Access monitoring method, information processing apparatus, and computer-readable medium storing access monitoring program

US 8,943,585 B2
Filed: 04/27/2012
Issued: 01/27/2015
Est. Priority Date: 06/02/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-readable, non-transitory medium encoded with a computer program to be executed by a computer, the computer program causes the computer to perform a procedure comprising:

receiving, from a server, an email containing first link information to an address associated with authentication information when the server receives the authentication information, and permits service provision through an apparatus being a source of the authentication information when the server receives access to a destination indicated by the first link information;

storing, in response to a manipulation that causes the computer to make access to a destination indicated by second link information, the second link information in a storage device of the computer;

making a display device display an input screen based on screen data which is received in response to the access to the destination indicated by the second link information;

transmitting the authentication information to an apparatus being a source of the screen data, when the authentication information is inputted into an input area arranged in the input screen;

determining whether or not the first link information is identical, in a predetermined part, to the second link information recorded in the storage device, when the computer receives the email containing the first link information and detects a manipulation of the computer for requesting access to the destination indicated by the first link information; and

detecting that the second link information indicates an illegal destination, when the determining has determined that the first link information is not identical, in the predetermined part, to the second link information recorded in the storage device, and thus forbidding access to any destinations indicated by link information which is identical, in the predetermined part, to the second link information,wherein, in detection of the manipulation of the computer for requesting access to the destination indicated by the second link information, the computer detects a manipulation for selecting an indication of the second link information contained in an email received by the computer before the computer receives the email containing the first link information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an access monitoring method executed by a computer: information on a first link is recorded when a request for access through the first link is detected and authentication information is transmitted through the first link; and when an email containing information on a second link is received and a request for access through the second link is detected, a determination whether or not the information on the second link is identical, in a predetermined part, to the recorded information on the first link is made. In the case where yes is determined, access through a link is forbidden when the information on the link is identical, in the predetermined part, to the recorded information on the first link, and the recorded information on the first link is transmitted to a server which collects information on links.

Citations

9 Claims

1. A computer-readable, non-transitory medium encoded with a computer program to be executed by a computer, the computer program causes the computer to perform a procedure comprising:
- receiving, from a server, an email containing first link information to an address associated with authentication information when the server receives the authentication information, and permits service provision through an apparatus being a source of the authentication information when the server receives access to a destination indicated by the first link information;
  
  storing, in response to a manipulation that causes the computer to make access to a destination indicated by second link information, the second link information in a storage device of the computer;
  
  making a display device display an input screen based on screen data which is received in response to the access to the destination indicated by the second link information;
  
  transmitting the authentication information to an apparatus being a source of the screen data, when the authentication information is inputted into an input area arranged in the input screen;
  
  determining whether or not the first link information is identical, in a predetermined part, to the second link information recorded in the storage device, when the computer receives the email containing the first link information and detects a manipulation of the computer for requesting access to the destination indicated by the first link information; and
  
  detecting that the second link information indicates an illegal destination, when the determining has determined that the first link information is not identical, in the predetermined part, to the second link information recorded in the storage device, and thus forbidding access to any destinations indicated by link information which is identical, in the predetermined part, to the second link information,wherein, in detection of the manipulation of the computer for requesting access to the destination indicated by the second link information, the computer detects a manipulation for selecting an indication of the second link information contained in an email received by the computer before the computer receives the email containing the first link information.
- View Dependent Claims (2, 3)
- - 2. The computer-readable, non-transitory medium according to claim 1, wherein when the first link information is determined not to be identical, in the predetermined part, to the second link information recorded in the storage device, the procedure further comprises transmitting the second link information to a link-information collection server which is connected to the computer and collects link information, and determining, in accordance with an instruction from the link-information collection server, whether to continue setting for forbidding access to a destination indicated by link information which is identical, in the predetermined part, to the second link information.
  - 3. The computer-readable, non-transitory medium according to claim 2, wherein the procedure further comprises recording in the storage device log information on operations performed by the computer after detection of the manipulation of the computer for requesting access to the destination indicated by the second link information until detection of the manipulation of the computer for requesting access to the destination indicated by the first link information, and transmitting the log information to the link-information collection server when the first link information is determined not to be identical, in the predetermined part, to the second link information.

4. An information processing apparatus comprising:
- a memory; and
  
  one or more processors configured to perform a procedure including,receiving, from a server, an email containing first link information to an address associated with authentication information when the server receives the authentication information, and permits service provision through an apparatus being a source of the authentication information when the server receives access to a destination indicated by the first link information,storing, in response to a manipulation that causes the information processing apparatus to make access to a destination indicated by second link information, the second link information in the memory of the information processing apparatus,making a display device display an input screen based on screen data which is received in response to the access to the destination indicated by the second link information,transmitting the authentication information to an apparatus being a source of the screen data, when the authentication information is inputted into an input area arranged in the input screen,determining whether or not the first link information is identical, in a predetermined part, to the second link information recorded in the memory, when the information processing apparatus receives the email containing the first link information and detects a manipulation of the information processing apparatus for requesting access to the destination indicated by the first link information, anddetecting that the second link information indicates an illegal destination, when the determining has determined that the first link information is not identical, in the predetermined part, to the second link information recorded in the memory, and thus forbidding access to any destinations indicated by link information which is identical, in the predetermined part, to the second link information, whereinin detection of the manipulation of the information processing apparatus for requesting access to the destination indicated by the second link information, the information processing apparatus detects a manipulation for selecting an indication of the second link information contained in an email received by the information processing apparatus before the information processing apparatus receives the email containing the first link information.
- View Dependent Claims (5, 6)
- - 5. The information processing apparatus according to claim 4, wherein when the first link information is determined not to be identical, in the predetermined part, to the second link information recorded in the memory, the procedure further comprises transmitting the second link information to a link-information collection server which is connected to the information processing apparatus and collects link information, and determining, in accordance with an instruction from the link-information collection server, whether to continue setting for forbidding access to a destination indicated by link information which is identical, in the predetermined part, to the second link information recorded in the memory.
  - 6. The information processing apparatus according to claim 5, wherein the procedure further comprises recording in the memory log information on operations performed by the information processing apparatus after detection of the manipulation of the information processing apparatus for requesting access to the destination indicated by the second link information until detection of the manipulation of the information processing apparatus for requesting access to the destination indicated by the first link information, and transmitting the log information to the link-information collection server when the first link information is determined not to be identical, in the predetermined part, to the second link information.

7. An access monitoring method executed by a computer, the access monitoring method comprising:
- receiving, from a server, an email containing first link information to an address associated with authentication information when the server receives the authentication information, and permits service provision through an apparatus being a source of the authentication information when the server receives access to a destination indicated by the first link information;
  
  storing, in response to a manipulation that causes the computer to make access to a destination indicated by second link information, the second link information in a memory of the computer;
  
  making a display device display an input screen based on screen data which is received in response to the access to the destination indicated by the second link information;
  
  transmitting the authentication information to an apparatus being a source of the screen data, when the authentication information is inputted into an input area arranged in the input screen;
  
  determining whether or not the first link information is identical, in a predetermined part, to the second link information recorded in the memory, when the computer receives the email containing the first link information and detects a manipulation of the computer for requesting access to the destination indicated by the first link information;
  
  detecting that the second link information indicates an illegal destination, when the determining has determined that the first link information is not identical, in the predetermined part, to the second link information recorded in the memory, and thus forbidding access to any destinations indicated by link information which is identical, in the predetermined part, to the second link information; and
  
  detecting a manipulation for selecting an indication of the second link information contained in an email received by the computer before the computer receives the email containing the first link information, in order to detect the manipulation of the computer for requesting access to the destination indicated by the second link information.
- View Dependent Claims (8, 9)
- - 8. The access monitoring method according to claim 7, wherein when the first link information is determined not to be identical, in the predetermined part, to the second link information recorded in the memory, the access monitoring method further comprises transmitting the second link information to a link-information collection server which is connected to the computer and collects link information, and determining, in accordance with an instruction from the link-information collection server, whether to continue setting for forbidding access to a destination indicated by link information which is identical, in the predetermined part, to the second link information.
  - 9. The access monitoring method according to claim 8, further comprising recording in the memory log information on operations performed by the computer after detection of the manipulation of the computer for requesting access to the destination indicated by the second link information until detection of the manipulation of the computer for requesting access to the destination indicated by the first link information, and transmitting the log information to the link-information collection server when the first link information is determined not to be identical, in the predetermined part, to the second link information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Client Computing Limited (Lenovo Group Ltd.)
Original Assignee
Fujitsu Limited
Inventors
Akase, Masahide
Primary Examiner(s)
Nalven, Andrew
Assistant Examiner(s)
Doan, Huan V

Application Number

US13/458,503
Publication Number

US 20120311669A1
Time in Patent Office

1,005 Days
Field of Search

709/206, 709/229, 713/182, 726/3, 726/4, 726/7, 726/24, 726/28
US Class Current

726/22
CPC Class Codes

G06F 21/554   involving event detection a...

H04L 51/212   using filtering or selectiv...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 63/18   using different networks or...

Access monitoring method, information processing apparatus, and computer-readable medium storing access monitoring program

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Access monitoring method, information processing apparatus, and computer-readable medium storing access monitoring program

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links