APPARATUS, METHOD, AND PROGRAM FOR VALIDATING USER
First Claim
Patent Images
1. A user validation apparatus comprising:
- an extraction unit which extracts user-agent information in an HTTP header of a packet received from a terminal device by applying HTTP as a protocol of an application layer;
an information management unit which stores the user-agent information extracted by the extraction unit from the packet received from the terminal device, which is operated by an individual user, in a storage unit so as to correspond to user identification information of the individual user; and
a determination unit which determines whether or not a user operating a given terminal device is a conditionally valid user by verifying user-agent information extracted by the extraction unit from the packet received from the given terminal device against the user-agent information which are stored in the storage unit so as to correspond to user identification information of the user operating the given terminal device, and by determining whether or not the user-agent information extracted from the packet received from the given terminal device correspond to the user-agent information which is stored in the storage device, whereinfor the user-agent information extracted from the received packet, the determination unit determines whether or not the user-agent information extracted from the received packet corresponds to the user-agent information stored in the storage unit by determining whether or not the user-agent information extracted from the received packet is identical to the user-agent information stored in the storage unit, and when a plurality of set of the user-agent information of the user operating the given terminal device, the determination unit determines that only one of the user-agent information extract from the received packet corresponds to at least two user-agent information among the plurality of information stored in the storage unit; and
a re-authentication unit which requests re-authentication through a web page to the user operation the given terminal device, when the determination unit determines the user a conditionally valid user.
3 Assignments
0 Petitions
Accused Products
Abstract
User validation accuracy is improved without inconveniencing a user. When an authentication request packet is received from a terminal and the authentication is successful based on a user ID and a password, an HTTP header, user-agent information, and access source IP address are extracted from the packet, and user authentication is performed by verifying the IP address and the user-agent information against usage history information where at most two sets of the IP address and the user-agent information extracted from the authentication request packet which is received from the same user previously are registered. When the set of the IP address and the UA information corresponding to the new extracted IP address and the new extracted UA information is registered in the usage history information, the authentication is successful, and the usage history information is overwritten with the new IP address and the new UA information.
18 Citations
1 Claim
-
1. A user validation apparatus comprising:
-
an extraction unit which extracts user-agent information in an HTTP header of a packet received from a terminal device by applying HTTP as a protocol of an application layer; an information management unit which stores the user-agent information extracted by the extraction unit from the packet received from the terminal device, which is operated by an individual user, in a storage unit so as to correspond to user identification information of the individual user; and a determination unit which determines whether or not a user operating a given terminal device is a conditionally valid user by verifying user-agent information extracted by the extraction unit from the packet received from the given terminal device against the user-agent information which are stored in the storage unit so as to correspond to user identification information of the user operating the given terminal device, and by determining whether or not the user-agent information extracted from the packet received from the given terminal device correspond to the user-agent information which is stored in the storage device, wherein for the user-agent information extracted from the received packet, the determination unit determines whether or not the user-agent information extracted from the received packet corresponds to the user-agent information stored in the storage unit by determining whether or not the user-agent information extracted from the received packet is identical to the user-agent information stored in the storage unit, and when a plurality of set of the user-agent information of the user operating the given terminal device, the determination unit determines that only one of the user-agent information extract from the received packet corresponds to at least two user-agent information among the plurality of information stored in the storage unit; and a re-authentication unit which requests re-authentication through a web page to the user operation the given terminal device, when the determination unit determines the user a conditionally valid user.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeTakaya Kato
-
Original AssigneeBank of Tokyo-Mitsubishi UFJ Limited (Mitsubishi UFJ Financial Group Incorporated)
-
InventorsKATO, Takaya
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/3
-
CPC Class CodesG06F 16/13 File access structures, e.g...G06F 21/31 User authenticationG06F 21/34 involving the use of extern...G06F 2221/2101 Auditing as a secondary aspectG06F 2221/2111 Location-sensitive, e.g. ge...H04L 2463/082 applying multi-factor authe...H04L 63/08 for authentication of entit...H04L 63/083 using passwords cryptograph...H04L 63/101 Access control lists [ACL]H04L 63/126 the source of the received ...H04L 63/168 above the transport layer
