INFORMATION PROCESSING APPARATUS, METHOD OF MUTUAL AUTHENTICATION, MUTUAL AUTHENTICATION PROGRAM, AND STORAGE MEDIUM

US 20100235640A1
Filed: 03/12/2010
Published: 09/16/2010
Est. Priority Date: 03/16/2009
Status: Abandoned Application

First Claim

Patent Images

1. An information processing apparatus connected to a counterpart apparatus via a communication network, the information processing apparatus and the counterpart apparatus supporting data communications using mutual authentication using a certificate file, the information processing apparatus comprising:

a certificate management unit to encrypt and decrypt the certificate file using a security key;

a verification information obtaining unit to obtain verification information of the information processing apparatus, the verification information enabling identification of the information processing apparatus as a unique physical entity; and

a security key generation unit to generate the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining unit, the verification information being used as source data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing apparatus and a counterpart apparatus supporting data communications are devised. The information processing apparatus is connected to the counterpart apparatus via a communication network. The information processing apparatus and the counterpart apparatus supporting data communications use mutual authentication using a certificate file. The information processing apparatus includes a certificate management unit, a verification information obtaining unit, and a security key generation unit. The certificate management unit encrypts and decrypts the certificate file using a security key. The verification information obtaining unit obtains verification information of the information processing apparatus. The verification information enables identification of the information processing apparatus as a unique physical entity. The security key generation unit generates the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining unit. The verification information is used as source data.

28 Citations

View as Search Results

12 Claims

1. An information processing apparatus connected to a counterpart apparatus via a communication network, the information processing apparatus and the counterpart apparatus supporting data communications using mutual authentication using a certificate file, the information processing apparatus comprising:
- a certificate management unit to encrypt and decrypt the certificate file using a security key;
  
  a verification information obtaining unit to obtain verification information of the information processing apparatus, the verification information enabling identification of the information processing apparatus as a unique physical entity; and
  
  a security key generation unit to generate the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining unit, the verification information being used as source data.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The information processing apparatus according to claim 1, wherein the verification information obtaining unit obtains as the verification information at least one of a media access control (MAC) address of the information processing apparatus in the communication network and a serial number of a device disposed in the information processing apparatus.
  - 3. The information processing apparatus according to claim 1, further comprising a common password obtaining unit to obtain a common password useable with the counterpart apparatus,wherein the security key generation unit generates the security key using the common password obtained by the common password obtaining unit and the verification information obtained by the verification information obtaining unit as the source data.
  - 4. The information processing apparatus according to claim 1, further comprising a storage unit to store the security key generated by the security key generation unit,wherein the certificate management unit requests the security key generation unit to generate a security key when the certificate file is encrypted or decrypted using the security key, and the certificate management unit requests the security key generation unit to cancel the security key when either the encoding or decoding using the security key is completed,the security key generation unit generates the security key on the storage unit when the certificate management unit requests the security key, and the security key generation unit deletes the security key generated on the storage unit when the certificate management unit requests cancellation of the security key.
  - 5. The information processing apparatus according to claim 1, wherein the information processing apparatus is connected to and monitors a plurality of apparatuses via a local network and is connected to a network provided with a management server that manages the monitored apparatuses,the information processing apparatus collects management information from the monitored apparatuses via the local network, the collected management information useable for managing the monitored apparatuses, andthe information processing apparatus identifies the management server as the counterpart apparatus and transmits the management information to the management server using mutual authentication.

6. A method of mutual authentication between an information processing apparatus and a counterpart apparatus connected to each other via a communication network, the information processing apparatus and the counterpart apparatus supporting data communications using mutual authentication using a certificate file, the method comprising:
- a certificate management step of encrypting and decrypting the certificate file using a security key;
  
  a verification information obtaining step of obtaining verification information of the information processing apparatus, the verification information enabling identification of the information processing apparatus as a unique physical entity; and
  
  a security key generation step of generating the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining step, the verification information being used as source data.
- View Dependent Claims (7, 8)
- - 7. The method of mutual authentication according to claim 6, further comprising a common password obtaining step of obtaining a common password useable with the counterpart apparatus,wherein the security key generation step generates the security key using the common password obtained in the common password obtaining step and the verification information obtained in the verification information obtaining step as the source data.
  - 8. The method of mutual authentication according to claim 6, wherein the certificate management step requests the security key generation step to generate a security key when the certificate file is encrypted or decrypted using the security key, and the certificate management step requests the security key generation step to cancel the security key when either the encrypting or decrypting using the security key is completed,the security key generation step generates the security on a storage unit of the information processing apparatus when the step of certificate management requests the security key, and the security key generation step deletes the security key generated on the storage unit when the step of certificate management requests to cancel the security key.

9. An information processing system comprising:
- one or more information processing apparatuses, having apparatus type/serial number information, including a communication unit that can transmit a digital certificate updating request with the apparatus type/serial number information, the one or more information processing apparatuses disposable in the information processing system and each of the information processing apparatuses having unique apparatus type/serial number information;
  
  one or more certificate authorities to issue a digital certificate, the one or more of the certificate authorities disposable in the information processing system and each of the certificate authorities having unique access destination information; and
  
  one or more management apparatuses for monitoring the one or more information processing apparatuses, the one or more management apparatuses storing map information correlating the apparatus type/serial number information of the one or more information processing apparatuses and the access destination information of the one or more certificate authorities for each of the information processing apparatuses and each of the certificate authorities, the one or more management apparatuses disposable in the information processing system and each of the management apparatuses having unique access destination information,the information processing apparatus including an updating unit to update digital certificate information and corresponding access destination information of management apparatus stored in the information processing apparatus,wherein one of the one or more information processing apparatuses is monitored by a first management apparatus having a first access destination information and uses a first digital certificate issued by a first certificate authority for secure communications, the first management apparatus and the first certificate authority being set to use together,when the information processing apparatus issues a digital certificate issue request to the first management apparatus to request an issuance of a second digital certificate for the information processing apparatus,the information processing apparatus receives the second digital certificate, issued by a second certificate authority, and second access destination information, set for a second management apparatus, via the first management apparatus when the digital certificate issue request is correctly executed by the first management apparatus and the second certificate authority, the second management apparatus and the second certificate authority being set to use together, andthe updating unit of the information processing apparatus updates the first digital certificate and the first access destination information of the first management apparatus stored in the information processing apparatus to the second digital certificate and the second access destination information of the second management apparatus.
- View Dependent Claims (10, 11, 12)
- - 10. The information processing system according to claim 9, wherein the information processing apparatus includes a transmission unit to transmit a map information updating request and updating contents for the map information of management apparatus, andthe management apparatus includes a revising unit to revise the map information stored in the management apparatus based on the updating contents for the map information received with the map information updating request from the information processing apparatus.
  - 11. The information processing system according to claim 10, wherein the information processing apparatus further includes:
    - a storage unit to store security level information set for the image processing apparatus and the management apparatus;
      
      a security level changing unit to change the security level information; and
      
      a transmission unit to transmit a map information updating request to the management apparatus based on changes in the security level information.
  - 12. The information processing system according to claim 9, wherein the management apparatus include a map information changing unit to change map information stored in the management apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Satoh, Jun

Application Number

US12/722,977
Publication Number

US 20100235640A1
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/0861   Generation of secret inform...

H04L 9/0891   Revocation or update of sec...

H04L 9/3263   involving certificates, e.g...

INFORMATION PROCESSING APPARATUS, METHOD OF MUTUAL AUTHENTICATION, MUTUAL AUTHENTICATION PROGRAM, AND STORAGE MEDIUM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

INFORMATION PROCESSING APPARATUS, METHOD OF MUTUAL AUTHENTICATION, MUTUAL AUTHENTICATION PROGRAM, AND STORAGE MEDIUM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others