Authentication system for terminal identification information

US 8,949,593 B2
Filed: 02/11/2011
Issued: 02/03/2015
Est. Priority Date: 02/12/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A transmission system, comprising:

a management system that manages communication between a plurality of transmission terminals;

the plurality of transmission terminals each to log in to the transmission system to communicate with a counterpart transmission terminal; and

an authentication system that authenticates at least one of the transmission terminals before the transmission terminal logs in the transmission system, wherein;

the management system includes;

a first memory that stores terminal identification information of each one of the plurality of transmission terminals each capable of establishing communication with a counterpart communication terminal via the management system; and

a communication manager that manages the communication between the plurality of transmission terminals based on the terminal identification information stored in the first memory, andthe plurality of transmission terminals each includes;

a second memory that stores a terminal private key assigned to the transmission terminal;

a first encryption processor that encrypts terminal identification information of the transmission terminal using the terminal private key stored in the second memory to generate encrypted terminal identification information; and

a first transmitter the transmits the encrypted terminal identification information and the terminal identification information of the transmission terminal to the authentication system, andthe authentication system includes;

a third memory that stores the terminal identification information stored in the memory of the management system, and terminal public keys respectively corresponding to terminal private keys stored in the second memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other;

a receiver that receives the encrypted terminal identification information and the terminal identification information, from the transmission terminal;

a key extractor that obtains a terminal public key that corresponds to the terminal identification information received from the transmission terminal, from the third memory, the terminal public key being a public key of the transmission terminal to be authenticated by the authentication system;

a first decryption processor that decrypts the encrypted terminal identification information using the terminal public key extracted by the key extractor to obtain decrypted identification information;

a determiner that determines whether the decrypted terminal identification information obtained by the first decryption processor matches the terminal identification information received from the transmission terminal; and

a second transmitter that transmits login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information does not match the terminal identification information,wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in the management system based on the received login information to establish communication with the counterpart transmission terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system receives encrypted terminal identification information and terminal identification information, from a transmission terminal, and determines whether decrypted identification information decrypted using a terminal public key obtained by the authentication system matches the terminal identification information received from the transmission terminal.

18 Citations

10 Claims

1. A transmission system, comprising:
- a management system that manages communication between a plurality of transmission terminals;
  
  the plurality of transmission terminals each to log in to the transmission system to communicate with a counterpart transmission terminal; and
  
  an authentication system that authenticates at least one of the transmission terminals before the transmission terminal logs in the transmission system, wherein;
  
  the management system includes;
  
  a first memory that stores terminal identification information of each one of the plurality of transmission terminals each capable of establishing communication with a counterpart communication terminal via the management system; and
  
  a communication manager that manages the communication between the plurality of transmission terminals based on the terminal identification information stored in the first memory, andthe plurality of transmission terminals each includes;
  
  a second memory that stores a terminal private key assigned to the transmission terminal;
  
  a first encryption processor that encrypts terminal identification information of the transmission terminal using the terminal private key stored in the second memory to generate encrypted terminal identification information; and
  
  a first transmitter the transmits the encrypted terminal identification information and the terminal identification information of the transmission terminal to the authentication system, andthe authentication system includes;
  
  a third memory that stores the terminal identification information stored in the memory of the management system, and terminal public keys respectively corresponding to terminal private keys stored in the second memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other;
  
  a receiver that receives the encrypted terminal identification information and the terminal identification information, from the transmission terminal;
  
  a key extractor that obtains a terminal public key that corresponds to the terminal identification information received from the transmission terminal, from the third memory, the terminal public key being a public key of the transmission terminal to be authenticated by the authentication system;
  
  a first decryption processor that decrypts the encrypted terminal identification information using the terminal public key extracted by the key extractor to obtain decrypted identification information;
  
  a determiner that determines whether the decrypted terminal identification information obtained by the first decryption processor matches the terminal identification information received from the transmission terminal; and
  
  a second transmitter that transmits login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information does not match the terminal identification information,wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in the management system based on the received login information to establish communication with the counterpart transmission terminal.
- View Dependent Claims (2, 3)
- - 2. The transmission system of claim 1, wherein:
    - the transmission terminal further includes a second encryption processor that encrypts information containing the encrypted terminal identification information and the terminal identification information, using a system public key assigned to the authentication system, in order to generate encrypted information containing the encrypted terminal identification information and the terminal identification information, the transmitter transmits the encrypted information containing the encrypted terminal identification information and the terminal identification information,the authentication system further includes a second decryption processor that decrypts the encrypted information containing the encrypted terminal identification information and the terminal identification information, using a system private key that is paired with the system public key, in order to obtain the encrypted terminal identification information and the terminal identification information, andthe determiner determines whether the decrypted identification information obtained by the first decryption processor matches the terminal identification information obtained by the second decryption processor in order to generate the determination result.
  - 3. The transmission system of claim 1, wherein the authentication system further includes:
    - a login data extractor that obtains login identification information of the transmission terminal that corresponds to the terminal identification information, wherein the login information includes the login identification information obtained by the login data extractor.

4. An authentication apparatus for authenticating a transmission terminal before the transmission terminal logs in to a transmission system which includes a management system, the apparatus comprising:
- a memory that stores terminal identification information stored in a memory of the management system, and terminal public keys respectively corresponding to terminal private keys stored in a memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other;
  
  a receiver that receives encrypted terminal identification information and terminal identification information from the transmission terminal, wherein the encrypted terminal identification information is encrypted with a terminal private key assigned to the transmission terminal;
  
  a key extractor that obtains a terminal public key that corresponds to the terminal identification information received from the transmission terminal, from the memory;
  
  a first decryption processor that decrypts the encrypted identification information using the terminal public key to obtain decrypted identification information;
  
  a determiner that determines whether the decrypted identification information obtained by the first decryption processor matches the terminal identification information received from the transmission terminal; and
  
  a transmitter that transmits login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determiner determines that the decrypted terminal identification information does not match the terminal identification information,wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in the management system based on the received login information to establish communication with the counterpart transmission terminal.
- View Dependent Claims (5, 6)
- - 5. The authentication apparatus of claim 4, further comprising:
    - a second decryption processor that;
      
      receives encrypted information containing the encrypted terminal identification information and the terminal identification information from the transmission terminal via the receive unit; and
      
      decrypts the encrypted information containing the encrypted terminal identification information and the terminal identification information, using a system private key that is paired with the system public key, in order to obtain the encrypted terminal identification information and the terminal identification information, wherein the determiner determines whether the decrypted identification information obtained by the first decryption processor matches the terminal identification information obtained by the second decryption processor in order to generate the determination result.
  - 6. The authentication apparatus of claim 4, further comprising:
    - a login data extractor that obtains login identification information of the transmission terminal that corresponds to the terminal identification information, wherein the login information includes the login identification information obtained by the login data extractor.

7. A non-transitory computer readable recording medium which stores a plurality of instructions which, when executed, cause a processor to perform a method of authenticating a transmission terminal before the transmission terminal logs in a transmission system, the method comprising:
- encrypting terminal identification information of the transmission terminal using a terminal private key assigned to the transmission terminal to generate encrypted terminal identification information;
  
  transmitting the encrypted terminal identification information and the terminal identification information from the transmission terminal to an authentication system;
  
  obtaining, by the authentication system from a memory of the authentication system which stores the terminal identification information which is also stored in a memory of a management system, and terminal public keys respectively corresponding to terminal private keys stored in a memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other, the terminal public key that corresponds to the terminal identification information transmitted from the transmission terminal based on the terminal identification information, the terminal public key being a public key of the transmission terminal to be authenticated;
  
  decrypting, at the authentication system, the encrypted identification information using the terminal public key to obtain decrypted identification information;
  
  determining whether the decrypted identification information obtained by the authentication system matches the terminal identification information transmitted from the transmission terminal; and
  
  transmitting login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information does not match the terminal identification information, wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in to the management system based on the received login information to establish communication with a counterpart transmission terminal.
- View Dependent Claims (8)
- - 8. The non-transitory computer readable medium of claim 7, wherein the method further comprises:
    - encrypting information containing the encrypted terminal identification information and the terminal identification information, using a system public key assigned to the authentication system, in order to generate encrypted information containing the encrypted terminal identification information and the terminal identification information;
      
      transmitting the encrypted information containing the encrypted terminal identification information and the terminal identification information from the transmission terminal in order to the authentication system; and
      
      decrypting, at the authentication system, the encrypted information containing the encrypted terminal identification information and the terminal identification information, using a system private key that is paired with the system public key, in order to obtain the encrypted terminal identification information and the terminal identification.

9. A method, implemented by an authentication apparatus, for authenticating a transmission terminal before the transmission terminal logs in a transmission system, the method comprising:
- receiving encrypted terminal identification information and terminal identification information from the transmission terminal, wherein the encrypted terminal identification information is encrypted with a terminal private key assigned to the transmission terminal;
  
  obtaining from a memory of the authentication apparatus which stores the terminal identification information which is also stored in a memory of a management system, and terminal public keys respectively corresponding to terminal private keys stored in a memory of the transmission terminal, the terminal public key identified by the terminal identification information, in association with each other, the terminal public key that corresponds to the terminal identification information received from the transmission terminal based on the terminal identification information, the terminal public key being a public key of the transmission terminal to be authenticated;
  
  decrypting, using a decryption processor of the authentication apparatus, the encrypted identification information using the terminal public key to obtain decrypted identification information;
  
  determining whether the decrypted identification information obtained by the decryption processor matches the terminal identification information received from the transmission terminal to generate a determination result in order to authenticate the transmission terminal; and
  
  transmitting login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information matches the terminal identification information, and not to transmit login information to be used for logging in to the management system to the transmission terminal when the determining determines that the decrypted identification information does not match the terminal identification information, wherein when the transmission terminal receives the login information from the authentication system, the transmission terminal logs in to the management system based on the received login information to establish communication with a counterpart transmission terminal.
- View Dependent Claims (10)
- - 10. The method of claim 9, further comprising:
    - receiving encrypted information containing the encrypted terminal identification information and the terminal identification information from the transmission terminal;
      
      second decrypting the encrypted information containing the encrypted terminal identification information and the terminal identification information, using a system private key that is paired with the system public key, in order to obtain the encrypted terminal identification information and the terminal identification information; and
      
      determining whether the decrypted identification information obtained by the decrypting matches the terminal identification information obtained by the second decrypting in order to generate the determination result.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Nakagawa, Masaki, Volmat, Alain, Asai, Takahiro
Primary Examiner(s)
Lewis, Lisa
Assistant Examiner(s)
Torres-Diaz, Lizbeth

Application Number

US13/025,486
Publication Number

US 20110202757A1
Time in Patent Office

1,453 Days
Field of Search

713/155, 713/161
US Class Current

713/153
CPC Class Codes

G06F 21/33   using certificates

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 9/0897   involving additional device...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

Authentication system for terminal identification information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

18 Citations

10 Claims

Specification

Use Cases

Quick Links

Others

Authentication system for terminal identification information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

10 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others