INFORMATION PROCESSING APPARATUS, METHOD OF MUTUAL AUTHENTICATION, MUTUAL AUTHENTICATION PROGRAM, AND STORAGE MEDIUM
First Claim
1. An information processing apparatus connected to a counterpart apparatus via a communication network, the information processing apparatus and the counterpart apparatus supporting data communications using mutual authentication using a certificate file, the information processing apparatus comprising:
- a certificate management unit to encrypt and decrypt the certificate file using a security key;
a verification information obtaining unit to obtain verification information of the information processing apparatus, the verification information enabling identification of the information processing apparatus as a unique physical entity; and
a security key generation unit to generate the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining unit, the verification information being used as source data.
1 Assignment
0 Petitions
Accused Products
Abstract
An information processing apparatus and a counterpart apparatus supporting data communications are devised. The information processing apparatus is connected to the counterpart apparatus via a communication network. The information processing apparatus and the counterpart apparatus supporting data communications use mutual authentication using a certificate file. The information processing apparatus includes a certificate management unit, a verification information obtaining unit, and a security key generation unit. The certificate management unit encrypts and decrypts the certificate file using a security key. The verification information obtaining unit obtains verification information of the information processing apparatus. The verification information enables identification of the information processing apparatus as a unique physical entity. The security key generation unit generates the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining unit. The verification information is used as source data.
28 Citations
12 Claims
-
1. An information processing apparatus connected to a counterpart apparatus via a communication network, the information processing apparatus and the counterpart apparatus supporting data communications using mutual authentication using a certificate file, the information processing apparatus comprising:
-
a certificate management unit to encrypt and decrypt the certificate file using a security key; a verification information obtaining unit to obtain verification information of the information processing apparatus, the verification information enabling identification of the information processing apparatus as a unique physical entity; and a security key generation unit to generate the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining unit, the verification information being used as source data. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of mutual authentication between an information processing apparatus and a counterpart apparatus connected to each other via a communication network, the information processing apparatus and the counterpart apparatus supporting data communications using mutual authentication using a certificate file, the method comprising:
-
a certificate management step of encrypting and decrypting the certificate file using a security key; a verification information obtaining step of obtaining verification information of the information processing apparatus, the verification information enabling identification of the information processing apparatus as a unique physical entity; and a security key generation step of generating the security key by conducting a non-reversible transformation of the verification information obtained by the verification information obtaining step, the verification information being used as source data. - View Dependent Claims (7, 8)
-
-
9. An information processing system comprising:
-
one or more information processing apparatuses, having apparatus type/serial number information, including a communication unit that can transmit a digital certificate updating request with the apparatus type/serial number information, the one or more information processing apparatuses disposable in the information processing system and each of the information processing apparatuses having unique apparatus type/serial number information; one or more certificate authorities to issue a digital certificate, the one or more of the certificate authorities disposable in the information processing system and each of the certificate authorities having unique access destination information; and one or more management apparatuses for monitoring the one or more information processing apparatuses, the one or more management apparatuses storing map information correlating the apparatus type/serial number information of the one or more information processing apparatuses and the access destination information of the one or more certificate authorities for each of the information processing apparatuses and each of the certificate authorities, the one or more management apparatuses disposable in the information processing system and each of the management apparatuses having unique access destination information, the information processing apparatus including an updating unit to update digital certificate information and corresponding access destination information of management apparatus stored in the information processing apparatus, wherein one of the one or more information processing apparatuses is monitored by a first management apparatus having a first access destination information and uses a first digital certificate issued by a first certificate authority for secure communications, the first management apparatus and the first certificate authority being set to use together, when the information processing apparatus issues a digital certificate issue request to the first management apparatus to request an issuance of a second digital certificate for the information processing apparatus, the information processing apparatus receives the second digital certificate, issued by a second certificate authority, and second access destination information, set for a second management apparatus, via the first management apparatus when the digital certificate issue request is correctly executed by the first management apparatus and the second certificate authority, the second management apparatus and the second certificate authority being set to use together, and the updating unit of the information processing apparatus updates the first digital certificate and the first access destination information of the first management apparatus stored in the information processing apparatus to the second digital certificate and the second access destination information of the second management apparatus. - View Dependent Claims (10, 11, 12)
-
Specification