System for authenticating access to a network, storage medium, program and method for authenticating access to a network
First Claim
1. An access authentication system for providing a client with a service of connection to a second terminal server via a first terminal server, characterized by comprising:
- a first authentication server for determining whether or not the client should be connected to the first terminal server, on the basis of personal information input by the client to the first terminal server, the first authentication server creating first ticket data by encoding a client parameter, which includes part of the personal information, on the basis of a predetermined formula, and transferring the first ticket data to the second terminal server; and
a second authentication server for detecting whether or not the client parameter is valid and whether or not the first ticket data has been used, creating second ticket data by encoding the client parameter on the basis of a predetermined formula, comparing the first and second ticket data, and supplying the second terminal server with data indicative of whether or not the second terminal server should be connected to the client.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention comprises a first authentication server for determining whether or not a client terminal should be connected to a first terminal server, on the basis of personal information input from the client terminal, creating first ticket data by encoding a client parameter, and transferring the first ticket data to the second terminal server, and a second authentication server for detecting whether or not the client parameter is valid and whether or not the first ticket data has been used, creating second ticket data by encoding the client parameter, comparing the first and second ticket data, and supplying the second terminal server with data indicative of whether or not the second terminal server should be connected to the client.
-
Citations
20 Claims
-
1. An access authentication system for providing a client with a service of connection to a second terminal server via a first terminal server, characterized by comprising:
-
a first authentication server for determining whether or not the client should be connected to the first terminal server, on the basis of personal information input by the client to the first terminal server, the first authentication server creating first ticket data by encoding a client parameter, which includes part of the personal information, on the basis of a predetermined formula, and transferring the first ticket data to the second terminal server; and
a second authentication server for detecting whether or not the client parameter is valid and whether or not the first ticket data has been used, creating second ticket data by encoding the client parameter on the basis of a predetermined formula, comparing the first and second ticket data, and supplying the second terminal server with data indicative of whether or not the second terminal server should be connected to the client. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An access authentication system for providing a client with a service of connection to a second terminal server via a first terminal server, characterized by comprising:
-
a first authentication server for determining whether or not the client should be connected to the first terminal server, on the basis of ID information and a password input by the client to the first terminal server, the first authentication server creating first ticket data by encoding client parameters, which include the ID information, an access-originator IP address of the client, a predetermined expiration date and a common character string, on the basis of a predetermined formula, and transferring the first ticket data to the second terminal server; and
a second authentication server for comparing an access-originator IP address input by the client to the second terminal server with the access-originator IP address of the client included in the client parameter, thereby determining whether or not access by the client has been executed on or before the expiration date, determining whether or not the first ticket data has been used, creating second ticket data by encoding the client parameters on the basis of a predetermined formula, comparing the first and second ticket data, and supplying the second terminal server with data indicative of whether or not the second terminal server should be connected to the client.
-
-
7. An access authentication system for providing a client with a service of connection to a second terminal server via a first terminal server, characterized by comprising:
-
first personal information acquiring means for acquiring personal information input by the client to the first terminal server;
first authentication means for determining whether or not the client should be connected to the first terminal server, on the basis of the personal information;
first ticket data creating means for creating first ticket data by encoding a client parameter, which includes part of the personal information, on the basis of a predetermined formula;
transfer means for transferring data to the second terminal server;
second personal information acquiring means for acquiring personal information input by the client to the second terminal server; and
second authentication means for creating second ticket data by encoding the client parameter, which contains the part of the personal information, on the basis of a predetermined formula, comparing the first and second ticket data, and supplying the second terminal server with data indicative of whether or not the second terminal server should be connected to the client. - View Dependent Claims (8, 9, 10, 11)
-
-
12. An access authentication system for providing a client with a service of connection via a first terminal server, characterized by comprising:
-
first personal information acquiring means for acquiring personal information from the client;
first authentication means for determining whether or not the client should be connected to the first terminal server, on the basis of the personal information;
first ticket data creating means for creating first ticket data by encoding a client parameter, which includes at least part of the personal information, on the basis of a predetermined formula if the first authentication means determines that the client should be connected to the first terminal server; and
transfer means for transferring the first ticket data.
-
-
13. An access authentication system for providing a client with a service of connection to a second terminal server, characterized by comprising:
-
first ticket data acquiring means for acquiring first ticket data created by encoding a client parameter, which includes part of personal information of the client, on the basis of a predetermined formula;
second personal information acquiring means for acquiring personal information from the client;
second ticket creating means for creating second ticket data by encoding a client parameter, which includes part of personal information acquired by the second personal information acquiring means, on the basis of a predetermined formula; and
judging means for comparing the first and second ticket data, and judging whether or not the client should be connected to the second terminal server.
-
-
14. A computer-readable storage medium that stores a program for operating a computer, the program being characterized by comprising:
-
first personal information acquiring means for acquiring personal information from a client in a first terminal server;
first authentication means for determining whether or not the client should be connected to the first terminal server, on the basis of the personal information;
first ticket data creating means for creating first ticket data by encoding a client parameter, which includes at least part of the personal information, on the basis of a predetermined formula if the first authentication means determines that the client should be connected to the first terminal server;
transfer means for transferring the first ticket data to a second terminal server;
first ticket data acquiring means for acquiring the first ticket data in the second terminal server;
second personal information acquiring means for acquiring personal information from the client in the second terminal server;
second ticket creating means for creating second ticket data by encoding a client parameter, which includes part of personal information, on the basis of the predetermined formula; and
second authentication means for comparing the first and second ticket data, thereby determining whether or not the client should be connected to the second terminal server.
-
-
15. A computer-readable storage medium that stores a program for operating a computer, the program being characterized by comprising:
-
first personal information acquiring means for acquiring personal information from the client in a first terminal server;
first authentication means for determining whether or not the client should be connected to the first terminal server, on the basis of the personal information;
first ticket data creating means for creating first ticket data by encoding a client parameter, which includes at least part of the personal information, on the basis of a predetermined formula if the first authentication means determines that the client should be connected to the first terminal server; and
transfer means for transferring the first ticket data.
-
-
16. A computer-readable storage medium that stores a program for operating a computer, the program being characterized by comprising:
-
first ticket data acquiring means for acquiring first ticket data created by encoding a client parameter, which includes part of personal information of the client, on the basis of a predetermined formula in a second terminal server;
second personal information acquiring means for acquiring personal information from the client in the second terminal server;
second ticket creating means for creating second ticket data by encoding a client parameter, which includes part of the personal information, on the basis of the predetermined formula; and
second authentication means for comparing the first and second ticket data, thereby determining whether or not the client should be connected to the second terminal server.
-
-
17. A program for operating a computer, comprising:
-
first personal information acquiring means for acquiring personal information from a client in a first terminal server;
first authentication means for determining whether or not the client should be connected to the first terminal server, on the basis of the personal information;
first ticket data creating means for creating first ticket data by encoding a client parameter, which includes at least part of the personal information, on the basis of a predetermined formula if the first authentication means determines that the client should be connected to the first terminal server;
transfer means for transferring the first ticket data to a second terminal server;
first ticket data acquiring means for acquiring the first ticket data in the second terminal server;
second personal information acquiring means for acquiring personal information from the client in the second terminal server;
second ticket creating means for creating second ticket data by encoding a client parameter, which includes part of personal information, on the basis of the predetermined formula; and
second authentication means for comparing the first and second ticket data, thereby determining whether or not the client should be connected to the second terminal server.
-
-
18. A program for operating a computer, comprising:
-
first personal information acquiring means for acquiring personal information from the client in a first terminal server;
first authentication means for determining whether or not the client should be connected to the first terminal server, on the basis of the personal information;
first ticket data creating means for creating first ticket data by encoding a client parameter, which includes at least part of the personal information, on the basis of a predetermined formula if the first authentication means determines that the client should be connected to the first terminal server; and
transfer means for transferring the first ticket data.
-
-
19. A program for operating a computer, comprising:
-
first ticket data acquiring means for acquiring first ticket data created by encoding a client parameter, which includes part of personal information of the client, on the basis of a predetermined formula in a second terminal server;
second personal information acquiring means for acquiring personal information from the client in the second terminal server;
second ticket creating means for creating second ticket data by encoding a client parameter, which includes part of the personal information, on the basis of the predetermined formula; and
second authentication means for comparing the first and second ticket data, thereby determining whether or not the client should be connected to the second terminal server.
-
-
20. An access authentication method for providing a client with a service of connection to a second terminal server via a first terminal server, characterized by comprising:
-
a first authentication step of determining whether or not the client should be connected to the first terminal server;
a first ticket data creating step of creating first ticket data by encoding a client parameter, which includes at least part of personal information input by the client, on the basis of a predetermined formula;
a data transfer step of transferring the client parameter and the first ticket data to the second terminal server;
a detection step of detecting whether or not the client parameter in the first terminal server is valid, and whether or not the first ticket data has been used;
a second ticket data creating step of creating a second ticket data by encoding the client parameter on the basis of a predetermined formula;
a ticket data comparison step of comparing the second ticket data with the first ticket data; and
a second authentication step of determining whether or not the client should be connected to the second terminal server, on the basis of results obtained at the determination step and the comparison step.
-
Specification