Authentication system for terminal identification information
First Claim
Patent Images
1. A transmission system, comprising:
- a management system that manages communication between a plurality of transmission terminals;
the plurality of transmission terminals each to log in to the transmission system to communicate with a counterpart transmission terminal; and
an authentication system that authenticates at least one of the transmission terminals before the transmission terminal logs in the transmission system, wherein;
the management system includes;
a first memory that stores terminal identification information of each one of the plurality of transmission terminals each capable of establishing communication with a counterpart communication terminal via the management system; and
a communication manager that manages the communication between the plurality of transmission terminals based on the terminal identification information stored in the first memory, andthe plurality of transmission terminals each includes;
a second memory that stores a terminal private key assigned to the transmission terminal;
a first encryption processor that encrypts terminal identification information of the transmission terminal using the terminal private key stored in the second memory to generate encrypted terminal identification information; and
a first transmitter the transmits the encrypted terminal identification information and the terminal identification information of the transmission terminal to the authentication system, andthe authentication system includes;
a third memory that stores the terminal identification information stored in the memory of the management system, and terminal public keys respectively corresponding to terminal private keys stored in the second memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other;
a receiver that receives the encrypted terminal identification information and the terminal identification information, from the transmission terminal;
a key extractor that obtains a terminal public key that corresponds to the terminal identification information received from the transmission terminal, from the third memory, the terminal public key being a public key of the transmission terminal to be authenticated by the authentication system;
a first decryption processor that decrypts the encrypted terminal identification information using the terminal public key extracted by the key extractor to obtain decrypted identification information;
a determiner that determines whether the decrypted terminal identification information obtained by the first decryption processor matches the terminal identification information received from the transmission terminal; and
a second transmitter that transmits login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information does not match the terminal identification information,wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in the management system based on the received login information to establish communication with the counterpart transmission terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication system receives encrypted terminal identification information and terminal identification information, from a transmission terminal, and determines whether decrypted identification information decrypted using a terminal public key obtained by the authentication system matches the terminal identification information received from the transmission terminal.
18 Citations
10 Claims
-
1. A transmission system, comprising:
-
a management system that manages communication between a plurality of transmission terminals; the plurality of transmission terminals each to log in to the transmission system to communicate with a counterpart transmission terminal; and an authentication system that authenticates at least one of the transmission terminals before the transmission terminal logs in the transmission system, wherein; the management system includes; a first memory that stores terminal identification information of each one of the plurality of transmission terminals each capable of establishing communication with a counterpart communication terminal via the management system; and a communication manager that manages the communication between the plurality of transmission terminals based on the terminal identification information stored in the first memory, and the plurality of transmission terminals each includes; a second memory that stores a terminal private key assigned to the transmission terminal; a first encryption processor that encrypts terminal identification information of the transmission terminal using the terminal private key stored in the second memory to generate encrypted terminal identification information; and a first transmitter the transmits the encrypted terminal identification information and the terminal identification information of the transmission terminal to the authentication system, and the authentication system includes; a third memory that stores the terminal identification information stored in the memory of the management system, and terminal public keys respectively corresponding to terminal private keys stored in the second memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other; a receiver that receives the encrypted terminal identification information and the terminal identification information, from the transmission terminal; a key extractor that obtains a terminal public key that corresponds to the terminal identification information received from the transmission terminal, from the third memory, the terminal public key being a public key of the transmission terminal to be authenticated by the authentication system; a first decryption processor that decrypts the encrypted terminal identification information using the terminal public key extracted by the key extractor to obtain decrypted identification information; a determiner that determines whether the decrypted terminal identification information obtained by the first decryption processor matches the terminal identification information received from the transmission terminal; and a second transmitter that transmits login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information does not match the terminal identification information, wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in the management system based on the received login information to establish communication with the counterpart transmission terminal. - View Dependent Claims (2, 3)
-
-
4. An authentication apparatus for authenticating a transmission terminal before the transmission terminal logs in to a transmission system which includes a management system, the apparatus comprising:
-
a memory that stores terminal identification information stored in a memory of the management system, and terminal public keys respectively corresponding to terminal private keys stored in a memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other; a receiver that receives encrypted terminal identification information and terminal identification information from the transmission terminal, wherein the encrypted terminal identification information is encrypted with a terminal private key assigned to the transmission terminal; a key extractor that obtains a terminal public key that corresponds to the terminal identification information received from the transmission terminal, from the memory; a first decryption processor that decrypts the encrypted identification information using the terminal public key to obtain decrypted identification information; a determiner that determines whether the decrypted identification information obtained by the first decryption processor matches the terminal identification information received from the transmission terminal; and a transmitter that transmits login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information does not match the terminal identification information, wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in the management system based on the received login information to establish communication with the counterpart transmission terminal. - View Dependent Claims (5, 6)
-
-
7. A non-transitory computer readable recording medium which stores a plurality of instructions which, when executed, cause a processor to perform a method of authenticating a transmission terminal before the transmission terminal logs in a transmission system, the method comprising:
-
encrypting terminal identification information of the transmission terminal using a terminal private key assigned to the transmission terminal to generate encrypted terminal identification information; transmitting the encrypted terminal identification information and the terminal identification information from the transmission terminal to an authentication system; obtaining, by the authentication system from a memory of the authentication system which stores the terminal identification information which is also stored in a memory of a management system, and terminal public keys respectively corresponding to terminal private keys stored in a memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other, the terminal public key that corresponds to the terminal identification information transmitted from the transmission terminal based on the terminal identification information, the terminal public key being a public key of the transmission terminal to be authenticated; decrypting, at the authentication system, the encrypted identification information using the terminal public key to obtain decrypted identification information; determining whether the decrypted identification information obtained by the authentication system matches the terminal identification information transmitted from the transmission terminal; and transmitting login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information does not match the terminal identification information, wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in to the management system based on the received login information to establish communication with a counterpart transmission terminal. - View Dependent Claims (8)
-
-
9. A method, implemented by an authentication apparatus, for authenticating a transmission terminal before the transmission terminal logs in a transmission system, the method comprising:
-
receiving encrypted terminal identification information and terminal identification information from the transmission terminal, wherein the encrypted terminal identification information is encrypted with a terminal private key assigned to the transmission terminal; obtaining from a memory of the authentication apparatus which stores the terminal identification information which is also stored in a memory of a management system, and terminal public keys respectively corresponding to terminal private keys stored in a memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other, the terminal public key that corresponds to the terminal identification information received from the transmission terminal based on the terminal identification information, the terminal public key being a public key of the transmission terminal to be authenticated; decrypting, using a decryption processor of the authentication apparatus, the encrypted identification information using the terminal public key to obtain decrypted identification information; determining whether the decrypted identification information obtained by the decryption processor matches the terminal identification information received from the transmission terminal to generate a determination result in order to authenticate the transmission terminal; and transmitting login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information does not match the terminal identification information, wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in to the management system based on the received login information to establish communication with a counterpart transmission terminal. - View Dependent Claims (10)
-
Specification