USER AUTHENTICATION METHOD, SYSTEM FOR IMPLEMENTING THE SAME, AND INFORMATION COMMUNICATION TERMINAL USED IN THE SAME

US 20150312242A1
Filed: 05/23/2013
Published: 10/29/2015
Est. Priority Date: 05/23/2013
Status: Active Grant

First Claim

Patent Images

1. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:

an authentication database configured to manage, for each user, user account information including a token ID for identifying a security token of the user; and

a synchronization server configured to generate a token code in accordance with the token ID included in the user account information,wherein the information communication terminal performs to;

store a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern in a memory;

acquire a token code in synchronization with the token code generated by the synchronization server from a security token of the user;

generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern;

display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table; and

transmit to the authentication system a user authentication request including a password entered to the entry screen, andwherein the authentication system performs to;

receive the user authentication request transmitted by the information communication terminal;

identify a token ID corresponding to the user authentication request by referring to the authentication database and perform authentication determination based on the token code generated by the synchronization server in accordance with the identified token ID and a password included in the received user authentication request; and

transmit a result of the authentication determination to the usage target system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

[Problem] To provide a user authentication technology whereby hacking of a system by a third party is effectively prevented. [Solution] The present invention is a user authentication method and system, wherein: an information communication terminal allocates numerals, etc., which configure a token code which is generated by time synchronizing with an authentication system side to each cell which configures a user'"'"'s password derivation pattern, and displays upon a user interface a personal identification table whereupon numerals, etc., are allocated which have been randomly generated with other cells; the user, with reference to the personal identification table, selects the numerals, etc., which are allocated to each cell which configures the user'"'"'s password derivation pattern, and inputs same as a password; and the authentication system carries out an authentication determination upon the inputted password on the basis of the generated time synchronized token code.

31 Citations

View as Search Results

16 Claims

1. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
- an authentication database configured to manage, for each user, user account information including a token ID for identifying a security token of the user; and
  
  a synchronization server configured to generate a token code in accordance with the token ID included in the user account information,wherein the information communication terminal performs to;
  
  store a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern in a memory;
  
  acquire a token code in synchronization with the token code generated by the synchronization server from a security token of the user;
  
  generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern;
  
  display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table; and
  
  transmit to the authentication system a user authentication request including a password entered to the entry screen, andwherein the authentication system performs to;
  
  receive the user authentication request transmitted by the information communication terminal;
  
  identify a token ID corresponding to the user authentication request by referring to the authentication database and perform authentication determination based on the token code generated by the synchronization server in accordance with the identified token ID and a password included in the received user authentication request; and
  
  transmit a result of the authentication determination to the usage target system.

2. An information communication terminal used for authentication by an authentication system for a user who uses a usage target system, comprising:
- a processing unit; and
  
  a memory, operatively connected to the processing unit, that stores a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern;
  
  wherein the processing unit performs to;
  
  acquire a token code in synchronization with a token code generated by the authentication system for performing authentication;
  
  generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern; and
  
  displaying an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table.

3. A product comprising a non-transitory computer-readable medium storing a program for achieving authentication by an authentication system for a user who uses a usage target system, by way of using an information communication terminal,wherein the program causes, by execution under control of the information communication terminal, the information communication terminal to perform to:
- store a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern;
  
  acquire a token code in synchronization with a token code generated by the synchronization server;
  
  generate a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern; and
  
  display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table.

4. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
- an authentication database configured to manage, for each user, user account information including a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern and a token ID for identifying a security token of the user;
  
  a synchronization server configured to generate a token code based on the token ID included in the user account information;
  
  wherein the information communication terminal performs to;
  
  acquire a token code in synchronization with the token code generated by the synchronization server from the security token of the user;
  
  generate a code table by assigning the acquired token code to elements in the geometrical pattern;
  
  display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table; and
  
  transmit to the authentication system a user authentication request including a password entered to the entry screen, andwherein the authentication system performs to;
  
  receive the user authentication request transmitted by the information communication terminal;
  
  identify a token ID corresponding to the user authentication request by referring to the authentication database;
  
  identify a password of the user from the token code generated by the synchronization server in accordance with the identified token ID and a password derivation pattern of the user corresponding to the user authentication request;
  
  execute authentication determination based on the identified password and the password included in the received user authenticated request; and
  
  transmit a result of the authentication determination to the usage target system.

5. An information communication terminal for achieving authentication by an authentication system for a user who uses a usage target system, comprising:
- a processing unit; and
  
  a user interface operatively connected to the processing unit,wherein the processing unit performs to;
  
  acquire a token code in synchronization with the token code generated by the authentication server;
  
  generate a code table by assigning the acquired token code to elements in the geometrical pattern; and
  
  display an entry screen for to-be-authenticated information on the user interface, the entry screen including the generated code table.

6. A product comprising a non-transitory computer-readable medium storing a program for achieving authentication by an authentication system for a user who uses a usage target system,wherein the program causes, by execution under control of the information communication terminal, the information communication terminal to perform to:
- acquire a token code in synchronization with a token code generated by the synchronization server;
  
  generate a code table by assigning the acquired token code to elements in the geometrical pattern; and
  
  display an entry screen for to-be-authenticated information on a user interface, the entry screen including the generated code table.

7. An authentication system for performing authentication for a user who uses a usage target system, by way of using an information communication terminal, comprising:
- an authentication server configured to receive a user authentication request, to perform authentication determination based on the received user authentication request, and to transmit a result of the authentication determination to the usage target system;
  
  an authentication database configured to manage, for each user, user account information including a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern and a token ID for identifying a security token of the user; and
  
  a synchronization server configured to generate a token code based on the token ID included in the user account information,wherein the authentication system configured to select one from among a plurality of processes of authentication determination depending on whether an advance notice based on a start of use of the usage target system sent by the information communication terminal is received prior to receiving the user authentication request.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The authentication system according to claim 7, wherein, if the authentication system has not received the advance notice based on the star of use of the usage target system, the authentication system identifies a token ID corresponding to the received user authentication request referring to the authentication database, and performs authentication determination based on the token code generated by the synchronization server in accordance with the identified token ID and a password included in the received user authentication request.
  - 9. The authentication system according to claim 8, wherein, if the authentication system has received the advance notice based on the star of use of the usage target system, the authentication system identifies a token ID corresponding to the received user authentication request referring to the authentication database, identifies a password of the user based on the token code generated by the synchronization server in accordance with the identified token ID and a password derivation pattern of the user corresponding the user authentication request, and perform authentication determination based on the identified password and a password included in the received user authentication request.
  - 10. The authentication system according to claim 7, wherein the authentication system receives the user authentication request if the user authentication request arrives within a predetermined period of time after receiving the advance notice.
  - 11. The authentication system according to claim 10, wherein the authentication system informs the usage target system of receipt of the advance notice.

12. An information communication terminal used for authentication by an authentication system for a user who uses a target system, comprising:
- a processing unit; and
  
  a memory, operatively connected to the processing unit, that stores a password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern,wherein the processing unit performs to;
  
  acquire a token code in synchronization with a token code generated by the authentication system from a security token of a user;
  
  execute either a first generation process that generates a code table by assigning the acquired token code to the specific elements constituting the password derivation pattern in the geometrical pattern and assigning an arbitrary code to the remaining elements in the geometrical pattern, or a second generation process that generates a code table by assigning the acquired token code to the elements in the geometrical pattern depending on a situation of a network communication; and
  
  display screen on a user interface, the screen including the code table generated by either the first generation process or the second generation process.
- View Dependent Claims (15, 16)
- - 15. The information communication terminal according to claim 12, wherein the information communication terminal executes the first generation process if the network communication is unavailable, and executes the second generation process if the network communication is available.
  - 16. The information communication terminal according to claim 12, wherein the processing unit performs to transmit an advance notice based on a start of use of the usage target system to the authentication system.

13. An authentication system for performing authentication for a user who uses a usage target system, comprising:
- an authentication server configured to receive a user authentication request, to perform authentication determination based on the received user authentication request, and to transmit a result of the authentication determination to the usage target system;
  
  an authentication database configured to store user account information associating a password derivation pattern of the user with a token ID for identifying a security token of the user, the password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern; and
  
  a synchronization server configured to generate, in synchronization with a security token identified by the token ID, the same token code as the identified security token,wherein the authentication server performs to;
  
  provide, based on an authentication start request to the usage target system from an information communication terminal of the user, an entry screen for to-be-authenticated information on a user interface of the information communication terminal in order to allow the user to entry to-be-authenticated information including password information formed in accordance with a token code generated by the security token and the password derivation pattern stored in the authentication database;
  
  acquire a token code corresponding to the security token of the user from the synchronization server, by referring to the user account information in the authentication database, based on the to-be-authenticated information transmitted from the information communication terminal;
  
  execute authentication determination of the to-be-authenticated information, by referring to the corresponding user account information in the authentication database, based on the acquired token code and the password derivation pattern of the user; and
  
  transmit a result of the authentication determination to the usage target system.

14. A user authentication method for performing authentication for a user who uses a usage target system, comprising:
- registering, in an authentication database, user account information associating a password derivation pattern of the user with a token ID for identifying a security token of the user, the password derivation pattern constituted by specific elements selected from among elements forming a geometrical pattern;
  
  providing, based on an authentication start request to the usage target system from an information communication terminal of the user, an entry screen for to-be-authenticated information on a user interface of the information communication terminal and allowing the user to entry to-be-authenticated information including password information formed in accordance with a token code generated by the security token and the registered password derivation pattern;
  
  receiving the to-be-authenticated information transmitted from the information communication terminal, and generating the same token code as the security token of the user, by referring to the corresponding user account information in the authentication database, based on the received to-be-authenticated information;
  
  referring to the corresponding user account information in the authentication database, and performing authentication determination of the to-be-authenticated information based on the generated token code and the password derivation pattern of the user; and
  
  transmitting a result of the authentication determination to the usage target system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Passlogy Co.,Ltd.
Original Assignee
Passlogy Co.,Ltd.
Inventors
OGAWA, Hideharu

Granted Patent

US 10,798,090 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/955   using information identifie...

G06F 21/34   involving the use of extern...

G06F 21/36   by graphic or iconic repres...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 67/1095   Replication or mirroring of...

H04L 9/3228   One-time or temporary data,...

USER AUTHENTICATION METHOD, SYSTEM FOR IMPLEMENTING THE SAME, AND INFORMATION COMMUNICATION TERMINAL USED IN THE SAME

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

USER AUTHENTICATION METHOD, SYSTEM FOR IMPLEMENTING THE SAME, AND INFORMATION COMMUNICATION TERMINAL USED IN THE SAME

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links