Person authentication system, person authentication method, information processing apparatus, and program providing medium

US 7,243,238 B2
Filed: 08/30/2001
Issued: 07/10/2007
Est. Priority Date: 08/31/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A person authentication method for executing person authentication by comparing a template which is person identification data acquired beforehand with sampling information input by a user, said method comprising the steps of:

acquiring an encrypted template from a person identification certificate including said template and generated by a third-party agency serving as a person identification certificate authority;

receiving said encrypted template from said person identification certificate authority and an encrypted sampling information from said user;

decrypting said encrypted template and said encrypted sampling information;

comparing said decrypted template with said decrypted sampling information, andexecuting person authentication on the basis of the acquired template;

wherein,said encrypted sampling information is generated using a public key certificate generated by a certificate authority; and

when transmitting said person identification certificate to a person authentication system, said person identification certificate authority(a) retrieves a stored encrypted template,(b) decrypts the stored encrypted template using a private key of the person identification certificate authority,(c) re-encrypts the decrypted template using a public key of said person authentication system to which said person identification certificate is to be transmitted, and(d) stores the re-encrypted template in said person identification certificate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are a person authentication system, a person authentication method, and an information processing apparatus which allow person authentication to be performed in an easy fashion in various devices by comparing a template serving as person identification data with sampling information input by a user. A service provider (SP) or user device (UD) executes person authentication by acquiring a template from a person identification certificate (IDC) generated by a third-party agency serving as a person identification certificate authority (IDA). The IDA acquires a template serving as identification data after verifying a person requesting an IDC to be issued, and generates the IDC storing template information. The IDA distributes the IDC having a digital signature of the IDA added thereto to the SP and the UD.

Citations

14 Claims

1. A person authentication method for executing person authentication by comparing a template which is person identification data acquired beforehand with sampling information input by a user, said method comprising the steps of:
- acquiring an encrypted template from a person identification certificate including said template and generated by a third-party agency serving as a person identification certificate authority;
  
  receiving said encrypted template from said person identification certificate authority and an encrypted sampling information from said user;
  
  decrypting said encrypted template and said encrypted sampling information;
  
  comparing said decrypted template with said decrypted sampling information, andexecuting person authentication on the basis of the acquired template;
  
  wherein,said encrypted sampling information is generated using a public key certificate generated by a certificate authority; and
  
  when transmitting said person identification certificate to a person authentication system, said person identification certificate authority(a) retrieves a stored encrypted template,(b) decrypts the stored encrypted template using a private key of the person identification certificate authority,(c) re-encrypts the decrypted template using a public key of said person authentication system to which said person identification certificate is to be transmitted, and(d) stores the re-encrypted template in said person identification certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A person authentication method according to claim 1, wherein said person identification certificate authority writes a digital signature on the person identification certificate issued by said person identification certificate authority.
  - 3. A person authentication method according to claim 1, wherein said person identification certificate authority verifies the identification of a person requesting a person identification certificate to be issued, acquires a template serving as person identification data of said person requesting the person identification certificate to be issued, and generates a person identification certificate storing template information including said template.
  - 4. A person authentication method according to claim 1, wherein, in the process of acquiring the person identification certificate from said person identification certificate authority, said person authentication system performs mutual authentication between said person authentication system and said person identification certificate authority, and said person identification certificate authority transmits the person identification certificate, provided that said mutual authentication is successfully completed.
  - 5. A person authentication method according to claim 1, wherein said person identification certificate authority stores said template in said person identification certificate after encrypting said template.
  - 6. A person authentication method according to claim 1, wherein said person authentication system is a service provider which makes a deal with a user identified by said person identification certificate, andwherein said service provider compares a template, which is acquirable from a person identification certificate acquired from said person identification certificate authority, with sampling information provided by the user, and starts making a deal with the user, provided that said template and said sampling information match with each other.
  - 7. A person authentication method according to claim 1, wherein said person authentication system is a user device serving as a data processing apparatus including data accessible by a user identified by said person identification certificate, andwherein said user device compares a template, which is acquirable from a person identification certificate acquired from said person identification certificate authority, with sampling information provided by the user, and said user device allows the user to start accessing said user device, provided that said template and said sampling information match with each other.

8. A person authentication method for executing person authentication by comparing a template which is a person identification data acquired beforehand with sampling information input by a user, comprising receiving, at a person identification certificate authority which acquires an encrypted template from a person identification certificate including said encrypted template, said encrypted template from said person identification certificate authority and an encrypted sampling information from said user;
- decrypting said encrypted template and said encrypted sampling information, and executing person authentication by comparing said decrypted template with said decrypted sampling information, wherein a verification certificate is issued provided that said person authentication is successfully passed;
  
  wherein said encrypted sampling information is generated using a public key certificate generated by a certificate authority; and
  
  wherein, when transmitting said person identification certificate to a person authentication system, said person identification certificate authority retrieves a stored encrypted template, decrypts the stored encrypted template using a private key of the person identification certificate authority, re-encrypts the decrypted template using a public key of said person authentication system to which said person identification certificate is to be transmitted, and stores the re-encrypted template in said person identification certificate.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. A person authentication method according to claim 8, wherein said person identification certificate authority writes a digital signature on the verification certificate issued by said person identification certificate authority.
  - 10. A person authentication method according to claim 8, wherein said person identification certificate authority verifies the identification of a person requesting a person identification certificate to be issued, acquires a template serving as person identification data of said person requesting the person identification certificate to be issued, and generates a person identification certificate storing template information including said template.
  - 11. A person authentication method according to claim 8, wherein, in the process of acquiring said verification certificate from said person identification certificate authority, said person authentication system performs mutual authentication between said person authentication system and said person identification certificate authority, and said person identification certificate authority transmits the verification certificate, provided that said mutual authentication is successfully completed.
  - 12. A person authentication method according to claim 8, wherein said person authentication system acquiring the verification certificate is a service provider which provides services to an user, andwherein said service provider starts providing services to the user, provided that the verification certificate is successfully acquired from said person identification certificate authority.
  - 13. A person authentication method according to claim 8, wherein said person authentication system acquiring the verification certificate is a user device serving as a data processing apparatus including data accessible by an user, andwherein said user device allows the user to start accessing said user device, provided that the verification certificate is successfully acquired from said person identification certificate authority.
  - 14. A person authentication method according to claim 8, wherein said person authentication system verifies the signature of said verification certificate acquired from said person identification certificate authority and deletes said verification certificate after confirming that said verification of the signature indicates the validity of said verification certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Ishibashi, Yoshihito, Watanabe, Hideaki, Matsuyama, Shinako, Futamura, Ichiro, Kon, Masashi
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
HENEGHAN, MATTHEW E

Application Number

US09/944,192
Publication Number

US 20020026574A1
Time in Patent Office

2,140 Days
Field of Search

713/155, 713/156, 713/175, 713/176, 713/185, 713/186, 713/169, 713/182
US Class Current

713/182
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2117   User registration

G06F 2221/2129   Authenticate client device ...

G06F 2221/2137   Time limited access, e.g. t...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 9/3268   using certificate validatio...

H04L 9/3273   for mutual authentication n...

Person authentication system, person authentication method, information processing apparatus, and program providing medium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Person authentication system, person authentication method, information processing apparatus, and program providing medium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links