Account management system, root-account management apparatus, derived-account management apparatus, and program

US 8,499,147 B2
Filed: 07/10/2009
Issued: 07/30/2013
Est. Priority Date: 09/11/2007
Status: Active Grant

First Claim

Patent Images

1. An account management system including a root-account management apparatus, which manages root-account information for certifying the identity of a user, and a derived-account management apparatus which manages derived-account information generated based on the root-account information, wherein the respective account management apparatuses are configured to communicate with a client apparatus of the user,the root-account management apparatus comprising:

a root-account storage device which stores the root-account information including an initial authentication element field in which initial authentication element information is stored and a derived-account credence element field in which derived-account credence element information is stored;

a root-account key storage device in which a first secret key of the root-account management apparatus and a first public key certificate corresponding to the first secret key are stored;

a survival condition setting device configured to set, in advance, a survival condition including a plurality of validity terms for the derived-account credence element information, wherein the plurality of validity terms allows a validity term of the derived-account credence element information to be set so as to temporarily become invalid;

an initial authentication device configured to authenticate the user of the client apparatus based on the initial authentication element information;

a device configured to generate a first electronic signature based on the first secret key of the root-account management apparatus for credence element identification information, root-account management apparatus identification information, derived-account management apparatus identification information, root-account information reference information, and the survival condition, when an authentication result of the initial authentication device is proper;

a device configured to store, in the derived-account credence element information field, the derived-account credence element information including the credence element identification information, the root-account management apparatus identification information, the derived-account management apparatus identification information, the root-account information reference information, the survival condition, the first electronic signature and the first public key certificate; and

a device configured to transmit the derived-account credence element information inside the root-account storage device to the derived-account management apparatus,the derived-account management apparatus comprising;

a derived-account storage device configured to store the derived-account information including a derived-account credence element field in which the derived-account credence element information is stored and a derived authentication element field in which derived authentication element information is stored;

a device configured to verify the first electronic signature inside the derived-account credence element information based on the first public key certificate inside the relevant derived-account credence element information, upon receiving the derived-account credence element information from the root-account management apparatus;

a device configured to verify whether or not the survival condition inside the derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification;

a device which creates the derived-account information including the derived-account credence element information in the derived-account credence element field and writes the derived-account information in the derived-account storage device when the survival condition is satisfied as a result of the verification;

a derived-account key storage device in which a second secret key of the derived-account management apparatus and a second public key certificate corresponding to the second secret key are stored, the second secret key having a long validity term compared with a validity term of the first public key certificate;

a device configured to acquire biometric information of the user from the client apparatus, and to create a biometric information template from the biometric information;

a device configured to generate a second electronic signature based on the second secret key for the biometric information template;

a device which writes the derived authentication element information including the biometric information template and the second electronic signature in the derived authentication element field of the derived-account information inside the derived-account storage device;

a device configured to verify the first electronic signature inside the relevant derived-account credence element information based on the first public key certificate inside the derived-account credence element information in the derived-account information inside the derived-account storage device, upon receiving an access request to the derived-account information after the derived authentication element is written;

a device configured to verify whether or not the survival condition inside the relevant derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification; and

a device configured to deny the access request and to invalidate the derived-account information when the survival condition is not satisfied as a result of the verification,wherein the survival condition includes an extended survival condition so that, in creating the derived-account information, survival is permitted when approval is obtained from a predetermined third-party apparatus other than the root-account management apparatus.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A root-account management apparatus generates an electronic signature based on a survival condition and a secret key when an authentication result of a user of a client apparatus is proper, and transmits derived-account credence element information including the survival condition, the electronic signature and a public key certificate to a derived-account management apparatus. The derived-account management apparatus creates derived-account information which becomes valid when the survival condition is satisfied so that the derived-account information includes both the derived-account credence element information which becomes invalid when a validity term of the public key certificate expires and a biometric information template of the user which is valid regardless of this validity term. Accordingly, even if an authentication element as a root (public key certificate) becomes invalid, a derived authentication element (biometric information template) can be prevented from becoming invalid.

Citations

5 Claims

1. An account management system including a root-account management apparatus, which manages root-account information for certifying the identity of a user, and a derived-account management apparatus which manages derived-account information generated based on the root-account information, wherein the respective account management apparatuses are configured to communicate with a client apparatus of the user,the root-account management apparatus comprising:
- a root-account storage device which stores the root-account information including an initial authentication element field in which initial authentication element information is stored and a derived-account credence element field in which derived-account credence element information is stored;
  
  a root-account key storage device in which a first secret key of the root-account management apparatus and a first public key certificate corresponding to the first secret key are stored;
  
  a survival condition setting device configured to set, in advance, a survival condition including a plurality of validity terms for the derived-account credence element information, wherein the plurality of validity terms allows a validity term of the derived-account credence element information to be set so as to temporarily become invalid;
  
  an initial authentication device configured to authenticate the user of the client apparatus based on the initial authentication element information;
  
  a device configured to generate a first electronic signature based on the first secret key of the root-account management apparatus for credence element identification information, root-account management apparatus identification information, derived-account management apparatus identification information, root-account information reference information, and the survival condition, when an authentication result of the initial authentication device is proper;
  
  a device configured to store, in the derived-account credence element information field, the derived-account credence element information including the credence element identification information, the root-account management apparatus identification information, the derived-account management apparatus identification information, the root-account information reference information, the survival condition, the first electronic signature and the first public key certificate; and
  
  a device configured to transmit the derived-account credence element information inside the root-account storage device to the derived-account management apparatus,the derived-account management apparatus comprising;
  
  a derived-account storage device configured to store the derived-account information including a derived-account credence element field in which the derived-account credence element information is stored and a derived authentication element field in which derived authentication element information is stored;
  
  a device configured to verify the first electronic signature inside the derived-account credence element information based on the first public key certificate inside the relevant derived-account credence element information, upon receiving the derived-account credence element information from the root-account management apparatus;
  
  a device configured to verify whether or not the survival condition inside the derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification;
  
  a device which creates the derived-account information including the derived-account credence element information in the derived-account credence element field and writes the derived-account information in the derived-account storage device when the survival condition is satisfied as a result of the verification;
  
  a derived-account key storage device in which a second secret key of the derived-account management apparatus and a second public key certificate corresponding to the second secret key are stored, the second secret key having a long validity term compared with a validity term of the first public key certificate;
  
  a device configured to acquire biometric information of the user from the client apparatus, and to create a biometric information template from the biometric information;
  
  a device configured to generate a second electronic signature based on the second secret key for the biometric information template;
  
  a device which writes the derived authentication element information including the biometric information template and the second electronic signature in the derived authentication element field of the derived-account information inside the derived-account storage device;
  
  a device configured to verify the first electronic signature inside the relevant derived-account credence element information based on the first public key certificate inside the derived-account credence element information in the derived-account information inside the derived-account storage device, upon receiving an access request to the derived-account information after the derived authentication element is written;
  
  a device configured to verify whether or not the survival condition inside the relevant derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification; and
  
  a device configured to deny the access request and to invalidate the derived-account information when the survival condition is not satisfied as a result of the verification,wherein the survival condition includes an extended survival condition so that, in creating the derived-account information, survival is permitted when approval is obtained from a predetermined third-party apparatus other than the root-account management apparatus.

2. A root-account management apparatus which can communicate with a derived-account management apparatus, which manages derived-account information generated based on root-account information for certifying the identity of a user and a client apparatus of the user, and manages the root-account information, the root-account management apparatus comprising:
- a root-account storage device which stores the root-account information including an initial authentication element field in which initial authentication element information is stored and a derived-account credence element field in which derived-account credence element information is stored;
  
  a root-account key storage device in which a first secret key of the root-account management apparatus and a first public key certificate corresponding to the first secret key are stored;
  
  a survival condition setting device to set, in advance, a survival condition including a plurality of validity terms for the derived-account credence element information, wherein the plurality of validity terms allows a validity term of the derived-account credence element information to be set so as to temporarily become invalid;
  
  an initial authentication device configured to authenticate the user of the client apparatus based on the initial authentication element information;
  
  a device configured to generate a first electronic signature based on the first secret key of the root-account management apparatus for credence element identification information, root-account management apparatus identification information, derived-account management apparatus identification information, root-account information reference information, and the survival condition, when an authentication result of the initial authentication device is proper;
  
  a device configured to store, in the derived-account credence element information field, the derived-account credence element information including the credence element identification information, the root-account management apparatus identification information, the derived-account management apparatus identification information, the root-account information reference information, the survival condition, the first electronic signature and the first public key certificate; and
  
  a device configured to transmit the derived-account credence element information inside the root-account storage device to the derived-account management apparatus,the root-account management apparatus enabling the derived-account management apparatus to create the derived-account information, which becomes valid when the survival condition is satisfied so that the derived-account information includes both the derived-account credence element information, which becomes invalid when a validity term of the public key certificate expires, and a biometric information template of the user which is valid regardless of the validity term,wherein the survival condition includes an extended survival condition so that, in creating the derived-account information, survival is permitted when approval is obtained from a predetermined third-party apparatus other than the root-account management apparatus.

3. A derived-account management apparatus, which can communicate with a root-account management apparatus which manages root-account information for certifying the identity of a user, and a client apparatus of the user, and manages derived-account information generated based on the root-account information, the derived-account management apparatus comprising:
- a receiving device configured to receive, from the root-account management apparatus, derived-account credence element information including credence element identification information, root-account management apparatus identification information, derived-account management apparatus identification information, root-account information reference information, a survival condition including a plurality of validity terms, wherein the plurality of validity terms allows a validity term of the derived-account credence element information to be set so as to temporarily become invalid, a first electronic signature, and a first public key certificate corresponding to a first secret key, when the root-account management apparatus transmits the derived-account credence element information by the relevant root-account management apparatus generating the first electronic signature based on the first secret key of the root-account management apparatus for the credence element identification information, the root-account management apparatus identification information, the derived-account management apparatus identification information, the root-account information reference information, and the survival condition when a result of authentication of the user based on initial authentication element information inside the root-account information in the root-account management apparatus is proper;
  
  a derived-account storage device configured to store the derived-account information including a derived-account credence element field in which the derived-account credence element information is stored and a derived authentication element field in which derived authentication element information is stored;
  
  a device configured to verify the first electronic signature inside the derived-account credence element information based on the first public key certificate inside the derived-account credence element information, upon receiving the derived-account credence element information from the root-account management apparatus;
  
  a device configured to verify whether or not the survival condition inside the derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification;
  
  a device which creates the derived-account information including the derived-account credence element information in the derived-account credence element field, and writes the derived-account information in the derived-account storage device when the survival condition is satisfied as a result of the verification;
  
  a derived-account key storage device in which a second secret key of the derived-account management apparatus and a second public key certificate corresponding to the second secret key are stored, the second secret key having a long validity term compared with a validity term of the first public key certificate;
  
  a device configured to acquire biometric information of the user from the client apparatus, and to create a biometric information template from this biometric information;
  
  a device configured to generate a second electronic signature based on the second secret key for the biometric information template;
  
  a device which writes the derived authentication element information including the biometric information template and the second electronic signature in the derived authentication element field of the derived-account information inside the derived-account storage device;
  
  a device configured to verify the first electronic signature inside the relevant derived-account credence element information based on the first public key certificate inside the derived-account credence element information in the derived-account information inside the derived-account storage device, upon receiving an access request to the derived-account information after the derived authentication element is written;
  
  a device configured to verify whether or not the survival condition inside the relevant derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification; and
  
  a device configured to deny the access request and to invalidate the derived-account information when the survival condition is not satisfied as a result of the verification,wherein the survival condition includes an extended survival condition so that, in creating the derived-account information, survival is permitted when approval is obtained from a predetermined third-party apparatus other than the root-account management apparatus.

4. A non-transitory computer-readable storage medium storing a program for use in a root-account management apparatus, which can communicate with a derived-account management apparatus which manages derived-account information generated based on root-account information for certifying the identity of a user and a client apparatus of the user, and manages the root-account information, the program comprising:
- a program code which causes the root-account management apparatus to sequentially perform processing of writing, in a root-account storage device of the root-account management apparatus, the root-account information including an initial authentication element field in which initial authentication element information is stored and a derived-account credence element field in which derived-account credence element information is stored;
  
  a program code which causes the root-account management apparatus to sequentially perform processing of writing, in a root-account key storage device of the computer, a first secret key of the root-account management apparatus and a first public key certificate corresponding to the first secret key;
  
  a program code which causes the root-account management apparatus to sequentially perform survival condition setting processing for setting a survival condition including a plurality of validity terms for the derived-account credence element information in advance, wherein the plurality of validity terms allows a validity term of the derived-account credence element information to be set so as to temporarily become invalid;
  
  a program code which causes the root-account management apparatus to sequentially perform initial authentication processing of authenticating the user of the client apparatus based on the initial authentication element information;
  
  a program code which causes the root-account management apparatus to sequentially perform processing of generating a first electronic signature based on the first secret key of the root-account management apparatus for credence element identification information, root-account management apparatus identification information, derived-account management apparatus identification information, root-account information reference information, and the survival condition, when an authentication result of the initial authentication device is proper;
  
  a program code which causes the root-account management apparatus to sequentially perform processing of storing, in the derived-account credence element information field, the derived-account credence element information including the credence element identification information, the root-account management apparatus identification information, the derived-account management apparatus identification information, the root-account information reference information, the survival condition, the first electronic signature and the first public key certificate; and
  
  a program code which causes the root-account management apparatus to sequentially perform processing of transmitting the derived-account credence element information inside the root-account storage device to the derived-account management apparatus,wherein the program enables the derived-account management apparatus to create the derived-account information which becomes valid when the survival condition is satisfied so that the derived-account information includes both the derived-account credence element information which becomes invalid when a validity term of the public key certificate expires, and a biometric information template of the user which is valid regardless of the validity term, wherein the survival condition includes an extended survival condition so that, in creating the derived-account information, survival is permitted when approval is obtained from a predetermined third-party apparatus other than the root-account management apparatus.

5. A non-transitory computer-readable storage medium storing a program for use in a derived-account management apparatus, which can communicate with a root-account management apparatus which manages root-account information for certifying the identity of a user and a client apparatus of the user, and manages derived-account information generated based on the root-account information, the program comprising:
- a program code which causes the derived-account management apparatus to sequentially perform receiving processing of receiving, from the root-account management apparatus, derived-account credence element information including credence element identification information, root-account management apparatus identification information, derived-account management apparatus identification information, root-account information reference information, a survival condition including a plurality of validity terms, wherein the plurality of validity terms allows a validity term of the derived-account credence element information to be set so as to temporarily become invalid, a first electronic signature, and a first public key certificate corresponding to a first secret key, when the root-account management apparatus transmits the derived-account credence element information by the relevant root-account management apparatus generating the first electronic signature based on the first secret key of the root-account management apparatus for the credence element identification information, the root-account management apparatus identification information, the derived-account management apparatus identification information, the root-account information reference information, and the survival condition when a result of authentication of the user based on initial authentication element information inside the root-account information in the root-account management apparatus is proper;
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of verifying the first electronic signature inside the derived-account credence element information based on the first public key certificate inside the derived-account credence element information, upon receiving the derived-account credence element information from the root-account management apparatus;
  
  a program code which causes the derived-account management apparatus to sequentially perform verifying whether or not the survival condition inside the derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification;
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of creating the derived-account information including the derived-account credence element information in the derived-account credence element field and writing the derived-account information in a derived-account storage device when the survival condition is satisfied as a result of the verification;
  
  a program code which causes the derived-account management apparatus to store a second secret key of the derived-account management apparatus and a second public key certificate corresponding to the second secret key, the second secret key having a long validity term compared with a validity term of the first public key certificate;
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of acquiring biometric information of the user from the client apparatus, and creating a biometric information template from this biometric information;
  
  a program code which causes the derived-account management apparatus to generate a second electronic signature based on the second secret key for the biometric information template;
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of writing derived authentication element information including the biometric information template and the second electronic signature in a derived authentication element field of the derived-account information inside the derived-account storage device;
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of verifying the first electronic signature inside the relevant derived-account credence element information based on the first public key certificate inside the derived-account credence element information in the derived-account information inside the derived-account storage device, upon receiving an access request to the derived-account information after the derived authentication element is written;
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of verifying whether or not the survival condition inside the relevant derived-account credence element information is satisfied when the first electronic signature is proper as a result of the verification; and
  
  a program code which causes the derived-account management apparatus to sequentially perform processing of denying the access request and invalidating the derived-account information when the survival condition is not satisfied as a result of the verification,wherein the survival condition includes an extended survival condition so that, in creating the derived-account information, survival is permitted when approval is obtained from a predetermined third-party apparatus other than the root-account management apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Toshiba Solutions Corporation (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation), Toshiba Solutions Corporation (Toshiba Corporation)
Inventors
Ikeda, Tatsuro, Okada, Koji, Morijiri, Tomoaki, Nishizawa, Minoru, Takamizawa, Hidehisa, Fujii, Yoshihiro, Yamada, Asahiko
Primary Examiner(s)
Zee, Edward
Assistant Examiner(s)
GYORFI, THOMAS A

Application Number

US12/501,169
Publication Number

US 20090327706A1
Time in Patent Office

1,481 Days
Field of Search

713155-157, 726/2, 726/5, 726/18, 726/19
US Class Current

713/155
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Account management system, root-account management apparatus, derived-account management apparatus, and program

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

Account management system, root-account management apparatus, derived-account management apparatus, and program

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links