Apparatus, Method, and Program for Validating User
First Claim
1. A user validation apparatus comprising:
- an extraction unit which extracts user-agent information set in an HTTP header of a packet received from a terminal device by applying HTTP as a protocol of an application layer;
an information management unit which stores the user-agent information extracted by the extraction unit from the packet received from the terminal device, which is operated by an individual user, in a storage unit so as to correspond to user identification information of the individual user; and
a determination unit which determines whether or not a user operating a given terminal device is a valid user by verifying user-agent information extracted by the extraction unit from a packet received from the given terminal device, against user-agent information stored in the storage unit so as to correspond to user identification information of the user operating the given terminal device.
1 Assignment
0 Petitions
Accused Products
Abstract
Accuracy of user validation is improved without reducing user'"'"'s convenience. When a authentication request packet is received from a terminal, when the authentication is successful based on a user ID and a password (affirmative in 34), an HTTP header and user-agent (UA) information are extracted from the packet and an access source IP address is also extracted (36), and user authentication is performed by verifying the access source IP address and the UA information against usage history information (38, 44, and 46) where at most two sets of the IP address and the UA information extracted from the authentication request packet which is received from the same user previously are registered. When the set of the IP address and the UA information corresponding to the new extracted IP address and the new extracted UA information is registered in the usage history information, it is determined that the authentication is successful, and the usage history information is overwritten with the new IP address and the new UA information (52, 54, 60, and 62).
53 Citations
13 Claims
-
1. A user validation apparatus comprising:
-
an extraction unit which extracts user-agent information set in an HTTP header of a packet received from a terminal device by applying HTTP as a protocol of an application layer; an information management unit which stores the user-agent information extracted by the extraction unit from the packet received from the terminal device, which is operated by an individual user, in a storage unit so as to correspond to user identification information of the individual user; and a determination unit which determines whether or not a user operating a given terminal device is a valid user by verifying user-agent information extracted by the extraction unit from a packet received from the given terminal device, against user-agent information stored in the storage unit so as to correspond to user identification information of the user operating the given terminal device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A user validation method comprising:
-
extracting user-agent information set in an HTTP header of a packet received from a terminal device operated by an individual user by applying HTTP as a protocol of an application layer, and storing the extracted user-agent information in a storage unit so as to correspond to user identification information of the individual user; and extracting user-agent information set in an HTTP header of a packet received from a given terminal device by applying HTTP as the protocol of the application layer, and determining whether or not a user operating the given terminal device is a valid user by verifying the extracted user-agent information against user-agent information stored in the storage unit so as to correspond to user identification information of the user operating the given terminal device.
-
-
13. A user validation program which causes a computer comprising a storage unit to act as:
-
an extraction unit which extracts user-agent information set in an HTTP header of a packet received from a terminal device by applying HTTP as a protocol of an application layer; an information management unit which stores the user-agent information extracted by the extraction unit from the packet received from the terminal device, which is operated by an individual user, in a storage unit so as to correspond to user identification information of the individual user; and a determination unit which determines whether or not a user operating a given terminal device is a valid user by verifying user-agent information extracted by the extraction unit from a packet received from the given terminal device against user-agent information which is stored in the storage unit so as to correspond to user identification information of the user operating the given terminal device.
-
Specification