Information processing system and authentication method

US 9,331,999 B2
Filed: 01/07/2015
Issued: 05/03/2016
Est. Priority Date: 01/15/2014
Status: Active Grant

First Claim

Patent Images

1. An information processing system including at least one information processing apparatus, the information processing system comprising:

a first authentication function unit that issues first authentication information which is necessary to perform an authentication collaboration function between the information processing system and an external service provided outside the information processing system and indicates that an authentication is completed by a first authentication function;

an administration unit that issues second authentication information which is necessary to use an internal service provided inside the information processing system and indicates that the authentication is completed by a second authentication function and performs, when a collaboration authentication request using the second authentication information is received from an external apparatus and when the received second authentication information is authorized, the collaboration authentication request for the first authentication function and sends the collaboration authentication response from the first authentication function to the external apparatus;

an authentication function using unit that acquires the first authentication information by performing the authentication using the first authentication function based on the collaboration authentication request for first authentication function requested from the administration unit and sends the collaboration authentication response received from the first authentication function by requesting the collaboration authentication request to the first authentication function unit using the first authentication information; and

a proxy unit that receives a request from the external apparatus to the internal service using the second authentication information before the internal service receive the request and controls the external apparatus so that the external apparatus displays a screen for performing the authentication using the second authentication function when the second authentication information is not authorized.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing system includes a first authentication function unit that issues first authentication information which is necessary to perform an authentication collaboration function between the information processing system and an external service and indicates that an authentication is completed by a first authentication function; an administration unit that issues second authentication information which is necessary to use an internal service and indicates that the authentication is completed by a second authentication function and performs, when a collaboration authentication request using the second authentication information is received from an external apparatus and if the received second authentication information is authorized, the collaboration authentication request for the first authentication function and sends the collaboration authentication response from the first authentication function to the external apparatus; and an authentication function using unit that acquires the first authentication information by performing the authentication using the first authentication function.

Citations

9 Claims

1. An information processing system including at least one information processing apparatus, the information processing system comprising:
- a first authentication function unit that issues first authentication information which is necessary to perform an authentication collaboration function between the information processing system and an external service provided outside the information processing system and indicates that an authentication is completed by a first authentication function;
  
  an administration unit that issues second authentication information which is necessary to use an internal service provided inside the information processing system and indicates that the authentication is completed by a second authentication function and performs, when a collaboration authentication request using the second authentication information is received from an external apparatus and when the received second authentication information is authorized, the collaboration authentication request for the first authentication function and sends the collaboration authentication response from the first authentication function to the external apparatus;
  
  an authentication function using unit that acquires the first authentication information by performing the authentication using the first authentication function based on the collaboration authentication request for first authentication function requested from the administration unit and sends the collaboration authentication response received from the first authentication function by requesting the collaboration authentication request to the first authentication function unit using the first authentication information; and
  
  a proxy unit that receives a request from the external apparatus to the internal service using the second authentication information before the internal service receive the request and controls the external apparatus so that the external apparatus displays a screen for performing the authentication using the second authentication function when the second authentication information is not authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The information processing system according to claim 1,wherein the authentication function using unit acquires the first authentication information by performing the authentication using the first authentication function, which is one first authentication function selected from a plurality of first authentication functions, based on the collaboration authentication request for the first authentication function,performs the collaboration authentication request to the selected one first authentication function using the first authentication information, andsends the collaboration authentication response received from the first authentication function to the administration unit.
  - 3. The information processing system according to claim 1,wherein the authentication function using unit deletes the first authentication information after performing the collaboration authentication request to the first authentication function unit using the first authentication information and receiving the collaboration authentication response from the first authentication function.
  - 4. The information processing system according to claim 1,wherein the administration unit stores information related to the second authentication information in a memory unit when the second authentication function issues the second authentication information and determines whether the second authentication information is authorized using the information related to the second authentication information stored in the memory unit.
  - 5. The information processing system according to claim 4,wherein the information related to the second authentication information used to determine whether the second authentication information is at least one of an issue data or an upper limit value.
  - 6. The information processing system according to claim 1,wherein the administration unit causes the external apparatus to display a screen for performing the authentication using the second authentication function when the authorized second authentication information is not included in the collaboration authentication request received from the external apparatus.
  - 7. The information processing system according to claim 1, the information processing system further comprising:
    - a distribution unit that distributes the collaboration authentication request from the authentication function using unit to the redundant first authentication function using the first authentication information.
  - 8. The information processing system according to claim 7,wherein the distribution unit sends the first authentication function acquired by performing the authentication and identification information uniquely identifying the first authentication function from the first authentication information and the redundant first authentication function to the authentication function using unit and distributes the collaboration authentication request received from the authentication function using unit using the first authentication information based on identification information identifying the first authentication function.

9. An authentication method performed by an information processing system including at least one information processing apparatus, the information processing system uses first authentication information which is necessary to perform an authentication collaboration function between the information processing system and an external service provided outside the information processing system and indicates that an authentication is completed by a first authentication function, and second authentication information which is necessary to use an internal service provided inside the information processing system and indicates that the authentication is completed by a second authentication function, the authentication method comprising:
- issuing the second authentication information;
  
  performing, by a processor, when a collaboration authentication request using the second authentication information is received from an external apparatus and if the received second authentication information is authorized, the collaboration authentication request for the first authentication function and sends a collaboration authentication response from the first authentication function to the external apparatus;
  
  acquiring the first authentication information by performing the authentication using the first authentication function based on the collaboration authentication request for the first authentication function and requesting the collaboration authentication request to the first authentication function unit using the first authentication information;
  
  sending the collaboration authentication response received from the first authentication function the external apparatus; and
  
  receiving, by a proxy unit, a request from the external apparatus to the internal service using the second authentication information before the internal service receive the request and controlling the external apparatus so that the external apparatus displays a screen for performing the authentication using the second authentication function when the second authentication information is not authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Fukuda, Yasuharu
Primary Examiner(s)
Patel, Haresh N

Application Number

US14/591,233
Publication Number

US 20150200926A1
Time in Patent Office

482 Days
Field of Search

726/5, 726/10
US Class Current

1/1
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/41   where a single sign-on prov...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

Information processing system and authentication method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Information processing system and authentication method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links