Authentication method and information processor

US 20070118740A1
Filed: 11/16/2006
Published: 05/24/2007
Est. Priority Date: 11/22/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for managing communication in an information processor, the method comprising:

storing, in a memory, revoked certificate information indicating a revoked digital certificate;

receiving a digital certificate of an other end of the communication therefrom;

determining, based on the revoked certificate information, whether the digital certificate thus received is revoked;

receiving information on a digital certificate that is newly revoked;

updating the revoked certificate information stored in the memory based on the received information on the digital certificate that is newly revoked; and

sending information on the digital certificate that is newly revoked to other information processor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a network made up of a plurality of terminals, each of the terminals in the network includes a digital certificate revocation list. When the digital certificate revocation list of its own is updated, the terminal sends information including the updated details to other terminal so that a digital certificate revocation list included in the other terminal in the network is updated based on the updated contents.

Citations

15 Claims

1. A method for managing communication in an information processor, the method comprising:
- storing, in a memory, revoked certificate information indicating a revoked digital certificate;
  
  receiving a digital certificate of an other end of the communication therefrom;
  
  determining, based on the revoked certificate information, whether the digital certificate thus received is revoked;
  
  receiving information on a digital certificate that is newly revoked;
  
  updating the revoked certificate information stored in the memory based on the received information on the digital certificate that is newly revoked; and
  
  sending information on the digital certificate that is newly revoked to other information processor.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1, wherein when it is determined that the digital certificate of the other end of the communication is revoked, the communication with the other end of the communication is stopped.
  - 3. The method according to claim 2, further comprising receiving attributes data of the other end of the communication therefrom, comparing the digital certificate with the attributes date to verify authenticity of the other end of the communication, and when the authenticity of the other end of the communication cannot be verified, determining that the digital certificate of the other end of the communication is revoked, updating the revoked certificate information, and sending, to other information processor, information indicating that the digital certificate of the other end of the communication is revoked.

4. A method for managing communication in an information processor, the method comprising:
- storing, in a memory, revoked certificate information indicating a revoked digital certificate;
  
  receiving a digital certificate and attributes data of an other end of the communication therefrom;
  
  comparing the digital certificate with the attributes data of the other end of the communication to verify authenticity of the other end of the communication, and when the authenticity of the other end of the communication cannot be verified, determining that the digital certificate of the other end of the communication is revoked, updating the revoked certificate information, and sending, to other information processor, information indicating that the digital certificate of the other end of the communication is revoked.
- View Dependent Claims (5)
- - 5. The method according to claim 4, wherein when the authenticity of the other end of the communication cannot be verified, the communication with the other end of the communication is stopped.

6. A method for managing a digital certificate in a network made up of a plurality of nodes, the method comprising:
- in each of the nodes, storing revoked certificate information indicating a revoked digital certificate;
  
  when each of the nodes finds an other end of communication that cannot be authenticated, adding a digital certificate of the other end of the communication to the revoked certificate information of the node and notifying other node of presence of a digital certificate that is newly revoked; and
  
  in the other node that has received the notification, updating the revoked certificate information stored in the node.
- View Dependent Claims (7)
- - 7. The method according to claim 6, wherein each of the nodes compares the digital certificate with attributes data of the other end of the communication to verify authenticity of the other end of the communication.

8. An information processor comprising:
- a receiving portion that receives a digital certificate from an other end of communication;
  
  an authentication portion that verifies authenticity of the other end of the communication based on the digital certificate received by the receiving portion;
  
  a memory that stores revoked certificate information indicating a revoked digital certificate;
  
  an updating portion that updates the revoked certificate information stored in the memory when a digital certificate that is newly revoked is found; and
  
  a transmission portion that sends new revoked certificate information to other information processor when the digital certificate that is newly revoked is found, the new revoked certificate information indicating that the digital certificate is revoked.
- View Dependent Claims (9, 10, 11)
- - 9. The information processor according to claim 8, further comprising a control portion that stops the communication with the other end of the communication when the authentication portion cannot verify the authenticity of the other end of the communication.
  - 10. The information processor according to claim 8, wherein the authentication portion determines whether the digital certificate received by the receiving portion is revoked based on the revoked certificate information stored in the memory.
  - 11. The information processor according to claim 8, wherein the receiving portion further receives attributes data from the other end of the communication, and the authentication portion compares the attributes data with the digital certificate of the other end of the communication to verify the authenticity of the other end of the communication.

12. An information processor comprising:
- a memory that stores revoked certificate information indicating a revoked digital certificate;
  
  a first updating portion that updates the revoked certificate information stored in the memory when a digital certificate that is newly revoked is found;
  
  a transmission portion that sends new revoked certificate information to other information processor when the digital certificate that is newly revoked is found, the new revoked certificate information indicating that the digital certificate is revoked; and
  
  a second updating portion that updates the revoked certificate information stored in the memory based on new revoked certificate information sent by other information processor.
- View Dependent Claims (13, 14, 15)
- - 13. The information processor according to claim 12, further comprising a receiving portion that receives a digital certificate from an other end of communication, and an authentication portion that verifies authenticity of the other end of the communication based on the digital certificate received by the receiving portion, wherein the first updating portion updates the revoked certificate information stored in the memory when the authentication portion cannot verify the authenticity of the other end of the communication.
  - 14. The information processor according to claim 13, further comprising a control portion that stops the communication with the other end of the communication when the authentication portion cannot verify the authenticity of the other end of the communication.
  - 15. The information processor according to claim 13, wherein the receiving portion further receives attributes data from the other end of the communication, and the authentication portion compares the attributes data with the digital certificate of the other end of the communication to verify the authenticity of the other end of the communication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Konica Minolta Holdings Incorporated (Konica Minolta Inc.)
Original Assignee
Konica Minolta Holdings Incorporated (Konica Minolta Inc.)
Inventors
Deishi, Satoshi

Application Number

US11/600,374
Publication Number

US 20070118740A1
Time in Patent Office

Days
Field of Search
US Class Current

713/158
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/0846   using time-dependent-passwo...

H04L 9/3268   using certificate validatio...

Authentication method and information processor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication method and information processor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links