A SERVER ACCESS CONTROL SYSTEM BY PERIODIC AUTHENTIFICATION OF THE SMART CARD

摘要

The present invention relates to a server access control system through a periodic authentication of a smart card which blocks an illegal file access or a process close action based on authority information gained through the periodic authentication of a smart card, and automatically closes important processes generated by a user after completing a work. The system of the present invention comprises: an interface portion for generating and activating a login process, accepting a command after login, and generating an application process; an authentication process portion executed in an application class of an operating system, carrying out the authentication for the user using authentication information stored in the smart card, and generating authentication authority information of the user; an authentication state examination portion executed in the application class of the operating system, and periodically examining whether the authentication information of the smart card is valid; an authentication authority management portion configured in a security kernel of the operating system, and receiving and storing the authentication authority information of the user from the authentication process portion; a session management portion configured in the security kernel of the operating system, and if the application process is generated, setting the same as the authentication authority information of the application process; and an access control portion configured in the security kernel of the operating system, and determining whether accepting or not, by referencing the authentication authority information of the application process, if the application process requests a system resource of the operating system. According to the system, by checking a work performance authority as periodically requiring a reauthentication for the process carrying out an important work, the present invention can solve a weak point which may be generated when unlimitedly using the authority once given when certifying the login.