+

WO1997031317A1 - Procede de gestion des acces a un systeme informatique - Google Patents

Procede de gestion des acces a un systeme informatique Download PDF

Info

Publication number
WO1997031317A1
WO1997031317A1 PCT/JP1996/000424 JP9600424W WO9731317A1 WO 1997031317 A1 WO1997031317 A1 WO 1997031317A1 JP 9600424 W JP9600424 W JP 9600424W WO 9731317 A1 WO9731317 A1 WO 9731317A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
user
information system
access management
management method
Prior art date
Application number
PCT/JP1996/000424
Other languages
English (en)
Japanese (ja)
Inventor
Motohisa Funabashi
Hiroaki Sengoku
Akira Maeda
Kenichi Yoshida
Original Assignee
Hitachi, Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi, Ltd. filed Critical Hitachi, Ltd.
Priority to PCT/JP1996/000424 priority Critical patent/WO1997031317A1/fr
Publication of WO1997031317A1 publication Critical patent/WO1997031317A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour

Definitions

  • the present invention relates to an information system that can be used (accessed) by a plurality of users.
  • the present invention relates to a response to an access request from a user, and in particular to an access management method for preventing an unauthorized information system from being used by a user who does not have an access right.
  • a password is given to a user in advance.
  • the user enters a password given at the time of starting access to the information system, and permits use of the information system only when the entered password is recognized as valid. Things. Whether the password is valid is the same as the previously given passcode and the entered passcode, and is the user given the passcode authorized as a user of the information system? It is determined by whether or not.
  • An object of the present invention is to accurately detect and prevent unauthorized access to an information system. It is another object of the present invention to provide an information system access management method adapted to a distributed information system. Furthermore, it is not just to detect unauthorized access, but also malicious It also aims to provide an access control method for information systems that is resistant to attacks on the authentication function of power. Disclosure of the invention
  • the authentication of access to the information system does not depend only on the password. Also, unauthorized access is prevented by performing the authentication work not only once but also during the access (during the session). In addition, we restructured the overall logic so that it could use not only statistical processing and rule-based techniques that were conventionally used to detect fraud, but also better logic.
  • the physiological characteristics of the user and how to operate the information system from the terminal are used as the basic information for authentication, and a predetermined process is performed for the judgment process on the basic information based on the knowledge about the immune action in the biological system.
  • the decision processing function is configured to operate in a distributed and cooperative manner by one or more information processing mechanisms existing in the information system.
  • the manner of operation and physiological characteristics of the user with respect to the information system are information indicating characteristics unique to the user.
  • the operation method may be an operation pattern from the terminal.
  • the operation patterns include the time-series pattern of the keystroke of the terminal key, the time-series pattern of the operation of the mouse and pen, the character conversion pattern such as kana-kanji conversion, file generation driven from the terminal, and file reference / change.
  • There are program operation patterns such as patterns.
  • Physiological features include facial images, audio, and fingerprints.
  • the above-mentioned object can be achieved by continuously determining the validity of the user during the session by using such information as a source.
  • the validity refers to, for example, a match between a registered name of a user registered in advance and a user who has actually accessed. This ongoing determination of justification must be made in a very uncertain environment. Therefore, in the present invention, the management action of the information system is performed in parallel with the judgment, such as actively collecting the characteristics of the user as necessary.
  • a more specific configuration for operating one or more information processing mechanisms existing in the information system in a distributed and cooperative manner is as follows. Information monitored by the decentralized management functions is exchanged with each other, and the grant of access rights is determined in a distributed manner based on the exchanged information.
  • FIG. 1 is a diagram showing a basic configuration of an information system for realizing the present invention.
  • FIG. 2 is a diagram showing a configuration of a distributed computer system to which the present invention has been applied.
  • FIG. 3 is a diagram showing an operation flow of the present invention.
  • FIG. 1 shows a basic configuration of an information system for realizing the present invention.
  • 11 is a user terminal used by the user to access the information system. Although only one 11 is shown here, there is one or more 11.
  • Reference numeral 12 denotes an information processing mechanism in which a user accesses using the user terminal 11 and utilizes the resources.
  • 1 2 has at least one as well as 1 1.
  • 1 3 is a communication network connecting 1 1 and 1 2.
  • Reference numeral 14 denotes a system administrator terminal 14 for an administrator who manages the information system. The system administrator terminal 14 may be configured to be installed as needed.
  • the information processing mechanism 12 allocates system resources according to the request from the user, determines the validity of the user with the process monitor means 12 1 that satisfies the information processing request from the user, and should respond according to the situation. It has a repetitive authentication means 1 2 2 that issues an action.
  • the repetitive authentication means 122 has a user authentication means 123 for judging (authenticating) the validity of the user.
  • the user authentication means 123 determines the validity using the user determination function stored in the storage means 124.
  • the repetitive authentication means 122 also has an action determination means 125 for determining an appropriate action based on the judgment made by the user authentication means 123 and issuing the action.
  • the action determination means 125 determines an action using the action determination rules stored in the storage means 126.
  • the user discriminant function is a function that receives information representing the characteristics of a user as an input and outputs the validity of the user as a numerical value.
  • the information representing the characteristics of the user is a manner of operation or a logical characteristic of the user with respect to the information system. These include those described above.
  • the operation method may be input as time-series information.
  • the action decision rule is a description of an action command to be taken by the system administrator by the repetitive authentication means 122 based on the output of the user discriminant function.
  • the operation of the configuration shown in FIG. 1 is as follows. First, the user inputs his / her password from the user terminal 11 to the information processing mechanism 12 and obtains permission to use the information system. After obtaining the permission, the user requests the information processing mechanism 12 through the user terminal 11 for desired processing. Up to this point, it is the same as the system management process in a conventional information system. However, in parallel with this processing, the user authentication means 1 2 3 sends the user's operation history on the user terminal 11 and the program It monitors at least one of the movement of the ram and a physiological feature measured by a sensor attached to the user terminal 11. Then, it evaluates whether the result monitored using the user discriminant function is that of the user to whom the information system has given the license.
  • continuous monitoring will increase the accuracy of monitoring.
  • continuous monitoring means that monitoring may be performed at predetermined time intervals. Also, a predetermined process may be monitored as a trigger. In addition, monitoring may be continuously performed.
  • the function determining means 125 performs the following processing using the result of the evaluation as input. First, an action to be taken by the information system is determined based on the action determination rules stored in the storage means 122, and the determined content is sent to a predetermined target according to the determined action. For example, when it is doubtful that the user currently using the information system is a legitimate user, a message may be displayed on the user terminal 11 so as to input a keyword again. If the keyword is not input again, the use of the information system may be prohibited.
  • the action determining means performs the following processing.
  • 1 Notify the process monitor and Increase the recording density of user startup of programs and access to files, and restrict these actions.
  • (3) Notify other information processing mechanisms 12 that a user deemed suspicious for personal authentication has entered.
  • Information about the user may also be reported.
  • the information about the user is, for example, information indicating the characteristics of the user, the address of the user terminal 11 used, and the like. ⁇ Notify the system administrator that a suspicious user has entered the personal authentication.
  • information on the user may be reported as in (3).
  • at least one of the processing of 1 to 4 may be performed.
  • the present invention measures information that characterizes the individual in the user's physiological characteristics and actions. This measurement should be made continuously. In addition, these information may be used in combination with the following items.
  • One is to measure when the user operates the user terminal 11 c.
  • it is time-series information on operation input to the user's user terminal 11 or the administrator's system administrator terminal 12 .
  • the keying time-series pattern includes data such as the speed at which the keyboard is hit, input errors, and the frequency of use of each key.
  • the mouse movement time-series pattern includes the speed, direction, and position of the mouse at a predetermined time.
  • the character conversion pattern This includes case conversion of data and conversion (translation) between different languages.
  • a terminal operation pattern is referred to as a terminal operation pattern.
  • cameras and microphones are added to terminals, and video and audio information obtained through these cameras is information that characterizes individuals.
  • Each of the keying time-series patterns and the kana-kanji conversion patterns described above contains individual characteristics.
  • the present invention pays attention to this fact and uses these patterns (information) for authentication diagnosis.
  • the other is an access pattern to a program / file activated by input from the user terminal 11.
  • a series of history information such as program execution, file creation, reference, change, and deletion is also characteristic information that indicates the user's personality. Therefore, this information is also used for the authentication judgment process.
  • program operation pattern such information is referred to as a program operation pattern.
  • the present invention may have a configuration in which such information is distributed to a plurality of packets and transmitted from the user terminal 11 to the information processing mechanism 12. At this time, the feature information of one user may be distributed to a plurality of buckets.
  • a user who uses the information system is a true user (actor). It has an authentication function that checks whether a user is authorized to access the system or a user who has impersonated a true user, and takes appropriate action as a result. In this case, it is more effective to check whether the user is a continuous true user.
  • the present invention employs a configuration in which the information system learns the decision logic from the user's behavior patterns (user's characteristic information) without the system administrator directly modifying the configuration of the authentication decision logic. I do.
  • the correct decision logic detects whether an unauthorized user has entered the information system.
  • the action decision logic is to take prescribed measures for suspected fraudulent users and to take defense measures against information systems.
  • the action decision logic draws conclusions in accordance with the detection content of the authentication decision logic.
  • the living body discriminates between the self and the non-self, and attacks the non-self to eliminate it from the body.
  • This self-discrimination is not innately incorporated as genetic information, but achieves its function by the cognitive cells taking various configurations in a combinatorial manner by trial and error. That is, the ability of the living body to discriminate is acquired through learning.
  • learning is performed in the same manner as in the immune action of a living body. The specific authentication decision logic and learning method are described below.
  • the behavior pattern and physiological characteristics of the user are regarded as antigens in the immune system of the living body.
  • the characteristic information is represented by bi (t) (bi (t): characteristic information representing the behavior pattern indicated by the user i (ie I) at time t, including time-series information).
  • “to” is the time when the operation of the information system starts, and the input here includes information that is input to the information system without the user's awareness.
  • a discriminant function P (b, w) which indicates the likelihood that the feature information currently measured is a true user, and an authentication decision is made using this.
  • the function value of this discriminant function indicates the degree of belonging, but may take two values, the degree of belonging and the degree of non-belonging.
  • b is feature information
  • w is a discrimination parameter.
  • the discrimination parameter w j uniquely identifies the user, and thus corresponds to the antibody of the immune system.
  • the immune system has a kind of learning logic that generates antibodies that react specifically to antigens that have entered the body.
  • the following configuration is adopted to provide the same learning logic.
  • the learning index L (i, P, B) is defined. This is a function for estimating the discrimination parameter wi for the user i based on the accumulation B of the feature information. That is, the discriminant parameter that minimizes the learning index L (i, P, B) is used as the estimated value. In some cases, it may be convenient to estimate the discriminant parameters recursively. For this, the learning index Also needs to be expressed recursively, but this expression takes the form L * (i, wi 0, P, B). In other words, the discrimination parameter wi for the user i is estimated from the initial estimated value wi0.
  • the discrimination parameter wi (t) for identifying the user i at the time t using this index can be expressed as follows.
  • arg min (w) ⁇ means the term that minimizes ⁇ by focusing on the variable w. It is necessary to grasp the degree of progress of the estimation of the discriminant parameter, and this uses a learning index value defined as follows.
  • mi (t) learning index value (2 min (x) ⁇ L (i, P (bi ,, w), bi, GBi '(t) for all i') ⁇ or min (x) ⁇ L * ( i, wiO, P (bi ', w), bi'eBi' (t) for all i ') ⁇
  • the learning method in the present invention in consideration of the above is as follows.
  • the method of learning has the effect of being more compatible with real phenomena than conventional statistical or rule-based methods.
  • the learning index is the square of the output error
  • the backpropagation is based on the logic of parameter estimation using recursive expressions. Can be considered.
  • the discriminant parameter corresponds to the parameter that defines the degree of conformity included in the rule. In this case, learning based on the learning index corresponds to optimizing the fitness parameter, and the index may be the square of the output error.
  • the fuzzy rule base is useful when you have some knowledge about what combination of feature information should be used to authenticate an individual. You. Neural networks, on the other hand, are useful when there is no such foresight.
  • Equations (1) and (1) 'above include a minimization operation, but when selecting various combinations of feature information, it is more effective to use a genetic algorithm including random search as this operation. It is a target. This adoption does not cause any problem, regardless of whether the discriminant function is composed of a neural network or a force S or a fuzzy rule base.
  • the feature information is the information that the information system needs to hold in order to compare it with the input feature information. For this reason, it is essential to compress the data.
  • the certain time may be determined in advance. Also, it may be changed for each user. When changing for each user, it is determined based on the access frequency of each user.
  • the repetitive authentication means 122 constructs an authentication logic from the input feature information. This is called initial learning. This means that the decision parameter is continuously learned from the accumulated data until the learning index value mi (t) reaches a certain threshold value mi0. This process can be expressed as follows.
  • wi (t) arg min (w) ⁇ L (i, P (bi ', w)
  • bi'EBi' (t) for all i ') ⁇ & nd (t) rain (w) ⁇ L ( i, P (bi ,, w)! bi'eBi '(t) for all i') otherwise do nothing (accumulation of data)... (2)
  • the learning index value is set to an appropriate value at the initial time, and learning is repeated until the target index value miO is reached at subsequent times.
  • a recursive learning index may be used.
  • authentication starts (without initial learning if the user accesses the information system for the second time or later).
  • the likelihood that the user called user i is user j is calculated as follows.
  • null null for all i, j... (3)
  • null means that learning of the judgment parameter has not been completed and the judgment is retained.
  • wi (t) arg min (w) ⁇ L * (i, wi (t,), P (bi ', w)! bi'e Bi, (t', t) for all i ') ⁇
  • & mi (t) min (w) ⁇ L * (i, wi (t '), P (bi', w)
  • represents the concentration of the set.
  • a predetermined range R (n) is compared with the discrimination result, and an appropriate action is issued. Specifically, it is as follows. Depending on the situation, an integral evaluation with a forgetting factor for the IF part and a forgetting factor adjustment in an emergency are also performed.
  • Action number 2 n n 1, N... (5)
  • the main action decision rules are as follows.
  • the emergency system is "Inform the system administrator of the information system.” Examples include “restrict the use of system resources desired by the user”, “increase the density of the system use log of the user”, “warn the user”, and “prompt the user for input of characteristic information”.
  • the distributed computer has the configuration shown in Fig. 2.
  • Each repetition authentication means 1 2 2 operates in cooperation with each other.
  • the following operation model is assumed as an information system.
  • (1) There are a plurality of information processing mechanisms 12, and each information processing mechanism is provided with a repetitive authentication means 122 having an authentication function.
  • (2) The user walks across these information processing mechanisms 12.
  • (3) The repetitive authentication means 122 of each information processing mechanism 122 can observe the characteristic information only when the user visits the resource managing the information processing mechanism 122.
  • the following points should be noted in such a distributed computer system.
  • (1) The quality of certification should be improved for the information system as a whole (minimize type 1 and type 2 errors). 2 However, the observation data If all the data is exchanged, the burden on the network will increase.
  • the information processing mechanism 1 or 2 may be stopped for maintenance or may be newly added to the system. However, it is desirable that the quality of authentication performed by each information processing system 12 be as uniform as possible. Or, it is desirable to be gradually homogeneous.
  • Bi! k (t) accumulation of feature information input by user i (iei) to information processing mechanism k (keK) by time t (bi! k (s)! s ⁇ t)
  • the operation on the receiving side is as follows. In other words, if the estimated parameters are received before learning, learning is attempted using this as the initial value. At the end of learning, data is received and additional learning is performed. In addition, it is also possible to receive data when not learning and to try the initial learning together with the data that had been obtained up to that point. Specifically, this procedure is as follows.
  • wi! k '(t) arg min (w) ⁇ L * (i, wi! k (t), P (bi', w)! bi'e Bi '! k' (t) for all i,) ⁇
  • each information processing mechanism 12 of the distributed computer system as shown in FIG. 2 are based on the discrimination parameters acquired by each information processing mechanism 12 by the dispersion emphasis learning logic described above. You can do it. In this case, it may be more appropriate for the information processing mechanisms 12 to issue actions that interfere with each other.
  • a certain information processing mechanism detects the presence of a user with low legitimacy. In such a case, it is more secure to notify other information processing mechanisms than to simply keep the action within the scope of its own information processing mechanism. If such a report is received from another information processing mechanism, the information processing mechanism shall take appropriate measures according to the report. Countermeasures include prohibiting access to the reported user.
  • the action determination rule described in equation (5) is a rule having a discriminant function value with a high learning index value (a criterion is set in advance, and a higher learning index value is used. Are merged to obtain the discrimination result, and this result is linked to an action decision.
  • Figure 3 summarizes the overall operation of the access management described above.
  • the user applies for the use of the information system according to a predetermined procedure.
  • the information processing mechanism 12 learns the user's propensity (information for identifying the user)
  • the information processing mechanism 12 permits use of limited resources of the information processing mechanism 12 itself. For example, use is limited to public resources that have no problem if released to all humans.
  • the information processing mechanism 12 learns the user's propensity, it releases the use of resources. There is also a configuration in which the utilization of this resource is released in multiple stages by the user.
  • the information processing mechanism authenticates the user's legitimacy and limits the scope of releasing resources as necessary. Here, the authentication of the user's validity may be performed continuously. Industrial applicability
  • a person (user) accessing the information system is monitored at the level of its operation characteristics, so that an unauthorized act in the information system can be suppressed. Further, since the access management method of the present invention can be performed in a distributed and cooperative manner, it is very resilient to unauthorized attacks and unexpected partial failures of information systems.
  • the present invention is suitable for stable management of information systems.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)
  • Storage Device Security (AREA)

Abstract

Cette invention concerne un procédé permettant de dévoiler l'utilisation frauduleuse qu'un usager fait d'un système informatique et de retirer à cet utilisateur son droit d'accès pour un usage régulier. L'authentification de l'utilisateur, qui est exécutée de manière répétitive au cours d'une session, utilise les caractéristiques physiologiques de l'utilisateur et les habitudes de ce dernier lorsqu'il travaille à un terminal et écrit un programme. Cette authentification est exécutée automatiquement au moyen d'un procédé d'apprentissage et elle est susceptible de suivre dans le temps un changement fréquent d'utilisateurs tout comme des changements d'habitude d'un utilisateur. Le droit d'accès d'un utilisateur est limité ou rapporté au contrôleur du système en accord avec le degré de qualification de l'utilisateur résultant de la certification. Ce procédé permet d'améliorer la sécurité du système informatique en comparaison du procédé classique n'utilisant que des mots de passe. En outre, le contrôleur du système peut surveiller, une par une, les actions d'un utilisateur, assurer la sécurité et faire fonctionner le système sans analyser l'utilisateur qui s'est révélé frauduleux.
PCT/JP1996/000424 1996-02-23 1996-02-23 Procede de gestion des acces a un systeme informatique WO1997031317A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP1996/000424 WO1997031317A1 (fr) 1996-02-23 1996-02-23 Procede de gestion des acces a un systeme informatique

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP1996/000424 WO1997031317A1 (fr) 1996-02-23 1996-02-23 Procede de gestion des acces a un systeme informatique

Publications (1)

Publication Number Publication Date
WO1997031317A1 true WO1997031317A1 (fr) 1997-08-28

Family

ID=14152957

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP1996/000424 WO1997031317A1 (fr) 1996-02-23 1996-02-23 Procede de gestion des acces a un systeme informatique

Country Status (1)

Country Link
WO (1) WO1997031317A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003526851A (ja) * 2000-01-19 2003-09-09 スキーデータ・アクチエンゲゼルシャフト 利用権承認・付与コントロール装置
JP2005012295A (ja) * 2003-06-17 2005-01-13 Aruze Corp 情報管理システム
JP2005020310A (ja) * 2003-06-25 2005-01-20 Aruze Corp 情報管理システム
JP2005020309A (ja) * 2003-06-25 2005-01-20 Aruze Corp 情報管理システム
GB2413425A (en) * 2004-04-23 2005-10-26 Hewlett Packard Development Co Biometric analysis method
JP2006260603A (ja) * 2006-06-14 2006-09-28 Swisscom Mobile Ag 人物を認証する方法、システムおよび装置
US7472282B1 (en) 1998-10-23 2008-12-30 Fujitsu, Ltd. Illegal access discriminating apparatus and method
JP2009080561A (ja) * 2007-09-25 2009-04-16 Sky Kk 外部装置管理システム
JP2010061254A (ja) * 2008-09-02 2010-03-18 Yahoo Japan Corp 行動履歴分析方法、装置及びプログラム
JP2012212300A (ja) * 2011-03-31 2012-11-01 Casio Comput Co Ltd ユーザ識別装置及びプログラム
JP2015228231A (ja) * 2015-07-10 2015-12-17 カシオ計算機株式会社 ユーザ認証装置及びプログラム

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04311266A (ja) * 1991-04-10 1992-11-04 Hitachi Ltd 利用者照合システムおよび病院情報システム
JPH04342055A (ja) * 1991-05-20 1992-11-27 Nec Corp 複数コンピュータシステムの利用者認証方法
JPH05257961A (ja) * 1992-03-16 1993-10-08 Hitachi Ltd セキュリティ保護装置
JPH05274269A (ja) * 1991-11-18 1993-10-22 Internatl Business Mach Corp <Ibm> コンピュータ・システムにおけるアクセスの正当性検証のための方法及びシステム
JPH05324805A (ja) * 1992-05-21 1993-12-10 Omron Corp パターン認識装置及び個人照合装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04311266A (ja) * 1991-04-10 1992-11-04 Hitachi Ltd 利用者照合システムおよび病院情報システム
JPH04342055A (ja) * 1991-05-20 1992-11-27 Nec Corp 複数コンピュータシステムの利用者認証方法
JPH05274269A (ja) * 1991-11-18 1993-10-22 Internatl Business Mach Corp <Ibm> コンピュータ・システムにおけるアクセスの正当性検証のための方法及びシステム
JPH05257961A (ja) * 1992-03-16 1993-10-08 Hitachi Ltd セキュリティ保護装置
JPH05324805A (ja) * 1992-05-21 1993-12-10 Omron Corp パターン認識装置及び個人照合装置

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7472282B1 (en) 1998-10-23 2008-12-30 Fujitsu, Ltd. Illegal access discriminating apparatus and method
JP2003526851A (ja) * 2000-01-19 2003-09-09 スキーデータ・アクチエンゲゼルシャフト 利用権承認・付与コントロール装置
JP2005012295A (ja) * 2003-06-17 2005-01-13 Aruze Corp 情報管理システム
JP2005020310A (ja) * 2003-06-25 2005-01-20 Aruze Corp 情報管理システム
JP2005020309A (ja) * 2003-06-25 2005-01-20 Aruze Corp 情報管理システム
GB2413425A (en) * 2004-04-23 2005-10-26 Hewlett Packard Development Co Biometric analysis method
GB2413425B (en) * 2004-04-23 2008-04-09 Hewlett Packard Development Co Biometric analysis system, methods, apparatus and software using biometric analysis
JP2006260603A (ja) * 2006-06-14 2006-09-28 Swisscom Mobile Ag 人物を認証する方法、システムおよび装置
JP2009080561A (ja) * 2007-09-25 2009-04-16 Sky Kk 外部装置管理システム
JP2010061254A (ja) * 2008-09-02 2010-03-18 Yahoo Japan Corp 行動履歴分析方法、装置及びプログラム
JP2012212300A (ja) * 2011-03-31 2012-11-01 Casio Comput Co Ltd ユーザ識別装置及びプログラム
JP2015228231A (ja) * 2015-07-10 2015-12-17 カシオ計算機株式会社 ユーザ認証装置及びプログラム

Similar Documents

Publication Publication Date Title
US7404086B2 (en) Method and apparatus for biometric authentication
US6167517A (en) Trusted biometric client authentication
EP2069993B1 (fr) Système et procédé de sécurité pour la détection d&#39;une intrusion dans un système informatisé
US20210084062A1 (en) Method and Apparatus for Network Fraud Detection and Remediation Through Analytics
US20070241861A1 (en) Methods and systems for secured access to devices and systems
US20110314549A1 (en) Method and apparatus for periodic context-aware authentication
Mudholkar et al. Biometrics authentication technique for intrusion detection systems using fingerprint recognition
CN110211267A (zh) 室内开门控制方法、权限的配置方法、装置和存储介质
EP2175426A2 (fr) Système de sécurité, procédé de sécurité et support d&#39;enregistrement stockant un programme de sécurité
Dowland et al. Keystroke analysis as a method of advanced user authentication and response
CN112613020A (zh) 一种身份验证方法及装置
JP4120997B2 (ja) 不正アクセス判断装置及び方法
WO1997031317A1 (fr) Procede de gestion des acces a un systeme informatique
CN114374531B (zh) 访问行为控制方法、装置、计算机设备和存储介质
CN118349979B (zh) 一种应用于智慧医疗的用户信息安全处理控制系统
CN112615828A (zh) 一种基于云计算网络的知识产权运营系统及智能授权方法
CN112199700A (zh) 一种mes数据系统的安全管理方法及系统
Covington et al. Parameterized authentication
Iyapparaja et al. Enhancing user authentication through keystroke dynamics analysis using isolation forest algorithm
López et al. CGAPP: A continuous group authentication privacy-preserving platform for industrial scene
CN115374411A (zh) 系统访问权限处理方法、装置、计算机设备及存储介质
CN115168830A (zh) 一种检测用户登录环境的登录方法及登录装置
CN113923036A (zh) 一种持续免疫安全系统的区块链信息管理方法及装置
CN113411339A (zh) 基于零因子图序列的密码文件泄露的检测方法
CN118172849B (zh) 一种防止技术开锁的智能锁及防技术开锁方法

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载