| 发明名称 |
APPARATUS, METHOD, AND PROGRAM FOR VALIDATING USER |
| 摘要 |
User validation accuracy is improved without inconveniencing a user. When an authentication request packet is received from a terminal and the authentication is successful based on a user ID and a password, an HTTP header, user-agent information, and access source IP address are extracted from the packet, and user authentication is performed by verifying the IP address and the user-agent information against usage history information where at most two sets of the IP address and the user-agent information extracted from the authentication request packet which is received from the same user previously are registered. When the set of the IP address and the UA information corresponding to the new extracted IP address and the new extracted UA information is registered in the usage history information, the authentication is successful, and the usage history information is overwritten with the new IP address and the new UA information. |
| 申请公布号 |
US2015026789(A1) |
申请公布日期 |
2015.01.22 |
| 申请号 |
US201414510427 |
申请日期 |
2014.10.09 |
| 申请人 |
THE BANK OF TOKYO-MITSUBISHI UFJ, LTD. |
发明人 |
KATO Takaya |
| 分类号 |
H04L29/06;G06F17/30 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A user validation apparatus comprising:
a storage unit; an extraction unit configured to extract user-agent information and an access source internet protocol (IP) address in an HTTP header of a packet received from a terminal device by applying HTTP as a protocol of an application layer; an information management unit configured to store the user-agent information and IP address extracted by the extraction unit from the packet received from the terminal device operated by an individual user, in the storage unit so as to correspond to user identification information of the individual user; a determination unit configured to determine that a user operating a given terminal device is a conditionally valid user, when: (a) the user-agent information extracted by the extraction unit corresponds to each of two sets of user-agent information stored as usage history information in the storage unit, but the extracted IP address does not correspond to either of two IP addresses stored as usage history information in the storage unit, or (b) the extracted IP address corresponds to each of the two stored IP addresses, but the extracted user-agent information does not correspond to either of the two stored sets of user-agent information; and a re-authentication unit configured to request re-authentication through a web page to the terminal device, when the determination unit determines that the user is the conditionally valid user. |
| 地址 |
Tokyo JP |
