Apparatus, method, and program for validating user
First Claim
1. A user validation apparatus comprising:
- a memory configured to store instructions; and
a controller that is configured to execute the instructions to;
extract user-agent information about an individual user and a user access source IP address in a hyper-text transfer (HTTP) header of a packet received from a terminal device, which is operated by the individual user, by applying HTTP as a protocol of an application layer;
verify;
(i) whether or not the extracted user-agent information corresponds to each user-agent information in two sets of user-agent information stored in a storage unit, and (ii) whether or not the extracted IP address corresponds to each IP address in two access source IP addresses stored in the storage unit;
determine the user is a valid user, based at least in part on the verification result when;
(a) the extracted user-agent information corresponds to each of the two sets of user-agent information and the extracted access source IP address corresponds to any of the two sets of access source IP addresses, or (b) the extracted access source IP address corresponds to each of the two access source IP addresses and the extracted user-agent information corresponds to any of the two sets of user-agent information;
determine the user is an invalid user, based at least in part on the verification result, when;
(a) the extracted user-agent information does not correspond to any of the two sets of user-agent information and the extracted access source IP address does not correspond to each of the two access source IP addresses, or (b) the extracted source IP address does not correspond to any of the two access source IP addresses and the extracted user-agent information does not correspond to each of the two sets of user-agent information;
determine the individual user is a conditionally valid user, based at least in part on the verification result, when the extracted user-agent information corresponds to each set of the two sets of user-agent information, and the extracted user IP address does not correspond to either of the stored sets of IP addresses; and
when the individual user is a conditionally valid user, request re-authentication to the individual user operating the terminal device.
3 Assignments
0 Petitions
Accused Products
Abstract
User validation accuracy is improved without inconveniencing a user. When an authentication request packet is received from a terminal and the authentication is successful based on a user ID and a password, an HTTP header, user-agent information, and access source IP address are extracted from the packet, and user authentication is performed by verifying the IP address and the user-agent information against usage history information where at most two sets of the IP address and the user-agent information extracted from the authentication request packet which is received from the same user previously are registered. When the set of the IP address and the UA information corresponding to the new extracted IP address and the new extracted UA information is registered in the usage history information, the authentication is successful, and the usage history information is overwritten with the new IP address and the new UA information.
20 Citations
3 Claims
-
1. A user validation apparatus comprising:
-
a memory configured to store instructions; and a controller that is configured to execute the instructions to; extract user-agent information about an individual user and a user access source IP address in a hyper-text transfer (HTTP) header of a packet received from a terminal device, which is operated by the individual user, by applying HTTP as a protocol of an application layer; verify;
(i) whether or not the extracted user-agent information corresponds to each user-agent information in two sets of user-agent information stored in a storage unit, and (ii) whether or not the extracted IP address corresponds to each IP address in two access source IP addresses stored in the storage unit;determine the user is a valid user, based at least in part on the verification result when;
(a) the extracted user-agent information corresponds to each of the two sets of user-agent information and the extracted access source IP address corresponds to any of the two sets of access source IP addresses, or (b) the extracted access source IP address corresponds to each of the two access source IP addresses and the extracted user-agent information corresponds to any of the two sets of user-agent information;determine the user is an invalid user, based at least in part on the verification result, when;
(a) the extracted user-agent information does not correspond to any of the two sets of user-agent information and the extracted access source IP address does not correspond to each of the two access source IP addresses, or (b) the extracted source IP address does not correspond to any of the two access source IP addresses and the extracted user-agent information does not correspond to each of the two sets of user-agent information;determine the individual user is a conditionally valid user, based at least in part on the verification result, when the extracted user-agent information corresponds to each set of the two sets of user-agent information, and the extracted user IP address does not correspond to either of the stored sets of IP addresses; and when the individual user is a conditionally valid user, request re-authentication to the individual user operating the terminal device. - View Dependent Claims (2, 3)
-
Specification