AUTHENTICATION SERVER APPARATUS, AUTHENTICATION SERVER APPARATUS-USE PROGRAM AND AUTHENTICATION METHOD
First Claim
1. An authentication server apparatus that is connected to a terminal provided with a display unit through a network, the authentication server apparatus comprising:
- an operation storage unit that associates and stores an operating instruction and operation information, the operating instruction including text information that instructs an operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and comprising content matching content of the corresponding operating instruction;
a session ID assigning unit that assigns a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation;
an operation instruction selecting unit that selects the operating instruction per session;
a page transmitting unit that transmits the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus;
a position information receiving unit that receives the position information from the terminal;
an associating unit that associates the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and
a determining unit that determines whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored in the operation storage unit, and the position information.
4 Assignments
0 Petitions
Accused Products
Abstract
An authentication server apparatus is capable of simply and accurately assessing whether a user terminal is being operated by a person. In the authentication server apparatus connected to the user terminal, operating instructions for instructing operation by an operator by using objects are associated with operation information and stored. A session ID is imparted for each session with the user terminal, operating instructions are selected for each session, a page provided with the selected operating instructions and the objects is generated, and position information is received corresponding to operations executed at the user terminal that has displayed the page. At authentication time, operating instructions using the session ID of the session are associated with position information received from the terminal, and using the stored operation information associated with the operating instruction that have been associated with the received position information, and the position information, an assessment is made of whether or not the operations were made by an operator.
-
Citations
11 Claims
-
1. An authentication server apparatus that is connected to a terminal provided with a display unit through a network, the authentication server apparatus comprising:
-
an operation storage unit that associates and stores an operating instruction and operation information, the operating instruction including text information that instructs an operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and comprising content matching content of the corresponding operating instruction; a session ID assigning unit that assigns a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation; an operation instruction selecting unit that selects the operating instruction per session; a page transmitting unit that transmits the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus; a position information receiving unit that receives the position information from the terminal; an associating unit that associates the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and a determining unit that determines whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored in the operation storage unit, and the position information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 10, 11)
-
-
8. A non-transitory recording medium which records a program for an authentication server apparatus causing a computer that is connected to a terminal comprising a display unit, through a network and that is included in the authentication server apparatus to function as:
-
an operation storage unit that associates and stores an operating instruction and operation information, the operating instruction including text information that instructs the operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and that comprises content matching content of the corresponding operating instruction; a session ID assigning unit that assigns a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation; an operation instruction selecting unit that selects the operating instruction per session; a page transmitting unit that transmits the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus; a position information receiving unit that receives the position information from the terminal; an associating unit that associates the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and a determining unit that determines whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored in the operation storage unit, and the position information.
-
-
9. An authentication method executed in an authentication server apparatus that is connected to a terminal comprising a display unit, through a network, the authentication server method comprising:
-
an operation storing step of associating and storing an operating instruction and operation information, the operating instruction including text information that instructs the operator of the terminal to perform an operation on the display unit, the operation information including a position on the display unit matching the operation and that comprises content matching content of the corresponding operating instruction; a session ID assigning step of assigning a session ID per session with respect to the terminal that displays a page comprising the operating instruction and an object displayed on the display unit for the operation; an operation instruction selecting step of selecting the operating instruction per session; a page transmitting step of transmitting the page comprising the selected operating instruction, the object displayed on the display unit for the operation matching the operating instruction, the session ID and a position information transmitting unit that transmits position information indicating a position matching the operation executed in the terminal that displays the page, to the authentication server apparatus; a position information receiving step of receiving the position information from the terminal; an associating step of associating the operating instruction provided in the page displayed in the session and the position information received from the terminal in the session, based on the session ID included in an authentication request received from the terminal that displays the page; and a determining step of determining whether or not the operation is performed by the operator based on the operation information associated with the operating instruction associated with the position information and stored, and the position information.
-
Specification