USER AUTHENTICATION METHOD, SYSTEM FOR IMPLEMENTING THE SAME, AND INFORMATION COMMUNICATION TERMINAL USED IN THE SAME
First Claim
1. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
- an authentication database configured to manage, for each user, user account information including a token ID for identifying a security token of the user; and
a synchronization server configured to generate a token code in accordance with the token ID included in the user account information,wherein the information communication terminal performs to;
store a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern in a memory;
acquire a token code in synchronization with the token code generated by the synchronization server from a security token of the user;
generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern;
display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table; and
transmit to the authentication system a user authentication request including a password entered to the entry screen, andwherein the authentication system performs to;
receive the user authentication request transmitted by the information communication terminal;
identify a token ID corresponding to the user authentication request by referring to the authentication database and perform authentication determination based on the token code generated by the synchronization server in accordance with the identified token ID and a password included in the received user authentication request; and
transmit a result of the authentication determination to the usage target system.
1 Assignment
0 Petitions
Accused Products
Abstract
[Problem] To provide a user authentication technology whereby hacking of a system by a third party is effectively prevented. [Solution] The present invention is a user authentication method and system, wherein: an information communication terminal allocates numerals, etc., which configure a token code which is generated by time synchronizing with an authentication system side to each cell which configures a user'"'"'s password derivation pattern, and displays upon a user interface a personal identification table whereupon numerals, etc., are allocated which have been randomly generated with other cells; the user, with reference to the personal identification table, selects the numerals, etc., which are allocated to each cell which configures the user'"'"'s password derivation pattern, and inputs same as a password; and the authentication system carries out an authentication determination upon the inputted password on the basis of the generated time synchronized token code.
31 Citations
16 Claims
-
1. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
-
an authentication database configured to manage, for each user, user account information including a token ID for identifying a security token of the user; and a synchronization server configured to generate a token code in accordance with the token ID included in the user account information, wherein the information communication terminal performs to; store a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern in a memory; acquire a token code in synchronization with the token code generated by the synchronization server from a security token of the user; generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern; display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table; and transmit to the authentication system a user authentication request including a password entered to the entry screen, and wherein the authentication system performs to; receive the user authentication request transmitted by the information communication terminal; identify a token ID corresponding to the user authentication request by referring to the authentication database and perform authentication determination based on the token code generated by the synchronization server in accordance with the identified token ID and a password included in the received user authentication request; and transmit a result of the authentication determination to the usage target system.
-
-
2. An information communication terminal used for authentication by an authentication system for a user who uses a usage target system, comprising:
-
a processing unit; and a memory, operatively connected to the processing unit, that stores a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern; wherein the processing unit performs to; acquire a token code in synchronization with a token code generated by the authentication system for performing authentication; generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern; and displaying an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table.
-
-
3. A product comprising a non-transitory computer-readable medium storing a program for achieving authentication by an authentication system for a user who uses a usage target system, by way of using an information communication terminal,
wherein the program causes, by execution under control of the information communication terminal, the information communication terminal to perform to: -
store a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern; acquire a token code in synchronization with a token code generated by the synchronization server; generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern; and display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table.
-
-
4. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
-
an authentication database configured to manage, for each user, user account information including a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern and a token ID for identifying a security token of the user; a synchronization server configured to generate a token code based on the token ID included in the user account information; wherein the information communication terminal performs to; acquire a token code in synchronization with the token code generated by the synchronization server from the security token of the user; generate a code table by assigning the acquired token code to elements in the geometrical pattern; display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table; and transmit to the authentication system a user authentication request including a password entered to the entry screen, and wherein the authentication system performs to; receive the user authentication request transmitted by the information communication terminal; identify a token ID corresponding to the user authentication request by referring to the authentication database; identify a password of the user from the token code generated by the synchronization server in accordance with the identified token ID and a password derivation pattern of the user corresponding to the user authentication request; execute authentication determination based on the identified password and the password included in the received user authenticated request; and transmit a result of the authentication determination to the usage target system.
-
-
5. An information communication terminal for achieving authentication by an authentication system for a user who uses a usage target system, comprising:
-
a processing unit; and a user interface operatively connected to the processing unit, wherein the processing unit performs to; acquire a token code in synchronization with the token code generated by the authentication server; generate a code table by assigning the acquired token code to elements in the geometrical pattern; and display an entry screen for to-be-authenticated information on the user interface, the entry screen including the generated code table.
-
-
6. A product comprising a non-transitory computer-readable medium storing a program for achieving authentication by an authentication system for a user who uses a usage target system,
wherein the program causes, by execution under control of the information communication terminal, the information communication terminal to perform to: -
acquire a token code in synchronization with a token code generated by the synchronization server; generate a code table by assigning the acquired token code to elements in the geometrical pattern; and display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table.
-
-
7. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
-
an authentication server configured to receive a user authentication request, to perform authentication determination based on the received user authentication request, and to transmit a result of the authentication determination to the usage target system; an authentication database configured to manage, for each user, user account information including a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern and a token ID for identifying a security token of the user; and a synchronization server configured to generate a token code based on the token ID included in the user account information, wherein the authentication system configured to select one from among a plurality of processes of authentication determination depending on whether an advance notice based on a start of use of the usage target system sent by the information communication terminal is received prior to receiving the user authentication request. - View Dependent Claims (8, 9, 10, 11)
-
-
12. An information communication terminal used for authentication by an authentication system for a user who uses a target system, comprising:
-
a processing unit; and a memory, operatively connected to the processing unit, that stores a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern, wherein the processing unit performs to; acquire a token code in synchronization with a token code generated by the authentication system from a security token of a user; execute either a first generation process that generates a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern, or a second generation process that generates a code table by assigning the acquired token code to the elements in the geometrical pattern depending on a situation of a network communication; and display screen on a user interface, the screen including the code table generated by either the first generation process or the second generation process. - View Dependent Claims (15, 16)
-
-
13. An authentication system for performing authentication for a user who uses a usage target system, comprising:
-
an authentication server configured to receive a user authentication request, to perform authentication determination based on the received user authentication request, and to transmit a result of the authentication determination to the usage target system; an authentication database configured to store user account information associating a password derivation pattern of the user with a token ID for identifying a security token of the user, the password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern; and a synchronization server configured to generate, in synchronization with a security token identified by the token ID, the same token code as the identified security token, wherein the authentication server performs to; provide, based on an authentication start request to the usage target system from an information communication terminal of the user, an entry screen for to-be-authenticated information on a user interface of the information communication terminal in order to allow the user to entry to-be-authenticated information including password information formed in accordance with a token code generated by the security token and the password derivation pattern stored in the authentication database; acquire a token code corresponding to the security token of the user from the synchronization server, by referring to the user account information in the authentication database, based on the to-be-authenticated information transmitted from the information communication terminal; execute authentication determination of the to-be-authenticated information, by referring to the corresponding user account information in the authentication database, based on the acquired token code and the password derivation pattern of the user; and transmit a result of the authentication determination to the usage target system.
-
-
14. A user authentication method for performing authentication for a user who uses a usage target system, comprising:
-
registering, in an authentication database, user account information associating a password derivation pattern of the user with a token ID for identifying a security token of the user, the password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern; providing, based on an authentication start request to the usage target system from an information communication terminal of the user, an entry screen for to-be-authenticated information on a user interface of the information communication terminal and allowing the user to entry to-be-authenticated information including password information formed in accordance with a token code generated by the security token and the registered password derivation pattern; receiving the to-be-authenticated information transmitted from the information communication terminal, and generating the same token code as the security token of the user, by referring to the corresponding user account information in the authentication database, based on the received to-be-authenticated information; referring to the corresponding user account information in the authentication database, and performing authentication determination of the to-be-authenticated information based on the generated token code and the password derivation pattern of the user; and transmitting a result of the authentication determination to the usage target system.
-
Specification