Over-network resource distribution system and mutual authentication system

US 20030078894A1
Filed: 08/27/2002
Published: 04/24/2003
Est. Priority Date: 08/27/2001
Status: Active Grant

First Claim

Patent Images

1. An over-network resource distribution system for allowing one or more users to request resources to be provided by at least one resource providing server through user terminals connected by a communication line to the resource providing server, the resource requested being downloaded for utilization through the communication line onto the user terminal, the system comprising:

at least one window server having a first user information database recording information required in authenticating the user and a first resource provider information database recording information required in verifying a reliability of a resource provider, to serve as a window of a resource request to be sent from an arbitrary one of the user terminals of the users to the resource providing server thereby sending a resource request command corresponding to the resource request to the resource providing server designated in the resource request; and

the resource providing server having a second resource provider information database recording information required in authenticating the window server, a second user information database extractably recording information about the user authenticated by the window server, and a permission data database recording restriction of accessing a resource to be provided to the user, to send the resource in response to a resource request from arbitrary one of the window servers.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The resources kept by a number of entities are made available mutually by each of the entities. A user using a user terminal requests a resource, to be provided by a resource providing server, to a window server through a communication line. A user information database records information for authenticating the user. A resource provider database records information for verifying a reliability of a resource provider. A .resource provider information database records information for verifying the window server. 13 user information database records information of a user authenticated by the window server to allow the access to a resource. A permission data database records information for restricting the access to a resource.

Citations

11 Claims

1. An over-network resource distribution system for allowing one or more users to request resources to be provided by at least one resource providing server through user terminals connected by a communication line to the resource providing server, the resource requested being downloaded for utilization through the communication line onto the user terminal, the system comprising:
- at least one window server having a first user information database recording information required in authenticating the user and a first resource provider information database recording information required in verifying a reliability of a resource provider, to serve as a window of a resource request to be sent from an arbitrary one of the user terminals of the users to the resource providing server thereby sending a resource request command corresponding to the resource request to the resource providing server designated in the resource request; and
  
  the resource providing server having a second resource provider information database recording information required in authenticating the window server, a second user information database extractably recording information about the user authenticated by the window server, and a permission data database recording restriction of accessing a resource to be provided to the user, to send the resource in response to a resource request from arbitrary one of the window servers.

2. A widow server for providing a service from a resource providing server in which a resource is to be provided according to a request onto a user terminal in which the resource is to be downloaded, the window server comprising:
- a storage unit for storing information including personal information of a user using the user terminal and resource provider information for providing the resource;
  
  an authenticator for authenticating the user terminal by making reference to the storage unit, according to a resource request from the user terminal to the resource providing server;
  
  a verifier for verifying a reliability of the resource providing server in the request;
  
  a communication unit for sending a request command of the resource to the resource providing server when a reliability of the resource providing server is confirmed in the verifier, and for receiving the resource from the resource providing server; and
  
  an updating unit for updating the personal information of the storage unit when, in the communication unit, the resource requested from the user terminal is sent from the user terminal.

3. A resource providing server for receiving a resource request from a user terminal through a window server, the resource providing server comprising:
- a communication unit for receiving the resource request from the user terminal and providing the resource;
  
  a storage unit storing at least one of personal information of a user using the user terminal and reliability information of the window server; and
  
  a verifier for verifying the resource request received from the window server by making reference to the storage unit, wherein the communication unit provides the resource when an authenticator authenticates the resource request.
- View Dependent Claims (4, 5, 6)
- - 4. A resource providing server according to claim 3, wherein the authenticator makes an authentication based on the previously set information of whether to authenticate a reliability of at lease one of the user terminal and the window server.
  - 5. A resource providing server according to claim 3, wherein, when a utilization-requested resource is not held in the resource providing server, the communication unit sends a utilization request to another resource providing server holding the resource, and, when the resource providing server is authenticated in the other resource providing server, the resource is received from the other server.
  - 6. A resource providing server according to claim 5, wherein the storage unit stores previously set reliability information about a reliability of the other resource providing server.

7. A mutual authentication system in a network community including a first community having one or more service servers, one or more users who use services provided by the service servers and one or more window servers mediating between the service servers and the user terminals of the users, and a second community having similar constituent elements as the first community, the mutual authentication system comprising:
- a first certification authority for issuing a public key certification prepared by an arbitrary one of the window servers belonging to the first community;
  
  a second certification authority for issuing a public key certification prepared by an arbitrary one of the window servers belonging to the second community; and
  
  a rating server having a reliability database recording evaluation information such that public key certifications issued by the first and second certification authorities are evaluated based on predetermined evaluation items.

8. An authentication system to allow for a service according to a utilization request from a user terminal, the authentication system comprising:
- a first receiver for receiving a utilization request of a service from the user terminal;
  
  an authenticator for authenticating the user terminal;
  
  a preparation unit for preparing authentication result information when the user terminal is authenticated in the authenticator, in a service server as a destination of the utilizing request of the service transmitted from the user terminal;
  
  a first authenticating server having a transmitter to send the authentication result information prepared in the preparation unit to the utilization request destination service server;
  
  a second receiver for receiving the authentication result information;
  
  a confirmation unit for confirming the user terminal and the first authenticating server by making reference to the authentication result information; and
  
  a second authenticating server having a second transmitter to send utilization permission information of the service to the user terminal when confirmation is made in the confirmation unit.
- View Dependent Claims (9)
- - 9. An authentication system according to claim 8, wherein the confirmation unit in the second authenticating server makes reference to authentication information on the first authenticating server in a rating server registered with authentication information of a plurality of authenticating servers, in order to authenticate the first authenticating server.

10. A method of providing a service from a resource providing server in which a resource is to be provided according to a request onto a user terminal in which the resource is to be downloaded, the method comprising the steps of:
- storing, in a storing area, information including personal information of a user using the user terminal and resource provider information for providing the resource;
  
  authenticating the user terminal by making reference to the information stored in the storing area according to a request of a resource from the user terminal to the resource providing server;
  
  verifying a reliability of the resource providing server in the request;
  
  sending a request command of the resource to the resource providing server when a reliability of the resource providing server is confirmed in the verifying step;
  
  receiving the resource from the resource providing server; and
  
  updating the information stored in the storing area when sending the resource requested from the user terminal in the receiving step.

11. A method of authentication for allowing for a service according to a utilization request from a user terminal, the method comprising the steps of:
- receiving a utilization request of a service from the user terminal;
  
  authenticating the user terminal;
  
  preparing authentication result information when the user terminal is authenticated in the authenticating step, in a utilization-request-destination service server of the service sent from the user terminal;
  
  sending the authentication result information prepared in the preparing step to the utilization-request-destination service server;
  
  receiving the authentication result information;
  
  confirming the user terminal and the first authenticating server by making reference to the authentication result information; and
  
  sending utilization permission information the service to the user terminal when confirmation is made in the confirming step.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Kon, Masashi

Granted Patent

US 7,457,848 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/64
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/445   by mutual authentication, e...

G06F 2221/2115   Third party

G06Q 20/382   insuring higher security of...

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04L 63/12   Applying verification of th...

Over-network resource distribution system and mutual authentication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Over-network resource distribution system and mutual authentication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links