Authentication apparatus, authentication method, and computer program product
First Claim
1. An authentication apparatus that performs an authentication of an access to a resource on a network and a connection to the network by a user, the authentication apparatus comprising:
- a memory that stores therein a data file that contains first identification information for identifying one of the user and a client terminal used by the user;
a monitoring unit that monitors the client terminal, and when a predetermined access operation to access the resource from the client terminal is detected, acquires the first identification information from the memory;
a referring unit that acquires second identification indicating an entry status of the user to a physical facility;
a verifying unit that verifies whether the first identification information matches the second identification information, and when it is verified that the first identification information matches the second identification information, refers to a room-access management system that is connected to the network and manages the entry status of the user to the physical facility to check the entry status of the user to the physical facility; and
a determining unit that determines whether to allow the access operation based on a result from the verifying unit,wherein the determining unit determines to allow an access operation to an access-controlled resource when the result indicates that the user is located within the facility where the access-controlled resource is located.
1 Assignment
0 Petitions
Accused Products
Abstract
A monitoring unit monitors a client terminal used by a user, and when there is a predetermined access operation to a resource from the client terminal, acquires identification information from the client terminal. A verifying unit verifies whether the identification information matches stored identification information. When it is verified that the identification information matches the stored identification information, a referring unit refers to an access management system to check an entry status of the user to a facility. A determining unit determines whether to allow the access operation based on a check result from the referring unit.
-
Citations
12 Claims
-
1. An authentication apparatus that performs an authentication of an access to a resource on a network and a connection to the network by a user, the authentication apparatus comprising:
-
a memory that stores therein a data file that contains first identification information for identifying one of the user and a client terminal used by the user; a monitoring unit that monitors the client terminal, and when a predetermined access operation to access the resource from the client terminal is detected, acquires the first identification information from the memory; a referring unit that acquires second identification indicating an entry status of the user to a physical facility; a verifying unit that verifies whether the first identification information matches the second identification information, and when it is verified that the first identification information matches the second identification information, refers to a room-access management system that is connected to the network and manages the entry status of the user to the physical facility to check the entry status of the user to the physical facility; and a determining unit that determines whether to allow the access operation based on a result from the verifying unit, wherein the determining unit determines to allow an access operation to an access-controlled resource when the result indicates that the user is located within the facility where the access-controlled resource is located. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An authentication method, implemented on an authentication apparatus, of performing an authentication of an access to a resource on a network and a connection to the network by a user, the authentication method comprising:
-
storing, in a memory of the authentication apparatus, a data file that contains first identification information for identifying one of the user and a client terminal used by the user; monitoring the client terminal, and when a predetermined access operation to access the resource from the client terminal is detected, acquiring the first identification information from the memory; acquiring second identification information indicating an entry status of the user to a physical facility; verifying whether the acquired first identification information matches the second identification information, and when it is verified that the acquired first identification information matches the second identification information, referring to a room-access management system that is connected to the network and manages the entry status of the user to the physical facility to check the entry status of the user to the physical facility; and determining whether to allow the access operation based on a result at the verifying, wherein the determining includes determining to allow an access operation to an access-controlled resource when the result indicates that the user is located within the facility where the access-controlled resource is located.
-
-
12. A non-transitory computer readable storage medium having stored thereon a computer program that includes instructions for performing an authentication of an access to a resource on a network and a connection to the network by a user which when executed on a computer causes the computer to execute a method comprising:
-
storing a data file that contains first identification information for identifying one of the user and a client terminal used by the user; monitoring the client terminal, and when a predetermined access operation to access the resource from the client terminal is detected, acquiring the stored first identification information; acquiring second identification information indicating an entry status of the user to a physical facility; verifying whether the acquired first identification information matches the second identification information, and when it is verified that the acquired first identification information matches the second identification information, referring to a room-access management system that is connected to the network and manages the entry status of the user to the physical facility to check the entry status of the user to the physical facility; and determining whether to allow the access operation based on a result at the verifying, wherein the determining includes determining to allow an access operation to an access-controlled resource when the result indicates that the user is located within the facility where the access-controlled resource is located.
-
Specification