CERTIFICATE GENERATING/DISTRIBUTING SYSTEM,CERTIFICATE GENERATING/DISTRIBUTING METHOD AND CERTIFICATE GENERATING/DISTRIBUTING PROGRAM

US 20110004753A1
Filed: 09/17/2008
Published: 01/06/2011
Est. Priority Date: 09/25/2007
Status: Active Grant

First Claim

Patent Images

1. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a certificate generating/distributing system, an authentication apparatus includes token transmitting means transmitting, to a service mediating apparatus, a certificate generation request token, which is information corresponding to a first certificate valid in the service mediating apparatus, together with the first certificate. The service mediating apparatus includes mediating apparatus token forwarding means forwarding the certificate generation request token to a service providing apparatus. The service providing apparatus includes certificate requesting means transmitting the certificate generation request token to the authentication apparatus when requesting a second certificate valid in the service providing apparatus. The authentication apparatus includes certificate transmitting means transmitting, to the service providing apparatus , the second certificate generated based on the first certificate in response to the request of the second certificate by the certificate requesting means.

95 Citations

View as Search Results

48 Claims

1. (canceled)

2. (canceled)

3. (canceled)

4. (canceled)

5. (canceled)

6. (canceled)

7. (canceled)

8. (canceled)

9. (canceled)

10. (canceled)

11. (canceled)

12. (canceled)

13. (canceled)

14. (canceled)

15. (canceled)

16. (canceled)
- View Dependent Claims (41)
- - 41. The certificate generating/distributing method according to claim 16, whereinthe authentication apparatus transmits, in the certificate transmitting step, to the service providing apparatus, the certificate generation request token, which is information corresponding to the second certificate, together with the second certificate;
    - andthe service providing apparatus further including a providing apparatus token forwarding step of forwarding the certificate generation request token transmitted in the certificate transmitting step, to the other service providing apparatus.

17. (canceled)

18. (canceled)

19. (canceled)

20. (canceled)

21. (canceled)

22. (canceled)

23. (canceled)

24. (canceled)

25. A certificate generating/distributing system comprising:
- an authentication apparatus that authenticates a user;
  
  a service providing apparatus that provides a service; and
  
  a service mediating apparatus that mediates service provision by the service providing apparatus,wherein the authentication apparatus comprises token transmitting section transmitting, to the service mediating apparatus, a certificate generation request token, which is information corresponding to a first certificate valid in the service mediating apparatus, together with the first certificate,the service mediating apparatus comprises mediating apparatus token forwarding section forwarding the certificate generation request token received from the token transmitting section to the service providing apparatus,the service providing apparatus comprises certificate requesting section transmitting the certificate generation request token received from the mediating apparatus token forwarding section to the authentication apparatus when requesting a second certificate valid in the service providing apparatus, andthe authentication apparatus comprises certificate transmitting section transmitting the second certificate generated based on the first certificate corresponding to the received certificate generation request token to the service providing apparatus in response to a request of the second certificate by the certificate requesting section.
- View Dependent Claims (26, 27, 28, 29)
- - 26. The certificate generating/distributing system according to claim 25, wherein the certificate transmitting section transmits, to the service providing apparatus, the certificate generation request token, which is information corresponding to the second certificate, together with the second certificate, andthe service providing apparatus comprises providing apparatus token forwarding section forwarding the certificate generation request token transmitted by the certificate transmitting section to the other service providing apparatus.
  - 27. The certificate generating/distributing system according to claim 25, wherein the service mediating apparatus comprises requesting section requesting the authentication apparatus for the first certificate,the requesting section transmits information indicating a predetermined service providing apparatus to the authentication apparatus when requesting the first certificate, andthe certificate transmitting section judges whether or not to transmit the second certificate based on the received information indicating the predetermined service providing apparatus.
  - 28. The certificate generating/distributing system according to claim 25, wherein the authentication apparatus comprises authentication apparatus token generating section generating the certificate generation request token, andthe token transmitting section transmits the certificate generation request token generated by the authentication apparatus token generating section to the service mediating apparatus.
  - 29. The certificate generating/distributing system according to claim 25, wherein the service mediating apparatus comprises mediating apparatus token generating section generating the certificate generation request token, andthe token transmitting section receives the certificate generation request token generated by the mediating apparatus token generating section and transmits the certificate generation request token corresponding to the first certificate to the service mediating apparatus.

30. An authentication apparatus that authenticates a user, comprising:
- token transmitting section transmitting, to a service mediating apparatus, a certificate generation request token, which is information corresponding to a first certificate valid in the service mediating apparatus that mediates service provision by a service providing apparatus that provides a service, together with the first certificate; and
  
  certificate transmitting section receiving a request for a second certificate valid in the service providing apparatus and the certificate generation request token from the service providing apparatus and transmitting, to the service providing apparatus, the second certificate generated based on the first certificate corresponding to the received certificate generation request token.
- View Dependent Claims (31, 32, 33, 34)
- - 31. The authentication apparatus according to claim 30, wherein the certificate transmitting section transmits, to the service providing apparatus, the certificate generation request token, which is information corresponding to the second certificate, together with the second certificate.
  - 32. The authentication apparatus according to claim 30, wherein the certificate transmitting section receives information indicating a predetermined service providing apparatus from the service mediating apparatus and judges whether or not to transmit the second certificate based on the received information.
  - 33. The authentication apparatus according to claim 30, wherein the authentication apparatus comprises authentication apparatus token generating section generating the certificate generation request token, andthe token transmitting section transmits the certificate generation request token generated by the authentication apparatus token generating section to the service mediating apparatus.
  - 34. The authentication apparatus according to claim 30, wherein the token transmitting section receives the certificate generation request token generated by the service mediating apparatus and transmits, to the service mediating apparatus, the certificate generation request token corresponding to the first certificate.

35. A service mediating apparatus that mediates service provision by a service providing apparatus that provides a service, comprising mediating apparatus token forwarding section receiving a certificate generation request token, which is information corresponding to a first certificate valid in the service mediating apparatus, together with the first certificate, from an authentication apparatus that authenticates a user, and forwarding the certificate generation request token and the first certificate to the service providing apparatus that provides the service in response to access from the service mediating apparatus.
- View Dependent Claims (36, 37)
- - 36. The service mediating apparatus according to claim 35, further comprising requesting section requesting the authentication apparatus for the first certificate, wherein the requesting section transmits, to the authentication apparatus, information indicating a service providing apparatus in which the second certificate is valid when requesting the first certificate.
  - 37. The service mediating apparatus according to claim 35, further comprising mediating apparatus token generating section generating the certificate generation request token.

38. A service providing apparatus that provides a service, comprising:
- certificate requesting section receiving a certificate generation request token, which is information related to a first certificate valid in a service mediating apparatus by a authentication apparatus from the service mediating apparatus that mediates service provision by the service providing apparatus, and transmitting, to the authentication apparatus, the certificate generation request token when requesting a second certificate valid in the service providing apparatus; and
  
  certificate receiving section receiving, from the authentication apparatus, the second certificate, which is a certificate transmitted by the authentication apparatus in response to the request for the second certificate by the certificate requesting section, the second certificate being generated based on the first certificate corresponding to the certificate generation request token.
- View Dependent Claims (39)
- - 39. The service providing apparatus according to claim 38, wherein the certificate receiving section receives the certificate generation request token which is information corresponding to the second certificate, together with the second certificate from the authentication apparatus, andthe service providing apparatus further comprises providing apparatus token forwarding section forwarding the certificate generation request token received by the certificate receiving section to the other service providing apparatus.

40. A certificate generating/distributing method whereby an authentication apparatus that authenticates a user distributes a certificate to a service providing apparatus that provides a service and a service mediating apparatus that mediates service provision provided by the service providing apparatus, comprising:
- the authentication apparatus including a token transmitting step of transmitting, to the service mediating apparatus, a certificate generation request token, which is information corresponding to a first certificate valid in the service mediating apparatus, together with the first certificate;
  
  the service mediating apparatus including a mediating apparatus token forwarding step of forwarding, to the service providing apparatus, the certificate generation request token received, that has been transmitted in the token transmitting step;
  
  the service providing apparatus including a certificate requesting step of transmitting, to the authentication apparatus, the certificate generation request token received, that has been transmitted in the mediating apparatus token forwarding step, when requesting a second certificate valid in the service providing apparatus; and
  
  the authentication apparatus including a certificate transmitting step of transmitting, to the service providing apparatus, the second certificate generated based on the first certificate corresponding to the received certificate generation request token, in response to the request of the second certificate in the certificate requesting step.
- View Dependent Claims (42, 43, 44)
- - 42. The certificate generating/distributing method according to claim 40, whereinthe service mediating apparatus further including a requesting step of requesting the authentication apparatus for the first certificate,in the requesting step, the service mediating apparatus transmits information indicating a predetermined service providing apparatus to the authentication apparatus when requesting the first certificate, andthe authentication apparatus judges whether or not to transmit the second certificate based on the received information indicating the predetermined service providing apparatus, in the certificate transmitting step.
  - 43. The certificate generating/distributing method according to claim 40, whereinthe authentication apparatus further including an authentication apparatus token generating step of generating the certificate generation request token,the authentication apparatus transmits the certificate generation request token generated in the authentication apparatus token generating step, to the service mediating apparatus in the token transmitting step.
  - 44. The certificate generating/distributing method according to claim 40, whereinthe service mediating apparatus further including a mediating apparatus token generating step of generating the certificate generation request token,the authentication apparatus receives the certificate generation request token generated in the mediating apparatus token generating step and transmits, to the service mediating apparatus, the certificate generation request token corresponding to the first certificate.

45. A user authentication system comprising:
- an authentication apparatus that transmits a certificate generation request token for requesting authentication of a certain user and transmits, to a service providing apparatus, authentication information on the certain user whose certificate generation request token is received and saved in the own apparatus;
  
  a service mediating apparatus that receives the certificate generation request token from the authentication apparatus and forwards the certificate generation request token to the service providing apparatus; and
  
  the service providing apparatus that receives the certificate generation request token from the service mediating apparatus and transmits the certificate generation request token to the authentication apparatus.

46. An authentication apparatus comprising:
- transmitting section transmitting a certificate generation request token for requesting authentication of a certain user to a service mediating apparatus; and
  
  sending section receiving the certificate generation request token forwarded from the service providing apparatus and sending authentication information on the certain user to a service providing apparatus.

47. A service providing apparatus that receives a certificate generation request token for requesting authentication of a certain user generated by an authentication apparatus from a service mediating apparatus, transmits the certificate generation request token to the authentication apparatus, receives authentication information of the certain user saved in the authentication apparatus corresponding to the certificate generation request token and provides a service to the user by using the authentication information.

48. An authentication method comprising:
- transmitting a certificate generation request token for requesting authentication of a certain user to a service mediating apparatus; and
  
  receiving the certificate generation request token, which has been forwarded from the service mediating apparatus, from a service providing apparatus, and transmitting authentication information of the certain user saved in the authentication apparatus to the service providing apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
Hatakeyama, Makoto, Gomi, Hidehito

Granted Patent

US 8,386,776 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/0884   by delegation of authentica...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

CERTIFICATE GENERATING/DISTRIBUTING SYSTEM,CERTIFICATE GENERATING/DISTRIBUTING METHOD AND CERTIFICATE GENERATING/DISTRIBUTING PROGRAM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

95 Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

CERTIFICATE GENERATING/DISTRIBUTING SYSTEM,CERTIFICATE GENERATING/DISTRIBUTING METHOD AND CERTIFICATE GENERATING/DISTRIBUTING PROGRAM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

95 Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links