Authentication system
First Claim
1. An authentication system adopting an authentication scheme for verifying a user from a network, by sharing the same secret key between the user and the network, encrypting a known information using said secret key at the user to produce first encrypted information, transmitting the first encrypted information from the user to the network, encrypting the known information using said secret key at the network to produce second encrypted information, and collating the transmitted first encrypted information with the produced second encrypted information at the network,said system comprising a single master authentication center arranged in the network, said master authentication center sharing with the user a user secret key, and a plurality of slave authentication centers sharing with said master authentication center respective secret keys different from the user secret key,said master authentication center authenticating the user by using said user secret key and issuing a certificate information to the user if the user is authenticated as a legitimate user, said certificate information certifying legitmation of the user, said slave authentication center authenticating the certificate information from the user and issuing a permission information which allows an access to a specified server or an application server in the network, to the user if the user is authenticated as a legitimate user,wherein said user has an IC card provided with a CPU, and wherein the IC card executes management of said user secret key and encryption and decryption of the information.
4 Assignments
0 Petitions
Accused Products
Abstract
An authentication system whereby authentication load can be distributed in the network without sharing secret information of users is provided.
The system has a single master authentication center arranged in the network, the master authentication center sharing with the user a user secret key, and a plurality of slave authentication centers sharing with the master authentication center respective secret keys different from the user secret key. The master authentication center authenticates the user by using the user secret key and issues a certificate information which certifies legitimation of the user, to the user if the user is authenticated as a legitimate user. The slave authentication center authenticates the certificate information from the user and issues a permission information which allows an access to a specified server or an application server in the network, to the user if the user is authenticated as a legitimate user.
-
Citations
5 Claims
-
1. An authentication system adopting an authentication scheme for verifying a user from a network, by sharing the same secret key between the user and the network, encrypting a known information using said secret key at the user to produce first encrypted information, transmitting the first encrypted information from the user to the network, encrypting the known information using said secret key at the network to produce second encrypted information, and collating the transmitted first encrypted information with the produced second encrypted information at the network,
said system comprising a single master authentication center arranged in the network, said master authentication center sharing with the user a user secret key, and a plurality of slave authentication centers sharing with said master authentication center respective secret keys different from the user secret key, said master authentication center authenticating the user by using said user secret key and issuing a certificate information to the user if the user is authenticated as a legitimate user, said certificate information certifying legitmation of the user, said slave authentication center authenticating the certificate information from the user and issuing a permission information which allows an access to a specified server or an application server in the network, to the user if the user is authenticated as a legitimate user, wherein said user has an IC card provided with a CPU, and wherein the IC card executes management of said user secret key and encryption and decryption of the information.
-
4. An authentication system adopting an authentication scheme for verifying a user from a network, by sharing the same secret key between the user and the network, encrypting a known information using said secret key at the user to produce first encrypted information, transmitting the first encrypted information from the user to the network, encrypting the known information using said secret key at the network to produce second encrypted information, and collating the transmitted first encrypted information with the produced second encrypted information at the network,
said network issuing a certificate information to the user if the user is authenticated as a legitimate user, said certificate information certifying legitimation of the user and being valid within a predetermined period or predetermined times, wherein said user has an IC card provided with a CPU, and wherein the IC card executes management of said user secret key, management of the certificate information issued at the network, and encryption and decryption of the information.
Specification