Please download the dossier by clicking on the dossier button x
×

User information management system; user information management method; program, and recording medium on which it is recorded, for management server; program, and recording medium on which it is recorded, for user terminal; and program, and recording medium on which it is recorded, for service server

  • US 10,382,430 B2
  • Filed: 06/23/2015
  • Issued: 08/13/2019
  • Est. Priority Date: 07/28/2014
  • Status: Active Grant
First Claim
Patent Images

1. A user information management system comprising:

  • a management server for managing information on a group of users;

    user terminals respectively corresponding to the users; and

    a service server for providing services to the users;

    wherein the management server, the service server, and the user terminals are connected via a network to enable mutual transmission and reception of data;

    the management server and the service server are enabled for cryptographic communications with each other, wherein;

    each of the user terminals includes a user side storage storing user identification information for identifying each of the users, a management authentication key used by the management server to authenticate each of the users, and a unique key that is unique to one of the users to carry out cryptographic communications with the management server and that is not provided to the service server;

    the management server includes a user information storage storing user identification information for respectively identifying the users belonging to the group, the unique key, and the management authentication key, and decrypts encryption information encrypted by each of the user terminals, based on the unique key of the user, the unique key being stored in the user information storage;

    each of the user terminals executes a first step of encrypting, based on the unique key, a session password and the management authentication key, and transmits the session password and the management authentication key to the service server;

    the service server includes a storage device and a decryption request processor that receives the encrypted session password and the encrypted management authentication key from the user terminal, and transmits the encrypted session password and the encrypted management authentication key to the management server by means of the cryptographic communications;

    the management server further includes a reply processor that;

    causes the management server to decrypt, based on the unique key, the management authentication key and the session password which are transmitted from the decryption request processor;

    compares the decrypted management authentication key with the management authentication key stored in the user information storage to perform authentication of the users; and

    performs one of i) notifying an error of the authentication to the service server when the authentication fails, and ii) sending back the decrypted session password to the service server by means of cryptographic communications when the authentication succeeds;

    the service server generates a service authentication key to allow each of the user terminals to receive provision of service;

    the service server encrypts the generated service authentication key using the decrypted session password, and transmits to each of the user terminals the service authentication key;

    each of the user terminals carries out a second step of acquiring the service authentication key by decrypting the encrypted service authentication key by means of the session password; and

    each of the user terminals uses the acquired service authentication key to access the service server.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×