METHOD FOR CONTROLLING ACCESS TO INFORMATION SYSTEM

摘要

A method for disclosing a user making fraudulent use of an information system and excluding such a user from the regular use. User authentication is repeatedly performed during a session based on the user's physiological characters and habits when the user operates a terminal and writes a program. This authentication is automatically performed using a learning technique and can follow up frequent change of users and changes of user's habits with time. The access of a user is limited or reported to the system controller in accordance with the degree of qualification of the user obtained as a result of certification. The safety of the information system against fraudulent use can be improved as compared with the conventional method using passwords only. In addition, the system controller can monitor the action of the user one by one and safety control and operate the system without analyzing the disclosed unauthentic user.