Device authentication apparatus device authentication method information processing apparatus information processing method and computer program

US 7,752,289 B2
Filed: 08/29/2003
Issued: 07/06/2010
Est. Priority Date: 09/02/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A device authentication system comprising:

a first device provided on the client side of a client/server system; and

a second device provided on the server side of the client/server system,wherein said first device comprisesa registration requesting unit configured to iteratively, at a predetermine time interval, send a request for registering a MAC address specific to the first device in response to a registration requesting operation of a user;

said second device comprisesa temporary memory configured to temporarily store the MAC address, when a registration request having the same MAC address is received a plurality of times or for one time within a predetermined time after a first confirmation operation of the user is performed;

a registration confirmation unit configured to send a registration confirmation to the first device having the MAC address stored in said temporary memory in response to a second confirmation operation of the user;

said first device further comprisesa registration confirmation responding unit configured to receive said registration confirmation so as to instruct said registration requesting unit to stop the iterative sending, and also to send back a registration confirmation response to the second device which has sent the registration confirmation;

said second device further comprisesan authentication and registration unit configured to authenticate and register the MAC address which is temporarily stored in said temporary memory in response to a third confirmation operation of the user, which is performed after said registration confirmation response is received, andsaid second device rejects access from a client corresponding to the first device having a MAC address other than the MAC address which is authenticated and registered in the second device itself, and instructs the server not to respond at all to the client.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and a method capable of efficiently and accurately constructing an access control configuration having high security are realized. Only the MAC address of a controller (client) 351 authorized by a user is authenticated and registered in a MAC address table of a device 352, and the device 352 performs MAC address filtering for permitting access by the controller 351 (client) which is authenticated and registered in the MAC address table. Furthermore, by making a registration completion notification and by performing version adjustment, a reliable access control configuration is constructed. The device authentication apparatus 350 avoids access from an unauthorized party which is not authenticated and registered, and makes the presence of a server not known to the controller which attempts to illegally perform device authentication. Therefore, access control with high security is realized.

58 Citations

View as Search Results

6 Claims

1. A device authentication system comprising:
- a first device provided on the client side of a client/server system; and
  
  a second device provided on the server side of the client/server system,wherein said first device comprisesa registration requesting unit configured to iteratively, at a predetermine time interval, send a request for registering a MAC address specific to the first device in response to a registration requesting operation of a user;
  
  said second device comprisesa temporary memory configured to temporarily store the MAC address, when a registration request having the same MAC address is received a plurality of times or for one time within a predetermined time after a first confirmation operation of the user is performed;
  
  a registration confirmation unit configured to send a registration confirmation to the first device having the MAC address stored in said temporary memory in response to a second confirmation operation of the user;
  
  said first device further comprisesa registration confirmation responding unit configured to receive said registration confirmation so as to instruct said registration requesting unit to stop the iterative sending, and also to send back a registration confirmation response to the second device which has sent the registration confirmation;
  
  said second device further comprisesan authentication and registration unit configured to authenticate and register the MAC address which is temporarily stored in said temporary memory in response to a third confirmation operation of the user, which is performed after said registration confirmation response is received, andsaid second device rejects access from a client corresponding to the first device having a MAC address other than the MAC address which is authenticated and registered in the second device itself, and instructs the server not to respond at all to the client.
- View Dependent Claims (2)
- - 2. A device authentication system according to claim 1, wherein, when said second device receives a plurality of conflicting registration requests having different MAC addresses, said second device does not temporarily store those conflicting MAC addresses and stops the device authentication by ignoring the registration request from the first device having a conflicting MAC address.

3. A device authentication method comprising:
- a first process performed on the client side of a client/server system; and
  
  a second process performed on the server side of the client/server system,wherein said first process comprisesa registration requesting step of iteratively, at a predetermined time interval, sending, on a network, a request for registering a MAC address specific to the client in response to a registration requesting operation of a user;
  
  said second process comprisesa temporary storing step of temporarily storing the MAC address, when a registration request having the same MAC address is received a plurality of times within a predetermined time after a first confirmation operation of the user is performed;
  
  a registration confirmation step of sending to the client side a registration confirmation performed at the client having the MAC address stored in said temporary storing step in response to a second confirmation operation of the user;
  
  said first process further comprisesa registration confirmation responding step of receiving said registration confirmation so as to instruct said registration requesting step to stop the iterative sending, and also for sending back a registration confirmation response to the server which has sent the registration confirmation;
  
  said second process further comprisesan authentication and registration step of authenticating and registering the MAC address which is temporarily stored in said temporary storing step in response to a third confirmation operation of the user, which is performed after said registration confirmation response is received, and said second process rejects access from a client having a MAC address other than the MAC address which is authenticated and registered in the server itself, and instructs the server not to respond at all to the client.
- View Dependent Claims (4)
- - 4. A device authentication method according to claim 3, wherein said second process does not temporarily store conflicting MAC addresses when a plurality of conflicting registration requests having a different MAC address are received, and stops device authentication by ignoring the registration request from the first process performed on the client side having a conflicting MAC address.

5. A recording medium in which a computer-readable program configured to make a computer perform a device authentication method is recorded, said device authentication method comprising:
- a first process executed on the client side of a client/server system; and
  
  a second process executed on the server side of the client/server system,wherein said first process comprises a registration requesting step of iteratively, at a predetermined time interval, sending, on a network, a request for registering a MAC address specific to the client in response to a registration requesting operation of a user;
  
  said second process comprisesa temporary storing step of temporarily storing the MAC address, when a registration request having the same MAC address is received a plurality of times within a predetermined time after a first confirmation operation of the user is performed;
  
  a registration confirmation step of sending a registration confirmation to the first process executed at the client having the MAC address stored in said temporary storing step in response to a second confirmation operation of the user;
  
  said first process comprisesa registration confirmation responding step of receiving said registration confirmation so as to instruct said registration requesting step to stop the iterative sending, and also for sending back a registration confirmation response to the second process which has sent the registration confirmation;
  
  said second process further comprisesan authentication and registration step of authenticating and registering the MAC address which is temporarily stored in said temporary storing step in response to a third confirmation operation of the user, which is performed after said registration confirmation response is received, and said second program rejects access from a client having a MAC address other than the MAC address which is authenticated and registered in the server itself, and instructs the server not to respond at all to the client.
- View Dependent Claims (6)
- - 6. A recording medium according to claim 5 in which a computer-readable program configured to make a computer perform a device authentication method is recorded, wherein, when a plurality of conflicting registration requests having a different MAC address are received, said second method does not temporarily store those conflicting MAC addresses, and stops the device authentication by ignoring the registration request from the first process executed on the client side having the conflicting MAC address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Hamada, Masaaki, Igarashi, Tatsuya, Sakoh, Noriyuki, Takaku, Yoshiyuki, Morita, Takehiko, Kikkawa, Norifumi, Kobori, Yoichi
Primary Examiner(s)
Nawaz; Asad M

Application Number

US10/491,890
Publication Number

US 20050021786A1
Time in Patent Office

2,503 Days
Field of Search

709202-211, 709217-238, 709245-249
US Class Current

709/222
CPC Class Codes

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 61/00   Network arrangements, proto...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/0876   based on the identity of th...

H04L 67/51   Discovery or management the...

Device authentication apparatus device authentication method information processing apparatus information processing method and computer program

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

58 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Device authentication apparatus device authentication method information processing apparatus information processing method and computer program

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links