COMMUNICATION TERMINAL AND SECURE LOG-IN METHOD
First Claim
Patent Images
1. A communication terminal communicable with first and second servers through a network, comprising:
- a processor including a browser, a host controller, an operating system, and an authentication-management-application,wherein the browser starts a child process using, as an argument, an inter-process communication received from another application,wherein the operating system controls the host controller by calling one of a plurality of interfaces, including a certain interface that controls a sensor, andwherein the authentication-management-application exchanges data with the sensor that is coupled to the host controller through the certain interface of the operating system, and performs a process includingrequesting a user authentication by transmitting to the second server a user ID and matching data detected by the sensor, and acquiring a password transmitted from the second server in a case in which the user authentication is successful;
replaying, between the first server and the second server, authentication data transmitted from the first server in response to requesting the first server to provide a service;
first transmitting a user ID that is prepared in advance and the acquired password to the second server, in a case in which a screen that urges the user ID and the password to be input is received from the second server; and
disconnecting a communication with the second server without redirecting an authentication response that includes information specifying the first server and is transmitted from the second server in a case in which a pair of the user ID and the password transmitted to the second server is stored in the second server and authentication is successful, and starting the child process of the browser by the argument based on the authentication response and transmitting the authentication response to the first server, in order to make a log-in to and receive the service from the first server.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication terminal is provided with functions to redirect authentication data, make a substitute reply of a password to a biometric authentication part, and transfer the authentication data transmitted after the password to a browser'"'"'s child process, in order to perform a substitute authentication using the biometric authentication or token, without requiring a user to input the password.
69 Citations
20 Claims
-
1. A communication terminal communicable with first and second servers through a network, comprising:
-
a processor including a browser, a host controller, an operating system, and an authentication-management-application, wherein the browser starts a child process using, as an argument, an inter-process communication received from another application, wherein the operating system controls the host controller by calling one of a plurality of interfaces, including a certain interface that controls a sensor, and wherein the authentication-management-application exchanges data with the sensor that is coupled to the host controller through the certain interface of the operating system, and performs a process including requesting a user authentication by transmitting to the second server a user ID and matching data detected by the sensor, and acquiring a password transmitted from the second server in a case in which the user authentication is successful; replaying, between the first server and the second server, authentication data transmitted from the first server in response to requesting the first server to provide a service; first transmitting a user ID that is prepared in advance and the acquired password to the second server, in a case in which a screen that urges the user ID and the password to be input is received from the second server; and disconnecting a communication with the second server without redirecting an authentication response that includes information specifying the first server and is transmitted from the second server in a case in which a pair of the user ID and the password transmitted to the second server is stored in the second server and authentication is successful, and starting the child process of the browser by the argument based on the authentication response and transmitting the authentication response to the first server, in order to make a log-in to and receive the service from the first server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A secure log-in method for a communication terminal communicable with first and second servers through a network, comprising:
-
starting a child process of the communication terminal using, as an argument, an inter-process communication received from another application; calling one of a plurality of interfaces of an operating system that controls a host controller, including a certain interface that controls a sensor, and exchanging data with the sensor that is coupled to the host controller through the certain interface of the operating system of the communication terminal, by an authentication-management-application of the communication terminal; requesting a user authentication by transmitting to the second server a user ID and matching data detected by the sensor, by the authentication-management-application; transmitting a password from the second server to the communication terminal in a case in which the user authentication is successful; replaying, between the first server and the second server, authentication data transmitted from the first server in response to requesting the first server to provide a service, by the authentication-management-application; transmitting a user ID that is prepared in advance and the acquired password from the authentication-management-application to the second server, in a case in which a screen that urges the user ID and the password to be input is received from the second server; transmitting an authentication response that includes information specifying the first server, from the second server in a case in which a pair of the user ID and the password transmitted from the communication terminal is stored in the second server and authentication is successful; and disconnecting a communication with the second server without redirecting the authentication response, and starting the child process of a browser by the argument based on the authentication response and transmitting the authentication response to the first server, by the authentication-management-application, in order to make a log-in to and receive the service from the first server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium having stored therein a program for causing a processor of a communication terminal that is communicable with first and second servers through a network to execute a process comprising:
-
starting a child process of the communication terminal using, as an argument, an inter-process communication received from another application; and calling one of a plurality of interfaces of an operating system that controls a host controller, including a certain interface that controls a sensor, and exchanging data with the sensor that is coupled to the host controller through the certain interface of the operating system of the communication terminal, by an authentication-management-application of the communication terminal, wherein the authentication-management-application includes requesting a user authentication by transmitting to the second server a user ID and matching data detected by the sensor, and acquiring a password from the second server transmitted from the second server in a case in which the user authentication is successful; replaying, between the first server and the second server, authentication data transmitted from the first server in response to requesting the first server to provide a service; transmitting a user ID that is prepared in advance and the acquired password to the second server, in a case in which a screen that urges the user ID and the password to be input is received from the second server; and disconnecting a communication with the second server without redirecting an authentication response that includes information specifying the first server and is transmitted from the second server in a case in which a pair of the user ID and the password transmitted to the second server is stored in the second server and authentication is successful, and starting the child process of a browser by the argument based on the authentication response and transmitting the authentication response to the first server, in order to make a log-in to and receive the service from the first server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification