ID SYSTEM AND PROGRAM, AND ID METHOD
1 Assignment
0 Petitions
Accused Products
Abstract
[PROBLEMS] To appropriately authenticate a user, a biometric device, and an authentication timing of a client side and prevent leak or tampering of the biometric information.
[MEANS FOR SOLVING PROBLEMS] A server device includes: a unit for encrypting information for requesting biometric authentication and identifying the request by using a public key of the biometric authentication device and transmitting the information; and a unit for authenticating the user according to the authentication information containing the result of the biometric authentication. The biometric authentication device includes: a unit for inputting biometric information; a unit for storing a template as biometric information registered in advance together with the user information; a unit for collating the biometric information inputted by the user with the template; a unit for adding a digital signature to the authentication information containing the collation result, information for identifying the request from the server device, and the template user information, by using a secret key of the local device and transmitting the authentication information to the server device.
-
Citations
43 Claims
-
1-21. -21. (canceled)
-
22. An ID system comprising a server device, a biometric authentication device, and a device authentication unit, wherein:
-
the device authentication unit issues a device certificate for guaranteeing an authentication operation of the biometric authentication device including its authentication accuracy; the server device transmits a biometric authentication request including information that can identify the request to the biometric authentication device; the biometric authentication device transmits the information that can identify the request and a biometric authentication result to the server by adding a signature that is formed with a secret key that is peculiar to the biometric authentication device; and the server device verifies the signature of the transmitted data by using an encrypting key that corresponds to the secret key peculiar to the biometric authentication device so as to check the result of biometric authentication that is conducted at the biometric authentication device by corresponding to the request under a guarantee of the biometric authentication device, and check the biometric authentication result under a guarantee of the device authentication unit based on the biometric authentication result that is checked under the guarantee of the biometric authentication device and the device certificate issued from the device authentication unit so as to confirm that it is the biometric authentication result corresponding to the request. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A biometric authentication device in an ID system that includes a server device, the biometric authentication device, and a device authentication unit,
the biometric authentication device: -
receiving a device certificate issued from the device authentication unit for guaranteeing an authentication operation of the biometric authentication device including its authentication accuracy; receiving, from the server device, a request for biometric authentication including information that can identify the request; transmitting the information that can identify the request and a biometric authentication result to the server by adding a signature that is formed with a secret key that is peculiar to the biometric authentication device; and letting the server device verify the signature of the transmitted data by using an encrypting key that corresponds to the secret key peculiar to the biometric authentication device so as to check the result of biometric authentication that is conducted at the biometric authentication device by corresponding to the request under a guarantee of the biometric authentication device, and check the biometric authentication result under a guarantee of the device authentication unit based on the biometric authentication result that is checked under the guarantee of the biometric authentication device and the device certificate issued from the device authentication unit so as to confirm that it is the biometric authentication result corresponding to the request. - View Dependent Claims (28, 29, 30)
-
-
31. A server device connected mutually to be communicable with a biometric authentication device and a device authentication unit that issues a device certificate for guaranteeing authentication operations of the biometric authentication device including its authentication accuracy,
the server device: -
transmitting a request for performing biometric authentication including information that can identify the request to the biometric authentication device; receiving the information with which the biometric authentication device can identify the request and authentication information that is a result of biometric authentication on which a signature is applied with a secret key that is peculiar to the biometric authentication device, from the biometric authentication device; and verifying the signature of the transmitted data by using the device certificate issued from the device authentication unit and an encrypting key that corresponds to the secret key peculiar to the biometric authentication device so as to check that biometric authentication corresponding to the request has been conducted at the biometric authentication device and to check the biometric authentication result under a guarantee of the device authentication unit. - View Dependent Claims (32, 33)
-
-
34. An ID method for performing authentication by exchanging information between a server device and a biometric authentication device, the method comprising:
-
issuing a device certificate for guaranteeing an authentication operation of the biometric authentication device including its authentication accuracy from the device authentication unit; transmitting a request for biometric authentication including information that can identify the request to the biometric authentication device from the server device; transmitting the information that can identify the request and a biometric authentication result to the server by the biometric authentication device by giving a signature thereon with a secret key that is peculiar to the biometric authentication device; and verifying the signature of the transmitted data by the server device with using an encrypting key that corresponds to the secret key peculiar to the biometric authentication device, so as to check the result of biometric authentication that is conducted at the biometric authentication device by corresponding to the request under a guarantee of the biometric authentication device, and checking the biometric authentication result under a guarantee of the device authentication unit based on the biometric authentication result that is checked under the guarantee of the biometric authentication device and the device certificate issued from the device authentication unit so as to confirm that it is the biometric authentication result corresponding to the request. - View Dependent Claims (35, 36, 37, 38)
-
-
39. A computer readable medium storing a program for enabling a computer that configures a biometric authentication device connected to be communicable with a server device to execute functions of
issuing a device certificate for guaranteeing an authentication operation of the biometric authentication device including its authentication accuracy from the device authentication unit; -
transmitting a request for biometric authentication including information that can identify the request to the biometric authentication device from the server device; transmitting the information that can identify the request and a biometric authentication result to the server by the biometric authentication device by giving a signature thereon with a secret key that is peculiar to the biometric authentication device; and verifying the signature of the transmitted data by the server device with using an encrypting key that corresponds to the secret key peculiar to the biometric authentication device, so as to check the result of biometric authentication that is conducted at the biometric authentication device by corresponding to the request under a guarantee of the biometric authentication device, and checking the biometric authentication result under a guarantee of the device authentication unit based on the biometric authentication result that is checked under the guarantee of the biometric authentication device and the device certificate issued from the device authentication unit so as to confirm that it is the biometric authentication result corresponding to the request. - View Dependent Claims (40, 41, 42, 43)
-
Specification