Device and method for authenticating user's access rights to resources
First Claim
1. A device for authenticating user'"'"'s access rights to resources comprising:
- first memory means for storing challenging data;
second memory means for storing unique identifying information of the user;
third memory means for storing proof support information which is a result of executing predetermined computations to the user unique identifying information and unique security characteristic information of the device;
response generation means for generating a response from the challenging data stored in the first memory means, the unique identifying information of the user stored in the second memory means, and the proof support information stored in the third memory means; and
verification means for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information of the device satisfy a specific predefined relation.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a device for authenticating user'"'"'s access rights to resources, which comprises first memory means for storing challenging data, second memory means for storing unique identifying information of the user, third memory means for storing proof support information which is a result of executing predetermined computations to the unique identifying information of the user and unique security characteristic information of the device, response generation means for generating a response from the challenging data stored in the first memory means, the unique identifying information stored in the second memory means and the proof support information stored in the third memory means, and verification means for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information of the device satisfy a specific predefined relation.
-
Citations
67 Claims
-
1. A device for authenticating user'"'"'s access rights to resources comprising:
-
first memory means for storing challenging data; second memory means for storing unique identifying information of the user; third memory means for storing proof support information which is a result of executing predetermined computations to the user unique identifying information and unique security characteristic information of the device; response generation means for generating a response from the challenging data stored in the first memory means, the unique identifying information of the user stored in the second memory means, and the proof support information stored in the third memory means; and verification means for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information of the device satisfy a specific predefined relation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
-
-
63. A method for authenticating user'"'"'s access rights to resources by verifying the legitimacy of a response generated from challenging data for proving the user'"'"'s access rights, comprising:
-
a step for storing the challenging data; a step for storing unique identifying information of the user; a step for storing proof support information which is a result of predetermined computations to the unique identifying information of the user and unique security characteristic information; a step for generating a response by executing predetermined computations to the challenging data, the unique identifying information of the user and the proof support information; and a step for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information satisfy a specific predefined relation.
-
-
64. A computer program product for use with a computer, the computer program product comprising:
a computer usable medium having computer readable program code means embodied in the medium for causing the computer to authenticate user'"'"'s access rights to resources by verifying the legitimacy of a response generated from challenging data for proving the user'"'"'s access rights, the computer program product having; computer readable program code means for causing the computer to store the challenging data; computer readable program code means for causing the computer to store unique identifying information of the user; computer readable program code means for causing the computer to store proof support information which is a result of predetermined computations to the unique identifying information of the user and unique security characteristic information; computer readable program code means for causing the computer to generate a response by executing a predetermined computations to the challenging data, the unique identifying information of the user and the proof support information; and computer readable program code means for causing the computer to verify the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information satisfy a specific predefined relation.
-
65. A computer program product for use with a computer, the computer program product comprising:
a computer usable medium having computer readable program code means embodied in the medium for causing the computer to generate a response from challenging data, the legitimacy of which is to be verified for authenticating user'"'"'s access rights, the computer program product having; computer readable program code means for causing the computer to store the challenging data; computer readable program code means for causing the computer to store unique identifying information of the user; computer readable program code means for causing the computer to store proof support information which is a result of predetermined computations to the unique identifying information of the user and unique security characteristic information; and computer readable program code means for causing the computer to generate a response by executing predetermined computations to the challenging data, the unique identifying information of the user and the proof support information.
-
66. A program execution control device for authenticating user'"'"'s access rights to resources by verifying the legitimacy of a response generated from challenging data for proving the user'"'"'s access rights and controlling execution of a program based on the authentication of the user'"'"'s access rights, comprising:
-
first memory means for storing challenging data; second memory means for storing unique identifying information of the user; third memory means for storing proof support information which is a result of predetermined computations to the unique identifying information of the user and unique security characteristic information of the device; response generation means for generating a response by executing predetermined computations to the challenging data, the unique identifying information of the user and the proof support information; verification means for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information satisfy a specific predefined relation; and continuation means for continuing execution of the program if the legitimacy of the response is verified.
-
-
67. An information processing apparatus for authenticating user'"'"'s access rights to specific information processing resources by verifying the legitimacy of a response generated for proving the user'"'"'s access rights and permitting access to the specific information processing resources, comprising:
-
first memory means for storing challenging data; second memory means for storing unique identifying information of the user; third memory means for storing proof support information which is a result of predetermined computations to the unique identifying information of the user and unique security characteristic information; response generation means for generating a response by executing predetermined computations to the challenging data, the unique identifying information of the user and the proof support information; verification means for verifying the legitimacy of the response by verifying that tho response, the challenging data and the unique security characteristic information satisfy a specific predefined relation; and permission means for permitting access to the specific information processing resources if the legitimacy of the response is verified.
-
Specification