The present disclosure relates to an electronic device with a security function for imposing restrictions on a person other than an authenticated user who is accepted user registration and for preventing information leakage, and an authentication method implemented in the electronic device.
Electronic devices have been utilized not only to store information in large quantities and accurately but also to store high confidential information and information about individual privacy information. Thus, high security is increasingly requested for extracting information from the electronic devices and utilizing the electronic devices.
As an example of security, there has been proposed a method in which an authenticated user previously registers a password (including a personal identification number). At a time when using an electronic device, the password is inputted to authenticate as a user. Thereby, this electronic device becomes available.
In addition, the password and personal identification number are prone to be difficult to learn and easy to forget. In view of this, there has also been proposed a method in which a user accepts user authentication by showing a drawing pattern.
In order to enhance a security level by the aid of the password authentication or the drawing pattern authentication, there has been proposed heretofore various technologies.
For example, plural sensors are provided at the side surface of a mobile type electronic device to input a password or a drawing pattern. In addition to this operation, an operation pattern other than a button operation and a touch panel operation is used to authenticate a user.
Moreover, even if authentication is accepted by such a password, when, for example, the mobile type electronic device is lost, there is a fear that the security may be broken by Brute-force attack. Thus, there has also been proposed a technology to deal with such Brute-force attack. This technology determines that the device is illegally used by a person other than the authorized user when characteristics of an operation at a time when a user authentication is accepted are different from those of an authorized user who is accepted user registration. Thereby, the subsequent operations of the electronic device are made invalid.
When an electronic device is shared by a plurality of users whose passwords are separately registered, an authenticated user sometimes may leave from the electronic device without performing an authentication end processing and a utilization end processing such as a log out. Then, there is a fear, for example, that information or the like about the authenticated user is stolen illegally by an unauthenticated person or the like. There is also a fear of leakage of various information from the electronic device. The aforesaid technology also has an effect of preventing such an illegal utilization.