AUTHENTICATION SYSTEM, AUTHENTICATION METHOD AND TERMINAL DEVICE
First Claim
1. An authentication method for authenticating a third node which applies to participate in a workgroup comprised of a first node and a second node which are in a network system, the authentication method comprising the steps of:
- transmitting a temporary authentication ticket including a digital signature of the third node from the third node to the first node;
authenticating the third node by the first node based on the digital signature of the temporary authentication ticket received from the third node;
transmitting a password for participating in the workgroup from the third node to the first node;
verifying by the first node the password received from the third node;
generating a regular authentication ticket by the first node by adding a digital signature of the first node to the temporary authentication ticket to transmit the regular authentication ticket to the third node in a case where the third node has been successfully authenticate based on the digital signature, and the password is correct;
transmitting from the third node to the second node the regular authentication ticket received from the third node;
authenticating the first node and the third node by the second node based on the digital signatures of the regular authentication ticket received from the third node; and
causing the second node to permit the third node to access, as a node of the workgroup, the second node in a case where the first node and the third node have been successfully authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided are an authentication method, authentication system and a terminal device in which the authentication of a non-participating third node is can be simplified and can be executed in the case of multicast by using an authentication ticket in a distributed processing network system, the non-participating third node being intended to access each of the nodes, including a first and a second node, constituting a workgroup. The first node that has already participated in the workgroup authenticates the third node intended to participate in the workgroup and issues the authentication ticket including the signatures of both nodes, and when the authentication ticket is submitted to the second node, the second node permits the third node to access, without password-based-authentication, by authenticating the first node and the second node which have signed the authentication ticket.
22 Citations
13 Claims
-
1. An authentication method for authenticating a third node which applies to participate in a workgroup comprised of a first node and a second node which are in a network system, the authentication method comprising the steps of:
-
transmitting a temporary authentication ticket including a digital signature of the third node from the third node to the first node; authenticating the third node by the first node based on the digital signature of the temporary authentication ticket received from the third node; transmitting a password for participating in the workgroup from the third node to the first node; verifying by the first node the password received from the third node; generating a regular authentication ticket by the first node by adding a digital signature of the first node to the temporary authentication ticket to transmit the regular authentication ticket to the third node in a case where the third node has been successfully authenticate based on the digital signature, and the password is correct; transmitting from the third node to the second node the regular authentication ticket received from the third node; authenticating the first node and the third node by the second node based on the digital signatures of the regular authentication ticket received from the third node; and causing the second node to permit the third node to access, as a node of the workgroup, the second node in a case where the first node and the third node have been successfully authenticated. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An authentication system for authenticating a third node which applies to participate in a workgroup comprised of a first node and a second node which are in a network system, the authentication system comprising:
-
the first node;
the first node including;a first authentication section which is adapted to authenticate the third node based on a digital signature of a temporary authentication ticket received from the third node; a password verification section which is adapted to verify a password received from the third node; a first authentication ticket generating section which is adapted to add a digital signature of the first node to the temporary authentication ticket to generate a regular authentication ticket therefrom when the first authentication section has successfully authenticated, and the password verification section has successfully verified the password; and a first authentication ticket transmitting section which is adapted to transmit to the third node the regular authentication ticket generated by the first authentication ticket generating section, the second node;
the second node including;a second authentication section which is adapted to authenticate the first node and the third node based on digital signatures of the regular authentication ticket received from the third node; and a permission section which is adapted to permit the third node to access, as a node of the workgroup, the second node when the second node has successfully authenticated the first node and the third node, and the third node;
the third node including;a second authentication ticket generating section which is adapted to generate the temporary ticket including the digital signature of the third node; a second authentication ticket transmitting section which is adapted to transmit to the first node the temporary authentication ticket generated by the second authentication ticket generating section; a password transmission section which is adapted to transmit to the first node the password for participating in the workgroup; a storage section which is adapted to store the regular authentication ticket received from the first node; and a third authentication ticket transmitting section which is adapted to transmit the regular authentication ticket to the second node when the third node applies to access the second node. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A terminal device which functions as a node for constituting a workgroup on a network, the terminal device comprising:
-
a second authentication ticket generating section which is adapted to generate a temporary authentication ticket including a digital signature of the terminal device when the terminal device is not in the workgroup; a second authentication ticket transmitting section which is adapted to transmit the temporary authentication ticket generated by the second authentication ticket generating section to a first node constituting the workgroup; a password transmission section which is adapted to transmit to the first node a password for participating in the workgroup; a storage section which is adapted to receive and store a regular authentication ticket which has been generated in the first node after the terminal device was authenticated by the first node; a second authentication ticket transmitting section which is adapted to transmit the regular authentication ticket stored in the storage section to a second node when the terminal device accesses the second node; a first authentication section which is adapted to authenticate a third node based on a digital signature of a temporary authentication ticket received, when the terminal device is in the workgroup, from the third node; a password verification section which is adapted to verify a password received from the third node; a first authentication ticket generating section which is adapted to add the digital signature of the terminal device to the temporary authentication ticket received from the third node to generate a regular authentication ticket when the first authentication section has successfully authenticated the third node, and the password verification section has successfully verified the password received from the third node; a first authentication ticket transmitting section which is adapted to transmit to the third node the regular authentication ticket generated by the first authentication ticket generating section; a second authentication section which is adapted to authenticate a forth node and a fifth node based on digital signatures of a regular authentication ticket received, when the terminal device is in the workgroup, from the fourth node, the received regular authentication ticket including a digital signature of the fifth node, a permission section which is adapted to permit the fourth node to access, as a node of the workgroup, the terminal device when the second authentication section has successfully authenticated the fourth node and the fifth node.
-
Specification