Access authentication method, information processing unit, and computer product

US 20060248345A1
Filed: 06/27/2006
Published: 11/02/2006
Est. Priority Date: 04/01/2004
Status: Active Grant

First Claim

Patent Images

1. An access authentication method for performing access authentication using a recording medium that is detachably connected to an information processing unit and authentication information provided by a user, the access authentication method comprising:

encrypting the authentication information from the user with a predetermined key to generate encrypted authentication information when access authentication based on the authentication information is successful, and storing the encrypted authentication information in the recording medium; and

authenticating the encrypted authentication information stored in the recording medium using the predetermined key, and, when the encrypted authentication information is authenticated, determining that access authentication is successful without receiving authentication information from the user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An input personal identification number (PIN) is encrypted, identification information to identify a computer that has generated an encrypted PIN is associated with the encrypted PIN, and the associated information is sent to a recording medium. When the recording medium is again connected to the computer, it is checked whether the identification information is present in the recording medium. If the identification information is present in the recording medium, the encrypted PIN associated with the identification information is decrypted. These processes can be performed on both computer side and recording medium side.

Citations

29 Claims

1. An access authentication method for performing access authentication using a recording medium that is detachably connected to an information processing unit and authentication information provided by a user, the access authentication method comprising:
- encrypting the authentication information from the user with a predetermined key to generate encrypted authentication information when access authentication based on the authentication information is successful, and storing the encrypted authentication information in the recording medium; and
  
  authenticating the encrypted authentication information stored in the recording medium using the predetermined key, and, when the encrypted authentication information is authenticated, determining that access authentication is successful without receiving authentication information from the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The access authentication method according to claim 1, wherein the information processing unit performs the encryption and the authentication.
  - 3. The access authentication method according to claim 1, wherein the recording medium performs the encryption and the authentication.
  - 4. The access authentication method according to claim 1, further comprising setting a validity period for the key used for at least one of the encryption and the authentication, wherein the authentication is performed when the validity period is not expired.
  - 5. The access authentication method according to claim 1, wherein, at the encrypting, encrypted authentication information is generated and stored in the recording medium each time access authentication based on authentication information from the user is successful, and at the authenticating, when a plurality of pieces of encrypted authentication information are stored in the recording medium, it is determined whether any one of the pieces of encrypted authentication information is authenticated using the predetermined key.
  - 6. The access authentication method according to claim 5, wherein, at the encrypting, encrypted authentication information is associated with unit identification information to uniquely identify an information processing unit that is involved in generating the encrypted authentication information, and the associated information is stored in the recording medium, and at the authenticating, encrypted authentication information associated with unit identification information corresponding to an information processing unit to which the recording medium is currently connected is obtained from the plurality of pieces of encrypted authentication information stored in the recording medium, and the authentication is performed.
  - 7. The access authentication method according to claim 1, further comprising determining whether to generate the encrypted authentication information, wherein, at the encrypting, the encrypted authentication information is generated when the encrypted authentication information has been determined to be generated.
  - 8. The access authentication method according to claim 1, further comprising determining whether to use the encrypted authentication information stored in the recording medium, wherein, at the authenticating, the authentication is performed using the encrypted authentication information when the encrypted authentication information has been determined to be used.
  - 9. The access authentication method according to claim 1, further comprising storing in the recording medium unit identification information to uniquely identify an information processing unit that is involved in generating encrypted authentication information when the encrypted authentication information generated at the encrypting is stored in the recording medium, wherein, at the authenticating, the authentication is performed when unit identification information corresponding to an information processing unit to which the recording medium is currently connected matches the unit identification information stored in the recording medium.
  - 10. The access authentication method according to claim 1, further comprising storing medium identification information to uniquely identify a recording medium in an information processing unit that is involved in generating encrypted authentication information when the encrypted authentication information generated at the encrypting is stored in the recording medium, wherein, at the authenticating, the authentication is performed when medium identification information corresponding to a recording medium which is currently connected to the information processing unit matches the medium identification information stored in the information processing unit.
  - 11. The access authentication method according to claim 1, wherein, at the encrypting, the predetermined key is issued for the encryption based on medium identification information to uniquely identify a recording medium and unit identification information to uniquely identify an information processing unit to which the recording medium is currently connected, and at the authenticating, the predetermined key is issued for the authentication based on medium identification information corresponding to the recording medium and unit identification information corresponding to an information processing unit to which the recording medium is currently connected.

12. A computer-readable recording medium that stores therein an access authentication program for implementing an access authentication method in which access authentication is performed by an information processing unit being a computer with a recording medium that is detachably connected to the information processing unit and authentication information provided by a user, the access authentication program causing the computer to perform:
- encrypting the authentication information from the user with a predetermined key to generate encrypted authentication information when access authentication based on the authentication information is successful, and storing the encrypted authentication information in the recording medium; and
  
  authenticating the encrypted authentication information stored in the recording medium using the predetermined key, and, when the encrypted authentication information is authenticated, determining that access authentication is successful without receiving authentication information from the user.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The computer-readable recording medium according to claim 12, the program further causing the computer to perform setting a validity period for the key used for at least one of the encryption and the authentication, wherein the authentication is performed when the validity period is not expired.
  - 14. The computer-readable recording medium according to claim 12, wherein, at the encrypting, encrypted authentication information is generated and stored in the recording medium each time access authentication based on authentication information from the user is successful, and at the authenticating, when a plurality of pieces of encrypted authentication information are stored in the recording medium, it is determined whether any one of the pieces of encrypted authentication information is authenticated using the predetermined key.
  - 15. The computer-readable recording medium according to claim 14, wherein, at the encrypting, encrypted authentication information is associated with unit identification information to uniquely identify an information processing unit that is involved in generating the encrypted authentication information, and the associated information is stored in the recording medium, and at the authenticating, encrypted authentication information associated with unit identification information corresponding to an information processing unit to which the recording medium is currently connected is obtained from the plurality of pieces of encrypted authentication information stored in the recording medium, and the authentication is performed.
  - 16. The computer-readable recording medium according to claim 12, the program further causing the computer to perform determining whether to generate the encrypted authentication information, wherein, at the encrypting, the encrypted authentication information is generated when the encrypted authentication information has been determined to be generated.
  - 17. The computer-readable recording medium according to claim 12, the program further causing the computer to perform determining whether to use the encrypted authentication information stored in the recording medium, wherein, at the authenticating, the authentication is performed using the encrypted authentication information when the encrypted authentication information has been determined to be used.
  - 18. The computer-readable recording medium according to claim 12, the program further causing the computer to perform storing in the recording medium unit identification information to uniquely identify an information processing unit that is involved in generating encrypted authentication information when the encrypted authentication information generated at the encrypting is stored in the recording medium, wherein, at the authenticating, the authentication is performed when unit identification information corresponding to an information processing unit to which the recording medium is currently connected matches the unit identification information stored in the recording medium.
  - 19. The computer-readable recording medium according to claim 12, the program further causing the computer to perform storing medium identification information to uniquely identify a recording medium in an information processing unit that is involved in generating encrypted authentication information when the encrypted authentication information generated at the encrypting is stored in the recording medium, wherein, at the authenticating, the authentication is performed when medium identification information corresponding to a recording medium which is currently connected to the information processing unit matches the medium identification information stored in the information processing unit.

20. A computer-readable recording medium that stores therein an access authentication program for implementing an access authentication method in which access authentication is performed by a recording medium being a computer that is detachably connected to an information processing unit with authentication information provided by a user, the access authentication program causing the computer to perform:
- encrypting the authentication information from the user with a predetermined key to generate encrypted authentication information when access authentication based on the authentication information is successful, and storing the encrypted authentication information in the recording medium; and
  
  authenticating the encrypted authentication information stored in the recording medium using the predetermined key, and, when the encrypted authentication information is authenticated, determining that access authentication is successful without receiving authentication information from the user.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The computer-readable recording medium according to claim 20, the program further causing the computer to perform setting a validity period for the key used for at least one of the encryption and the authentication, wherein the authentication is performed when the validity period is not expired.
  - 22. The computer-readable recording medium according to claim 20, wherein, at the encrypting, encrypted authentication information is generated and stored in the recording medium each time access authentication based on authentication information from the user is successful, and at the authenticating, when a plurality of pieces of encrypted authentication information are stored in the recording medium, it is determined whether any one of the pieces of encrypted authentication information is authenticated using the predetermined key.
  - 23. The computer-readable recording medium according to claim 22, wherein, at the encrypting, encrypted authentication information is associated with unit identification information to uniquely identify an information processing unit that is involved in generating the encrypted authentication information, and the associated information is stored in the recording medium, and at the authenticating, encrypted authentication information associated with unit identification information corresponding to an information processing unit to which the recording medium is currently connected is obtained from the plurality of pieces of encrypted authentication information stored in the recording medium, and the authentication is performed.
  - 24. The computer-readable recording medium according to claim 20, the program further causing the computer to perform determining whether to generate the encrypted authentication information, wherein, at the encrypting, the encrypted authentication information is generated when the encrypted authentication information has been determined to be generated.
  - 25. The computer-readable recording medium according to claim 20, the program further causing the computer to perform determining whether to use the encrypted authentication information stored in the recording medium, wherein, at the authenticating, the authentication is performed using the encrypted authentication information when the encrypted authentication information has been determined to be used.
  - 26. The computer-readable recording medium according to claim 20, the program further causing the computer to perform storing in the recording medium unit identification information to uniquely identify an information processing unit that is involved in generating encrypted authentication information when the encrypted authentication information generated at the encrypting is stored in the recording medium, wherein, at the authenticating, the authentication is performed when unit identification information corresponding to an information processing unit to which the recording medium is currently connected matches the unit identification information stored in the recording medium.
  - 27. The computer-readable recording medium according to claim 20, the program further causing the computer to perform storing medium identification information to uniquely identify a recording medium in an information processing unit that is involved in generating encrypted authentication information when the encrypted authentication information generated at the encrypting is stored in the recording medium, wherein, at the authenticating, the authentication is performed when medium identification information corresponding to a recording medium which is currently connected to the information processing unit matches the medium identification information stored in the information processing unit.

28. An information processing unit for performing access authentication using a recording medium that is detachably connected thereto and authentication information provided by a user, the information processing unit comprising:
- an encrypting unit that encrypts the authentication information from the user with a predetermined key to generate encrypted authentication information when access authentication based on the authentication information is successful, and stores the encrypted authentication information in the recording medium; and
  
  an authenticating unit that authenticates the encrypted authentication information stored in the recording medium using the predetermined key, and, when the encrypted authentication information is authenticated, determining that access authentication is successful without receiving authentication information from the user.

29. A recording medium that is detachably connected to an information processing unit for performing access authentication using authentication information provided by a user, the recording medium comprising:
- an encrypting unit that encrypts the authentication information from the user with a predetermined key to generate encrypted authentication information when access authentication based on the authentication information is successful, and stores the encrypted authentication information in the recording medium; and
  
  an authenticating unit that authenticates the encrypted authentication information stored in the recording medium using the predetermined key, and, when the encrypted authentication information is authenticated, determining that access authentication is successful without receiving authentication information from the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Client Computing Limited (Lenovo Group Ltd.)
Original Assignee
Fujitsu Limited
Inventors
Ishidera, Nobutaka

Granted Patent

US 8,572,392 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/445   by mutual authentication, e...

G06F 2221/2129   Authenticate client device ...

Access authentication method, information processing unit, and computer product

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

Access authentication method, information processing unit, and computer product

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links