Authentication system, authentication server, and sub-authentication server
First Claim
1. An authentication system, comprising:
- an authentication server comprising a memory that stores authentication information to be used for authentication and a processor coupled to the memory of the authentication server;
a plurality of sub-authentication server comprising a memory and a processor coupled to the memory of the sub-authentication server;
a terminal comprising a memory and a processor coupled to the memory of the terminal, anda management terminal comprising a memory and a processor coupled to the memory, whereinthe processor of the authentication server executes a process comprisingverifying, when receiving an authentication request which is to request to authenticate biometric information of a user using the terminal, the authentication information to authenticate the transmission origin of the authentication request using the authentication information for each sub-authentication server, when receiving the authentication request,selecting the sub-authentication server where a degree of similarity calculated as a verification result becomes a predetermined threshold value or less, andtransmitting authentication information used to authenticate a transmission origin of the authentication request, to selected one of the plurality of sub-authentication server,the processor of the authentication server and/or the processor of the sub-authentication server executes a process comprising transmitting identification information to identify the sub-authentication server to which the authentication information is transmitted by the authentication server, to the terminal that transmits the authentication request,the memory of the terminalstores identification information to identify a transmission destination of the authentication request;
the processor of the terminal executes a process comprisingtransmitting the authentication request to a transmission destination identified with the identification information stored by the memory of the terminal; and
updating the identification information stored in the memory of the terminal using the identification information, when receiving the identification information, andthe memory of the sub-authentication serverstores the authentication information transmitted from the authentication server to the sub-authentication server,the processor of the sub-authentication server executes a process comprising authenticating the transmission origin of the authentication request using the authentication information stored in the memory of the sub-authentication server, when receiving the authentication request, andthe processor of the authentication server and/or the management terminal further executes a process comprisingdeleting a part of the authentication information stored by the memory of the sub-authentication server with respect to the sub-authentication server where the frequency of performing the authentication is high as compared with the other sub-authentication servers,storing the authentication information deleted in the memory of the sub-authentication server;
with respect to the sub-authentication server where the frequency of performing the authentication is low as compared with the other sub-authentication servers, andtransmitting identification information to identify the sub-authentication server becoming the storage destination where the authentication information is stored, to the transmission origin authenticated using the authentication information deleted.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication server transmits authentication information used to authenticate the transmission origin of an authentication request, to a sub-authentication server, when receiving the authentication request. The authentication server transmits identification information to identify the sub-authentication server to which the authentication information is transmitted, to a terminal. The terminal includes a transmission destination storage unit that stores identification information to identify the transmission destination of the authentication request and transmits the authentication request to the transmission destination identified with the identification information stored by the transmission destination storage unit. The terminal updates the identification information using the identification information, when receiving the identification information. The sub-authentication server includes an authentication information storage unit that stores the authentication information transmitted from the authentication server to the sub-authentication server, and authenticates the transmission origin of the authentication request using the stored authentication information, when receiving the authentication request.
-
Citations
13 Claims
-
1. An authentication system, comprising:
-
an authentication server comprising a memory that stores authentication information to be used for authentication and a processor coupled to the memory of the authentication server; a plurality of sub-authentication server comprising a memory and a processor coupled to the memory of the sub-authentication server; a terminal comprising a memory and a processor coupled to the memory of the terminal, and a management terminal comprising a memory and a processor coupled to the memory, wherein the processor of the authentication server executes a process comprising verifying, when receiving an authentication request which is to request to authenticate biometric information of a user using the terminal, the authentication information to authenticate the transmission origin of the authentication request using the authentication information for each sub-authentication server, when receiving the authentication request, selecting the sub-authentication server where a degree of similarity calculated as a verification result becomes a predetermined threshold value or less, and transmitting authentication information used to authenticate a transmission origin of the authentication request, to selected one of the plurality of sub-authentication server, the processor of the authentication server and/or the processor of the sub-authentication server executes a process comprising transmitting identification information to identify the sub-authentication server to which the authentication information is transmitted by the authentication server, to the terminal that transmits the authentication request, the memory of the terminal stores identification information to identify a transmission destination of the authentication request; the processor of the terminal executes a process comprising transmitting the authentication request to a transmission destination identified with the identification information stored by the memory of the terminal; and updating the identification information stored in the memory of the terminal using the identification information, when receiving the identification information, and the memory of the sub-authentication server stores the authentication information transmitted from the authentication server to the sub-authentication server, the processor of the sub-authentication server executes a process comprising authenticating the transmission origin of the authentication request using the authentication information stored in the memory of the sub-authentication server, when receiving the authentication request, and the processor of the authentication server and/or the management terminal further executes a process comprising deleting a part of the authentication information stored by the memory of the sub-authentication server with respect to the sub-authentication server where the frequency of performing the authentication is high as compared with the other sub-authentication servers, storing the authentication information deleted in the memory of the sub-authentication server;
with respect to the sub-authentication server where the frequency of performing the authentication is low as compared with the other sub-authentication servers, andtransmitting identification information to identify the sub-authentication server becoming the storage destination where the authentication information is stored, to the transmission origin authenticated using the authentication information deleted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An authentication server, comprising:
-
a memory that stores authentication information to be used for authentication; and a processor coupled to the memory, wherein the processor executes a process comprising; verifying, when receiving an authentication request which is to request to authenticate biometric information of a user using the terminal, the authentication information to authenticate the transmission origin of the authentication request using the authentication information for each sub-authentication server, when receiving the authentication request; selecting the sub-authentication server where a degree of similarity calculated as a verification result becomes a predetermined threshold value or less; transmitting the authentication information used to authenticate a transmission origin of an authentication request, to one of a plurality of sub-authentication server, when receiving the authentication request; transmitting identification information to identify the sub-authentication server to which the authentication information is transmitted, to a terminal, the terminal transmitting the authentication request to a transmission destination identified with the identification information, being the transmission origin of the received authentication request, and updating the identification information stored in a memory of the terminal using the identification information transmitted when receiving the identification information; deleting a part of the authentication information stored by the memory of the sub-authentication server with respect to the sub-authentication server where the frequency of performing the authentication is high as compared with the other sub-authentication servers; storing the authentication information deleted in the memory of the sub-authentication server;
with respect to the sub-authentication server where the frequency of performing the authentication is low as compared with the other sub-authentication servers; andtransmitting identification information to identify the sub-authentication server becoming the storage destination where the authentication information is stored, to the transmission origin authenticated using the authentication information deleted.
-
-
13. An authentication method comprising:
-
verifying, when receiving an authentication request which is to request to authenticate biometric information of a user using a terminal, the authentication information to authenticate the transmission origin of the authentication request using the authentication information for each sub-authentication server, when receiving the authentication request; selecting the sub-authentication server where a degree of similarity calculated as a verification result becomes a predetermined threshold value or less, transmitting authentication information used to authenticate a transmission origin of the authentication request to selected one of the plurality of sub-authentication server; transmitting identification information to identify the sub-authentication server to which the authentication information is transmitted to the terminal that transmits the authentication request; transmitting the authentication request to a transmission destination identified with the identification information stored by a transmission destination storage unit; updating the identification information stored in the transmission destination storage unit using the transmitted identification information, when receiving the identification information; authenticating the transmission origin of the authentication request using the transmitted authentication information transmitted, when receiving the authentication request; deleting a part of the authentication information stored by the memory of the sub-authentication server with respect to the sub-authentication server where the frequency of performing the authentication is high as compared with the other sub-authentication servers; storing the authentication information deleted in the memory of the sub-authentication server;
with respect to the sub-authentication server where the frequency of performing the authentication is low as compared with the other sub-authentication servers; andtransmitting identification information to identify the sub-authentication server becoming the storage destination where the authentication information is stored, to the transmission origin authenticated using the authentication information deleted.
-
Specification