METHOD OF PREVENTING SEQUENTIAL UNAUTHORIZED LOGINS
First Claim
1. A server device communicatively connected to a plurality of client terminals, the server device comprising:
- a storage unit configured to store information on a plurality of value conversion processes;
a setting unit configured to set a value conversion process included in the plurality of value conversion processes as a specific value conversion process;
a sending unit configured to send an instruction for the specific value conversion process to one of the plurality of client terminals in response to a request from the client terminal;
a receiving unit configured to receive, from the client terminal, a login request including a result of the specific value conversion process on a parameter value;
a determination unit configured to determine whether to permit a login by the client terminal based at least on the received result;
a selection unit configured to select, on a predetermined condition, a candidate for a new specific value conversion process from the plurality of value conversion processes stored in the storage unit; and
a monitoring unit for monitoring situation of unauthorized logins,wherein the storage unit stores groups including the value conversion processes as a part of the information on the plurality of value conversion processes,and wherein if the situation of unauthorized logins is a first situation, the selection unit selects the candidate for the new specific value conversion process from value conversion processes included in the same group as the current specific value conversion process; and
if the situation of unauthorized logins is a second situation, the selection unit selects the candidate for the new specific value conversion process from value conversion processes included in a different group than the current specific value conversion process.
2 Assignments
0 Petitions
Accused Products
Abstract
One object is to restrain unauthorized logins without significantly reducing usability. In accordance with one aspect, a server device according to an embodiment includes: an information storage unit for storing information; a setting unit for setting a value conversion rule used for login authentication; an information generating unit for generating login authentication information in response to a display request for a login screen sent from a terminal device; a sending unit for sending login screen data for displaying the login screen on the terminal device; a receiving unit for receiving login information from the terminal device; a determination unit for determining whether a login is permitted based on the received login information; a monitoring unit for monitoring the situation of unauthorized logins to the server device; and a selection unit for selecting a candidate for a new value conversion rule in accordance with the situation of unauthorized logins.
18 Citations
12 Claims
-
1. A server device communicatively connected to a plurality of client terminals, the server device comprising:
-
a storage unit configured to store information on a plurality of value conversion processes; a setting unit configured to set a value conversion process included in the plurality of value conversion processes as a specific value conversion process; a sending unit configured to send an instruction for the specific value conversion process to one of the plurality of client terminals in response to a request from the client terminal; a receiving unit configured to receive, from the client terminal, a login request including a result of the specific value conversion process on a parameter value; a determination unit configured to determine whether to permit a login by the client terminal based at least on the received result; a selection unit configured to select, on a predetermined condition, a candidate for a new specific value conversion process from the plurality of value conversion processes stored in the storage unit; and a monitoring unit for monitoring situation of unauthorized logins, wherein the storage unit stores groups including the value conversion processes as a part of the information on the plurality of value conversion processes, and wherein if the situation of unauthorized logins is a first situation, the selection unit selects the candidate for the new specific value conversion process from value conversion processes included in the same group as the current specific value conversion process; and
if the situation of unauthorized logins is a second situation, the selection unit selects the candidate for the new specific value conversion process from value conversion processes included in a different group than the current specific value conversion process. - View Dependent Claims (2, 3, 4, 9, 10, 11)
-
-
5. (canceled)
-
6. (canceled)
-
7. (canceled)
-
8. (canceled)
-
12. A method of managing logins by using a server device communicatively connected to a plurality of client terminals and having a storage unit, the method comprising the steps of:
-
(a) storing, on the storage unit, information on a plurality of value conversion processes; (b) setting a value conversion process included in the plurality of value conversion processes as a specific value conversion process; (c) sending an instruction for the specific value conversion process to one of the plurality of client terminals in response to a request from the client terminal; (d) receiving, from the client terminal, a login request including a result of the specific value conversion process on a parameter value; (e) determining whether to permit a login by the client terminal based at least on the received result; (f) selecting, on a predetermined condition, a candidate for a new specific value conversion process from the plurality of value conversion processes stored in the storage unit; and (g) monitoring situation of unauthorized logins, wherein the storing step (a) stores groups including the value conversion processes as a part of the information on the plurality of value conversion processes, and wherein if the situation of unauthorized logins is a first situation, the selecting step (f) selects the candidate for the new specific value conversion process from value conversion processes included in the same group as the current specific value conversion process; and
if the situation of unauthorized logins is a second situation, the selecting step (f) selects the candidate for the new specific value conversion process from value conversion processes included in a different group than the current specific value conversion process.
-
Specification