Safety judgment method, safety judgment system, safety judgment apparatus, first authentication apparatus, and computer program product
First Claim
1. A safety judgment method for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, comprising the steps of:
- receiving biological information by said information processing apparatus;
authenticating the biological information by judging whether the received biological information is proper or not by said information processing apparatus, said first authentication apparatus, or said second authentication apparatus;
collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus;
transmitting the collected environment information from said information processing apparatus to said first authentication apparatus;
transmitting an electronic certificate issued in advance by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus from said information processing apparatus to said first authentication apparatus;
authenticating the electronic certificate by said first authentication apparatus by decrypting the encrypted information with a public key acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted information is proper;
authenticating the environment information by said first authentication apparatus by judging whether or not the transmitted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and
judging said information processing apparatus to be safe by said first authentication apparatus when all the authentications performed in the step of authenticating the biological information, the step of authenticating the environment information, and the step of authenticating an electronic certificate are successful.
1 Assignment
0 Petitions
Accused Products
Abstract
Security of an information processing apparatus is ensured by performing biological information authentication and collecting the environment information about the information processing apparatus. The information processing apparatus transmits the collected environment information to a first authentication apparatus. An electronic certificate issued by a second authentication apparatus and information encrypted with a secret key issued by the second authentication apparatus are transmitted to the first authentication apparatus. The first authentication apparatus acquires the public key of the second authentication apparatus and the public key of the information processing apparatus so as to decrypt the encrypted information, and judges whether or not the decrypted information is proper. The first authentication apparatus refers to an environment information database and the transmitted information, and judges whether or not the transmitted environment information is proper. When all the authentications by the biological information authentication, environment information authentication and electronic certificate authentication are successful, the information processing apparatus is judged to be safe.
-
Citations
47 Claims
-
1. A safety judgment method for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, comprising the steps of:
-
receiving biological information by said information processing apparatus; authenticating the biological information by judging whether the received biological information is proper or not by said information processing apparatus, said first authentication apparatus, or said second authentication apparatus; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; transmitting the collected environment information from said information processing apparatus to said first authentication apparatus; transmitting an electronic certificate issued in advance by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus from said information processing apparatus to said first authentication apparatus; authenticating the electronic certificate by said first authentication apparatus by decrypting the encrypted information with a public key acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted information is proper; authenticating the environment information by said first authentication apparatus by judging whether or not the transmitted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and judging said information processing apparatus to be safe by said first authentication apparatus when all the authentications performed in the step of authenticating the biological information, the step of authenticating the environment information, and the step of authenticating an electronic certificate are successful. - View Dependent Claims (2)
-
-
3. A safety judgment method for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, comprising the steps of:
-
receiving biological information by said information processing apparatus; authenticating the biological information by judging whether the received biological information is proper or not by said information processing apparatus, said first authentication apparatus, or said second authentication apparatus; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; encrypting the collected environment information with a secret key issued by said second authentication apparatus; transmitting an electronic certificate issued in advance by said second authentication apparatus and the environment information encrypted with the secret key from said information processing apparatus to said first authentication apparatus; authenticating the electronic certificate by said first authentication apparatus by decrypting the encrypted environment information with a public key acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted environment information is proper; authenticating the environment information by said first authentication apparatus by judging whether or not the decrypted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and judging said information processing apparatus to be safe by said first authentication apparatus when all the authentications performed in the step of authenticating the biological information, the step of authenticating the environment information, and the step of authenticating an electronic certificate are successful. - View Dependent Claims (4)
-
-
5. A safety judgment method for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, comprising the steps of:
-
receiving biological information by said information processing apparatus; authenticating the biological information by judging whether the received biological information is proper or not by said information processing apparatus, said first authentication apparatus, or said second authentication apparatus; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; transmitting the collected environment information from said information processing apparatus to said first authentication apparatus; transmitting an electronic certificate issued in advance by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus from said information processing apparatus to said first authentication apparatus; authenticating the environment information by said first authentication apparatus by judging whether or not the transmitted environment information is proper with reference to an environment information database that stores environment conditions classified according to information to be transmitted and received; and authenticating the electronic certificate by said information processing apparatus by decrypting the encrypted software with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted software is proper; and installing the decrypted software in said information processing apparatus when all the authentications performed in the step of authenticating the biological information, the step of authenticating the environment information and the step of authenticating the electronic certificate are successful.
-
-
6. A safety judgment system for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, wherein
said information processing apparatus comprises: - biological information receiving means for receiving biological information;
biological information authenticating means for judging whether or not the received biological information is proper;
environment information collecting means for collecting environment information including information about peripheral equipment connected thereto or about software installed therein;
environment information transmitting means for transmitting the environment information collected by said environment information collecting means to said first authentication apparatus; and
encrypted information transmitting means for transmitting an electronic certificate issued by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus to said first authentication apparatus, andsaid first authentication apparatus comprises;
electronic certificate authenticating means for decrypting the encrypted information with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted information is proper;
environment information authenticating means for judging whether or not the transmitted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and
safety judging means for judging said information processing apparatus to be safe when all the authentications performed by said biological information authenticating means, said environment information authenticating means and said electronic certificate authenticating means are successful. - View Dependent Claims (7, 8, 9, 10, 11)
- biological information receiving means for receiving biological information;
-
12. A safety judgment system for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, wherein
said information processing apparatus comprises a processor capable of performing the operations of: -
receiving biological information; authenticating the biological information by judging whether or not the received biological information is proper; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; transmitting the collected environment information to said first authentication apparatus; and transmitting an electronic certificate issued by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus to said first authentication apparatus, and said first authentication apparatus comprises a processor capable of performing the operations of; authenticating the electronic certificate by decrypting the encrypted information with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted information is proper; authenticating the environment information by judging whether or not the transmitted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and judging said information processing apparatus to be safe when all the authentications by the operation of authenticating the biological information, the operation of authenticating the environment information and the operation of authenticating the electronic certificate are successful. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A safety judgment system for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, wherein
said information processing apparatus comprises: - biological information receiving means for receiving biological information;
biological information authenticating means for judging whether or not the biological information received by said biological information receiving means is proper;
environment information collecting means for collecting environment information including information about peripheral equipment connected thereto or about software installed therein; and
environment information transmitting means for transmitting the environment information collected by said environment information collecting means to said first authentication apparatus,said first authentication apparatus comprises;
encrypted information transmitting means for transmitting an electronic certificate issued by said second authentication apparatus and software encrypted with a secret key issued by said second authentication apparatus to said information processing apparatus; and
environment information authenticating means for judging whether or not the transmitted environment information is proper with reference to an environment information database that stores environment conditions classified according to information to be transmitted and received, andsaid information processing apparatus further comprises; electronic certificate authenticating means for decrypting the encrypted software with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted software is proper; and
installing means for installing the decrypted software when all the authentications performed by said biological information authenticating means, said environment information authenticating means and said electronic certificate authenticating means are successful. - View Dependent Claims (19, 20, 21, 22, 23, 24)
- biological information receiving means for receiving biological information;
-
25. A safety judgment system for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, wherein
said information processing apparatus comprises a processor capable of performing the operations of: -
receiving biological information; authenticating the biological information by judging whether or not the received biological information is proper; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; and transmitting the collected environment information to said first authentication apparatus, and said first authentication apparatus comprises a processor capable of performing the operations of; transmitting an electronic certificate issued by said second authentication apparatus and software encrypted with a secret key issued by said second authentication apparatus to said information processing apparatus; and authenticating the environment information by judging whether or not the transmitted environment information is proper with reference to an environment information database that stores environment conditions classified according to information to be transmitted and received, and said processor of said information processing apparatus is further capable of performing the operations of; authenticating the electronic certificate by decrypting the encrypted software with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted software is proper; and installing the decrypted software when all the authentications by the operation of authenticating the biological information, the operation of authenticating the environment information and the operation of authenticating the electronic certificate are successful. - View Dependent Claims (26, 27, 28, 29, 30, 31)
-
-
32. A safety judgment system for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, wherein
said information processing apparatus comprises: - biological information receiving means for receiving biological information;
environment information collecting means for collecting environment information including information about peripheral equipment connected thereto or about software installed therein;
encrypting means for encrypting the biological information received by said biological information receiving means and the environment information collected by said environment information collecting means, with a secret key issued by said second authentication apparatus; and
encrypted information transmitting means for transmitting an electronic certificate issued by said second authentication apparatus and the encrypted biological information and environment information to said first authentication apparatus, andsaid first authentication apparatus comprises;
electronic certificate authenticating means for decrypting the encrypted biological information and environment information with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted biological information and environment information are proper;
environment information authenticating means for judging whether or not the transmitted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the decrypted environment information;
biological information authenticating means for judging whether or not the biological information is proper by comparing the decrypted biological information with pre-stored biological information; and
safety judging means for judging said information processing apparatus to be safe when all the authentications performed by said biological information authenticating means, said environment information authenticating means and said electronic certificate authenticating means are successful. - View Dependent Claims (33, 34, 35)
- biological information receiving means for receiving biological information;
-
36. A safety judgment system for judging safety of an information processing apparatus among the information processing apparatus, a first authentication apparatus and a second authentication apparatus which are connected through a communication network, wherein
said information processing apparatus comprises a processor capable of performing the operations of: -
receiving biological information; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; encrypting the received biological information and the collected environment information with a secret key issued by said second authentication apparatus; and transmitting an electronic certificate issued by said second authentication apparatus and the encrypted biological information and environment information to said first authentication apparatus, and said first authentication apparatus comprises a processor capable of performing the operations of; authenticating the electronic certificate by decrypting the encrypted biological information and environment information with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted biological information and environment information are proper; authenticating the environment information by judging whether or not the transmitted environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the decrypted environment information; authenticating the biological information by judging whether or not the decrypted biological information is proper by comparing the decrypted biological information with pre-stored biological information; and judging said information processing apparatus to be safe when all the authentications by the operation of authenticating the biological information, the operation of authenticating the environment information and the operation of authenticating the electronic certificate are successful. - View Dependent Claims (37, 38, 39)
-
-
40. A safety judgment apparatus for judging safety of an information processing apparatus connected to a first authentication apparatus and a second authentication apparatus through a communication network, comprising:
-
biological information authenticating means for judging whether or not received biological information is proper; environment information collecting means for collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; environment information transmitting means for transmitting the environment information collected by said environment information collecting means to said first authentication apparatus; encrypted information transmitting means for transmitting an electronic certificate issued by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus to said first authentication apparatus; and safety judging means for judging said information processing apparatus to be safe when said biological information authenticating means judges proper, said first authentication apparatus judges that the environment information transmitted by said environment information transmitting means is proper, said first authentication apparatus judges that the electronic certificate and encrypted information transmitted by said encrypted information transmitting means are proper, and said safety judging means receives information indicating that the information is proper.
-
-
41. A safety judgment apparatus for judging safety of an information processing apparatus connected to a first authentication apparatus and a second authentication apparatus through a communication network, comprising:
-
biological information authenticating means for judging whether or not received biological information is proper; environment information collecting means for collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; environment information transmitting means for transmitting the environment information collected by said environment information collecting means to said first authentication apparatus; electronic certificate authenticating means for, when an electronic certificate and encrypted software are received from said first authentication apparatus, decrypting the encrypted software with a public key, which is acquired from the electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted software is proper; and installing means for installing the decrypted software in said information processing apparatus when the authentications performed by said biological information authenticating means and said electronic certificate authenticating means are judged successful, said first authentication apparatus judges that the environment information transmitted by said environment information transmitting means is proper, and said installing means receives information indicating that the information is proper.
-
-
42. A safety judgment apparatus for judging safety of an information processing apparatus connected to a first authentication apparatus and a second authentication apparatus through a communication network, comprising a processor capable of performing the operations of:
-
authenticating biological information by judging whether or not received biological information is proper; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; transmitting the collected environment information to said first authentication apparatus; transmitting an electronic certificate issued by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus to said first authentication apparatus; and judging said information processing apparatus to be safe when the biological information is judged proper in the operation of authenticating the biological information, said first authentication apparatus judges that the transmitted environment information is proper, the first authentication apparatus judges that the transmitted electronic certificate and encrypted information are proper, and information indicating that the information is proper is received.
-
-
43. A safety judgment apparatus for judging safety of an information processing apparatus connected to a first authentication apparatus and a second authentication apparatus through a communication network, comprising a processor capable of performing the operations of:
-
authenticating biological information by judging whether or not received biological information is proper; collecting environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus; transmitting the collected environment information to said first authentication apparatus; when an electronic certificate and encrypted software are received from said first authentication apparatus, authenticating the electronic certificate by decrypting the encrypted software with a public key, which is acquired from the electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted software is proper; and installing the decrypted software in said information processing apparatus when authentications are judged successful in the operation of authenticating the biological information and the operation of authenticating the electronic certificate, said first authentication apparatus judges that transmitted environment information is proper, and information indicating that the information is proper is received.
-
-
44. A first authentication apparatus for judging safety of an information processing apparatus connected through a communication network, comprising:
-
authentication information receiving means for receiving authentication information indicating whether or not biological information received by said information processing apparatus is proper; electronic certificate authenticating means for, when an electronic certificate issued by a second authentication apparatus connected through the communication network and information encrypted with a secret key issued by said second authentication apparatus are transmitted from said information processing apparatus, decrypting the encrypted information with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted information is proper; environment information authenticating means for, when environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus is received from said information processing apparatus, judging whether or not the received environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and safety judging means for judging said information processing apparatus to be safe when said authentication information receiving means receives authentication information indicating that the biological information is proper, and authentications performed by said environment information authenticating means and said electronic certificate authenticating means are judged successful.
-
-
45. A first authentication apparatus for judging safety of an information processing apparatus connected through a communication network, comprising a processor capable of performing the operations of:
-
receiving authentication information indicating whether or not biological information received by said information processing apparatus is proper; when an electronic certificate issued by a second authentication apparatus connected through the communication network and information encrypted with a secret key issued by said second authentication apparatus are transmitted from said information processing apparatus, authenticating the electronic certificate by decrypting the encrypted information with a public key, which is acquired from the transmitted electronic certificate by using a public key acquired from said second authentication apparatus, and judging whether or not the decrypted information is proper; when environment information including information about peripheral equipment connected to said information processing apparatus or about software installed in said information processing apparatus is received from said information processing apparatus, authenticating the environment information by judging whether or not the received environment information is proper with reference to an environment information database, which stores environment conditions classified according to information to be transmitted and received, and the transmitted information; and judging said information processing apparatus to be safe when authentication information indicating that the biological information is proper is received, and the authentications by the operation of authenticating the environment information and the operation of authenticating the electronic certificate are judged successful.
-
-
46. A computer program product, within a computer readable medium, for judging safety of a computer connected to a first authentication apparatus and a second authentication apparatus through a communication network, comprising the steps of:
-
causing the computer to authenticate biological information by authenticating whether or not received biological information is proper; causing the computer to collect environment information including information about connected peripheral equipment or about installed software; causing the computer to transmit environment information by transmitting the collected environment information to said first authentication apparatus; causing the computer to transmit encrypted information by transmitting an electronic certificate issued by said second authentication apparatus and information encrypted with a secret key issued by said second authentication apparatus to said first authentication apparatus; and causing the computer to judge the computer to be safe when the biological information is judged proper in the step of authenticating the biological information, the first authentication apparatus judges that environment information transmitted in the step of transmitting environment information is proper, the first authentication apparatus judges that the electronic certificate and encrypted information transmitted in the step of transmitting the encrypted information are proper, and information indicating that the information is proper is received from said first authentication apparatus.
-
-
47. A computer program product, within a computer readable medium, for judging safety of a computer connected to a first authentication apparatus and a second authentication apparatus through a communication network, comprising the steps of:
-
causing the computer to authenticate biological information by authenticating whether or not received biological information is proper; causing the computer to collect environment information including information about connected peripheral equipment or about installed software; causing the computer to transmit environment information by transmitting the collected environment information to said first authentication apparatus; when an electronic certificate and encrypted software are received from said first authentication apparatus, causing the computer to authenticate the electronic certificate by decrypting the encrypted software with a public key, which is acquired from the electronic certificate by using a public key acquired from the second authentication apparatus, and judging whether or not the decrypted software is proper; and causing the computer to install the decrypted software when authentications performed in the step of authenticating the biological information and the step of authenticating the electronic certificate are judged successful, the first authentication apparatus judges that the environment information transmitted in the step of transmitting environment information is proper, and information indicating that the information is proper is received.
-
Specification