The invention relates to an authentication information processing technology.
Generally, there are a variety of information processing systems (that include utilizing Web pages, various categories of applications, etc.) operated by establishing connections to a server via a network from various types of information processing devices (which will hereinafter be called user terminals) such as computers, etc. Normally, this type of system requires inputting authentication information such as a password, an ID number, etc. in order to prevent a wrong use by others.
In the system, pieces of individual information such as a user name, a password, etc. are managed in block on a server side. Then, a user side performs a log-in (connection) operation to the server as the necessity may arise. The server accepting the log-in operation executes an authentication process about the log-in operation by the user. When the server authenticates the log-in operation by the user, the user is allowed to utilize the system.
Normally, the authentication process is that all the terminals connectable to the server can log in simply by inputting the authentication information such as the user name or the password, etc. Therefore, in the system, it was not sufficient to ensure the security such as preventing a wrong entry into the server, and so forth. Accordingly, the conventional system has a possibility of causing a leakage of various pieces of information such as user information and so on.
For example, the following methods can be exemplified as methods of maintaining the security of the system accepting the log-in from the multiplicity of user terminals.
First, a log-in procedure for having other pieces of authentication information inputted, excluding the user name or the password, is also considered.
For instance, there is the log-in procedure in which the password is inputted. Further, there are other log-in procedures, wherein a keyword (example: user's individual information is preset as a keyword, and this keyword is inquired about) is displayed at random, and characters to be inputted each time are changed. Of these other procedures, there is a procedure involving a finger print authentication and the use of an ID card (such as a smart card, etc.) from which an individual can be identified. Moreover, one of the log-in procedures is that the log-in is permitted from a timing of the log-in operation.
Other than the security level maintaining technology by adding the log-in procedure as described above, for example, the following technologies are considered.
To begin with, as the technology described above, a technology of adequately automatically changing the password when logging in, is disclosed (Japan publication of patent application No. 7-160638 and Japan publication of patent application No. 7-18206).
Moreover, as the technology described above, there is disclosed a technology related to simple authentication in which a log-in operation from the already-authenticated user is to be authenticated from next time onwards by way of the simple authentication (Japan publication of patent application No. 2000-36809).
Disclosed further as the technology described above is a technology related to log-in control, wherein a specified user determined by a security level among a plurality of users utilizing the same user ID, can log in (Japan publication of patent application No. 4-277855).
Disclosed moreover as the technology described above is a technology related to a log-in system for judging whether a command can be executed or not by judging a security level of a communication path when logging in (Japan publication of patent application No. 6-337844).
Further, as the technology described above, there is disclosed a technology related to user authentication based on a user ID and a password designated by the user and a key character string preset by an authentication system (Japan publication of patent application No. 2001-273259).