Information providing device, method, program and recording medium, and user authentication device, method, program and recording medium

US 7,617,399 B2
Filed: 03/19/2004
Issued: 11/10/2009
Est. Priority Date: 03/20/2003
Status: Expired due to Fees

First Claim

Patent Images

1. An information providing device arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, the information providing device comprising:

a provider association unit configured to associate a plurality of information providers, including first and second information providers the plurality of information providers providing respective user information items, the provider association unit comprising;

a first unit causing the first information provider to receive a first user information item, stored in a first information management unit, in response to a user information receiving request;

a second unit causing the second information provider to receive a second user information item, correlated with the first user information item and stored in a second information management unit, in response to a predetermined identification data; and

a third unit configured to generate an authentication merge ticket including data indicating at least one of an authentication provider name, a term of validity of the ticket, an authentication domain name, and user attributes, the authentication merge ticket being a unified information item generated by combining the first user information item and the second user information item based on the predetermined identification data; and

an interface configured to transmit the authentication merge ticket to a computer remote from the information providing device via a network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an information providing device and method, a plurality of information providers, including first and second information providers, are made to be associated with each other. The first information provider is caused to receive a first user information item, stored in a first information management unit, in response to a user information receiving request. The second information provider is caused to receive a second user information item, correlated with the first user information item and stored in a second information management unit, in response to a predetermined identification data. A unified information item is created by combining the first user information item and the second user information item based on the predetermined identification data is outputted.

Citations

31 Claims

1. An information providing device arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, the information providing device comprising:
- a provider association unit configured to associate a plurality of information providers, including first and second information providers the plurality of information providers providing respective user information items, the provider association unit comprising;
  
  a first unit causing the first information provider to receive a first user information item, stored in a first information management unit, in response to a user information receiving request;
  
  a second unit causing the second information provider to receive a second user information item, correlated with the first user information item and stored in a second information management unit, in response to a predetermined identification data; and
  
  a third unit configured to generate an authentication merge ticket including data indicating at least one of an authentication provider name, a term of validity of the ticket, an authentication domain name, and user attributes, the authentication merge ticket being a unified information item generated by combining the first user information item and the second user information item based on the predetermined identification data; and
  
  an interface configured to transmit the authentication merge ticket to a computer remote from the information providing device via a network.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The information providing device according to claim 1 wherein the user information receiving request contains retrieval conditions specified therein, and the provider association unit causes the first and second information providers to respectively receive the first and second user information items that satisfy the retrieval conditions.
  - 3. The information providing device according to claim 1 wherein the provider association unit is provided to unify the information items received by the first and second information providers for every user.
  - 4. The information providing device according to claim 1 wherein the information providing device further comprises:
    - the first information provider andthe second information provider.
  - 5. The information providing device according to claim 1 wherein the information providing device further comprises:
    - a first-information-provider information management unit managing a first-information-provider identification data which identifies the first information provider from among the plurality of information providers; and
      
      a second-information-provider information management unit managing a second-information-provider identification data which identifies the second information provider from among the plurality of information providers.
  - 6. The information providing device according to claim 1 wherein the information providing device further comprises:
    - a call information management unit in which a plurality of call information items used to call the plurality of information providers respectively are recorded, andthe provider association unit causes the first and second information providers to respectively receive the first and second information items by calling the first and second information providers based on the call information management unit.

7. An information providing method for use in an information providing device which makes a plurality of information providers, including first and second information providers, be associated with each other, the information providing device arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, the information providing method comprising:
- causing the first information provider to receive a first user information item, stored in a first information management unit, in response to a user information receiving request;
  
  causing the second information provider to receive a second user information item when the user information receiving request exceeds a range of validity associated with the first information provider, the second user information item is correlated with the first user information item and stored in a second information management unit, in response to a predetermined identification data;
  
  generating an authentication merge ticket including data indicating at least one of an authentication provider name, a term of validity of the ticket, an authentication domain name, and user attributes, the authentication merge ticket being a unified information item generated by combining the first user information item and the second user information item based on the predetermined identification data; and
  
  transmitting the authentication merge ticket to a computer remote from the information providing device via a network.
- View Dependent Claims (8, 9)
- - 8. The information providing method according to claim 7 wherein the user information receiving request contains retrieval conditions specified therein, and the first and second information providers are caused to respectively receive the first and second user information items that satisfy the retrieval conditions.
  - 9. The information providing method according to claim 7 wherein the information items received by the first and second information providers are unified for every user.

10. A tangible storage medium including computer program instructions for causing an information providing device which makes a plurality of information providers, including first and second information providers, be associated with each other, and which is arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, to perform:
- causing the first information provider to receive a first user information item, stored in a first information management unit, in response to a user information receiving request;
  
  causing the second information provider to receive a second user information item when the user information receiving request exceeds a range of validity associated with the first information provider, the second user information item is correlated with the first user information item and stored in a second information management unit, in response to a predetermined identification data;
  
  generating an authentication merge ticket including data indicating at least one of an authentication provider name, a term of validity of the ticket, an authentication domain name, and user attributes, the authentication merge ticket being a unified information item generated by combining the first user information item and the second user information item based on the predetermined identification data; and
  
  transmitting the authentication merge ticket to a computer remote from the information providing device via a network.
- View Dependent Claims (11)
- - 11. The tangible storage medium including computer program instructions according to claim 10 wherein the user information receiving request contains retrieval conditions specified therein, and the first and second information providers are caused to respectively receive the first and second user information items that satisfy the retrieval conditions.

12. A user authentication device arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, the information providing device comprising:
- a provider association unit which makes a plurality of authentication providers, including first and second authentication providers, be associated with each other, the provider association unit comprising;
  
  a first unit causing the first authentication provider to perform, in response to a first authentication request, a first user authentication based on a first user identification data that is specified in the first authentication request;
  
  a second unit causing the second authentication provider to perform, in response to a second authentication request related to a user approved by the first user authentication, a second user authentication based on a second user identification data that is correlated with the first user identification data; and
  
  a third unit configured to generate an authentication merge ticket including data indicating at least one of a ticket type, an authentication provider name, a term of validity of the ticket, and an authentication domain name, the authentication merge ticket being a unified information item generated by combining the first user identification data and the second user identification data based on a result of the first and second user authentication; and
  
  an interface configured to transmit the authentication merge ticket to a computer remote from the information providing device via a network.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 13. The user authentication device according to claim 12 wherein the user authentication device further comprises:
    - the first authentication provider andthe second authentication provider.
  - 14. The user authentication device according to claim 12 wherein the user authentication device further comprises:
    - a user-identification management unit in which the first user identification data and the second user identification data are correlated to each other and recorded, andthe provider association unit is provided to search for the second user identification data in the user-identification management unit based on the first user identification data.
  - 15. The user authentication device according to claim 12 wherein the provider association unit further comprises:
    - a user-identification management unit in which the first user identification data and the second user identification data are correlated to each other and recorded, andthe provider association unit is provided to search for the second user identification data in the user-identification management unit based on the first user identification data.
  - 16. The user authentication device according to claim 12 wherein the user authentication device further comprises:
    - a first-authentication-provider information management unit managing a first-authentication-provider identification data which identifies the first authentication provider from among the plurality of authentication providers; and
      
      a second-authentication-provider information management unit managing a second-authentication-provider identification data which identifies the second authentication provider from among the plurality of authentication providers.
  - 17. The user authentication device according to claim 12 wherein the user authentication device further comprises:
    - a call information management unit in which a plurality of call information items used to call the plurality of authentication providers respectively are recorded, andthe provider association unit causes the first and second authentication providers to perform the first and second user authentications respectively by calling the first and second authentication providers based on the call information management unit.
  - 18. The user authentication device according to claim 12 wherein the first authentication provider creates a first electronic ticket which certifies approval of the user by the first authentication provider, the second authentication provider creates a second electronic ticket which certifies approval of the user by the second authentication provider, and the user authentication device provides information containing the first electronic ticket, in response to the first authentication request and provides information containing the second electronic ticket, in response to the second authentication request.
  - 19. The user authentication device according to claim 18 wherein the provider association unit creates a merge ticket in which the first electronic ticket and the second electronic ticket are unified, and the user authentication device provides a first merge ticket in which the first electronic ticket is unified, in response to the first authentication request, and provides a second merge ticket in which the second electronic ticket is unified further, in response to the second authentication request.
  - 20. The user authentication device according to claim 19 wherein the user authentication device provides the merge ticket which is encoded.
  - 21. The user authentication device according to claim 19 wherein at least one of the merge ticket, the first electronic ticket, and the second electronic ticket contains a term of validity.
  - 22. The user authentication device according to claim 19 wherein at least one of the merge ticket, the first electronic ticket, and the second electronic ticket contains a code for ticket falsification check.
  - 23. The user authentication device according to claim 12 wherein the first authentication provider is a password authentication provider which performs a password authentication based on a password of the user, and the second authentication provider is a fingerprint authentication provider which performs a fingerprint authentication based on a fingerprint of the user.
  - 24. The user authentication device according to claim 19 wherein the provider association unit causes the first authentication provider to decode the first electronic ticket of the first merge ticket in response to a decode request of the first merge ticket, and causes the second authentication provider to decode the second electronic ticket of the second merge ticket in response to a decode request of the second merge ticket.
  - 25. The user authentication device according to claim 12 wherein the provider association unit is provided with a call function using a remote procedure call of SOAP.

26. A user authentication method for use in a user authentication device which makes a plurality of authentication providers, including first and second authentication providers, be associated with each other, the information providing device arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, the user authentication method comprising:
- causing the first authentication provider to perform, in response to a first authentication request, a first user authentication based on a first user identification data that is specified in the first authentication request;
  
  causing the second authentication provider to perform, in response to a second authentication request related to a user approved by the first user authentication, a second user authentication based on a second user identification data that is correlated with the first user identification data;
  
  generating an authentication merge ticket including data indicating at least one of a ticket type, an authentication provider name, a term of validity of the ticket, and an authentication domain name, the authentication merge ticket being a unified information item generated by combining the first user identification data and the second user identification data based on a result of the first and second user authentication; and
  
  transmitting the authentication merge ticket to a computer remote from the information providing device via a network.
- View Dependent Claims (27, 28, 29)
- - 27. The user authentication method according to claim 26 wherein the second user identification data is searched for in a user-identification management unit, based on the first user identification data, and, in the user-identification management unit, the first user identification data and the second user identification data are correlated to each other and recorded.
  - 28. The user authentication method according to claim 26 wherein the first authentication provider is identified from among the plurality of authentication providers based on a first-authentication-provider identification data managed by a first-authentication-provider information management unit, and the second authentication provider is identified from among the plurality of authentication providers based on a second-authentication-provider identification data managed by a second-authentication-provider information management unit.
  - 29. The user authentication method according to claim 26 wherein the first and second authentication providers are caused to perform the first and second user authentications respectively by calling the first and second authentication providers based on a call information management unit in which a plurality of call information items used to call the plurality of authentication providers respectively are recorded.

30. A tangible storage medium including computer program instructions for causing a user authentication device which makes a plurality of authentication providers, including first and second authentication providers, be associated with each other, and which is arranged in a multi-function peripheral system including multiple image formation applications and a platform, the platform including an OS and at least one control service to control execution of a requested processing according to a function call from one of the image formation applications, to perform:
- causing the first authentication provider to perform, in response to a first authentication request, a first user authentication based on a first user identification data that is specified in the first authentication request;
  
  causing the second authentication provider to perform, in response to a second authentication request related to a user approved by the first user authentication, a second user authentication based on a second user identification data that is correlated with the first user identification data;
  
  generating an authentication merge ticket including data indicating at least one of a ticket type, an authentication provider name, a term of validity of the ticket, and an authentication domain name, the authentication merge ticket being a unified information item generated by combining the first user identification data and the second user identification data based on a result of the first and second user authentication; and
  
  transmitting the authentication merge ticket to a computer remote from the information providing device via a network.
- View Dependent Claims (31)
- - 31. The tangible storage medium including computer program instructions according to claim 30 wherein the second user identification data is searched for in a user-identification management unit, based on the first user identification data, and, in the user-identification management unit, the first user identification data and the second user identification data are correlated to each other and recorded.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Ebata, Jun
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
Moran; Randal D

Application Number

US10/803,896
Publication Number

US 20040187009A1
Time in Patent Office

2,062 Days
Field of Search

713/185, 713/186, 705/50, 705/51
US Class Current

713/185
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

G06F 21/40   by quorum, i.e. whereby two...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 67/02   based on web technology, e....

H04L 67/1001   for accessing one among a p...

H04L 69/329   in the application layer [O...

Information providing device, method, program and recording medium, and user authentication device, method, program and recording medium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Information providing device, method, program and recording medium, and user authentication device, method, program and recording medium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links