限部303は、上述の通り、キーボード23bに係る複数の入力動作の組み合わせによって構成される入力コマンドと、予め規定された入力制限対象コマンドと、を照合する。そして、入力コマンドが入力制限対象コマンドと一致する場合には、入力制限部303は、入力コマンドの実行を指示する入力動作(例えば、「Enterキー押下」)に関連付けられた電気信号パターンの、端末本体21への送出を制限する。
 このようにすることで、使用者が端末装置20を使用する上で制限すべき特定の入力コマンドを実行することを防止することができる。例えば、“format”なる入力コマンドは、端末装置20の記録媒体に記録されている情報を全て抹消するための入力コマンドであり、通常業務においては使用が制限されるべきものである。入力制限部303は、“format”なる文字列(入力コマンド)が構成されている場合に、当該入力コマンドの実行を指示する入力動作(Enterキー押下)に関連付けられた電気信号パターンの送出を制限する。これにより、使用者は、端末装置20に対して“format”に係る処理を実行することができなくなる。 In addition, the monitoring device 3 according to the first embodiment includes an input restriction unit 303. Here, as described above, the input restriction unit 303 collates an input command configured by a combination of a plurality of input operations related to the keyboard 23b with a predetermined input restriction target command. When the input command matches the input restriction target command, the input restriction unit 303 uses the terminal of the electric signal pattern associated with the input operation (for example, “Enter key press”) instructing the execution of the input command. Restrict sending to the main body 21.
By doing in this way, it can prevent that a user performs the specific input command which should be restrict | limited when using the terminal device 20. FIG. For example, the input command “format” is an input command for erasing all information recorded on the recording medium of the terminal device 20, and should be restricted in use in normal business. The input restriction unit 303 restricts transmission of an electric signal pattern associated with an input operation (pressing the Enter key) instructing execution of the input command when a character string “input” (an input command) is configured. To do. As a result, the user cannot execute the process related to “format” on the terminal device 20.
 また、第1の実施形態に係る監視装置3は、モニタ画像記録部304を更に備えている。ここで、モニタ画像記録部304は、上述の通り、入力動作特定部301によって特定された入力動作と、予め規定された画像抽出対象入力動作と、を照合する。そして、モニタ画像記録部304は、特定された入力動作が画像抽出対象入力動作と一致する場合には、端末装置20のモニタ22に表示されている画像を取得して記録媒体38に記録する。
 このようにすることで、所定の画像抽出対象入力動作を受け付けた時点で、モニタ22に表示されている画像をログとして記録することができる。例えば、使用者がマウス23aに対し“シングルクリック”の入力動作を行った場合、当該入力動作に係る情報のみでは、使用者が実際にどのような作業を行っているのかを把握できない場合が多い。そこで、マウス23aから“シングルクリック”の入力動作を受け付けた場合には、その時点における画像を別途記録することで、“シングルクリック”なる入力動作を経て使用者が行った作業をより詳細に把握することができる。 The monitoring device 3 according to the first embodiment further includes a monitor image recording unit 304. Here, the monitor image recording unit 304 collates the input operation specified by the input operation specifying unit 301 with the image extraction target input operation specified in advance as described above. The monitor image recording unit 304 acquires the image displayed on the monitor 22 of the terminal device 20 and records it on the recording medium 38 when the specified input operation matches the image extraction target input operation.
In this way, the image displayed on the monitor 22 can be recorded as a log when a predetermined image extraction target input operation is received. For example, when the user performs a “single click” input operation on the mouse 23a, it is often impossible to know what work the user is actually performing by using only information related to the input operation. . Therefore, when an input operation of “single click” is received from the mouse 23a, the operation performed by the user through the input operation of “single click” is grasped in more detail by separately recording an image at that time. can do.
 また、第1の実施形態に係る監視装置3は、使用者に対する認証処理を行うとともに、正しく認証された場合に、端末本体21と入力機器23との間を接続する認証処理部300を更に備えている。
 このようにすることで、正しく認証される前の段階では、端末本体21と入力機器23とが物理的に切り離されているため、認証処理を行っていない者が不正操作を行うことを防止することができる。 In addition, the monitoring device 3 according to the first embodiment further includes an authentication processing unit 300 that performs authentication processing for the user and connects the terminal body 21 and the input device 23 when correctly authenticated. ing.
By doing so, since the terminal main body 21 and the input device 23 are physically separated before being correctly authenticated, it is possible to prevent a person who has not performed authentication processing from performing an unauthorized operation. be able to.
 また、第1の実施形態に係る監視装置3は、使用者の入力動作が特定されたタイミングに応じて点灯手段(LED37)を発光させる発光制御部306を更に備えている。
 発光制御部306によれば、使用者が入力機器23に対して何らかの入力動作を行った場合、その都度、監視装置3のLED37が点灯する。これにより、監視装置3は、使用者に対し、自装置(監視装置3)が有効に機能していることを簡易的に認識させることができる。したがって、不正を行おうとする使用者の意識を減退させることができ、不正操作を抑止することができる。 The monitoring device 3 according to the first embodiment further includes a light emission control unit 306 that causes the lighting unit (LED 37) to emit light according to the timing when the user's input operation is specified.
According to the light emission control unit 306, whenever the user performs some input operation on the input device 23, the LED 37 of the monitoring device 3 is turned on. Thereby, the monitoring apparatus 3 can make a user recognize simply that the own apparatus (monitoring apparatus 3) is functioning effectively. Therefore, it is possible to reduce the consciousness of the user who intends to perform fraud, and to suppress fraudulent operations.
 また、第1の実施形態に係る監視装置3は、入力動作特定部301によって特定された入力動作を示す情報を表示手段(ディスプレイ35)に表示させる表示制御部305を更に備えている。
 表示制御部305によれば、例えば、使用者が「Enterキー押下」なる入力動作を行ったとき、ディスプレイ35には、当該入力動作を示す情報(“Enter”なる文字列情報)が表示される。そうすると、端末装置20の使用者は、自身が行った入力動作が、監視装置3によっても正しく認識されていることを把握する。これにより、監視装置3は、使用者に対し、使用者自身が行う入力動作が監視装置3において正確に検知されていることを視覚的に伝えることができる。したがって、使用者による不正操作を一層抑止することができる。 The monitoring device 3 according to the first embodiment further includes a display control unit 305 that displays information indicating the input operation specified by the input operation specifying unit 301 on the display unit (display 35).
According to the display control unit 305, for example, when the user performs an input operation such as “pressing the Enter key”, information indicating the input operation (character string information “Enter”) is displayed on the display 35. . Then, the user of the terminal device 20 grasps that the input operation performed by the user is correctly recognized by the monitoring device 3. Thereby, the monitoring device 3 can visually notify the user that the input operation performed by the user himself / herself is accurately detected by the monitoring device 3. Therefore, unauthorized operation by the user can be further suppressed.
<第1の実施形態の変形例>
 以上、第1の実施形態に係る監視装置3について詳細に説明したが、第1の実施形態に係る監視装置3の具体的な態様は、上述のものに限定されることはなく、要旨を逸脱しない範囲内において種々の設計変更等を加えることは可能である。 <Modification of First Embodiment>
Although the monitoring device 3 according to the first embodiment has been described in detail above, the specific aspect of the monitoring device 3 according to the first embodiment is not limited to the above-described one, and departs from the gist. It is possible to add various design changes and the like within the range not to be performed.
 例えば、第1の実施形態に係る監視装置3は、更に以下のような機能を備えていてもよい。
 監視装置3は、通常の業務においてなされる入力機器23からの入力動作の速さ(例えば、キーボード23bからの入力であれば一定時間当たりのキーの押下回数)を大幅に上回る速さの入力動作が検出された場合に、当該入力動作に応じた電気信号パターンとそれ以降の全て(或いは一定時間経過するまでの間)の電気信号パターンの送出を制限してもよい。
 より具体的には、まず、入力制限部303は、一の入力動作に、又は、複数の入力動作の組み合わせに関連付けられた電気信号パターンの経時的変化を示す「入力時系列パターン」を取得する。この「入力時系列パターン」は、例えば、連続して入力動作が行われた場合に入力機器23から連続して送出される電気信号パターンの集合を、一定時間間隔でサンプリングすることで得られる。
 そして、入力制限部303は、当該入力時系列パターンが、人間による入力動作の結果生じると想定される電気信号パターンの経時的変化を示す「標準時系列パターン」から逸脱している場合には、上記入力時系列パターンに含まれる電気信号パターンの、端末本体21への送出を制限する。なお、「標準時系列パターン」は、例えば、キーボード23bから1秒間に“20回”のキーの押下があった場合に当該キーボード23bから連続して送出される電気信号パターンの集合と一致するように予め規定される。
 ここで、近年、「BAD USB」と呼ばれるサイバー攻撃が問題視されている。「BAD USB」とは、USB機器に内蔵された制御ソフトウェア(ファームウェア)にマルウェアを仕込むことである。例えば、USBメモリにUSBキーボードの制御ファームウェアとキーボード入力の再現プログラムを仕込むことにより、ユーザの意図に反して勝手にキー入力が行われ得る。PC側にとっては、単にキーボードからユーザがキー入力したようにしか見えないこと、また、一般にUSBファームウェアはPC側からはアクセスできないことから、探知も駆除もできず原理的に完全な対策は困難とされている。
 しかしながら、上記態様の監視装置3は、人間による通常の入力動作が想定されて規定された「標準時系列パターン」から逸脱した「入力時系列パターン」が入力された場合に、悪意のあるプログラム(マルウェア)によってキーボード23bのキー操作が行われたものと判断し、当該入力時系列パターンの、端末本体21への送出を制限することができる。したがって、入力機器23に内蔵される制御用ソフトウェアが悪意のあるプログラムに感染しており、それによって作業者の意図しないコマンドが入力されたり、端末本体が不正に操作されたりすることを防止することができる。 For example, the monitoring device 3 according to the first embodiment may further include the following functions.
The monitoring device 3 performs an input operation at a speed significantly exceeding the speed of the input operation from the input device 23 performed in normal business (for example, the number of times the key is pressed per predetermined time if the input is from the keyboard 23b). When the signal is detected, the transmission of the electric signal pattern corresponding to the input operation and all electric signal patterns thereafter (or until a predetermined time elapses) may be restricted.
More specifically, first, the input restriction unit 303 acquires an “input time-series pattern” indicating a change with time of an electric signal pattern associated with one input operation or a combination of a plurality of input operations. . This “input time-series pattern” is obtained, for example, by sampling a set of electrical signal patterns that are continuously transmitted from the input device 23 when an input operation is continuously performed at regular time intervals.
Then, when the input time series pattern deviates from the “standard time series pattern” indicating the temporal change of the electric signal pattern assumed to be generated as a result of the input operation by a human, the input restriction unit 303 The transmission of the electric signal pattern included in the input time series pattern to the terminal body 21 is restricted. Note that the “standard time series pattern” matches, for example, a set of electrical signal patterns that are continuously transmitted from the keyboard 23b when the key is pressed “20 times” per second from the keyboard 23b. Predefined.
Here, in recent years, a cyber attack called “BAD USB” has been regarded as a problem. “BAD USB” refers to charging malware into control software (firmware) built in a USB device. For example, by loading a USB keyboard control firmware and a keyboard input reproduction program into a USB memory, key input can be performed without permission from the user. For the PC side, it seems that the user has just entered the key from the keyboard, and generally, the USB firmware cannot be accessed from the PC side, so detection and removal cannot be performed, and it is difficult to take a complete countermeasure in principle. Has been.
However, the monitoring device 3 according to the above aspect, when an “input time series pattern” that deviates from a “standard time series pattern” that is defined assuming normal input operations by human beings is input, a malicious program (malware ), It is determined that the key operation of the keyboard 23b has been performed, and transmission of the input time series pattern to the terminal body 21 can be restricted. Therefore, it is possible to prevent the control software built in the input device 23 from being infected with a malicious program, thereby causing a command not intended by the operator to be input or the terminal body to be illegally operated. Can do.
 また、第1の実施形態においては、モニタ画像記録部304は、所定の画像抽出対象入力動作と一致する入力動作が特定された場合に、モニタ22に表示されている画像を抽出する(スクリーンショットを行う)ものとして説明した。しかし、他の実施形態においてはこの態様に限定されない。
 例えば、第1の実施形態の変形例に係るモニタ画像記録部304は、時間を計測し、予め規定された時間が経過したタイミング(又は、予め規定された時刻となったタイミング)でスクリーンショットを行うものとしてもよい。 In the first embodiment, the monitor image recording unit 304 extracts an image displayed on the monitor 22 when an input operation that matches a predetermined image extraction target input operation is specified (screenshot). Explained). However, other embodiments are not limited to this aspect.
For example, the monitor image recording unit 304 according to the modification of the first embodiment measures time, and takes a screen shot at a timing when a predetermined time has elapsed (or timing when a predetermined time is reached). It may be done.
 また、第1の実施形態に係る入力動作記録部302(モニタ画像記録部304)は、監視装置3自身が内蔵する記録媒体38に入力動作ログ385(モニタ画像ログ386)を記録するものとして説明したが、他の実施形態においてはこの態様に限定されない。
 例えば、第1の実施形態の変形例に係る入力動作記録部302(モニタ画像記録部304)は、入力動作ログ385(モニタ画像ログ386)を、ネットワークを介して遠隔地に設置されたサーバー装置に記録する態様であってもよい。
 即ち、監視装置3は、各種ログ(入力動作ログ385、モニタ画像ログ386)を記録するための記録媒体を具備しない態様であってもよい。 Further, the input operation recording unit 302 (monitor image recording unit 304) according to the first embodiment is described as recording the input operation log 385 (monitor image log 386) in the recording medium 38 built in the monitoring device 3 itself. However, other embodiments are not limited to this aspect.
For example, the input operation recording unit 302 (monitor image recording unit 304) according to the modified example of the first embodiment has an input operation log 385 (monitor image log 386) installed in a remote place via a network. It may be a mode of recording.
In other words, the monitoring device 3 may have a mode in which a recording medium for recording various logs (the input operation log 385 and the monitor image log 386) is not provided.
 また、第1の実施形態に係る監視装置3は、カードリーダ36を具備し、当該カードリーダ36を通じて読み取られた使用者識別情報に基づいて、認証処理を行うものとして説明したが、他の実施形態においてはこの態様に限定されない。
 例えば、第1の実施形態の変形例に係る監視装置3は、カードリーダ36を具備しない代わりに、使用者からログインID及びパスワードの入力を受け付ける入力手段(例えば、テンキー等)を有する態様としてもよい。また、この場合、監視装置3は、端末装置20の入力機器23であるキーボード23bを、監視装置3に対する認証処理用の入力手段として流用してもよい。 Further, the monitoring device 3 according to the first embodiment has been described as including the card reader 36 and performing the authentication process based on the user identification information read through the card reader 36. The form is not limited to this aspect.
For example, the monitoring device 3 according to the modified example of the first embodiment may include an input unit (for example, a numeric keypad) that receives a login ID and a password from a user, instead of including the card reader 36. Good. In this case, the monitoring device 3 may divert the keyboard 23b, which is the input device 23 of the terminal device 20, as an input unit for authentication processing with respect to the monitoring device 3.
 また、第1の実施形態に係る監視装置3は、ディスプレイ35、及び、表示制御部305を有する態様として説明したが、他の実施形態においてはこの態様に限定されない。
 第1の実施形態の変形例に係る監視装置3は、ディスプレイ35を具備せず、また、CPU30は、表示制御部305を有しない態様であってもよい。 Moreover, although the monitoring apparatus 3 which concerns on 1st Embodiment was demonstrated as an aspect which has the display 35 and the display control part 305, in other embodiment, it is not limited to this aspect.
The monitoring apparatus 3 according to the modification of the first embodiment may not include the display 35 and the CPU 30 may not include the display control unit 305.
 また、第1の実施形態に係る監視装置3は、LED37、及び、発光制御部306を有する態様として説明したが、他の実施形態においてはこの態様に限定されない。
 第1の実施形態の変形例に係る監視装置3は、LED37を具備せず、また、CPU30は、発光制御部306を有しない態様であってもよい。 Moreover, although the monitoring apparatus 3 which concerns on 1st Embodiment was demonstrated as an aspect which has LED37 and the light emission control part 306, in other embodiment, it is not limited to this aspect.
The monitoring device 3 according to the modification of the first embodiment may not include the LED 37, and the CPU 30 may not include the light emission control unit 306.
 また、第1の実施形態に係る監視装置3のCPU30は、入力制限部303、モニタ画像記録部304の機能を有するものとして説明したが、他の実施形態においてはこの態様に限定されない。即ち、他の実施形態に係る監視装置3については、入力制限部303、モニタ画像記録部304、入力制限対象コマンドテーブル383、画像抽出対象入力動作テーブル384は、必須の構成ではない。 In addition, although the CPU 30 of the monitoring device 3 according to the first embodiment has been described as having the functions of the input restriction unit 303 and the monitor image recording unit 304, other embodiments are not limited to this mode. That is, for the monitoring device 3 according to another embodiment, the input restriction unit 303, the monitor image recording unit 304, the input restriction target command table 383, and the image extraction target input operation table 384 are not essential components.
 また、第1の実施形態において、「入力コマンド」とは、キーボード23bからの複数の入力動作の組み合わせ(文字列)からなるものとして説明したが、他の実施形態においては、単独の入力動作(例えば、アルファベット一文字)のみからなる入力コマンドがあってもよい。 In the first embodiment, the “input command” has been described as a combination (character string) of a plurality of input operations from the keyboard 23b. However, in other embodiments, a single input operation ( For example, there may be an input command consisting of only one alphabetic character.
 また、第1の実施形態において、「電気信号パターン」とは、「High」及び「Low」の2種類の電圧レベルで関連付けられた論理情報「1」、「0」の配列パターンであるものとして説明したが、他の実施形態においてはこの態様に限定されない。即ち、電気信号パターンは、入力機器23で受け付けた入力動作が如何なるものかを、端末本体21側で区別可能でさえあれば如何なる態様でであってもよい。 In the first embodiment, the “electric signal pattern” is an array pattern of logical information “1” and “0” associated with two kinds of voltage levels of “High” and “Low”. Although described, other embodiments are not limited to this aspect. That is, the electric signal pattern may be in any form as long as the input operation accepted by the input device 23 can be distinguished on the terminal body 21 side.
 また、上述の各実施形態においては、上述した監視装置3の各種処理の過程は、プログラムの形式でコンピュータ読み取り可能な記録媒体に記憶されており、このプログラムをコンピュータが読み出して実行することによって上記各種処理が行われる。また、コンピュータ読み取り可能な記録媒体とは、磁気ディスク、光磁気ディスク、CD-ROM、DVD-ROM、半導体メモリ等をいう。また、このコンピュータプログラムを通信回線によってコンピュータに配信し、この配信を受けたコンピュータが当該プログラムを実行するようにしても良い。 Further, in each of the above-described embodiments, the processes of the various processes of the monitoring device 3 described above are stored in a computer-readable recording medium in the form of a program. Various processes are performed. The computer-readable recording medium is a magnetic disk, a magneto-optical disk, a CD-ROM, a DVD-ROM, a semiconductor memory, or the like. Alternatively, the computer program may be distributed to the computer via a communication line, and the computer that has received the distribution may execute the program.
 上記プログラムは、上述した機能の一部を実現するためのものであってもよい。さらに、上述した機能をコンピュータシステムにすでに記録されているプログラムとの組み合わせで実現できるもの、いわゆる差分ファイル(差分プログラム)であってもよい。更に、監視装置3は、1台のコンピュータで構成されていても良いし、通信可能に接続された複数のコンピュータで構成されていてもよい。 The above program may be for realizing a part of the above-described functions. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, what is called a difference file (difference program) may be sufficient. Furthermore, the monitoring device 3 may be composed of a single computer, or may be composed of a plurality of computers connected so as to be communicable.
 以上のとおり、本発明に係るいくつかの実施形態を説明したが、これら全ての実施形態は、例として提示したものであり、発明の範囲を限定することを意図していない。これらの実施形態は、その他の様々な形態で実施されることが可能であり、発明の要旨を逸脱しない範囲で種々の省略、置き換え、変更を行うことができる。これらの実施形態及びその変形は、発明の範囲や要旨に含まれると同様に、特許請求の範囲に記載された発明とその均等の範囲に含まれる。 As described above, several embodiments according to the present invention have been described. However, all these embodiments are presented as examples, and are not intended to limit the scope of the invention. These embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the invention described in the claims and equivalents thereof as well as included in the scope and gist of the invention.
 上述の監視装置、集計システム、監視方法及びプログラムによれば、使用者が端末装置に対して行う入力動作に関する情報を適切に記録して、事後的な解析作業の負担を軽減することができる。 According to the above-described monitoring device, counting system, monitoring method, and program, it is possible to appropriately record information related to the input operation performed by the user on the terminal device, thereby reducing the burden of subsequent analysis work.
1 料金所
10 有人ブース
10A 料金収受機
2 料金所事務所
2A 集計システム
20 端末装置
21 端末本体
21a 接続インタフェース
22 モニタ
23 入力機器
23a マウス
23b キーボード
23c パネルコンピュータ
3 監視装置
30 CPU
300 認証処理部
301 入力動作特定部
302 入力動作記録部
303 入力制限部
304 モニタ画像記録部
305 表示制御部
306 発光制御部
31 本体側接続インタフェース
32 機器側接続インタフェース
33 信号伝送部
34 接続スイッチ
35 ディスプレイ
36 カードリーダ
37 LED
38 記録媒体
380 認証用テーブル
381 入力動作特定用テーブル
382 記録対象入力動作テーブル
383 入力制限対象コマンドテーブル
384 画像抽出対象入力動作テーブル
385 入力動作ログ
386 モニタ画像ログ
α、β 伝送ライン 1 toll booth 10 manned booth 10A toll booth 2 toll booth office 2A totaling system 20 terminal device 21 terminal body 21a connection interface 22 monitor 23 input device 23a mouse 23b keyboard 23c panel computer 3 monitoring device 30 CPU
300 Authentication processing unit 301 Input operation specifying unit 302 Input operation recording unit 303 Input restriction unit 304 Monitor image recording unit 305 Display control unit 306 Light emission control unit 31 Main body side connection interface 32 Device side connection interface 33 Signal transmission unit 34 Connection switch 35 Display 36 Card reader 37 LED
38 Recording medium 380 Authentication table 381 Input operation specifying table 382 Recording target input operation table 383 Input restriction target command table 384 Image extraction target input operation table 385 Input operation log 386 Monitor image log α, β Transmission line

Claims (10)

  1.  情報処理を行う端末装置の端末本体と、使用者の入力動作に関連付けられた電気信号パターンを前記端末本体に向けて送出する入力機器との間に接続された監視装置であって、
     前記端末本体と接続される本体側接続インタフェースと、
     前記入力機器と接続される機器側接続インタフェースと、
     前記電気信号パターンに関連する使用者の入力動作を特定する入力動作特定部と、
     特定された前記入力動作のうち、予め規定された記録対象入力動作を記録媒体に記録する入力動作記録部と、
     を備える監視装置。     A monitoring device connected between a terminal body of a terminal device that performs information processing and an input device that sends an electric signal pattern associated with a user's input operation toward the terminal body,
    A main body side connection interface connected to the terminal main body,
    A device-side connection interface connected to the input device;
    An input operation specifying unit for specifying an input operation of a user related to the electrical signal pattern;
    Among the specified input operations, an input operation recording unit that records a predetermined recording target input operation on a recording medium;
    A monitoring device comprising:
  2.  一の前記入力動作によって、又は、複数の前記入力動作の組み合わせによって構成される入力コマンドと、予め規定された入力制限対象コマンドと、を照合し、前記入力コマンドが前記入力制限対象コマンドと一致する場合には、前記入力コマンドの実行を指示する入力動作に関連付けられた電気信号パターンの、前記端末本体への送出を制限する入力制限部を更に備える
     請求項1に記載の監視装置。     An input command configured by one input operation or a combination of a plurality of input operations is compared with a predetermined input restriction target command, and the input command matches the input restriction target command. The monitoring apparatus according to claim 1, further comprising: an input restriction unit that restricts transmission of an electric signal pattern associated with an input operation instructing execution of the input command to the terminal body.
  3.  前記入力制限部は、一の前記入力動作に、又は、複数の前記入力動作の組み合わせに関連付けられた前記電気信号パターンの経時的変化を示す入力時系列パターンを取得し、当該入力時系列パターンが、人間による入力動作の結果生じると想定される電気信号パターンの経時的変化を示す標準時系列パターンから逸脱している場合には、前記入力時系列パターンに含まれる前記電気信号パターンの、前記端末本体への送出を制限する
     請求項2に記載の監視装置。     The input restriction unit obtains an input time series pattern indicating a temporal change of the electric signal pattern associated with one input operation or a combination of a plurality of the input operations, and the input time series pattern is The terminal body of the electrical signal pattern included in the input time-series pattern when it deviates from a standard time-series pattern indicating a change over time of the electrical signal pattern assumed to occur as a result of human input operation The monitoring device according to claim 2, wherein transmission to the device is restricted.
  4.  特定された前記入力動作と、予め規定された画像抽出対象入力動作と、を照合し、前記入力動作が前記画像抽出対象入力動作と一致する場合には、前記端末装置のモニタに表示されている画像を取得して記録媒体に記録するモニタ画像記録部を更に備える
     請求項1から請求項3の何れか一項に記載の監視装置。     The specified input operation is compared with a predetermined image extraction target input operation, and when the input operation matches the image extraction target input operation, the input operation is displayed on the monitor of the terminal device. The monitoring apparatus according to any one of claims 1 to 3, further comprising a monitor image recording unit that acquires an image and records the image on a recording medium.
  5.  使用者に対する認証処理を行うとともに、正しく認証された場合に、前記端末本体と前記入力機器との間を接続する認証処理部を更に備える
     請求項1から請求項4の何れか一項に記載の監視装置。     The authentication process part which connects between the said terminal main body and the said input device when it authenticates correctly while performing the authentication process with respect to a user is further provided. Monitoring device.
  6.  使用者の前記入力動作が特定されたタイミングに応じて点灯手段を発光させる発光制御部を更に備える
     請求項1から請求項5の何れか一項に記載の監視装置。     The monitoring apparatus according to any one of claims 1 to 5, further comprising a light emission control unit that causes the lighting unit to emit light according to a timing when the input operation of the user is specified.
  7.  特定された前記入力動作に関連付けられた情報を表示手段に表示させる表示制御部を更に備える
     請求項1から請求項6の何れか一項に記載の監視装置。     The monitoring apparatus according to claim 1, further comprising: a display control unit that causes a display unit to display information associated with the specified input operation.
  8.  請求項1から請求項7の何れか一項に記載の監視装置と、
     前記端末装置と、
     を備え、
     前記端末装置は、
     前記情報処理として、有料道路の料金所にて収受された料金の集計処理を行う
     集計システム。     The monitoring device according to any one of claims 1 to 7,
    The terminal device;
    With
    The terminal device
    A totaling system that performs a totaling process of tolls collected at a toll gate on a toll road as the information processing.
  9.  情報処理を行う端末装置の端末本体と、使用者の入力動作に関連付けられた電気信号パターンを前記端末本体に向けて送出する入力機器との間に接続され、前記端末本体と接続される本体側接続インタフェースと、前記入力機器と接続される機器側接続インタフェースと、を有する監視装置を用いた監視方法であって、
     前記電気信号パターンに関連する使用者の入力動作を特定するステップと、
     特定された前記入力動作のうち、予め規定された記録対象入力動作を記録媒体に記録するステップと、
     を有する監視方法。     The main body connected to the terminal main body is connected between the terminal main body of the terminal device that performs information processing and an input device that sends an electric signal pattern associated with the input operation of the user toward the terminal main body A monitoring method using a monitoring device having a connection interface and a device-side connection interface connected to the input device,
    Identifying a user input action associated with the electrical signal pattern;
    Of the specified input operations, a step of recording a predetermined recording target input operation on a recording medium;
    Monitoring method.
  10.  情報処理を行う端末装置の端末本体と、使用者の入力動作に関連付けられた電気信号パターンを前記端末本体に向けて送出する入力機器との間に接続され、前記端末本体と接続される本体側接続インタフェースと、前記入力機器と接続される機器側接続インタフェースと、を有する監視装置のコンピュータを、
     前記電気信号パターンに関連する使用者の入力動作を特定する入力動作特定部、
     特定された前記入力動作のうち、予め規定された記録対象入力動作を記録媒体に記録する入力動作記録部、
     として機能させるプログラム。     The main body connected to the terminal main body is connected between the terminal main body of the terminal device that performs information processing and an input device that sends an electric signal pattern associated with the input operation of the user toward the terminal main body A monitoring device computer comprising: a connection interface; and a device-side connection interface connected to the input device.
    An input operation specifying unit for specifying the user's input operation related to the electrical signal pattern;
    Among the specified input operations, an input operation recording unit that records a predetermined recording target input operation on a recording medium,
    Program to function as.
PCT/JP2017/003995 2016-03-18 2017-02-03 Monitoring device, aggregation system, monitoring method, and program WO2017159106A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020187026581A KR102156025B1 (en) 2016-03-18 2017-02-03 Monitoring device, aggregation system, monitoring method and program
MYPI2018703245A MY193759A (en) 2016-03-18 2017-02-03 Monitoring device, aggregation system, monitoring method, and program

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2016055308A JP6905311B2 (en) 2016-03-18 2016-03-18 Monitoring equipment, aggregation system, monitoring method and program
JP2016-055308 2016-03-18

Publications (1)

Publication Number Publication Date
WO2017159106A1 true WO2017159106A1 (en) 2017-09-21

Family

ID=59852202

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/003995 WO2017159106A1 (en) 2016-03-18 2017-02-03 Monitoring device, aggregation system, monitoring method, and program

Country Status (4)

Country Link
JP (1) JP6905311B2 (en)
KR (1) KR102156025B1 (en)
MY (1) MY193759A (en)
WO (1) WO2017159106A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5354417A (en) * 1976-10-28 1978-05-17 Toshiba Corp Key input device
JPH02130611A (en) * 1988-11-10 1990-05-18 Nec Corp Command mask circuit for keyboard
JPH04288667A (en) * 1991-03-18 1992-10-13 Nec Eng Ltd Information processor
JPH10171844A (en) * 1996-12-06 1998-06-26 Nec Corp Device for collecting operational log
JP2003044320A (en) * 2001-07-31 2003-02-14 Pfu Ltd Educational system
JP2013097616A (en) * 2011-11-01 2013-05-20 Nippon Telegr & Teleph Corp <Ntt> User operation log recording method and device thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003203254A (en) 2002-01-07 2003-07-18 Mitsubishi Heavy Ind Ltd Monitoring board for toll receiving system of toll road
KR20030055235A (en) * 2003-06-13 2003-07-02 임형철 Method and apparatus for controlling a keyboard operation and storage medium storing the same
KR101303843B1 (en) * 2011-07-06 2013-09-16 브랜든 와이. 김 Gesture Password System and Method thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5354417A (en) * 1976-10-28 1978-05-17 Toshiba Corp Key input device
JPH02130611A (en) * 1988-11-10 1990-05-18 Nec Corp Command mask circuit for keyboard
JPH04288667A (en) * 1991-03-18 1992-10-13 Nec Eng Ltd Information processor
JPH10171844A (en) * 1996-12-06 1998-06-26 Nec Corp Device for collecting operational log
JP2003044320A (en) * 2001-07-31 2003-02-14 Pfu Ltd Educational system
JP2013097616A (en) * 2011-11-01 2013-05-20 Nippon Telegr & Teleph Corp <Ntt> User operation log recording method and device thereof

Also Published As

Publication number Publication date
MY193759A (en) 2022-10-27
JP6905311B2 (en) 2021-07-21
KR20180112845A (en) 2018-10-12
KR102156025B1 (en) 2020-09-15
JP2017168051A (en) 2017-09-21

Similar Documents

Publication Publication Date Title
US10606988B2 (en) Security device, methods, and systems for continuous authentication
US9047464B2 (en) Continuous monitoring of computer user and computer activities
US8856542B2 (en) System and method for detecting malware that interferes with the user interface
US9092605B2 (en) Ongoing authentication and access control with network access device
TWI726834B (en) Cyber breach diagnostics system for generating suspicious event sequence diagram for use in diagnosing whether target network system is breached by cyber attack
CN101436247B (en) Biological personal identification method and system based on UEFI
TW201945969A (en) File processing method and system, and data processing method
JP2012043208A (en) Security management system, information processor, offline device, security management method, and program
EP3719688A1 (en) Operation authentication relay device, method, and program
JP2012073902A (en) Personal authentication system, personal authentication method, program and recording medium
WO2022239004A1 (en) A computerized charging/interface device with malware detection and backup capabilities
KR101383664B1 (en) Analyzing system for behavior of each unit file
WO2017159106A1 (en) Monitoring device, aggregation system, monitoring method, and program
JP2007133658A (en) Cardless authentication system, cardless authentication method to be used for same, and cardless authentication program
KR101555914B1 (en) Universal serial bus remote control system
EP2750066B1 (en) System and method for detecting malware that interferes with a user interface
KR102221726B1 (en) Endpoint detection and response terminal device and method
JP2015055960A (en) Monitoring device, information processing system, monitoring method, and program
KR102656375B1 (en) System and method for operating digital rights management for enhancing security of shared contents
KR102480453B1 (en) Personal information sharing device through personal information collection entity
KR102670498B1 (en) Apparatus for blockchain based endpoint detection and response
KR100676912B1 (en) Apparatus for protecting file illegal accessing and sending in network computers
KR102627064B1 (en) Apparatus for endpoint detection and response based on ai behavior analysis
EP4421664A1 (en) Unauthorized access detection system and unauthorized access detection method
KR20180115582A (en) System for real-time protection of computer storage devices using user behavior analysis and control method thereof

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 20187026581

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 1020187026581

Country of ref document: KR

NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17766114

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 17766114

Country of ref document: EP

Kind code of ref document: A1