Access privilege transferring method
First Claim
1. An information managing method for safely managing secret information between clients, and between clients and servers, over an object space in which at least one server for providing objects and at least one client requiring the objects are connected to one another by a network, comprising:
- transmitting secret information from at least a first of a plurality of clients to at least a second of the plurality of clients;
transmitting an encryption key from the at least the first of the plurality of clients to the at least the second of the plurality of clients;
encrypting, by the at least the second of the plurality of clients, the secret information by using the encryption key; and
storing the encrypted secret information, by the at least the second of the plurality of clients, in a secondary memory device.
0 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein is an access privilege transferring method for safely transmitting privilege information about each object between subjects (users) over an object space in which service objects are scattered. User information and secret information of clients are shared between the clients and servers. A client that transfers privilege information generates privilege information weakened in its own contents of privilege. Further, the client applies a one-way function or an encryption function to a bit string obtained by joining the generated privilege information and the secret information to each other, thereby generating protected privilege information with which a third party who does not know the secret information is not capable of tampering. Utilizing the protected privilege information makes it possible to safely transfer access privileges. Further, the server analyzes the protected privilege information by using the secret information to thereby make it possible to safely confirm whether a client that makes an object request is authorized.
-
Citations
5 Claims
-
1. An information managing method for safely managing secret information between clients, and between clients and servers, over an object space in which at least one server for providing objects and at least one client requiring the objects are connected to one another by a network, comprising:
-
transmitting secret information from at least a first of a plurality of clients to at least a second of the plurality of clients;
transmitting an encryption key from the at least the first of the plurality of clients to the at least the second of the plurality of clients;
encrypting, by the at least the second of the plurality of clients, the secret information by using the encryption key; and
storing the encrypted secret information, by the at least the second of the plurality of clients, in a secondary memory device.
-
-
2. An information managing method for safely managing secret information between clients, and between clients and servers, over an object space in which at least one server for providing objects and at least one client requiring the objects are connected to one another by a network, comprising:
-
encrypting secret information by using an encryption key, thereby generating protected secret information by at least a first of a plurality of clients;
transmitting the protected secret information from the at least the first of the plurality of clients to at least a second of the plurality of clients;
storing, by the at least the second of the plurality of clients, the received protected secret information in a secondary memory device;
transmitting a decryption key for decrypting the information encrypted by the encryption key from the at least the first of the plurality of clients to the at least the second of the plurality of clients; and
decrypting, by the at least the second of the plurality of clients, the protected secret information by using the decryption key, thereby obtaining the secret information. - View Dependent Claims (3)
-
-
4. An information managing method for safely managing secret information between clients, and between clients and servers, over an object space in which at least one server for providing objects and at least one client requiring the objects are connected to one another by a network, comprising:
-
transmitting secret information from at least a first of a plurality of clients to at least a second of a plurality of clients;
holding, by the at least the second of the plurality of clients, an encryption key for encrypting information and a decryption key for decrypting the encrypted information encrypted by the encryption key;
transmitting the decryption key from the at least the second of the plurality of clients to the at least the first of the plurality of clients;
storing, by the at least the second of the plurality of clients, protected secret information obtained by encrypting the secret information with the encryption key in a secondary memory device; and
decrypting the protected secret information by using the decryption key, thereby obtaining the secret information by the at least the second of the plurality of clients.
-
-
5. An information managing method for safely managing secret information between clients, and between clients and servers, over an object space in which at least one server for providing objects and at least one client requiring the objects are connected to one another by a network, comprising:
-
transmitting secret information from at least a first of a plurality of clients to at least a second of the plurality of clients;
transmitting, by the at least the second of the plurality of clients, a challenge character string to the at least the first of the plurality of clients;
applying a predetermined calculating operation to the challenge character string and the secret information, thereby generating an encryption key by the at least the first of the plurality of clients;
transmitting the encryption key from the at least the first of the plurality of clients to the at least the second of the plurality of clients; and
storing, by the at least the second of the plurality of clients, protected secret information obtained by encrypting the secret information by using the encryption key in a secondary memory device.
-
Specification