JP2006113885A - Computer locking system and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a computer locking system by which previously determined application software, a drive, a folder or a file only is used even when a computer is locked. <P>SOLUTION: The computer locking system has: a display means 206; a receiving means 205 for receiving an authentication code from a portable device 100; a storage means 203 for storing a first authentication mode for unlocking the computer; a selection means 204 for selecting the application software, the drive, the folder or the file useable when the computer is locked; and a control means 201 for locking the computer by displaying a locking picture on the display means when the received authentication code does not coincide with the first authentication code. Regardless of the display of the locking picture, the application software, the drive, the folder or the file selected by the selection means is useable. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a computer locking system and a computer locking method including at least a portable device and a computer.

  When a user uses a PC (Personal Computer) or the like to input highly confidential information or create a document, when the user leaves the PC, the data stored in the PC can be freely obtained by a third party. There is a need to prevent it from being viewed, downloaded, tampered with, or erased.

  Therefore, if user recognition information configured to transmit user recognition information from a portable device carried by the user and receive the user recognition information on the PC side matches the one registered in advance, use of the PC There is known a security system that controls the PC to be unusable if they do not match (for example, Patent Document 1).

  However, once the PC is unavailable, all application software cannot be used, and the application software without security problems and the information necessary for the period when the PC is unavailable are displayed. There is a disadvantage that all application software including the application software for doing so cannot be used.

JP 2000-99187 (page 5-6, Fig. 2)

  Then, an object of this invention is to provide the computer locking system which made it possible to eliminate said malfunction.

  Another object of the present invention is to provide a computer locking system in which only predetermined application software, a drive, a folder, or a file can be used even when the computer is locked. To do.

In order to solve the above problems, a computer locking system according to the present invention comprises display means,
Receiving means for receiving an authentication code from a portable device, storage means for storing a first authentication code for unlocking the computer, and application software and drive that can be used when the computer is locked A selection means for selecting a folder or a file, and a control means for locking the computer by displaying a lock screen on the display means when the received authentication code does not match the first authentication code. The application software, drive, folder or file selected by the selection means can be used regardless of the display of the lock screen.

  In the computer locking system according to the present invention, the control means includes application software, drive, folder or file selected by the selection means, application software that is operating when the computer is locked, and application software that is operating. It is preferable that only the drive, folder or file currently used by can be used regardless of the display of the lock screen. Even when the computer is locked, only the currently operating application software and the drive, folder or file used by the application software can be used continuously.

  In the computer locking system according to the present invention, the application software is preferably a screen saver, and the screen saver preferably displays a destination of a user holding the portable device. The screen saver is used as a destination display for the user holding the portable device, and can be displayed regardless of the lock of the computer.

  In the computer locking system according to the present invention, it is preferable that the selection means is a means for designating which one of the lock screen and the screen saver is displayed with priority when the computer is locked. If the screen saver is specified to be given priority, the screen saver will be displayed if the screen saver is activated even if it is locked, and if the screen saver is specified to be given priority, the locked screen will be displayed. Will be displayed.

  In order to solve the above problem, the computer locking method according to the present invention selects application software, a drive, a folder, or a file that can be used when the computer is locked, and receives an authentication code from the portable device. When the received authentication code does not match the first authentication code, the computer is locked by displaying a lock screen on the display means, and the selected application software, drive, folder or file is displayed regardless of the display of the lock screen. Is made available.

  According to the present invention, even if a computer is locked, pre-selected application software, a drive, a folder, or a file can be continuously used, and a computer locking system can be used according to a user's purpose. did.

  Further, according to the present invention, it is possible to effectively use the computer itself even when the user who manages the computer is absent.

  Furthermore, according to the present invention, even if the computer is locked, the screen saver that also serves as a destination display for the user holding the portable device for unlocking the computer can be displayed with priority on the locked screen. Therefore, it is possible to easily find a contact even when the user who manages the computer is absent.

  Hereinafter, a computer locking system according to the present invention will be described with reference to the drawings.

  FIG. 1 shows a schematic configuration of a computer locking system according to the present invention.

  The mobile device 100 transmits the encryption code 10 at a predetermined time interval (for example, every 2 seconds). The encryption code 10 is an authentication ID code encrypted. The PC terminal A200 receives and decrypts the encryption code 10, and when the decrypted encryption code matches the authentication ID code stored in advance, the use of the PC terminal A200 is permitted. The screen 203 displays that the PC terminal A200 is locked (locked). When the PC terminal A200 is locked, it becomes impossible to input data from the keyboard 217 and the mouse 218 (or input becomes invalid), and in principle, a lock screen that displays that the lock is made (FIG. 1). Only Browse) is displayed.

  The mobile device 100 is configured in a batch type on the assumption that the user always carries it, but an existing information terminal device such as a business card size card type, wristwatch type, mobile phone, PDA, small PC terminal hanging from the neck The size, weight, form, etc. are not particularly limited.

  The PC terminal A200 acquires the encryption code at a predetermined interval, decrypts the encryption code, acquires the authentication ID code, and authenticates the mobile device 100. When the mobile device 100 is authenticated, the use of the PC terminal A200 is permitted. However, if the encryption code 10 cannot be received due to a failure of the mobile device 100 and / or battery exhaustion, deterioration of the reception state, etc., the PC terminal A200 cannot authenticate and locks the PC terminal A200. As will be described later, the PC terminal A200 is connected to a LAN network.

  FIG. 2 shows a schematic block diagram of the mobile device 100 and the PC terminal A200.

  The portable device 100 includes a first control unit 101, a bus 102, a first storage unit 103 configured from various storage media connected to the first control unit 101 via the bus 102, a first configured from buttons, and the like. The operation unit 104 includes a first transmission / reception unit 105 for wirelessly transmitting an encryption code, a power supply circuit (not shown) including a battery, and the like.

  The first control unit 101 includes a CPU core, a ROM (Read Only Memory) for storing programs, a RAM (Random Access Memory) as a work area, a peripheral circuit, and the like, and an authentication ID stored in advance. DES encryption / decryption means 111 for encrypting the code to create an encryption code is provided. The first transmission / reception unit 105 is a wireless transmitter having only a single transmission channel (transmission frequency).

  The PC terminal A 200 includes a second control unit 201, a bus 202, a second storage unit 203 configured by a storage medium such as a hard disk connected to the second control unit 201 via the bus 202, a keyboard 217, and a mouse 218. A second operation unit 204 configured, a second transmission / reception unit 205 for receiving an encryption code, a display unit 206 configured by a liquid crystal or CRT display, and a LAN connection unit 207 for connection to a management computer via a LAN cable Etc.

  The second control unit 201 includes a CPU core, a ROM for storing a program, a RAM as a work area, a peripheral circuit, and the like, and DES encryption / decryption for decrypting a received encryption code. It has the conversion means 210.

  The second transmission / reception unit 205 always stores the received latest encryption code in a predetermined area of the second storage unit 203.

  FIG. 3 shows an example in which the PC terminal A200 is installed together with other PC terminals.

  In the example of FIG. 3, the PC terminal A200 is installed in a predetermined section (Room 501 on the 5th floor), is connected to the LAN network 150, and holds a portable device 100 to which a legitimate user of the PC terminal A200 corresponds. ing. Further, six PC terminals B230, PC terminal C240, PC terminal D250, PC terminal E260, PC terminal F270, PC terminal G280, and management PC 300 belonging to the same section are connected to the LAN network 150. The management PC 300 and the PC terminals 220 to 280 have the same configuration as the PC terminal A 200 described above, and are configured to be able to transmit / receive data to / from each other via the LAN network 150. The management PC 300 stores all the correspondence relationships between the PC terminals and the authentication ID codes of the mobile devices received by the PC terminals and the reception unit, and transmits the information to the PC terminals via the LAN network 150. It is configured to be able to.

  Here, when the authorized user holds the portable device 170 corresponding to the authorized user and approaches the PC terminal F270 in the vicinity of the PC terminal F270, the PC terminal F270 receives the encrypted data from the portable device 170, and the PC terminal F270. Is unlocked and ready for use. In FIG. 3, the other PC terminal B230 to PC terminal E260 and PC terminal G280 are in a locked state.

  FIG. 4 illustrates a state in which the user 120 illustrated in FIG. 3 has moved to a seat in the reception area of the fifth reception unit 292 of the first conference room on the sixth floor for a conference.

  FIG. 4 shows a predetermined meeting room (first meeting room on the 6th floor), and the PC terminal Z290 arranged in the room is connected to the LAN network 150 to which the PC terminals A200 to G280 are connected. It is connected. Further, receivers 291 to 296 capable of receiving encryption codes from portable electronic devices are arranged at six locations in the room, and are connected to the PC terminal Z290, respectively.

  Each PC terminal Z 290 has a configuration similar to that of the PC terminal A 200 described above, and is configured to be able to transmit and receive data to and from each other via the LAN network 150. In FIG. 4, each receiving unit 291 to 296 is connected to the PC terminal Z 290, but a device that can directly connect each receiving unit to the LAN 150 may be used.

  In the situation of FIG. 4, since the user 120 and the mobile device 100 do not exist in the 501 room on the 5th floor shown in FIG. 3, the PC terminal A200 cannot acquire a regular authentication ID code, and locks the PC terminal A200. Then, a lock screen as shown in FIG. 1 is displayed on the display unit 206 of the PC terminal 200. However, in the PC terminal A200, when the screen saver indicating the destination of the user 120 is activated, control is performed so that the screen saver is displayed with priority over the lock screen.

  FIG. 5 shows an example of a screen saver indicating the destination of the user 120.

  The name of the user 120 is displayed in 501 in FIG. 5A and the name 504 in FIG. 5B, and the current location of the user 120 is displayed in 502 in FIG. 5A and 506 in FIG. 5B. In FIG. 5B, a position 505 is displayed at the destination location. Reference numeral 503 in FIG. 5A and 507 in FIG. 5B are display switching buttons, which are configured to be able to switch and display between FIG. 5A and FIG. 5B.

  The location information of the reception unit 292 of the PC terminal Z290 that has detected the mobile device 100 of the user 120 is transmitted to the PC terminal A200 via the LAN network 150, and the destination of the user 120 is displayed according to the location information of the reception unit 292. Is done. In addition, each receiving part, the positional information corresponding to the receiving part, and the correspondence between each user and the mobile device are stored in the PC terminal A200 in advance as a database. As shown in FIGS. 5A and 5B, a destination of a user having a portable device can be automatically displayed as a screen saver using a LAN network or the like.

  FIG. 6 shows an example of a control flow of the computer locking system according to the present invention when the screen saver has priority over the locking screen.

  The flow shown in FIG. 6 is configured to be executed mainly by the second control unit 201 according to a computer locking system program installed in advance in the second storage unit 203 of the PC terminal A200. Further, the first control unit 101 of the mobile device 100 acquires the first authentication ID code stored in the first storage unit 103 and encrypts it by the DES encryption / decryption means 111 to create an encryption code. The encryption code is programmed to be transmitted from the first transmission / reception unit 105 at a predetermined interval (for example, every 2 seconds).

  First, a computer locking system program is started in the PC terminal A200, and a predetermined operation for starting security management is performed on the display unit 206 of the PC terminal A200 (S601).

  By starting up the system program, a second authentication ID code for authenticating the corresponding portable device 100 is stored in the second storage unit 203.

  Next, the second control unit 201 acquires the latest encryption code received by the second transmission / reception unit 205 (S602), and the DES encryption / decryption means 210 decrypts the encryption code (S606). The authentication ID code can be acquired by decrypting the encryption code.

  Next, the second control unit 201 determines whether or not the authentication ID code decrypted in S603 matches the second authentication ID code stored in the second storage unit 203 in advance (S604). If the authentication ID code decrypted in S603 matches the second authentication ID code, the second control unit 201 does not lock the PC terminal A200 (while keeping it available), and again at a predetermined interval (for example, 2 S602 to S604 are repeated at intervals of seconds). Therefore, as long as the PC terminal A200 continues to receive a regular encryption code (authentication ID code) from the portable device 100 at a predetermined interval, the PC terminal A200 is maintained in an available state.

  If the authentication ID code decrypted in S603 does not match the second authentication ID code, the second control unit 201 locks the PC terminal A200 (S605), and displays the lock screen (see FIG. 1) on the display unit 206. (S603).

  Next, the second control unit 201 determines whether the screen saver is being activated (S607). The screen saver refers to a screen that automatically starts up and is displayed on the display unit 206 when the operation unit 204 is not operated during a set period. In the present embodiment, when the operation unit 204 is not operated during the set period, the user destination display screen shown in the screen of FIG. 5A is displayed on the display unit 206 as a screen saver. Note that when the operation unit 204 (for example, the keyboard 217 other than the display switching buttons in FIGS. 5A and 5B) is operated, the screen saver screen is automatically deleted.

  If the screen saver is activated, the screen saver is displayed on the front (S608). That is, the screen in FIG. 5A is displayed on the display unit 206. If the screen saver is not activated, the screen saver is not displayed on the front side and the process proceeds to the next step.

  Thereafter, the second control unit 201 again obtains the latest encryption code (S609), decrypts the encryption code (S610), and does the authentication ID code obtained by the decryption match the second authentication ID code? It is determined whether or not (S611). The steps S609 to S611 are performed again even if the failure of the mobile device 100 or the transmission / reception state deteriorates and a state in which the normal authentication ID code cannot be obtained occurs, the failure of the mobile device 100 is recovered or the transmission / reception state is changed. This is because there is a case where a good authentication ID code is obtained.

  If the authentication ID code decrypted in S611 does not match the second authentication ID code, the second control unit 201 determines whether or not the screen saver is active (S612). If the screen saver is active, the screen saver is displayed. The front is displayed (S613), and S609 to S613 are repeated. That is, the PC terminal A200 is kept locked. If the screen saver is not activated in S612, the process returns to S609.

  If the authentication ID code decrypted in S611 matches the second authentication ID code, the second control unit 201 unlocks the PC terminal A200 (S614), deletes the lock screen (S615), and S602. Return to and repeat normal operation.

  FIG. 7 shows an example of the screen switching operation when the screen saver has priority over the lock screen.

  FIG. 7A shows a case where the screen saver is activated while the PC terminal A200 is locked, and FIG. 7B shows a case where the PC terminal A200 is locked while the screen saver is activated.

  FIG. 7A illustrates a situation in which the PC terminal A200 is locked at time 702, the screen saver is activated at time 703, the screen saver is deactivated at time 704, and the PC terminal A200 is unlocked at time 705. Yes. In this embodiment, since the screen saver has priority, the screen saver is displayed while the screen saver is activated (time 703 to time 704), and the lock screen is displayed when the screen saver is not activated ( Time 702 to time 703 and time 704 to time 705).

  FIG. 7B shows a situation in which the screen saver is activated at time 707, the PC terminal A200 is locked at time 708, the activation of the screen saver is canceled at time 709, and the PC terminal A200 is unlocked at time 710. Yes. In this embodiment, since the screen saver has priority, the screen saver is displayed while the screen saver is activated (time 707 to time 709), and the lock screen is displayed when the screen saver is not activated ( Time 709 to time 710).

  As described above, even when the PC terminal A200 is locked, when the screen saver is not displayed and the screen saver is activated, the screen saver is displayed with priority. It has become possible to use the display screen.

  In the above embodiment, when locked (locked), priority is given to the screen saver over the locked (locked) screen, but it is also possible to allow the user to select which screen is prioritized.

  FIG. 8 shows an example of a screen for selecting a priority screen.

  In FIG. 8, selection that gives priority to the screen saver is made in 801, but by selecting 802, control can be made to give priority to the lock (lock) screen. Note that only one of 801 and 802 can be selected.

  FIG. 9 shows an example of the screen switching operation when the lock (lock) screen has priority over the screen saver.

  FIG. 9A shows a case where the screen saver is activated while the PC terminal A200 is locked, and FIG. 9B shows a case where the PC terminal A200 is locked while the screen saver is activated.

  FIG. 9A shows a situation where the PC terminal A200 is locked at time 902, the screen saver is activated at time 903, the PC terminal A200 is unlocked at time 904, and the activation of the screen saver is canceled at time 905. Yes. In this embodiment, since the lock (lock) screen has priority, the lock screen is displayed while locked (time 902 to time 904), the screen is not locked and the screen saver is not activated. Displays a screen saver (time 904 to time 905).

  FIG. 9B shows a situation in which the screen saver is activated at time 907, the PC terminal A200 is locked at time 908, the PC terminal A200 is unlocked at time 909, and the screen saver is deactivated at time 910. Yes. In this embodiment, since the lock (lock) screen has priority, the lock screen is displayed while locked (time 908 to time 909), the screen is not locked and the screen saver is activated. A screen saver is displayed (time 907 to time 908 and time 909 to 910).

  In this example, when locked (locked), it was configured to select which of the lock screen (screen) and screen saver should be displayed preferentially, but it should be used when locked (locked). The user can select application software, drive, folder or file that can be used, and the preselected application software, drive, folder or file can be used even when the PC is locked. As described above, except that a user who holds a legitimate portable device uses the PC, the third party can pull out important data from the PC or lock it to the PC. This is because the stored confidential data is not changed, deleted, or added. Therefore, if the application software is not related to heavy data or confidential data, it is possible to set the PC to be used by a third party who does not hold a legitimate portable device.

  FIG. 10 shows an example of a screen for selecting application software that can be used when the PC is locked.

  In FIG. 10, application software that can be used when the PC is locked can be selected using 1001 to 1004. Note that application software that should not be used when the PC is locked may be selected, and other application software may be configured to be usable when the PC is locked. Further, in addition to the application software, a hard disk drive, folder, file, or the like may be selected in the same manner. A plurality of 1001 to 1004 can be selected.

  FIG. 11 shows an example of a control flow for making it possible to use application software that is operating when the PC is locked.

  The flow shown in FIG. 11 is configured to be executed mainly by the second control unit 201 in accordance with a computer locking system program installed in advance in the second storage unit 203 of the PC terminal A200. Further, it is assumed that application software that can be used when the PC is locked is selected in advance by the method shown in FIG. In the control flow of FIG. 11, a specific method for locking the PC is omitted.

  First, the second control unit 201 determines whether to lock the PC terminal A200 (S1101). When it is determined that the PC terminal A200 is not locked, as described above, the determination as to whether or not the PC terminal A200 is locked is repeated using the authentication ID code decrypted from the encryption code at predetermined intervals.

  If it is determined in S1101 that the PC terminal A200 is locked, the second control unit 201 displays the locking screen (see FIG. 1) on the foreground of the display unit 206 (S1102). As a result, all application software that has been operated until then cannot be identified from the user side by the lock screen.

  Next, the second control unit 201 acquires the number of currently running application software from the PC terminal A200 and sets it to N (S1103), reads the setting of the application software (S1105), and can be used at the time of locking. (S1106), if it is available, it is displayed in front of the lock screen to make it available (S1107), and this is repeated by the number (N) of application software (S1104, S1108). And S1109).

  Next, the second control unit 201 determines whether to unlock the PC terminal A200 (S1110). If it is determined that the PC terminal A200 is not unlocked, as described above, the determination as to whether or not the PC terminal A200 is locked is repeated at predetermined intervals using the authentication ID code decrypted from the encryption code.

  If it is determined in step S1110 that the PC terminal A200 is unlocked, the lock screen is deleted and the process returns to step S1101.

  As described above, in the control flow of FIG. 11, among the application software that is selected in advance as being usable when the PC is locked, only the software that is operating when the PC is locked can be used even after the PC is locked. . Therefore, in the case of application software with low confidentiality, it is possible to continue to use the application software even when there is no user holding the regular portable device 100. Furthermore, it is preferable that the hard disk drive, folder, file, or the like used by the application software made available when the PC is locked can be continuously used in the same manner.

  Next, a computer locking system for unlocking a PC terminal by a plurality of portable devices will be described with reference to FIGS.

  FIG. 12 shows a schematic configuration of another computer locking system using one PC terminal.

  In the example of FIG. 12, in order to unlock the PC terminal A200, seven authentication ID codes from the portable devices 100 and 130 to 180 are required. For example, in handling very sensitive data, the PC can be used only after approval by a plurality of users.

  However, if the authentication ID codes from the seven mobile devices 100 and 130 to 180 are always required to keep using after unlocking the PC terminal A200, seven users are always in the vicinity of the PC terminal A200. It is inconvenient to be there. Therefore, in this embodiment, the PC terminal A200 is configured to continue to be used if the authentication ID codes from the three mobile devices 100, 130, and 140 among the seven mobile devices can be received.

  Furthermore, in the present embodiment, the PC terminal A200 is configured to be locked when an authentication ID code from a mobile device other than the seven mobile devices 100, 130 to 180 is detected by the PC terminal A200. When a person other than a predetermined person approaches the vicinity of the PC terminal A200, the PC terminal 200 for maintaining confidentiality is locked.

  That is, in the present embodiment, a mobile device group is formed that constitutes a group A that unlocks a PC, a group B that maintains the PC in an available state, and a group C that immediately locks the PC.

  FIG. 13 shows an example of a table that defines grouping for each portable device.

  The table shown in FIG. 13 shows the portable device number 1301 and the authentication ID code 1302 in association with those included in the group A 1303, the group B 1304, and the group C 1305. As described above, group A shows portable devices necessary for unlocking PC terminal A200, group B shows portable devices necessary for continuing to use PC terminal A200 after unlocking PC terminal A200, Group C indicates a portable device that locks the PC terminal 200. The table shown in FIG. 13 is stored in advance in the second storage unit 203 of the PC terminal A200.

  FIG. 14 shows an example of a control flow according to the present embodiment.

  The flow shown in FIG. 14 is configured to be executed mainly by the second control unit 201 according to a computer locking system program installed in advance in the second storage unit 203 of the PC terminal A200. Further, it is assumed that an encryption code obtained by encrypting each authentication ID code (ID1 to ID7) as shown in FIG. 13 is transmitted from each portable device 100, 120 to 180 at a predetermined time interval.

  First, has the second control unit 201 received all authentication ID codes (ID1 to ID3) corresponding to the group B by decrypting all received encryption codes by the DES encryption / decryption unit 210? It is determined whether or not (S1401).

  When all the groups B have been received, the second control unit 201 determines whether or not one or more authentication ID codes (ID1000 to ID1002, etc.) corresponding to the group C have been received (S1402). . If no authentication ID code corresponding to group C has been received, steps S1401 and S1402 are repeated at predetermined intervals while the PC terminal A200 is maintained in an available state.

  If all authentication ID codes corresponding to group B have not been received in S1401, or if at least one authentication ID code corresponding to group C has been received in S1402, the second control unit 201 determines the PC terminal A200. Locking is performed (S1403).

  Next, the second control unit 201 determines whether or not all authentication ID codes (ID1 to ID7) corresponding to the group A have been received (S1404). Next, when all of the group A are received, the second control unit 201 determines whether or not an authentication ID code (ID1000 to ID1002 or the like) corresponding to the group C has been received (see FIG. S1405). If no authentication ID code corresponding to group C has been received, the PC terminal A200 is unlocked (S1406), and the process returns to S1401.

  FIG. 15 shows an example in which the computer locking system is applied to a PC terminal group composed of a plurality of units.

  In the example of FIG. 15, the computer locking system is applied to a group of seven PC terminals. Here, when the authentication ID codes of the seven regular portable devices 100 and 130 to 180 (A group) corresponding to the seven PC terminals A to G are acquired, the PC terminal group is unlocked and specified. When the authentication ID codes of the mobile devices 100, 130 and 140 (group B) are acquired, the PC terminal group can be used continuously, and the authentication ID codes of the mobile devices (group C) other than the seven regular mobile devices are registered. When acquired, a group of 7 PC terminals was locked.

  Further, the management PC 300 connected to the LAN network 150 performs the unlocking, locking, and maintenance of the usable state of the seven PC terminal groups. In this system, a mobile device group is formed that constitutes a group A that unlocks a PC, a group B that maintains the PC in an available state, and a group C that immediately locks the PC.

  FIG. 16 shows an example of a table that defines grouping for each mobile device.

  The table shown in FIG. 16 shows the PC terminal 1600, the portable device number 1601 and the authentication ID code 1602 corresponding to each PC terminal, and those included in the group A 1603, the group B 1604, and the group C 1605 in association with each other. As described above, group A indicates portable devices necessary for unlocking the PC terminal group, group B indicates portable devices necessary for continuing to use the PC terminal group after the unlocking, and group C. Indicates a portable device that locks the PC terminal group. The table shown in FIG. 16 is stored in advance in the management PC 300 connected to the LAN network 150, and the management PC 300 performs unlocking, locking, and maintenance of the usable state of the seven PC terminal groups.

  As described above, if a plurality of authentication ID codes (group A) are not prepared, the PC (one or a plurality of units) is not unlocked, and if a plurality of authentication ID codes (group B) are not prepared, the PC (one unit) Or a plurality of units), and even if another authentication ID code (group C) is received, the PC (one or more units) is locked. It became possible to provide a locking system. The group B is preferably a part of the group A, but is not limited thereto.

It is a figure which shows schematic structure of the computer locking system based on this invention. It is a block diagram which shows an example of the portable apparatus and PC terminal which are used for the computer locking system which concerns on this invention. It is a figure which shows the example of installation of a PC terminal. It is a figure which shows the example of a position detection of the moved portable apparatus. It is a figure which shows an example of the screen saver for performing a user destination display. It is a figure which shows an example of the control flow of the computer locking system which concerns on this invention. It is a figure which shows an example of the switching operation of a screen when giving priority to a screen saver over a lock screen. It is a figure which shows an example of the screen for selecting the screen to give priority. It is a figure which shows an example of the switching operation | movement of a screen when giving priority to a locking screen over a screen saver. It is a figure which shows an example of the screen for selecting the application software which can be utilized at the time of locking of PC. It is a figure which shows an example of the control flow for making the application software in operation | work possible at the time of locking of PC. It is a figure which shows schematic structure of the other computer locking system using one PC terminal. It is a figure which shows an example of grouping for every portable apparatus. It is a figure which shows an example of the control flow of another computer locking system. It is a figure which shows schematic structure of the further another computer locking system using several PC terminal. It is a figure which shows an example of grouping for every portable apparatus.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Portable apparatus 101 1st control part 103 1st memory | storage part 105 1st transmission / reception part 110 Encryption / decoding means 200 PC terminal 201 2nd control part 203 2nd memory | storage part 204 2nd operation part 206 Display part 210 Encryption / Compounding means 300 Management PC

Claims (6)

A computer locking system for locking a computer,
Display means;
Receiving means for receiving an authentication code from the portable device;
Storage means for storing a first authentication code for unlocking the computer;
A selection means for selecting application software, a drive, a folder or a file that can be used when the computer is locked;
Control means for locking the computer by displaying a lock screen on the display means when the received authentication code does not match the first authentication code;
The control means can use the application software, drive, folder or file selected by the selection means regardless of the display of the lock screen.
A computer locking system characterized by that.   The control means includes the application software, drive, folder or file selected by the selection means, the application software being operated when the computer is locked, and the drive, folder or file being used by the operating application software. The computer locking system according to claim 1, wherein only the file can be used regardless of the display of the locking screen.   The computer locking system according to claim 1, wherein the application software is a screen saver.   The computer lock system according to claim 3, wherein the screen saver displays a destination of a user holding the portable device.   5. The computer locking system according to claim 3, wherein the selection unit specifies which of the lock screen and the screen saver is to be displayed with priority when the computer is locked. 6. A computer locking method for locking a computer having display means and storage means for storing a first authentication code,
Select application software, drive, folder or file to be available when the computer is locked,
Receive the authentication code from the mobile device,
If the received authentication code does not match the first authentication code, lock the computer by displaying a lock screen on the display means,
Regardless of the display of the lock screen, the selected application software, drive, folder or file can be used.
A computer locking method comprising steps.

Images