TERMINAL AUTHENTICATION AND REGISTRATION SYSTEM, METHOD FOR AUTHENTICATING AND REGISTERING TERMINAL, AND STORAGE MEDIUM

摘要

The present invention performs authentication and registration of a user and a terminal in a remote desktop system. A user authentication unit of a remote PC determines whether to permit a user to log in the PC. A terminal information transmission unit of a terminal reads terminal information and transmits the terminal information to the remote PC. A connection permission determination unit determines whether to permit a remote desktop connection between the terminal and the PC, by referring to a white list. When the RD connection is not permitted, a request information generation unit generates request information for requesting to register combination of user information, the terminal information, and computer information. A request information transmission unit transmits the generated request information to a terminal registration device. A registration unit determines, whether to register the combination.

主权项

1. A terminal authentication and registration system comprising:
a destination computer capable of authenticating a remote desktop connection by a terminal of a user; and a terminal registration apparatus configured to register the remote desktop connection between the terminal and the destination computer, the destination computer comprising: a user information acquisition unit configured to acquire user information identifying the user; a user authentication unit configured to determine whether or not to permit the user indicated by the user information to log in to the destination computer, with reference to authentication information indicating a user permitted to log in to the destination computer; a terminal information acquisition unit configured to acquire terminal information identifying the terminal, from the terminal; a first white-list storage unit configured to store a white list, in which a combination of the user, the terminal, and the destination computer, for which a remote desktop connection is permitted, is registered, a connection permission determination unit configured to determine, when the user authentication unit determines to permit the user indicated by the user information to log in to the destination computer, whether or not to permit a remote desktop connection between the terminal indicated by the terminal information and the destination computer by the user indicated by the user information, with reference to the white list; a request information generation unit configured to generate, when the connection permission determination unit determines not to permit the remote desktop connection, request information to be used for requesting to register the combination of the user, the terminal, and the destination computer to the white list, on the basis of the user information, the terminal information, and computer information identifying the destination computer; and a request information transmission unit configured to transmit the request information generated by the request information generation unit, to the terminal registration apparatus, the terminal registration apparatus comprising: a second white-list storage unit to store the white list; a condition information storage unit to store condition information indicating a condition for determining whether or not to register the combination of the user, the terminal, and the destination computer to the white list; a request information reception unit configured to receive the request information from the destination computer; a registration unit configured to determine whether or not to register the combination of the user, the terminal, and the destination computer to the white list, with reference to the condition information, on the basis of the request information received by the request information reception unit, and to update, when determining to register the combination, the white list by registering the combination of the user, the terminal, and the destination computer to the white list; and a permission information transmission unit configured to transmit, when the registration unit determines to register the combination, the updated white list to the destination computer, and to transmit, when the registration unit determines not to register the combination, error information indicating that the registration is not permitted, to the destination computer, the destination computer further comprising: a permission information reception unit configured to receive the error information and the updated white list from the terminal registration apparatus and to store the updated white list in the first white-list storage unit; and an error information output unit configured to output the error information received by the permission information reception unit.