AUTHENTICATION SERVER APPARATUS, AUTHENTICATION SERVER APPARATUS-USE PROGRAM AND AUTHENTICATION METHOD

US 20120144004A1
Filed: 03/29/2011
Published: 06/07/2012
Est. Priority Date: 03/29/2010
Status: Active Grant

First Claim

Patent Images

1. An authentication server apparatus that is connected to a terminal provided with a display unit through a network, the authentication server apparatus comprising:

an operation storage unit that associates and stores an operating instruction and operation information, the operating instruction including text information that instructs an operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and comprising content matching content of the corresponding operating instruction;

a session ID assigning unit that assigns a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation;

an operation instruction selecting unit that selects the operating instruction per session;

a page transmitting unit that transmits the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus;

a position information receiving unit that receives the position information from the terminal;

an associating unit that associates the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and

a determining unit that determines whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored in the operation storage unit, and the position information.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication server apparatus is capable of simply and accurately assessing whether a user terminal is being operated by a person. In the authentication server apparatus connected to the user terminal, operating instructions for instructing operation by an operator by using objects are associated with operation information and stored. A session ID is imparted for each session with the user terminal, operating instructions are selected for each session, a page provided with the selected operating instructions and the objects is generated, and position information is received corresponding to operations executed at the user terminal that has displayed the page. At authentication time, operating instructions using the session ID of the session are associated with position information received from the terminal, and using the stored operation information associated with the operating instruction that have been associated with the received position information, and the position information, an assessment is made of whether or not the operations were made by an operator.

Citations

11 Claims

1. An authentication server apparatus that is connected to a terminal provided with a display unit through a network, the authentication server apparatus comprising:
- an operation storage unit that associates and stores an operating instruction and operation information, the operating instruction including text information that instructs an operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and comprising content matching content of the corresponding operating instruction;
  
  a session ID assigning unit that assigns a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation;
  
  an operation instruction selecting unit that selects the operating instruction per session;
  
  a page transmitting unit that transmits the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus;
  
  a position information receiving unit that receives the position information from the terminal;
  
  an associating unit that associates the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and
  
  a determining unit that determines whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored in the operation storage unit, and the position information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 10, 11)
- - 2. The authentication server apparatus according to claim 1, wherein the operation is performed using a pointing device that is operated by the operator at the terminal.
  - 3. The authentication server apparatus according to claim 1, wherein:
    - the page transmitting unit transmits the page comprising a position information transmitting unit that transmits to the authentication server apparatus the position information indicating a position of an instruction indicator that can be moved by the operator, on the display unit, and plurality of objects that can be selected according to the instruction indicator;
      
      the authentication server apparatus further comprises;
      
      a position information storage unit that, every time the position information is received, stores the received position information per session ID and reception time; and
      
      a flag setting unit that, when the position information stored in the position information storing unit and position information stored at a time before the position information are different in the same session ID, sets a manual operation flag indicating that movement of the instruction indicator is operated by the operator of the terminal;
      
      wherein the determining unit determines whether or not the movement of the instruction indicator is operated by the operator, based on the manual operation flag, the operation information and the position information when receiving the authentication request.
  - 4. The authentication server apparatus according to claim 1, wherein:
    - the page transmitting unit transmits the page comprising a plurality of objects that can be selected and moved on the display unit by the operator and the position information transmitting unit that transmits to the authentication server apparatus the position information indicating a position of the object on the display unit;
      
      the authentication server apparatus comprises;
      
      a position information storage unit that, every time the position information is received, stores the received position information per session ID and reception time; and
      
      a flag setting unit that, when the position information stored in the position information storing unit and position information stored at a time before the position information are different in the same session ID, sets a manual operation flag indicating that movement of the object is operated by the operator of the terminal;
      
      wherein the determining unit determines whether or not the movement of the object is operated by the operator, based on the manual operation flag, the operation information and the position information when receiving the authentication request.
  - 5. The authentication server apparatus according to claim 3, whereinthe position information transmitting unit in the page does not transmit the position information at a point of time when the page is displayed in the terminal, and starts transmitting the position information when one arbitrary object of the plurality of objects is selected.
  - 6. The authentication server apparatus according to claim 3, further comprisinga flag returning unit that returns the manual operation flag to the terminal every time the position information is received, wherein, when the terminal transmits the position information, the page transmitting unit transmits the page further comprising a position information transmission stopping unit that stops transmitting the position information when the terminal receives the manual operation flag indicating that the operation is performed by the operator.
  - 7. The authentication server apparatus according to claim 6, wherein,when the terminal transmits the position information and receives the manual operation flag indicating that the operation is performed by the operator, the page transmitting unit transmits the page further comprising an authentication request method display unit that displays on the display unit a request transmitting unit that transmits the authentication request to the authentication server apparatus.
  - 10. The authentication server apparatus according to claim 2, wherein:
    - the page transmitting unit transmits the page comprising a position information transmitting unit that transmits to the authentication server apparatus the position information indicating a position of an instruction indicator that can be moved by the operator, on the display unit, and plurality of objects that can be selected according to the instruction indicator;
      
      the authentication server apparatus further comprises;
      
      a position information storage unit that, every time the position information is received, stores the received position information per session ID and reception time; and
      
      a flag setting unit that, when the position information stored in the position information storing unit and position information stored at a time before the position information are different in the same session ID, sets a manual operation flag indicating that movement of the instruction indicator is operated by the operator of the terminal;
      
      wherein the determining unit determines whether or not the movement of the instruction indicator is operated by the operator, based on the manual operation flag, the operation information and the position information when receiving the authentication request.
  - 11. The authentication server apparatus according to claim 2, wherein:
    - the page transmitting unit transmits the page comprising a plurality of objects that can be selected and moved on the display unit by the operator and the position information transmitting unit that transmits to the authentication server apparatus the position information indicating a position of the object on the display unit;
      
      the authentication server apparatus comprises;
      
      a position information storage unit that, every time the position information is received, stores the received position information per session ID and reception time; and
      
      a flag setting unit that, when the position information stored in the position information storing unit and position information stored at a time before the position information are different in the same session ID, sets a manual operation flag indicating that movement of the object is operated by the operator of the terminal;
      
      wherein the determining unit determines whether or not the movement of the object is operated by the operator, based on the manual operation flag, the operation information and the position information when receiving the authentication request.

8. A non-transitory recording medium which records a program for an authentication server apparatus causing a computer that is connected to a terminal comprising a display unit, through a network and that is included in the authentication server apparatus to function as:
- an operation storage unit that associates and stores an operating instruction and operation information, the operating instruction including text information that instructs the operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and that comprises content matching content of the corresponding operating instruction;
  
  a session ID assigning unit that assigns a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation;
  
  an operation instruction selecting unit that selects the operating instruction per session;
  
  a page transmitting unit that transmits the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus;
  
  a position information receiving unit that receives the position information from the terminal;
  
  an associating unit that associates the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and
  
  a determining unit that determines whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored in the operation storage unit, and the position information.

9. An authentication method executed in an authentication server apparatus that is connected to a terminal comprising a display unit, through a network, the authentication server method comprising:
- an operation storing step of associating and storing an operating instruction and operation information, the operating instruction including text information that instructs the operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and that comprises content matching content of the corresponding operating instruction;
  
  a session ID assigning step of assigning a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation;
  
  an operation instruction selecting step of selecting the operating instruction per session;
  
  a page transmitting step of transmitting the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus;
  
  a position information receiving step of receiving the position information from the terminal;
  
  an associating step of associating the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and
  
  a determining step of determining whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored, and the position information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Rakuten Group, Inc.
Original Assignee
Rakuten, Inc. (Rakuten Group, Inc.)
Inventors
Takami, Shinya

Granted Patent

US 9,348,986 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/220
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 21/32   using biometric data, e.g. ...

G06F 21/36   by graphic or iconic repres...

G06F 2221/2133   Verifying human interaction...

H04L 63/08   for authentication of entit...

H04L 9/32   including means for verifyi...

AUTHENTICATION SERVER APPARATUS, AUTHENTICATION SERVER APPARATUS-USE PROGRAM AND AUTHENTICATION METHOD

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

AUTHENTICATION SERVER APPARATUS, AUTHENTICATION SERVER APPARATUS-USE PROGRAM AND AUTHENTICATION METHOD

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links