Search

JP-2026075411-A - Authentication control program and information processing device

JP2026075411AJP 2026075411 AJP2026075411 AJP 2026075411AJP-2026075411-A

Abstract

[Problem] Improve the usability of using external biometric sensors for user authentication. [Solution] The storage unit 12 stores state information 14 indicating whether the biosensor used for user authentication is in a protected state restricted to the biosensor 11. When the processing unit 13 detects that the biosensor 20 has been connected to the information processing unit 10 when the information processing unit 10 is in a protected state and the state information 14 is a first value indicating that it is in a protected state, it updates the state information 14 to a second value indicating that the protected state has been released. When the information processing unit 10 is restarted and the updated state information 14 is applied, releasing the protected state, the processing unit 13 performs user authentication using the biosensor 20. [Selection Diagram] Figure 1

Inventors

  • 染川 淳

Assignees

  • 富士通クライアントコンピューティング株式会社

Dates

Publication Date
20260508
Application Date
20241022

Claims (7)

  1. On the computer, When the computer is in a protected state in which the biosensors used for user authentication are restricted to a first biosensor built into the computer, and the state information stored in the computer's memory is a first value indicating that it is in the protected state, the computer detects that a second biosensor has been connected to the computer, and updates the state information to a second value indicating that the protected state has been released. When the computer is restarted and the updated state information is applied, thereby releasing the protection state, user authentication is performed using the second biosensor. An authentication control program that executes a process.
  2. To the aforementioned computer, After updating the status information to the second value, if a process requiring user authentication occurs, display information prompting the computer to restart is displayed on the display unit. The authentication control program according to claim 1, which further executes processing.
  3. To the aforementioned computer, When the status information is updated to the second value, restart information indicating that a restart is required is registered in the storage unit. When a process requiring user authentication occurs, and if the restart information is registered, a message prompting the user to restart the computer is displayed on the display unit. The authentication control program according to claim 1, which further executes processing.
  4. The storage unit of the computer stores a list of models in which one or more identification pieces of information indicating the models of biosensors that cannot be used for user authentication when in the protected state are registered. The process of updating the state information to the second value is performed when an identification number indicating the model of the second biosensor connected to the computer is registered in the model list information. The authentication control program according to claim 1.
  5. When the aforementioned computer starts up, If the status information is the first value, the biosensor of the model registered in the model list information is made unusable for user authentication to sign in to the computer's OS (Operating System). If the status information is the second value, the biosensor of the model registered in the model list information is set to a state where it can be used for user authentication to sign in to the OS. The authentication control program according to claim 4.
  6. In an information processing device, The first biosensor, A storage unit that stores state information indicating whether the biosensor used for user authentication is in a protected state restricted to the first biosensor, When the information processing device is in the protected state and the state information is a first value indicating the protected state, and it is detected that a second biosensor has been connected to the information processing device, the state information is updated to a second value indicating that the protected state has been released, and when the information processing device is restarted and the state information updated to the second value is applied, thereby releasing the protected state, the processing unit performs user authentication using the second biosensor. An information processing device having
  7. The processing unit updates the state information to the first value when uninstalling a program that performs a process to update the state information to the second value in response to the detection of connection of the second biosensor, and a process to perform user authentication using the second biosensor when the protection state is released. The information processing apparatus according to claim 6.

Description

This invention relates to an authentication control program and an information processing device. In recent years, biometric authentication using biometric information such as facial features, veins, fingerprints, and iris scans has become widely used. Such biometric authentication is used, for example, for user authentication when using computers and various services. Furthermore, various mechanisms have been proposed to enhance computer security. For example, computers equipped with security chips that include functions such as hardware and software legitimacy verification and cryptographic processing have been suggested. Japanese Patent Publication No. 2024-64380Japanese Patent Publication No. 2010-146048 This figure shows an example of the configuration and processing of an information processing device according to the first embodiment.This figure shows an example of the hardware configuration of a PC according to the second embodiment.This figure shows an example of a procedure for disabling ESS in response to the connection of an external sensor.This diagram shows an example of the configuration of processing functions that a PC has.This is an example flowchart illustrating the event processing procedure by the event processing unit.This is an example flowchart showing the procedure for authentication and registration processing by the authentication processing unit.This diagram shows an example of the processing flow when an external biosensor is connected.This diagram shows an example of the processing flow when the PC starts up after the process shown in Figure 7.This is an example flowchart showing the procedure for uninstalling an authentication control program. Hereinafter, embodiments of the present invention will be described with reference to the drawings. [First Embodiment] Figure 1 shows an example of the configuration and processing of an information processing device according to the first embodiment. The information processing device 10 shown in Figure 1 is a computer, such as a PC (personal computer), and includes a biosensor 11, a storage unit 12, and a processing unit 13. The biosensor 11 acquires biometric information from a predetermined body part of the user. The acquired biometric information is used for user authentication. This biosensor 11 is built into the information processing device 10. Furthermore, the biosensor 11 may be, for example, a biosensor whose legitimacy has been verified and which is capable of secure communication with the processing unit 13. The memory unit 12 is, for example, a memory area reserved in the memory device of the information processing device 10. The processing unit 13 is, for example, a processor of the information processing device 10. In this case, the processing of the processing unit 13, described later, is achieved, for example, by the processor executing a predetermined program. Furthermore, the information processing device 10 can be connected to external devices such as the biosensor 20, which will be described later. Although not shown in the diagram, the information processing device 10 is equipped with a device connection interface to which such external devices can be connected. This information processing device 10 can enter a protected state in which the biosensors used for user authentication are restricted to the biosensor 11 built into the information processing device 10. In this protected state, it is essentially impossible to perform user authentication using an external biosensor 20 attached to the information processing device 10. On the other hand, depending on the user or the service they use, there may be cases where they want to use an external biosensor 20 separate from the biosensor 11. To enable user authentication using such a biosensor 20, it is necessary to disable the protection state. Furthermore, the storage unit 12 stores status information 14 indicating whether or not the device is in a protected state. The status information 14 is, for example, a setting value corresponding to a specific registry key. In this embodiment, when the status information 14 is ON (first value), it indicates that the device is in a protected state; when it is OFF (second value), it indicates that the protected state has been released. However, simply updating the status information 14 does not change the state of the information processing device 10. After updating the status information 14, the information processing device 10 restarts, and only when the updated status information 14 is applied does the information processing device 10 actually transition to the state indicated by the updated status information 14. Therefore, after connecting the biosensor 20 to the protected information processing device 10, a complicated procedure is required to enable user authentication using the biosensor 20, which involves updating the status information 14 to "off" and restarting the information processing device 10. In particular, if the