NETWORK CONNECTION METHOD OF NON-PORTABLE TERMINAL USING USER IDENTIFICATION INFORMATION OF TERMINAL
First Claim
Patent Images
1. A linked terminal connected to an authentication device having user identification information and to a user authentication server, the linked terminal comprising:
- a first communication interface to communicate with the authentication device;
a second communication interface to communicate with the user authentication server; and
a program execution unit;
wherein when it receives a first message including the user identification information from the authentication device through the first communication interface, the program execution unit retrieves the user identification information from the first message and sends a second message including the user identification information to the user authentication server through the second communication interface;
wherein when it receives a third message including a parameter generated by the user authentication server from the user authentication server through the second communication interface, the program execution unit sends to the authentication device through the first communication interface a message requesting the authentication device to process the parameter by using a private key shared by the authentication device and the user authentication server.
1 Assignment
0 Petitions
Accused Products
Abstract
The mobile terminal and the linked terminal have independent communication access paths to connect to a common network. The mobile terminal and the linked terminal are brought within a short distance from each other for communication so as to transfer user identification information for authentication stored in the mobile terminal to the linked terminal. The long-term shared private key is not transferred in order to realize a high level of security for the non-mobile terminal network connection method.
15 Citations
12 Claims
-
1. A linked terminal connected to an authentication device having user identification information and to a user authentication server, the linked terminal comprising:
-
a first communication interface to communicate with the authentication device; a second communication interface to communicate with the user authentication server; and a program execution unit; wherein when it receives a first message including the user identification information from the authentication device through the first communication interface, the program execution unit retrieves the user identification information from the first message and sends a second message including the user identification information to the user authentication server through the second communication interface; wherein when it receives a third message including a parameter generated by the user authentication server from the user authentication server through the second communication interface, the program execution unit sends to the authentication device through the first communication interface a message requesting the authentication device to process the parameter by using a private key shared by the authentication device and the user authentication server. - View Dependent Claims (2)
-
-
3. An authentication device having a means to store user identification information, comprising:
-
a communication interface to share a private key with a user authentication server that authenticates a user based on the user identification information and to communicate with a linked terminal connected to the user authentication server through a network; and a control unit; wherein when it sends a first message including the user identification information to the linked terminal through the communication interface and receives a second message including a parameter to be processed by the private key from the linked terminal through the communication interface, the control unit sends a result of processing the parameter by the private key to the linked terminal through the communication interface. - View Dependent Claims (4)
-
-
5. A user authentication system for authenticating a linked terminal having no user identification information, comprising:
-
the linked terminal to, when it receives a first message including the user identification information from an authentication device having the user identification information, retrieve the user identification information from the first message and send a second message including the user identification information to the user authentication server; the user authentication server to, when it receives the second message, send to the linked terminal a third message including a parameter used for authentication by a private key shared with the authentication device; and the authentication device to, when it receives from the linked terminal a fourth message requesting processing by the private key of the parameter received by the linked terminal, send to the linked terminal a fifth message including a result of processing the parameter by the private key. - View Dependent Claims (6)
-
-
7. A user authentication system for authenticating a linked terminal having no user identification information, comprising:
-
a one-time user identification information issuing server to issue one-time user identification information used for link with the linked terminal; an authentication device to receive a first message including the one-time user identification information from the one-time user identification information issuing server and send a second message including the one-time user identification information to the linked terminal; the linked terminal to, when it receives the second message from the authentication device, send a third message including the one-time user identification information to a proxy server; the proxy server to, when it receives the third message, send a fourth message including the one-time user identification information to the user authentication server, the proxy server being adapted to, when it receives from the user authentication server a fifth message including a parameter used for authentication by a private key shared by the authentication device and the user authentication server, send a sixth message including the parameter to the authentication device through the linked terminal; and the user authentication server to check a result of processing the parameter by using the private key held in itself. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification