JP2001117661A - Portable information terminal device and its program recording medium - Google Patents

Abstract

(57) [Summary] [Problem] It is judged that there is a high possibility that a portable terminal or a portable recording medium is lost or stolen when input of user-specific identification information for restricting a user is repeated incorrectly. To reliably prevent leakage of memory contents. A CPU compares an input password with a preset password to determine whether they match. As a result, every time a mismatch is determined, the number of mismatches is counted as the number of password input failures, and it is determined whether the counted number of input failures exceeds a preset input limit number. If the number exceeds the limit, the application / data in the storage device 22 or the removable memory card 3 is deleted.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001] The present invention relates to a portable information terminal device having a security management function and a program recording medium therefor.

[0002]

2. Description of the Related Art In recent years, when a salesperson brings a portable information terminal device and conducts daily sales activities, a portable recording medium such as a floppy desk is attached to the terminal body,
The salesperson accesses the stored contents and displays / outputs them, writes data, and the like while away from home. By the way, in general, a portable information terminal device is simpler and faster to operate than a strict security management performed by a desktop personal computer or the like because it is used as a personal dedicated device and used on the go. Emphasis is placed on the operating environment, such as gender.

[0003]

However, since the portable information terminal device is to be carried and used outside,
There is a risk that the portable recording medium or portable information terminal device itself may be lost or stolen on the go, and highly confidential important corporate information or personal information is stored in the portable recording medium or built-in memory. In such a case, there is a risk that important information may be leaked to another person due to loss or theft. An object of the first invention is to determine that it is highly possible that a portable terminal or a portable recording medium is lost or stolen when input of user-specific identification information for restricting a user is repeated incorrectly. Thus, leakage of memory contents can be reliably prevented. A second object of the present invention is to provide a method for repeatedly inputting identification information unique to a user who restricts a user when the input is repeated incorrectly because a legitimate user has forgotten part of the identification information. An object of the present invention is to enable appropriate security management in response to repeated input when a terminal or a portable recording medium is likely to be lost or stolen.

[0004] The means of the present invention are as follows. An invention according to claim 1 (first invention) is an identification information storage means for storing user-specific identification information for restricting a user,
A determining means for comparing the input identification information with the identification information stored in the identification information storage means to determine whether or not the two are the same; and Counting means for counting the number of mismatches as the number of input failures of the identification information; second determination means for determining whether the number of input failures counted by the counting means exceeds a preset input limit number; A security process execution unit for forcibly executing a security process for preventing leakage of memory contents when it is determined by the determination unit that the number of input failures exceeds the limit number of inputs. The present invention may be as follows. (1) The security processing execution means forcibly executes, as security processing for preventing leakage of memory contents, access protection for the memory or security processing for erasing the stored contents. (2) The security processing execution means sets the application software to an unexecutable state, sets the display screen to an undisplayable state, sets the display screen to a non-displayable state, and sets the power supply to a non-executable state. At least one of the power-on disable processing and the key input disable processing for setting the key input to an impossible state is executed as security processing. (3) An identification information storage unit for storing identification information unique to a user who restricts the user is provided in a portable recording medium detachably attached to the terminal device main body, and the first determination unit is Acquiring the identification information stored in the portable recording medium, and comparing the identification information with the inputted identification information to determine whether or not they match. According to the first aspect of the present invention, the input identification information is compared with identification information stored in advance to determine whether the two match.
As a result, every time a mismatch is determined, the number of mismatches is counted as the number of input failures of the identification information, and it is determined whether the counted number of failed inputs exceeds a preset number of input limits. If the number has been exceeded, security processing is forcibly executed to prevent leakage of memory contents. Therefore, if the identification information unique to the user that restricts the user is repeatedly entered incorrectly, it is judged that there is a high possibility that the portable terminal or portable recording medium has been lost or stolen, and the contents of the memory are leaked. It can be reliably prevented.

[0005] The invention of claim 5 (second invention)
Identification information storage means for storing user-specific identification information for restricting a user, and comparing input identification information with identification information stored in the identification information storage means to determine whether they match A first discriminating means, a recognizing means for recognizing the similarity according to the degree of discrepancy each time discrimination is made by the discriminating means, and a recognizing means for discriminating the discrepancy by the first discriminating means. In addition, for each similarity recognized by the recognition means, counting means for counting the number of mismatches as the number of input failures of identification information, and the number of input failures for each similarity counted by this counting means are set in advance for each similarity. A second determining means for determining whether the number of input failures exceeds a predetermined number of input limits, and the second determination means that the number of input failures for each similarity exceeds an input limit number preset for each similarity. When it is determined by the determining means is for and a security process execution means for executing the security process in accordance with the degree of similarity. By setting a larger value as the similarity is higher as a preset number of times set for each similarity, the number of possible input times at which identification information can be re-inputted is increased as the similarity is higher. You may do so. According to the fifth aspect of the invention, the input identification information is compared with the identification information stored in advance to determine whether or not the two match, and as a result, each time a mismatch is determined, the degree of mismatch is determined. In addition to recognizing the similarities in accordance with, the number of mismatches is counted as the number of input failures of the identification information for each recognized similarity, and the number of input failures for each of the counted similarities is set in advance for each similarity. When it is determined that the number of input times exceeds the input limit number, the security processing corresponding to the similarity is executed. Therefore, if the input of the user-specific identification information that restricts the user is repeatedly input incorrectly, the input may be repeated due to the legitimate user forgetting a part of the identification information, or the mobile terminal or the portable recording medium may be used. Security management can be appropriately performed in accordance with repeated input when there is a high possibility that the password has been lost or stolen.

[0006]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An embodiment of the present invention will be described below with reference to FIGS. FIG. 1 shows a terminal management system for externally providing application software / data stored and managed on a server device side to a portable information terminal device via a portable recording medium.
This system includes, for example, a server device 1 installed on the company side in a company organization and a mobile client terminal (portable information terminal device) brought by each sales representative.
2 and each sales representative can carry the portable recording medium 3 on the go.
When the business activity is performed while accessing the application software / data in the server, and the portable recording medium 3 is removed from the terminal body at the end of the business day, and set in the card reader / writer 4 of the server device 1, The server device 1 collects business records in the recording medium 3 via the card reader / writer 4.

[0007] The portable recording medium 3 is constituted by a semiconductor memory such as a compact flash card (CF card), for example, and the portable recording medium 3 is hereinafter referred to as a removable memory card. Here, in the figure, “#A”, “#B”, “#C”,
‥ indicates that the card is a terminal-compatible card associated with the portable information terminal device 2 indicated by the terminal names “A”, “B”, “C”, and ‥‥. Card reader / writer 4
Is capable of setting a plurality of removable memory cards 3 at the same time, and has a plurality of card insertion ports. Then, the server device 1 distributes the application / data to the terminal device 2 via the removable memory card 3.

That is, the server apparatus 1 accesses the AP software storage unit 5 and the database storage unit 6 when a writing target to be written to the removable memory card 3, that is, an application / data to be distributed is arbitrarily specified. To call the application / data corresponding thereto and give it to the card reader / writer 4, and
Alternatively, the application / data is written to two or more removable memory cards 3. At that time, the removable memory card 3
And the terminal ID information of the portable information terminal device 2 permitted to use the removable memory card 3 are written in the removable memory card 3 respectively.
In the drawing, M01, M02, and M03 indicate medium numbers unique to each removable memory card.
12, ID13 indicates terminal ID information unique to each terminal device. FIG. 2 is a view showing the storage contents of the removable memory card 3. In this example, the medium number, the terminal ID information, the application software, and the database "M0
In addition to “1”, “ID11”, “α1”, and “D1”, “password information” is stored. “Password information” restricts users who are allowed to access the application software and database in the removable memory card 3.

FIG. 3 is a block diagram showing the overall configuration of the portable information terminal device 2. As shown in FIG. The CPU 21 is a storage device 2
2 is a central processing unit that controls the overall operation of the portable information terminal device 2 in accordance with an operating system in the portable information terminal 2 and various application software in a removable memory card 3. The storage device 22 includes an operating system and various application software, a database,
It has a recording medium 23 that stores character fonts and the like and is constituted by a magnetic, optical, semiconductor memory or the like, and a drive system therefor. The recording medium 23 is a fixed medium such as a hard disk or a CD-R that can be detachably mounted.
It is a portable medium such as an OM, a floppy desk, a RAM card, and a magnetic card. The programs and data in the recording medium 23 are loaded into a RAM (for example, a static RAM) 24 under the control of the CPU 21 as needed, or the data in the RAM 24 is saved in the recording medium 23. Further, the recording medium may be provided on an external device side such as a server, and the CPU 21 may directly access and use the program / data in the recording medium via a transmission medium. Also, the CPU 21
Captures part or all of the data stored in the recording medium 23 from another device via a transmission medium, and
3 can be newly registered or additionally registered. That is, the transmission control unit 25 receives a program / data transmitted from another device constituting the computer communication system via a wired transmission line such as a communication line or a cable or a wireless transmission line such as radio waves, microwaves or infrared rays. And can be installed in the recording medium 23. Further, the program / data may be stored and managed on an external device side such as a server.
Can directly access and use the program / data on the external device side via a transmission medium.

On the other hand, the RAM 24 stores preset password information (password and function restriction information according to the type). FIG. 4A shows the contents of a password and function restriction information (hereinafter, collectively referred to as a main body password list), in which four types of passwords and function restriction information associated therewith are set. ing. That is, “MYNAME2”, “PR
OJECT5 ”,“ GROUP3 ”,“ GUEST ”
And a password level is set for each of the four types of passwords, and function restriction information is set in association with the password level. Note that the password level is a permission level for permitting use of a function associated with the password level, and usable functions are restricted by a permission level corresponding to the type of password. FIG. 4 (B)
FIG. 4 shows password information (function restriction information according to a password and its type) set in advance in the removable memory card 3. One type of password, its password level, and function restriction information associated therewith are set. Have been.

In the above-described main body password list, in this example, the password “MYNAME” of level “1” is used.
As the function restriction information corresponding to “2”, “all functions including reference to personal information can be executed” is set.
Also, the password “PROJECT5” of level “2”
Is set as the function restriction information corresponding to "Personal information reference", and as the function restriction information corresponding to level "3" password "GROUP3", "Only group limited functions Executable (access of removable memory card 3 is not allowed) "is set, and as function restriction information corresponding to level" 4 "password" GUEST "," access of stored data is disabled "
Is set. The password information set in advance in the removable memory card 3 is set as “function access information corresponding to the password“ MEMORY 6 ”of level“ 3 ”,“ only the removable memory card 3 is accessible ”. .

In the RAM 24, as shown in FIG. 5, "information on the number of re-inputs of similar passwords", "information on the number of re-inputs of erroneous passwords" and "number of similarity determination reference characters"
Is set. Here, in this embodiment,
When the user-specific password for restricting the user is repeatedly input incorrectly, the input may be repeated due to the legitimate user forgetting a part of the password, or the portable information terminal device 2 or the removable memory card may be used. In order to determine whether the password has been repeatedly lost or stolen, it is necessary to recognize the similarity between the entered password and a preset password, and determine the password in accordance with the similarity. The number of possible re-inputs is changed. At this time, the above-mentioned “similar password re-enterable number information”, “wrong password re-enterable number information”, and “similarity determination reference character number” are referred to.

That is, when recognizing the degree of similarity between the input password and a preset password, in this example, as shown in FIG. 5C, "two characters" are used as the "number of similarity determination reference characters". Is set, and if there is an input error of 2 characters or less, it is determined that the input is made because the authorized user has forgotten part of the password, and the number of times of setting of “similar password re-enterable number information” is set. We accept password input only for minutes, but if you make an input error of 3 characters or more,
It is determined that the input is due to unauthorized use by a third party, and the password input is accepted by the number of times set in the “information on the number of times that an incorrect password can be re-entered”. In this example, FIG.
As shown in FIG. 5, “5 times” is set as “information on the number of times that a similar password can be re-entered”.
As shown in (B), “3 times” is set as “information on the number of times that an incorrect password can be re-entered”. Therefore,
The number of times the password is repeatedly set by a legitimate user who has forgotten part of the password has a larger value.

FIG. 5D shows a similar password input count counter C1. Each time a similar password is input, its value is updated. FIG. 5E shows an incorrect password input count counter C2, and the value is updated each time an incorrect password is input. In this case, the number of inputs counted by the input number counter C1 and FIG.
(A) is compared with “similar password re-enterable number information”, and the number of inputs counted by input number counter C2 is compared with “incorrect password re-enterable number information” in FIG. 5 (B). Is compared. In this way, input of a similar password / erroneous password is permitted until they match. The input counter C
"1" is set to 1, C2 as its initial value.

If the password input exceeds the "number of re-inputs of similar password" or the "number of re-inputs of erroneous password", security processing corresponding to the similar password or erroneous password is forcibly executed. This security processing information is stored in advance in the storage device 22 together with the terminal ID. Here, the contents of the security process include a process of erasing memory contents, that is, a process of erasing a predetermined application and data stored in the storage device 22, a process of erasing a built-in memory, and a process of erasing an application / memory in the removable memory card 3. In addition to the removable memory card erasing process for erasing data, access protection process for the entire memory, application non-executable process for setting applications in the storage device 22 and the removable memory card 3 to an unexecutable state, and display of a display screen Display disable processing for setting to an impossible state, power-on disable processing for setting to a state where main power cannot be turned on, and key input disable processing for setting a key input to an impossible state. Alternatively, security processing combining two or more is executed.

The portable information terminal device 2 includes a clock 26 for obtaining date and time information, a power supply unit 27 using a battery as a power source, a keyboard 28, a liquid crystal display unit 29, a detachable removable memory card 3, and a Corresponding key interface 3
0, an LCD driver 31, and a card driver 32.

Next, the operation of the portable information terminal device 2 according to the first embodiment will be described with reference to the flowchart shown in FIG. Here, a program for realizing each function described in this flowchart is stored in a recording medium 23 in the form of a readable program code, and the CPU 21 sequentially executes an operation according to the program code. . Further, the CPU 21 can also sequentially execute the operation according to the above-described program code transmitted via the transmission medium. That is, an operation unique to this embodiment can be executed using a program / data externally supplied via a transmission medium in addition to a recording medium.

FIG. 6 is a flowchart showing the operation started when the power is turned on. First, an initialization process for initializing various parameters is performed (step S1). In this case, "1" is set in the input number counters C1 and C2 as their initial values. Then, in order to declare the start of use of the portable information terminal device,
When the terminal ID is input (step S2), the storage device 2
It is determined whether or not it is correct by comparing with the terminal ID set in 2 (step S3). If an erroneous input is made, the process exits from this flow and its use is prohibited.
If a legitimate terminal ID has been entered, an entry of a password is accepted (step S4).

Now, when the password is entered, FIG.
The password information and the removable memory card 3 set in the body password list shown in FIGS.
The password having the highest permission level is obtained from the password information set in (step S5), and the obtained password is compared with the input password to determine whether the two completely match (step S6). . here,
If the password does not match even with only one character, the password having the next highest permission level is acquired from the various setting password information in the main body password list / memory card (step S7). Here, when the password has been obtained (step S8), the obtained password is compared with the input password to determine whether they completely match (step S6). Hereinafter, the above operation is repeated until it is determined that the password completely matches any one of the above-described setting passwords, or until it is determined that all the setting passwords do not match. As a result,
If the password matches one of the set passwords, it is determined that a valid password has been entered, and the functions that can be executed are restricted based on the function restriction information associated with the permission level of the set password. The use of the portable information terminal device is started (step S9).

On the other hand, if the input password does not completely match any of the setting passwords and a mismatch of all the passwords is detected, the process proceeds to step S10, where the setting password information in the main body password list / memory card is read. , To get the password with the highest permission level. Then, the acquired password is compared with the input password to recognize a matching part between them, and it is determined whether the number of mismatched characters is equal to or less than the “similarity determination reference character number” shown in FIG. 5C (step S11). In this case, since “2 characters” is set as the “number of similarity determination characters”, if there is a mismatch of 3 or more characters, a password having the next highest permission level among the above set passwords is acquired (step S11). Thereafter, the operation of determining whether the number of mismatched characters is equal to or less than the “similarity determination reference character number” is repeated while acquiring the setting passwords one by one until all setting passwords are acquired (steps S11 to S13).

As a result of comparing the input password with all the set passwords, if there is no set password equal to or less than the "similarity determination reference number of characters", that is, if the input password is an erroneous input password that is not similar to the various set passwords, If the input number counter C2
Is performed (step S14). Then, the updated value of the input count counter C2 is read, and the input count of the erroneous password is compared with FIG.
(B) is compared with “information on the number of times a wrong password can be re-entered” (step S15). As a result, if the counter count value is equal to or less than the number of times that an incorrect password can be re-entered, the process returns to step S4 to accept the re-input of the password.
As a result, when the password is re-entered, if the password is an erroneous password, the value of the input counter C2 is updated each time the erroneous password is recognized, as described above.

As a result, when an incorrect password is input three times, the counter count value corresponding to the incorrect password becomes "4", and it is determined in step S15 that the number of re-inputtable times of the incorrect password has exceeded "3". . Then, a security process for preventing leakage of memory contents is forcibly executed on the condition of this (step S16). As a security process in this case, a process of erasing memory contents is executed. That is, the internal memory erasing processing for erasing predetermined applications and data stored in the storage device 22 and the removable memory card erasing processing for erasing applications / data in the removable memory card 3 prevent leakage of memory contents. This is executed as security processing for

If the input password is a similar password similar to any of the set passwords by the similar password recognition processing in steps S11 to S13, the value of the input counter C1 is set to "1".
Is executed (step S).
17). Then, the updated value of the input number counter C1 is read, and the number of times of input of the similar password is compared with the “number of times of re-input of similar password” in FIG. 5A (step S18). As a result, if the counter count value is equal to or less than the number of times that a similar password can be re-entered, the process returns to step S4 to accept the password again. As a result, if the password is re-entered and the password is a similar password, the value of the input counter C1 is updated each time the similar password is recognized, as described above. As a result, when the similar password is input five times, the counter count value becomes “6”, and it is determined that the number of times that the similar password can be re-input exceeds “5” in step S.
If it is determined in step 18, the flow exits from this flow and its use is prohibited. However, since the number of times that a similar password can be re-entered is greater than the number of times that an incorrect password can be re-entered, a regular password is input by the re-input. (Step S6), normal processing is permitted (step S6).
9).

As described above, in this embodiment,
If the password that restricts the user is repeatedly entered incorrectly and the number of incorrect entries exceeds the preset number of possible entries, security processing is forcibly executed to prevent leakage of memory contents. Therefore, even if the portable information terminal device 2 or the removable memory card 3 is lost or stolen, leakage of the memory contents can be reliably prevented. In this case, since the stored contents of the memory are erased as security processing for preventing the leakage of the contents of the memory, the leakage of the important information is surely prevented. Security processing includes access protection processing for the entire memory, application non-execution processing to set application software to a non-executable state, display non-display processing to set a display screen to a non-displayable state, and power on not possible Of the power-on disable processing to set the key input state and the key input disable processing to set the key input to the impossible state
By executing at least one of them, it is possible to easily and reliably prevent unauthorized use and information leakage by a third party without erasing the memory contents.

Further, since the password information for restricting the user is stored in the removable memory card 3 detachably attached to the terminal device main body, the password information obtained from the removable memory card 3 is obtained. Only when the password information matches the input password, access to the removable memory card 3 becomes possible, and the user can be restricted for each removable memory card 3. Further, in the case of a mismatch, the security processing for preventing the leakage of the memory contents is forcibly performed on the removable memory card 3, so that when the removable memory card 3 is lost or stolen. However, it is possible to reliably prevent information leakage.

Further, as a result of comparing the input password with the set password information, if a mismatch is determined,
Recognizing those similarities according to the degree of mismatch, the number of mismatches for each similarity is counted as the number of password input failures, and the number of possible input failures for each similarity is set in advance for each similarity. If the password exceeds the password, the security process is executed according to the similarity. If the password is repeatedly entered incorrectly, the password may be repeatedly entered because the authorized user has forgotten part of the password. In addition, appropriate security management can be realized according to repeated input when there is a high possibility that the portable information terminal device 2 removable / stolen memory card 3 is lost or stolen. In this case, as the number of possible inputs preset for each similarity is set to a larger value as the similarity is higher, a repetitive input due to a legitimate user forgetting a part of the password is set. In such a case, the number of re-inputs increases, and in the case of repetitive input in a case where there is a high possibility that the portable information terminal device 2 has been lost or stolen, the number of re-inputs decreases. Appropriate security management can be realized according to the password input status.

In the above-described embodiment, the removable memory card 3 is exemplified as a portable recording medium detachably attached to the terminal device main body. Or an optical recording medium or a PC card other than a compact flash card. In addition, the use of the portable information terminal device includes direct use by operation such as key input and switch input,
It includes indirect use of exchanging information by data communication. In addition, as a user-specific identification information that restricts users, a password of multiple characters is entered.
In a terminal device having a voice recognition function for recognizing a user's voice, identity verification may be performed by voice verification.

[0028]

According to the first aspect of the present invention, when input of user-specific identification information for restricting a user is repeatedly incorrect,
Leakage of the memory contents can be reliably prevented by determining that there is a high possibility that the portable terminal or portable recording medium has been lost or stolen. According to the second invention, when the input of the user-specific identification information for restricting the user is repeatedly mistaken, the repetition input due to the legitimate user forgetting a part of the identification information, Appropriate security management can be realized according to repeated input when there is a high possibility that the terminal or the portable recording medium is lost or stolen.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a terminal management system for providing application software / data stored and managed on a server device side to a portable information terminal device via a portable recording medium.

FIG. 2 is a diagram showing storage contents of a removable memory card 3 mounted on a terminal body.

FIG. 3 is a block diagram showing the overall configuration of the portable information terminal device.

4A is a diagram showing the contents of a main body password list stored in a RAM 24, and FIG. 4B is a diagram showing password information stored in a removable memory card 3. FIG.

5A is a diagram exemplifying the content of re-enterable number information of a set similar password, FIG. 5B is a diagram exemplifying the content of re-enterable number information of a set erroneous password, FIG. (C) is a diagram illustrating the contents of the set similarity determination reference character number information, (D) is a diagram illustrating a similar password input count counter, and (E) is a diagram illustrating an incorrect password input count counter.

FIG. 6 is a flowchart that is started by the portable information terminal device 2 when the main power is turned on.

[Description of Signs] 2 Portable information terminal device 3 Removable memory card 21 CPU 22 Storage device 23 Recording medium 25 Transmission control unit 28 Keyboard C1 Similar password input count counter C2 False password input count counter

Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat II (reference) G09C 1/00 640 G09C 1/00 640E H04L 9/32 H04L 9/00 673A F-term (reference) 5B019 BC04 EA10 HB05 HB10 HF05 HF10 5B058 CA13 KA01 KA06 KA12 KA33 YA01 5J104 AA12 EA03 KA01 NA05 NA27 NA35 NA41 PA02 9A001 BB03 BB04 BB06 CC05 DD15 JJ12 JZ54 LL03

Claims (8)

[Claims] 1. An identification information storage means for storing user-specific identification information for limiting a user, and comparing the input identification information with the identification information stored in the identification information storage means, A first determining means for determining whether they match, a counting means for counting the number of mismatches as the number of input failures of the identification information every time a mismatch is determined by the determining means, and an input failure counted by the counting means; A second determining means for determining whether the number of times exceeds an input limit number set in advance; and, when the second determining means determines that the number of input failures exceeds the input limit number,
A portable information terminal device comprising: security processing execution means for forcibly executing security processing for preventing leakage of memory contents. 2. The security processing executing means for forcibly executing, as security processing for preventing leakage of memory contents, access protection for the memory or security processing for erasing the stored contents. The portable information terminal device according to claim 1. 3. The security processing execution means includes an application execution disable processing for setting application software to an unexecutable state, a display disable processing for setting a display screen to an undisplayable state, and a power-on impossible state. 2. The portable type according to claim 1, wherein at least one of the power-on disable processing for setting the key input and the key input disable processing for setting the key input to the impossible state is executed as a security processing. Information terminal device. 4. An identification information storage means for storing user-specific identification information for restricting the user in a portable recording medium detachably attached to the terminal device main body, wherein the first determination is performed. The means acquires the identification information stored in the portable recording medium, and compares the identification information with the input identification information to determine whether the two coincide with each other. The portable information terminal device according to claim 1. 5. An identification information storage means for storing user-specific identification information for restricting a user, and comparing the input identification information with the identification information stored in the identification information storage means, and A first discriminating means for discriminating whether or not they match each other, a recognizing means for recognizing similarities in accordance with the degree of discrepancy each time discrepancy is discriminated by the discriminating means; Each time is determined, for each similarity recognized by the recognition means, counting means for counting the number of mismatches as the number of input failures of the identification information, and the number of input failures for each similarity counted by this counting means Second determining means for determining whether the number of input limits set in advance for each similarity has been exceeded; and the number of input failures for each similarity exceeding the number of input limits set in advance for each similarity. Doo is if it is discriminated by said second discriminating means, the portable information terminal apparatus characterized by comprising a security process execution means for executing the security process in accordance with the degree of similarity. 6. A higher value of the similarity is set as a preset number of times set in advance for each similarity, so that identification information can be re-input as the degree of similarity increases. 6. The portable information terminal device according to claim 5, wherein the number of times is increased. 7. A recording medium having a program code which can be read by a computer, wherein when identification information unique to a user for restricting a user is input, the input identification information and an identification stored in advance. A computer-readable program code for comparing information with each other to determine whether they match, and a computer-readable program for counting the number of mismatches as the number of identification information input failures each time a mismatch is determined. Code, and a computer-readable program code for determining whether the counted number of input failures exceeds a preset input limit number, and when it is determined that the input failure number exceeds the input limit number. Computer readable, forcing security processing to prevent leakage of memory contents Recording medium having a program code. 8. A recording medium having a program code readable by a computer, wherein when identification information unique to a user for restricting a user is input, the identification information stored in advance is stored together with the input identification information. A computer readable program code for comparing information with each other to determine whether they match, and a computer readable program for recognizing the similarity according to the degree of mismatch each time a mismatch is determined. Code and a computer readable program code for counting the number of mismatches as the number of input failures of identification information for each of the recognized similarities each time a mismatch is determined, and an input failure for each counted similarity Computer readable for discriminating whether the number of times has exceeded the input limit set in advance for each similarity When the program code, is that the input number of failed by the similarity exceeds the input limits the number of times which is set by pre-similarity is determined,
And a computer-readable program code for executing a security process corresponding to the similarity.