JP2002245010A - Account management system - Google Patents

Abstract

(57) [Summary] [Problem] Conventionally, when registration of an account ID is received from a user, an account ID has been assigned to a user who has been requested almost without examination. For this reason, there has been a problem in that system resources and the like to which the use right is given by registration of the account ID are used illegally. SOLUTION: The account management system of the present invention comprises:
A reception for accepting an account ID assignment request and inputting user's personal information for examination. If the examination result is OK, a front for instructing creation of an account ID and registration of a user entry in a requested system resource. An end unit 3 and back-end units 6a and 6b for registering a user entry in a system resource requested to be used by the front-end unit and creating an account ID are provided. The front end unit 3 is connected to the user via a communication network, and inputs a request for creating account ID information and personal information via the communication network.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to a business system account ID (hereinafter referred to as a business system account ID) in which personal information of a user is input, account request information that the user wants to use the system to be introduced is accepted, and a screening is performed based on the personal information. ) Is automatically generated and issued to the user, and a predetermined account ID is deleted according to the access status of the user corresponding to the registered account ID to the system. In particular, it relates to providing a service using an account management system via an IP network.

Conventional example 1. In response to a request to register a user account (account ID) in a conventional in-house system,
Since the system administrator has created the manual manually after checking the required authority range of the internal system and the user's job title and department, etc. in advance, maintenance work such as new registration of users and deletion of unnecessary accounts It is quite troublesome. Therefore, it is generally difficult to extend the right to use the in-house system to outside users. For example,
In a system for material quotation, etc., the support range of the system is limited to the internal approval level as to whether or not to send a request for quotation outside, and in most cases the actual request for quotation to outside the company is made on a paper basis. . However, if the business scope of the internal business system can be freely expanded to any user outside the company,
For example, the product information can be registered with various companies, and the in-house user can freely select a product from the registered product information and place an order with the company that has registered the product information. . On the other hand, some recent websites automatically create a user ID, but many simply issue a user ID mechanically without screening the user.

Conventional example 2. Further, in the conventional invention, there are disclosed a computer resource allocation system, a portable terminal and.
3827. The invention of Japanese Patent Application Laid-Open No. H11-143827 is an invention in which a new user who is not registered in the system in advance (it is unknown whether or not it may be an outsider at all is unknown) can use computer resources. Further, the invention deletes an ID after notifying the user after a certain period of time, and makes it possible to continue using the ID if there is an extension request, thereby deleting the account. In the invention of Japanese Patent Application Laid-Open No. 11-143827, there is no clear description as to whether or not a temporary ID assignment request can be made even by an entirely outsider, but it is difficult to imagine from the situation assumed by the present invention (= An outsider can use the internal department OA server,
For example, an account creation request to a file server can be transmitted, and if the ID is vacant, an account is assigned itself. The deletion of the user ID is intended to release the temporarily assigned ID and reserve it for another account creation request.

Conventional example 3. Another conventional invention is an unspecified large number of users automatic registration device (JP-A-6-195307). The invention of JP-A-6-195307 is an invention in which a new user who is not registered in the system in advance can apply for an account. It is an invention that notifies the user whether the account application is OK or NG. Also,
This is an invention in which an account is deleted under a certain condition after a certain period. In the invention of the conventional example 3, inputting general items (e-mail address) → provisional registration → inputting necessary items (password) →
Account registration is performed in the process of formal registration. Also,
The account deletion in the earlier application is uniformly performed when the user does not make a main registration request within a predetermined time. The account to be deleted is also a “temporary account without any execution authority”.

[0005]

As described above, in Conventional Example 1, the system administrator manually creates a user account for the in-house system after confirming the range of target users in advance. Therefore, in order to extend the right to use the in-house system to outside users, the system administrator must examine the outside users, which increases the processing load of the system administrator. It was very difficult to extend the right to use. In addition, maintenance work such as new registration of a user and deletion of an unnecessary account is considerably troublesome. This also increases the work of the system administrator, and makes it difficult to release the internal system to the outside. For this reason, it was difficult to increase the number of users outside the company.
Some Web sites automatically create a user ID, but many simply issue a user ID mechanically without examining the user. For this reason, there arises a problem that the in-house system to which the use right is permitted is used illegally.

In the second conventional example, the user ID is temporarily assigned, and the registered user ID is deleted, and the deleted user ID is assigned in response to a request from another user. For this reason, if the deletion process is not completed normally, there is a problem that resources cannot be allocated to a request from another user. Further, there is no process by which the administrator can confirm whether or not the user ID can be assigned. For this reason, when a user ID is requested illegally, there is a problem that the illegality cannot be detected.

[0007] In Conventional Example 3, there is no user information to be examined especially when an account is created. The e-mail address is entered when creating a temporary account, but this is for the purpose of contacting the user rather than screening the user. In addition, the temporary account created temporarily has no execution right for the system, and the creation of this account can be created simply by sending a password corresponding to this account thereafter.

An object of the present invention is to solve the above-mentioned problems and to enable the following. A user requesting a right to use the in-house system is input with personal information via a communication network, and the input personal information is examined based on predetermined conditions. As a result of the examination, if the usage right can be given, account ID information is created, and the created account ID information is transmitted from the communication network. In addition, a process shall be provided to allow the system administrator to confirm the results of the examination. Further, the use status is managed for the registered account ID information, and the account ID information can be deleted according to the use status. Also, when deleting, the user is confirmed beforehand and then deleted. A process for determining whether ID registration is possible by a system administrator is provided. User ID targeted for deletion
Is permanently removed from the system. By a process of inputting general items → registration permission / non-permission → main registration, registration permission / non-permission judgment for registering account ID information is performed. A user who has not accessed the system for a certain period is notified in advance, and after obtaining a response from the user, the user ID is deleted.

[0009]

SUMMARY OF THE INVENTION Some business systems according to the present invention, resources for the above-mentioned some business systems, and account IDs for granting the right to use the resources for some of the business systems are managed. At the same time, by connecting a predetermined network, the account request information of the user requesting the right to use the resources for the business system managed by the business system, the user is input via the predetermined network, An account management device that generates a business system account ID for granting the right to use some of the business system resources to the account request information, and outputs the generated business system account ID to the predetermined network; In the account management system provided with, the account request information requests the use right. The account management device has personal information of the user, terminal information for specifying a terminal device of the user who requests the use right, and use right request information indicating resources for a predetermined business system to be used. A reliability information storage unit that stores reliability analysis information for analyzing the reliability of the account information, and the reliability information storage unit based on at least one of personal information and terminal information included in the account request information. When the stored reliability analysis information is obtained and the obtained reliability analysis information satisfies the predetermined examination criteria information, for a predetermined business system that the user wants to use based on the usage right request information, The business system includes a front-end unit that transmits information for instructing generation of a business system account ID and the account request information. Generating a business system account ID based on the account request information received from the front end unit, transmitting the generated business system account ID to the front end unit, and transmitting the account request received from the front end unit. A back-end unit is provided for setting a usage right for a resource for a predetermined business system indicated by the usage right request information included in the information.

[0010] In the account management system according to the present invention, the predetermined network may be an IP (Inter).
net protocol) network, wherein the front end unit is a WWW on the IP network.
(World-Wide Web) system.

Further, in the account management system according to the present invention, the account request information includes at least a company name of a company in which the user works as the personal information, and the reliability information storage unit stores A company information storage unit for storing company information, wherein the front-end unit acquires the company information stored in the company information storage unit as the reliability analysis information based on the company name of the account request information. Then, at least one of the acquired company information and the above-mentioned company name is examined, and when the examination result satisfies the above-mentioned examination criterion information, the business system account ID is instructed to the above-mentioned back-end unit. It is characterized by doing.

Also, in the account management system according to the present invention, the account request information has at least the personal name of the user as the personal information, and the reliability information storage unit stores the personal credit information. A credit information storage unit, wherein the front-end unit obtains personal credit information stored in the personal credit information storage unit based on the personal name of the account request information as the reliability analysis information, After reviewing the obtained personal credit information, if the result of the review meets the above criteria information,
The generation of the business system account ID is instructed to the back-end unit.

Also, in the account management system according to the present invention, the account request information has at least the user's E (e-mail) address as the personal information, and the E (e-mail) address is at least the user's E-mail address. Has the company identification information that can identify the company that works, the reliability information storage unit has a company information storage unit that stores the company information of a predetermined company, and the front end unit has the account request information. The company identification information is acquired from an E (e-mail) mail address, and the company information stored in the company information storage unit is acquired as the reliability analysis information based on the acquired company identification information, and the acquired company identification information is acquired. After examining the information, if the examination result satisfies the above examination criteria information, the above business system account I
The generation of D is instructed to the back-end unit.

Further, the account management system according to the present invention further comprises a user management table for storing the account request information and the business system account ID corresponding to the account request information. The result of generating the business system account ID transmitted to the front end unit includes at least the business system account ID generated by the back end unit, and the front end unit determines the account request information and the business system account ID. Are stored in the user management table.

Further, in the account management system according to the present invention, the account request information may be input from a terminal device of a user connected to the predetermined network,
When the user inputs the account request information from the terminal device, the terminal information is automatically included in the account request information and transmitted to the front end unit via the predetermined network, and the The analysis information storage unit stores terminal address information for identifying a predetermined company, and the front end unit stores the terminal address information stored in the reliability analysis information storage unit based on the terminal information based on the reliability. Obtained as analysis information, examines the acquired terminal address information, and if the examination result satisfies the examination criteria, the business system account I
The generation of D is instructed to the back-end unit.

Further, in the account management system according to the present invention, the user management table further stores usage status information for managing usage status of the resources for the business system by the user, and the front end unit includes: When the resource for the business system is used by the user, the usage status information stored in the user management table is updated, and the usage stored in the user management table is updated at a predetermined timing. The status information is compared with the preset account deletion criterion information, and when the usage status information satisfies the account deletion criterion information as a result of the comparison, the business system account ID is deleted from the user management table, Destruction of the business system account ID for the backend Characterized by instructing the deletion of the usage rights set for the resource for business systems and.

Also, in the account management system according to the present invention, the account request information stored in the user management table has at least an E (e-mail) address of the user, and the front-end unit includes:
Deletion confirmation information for confirming that the account request information and the business system account ID satisfying the account deletion criterion information are to be deleted is transmitted to the E-mail address of the account request information to the user. At the same time, receiving the response information to the deletion confirmation information, deleting the account ID from the user management table according to the received response information, discarding the business system account ID and It is characterized by instructing to delete the use right set for the resource.

Further, in the account management system according to the present invention, the front end unit satisfies the account deletion criterion information when the response information of the user cannot be received after a predetermined period of time. It is characterized in that the business system account ID is deleted.

Also, in the account management system according to the present invention, the front-end unit manages resources for a plurality of business systems, and the back-end unit is provided in the business system, and And managing the resources for the business system having the section.

[0020]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiment 1 Embodiment 1
Then, a process for automatically creating a user account (a user account is an account ID and a right to use a resource for a predetermined business system) is implemented as an independent process separately from the target system (s). The account management system will be described. External users always log in to the internal system through this process. That is, the automatic registration process operates as a front end of a plurality of business systems. The outline of the automatic creation process of the user account will be described below. (1) An external user accessed via the WWW is requested to input certain personal information (= name, company name, mail address, etc.), a system to be used, and its use level. The usage level is, for example, the authority to only refer to the product information provided by the material estimation system, the reference to product information,
The functions used to divide the functions supported by the system, such as the authority to register, the authority to reference product information, register, and receive a quote request, and to specify at a level which function you want to use It is. (2) Company information to which the user belongs (in some cases, the company can be identified by analyzing the IP address or MAC address included in the terminal information in the packet) and terminal information (IP address or MAC) Then, the reliability is determined by analyzing the address and the like, and the reliability determination result is notified to the system administrator together with the information input by the user in (1). (3) The system administrator looks at the information notified in (2) and determines whether or not to give the new user an account to the desired system, and if OK, the account ID
Is instructed to the front end part. Upon receiving the instruction, the front-end unit issues a user account (account ID) for the target system and the user's right to use each resource (database, execution program, and the like) to the target system to the back-end unit of the target business system. Entry) to be sent. On the other hand, in the case of NG, the fact is notified to the user. (4) When the user entry creation ends normally in (3),
A notification to that effect is sent to the user, and if necessary, a description of the system and a program necessary for executing the system are transmitted to the user. On the other hand (3)
If the user entry creation processing has abnormally ended, the system administrator sees this situation and instructs re-execution if necessary. (5) The processes of (1) to (4) are performed not only when a new user account is created but also when the account ID information and the right to use the business system are changed.
(Example: Change of personal information such as password, change of system usage level, etc.)

Hereinafter, the account management system according to the first embodiment will be described in detail with reference to the drawings. FIG. 1 is a configuration diagram of the account management system according to the first embodiment. In FIG. 1, reference numeral 1 denotes an account management system according to the first embodiment. 2 is a user who wishes to use the in-house business system. 3 is a front end part. The user 2 and the front end unit 3 are connected via a communication network, for example, the Internet, and the user inputs account request information to the front end 3 via the Internet. 4a,
4b is a system administrator. In FIG. 1, a system administrator in charge exists for each business system. However, the system administrator may be an administrator who supervises and manages all business systems. 5a is an in-house business system A, and 5b is an in-house business system B. 5 is a business system 5
a and a business system 5b. The business system 5a and the business system 5b include back-end units 6a and 6b, respectively. The first embodiment is characterized in that one back-end unit is provided for each business system. Another feature of the first embodiment is that the front end and the back end are separated from each other. Reference numeral 7a is a resource that is data or a module of the business system A. A resource 7b is data or a module of the business system B.
8 is a user management table, and 9 is a reliability information storage unit. Reference numeral 10 denotes an account management device, which includes a front end unit 3, a user management table 8, and a reliability information storage unit 9. BF1 to BF8 indicate the flow of information.

Next, the processing contents of BF1 to BF8 'in FIG. 1 will be described. (BF1) Input account request information (personal information and usage right request information) and request creation of an account ID that permits the right to use resources for a predetermined business system. (BF1 ') Obtains reliability analysis information from the reliability information storage unit 9 based on the personal information of the account request information. (BF2) Send account request information and reliability analysis information to the system administrator 4a or 4b (transmit to the system administrator who wants to use the user). (BF3) Judgment of whether the system administrator can create an account ID. (BF4) If the creation is OK, the back-end unit 6a or 6b is instructed to create an account ID and various execution rights (instruct the back-end unit of the business system desired by the user). (BF4 ') If creation NG, notify user 2 to that effect. (BF5) An account ID created by the back-end unit, various execution rights, and data relating to the user are assigned to each resource of the account creation target business system. (BF5 ′) The account ID and the account request information are stored in the user management table 8 by the front end unit. (BF6) Notify the system administrator and the front end unit 3 of the execution result of the account ID creation process (the execution result also includes information indicating the created account ID). (BF7) The system administrator checks the execution result transmitted to the front end unit to determine whether the execution is normal or not, and instructs the execution of post-processing (BF8) and (BF8 '). (BF8) Notify the user 2 of the account ID and necessary items. (BF8 ') Instruct re-execution after (BF4).

Of the processing of BF1 to BF8 ', BF1
BF4 ′, BF5 ′, and BF7 to BF8 ′ are processing by the front end unit 3. BF5 and BF6 are processing by the back end unit 6a or 6b. The functions of the front-end and back-end sections are summarized below. (Front-end part) ・ Account request information analysis ・ Request for judgment to the administrator of the business system from which the user requested the usage right based on the usage right request information ・ Received the judgment from the administrator and performed each process ・ Received the request from the administrator Executes post-processing in response to the execution result judgment (back-end unit)-Adds account IDs that permit use of the business system, various execution authorities, and data on the user to each resource of the target system body. Notification to department and manager

In BF2 and BF3 described above, the system administrator judges whether or not to create an account ID by referring to the reliability analysis information. However, the system may automatically determine whether an account ID can be created by setting examination criteria information that allows creation of an account ID in the front end unit 3. by this,
The burden on the system administrator can be reduced. BF6, B
In F7, the system administrator sees whether the execution result is normal or not, and gives an instruction to the front end unit to perform either the BF8 or the BF8 'processing. However, the front-end unit 3 may confirm the notification from the back-end units 6a and 6b and determine which of the BF8 and the BF8 'is to be performed. This can reduce the burden on the system administrator.

As can be seen from FIG. 1, in the account management system, the process of creating and registering an account ID is performed by a “front end unit” and a “back end unit”. The former has functions such as personal information analysis, exchange with an administrator who makes judgments, exchange with a back-end unit that executes account ID creation processing for each business system, and the like.
The latter has functions such as execution of account ID creation processing for each business system and notification of the end status to the front end unit. The front-end and back-end sections are implemented in the account management system by the front-end section / back-end section as one process in the target system. It is conceivable to adopt a system in which the units are arranged independently of the target system to enable an account creation instruction for a plurality of systems. In the first embodiment, FIG.
As shown in FIG. 1, only the back-end unit is placed on the target system side, and the front-end unit is arranged independently of the target system, and the system is configured by a method that enables account creation instructions for a plurality of systems. The procedure of the account ID creation / registration process will be specifically described with reference to the flowchart of FIG.

(TF1) An arbitrary user outside the company (hereinafter referred to as "user") accesses the homepage of a company that provides an in-house business system to the outside via the WWW.
This home page constitutes a user interface for the "front-end unit" function of the present invention, and is located at a location on a network accessible to any external user, such as a public relations company of the company (for example, an internal network). Demilitarized zone on the firewall against). As the contents of the homepage, a link to systems that allow use by any user outside the company and a request to create an account ID for those systems are provided. FIG. 3 shows an example of the homepage. FIG. 3A shows a top page, on which link information to an internal business system for which the user range is to be expanded outside the company is posted. FIG. 3B is a “material estimation system / account application screen” linked to the “material estimation system” on the top page. In FIG. 3B, “name”, “company name”, and “Email” are personal information, and four options of “range to use” are use right request information indicating a use level. The user inputs account request information from the screen shown in FIG.

(TF3 "YES" TF3 ') If the user already has an account ID for the target system, the user accesses the target system with the account ID already issued. Since the account ID is stored in the user management table 8, when the account ID is input by the user, the user refers to the user management table 8 to confirm that the user has been registered and to use the business system to which the use right has been given. Is executed within the usage level permitted for the user. FIG. 4 shows an example of the contents stored in the user management table 8. The user management table 8 includes “user ID”, “user name”,
"Password", "Company name", "E-mail", "Usage system", "Usage level", "Account creation status",
It has ten items of “account creation date” and “last access date”. “Usage level” indicates the usage right request information shown in FIG. 3B by numerical values. For example, the use level = 2 indicates that the use right request information in FIG. 3B is the use range of “only product catalog registration”. “Account creation status” is an item used to store the progress of processing by the front-end unit 3 and the back-end units 6a and 6b. "User ID"
Is an account ID.

(TF3 "NO", TF4) On the other hand, if the user does not have an account for the target business system, the user specifies the business system desired to be used and the usage right request information of the usage level. Furthermore, full name, E
Enter personal information such as a mail address and company name (→ BF1 in FIG. 1). The usage level of the system you want to use is, for example, in the case of a material procurement system, “only product information reference (use level 1)”, “until product registration (use level 2)”
Or "Everything including participation in negotiations (use level 5)"
For example, it can be set according to the position of the user.
It is assumed that the personal information and the usage right request information are input from the screen example shown in FIG. When the user presses the OK button after finishing inputting the screen of FIG. 3B, account request information including personal information and usage right request information is transmitted to the front end unit 3 via the Internet network.

(TF5) A company information DB stored in the reliability information storage unit 9 based on the company name input by the user.
(Note 1) Search for the company's reliability (stock price, degree of transaction with the Company, etc.) and obtain reliability analysis information.
Also, because of Web access, the terminal information (I
P address, etc.). The terminal information of the user is also used as the original data to know the reliability of the user (Note 2). (Note 1) The corporate information DB is often a commercially available database with additional information unique to the company that is trying to expand the scope of use of the in-house system outside the company. The commercially available database is automatically account managed. You may make it download to a system and update the data of a reliability information storage part periodically. (Note 2) In general, companies assign IP addresses etc. based on a certain numbering system within the group. For example, in the case of a company belonging to a group, terminal information may include information indicating a group or information indicating a department or a position of a company organization. For this reason, it is possible to achieve a certain degree of reliability depending on the terminal information.

(TF6) The personal information, usage right request information and reliability analysis information obtained in (TF4) and (TF5) are
Sent to the system administrator who conducts the user review (→
BF2). FIG. 5 shows an example of personal information, usage right request information, and reliability analysis information transmitted to the system administrator. FIG.
Is an example of an e-mail for requesting the system administrator to create an account. Link information 5
Clicking on 1a displays a list 53. Reference numeral 52 denotes a function selection list for the system administrator. Link information 5
When the user clicks 2a, a list 53 is displayed. At the time of transmission, the front end unit 3 updates the item “account creation status” in the “user management table” to “requesting”.
On the other hand, based on this information, the administrator determines whether to issue an account to the desired system to the user (→
BF3).

(TF7) An example of the company information DB is shown in FIG. The company information shown in FIG. 6 includes items of company name, listing category, main industry code, employee type code, sales, profit after tax, capital, rating, and the number of employees. Account I is performed using the respective items of the company information shown in FIG.
An example of determining whether to create D will be introduced. Example 1 First, a method using individual items as the examination criteria can be considered. In this method, for example, there is a method of setting a criterion of giving an account ID as a criterion for giving an account ID if the company where the user works is listed. Example 2. In addition, a method in which a plurality of items are used as examination criteria can be considered. This method is based on the condition that the company where the user works is listed and that the company has a capital of 100 million yen or more. Example 3 In addition, a method is considered in which each item is scored and a necessary item is determined. This score is registered in the item of "Score" in FIG. The method of scoring is, for example, 5 points for a listed company and 0 points for a non-listed company. If the number of employees is 5,000 or more, 8 points are set, and if the number of employees is 10,000 or more, points are set in advance for predetermined items of the company information database, such as 10 points,
The scores set for each item are summed to determine the evaluation score of the company. Then, if the obtained evaluation score is, for example, 70 or more, the account ID is assigned, and if the evaluation score is lower than 70, an account ID is not assigned. When calculating all items with the same priority Company reliability = Listing division point + Sales point + Profit point after tax + Capital point ... Also, when calculating the evaluation points in the above method, the target is included All of the items were calculated with the same priority. But,
It is also possible to set a priority for a specific item. In this case, the score of each item is multiplied by the score based on the priority, depending on the size of the priority. You want to give priority to a specific item.
Multiply the coefficient of the item for which you want to set the priority by the coefficient. Corporate credit = (coefficient) x listed division point + (coefficient) x sales point + (coefficient) x profit after tax + (coefficient) x capital point + ...
... It is also possible to obtain evaluation points in this way. The front end unit 3 digitizes the personal information, the usage right request information, and the reliability analysis information analyzed by using the company information database shown in FIG. 6 to the system administrator. Based on the information, it is determined whether to give an account ID. However, if the system administrator determines whether or not to give an account ID by looking at the information notified from the front end unit 3, the burden on the system administrator increases, and human judgment is required. It is conceivable that the efficiency of the processing becomes worse. For this reason, an evaluation criterion according to the method described in Examples 1 to 3 as described above is set in advance in the front end unit 3 as evaluation criterion information, and when the set evaluation criterion information is satisfied, an account ID is set. If it is not satisfied, the system may make a determination not to give the account ID. By making a determination on the system side, the burden on the system administrator can be reduced. It is also conceivable that the processing efficiency will increase.

(TF8) When the system administrator judges that the account should not be created, the system administrator presses the “reject creation” button 2 in the list 53 of FIG. When the "creation denied" button 2 is pressed, the user is notified by e-mail by the front end unit that the account ID cannot be created. (→ BF4 ′) At that time, the front end unit 3 updates the item “account creation status” in the “user management table” to “denial”.

(TF9) When the system administrator determines that the account creation is OK, the front end unit 3 issues a user account (account ID) creation instruction to the back end unit of the target business system. (→ BF
4) At the time of transmission, the item “account creation status” in the “user management table” is updated to “under creation”. In addition, the front end section includes items “user name”, “password”, “company name”, “email”,
Data registration is performed for “usage system” and “usage level” based on account request information. Since the “user ID (account ID)” is not determined, the front-end unit issues an instruction to create a user account to the back-end unit, and until the result is transmitted from the back-end unit, for example, A temporary user ID may be registered. From the above-mentioned TF1 to this processing, the front-end unit 3 executes from (TF2) to (TF
6) and processing for registering data in some items of the user management table of TF9 ((TF7) is also executed in some cases). As described in (TF1), the front-end unit 3 is mounted on a homepage that serves as an interface with an external user, while the back-end units 6a and 6b are mounted on a business system that creates an account ID. The back-end unit that has received the account ID creation instruction creates an account ID of the business system and adds a user entry to the resource (→ B
F5). The system resources are all resources necessary for the user to execute the system, such as a database, an execution program, and a home directory of the system user.
In FIG. 1, there is a user management table 8 accessed by the front end unit 3, but each business system also has a user management table. The backend registers the created account ID in the user management table of the corresponding business system.

When the (TF10) process is completed, the end result is notified to the front end unit (→ BF6). The end result also includes information indicating the created count ID. Upon receiving the end result notification, the front end unit writes the end status in the user management table 8 (= updates the item “account creation status” to “normal end” or “abnormal end”) and notifies the system administrator of the end status. To the effect. When the status is “normal end”, the account ID notified to “user ID” in the user management table is registered.

(TF11) If the system administrator receives the termination result notification, if the termination is abnormal, the system administrator investigates the situation and executes the account information creating process again as necessary (→).
BF8 '). FIG. 7 shows an example of a screen for a system administrator for confirming the account creation status. In FIG. 7, 5
2 is a function selection list, 52b is link information for displaying an account creation status confirmation screen, and 54 is an example of an account creation status confirmation screen. The system administrator refers to the account creation status confirmation screen 54 to confirm the account creation status. The front-end unit 3 receives a re-execution instruction from the system administrator, and
b is notified of the re-execution of the account ID creation processing.

(TF12) In the case of the normal termination by the termination status notification, the system administrator causes the front end unit 3 to execute the post-processing (→ BF7) and presses the button of the account creation status confirmation screen 54 in FIG. The post-processing includes notification to the user who created the account and distribution of necessary modules and the like (→ BF8). The front end unit 3 performs post-processing and registers the creation date in the item “account creation date” in the user management table. The process of adding a user entry to the resources of the business system of TF9 and the account I that permits the use of resources for each business system
The process of creating D and the process of TF10 are processes of the back end unit, and the processes of TF11 and TF12 are processes of the front end unit. Further, the front end unit 3 notifies the system administrator of the end state using TF11.
However, even in the case of abnormal termination, there are some abnormal terminations that do not require the judgment of the system administrator.In this case, after the back-end returns a message indicating the abnormal termination, the front-end responds to the administrator. While notifying (e-mail or the like), an account ID re-creation process may be directly executed without using an input operation of the administrator as a trigger. Also, the notification of the normal end is sent to the system administrator, but the front end unit 3 notifies the normal end from the back end unit while giving this notification to reduce the processing load on the system administrator. If you receive
Post-processing may be directly executed without using an input operation of the administrator as a trigger.

As described above, in the first embodiment, the front-end unit and the back-end unit are made independent, and the front-end unit serves as a network-like entrance to a plurality of business systems, and is physically connected to the internal business system. The account management system is characterized in that it is arranged on independent hardware and the back-end unit is installed in each of the internal business systems. Also,
In the case of examining the credit of an individual, the reliability information storage unit 9 is provided with a company information database, but is provided with a personal credit information storage unit which stores generally available personal credit information. It does not matter. The personal credit information storage unit stores credit information such as whether each individual has a history of bankruptcy of the past company or a history of personal bankruptcy. For this reason, if the credit information stored in the personal credit information storage unit is used as an examination standard, for example, an account ID is not given to an individual who has gone bankrupt in the past or an individual who has gone bankrupt. It is also possible to set a standard in the front end unit 3 in advance and perform the examination. Further, the e-mail address may include information for specifying the company. For this reason,
If the company name is not entered in the personal information, the company at work is determined from the e-mail address and the company information DB
It is also possible to obtain company information from. When returning the examination result to the user, since the personal information includes the e-mail address, it is possible to return to the e-mail address.

Embodiment 2 In the second embodiment, an account management system in which a process for automatically deleting a user account is implemented as an independent process separately from a plurality of target systems. The automatic deletion process operates as a front end for a plurality of business systems. The outline of the automatic deletion process of the user account will be described below. (1) Observe the access status of the user to the system, and send an account deletion inquiry to the e-mail address in the user management table for the user who meets the deletion condition. This access status is, for example, the item “last access date” in the user management table in FIG. The deletion condition may be, for example, a condition that an account ID of a user who has never accessed within one month from today's date is deleted. (2) If there is a response from the user that the account deletion is OK, or if there is no response from the user to the deletion request for a certain period or more, the user's entry is deleted from each resource of the target system. (3) When the deletion process is completed normally, the user and the system administrator are notified of that. On the other hand, upon abnormal termination, the system administrator checks the situation and instructs re-execution if necessary.

FIG. 8 is a configuration diagram of an account management system according to the second embodiment. 8, each component is the same as in FIG. 1 of the first embodiment. However, the flow of information is different from that in FIG. This is a flow of information when CF1 to CF8 in FIG. 8 are deleted. Hereinafter, CF1 to CF1 in FIG.
The content of the processing of CF8 will be described. (CF1) The access status of each user is checked with reference to the user management table 8. (CF2) A deletion request is sent to the user who meets the deletion condition. At this time, the e-mail address of the user is acquired from the user management table 8, and a deletion inquiry is transmitted to the acquired e-mail address. (CF3) A reply arrives from the user in response to the deletion inquiry. (CF4) The front end unit 3 is a back end unit 6a,
6b is instructed to execute the deletion process. (CF5) Deletion processing execution (CF6) Deletion processing execution result notification (CF7) Post-processing execution instruction based on deletion processing execution result (CF8) Notify user

Since the back-end unit is installed in each business system, the system which requires the use of the user is specified by referring to the "use system" in the user management table 8. Alternatively, while instructing the front-end unit to execute deletion processing performed on the back-end unit,
An instruction is given that includes information that can specify the use system. The above processing of CF1 to CF4 and CF7 and CF8 is processed by the front end unit 3. The processing of CF5 and CF6 is processed by the back-end units 6a and 6b.
The functions of the front-end and back-end sections are summarized below. (Front-end part) Periodically check the usage status of the user and send a deletion request to the relevant user. Deletion processing execution instruction Deletion processing execution result received Post-processing execution (Back-end part) Deletion processing execution Deletion processing execution result sent to front-end part

As in the case of the registration function, what executes the deletion function is the "front end unit" and the "back end unit". The former is a user access status check, account I
D has an instruction to execute the deletion process and a function of exchanging with the back-end unit. The latter executes the account ID deletion process used to permit the use of the resource for each business system, and sends to the front-end unit the end status. It has a function such as notification. The front-end part and the back-end part are implemented in the account management system by a method in which both the front-end part and the back-end part are implemented as one process in the target system. It is conceivable to adopt a method in which the section is arranged independently of the target system and an account ID deletion instruction used to permit a plurality of systems to use the resources of each business system is provided. A specific example of the process of deleting an account ID will be described with reference to the flowchart of FIG.

(DF1) corresponds to (CF1) in FIG. In the front end unit 3, a process of checking the access status of the user is periodically executed (for example, every night). In this process, the user is selected as a deletion candidate. The user refers to the user management table 8 and looks at the last access date and time of the user and the total number of times of access in a certain period. May be set as a deletion candidate, or an account deletion inquiry is transmitted to the user, assuming that the total number of uses so far is equal to or less than a certain number. The condition of the user as a deletion candidate may be set for each user and each authority level. The administrator can freely specify these conditions.

(DF3), YES Corresponds to (CF2) in FIG. An account deletion inquiry is transmitted by e-mail for the user who meets the deletion condition in (DF1). In this process, the system administrator looks at a list of users who meet the deletion condition, and sends a notification to the user after a certain input operation. FIG. 10 shows an example of a screen for transmitting an account deletion inquiry to the user whose account is to be deleted. In FIG. 10, reference numeral 52 denotes a function selection list, and link information 5 displayed in the function selection list 52.
When the system administrator clicks 2c, an account deletion target list 55 is displayed. The system administrator selects the user to whom the account deletion inquiry is transmitted from the account deletion target list 55 and presses the button 1 to transmit the deletion inquiry to the user. At the time of transmission, the user management table 8 in FIG.
Update the item "Account Creation Status" to "Deletion inquiring". The e-mail address is in the user management table 8
Use the e-mail address stored in. In the inquiry, the URL to the user response function implemented in the front end unit 3 is described, and the user makes a response to the deletion inquiry by accessing this address via a browser. FIG. 11 shows an example of a deletion inquiry e-mail transmitted to the user and an example of a screen of a reply function for the deletion inquiry. In FIG. 11, reference numeral 56 denotes a deletion inquiry mail transmitted to the user, and the user checks the contents of the deletion inquiry mail 56 transmitted to the user. After confirming,
When the user clicks the URL 56a, a response function screen 57 for the deletion inquiry is displayed. If you want to delete, click "Can delete". If you do not want to delete, click "Do not delete".

(DF4) corresponds to (CF3) in FIG. (D
As described in F3), since the URL to the reply function is described in the transmitted e-mail, the user refers to this and replies. Is not answered, the front end unit determines that, and instructs the back end unit to delete the account ID (user ID) of the user to be deleted in the user management table 8. As a result, the delete execution function described in (DF6) is executed, the entry of the user is entirely deleted from the system, and the fact is transmitted to the user by e-mail.

The system administrator can also confirm the response status of the user to the deletion inquiry on the account deletion response confirmation screen 58 shown in FIG. The screen of the account deletion reply confirmation 58 is displayed in the function selection list 52.
Is displayed when the link information 52d is clicked. The system administrator deletes the front end part by clicking the delete execution button for the user whose response status on the account deletion reply confirmation screen 58 is "OK" or the user who has not responded even after the expiration date. Make instructions.

(DF5) NO Corresponds to (CF3) in FIG. If the user replies to the deletion request with "Do not delete", the front-end unit updates the item "Account creation status" in the user management table to "registered" and further sets the item "Last access date" to today's date. After updating to
The process ends.

(DF6) (CF4) and (CF5) in FIG.
Equivalent to When the user replies to the deletion request with "can be deleted", the front-end unit instructs the back-end unit to delete the account ID (user ID) of the user to be deleted. Further, an instruction to delete the account ID assigned to permit use of the resources for each business system is transmitted to the back-end unit, and at the same time, the item “account creation status” in the user management table 8 is updated to “deletion in progress”. I do. The backend receiving the delete execution command
An entry related to the user (including an account ID assigned to permit use of resources for each business system) is deleted from all resources on the system. Further, as described in the first embodiment, since each business system has a user management table, the information of the account ID (user account) is deleted from the user management table for each business system. Then, the processing end state is notified to the front end unit.

(DF7), NO (CF6), (C) in FIG.
F7). If the deletion process was not executed successfully,
The system administrator is notified accordingly. The system administrator receiving this checks the situation and executes the deletion process again.

(DF8) Corresponds to (CF8) in FIG. If the deletion processing has been executed normally, the user and the system administrator are notified of the fact. Further, the front end unit deletes “user ID” and other information corresponding to the user ID from the user management table. Alternatively, the user ID and the information corresponding to the user ID may be left, and the “account creation status” may be changed to “delete” to indicate that the user ID cannot be used. Although the DF 7 notifies the system administrator that the deletion processing has not been normally executed, the deletion processing may be re-executed without using the input operation of the system administrator as a trigger. This is to reduce the processing load on the system administrator. Although the system administrator is notified that the deletion process has not been executed normally, the front-end unit 3 can determine the re-execution and notify the back-end unit of the re-execution.

As described above, in the second embodiment, an example has been described in which the account management system deletes the account of the registered user. In particular, a back-end unit is provided for each business system, and a front-end unit is separated from the back-end unit. In other words, separate from the in-house business system, one account management system is provided for multiple business systems. It is characterized by being prepared for. Also, for the user who matches the deletion condition, the user is notified that the account ID is to be deleted, and the deletion process is executed according to the reply.

Embodiment 3 FIG. In the third embodiment, an account management system in which a process for automatically creating and deleting a user account is implemented as one process in a business system (one) will be described. FIG. 13 is a configuration diagram of the account management system according to the third embodiment. FIG.
, 1 is an account management system, 2 is a user,
Reference numeral 3 denotes a front end unit, 4 denotes a system administrator, 5 denotes an in-house business system A, 6 denotes a back-end unit, and 7 denotes an in-house business system A body. In FIG. 13, the in-house business system is only the in-house business system A5, but another in-house business system also exists. And a back-end part. As can be seen from FIG. 13, the third embodiment has a configuration in which the in-house business system 5 includes the front-end unit 3 and the back-end unit 6. In the first and second embodiments, only the front-end unit has a direct connection to the external network, and the back-end unit is not directly connected to the external network (protected from the Internet for security). Although the configuration is such that the account management process is executed only by communication from the department, in FIG. 13, the internal business system 5 itself is connected to an external network and receives an access from an external user directly. I have. In the first and second embodiments, one back-end unit 6 is provided for each of a plurality of business systems, and is configured to execute only account processing of each business system. However, in the third embodiment, the front-end unit and the back-end unit exist on the same hardware. That is, the function of the front end unit in the first and second embodiments is included as one process in the business system. In other words, it is shown that the account creation request to the business system and the accompanying transmission and reception of information with the user are also part of the function of the business system.
The processing contents of (1) to (8) ′ in FIG. 13 will be described below.

(1) The user inputs personal information and usage right request conditions via the Internet, and receives a request for creating an account ID. (2) The front end unit 3 acquires the reliability analysis information based on the personal information and the usage right request information by the method described in the first embodiment, and transmits the information to the system administrator. (3) The system administrator determines whether to create an account ID. (4) When the system administrator determines that the creation of the account ID is OK, the front-end unit 3 issues an instruction to create an account ID, and creates various execution rights from the front-end unit 3 to the back-end unit 5. Instructions. (4) 'If the creation of the account ID is NG, notify the user to that effect. The notification to the user is performed using the e-mail address input as the personal information. (5) The back-end unit 6 gives authority and entry to each resource of the account creation target system. (6) The back-end unit 5 notifies the front-end unit 3 of the execution result of the account creation processing. (7) Checking the execution result to determine whether the execution is normal or not, and instructing execution of post-processing (8) and (8 '). (8) The front end unit 3 notifies the user of the account and necessary items. (8) 'Instruct re-execution after (4)

The front end unit 3 according to the third embodiment will be described below.
And the functions of the back-end unit 5 are summarized. (Front-end part) Receive user input information User information analysis Request judgment of administrator creation permission to administrator Send account creation / deletion instruction to back-end part Receive processing result by back-end part Receive execution result judgment from administrator , Execute post-processing (back-end part) Add user entry to each resource of system main body Notify execution result to front-end part and administrator

In (7) of FIG. 13, the front end unit 3 notifies the system administrator of the execution result, and
The system administrator judges which of the processes (8) and (8 ') is to be performed based on the notified execution result.
However, there is a case where the front-end unit 3 can automatically determine whether or not the re-execution is necessary without the judgment of the system administrator. In that case, in order to reduce the processing load on the system administrator, the execution result is notified to the system administrator. However, the re-execution is determined by the front end unit 3 and the front end unit 3 sends it to the back end unit 5 again. The execution may be notified.

As described above, in the third embodiment, the front-end unit and the back-end unit are incorporated in the in-house business system, and one front-end unit and one back-end unit are provided for a plurality of business systems. An example of an account management system having such a configuration has been described.

[0056]

As described above, according to the account management system of the present invention, a reliability information storage unit for storing reliability analysis information for analyzing the reliability of an individual is provided. Examines the personal information input by the user based on the reliability analysis information stored in the
It is determined whether or not the user can give D. As a result, it is possible to limit the outside users to whom the account ID is given, and it is possible to prevent a malicious outside user from illegally using the in-house system. In addition, there is a front-end unit for inputting personal information and examining the personal information, and instructing creation of an account ID, and generating an account ID for a business system for which a usage right has been requested and requesting a usage right. A back-end unit that sets usage rights for business system resources is provided separately. For this reason, even if there is a user who tries to access the in-house system for the purpose of unauthorized use, the front-end unit performs the individual examination, and the processing control is not transferred to the back-end unit unless the examination result is OK. Another advantage is that the internal system can be protected from unauthorized access.

Further, personal information is inputted from a WWW browser, and the front end unit can be mounted on one of the WWW servers. Therefore, there is an effect that the use of the in-house system can be expanded to a wider range of outside users. For example, account ID from mobile terminal
There is an effect that registration can be requested. Also, for business systems that have already registered account IDs,
There is an effect that resources of the business system can be used by accessing from a mobile terminal from a destination.

Further, at least the company name of the company where the user works is input as personal information. And
The reliability information storage unit includes a company information storage unit that stores company information of the company. For this reason, the front end unit can judge whether to create an account ID based on the company information of the company in which the user works. As a result, users who can be given an account ID are limited to users who can be trusted to some extent, so that there is an effect that an in-house system can be protected from unauthorized users.

Further, at least the user's personal name is entered as personal information. The reliability information storage unit is provided with personal credit information storage that stores personal credit information. For this reason, the front end unit can examine the personal credit information and determine whether the account ID can be given. As a result, an account ID is given to a user who has a certain degree of trust, so that there is an effect that the in-house system can be protected from a user who tries to gain unauthorized access to the in-house system.

Further, at least the user's e-mail address is entered as personal information. The e-mail address may include information for identifying the company in the address. In such a case, it is possible to specify the company where the user works from the e-mail address, examine the company information of the company where the user works from the reliability information storage unit, and give an account ID. Can be determined. As a result, an account ID is given to a user who has a certain degree of trust, so that there is an effect that the in-house system can be protected from users who try to access the in-house system illegally.

The account management system has a user management table. Since this user management table stores account request information and user input information, when notifying any information from the front end unit to the user, the destination of the user is checked by looking at the personal information included in the user management table. I understand. Therefore, there is an effect that necessary information can be notified to the user from the front end unit, that is, the account management device. Further, since the account ID is stored, when a predetermined business system is accessed by a user, there is an effect that the access status to the business system can be managed based on the account ID.

The user management table stores usage status information for managing the usage status of the resources of the business system. For this reason, the front-end unit refers to the usage status information, deletes the account ID from the user management table when the predetermined deletion criterion is satisfied, and sets the back-end unit for the resources for the business system. You can be instructed to remove usage rights. For this reason,
This has the effect of preventing the area for storing the account ID and the area for the user in the business system from inadvertently increasing. In addition, since there is no need for the system administrator to manually confirm the account ID to be deleted, there is an effect that work efficiency can be improved.

The account request information includes at least the user's e-mail address. For this reason, the user who satisfies the deletion criterion can be notified by e-mail that the account ID is to be deleted, and can confirm the deletion to the user. This has the effect of preventing the account ID from being erased without notifying the user.

When the user is notified of the deletion of the account ID and the response is not received after a predetermined period, the setting of the account ID and the right to use the resources for the business system is deleted. I do. by this,
Even if there is no response from the user, Account I
Since D is deleted, there is an effect of preventing an area for registering an account ID and an area for the user in the business system from being carelessly increased. In addition, since it is not necessary to confirm the reception of the answer of the system administrator, there is an effect that work efficiency can be improved.

Further, the front-end unit for receiving an account creation request from a user or an access request to a predetermined business system, and the back-end unit for executing the request are operated as separate systems. Therefore, there is an effect that a plurality of business systems can be managed by one front-end unit.

Further, the front end unit and the back end unit are operated as one process in the same business system. For this reason, compared with the case where the front-end unit and the back-end unit are configured as separate systems, the system configuration is simplified, and there is an effect that the burden on the system administrator and the system developer can be reduced.

[Brief description of the drawings]

FIG. 1 is a configuration diagram of an account management system according to a first embodiment of the present invention.

FIG. 2 is a flowchart of an account ID information registration process performed by the account management system according to the first embodiment;

FIG. 3A shows an example of a front page of a homepage according to the first embodiment. (B) An image diagram of an account application screen on a homepage according to the first embodiment.

FIG. 4 is a diagram showing an example of a user management table according to the first embodiment.

FIG. 5 is a diagram showing an example of a display screen of an account creation request list according to the first embodiment and an example of a screen for an administrator for displaying the list.

FIG. 6 is a diagram showing an example of a company information database according to the first embodiment;

FIG. 7 is a view showing an example of a screen for confirming an account creation status according to the first embodiment;

FIG. 8 is a configuration diagram of an account management system according to a second embodiment.

FIG. 9 is a flowchart of a process of deleting account ID information by the account management system according to the second embodiment.

FIG. 10 is a diagram showing an example of a screen for selecting a user whose account is to be deleted according to the second embodiment;

FIG. 11 is a diagram showing an example of a mail transmitted to a user whose account is to be deleted and an example of a response screen according to the second embodiment.

FIG. 12 is a diagram showing an example of a screen for confirming a deletion reply from a user whose account is to be deleted according to the second embodiment;

FIG. 13 is a configuration diagram of an account management system according to a third embodiment.

[Explanation of symbols]

1 account management system, 2 users, 3 front end unit, 4, 4a, 4b system administrator, 5, 5
a, 5b In-house business system, 6, 6a, 6b back-end unit, 7, 7a, 7b System body, 8 user management table, 9 reliability information storage unit, 10 account management device, 51 e-mail for account creation request 51a, 52a, 52b, 52c, 52d link information, 52 function selection list, 53 list, 54 creation status confirmation screen, 55 account deletion target list, 56 deletion inquiry mail, 56a URL, 57 deletion inquiry response function screen, 58 Confirmation of reply to account deletion.

Claims (11)

[Claims] 1. A system for managing some business systems and resources for the some business systems, connecting a predetermined network, and using the right to use the resources for the business systems managed by the business systems. A business system account ID for allowing the user to input account request information of the user requesting the request via the predetermined network, and granting a right to use some of the resources for the business system to the account request information And an account management device that outputs the result of generating the business system account ID to the predetermined network. The account request information includes: personal information of a user requesting the use right; Terminal information for identifying the terminal device of the user requesting the usage right, and a predetermined A use right request information indicating a resource for a business system, the account management device includes: a reliability information storage unit that stores reliability analysis information for analyzing the reliability of an individual; Acquiring the reliability analysis information stored in the reliability information storage unit based on at least one of the personal information and terminal information having,
If the obtained reliability analysis information satisfies the predetermined examination criteria information, information for instructing the user to use a predetermined business system based on the usage right request information to generate a business system account ID and the account And a front end unit for transmitting request information. The business system generates a business system account ID based on the account request information received from the front end unit, and generates the business system account ID. To the front-end unit, and a back-end unit for setting a usage right for a resource for a predetermined business system indicated by the usage right request information included in the account request information received from the front-end unit. Account management system characterized by that. 2. The method according to claim 1, wherein the predetermined network is an IP (In)
(Ethernet Protocol) network, wherein the front-end unit is a W-network on the IP network.
2. The account management system according to claim 1, wherein the account management system is implemented in a WW (World-Wide Web) system. 3. The account request information has at least a company name of a company in which the user works as the personal information, and the reliability information storage unit stores a company information of a predetermined company. The front end unit acquires the company information stored in the company information storage unit as the reliability analysis information based on the company name of the account request information, and acquires the acquired company information and the company 2. A method according to claim 1, further comprising: examining at least one of said names and, when the examination result satisfies said examination criteria information, instructing said back-end unit to generate said business system account ID. Account management system described. 4. The account request information has at least the personal name of the user as the personal information, the reliability information storage unit includes a personal credit information storage unit that stores personal credit information, The end unit obtains the personal credit information stored in the personal credit information storage unit as the reliability analysis information based on the personal name of the account request information, and examines the obtained personal credit information. 2. The account management system according to claim 1, wherein if the result of the examination satisfies the examination criteria information, an instruction is issued to the back-end unit to generate the business system account ID. 5. The account request information has at least an E (e-mail) address of the user as the personal information, and the E (e-mail) address is a company identification that can identify at least a company in which the user works. Information, the reliability information storage unit includes a company information storage unit that stores company information of a predetermined company, and the front-end unit reads the E (e-mail) address of the account request information from the Acquisition of identification information, acquisition of company information stored in the company information storage unit based on the acquired company identification information as the reliability analysis information, examination of the acquired company information, and a result of the examination. If the above satisfies the above-mentioned examination criteria information, it instructs the above-mentioned back-end unit to generate the above-mentioned business system account ID. The account management system according to claim 1. 6. The account management system further includes a user management table for storing the account request information and the business system account ID corresponding to the account request information. The result of generating the business system account ID transmitted to the unit includes at least the business system account ID generated by the back-end unit, and the front-end unit stores the account request information and the business system account ID, 2. The account management system according to claim 1, wherein the account management system stores the information in the user management table. 7. The apparatus according to claim 1, wherein the account request information is input from a terminal device of a user connected to the predetermined network, and the terminal information is automatically input when the user inputs the account request information from the terminal device. Is transmitted to the front end unit via the predetermined network and included in the account request information, and the reliability analysis information storage unit stores terminal address information for identifying a predetermined company, The unit acquires the terminal address information stored in the reliability analysis information storage unit as the reliability analysis information based on the terminal information, examines the acquired terminal address information, and the examination result is the above When the examination criteria are satisfied, the generation of the business system account ID is instructed to the backend unit. The account management system according to claim 1. 8. The user management table further stores usage status information for managing the usage status of the business system resources by the user, and the front end unit controls the business system resources by the user. Is used, the usage status information stored in the user management table is updated, and at a predetermined timing, the usage status information stored in the user management table is updated to a predetermined account. If the usage status information satisfies the account deletion criterion information as a result of comparison with the deletion criterion information, the business system account ID is deleted from the user management table, and the business Destruction of system account ID and use set for business system resources Account management system according to claim 6, wherein the instructing deletion of. 9. The account request information stored in the user management table has at least an E (e-mail) address of the user, and the front-end unit determines the account request satisfying the account deletion criterion information. Deletion confirmation information for confirming that the information and the business system account ID are to be deleted is transmitted to the user to the E (e-mail) address of the account request information, and response information to the deletion confirmation information is transmitted to the user. Receiving, deleting the account ID from the user management table in accordance with the received response information, discarding the business system account ID for the back-end unit, and deleting the usage right set for the business system resource; 9. The account management system according to claim 8, wherein Beam. 10. The front-end unit deletes the business system account ID that satisfies the account deletion criterion information when the response information of the user cannot be received within a predetermined period. The account management system according to claim 9, wherein: 11. The business system according to claim 11, wherein the front-end unit manages resources for a plurality of business systems, and the back-end unit is provided in the business system, one for the business system including the back-end unit. 2. The account management system according to claim 1, wherein resources are managed.