Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
CN106489151A - password management device - Google Patents
[go: Go Back, main page]

CN106489151A - password management device - Google Patents

password management device Download PDF

Info

Publication number
CN106489151A
CN106489151A CN201580034623.3A CN201580034623A CN106489151A CN 106489151 A CN106489151 A CN 106489151A CN 201580034623 A CN201580034623 A CN 201580034623A CN 106489151 A CN106489151 A CN 106489151A
Authority
CN
China
Prior art keywords
password
user
information
management
management module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201580034623.3A
Other languages
Chinese (zh)
Inventor
崔奎相
李允浩
徐美淑
朴永参
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SMS Ltd
Industry Academic Cooperation Foundation of Yeungnam University
Original Assignee
SMS Ltd
Industry Academic Cooperation Foundation of Yeungnam University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SMS Ltd, Industry Academic Cooperation Foundation of Yeungnam University filed Critical SMS Ltd
Publication of CN106489151A publication Critical patent/CN106489151A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The Password Management device and method that the present invention is disclosed directly below, the password of the user to multiple services providing from system can be provided effectively, and can be by inputting the information such as IP address, password as parameter in multiple network environment, thus effectively supporting password change, inquiring about the functions such as the account catalogue of final password update time and inquiry registration.

Description

密码管理装置password management device

技术领域technical field

本发明涉及一种密码管理装置的结构,尤其涉及一种能够通知用户的密码变更时间点的密码管理装置。The present invention relates to a structure of a password management device, in particular to a password management device capable of notifying a user of a password change time point.

背景技术Background technique

通过对连接到互联网的多个信息系统进行访问而收发邮件或者通过门户网站(portal site)等而交换信息的活动在日常生活中占据重要的部分。并且,较多的人通过电子商务的形式交换商品,并且之前主要在线下进行的银行业务的较多部分也能够通过电话银行(tele-banking)或者网上银行等而在线上进行。Activities of receiving and sending e-mails by accessing a plurality of information systems connected to the Internet or exchanging information through portal sites (portal sites) play an important part in daily life. In addition, more people exchange commodities through e-commerce, and more banking services that were mainly performed offline before can also be performed online through telephone banking (tele-banking) or online banking.

在互联网中活跃地进行的信息交换以及服务和商品的交易大体通过接入到某个信息系统而进行,为了安全地保护上述的针对信息系统的连接,最普遍使用的方法中的一个为利用每个人所设定的密码。Information exchange and transactions of services and goods that are actively performed on the Internet are generally performed by connecting to a certain information system. In order to securely protect the above-mentioned connection to the information system, one of the most commonly used methods is to use Passwords set by individuals.

根据叫做Webroot的国际信息保护公司于2012年10月针对2500名以上的人进行的调查显示,在使用多种信息系统时,较多的人在密码管理方面不付出足够多的努力。这一点会成为他们所使用的多种信息系统的安全方面的隐患。因此,在管理信息系统中的有价值的信息的组织中,需要掌握一种能够有效地管理密码的方法。According to a survey of more than 2,500 people conducted by an international information protection company called Webroot in October 2012, more people do not pay enough effort in password management when using multiple information systems. This will become a hidden danger in the security aspect of the various information systems they use. Therefore, in an organization that manages valuable information in an information system, it is necessary to master a method capable of effectively managing passwords.

为了消除如上所述的安全方面的隐患而提出的国内外代表技术有QuestSoftware公司的TPAM(全面特权帐户管理:Total Privileged Account Management)技术。所述Quest Software公司的TPAM提出了如下有效的密码管理的方案:通过管理管理对象信息系统的密码而给想要访问的用户实时提供一次性密码(One Time Password)的技术;周期性、临时性的密码更新;以及管理员通知技术等。In order to eliminate the hidden dangers in the security aspect as mentioned above, the representative technology at home and abroad is QuestSoftware's TPAM (Total Privileged Account Management) technology. The TPAM of the said Quest Software company proposes the following effective password management scheme: the technology of providing one-time password (One Time Password) in real time to the user who wants to visit by managing the password of the management object information system; periodic, temporary password updates; and administrator notification technology, among others.

已知TPAM是一种提供针对40多个多样的环境的综合密码管理功能,并仅通过单个设备(appliance)提供针对整个信息系统的安全且有效的密码管理功能的技术。TPAM is known as a technology that provides a comprehensive password management function for more than 40 diverse environments, and provides a secure and effective password management function for an entire information system with only a single appliance.

但是目前的现状为,对多个信息系统进行管理及运营的企业及组织还无法适当地管理个别用户的密码。即,无法提供在适当的时间点建议用户进行周期性的密码替换,或者告知最后一次修改密码的时间点等服务。However, the current situation is that companies and organizations that manage and operate multiple information systems cannot properly manage individual user passwords. That is, it is impossible to provide services such as suggesting that users perform periodic password replacement at an appropriate time point, or notifying the time point of the last password change.

并且,在提供多种不同的服务(操作系统、数据库管理系统、网络管理等)等的云服务系统等持续上市的目前状态下,存在如下的问题:在没有针对这些服务的用户的账户/密码对进行管理的专门的解决方案的情况下,仅依靠安全管理人员的手动操作。In addition, in the current state where cloud service systems and the like that provide various services (operating system, database management system, network management, etc.) continue to be launched, there is a problem that there is no user account/password for these services. In the case of ad-hoc solutions for management, only manual operations by security managers are relied upon.

发明内容Contents of the invention

技术问题technical problem

因此,本发明的目的在于提供如下的密码管理装置:使访问提供彼此不同的服务的多种服务系统的服务用户能够与服务系统的平台无关地访问而进行密码管理。Therefore, an object of the present invention is to provide a password management device that enables a service user who accesses a plurality of service systems that provide different services to access and manage passwords regardless of the platform of the service system.

本发明的另一目的在于提供如下的密码管理装置:能够将密码的变更、查询时间点(时刻)通知用户而能够更安全地管理密码。Another object of the present invention is to provide a password management device that can manage passwords more securely by notifying the user of password changes and query timing (time).

本发明的目的不限于上述的目的,没有提到的本发明的其他目的及优点可以从以下的说明中理解,并且可以通过本发明的实施例而更加明确地理解本发明的目的。并且,本发明的目的及优点可以通过权利要求书中提出的手段及它们的组合而实现。The purpose of the present invention is not limited to the above-mentioned purpose, and other purposes and advantages of the present invention not mentioned can be understood from the following description, and the purpose of the present invention can be more clearly understood through the embodiments of the present invention. Furthermore, the objects and advantages of the present invention can be achieved by the means and their combinations set forth in the claims.

技术方案Technical solutions

根据用于实现上述目的的本发明的特征,提供如下的密码管理装置,包括:用户访问处理部,根据用户终端的访问请求中包含的参数而远程连接到提供彼此不同的服务的管理模块中的某一个管理模块;密码管理执行部,执行通过所述用户访问处理部而传递的用户的密码管理请求。According to the characteristics of the present invention for achieving the above object, the following password management device is provided, including: a user access processing unit remotely connected to management modules that provide different services according to the parameters included in the access request of the user terminal A certain management module; a password management execution unit, executing the user's password management request transmitted through the user access processing unit.

所述管理模块包括:操作系统密码管理模块、数据库管理系统(DBMS)密码管理模块及网络设备密码管理模块,并使用彼此不同的平台。The management module includes: an operating system password management module, a database management system (DBMS) password management module and a network device password management module, and uses different platforms.

还包括:管理控制部,向所述用户终端提供密码信息、掌握变更后的密码信息的现状或者管理借助系统管理器(system manager)的密码更新信息。It further includes: a management control unit that provides password information to the user terminal, grasps the status of changed password information, or manages password update information via a system manager.

所述密码管理装置将所述用户终端请求远程访问时收发的信息封装化(encapsulation)而处理。The password management device encapsulates and processes information sent and received when the user terminal requests remote access.

所述用户终端用于查询已注册于所述管理控制部的用户的目录以及用户最后变更密码的信息。The user terminal is used to inquire about the list of users registered in the management control unit and information about the user's last password change.

本发明还包括:统计信息管理模块,用于存储用户访问时间、用户访问请求处理明细信息;密码信息管理模块,用于管理密码变更信息及备份信息。The present invention also includes: a statistical information management module for storing user access time and user access request processing detailed information; a password information management module for managing password change information and backup information.

所述终端装置能够通过所述密码信息管理模块而对按照各个用户赋予的最新的密码信息。The terminal device is capable of ascertaining the latest password information assigned to each user through the password information management module.

有益效果Beneficial effect

根据如上所述地构成的本发明,能够通过缩短密码更新周期而增加信息系统的安全性,并且可以减少密码的遗失可能性,从而能够使用户设置复杂度较高的密码。这会减少因用户产生系统外部安全隐患的可能性,最终可以提高因使用密码而获得的安全性提升效果。According to the present invention constituted as described above, the security of the information system can be increased by shortening the password update cycle, and the possibility of loss of the password can be reduced, thereby enabling the user to set a complicated password. This reduces the possibility of users creating external security threats to the system, which ultimately increases the security gains gained from the use of passwords.

另外,在对管理员(管理器)密码的特别管理,即密码未更新时,能够通过邮件通知并且能够进行强制更新等作业,因此通过管理脆弱的密码而具有减少安全方面的隐患的效果。并且,减少在使用密码时产生的用户的不便,而使用户能够更便利且安全地使用系统。并且,用户可以容易地访问基于不同的平台而提供服务的系统而使用密码管理服务。In addition, in the special management of the administrator (administrator) password, that is, when the password has not been updated, it can be notified by email and can perform operations such as forced update, so it has the effect of reducing security risks by managing weak passwords. In addition, the user's inconvenience caused when using the password is reduced, and the user can use the system more conveniently and safely. Also, a user can easily access a system that provides services based on different platforms to use a password management service.

附图说明Description of drawings

图1是根据本发明的优选实施例的密码管理装置的系统构成图。FIG. 1 is a system configuration diagram of a password management device according to a preferred embodiment of the present invention.

图2是根据本发明的优选实施例的密码管理方法的流程图。Fig. 2 is a flowchart of a password management method according to a preferred embodiment of the present invention.

图3是根据本发明的优选实施例的用于查询最终密码变更时刻的数据库及表的定义相关算法。Fig. 3 is a definition-related algorithm for querying the database and tables of the final password change time according to a preferred embodiment of the present invention.

图4是根据本发明的优选实施例的用于返回最终密码变更时刻的DBMS事项的定义相关算法。Fig. 4 is a definition-related algorithm for returning DBMS items at the time of final password change according to a preferred embodiment of the present invention.

最优实施方式best practice

参照附图而详细地说明上述目的、特征及优点,因此,在本发明的所属技术领域具有一般知识的人员可以容易地实施本发明的技术思想。在对本发明进行说明时,在判断为对本发明的相关公知技术的具体说明会不必要地模糊本发明的宗旨的情况下,省略其详细说明。以下,参照附图而对根据本发明的优选实施例进行详细的说明。图1是本发明所提出的密码管理装置的系统构成图。The above objects, features, and advantages will be described in detail with reference to the accompanying drawings, so that those with general knowledge in the technical field to which the present invention pertains can easily implement the technical idea of the present invention. In describing the present invention, when it is judged that the detailed description of the known technology related to the present invention will unnecessarily obscure the gist of the present invention, the detailed description will be omitted. Hereinafter, preferred embodiments according to the present invention will be described in detail with reference to the accompanying drawings. FIG. 1 is a system configuration diagram of a password management device proposed by the present invention.

如图1所示,包括用户访问请求部110及根据用户的请求而对密码信息进行管理的密码管理装置100。As shown in FIG. 1 , it includes a user access request unit 110 and a password management device 100 that manages password information according to a user's request.

用户访问请求部110可以是用户访问密码管理装置100的用户终端装置,可以是PC、便携式设备、智能设备等。在如上所述的用户访问请求部110构成有参数(parameter)生成部115。The user access request unit 110 may be a user terminal device of the user access password management device 100, and may be a PC, a portable device, a smart device, or the like. A parameter generation unit 115 is formed in the user access request unit 110 as described above.

参数生成部115是提供用于访问密码管理装置100的参数的功能的部分,其通过参数而决定要访问的管理模块。The parameter generator 115 is a part that provides a function for accessing parameters of the password management device 100, and determines a management module to be accessed based on the parameters.

在下文中对管理模块进行说明。另外,所述参数包括各个管理模块的IP地址等标识信息、各个管理模块的系统类型信息、密码管理功能类型信息、用户账号及密码信息等。密码管理装置100例如可以是管理密码的服务器。以下对这种密码管理装置100的构成进行详细的说明。The management module is described below. In addition, the parameters include identification information such as the IP address of each management module, system type information of each management module, password management function type information, user account and password information, and the like. The password management device 100 may be, for example, a server that manages passwords. The configuration of such a password management device 100 will be described in detail below.

密码管理装置100包括密码管理执行部130。所述密码管理执行部130包括:操作系统密码管理模块132、数据库管理系统(DBMS)密码管理模块134以及网络设备密码管理模块136。The password management device 100 includes a password management execution unit 130 . The password management execution unit 130 includes: an operating system password management module 132 , a database management system (DBMS) password management module 134 and a network device password management module 136 .

所述各个管理模块提供彼此不同的服务,并且基于彼此不同的平台而运行。例如,操作系统密码管理模块132基于Windows Server 2000、Windows Server 2003、WindowsServer 2008及Linux平台,数据库管理系统的密码管理模块134基于微软SQL服务器、MySQL及Oracle数据库等平台,网络设备密码管理模块136基于思科网络设备(CISCO networkdevice)及网件(Netgear)网络设备等平台。The various management modules provide different services and run on different platforms. For example, the operating system password management module 132 is based on Windows Server 2000, Windows Server 2003, WindowsServer 2008 and Linux platforms, the password management module 134 of the database management system is based on platforms such as Microsoft SQL server, MySQL and Oracle database, and the network device password management module 136 is based on Cisco network equipment (CISCO networkdevice) and Netgear (Netgear) network equipment and other platforms.

并且,密码管理装置100包括用于管理密码备份及统计信息的构成。即,构成有密码备份及统计信息管理部140,所述密码备份及统计信息管理部140由负责密码的存储和备份的密码信息管理模块142以及管理访问时间等的统计信息的统计信息管理模块144构成。Furthermore, the password management device 100 includes a configuration for managing password backup and statistical information. That is, a password backup and statistical information management section 140 is constituted, and the password backup and statistical information management section 140 is composed of a password information management module 142 responsible for password storage and backup and a statistical information management module 144 that manages statistical information such as access time. constitute.

并且,密码管理装置110包括管理控制部150及系统管理器160。管理控制部150执行存储管理员对用户账号活动的事项信息等的功能,系统管理器(system manager)160执行管理密码信息的功能。例如,可以实现如下功能:在用户无法记起密码的情况下提供本用户账号的密码;以用户账号信息为基准而掌握密码变更现状以及通过人工操作更新密码。Furthermore, the password management device 110 includes a management control unit 150 and a system manager 160 . The management control unit 150 performs a function of storing event information of an administrator's activity on a user account, and the like, and a system manager (system manager) 160 performs a function of managing password information. For example, the following functions can be realized: provide the password of the user account if the user cannot remember the password; grasp the status of password changes based on the user account information and update the password through manual operation.

具体实施方式detailed description

参照图2而对如上所述地构成的密码管理装置100的操作进行说明。图2是示出根据图1的密码管理装置而管理密码的方法的流程图。The operation of the password management device 100 configured as described above will be described with reference to FIG. 2 . FIG. 2 is a flowchart illustrating a method of managing passwords according to the password management device of FIG. 1 .

首先,用户可以利用用户访问请求部110而决定要远程访问的管理模块。为此,用户可以操作参数生成部115而生成能够决定访问的管理模块的参数(S200)。First, the user can use the user access request unit 110 to determine a management module to be remotely accessed. For this purpose, the user can operate the parameter generation unit 115 to generate parameters capable of determining the management module to be accessed (S200).

如上所述,在参数中包括:包含要访问的管理模块的IP地址等信息的网络标识符;具有彼此不同的平台的管理模块的系统类型信息;要执行的密码管理功能类型信息;以及用户账号(ID)及用户密码等信息,因此可以利用所述参数而决定要远程访问的管理模块。As described above, the parameters include: a network identifier containing information such as the IP address of the management module to be accessed; system type information of management modules with platforms different from each other; password management function type information to be executed; and user account (ID) and user password and other information, so the parameters can be used to determine the management module to be accessed remotely.

因此,当借助配备于用户访问请求部110的参数生成部115而生成参数时,所述参数被传递到用户访问处理部120。此后用户访问处理部的远程连接生成部125基于参数中包括的信息而使用户终端访问某一个管理模块。Therefore, when parameters are generated by means of the parameter generation section 115 provided to the user access request section 110 , the parameters are passed to the user access processing section 120 . Thereafter, the remote connection generation unit 125 of the user access processing unit allows the user terminal to access a certain management module based on the information included in the parameters.

另外,在用户访问请求部110和密码管理装置100远程连接的情况下,首先应基于安全的安全政策而进行连接。为此,本实施例中,同时进行如下的一系列作业:选择包括基于各个管理模块所支持的加密技术的连接方法等在内的安全政策;以及选择用于信息交换的端口(port)编号等。In addition, when the user access request unit 110 and the password management device 100 are connected remotely, they should be connected based on a safe security policy first. For this reason, in the present embodiment, carry out a series of operations as follows simultaneously: Select the security policy including the connection method based on the encryption technology supported by each management module; And select the port (port) number for information exchange, etc. .

这是因为每个管理模块为了设置安全的远程连接而应用彼此异质(heterogeneous)的安全政策和访问生成技术。尤其对于Linux等操作系统而言,使用着SSH(安全外壳:Secure Shell)等加密的网络协议。This is because each management module applies each other's heterogeneous security policies and access generation techniques for setting up secure remote connections. Especially for operating systems such as Linux, encrypted network protocols such as SSH (Secure Shell: Secure Shell) are used.

例如,为了访问基于Linux的信息系统,需要使用SSH而生成远程连接。并且,微软公司的Windows操作系统提供WMI(Windows管理规范:Windows ManagementInstrumentation)等易于生成远程连接的技术。For example, in order to access a Linux-based information system, it is necessary to generate a remote connection using SSH. In addition, the Windows operating system of Microsoft Corporation provides technologies such as WMI (Windows Management Instrumentation: Windows Management Instrumentation) that are easy to create a remote connection.

并且,在用户访问请求部115和密码管理装置100彼此远程连接的情况下,模式信息被封装(encapsulation)后传递。如此,在利用参数而确定要访问的管理模块,并将用于远程访问的信息封装而传送时,与设计成支持特定服务的多种平台无关地,用户可以容易且安全地访问密码管理装置100。Also, when the user access request unit 115 and the password management device 100 are remotely connected to each other, the schema information is transmitted after being encapsulated. In this way, when the management module to be accessed is determined using parameters, and the information for remote access is packaged and transmitted, the user can easily and securely access the password management device 100 regardless of the various platforms designed to support specific services. .

另外,在用户所请求的密码管理功能中可以包括密码变更作业、查询最后的密码变更时刻以及用户账户查询等。以下对上述密码管理功能进行具体的说明。首先,密码变更作业的作业请求可以借助用户或者系统管理器160而产生。在此情况下,变更后的密码信息被重新存储/注册。In addition, the password management functions requested by the user may include password change operations, query of the last password change time, user account query, and the like. The above-mentioned password management function will be specifically described below. First, a job request for a password change job can be generated by a user or the system manager 160 . In this case, the changed password information is newly stored/registered.

并且,最终密码变更时刻查询功能和用户账户查询功能可以使用户能够查询自己更改密码的时间点,并且可以查询自己对ID及密码进行查询、更改的一系列的记录等。此时,每当如上所述地变更密码、查询密码的变更时间、查询用户账号,相关信息一定会被存储。Moreover, the final password change time query function and the user account query function can enable the user to query the time point when he changed his password, and can query a series of records of his ID and password query and change. At this time, whenever the password is changed, the password change time is inquired, and the user account is inquired as described above, the relevant information is always stored.

对于信息存储而言,在用户通过操作系统密码管理模块132、数据库管理系统(DBMS)密码管理模块134进行的情况下,分别自动存储于管理模块(S240)。因此,可以通过参数中记载的用户ID及密码等用户识别信息而检索相关用户的密码变更记录。但是,在由系统管理器160生成关于用户账号活动的事项的情况下,将相关事项以记录存储库的形态存储于管理控制部150。For information storage, when the user conducts it through the operating system password management module 132 and the database management system (DBMS) password management module 134, it is automatically stored in the management module respectively (S240). Therefore, the password change record of the relevant user can be retrieved using the user identification information such as the user ID and password described in the parameter. However, when the system manager 160 generates an event related to the user account activity, the related event is stored in the management control unit 150 in the form of a log repository.

在此情况下,系统管理器160将生成存储库并进行管理以存储针对用户账号活动的事项。通过图3表示出了关于对用户账号活动记录存储库的定义、用于查询最终密码变更时刻的数据库以及表(table)的定义的算法。In this case, system manager 160 will generate and manage a repository to store events for user account activity. FIG. 3 shows the definition of the user account activity record repository, the database for querying the final password change time, and the definition algorithm of the table (table).

并且,图4中定义了诱导存储用户账号活动记录中的最终密码变更时刻的事项,但是可以容易地扩展到关于用户系统活动的其他事项。另外,本发明的密码管理功能还提供多种服务。Moreover, the item that induces storage of the final password change time in the user account activity record is defined in FIG. 4 , but it can be easily extended to other items related to user system activities. In addition, the password management function of the present invention also provides various services.

即,密码备份及统计信息管理部140将用户的密码加密而利用密码信息管理模块142周期性地备份,并将用户的访问请求处理明细等记录在统计信息管理模块144而生成统计信息,并将其通知给系统管理器160。在此情况下,能够使用复杂度较高的密码,因此可以防止密码容易地被泄露。为了应对用户无法记住密码的情形,在发生用户或系统管理器160的请求的情况下,密码管理装置100给用户传递密码信息。That is, the password backup and statistical information management unit 140 encrypts the user's password and periodically backs it up using the password information management module 142, records the user's access request processing details, etc., in the statistical information management module 144 to generate statistical information, and It notifies the system manager 160 . In this case, a password with high complexity can be used, so that the password can be prevented from being easily leaked. In order to cope with the situation that the user cannot remember the password, the password management device 100 transmits password information to the user when a request from the user or the system manager 160 occurs.

并且,为了防止由于密码陈旧而导致其安全隐患增加,还提供给用户通知密码变更时刻、强制更新(自动更新)的服务。即,系统管理器160持续地检查所存储的密码的设定时间信息而核对密码的变更时间点。In addition, in order to prevent the increase in security risks due to obsolete passwords, users are also provided with services of notifying users of password change times and forcing updates (automatic updates). That is, the system manager 160 continuously checks the stored password setting time information to check the password change time point.

因此,在预设时间段内或者经过一定时间后,在针对用户ID没有密码变更明细的情况下,向用户传递建议改变密码的消息。并且,如果在传递所述建议变更密码的消息之后,用户也没有进行密码变更操作,则将用户ID的密码自动变更并将包含变更后的密码信息的消息传递给用户。信息的传递可以通过用户的E-mail、文字短信等进行。Therefore, if there is no password change detail for the user ID within a preset period of time or after a certain period of time, a message suggesting a password change is delivered to the user. Moreover, if the user does not perform a password change operation after the message suggesting changing the password is delivered, the password of the user ID is automatically changed and a message including the changed password information is delivered to the user. The transmission of information can be carried out through the user's E-mail, text message, etc.

如上所述,本发明的密码管理装置100对用户的密码管理活动的明细进行记录并生成对此的统计信息。据此生成的统计信息作为判断用户有多频繁地执行密码变更及查询功能的依据。并且,为了防止用户持续使用很久而表现出安全方面的隐患的密码,传送建议变更密码的消息,或者进行强制更新(自动变更)。另外,如上所述,本发明的方法可以通过电脑程序制成。As described above, the password management device 100 of the present invention records the details of the user's password management activities and generates statistical information thereon. The statistical information generated based on this is used as the basis for judging how frequently users perform password change and query functions. In addition, in order to prevent the user from continuing to use the password for a long time and showing a security risk, a message recommending changing the password is sent, or a forced update (automatic change) is performed. In addition, as described above, the method of the present invention can be produced by a computer program.

并且,构成所述程序的代码及代码段能够被本领域的程序员容易地推出。并且,所述制成的程序被存储于计算机可读记录介质(信息存储介质),并被电脑读取而执行,从而实现本发明。并且,所述记录介质包括所有计算机可读形态的记录介质(CD、DVD等有形介质以及载波等无形介质)。And, codes and code segments constituting the programs can be easily deduced by programmers skilled in the art. Furthermore, the created program is stored in a computer-readable recording medium (information storage medium), read and executed by a computer, and realizes the present invention. In addition, the recording medium includes all computer-readable recording media (tangible media such as CDs and DVDs, and intangible media such as carrier waves).

在不脱离本发明的技术思想的范围内,上述的本发明能够被在本技术领域具有基本知识的人员进行多种置换、变形及变更,因此本发明不限于上述实施例及附图。Without departing from the technical idea of the present invention, the above-mentioned present invention can be variously replaced, modified and changed by those with basic knowledge in the technical field, so the present invention is not limited to the above-mentioned embodiments and accompanying drawings.

Claims (7)

1. a kind of Password Management device, including:
User's access process portion, is connected remotely to provide different from each other according to the parameter comprising in the access request of user terminal The management module of service in some management module;
Password Management enforcement division, executes the Password Management request of the user transmitting by described user's access process portion.
2. Password Management device as claimed in claim 1, wherein,
Described management module includes:Operating system Password Management module, data base management system's Password Management module and network set Standby Password Management module.
3. Password Management device as claimed in claim 1, wherein, also includes:
Management control unit, provides encrypted message, the present situation grasping the encrypted message after change or management to described user terminal The password update information of Help of System manager.
4. Password Management device as claimed in claim 3, wherein, also includes:
Information encapsulation that described Password Management device is received and dispatched when remotely accessing described user terminal requests and process.
5. Password Management device as claimed in claim 3, wherein,
Described user terminal is used for inquiring about the catalogue of the registered user in described management control unit and the last change of user is close The information of code.
6. a kind of Password Management device, including:
Statistical information management module, for storing user's access time, user access request processes managing detailed catalogue;
Encrypted message management module, for administrator password modification information and backup information.
7. Password Management device as claimed in claim 6, wherein,
Described termination is by described encrypted message management module to the up-to-date encrypted message giving according to each user Confirmed.
CN201580034623.3A 2014-04-30 2015-04-17 password management device Pending CN106489151A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
KR1020140052890A KR101449381B1 (en) 2014-04-30 2014-04-30 Device for password management
KR10-2014-0052890 2014-04-30
PCT/KR2015/003894 WO2015167152A1 (en) 2014-04-30 2015-04-17 Device for managing password

Publications (1)

Publication Number Publication Date
CN106489151A true CN106489151A (en) 2017-03-08

Family

ID=51997225

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580034623.3A Pending CN106489151A (en) 2014-04-30 2015-04-17 password management device

Country Status (4)

Country Link
JP (1) JP2017521800A (en)
KR (1) KR101449381B1 (en)
CN (1) CN106489151A (en)
WO (1) WO2015167152A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114679368A (en) * 2022-03-04 2022-06-28 南方电网数字电网研究院有限公司 A polymorphic type domain control terminal management method and system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7302412B2 (en) * 2019-09-27 2023-07-04 コニカミノルタ株式会社 User authentication system, biometric information server, image forming apparatus and its program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020032892A (en) * 2000-10-27 2002-05-04 구자홍 Integrated Management System And Method For User Password Of Multi UNIX Server
JP2010049331A (en) * 2008-08-19 2010-03-04 Creationline Inc Management device, method, and program for network equipment
JP4709214B2 (en) * 2004-06-29 2011-06-22 アボセント フレモント コーポレイション System and method for integrating, securing and automating out-of-band access to nodes in a data network

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000020469A (en) 1998-07-02 2000-01-21 Nec Corp Method and devise for managing password
JP2000029836A (en) * 1998-07-13 2000-01-28 Hitachi Ltd User management system and management method
CN1838672A (en) * 2002-03-18 2006-09-27 索尼株式会社 Information processing system, information processing device, and method
JP2003330885A (en) * 2002-05-08 2003-11-21 Nec Corp System, method, and program for altering directory server password, and password alteration control server
JP2006185330A (en) * 2004-12-28 2006-07-13 Kyocera Mita Corp Password management device, and its management method and management program
JP4863777B2 (en) * 2006-06-07 2012-01-25 富士通株式会社 Communication processing method and computer system
JP5824744B2 (en) * 2011-09-28 2015-11-25 西日本電信電話株式会社 Information processing system and information processing method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020032892A (en) * 2000-10-27 2002-05-04 구자홍 Integrated Management System And Method For User Password Of Multi UNIX Server
JP4709214B2 (en) * 2004-06-29 2011-06-22 アボセント フレモント コーポレイション System and method for integrating, securing and automating out-of-band access to nodes in a data network
JP2010049331A (en) * 2008-08-19 2010-03-04 Creationline Inc Management device, method, and program for network equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114679368A (en) * 2022-03-04 2022-06-28 南方电网数字电网研究院有限公司 A polymorphic type domain control terminal management method and system

Also Published As

Publication number Publication date
JP2017521800A (en) 2017-08-03
WO2015167152A1 (en) 2015-11-05
KR101449381B1 (en) 2014-10-10

Similar Documents

Publication Publication Date Title
US11487885B2 (en) Enabling and validating data encryption
US9069944B2 (en) Managing passwords used when detecting information on configuration items disposed on a network
US10467597B2 (en) System and method of mobile check-in and cloud system thereof
JP2009032266A (en) System and method for secure file transfer
US9043456B2 (en) Identity data management system for high volume production of product-specific identity data
US10242207B2 (en) Technology for confidentiality advising
CN104615916A (en) Account management method and device and account permission control method and device
CN105989426A (en) Customer relationship management system facing standard information service industry
US10785219B1 (en) Methods, systems, and computer readable mediums for securely establishing credential data for a computing device
CN103095720A (en) Safety management method of cloud memory system based on session management server
US10333939B2 (en) System and method for authentication
US20150020179A1 (en) Cloud computing system
JP4860779B1 (en) Distributed data storage system
CN109951375B (en) Method and system for triggering service function of SAP system based on mail system
WO2018108423A1 (en) System and method for user authorization
WO2016122685A1 (en) Authorization for multiple user data storage and separation
US20240356854A1 (en) Access control for restricted entities
CN106489151A (en) password management device
JP7178811B2 (en) Service support system and service support method
JP2016218770A (en) Electronic file transfer system
CN113691555A (en) Information resource sharing method facing business activity
JP6750260B2 (en) Information processing device and agent system
KR101409348B1 (en) Method of verifying and managing user based on universal user identification information
KR101600596B1 (en) Method for managing password, device for changing password, and computer readable recording medium applying the same
CN106790042B (en) SKYPE records anti-deletion system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20170308

WD01 Invention patent application deemed withdrawn after publication