CONFIDENTIAL INFORMATION LEAKAGE PREVENTION SYSTEM, CONFIDENTIAL INFORMATION LEAKAGE PREVENTION METHOD, AND CONFIDENTIAL INFORMATION LEAKAGE PREVENTION PROGRAM

US 20120291106A1
Filed: 06/12/2010
Published: 11/15/2012
Est. Priority Date: 01/19/2010
Status: Abandoned Application

First Claim

Patent Images

1. A confidential information leakage prevention system in which a client and a server are configured to be capable of communicating with each other via a network,wherein the client includes:

a network access control unit for controlling a network access request sent from an application program to the server, based on a security level assigned to the application program; and

a first authentication unit for executing authentication processing of authenticating, with the server, that the network access control unit is installed, andwherein the server includes;

a second authentication unit for executing the authentication processing with the client, and permitting the network access request sent from the client when the authentication processing is successful.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a confidential information leakage prevention system in which a client 100 and a server 200 are configured to be capable of communicating with each other via a network, wherein the client 100 includes network access control unit 106 for controlling a network access request sent from an application program to the server 200, based on a security level assigned to this application program, and first authentication unit 107 for executing authentication processing of authenticating, with the server 200, that the network access control unit 106 is installed, and wherein the server 200 includes second authentication unit 202 for executing the authentication processing with the client 100, and permitting the network access request sent from the client when the authentication processing is successful.

55 Citations

View as Search Results

7 Claims

1. A confidential information leakage prevention system in which a client and a server are configured to be capable of communicating with each other via a network,wherein the client includes:
- a network access control unit for controlling a network access request sent from an application program to the server, based on a security level assigned to the application program; and
  
  a first authentication unit for executing authentication processing of authenticating, with the server, that the network access control unit is installed, andwherein the server includes;
  
  a second authentication unit for executing the authentication processing with the client, and permitting the network access request sent from the client when the authentication processing is successful.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The confidential information leakage prevention system according to claim 1,wherein the first authentication unit executes the authentication processing with the second authentication unit by using a key retained by the network access control unit.
  - 3. The confidential information leakage prevention system according to claim 1,wherein the first authentication unit includes:
    - a first sending unit for sending, to the server, a first challenge code generated by using a first random number;
      
      a first reception unit for receiving a first response code based on the first challenge code, and a second challenge code, that have been sent from the server;
      
      a first response code generation unit for generating a first response code based on a first key retained by the network access control unit and the generated first challenge code;
      
      a first determination unit for determining whether a first response code received by the first reception unit and a first response code generated by the first response code generation unit coincide with each other; and
      
      a second sending unit for sending, to the server, a second response code generated from the second challenge code received by the first reception unit when the determination result by the first determination unit is positive, andwherein the second authentication unit includes;
      
      a third sending unit for sending, to the client, a first response code generated by using a second key retained by the second authentication unit from a first challenge code sent from the client, and a second challenge code generated by using a second random number;
      
      a second reception unit for receiving a second response code based on the second challenge code sent from the client;
      
      a second response code generation unit for generating a second response code based on the second key and the generated second challenge code; and
      
      a second determination unit for determining whether a second response code sent from the client and a second response code generated by the second response code generation unit coincide with each other, and determining the authentication processing to be successful when the determination result is positive.
  - 4. The confidential information leakage prevention system according to claim 1,wherein the first authentication unit executes the authentication processing with the server on the condition that the network access control unit is operating.
  - 5. The confidential information leakage prevention system according to claim 4,wherein the first authentication unit acquires an undergoing process list from an operating system to confirm whether the network access control unit is included in the acquired process list, and thereby determines whether the network access control unit is operating.

6. A confidential information leakage prevention method in a confidential information leakage prevention system in which a client and a server are configured to be capable of communicating with each other via a network,wherein the client executes:
- a control step of controlling a network access request sent from an application program to the server, based on a security level assigned to the application program; and
  
  a first authentication step of executing authentication processing of authenticating, with the server, that a network access control program for executing the control step is installed, andwherein the server executes;
  
  a second authentication step of executing the authentication processing with the client; and
  
  a step of permitting the network access request sent from the client when the authentication processing is successful.

7. A program for causing a client, which is configured to be capable of communicating with a server via a network, to execute:
- a control step of controlling a network access request sent from an application program to the server, based on a security level assigned to the application program; and
  
  a first authentication step of executing authentication processing of authenticating, with the server, that a network access control program for executing the control step is installed, andcausing the server to execute;
  
  a second authentication step of executing the authentication processing with the client; and
  
  a step of permitting the network access request sent from the client when the authentication processing is successful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
Sasaki, Takayuki

Application Number

US13/522,898
Publication Number

US 20120291106A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/556   involving covert channels, ...

G06F 21/606   by securing the transmissio...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2129   Authenticate client device ...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

CONFIDENTIAL INFORMATION LEAKAGE PREVENTION SYSTEM, CONFIDENTIAL INFORMATION LEAKAGE PREVENTION METHOD, AND CONFIDENTIAL INFORMATION LEAKAGE PREVENTION PROGRAM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

55 Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

CONFIDENTIAL INFORMATION LEAKAGE PREVENTION SYSTEM, CONFIDENTIAL INFORMATION LEAKAGE PREVENTION METHOD, AND CONFIDENTIAL INFORMATION LEAKAGE PREVENTION PROGRAM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links