Safety judgment method, safety judgment system, safety judgment apparatus, first authentication apparatus, and computer program product
First Claim
1. A safety judgment method for judging safety of an information processing apparatus connected to an authentication apparatus through a communication network, comprising:
- receiving transaction information through the authentication apparatus, the transaction information accepted by the information processing apparatus;
receiving environment information including at least one kind of information about the information processing apparatus, information about peripheral equipment connected to the information processing apparatus, and information about software installed in the information processing apparatus;
storing relationship information in the authentication apparatus in advance, which represents relationships between transaction information and environment information;
determining whether a relationship between the environment information and the transaction information corresponds to relationship information stored in the authentication apparatus in advance, which represents relationships between transaction information and environment information; and
outputting first information for allowing carrying out of a transaction based on the transaction information, when it is determined that the relationship corresponds to the relationship information stored in the authentication apparatus, and second information for banning carrying out of the transaction based on the transaction information, when it is determined that the relationship does not correspond to the relationship information stored in the authentication apparatus.
0 Assignments
0 Petitions
Accused Products
Abstract
Security of an information processing apparatus is ensured by performing biological information authentication and collecting the environment information about the information processing apparatus. The information processing apparatus transmits the collected environment information to a first authentication apparatus. An electronic certificate issued by a second authentication apparatus and information encrypted with a secret key issued by the second authentication apparatus are transmitted to the first authentication apparatus. The first authentication apparatus acquires the public key of the second authentication apparatus and the public key of the information processing apparatus so as to decrypt the encrypted information, and judges whether or not the decrypted information is proper. The first authentication apparatus refers to an environment information database and the transmitted information, and judges whether or not the transmitted environment information is proper. When all the authentications by the biological information authentication, environment information authentication and electronic certificate authentication are successful, the information processing apparatus is judged to be safe.
8 Citations
3 Claims
-
1. A safety judgment method for judging safety of an information processing apparatus connected to an authentication apparatus through a communication network, comprising:
-
receiving transaction information through the authentication apparatus, the transaction information accepted by the information processing apparatus; receiving environment information including at least one kind of information about the information processing apparatus, information about peripheral equipment connected to the information processing apparatus, and information about software installed in the information processing apparatus; storing relationship information in the authentication apparatus in advance, which represents relationships between transaction information and environment information; determining whether a relationship between the environment information and the transaction information corresponds to relationship information stored in the authentication apparatus in advance, which represents relationships between transaction information and environment information; and outputting first information for allowing carrying out of a transaction based on the transaction information, when it is determined that the relationship corresponds to the relationship information stored in the authentication apparatus, and second information for banning carrying out of the transaction based on the transaction information, when it is determined that the relationship does not correspond to the relationship information stored in the authentication apparatus.
-
-
2. An authentication apparatus for judging safety of an information processing apparatus connected to the authentication apparatus through a communication network, comprising:
a processor capable of performing the operations of; receiving transaction information accepted by the information processing apparatus and environment information which includes at least one kind of information about the information processing apparatus accepting the transaction information, information about peripheral equipment connected to the information processing apparatus accepting the transaction information, and information about software installed in the information processing apparatus accepting the transaction information, the transaction information and the environment information being transmitted from the information processing apparatus accepting the transaction information storing relationship information in advance, which represents relationship between transaction information and environment information; determining whether a relationship between the received environment information and the transaction information received by the authentication apparatus corresponds to the stored relationship information is not; outputting first information for allowing carrying out of a transaction based on the accepted transaction information, when it is determined that the relationship corresponds to the stored relationship information; and outputting second information for banning carrying out of the transaction based on the accepted transaction information, when it is determined that the relationship does not correspond to the stored relationship information.
-
3. A non-transitory computer-readable recording medium which stores a computer-executable computer program for judging safety of an information processing apparatus connected to a computer as an authentication apparatus through a communication network, the computer program, when executed, causing a the computer to perform a method comprising:
-
receiving a transaction information accepted by the information processing, apparatus receiving environment information including at least one kind of information about the information processing apparatus, information about peripheral equipment connected to the information processing apparatus, and information about software installed in the information processing apparatus; storing relationship information in the authentication apparatus in advance, which represents between transaction information and environment information; determining whether a relationship between the environment information and the transaction information corresponds to a relationship information stored in the authentication apparatus in advance, which represents relationships between transaction information and environment information; and outputting first information for allowing carrying out of a transaction based on the transaction information, when it is determined that the relationship corresponds to the relationship information stored in the authentication apparatus, and second information for banning carrying out of the transaction based on the transaction information, when it is determined that the relationship does not correspond to the relationship information stored in the authentication apparatus.
-
Specification