Communication apparatus, communication system, certificate transmission method, anomaly detection method and a program therefor
First Claim
1. A communication apparatus for communicating with a destination apparatus via a network, the communication apparatus comprising:
- a memory unit configured to memorize a plurality of certificates including a first certificate and a second certificate;
a first authentication unit configured to authenticate said destination apparatus, when communicating with said destination apparatus, by using the first certificate that contains an identification information received from said destination apparatus and uniquely identifies said destination apparatus;
a second authentication unit configured to carry out authentication of said destination apparatus, when said authentication by said first authentication unit has failed, by using the second certificate not containing an identification information received from said destination apparatus, the identification information uniquely identifying said destination apparatus; and
a transmission unit configured to transmit, when authentication by said second authentication unit has been successful, a certification update request requesting updating of said first certificate and a certificate for updating said first certificate to said destination apparatus, whereinauthentication of the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, andauthentication of the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus.
0 Assignments
0 Petitions
Accused Products
Abstract
A communication apparatus has a communication part and authenticates a communication partner by using a digital certificate. The communication apparatus includes an authentication part carrying out authentication of the communication partner by using a common certificate. The common certificate is a digital certificate not including identification information of an apparatus. An individualized certificate transmission part acquires, in the case the authentication by the authentication part has been made successfully, an individualized certificate and transmits the individualized certificate to the communication partner. The individualized certificate is a digital certificate including identification information of the communication partner.
46 Citations
16 Claims
-
1. A communication apparatus for communicating with a destination apparatus via a network, the communication apparatus comprising:
-
a memory unit configured to memorize a plurality of certificates including a first certificate and a second certificate; a first authentication unit configured to authenticate said destination apparatus, when communicating with said destination apparatus, by using the first certificate that contains an identification information received from said destination apparatus and uniquely identifies said destination apparatus; a second authentication unit configured to carry out authentication of said destination apparatus, when said authentication by said first authentication unit has failed, by using the second certificate not containing an identification information received from said destination apparatus, the identification information uniquely identifying said destination apparatus; and a transmission unit configured to transmit, when authentication by said second authentication unit has been successful, a certification update request requesting updating of said first certificate and a certificate for updating said first certificate to said destination apparatus, wherein authentication of the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, and authentication of the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus. - View Dependent Claims (2, 3)
-
-
4. A communication apparatus for communicating with a destination apparatus via a network, comprising:
-
a memory unit configured to memorize a first certificate containing identification information uniquely identifying said communication apparatus and a second certificate not containing the identification information uniquely identifying said communication apparatus; a first transmission unit configured to transmit, when communicating with said destination apparatus, said first certificate to said destination apparatus; a second transmission unit configured to transmit, when said authentication in said destination apparatus by using said first certificate transmitted by said first transmission unit has failed, said second certificate to said destination apparatus; and an updating unit receiving, when said authentication in said destination apparatus by using said second certificate transmitted by said second transmission unit has been successful, a certificate update request requesting update of said first certificate and a certificate for updating said first certificate from said destination apparatus and updating said first certificate memorized in said memory unit to said received certificate, wherein authentication in the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, and authentication in the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus. - View Dependent Claims (5, 6, 7)
-
-
8. A communication system including a superordinate unit and a subordinate unit, said superordinate unit and said subordinate unit communicating with each other via a network, wherein:
-
said subordinate unit is provided with a memory unit for memorizing a first certificate containing identification information uniquely identifying said subordinate unit and a second certificate not containing the identification information uniquely identifying said subordinate unit, a first transmission unit configured to transmit, when communicating with said superordinate unit, said first certificate to said superordinate unit, a second transmission unit configured to transmit, when authentication in said superordinate unit by using said first certificate transmitted by said first transmission unit has failed, said second certificate to said superordinate unit, and an updating unit configured to receive, when authentication in said superordinate unit by using said second certificate transmitted by said second transmission unit has been successful, a certificate update request requesting update of said first certificate and a certificate for updating said first certificate from said superordinate unit and update said first certificate memorized in said memory unit to said received certificate; and said superordinate unit is provided with a memory unit configured to memorize a plurality of certificates including the first certificate and the second certificate, a first authentication unit configured to, authenticate, when communicating with said subordinate unit, said subordinate unit by using said first certificate received from said subordinate unit, a second authentication unit configured to authenticate, when authentication by said first authentication unit has failed, said subordinate unit by using said second certificate received from said subordinate unit, and a transmission unit configured to transmit, when authentication by said second authentication unit has been successful, the certification update request requesting update of said first certificate and the certificate for updating said first certificate to said subordinate unit, wherein authentication of the subordinate unit is performed by using the first certificate when accepting a request from the superordinate unit, and authentication of the subordinate unit is performed by using the second certificate when accepting a request for updating the first certificate from the superordinate unit. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A communication method for communicating with a destination apparatus via a network, comprising:
-
memorizing in a memory unit a plurality of certificates including a first certificate and a second certificate; a first authentication step of authenticating said destination apparatus, when communicating with said destination apparatus, by using the first certificate that contains an identification information received from said destination apparatus for uniquely identifying said destination apparatus; a second authentication step of carrying out authentication, when authentication by said first authentication step has failed, of said destination apparatus by using the second certificate not containing an identification information received from said destination apparatus, the identification information uniquely identifying said destination apparatus; and a transmission step of transmitting, when authentication by said second authentication step has been successful, a certification update request requesting update of said first certificate and a certificate for updating said first certificate to said destination apparatus wherein authentication of the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, and authentication of the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus.
-
-
14. A communication method for causing a communication apparatus communicating with a destination apparatus via a network, said communication apparatus having a memory unit for memorizing a first certificate containing identification information uniquely identifying said communication apparatus and a second certificate not containing the identification information uniquely identifying said communication apparatus, to perform:
-
a first transmission step of transmitting, when communicating with said destination apparatus, said first certificate to said destination apparatus; a second transmission step of transmitting, when authentication in said destination apparatus by using said first certificate that said first transmission step has transmitted has failed, said second certificate to said destination apparatus; and an updating step of receiving, when authentication in said destination apparatus by using said second certificate transmitted by said second transmission step has been successful, the certificate update request requesting update of said first certificate and the certificate for updating said first certificate from said destination apparatus and updating said first certificate memorized in said memory unit to said received certificate, wherein authentication in the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, and authentication in the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus.
-
-
15. A non-transitory processor-readable medium recorded with program code, which when executed by a computer controlling a communication apparatus communicating with a destination apparatus via a network, causes the computer to perform:
-
memorizing in a memory unit a plurality of certificates including a first certificate and a second certificate; a first authentication step of authenticating said destination apparatus, when communicating with said destination apparatus, by using the first certificate that contains an identification information received from said destination apparatus for uniquely identifying said destination apparatus; a second authentication step of carrying out authentication, when authentication by said first authentication step has failed, of said destination apparatus by using the second certificate not containing an identification information received from said destination apparatus, the identification information uniquely identifying said destination apparatus; and a transmission step of transmitting, when authentication by said second authentication step has been successful, a certification update request requesting update of said first certificate and a certificate for updating said first certificate to said destination apparatus, wherein authentication of the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, and authentication of the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus.
-
-
16. A non-transitory processor-readable medium recorded with program code, which when executed by a computer controlling a communication apparatus communicating with a destination apparatus via a network, said communication apparatus having a memory unit for memorizing a first certificate containing identification information uniquely identifying said communication apparatus and a second certificate not containing the identification information uniquely identifying said communication apparatus, causes the computer to perform:
-
a first transmission step of transmitting, when communicating with said destination apparatus, said first certificate to said destination apparatus; a second transmission step of transmitting, when authentication in said destination apparatus by using said first certificate that said first transmission step has transmitted has failed, said second certificate to said destination apparatus; and an updating step of receiving, when authentication in said destination apparatus by using said second certificate transmitted by said second transmission step has been successful, the certificate update request requesting update of said first certificate and the certificate for updating said first certificate from said destination apparatus and updating said first certificate memorized in said memory unit to said received certificate, wherein authentication in the destination apparatus is performed by using the first certificate when accepting a request from the destination apparatus, and authentication in the destination apparatus is performed by using the second certificate when accepting a request for updating the first certificate from the destination apparatus.
-
Specification