CN102893575B - 借助于ipsec和ike第1版认证的一次性密码 - Google Patents

借助于ipsec和ike第1版认证的一次性密码 Download PDF

Info

Publication number
CN102893575B
CN102893575B CN201180023577.9A CN201180023577A CN102893575B CN 102893575 B CN102893575 B CN 102893575B CN 201180023577 A CN201180023577 A CN 201180023577A CN 102893575 B CN102893575 B CN 102893575B
Authority
CN
China
Prior art keywords
client
communication
time password
network
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201180023577.9A
Other languages
English (en)
Chinese (zh)
Other versions
CN102893575A (zh
Inventor
A·埃亚勒
B·伯恩斯坦
A·巴-阿南
N·韦雷德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp, Microsoft Technology Licensing LLC filed Critical Microsoft Corp
Publication of CN102893575A publication Critical patent/CN102893575A/zh
Application granted granted Critical
Publication of CN102893575B publication Critical patent/CN102893575B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
CN201180023577.9A 2010-05-13 2011-04-27 借助于ipsec和ike第1版认证的一次性密码 Active CN102893575B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/779,457 US8799649B2 (en) 2010-05-13 2010-05-13 One time passwords with IPsec and IKE version 1 authentication
US12/779,457 2010-05-13
PCT/US2011/034188 WO2011142971A2 (en) 2010-05-13 2011-04-27 One time passwords with ipsec and ike version 1 authentication

Publications (2)

Publication Number Publication Date
CN102893575A CN102893575A (zh) 2013-01-23
CN102893575B true CN102893575B (zh) 2015-08-26

Family

ID=44912769

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201180023577.9A Active CN102893575B (zh) 2010-05-13 2011-04-27 借助于ipsec和ike第1版认证的一次性密码

Country Status (7)

Country Link
US (1) US8799649B2 (enExample)
EP (1) EP2569897B1 (enExample)
JP (1) JP5827680B2 (enExample)
CN (1) CN102893575B (enExample)
AU (1) AU2011253346B2 (enExample)
CA (1) CA2798024C (enExample)
WO (1) WO2011142971A2 (enExample)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8856509B2 (en) * 2010-08-10 2014-10-07 Motorola Mobility Llc System and method for cognizant transport layer security (CTLS)
US8595806B1 (en) * 2010-09-21 2013-11-26 Amazon Technologies, Inc. Techniques for providing remote computing services
US8843741B2 (en) * 2012-10-26 2014-09-23 Cloudpath Networks, Inc. System and method for providing a certificate for network access
US9325697B2 (en) 2013-01-31 2016-04-26 Hewlett Packard Enterprise Development Lp Provisioning and managing certificates for accessing secure services in network
CN103428203B (zh) * 2013-07-24 2016-06-29 福建星网锐捷网络有限公司 接入访问控制方法及设备
KR20150015793A (ko) * 2013-08-01 2015-02-11 삼성전자주식회사 화상형성장치 및 화상형성장치의 사용자 인증 방법
US10985921B1 (en) 2019-11-05 2021-04-20 Capital One Services, Llc Systems and methods for out-of-band authenticity verification of mobile applications
KR102558364B1 (ko) * 2021-03-18 2023-07-20 주식회사 케이티 5g lan 서비스 제공 방법
CN115002057B (zh) * 2022-05-26 2024-04-12 威艾特科技(深圳)有限公司 一种分布式多服务端即时通信方法

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101495956A (zh) * 2005-08-11 2009-07-29 晟碟以色列有限公司 扩展一次性密码方法和装置

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11282804A (ja) * 1998-03-31 1999-10-15 Secom Joho System Kk ユーザ認証機能付き通信システム及びユーザ認証方法
US20020138728A1 (en) 2000-03-07 2002-09-26 Alex Parfenov Method and system for unified login and authentication
US7113996B2 (en) 2000-07-21 2006-09-26 Sandy Craig Kronenberg Method and system for secured transport and storage of data on a network
US6931529B2 (en) * 2001-01-05 2005-08-16 International Business Machines Corporation Establishing consistent, end-to-end protection for a user datagram
US7209479B2 (en) * 2001-01-18 2007-04-24 Science Application International Corp. Third party VPN certification
US20030208695A1 (en) * 2002-05-01 2003-11-06 Ronald Soto Method and system for controlled, centrally authenticated remote access
US7421732B2 (en) 2003-05-05 2008-09-02 Nokia Corporation System, apparatus, and method for providing generic internet protocol authentication
US20070008924A1 (en) * 2004-01-15 2007-01-11 Padraig Moran Device to facilitate the deployment of mobile virtual private networks for medium/large corporate networks
US20060059346A1 (en) * 2004-09-14 2006-03-16 Andrew Sherman Authentication with expiring binding digital certificates
US7836306B2 (en) * 2005-06-29 2010-11-16 Microsoft Corporation Establishing secure mutual trust using an insecure password
US20080034216A1 (en) * 2006-08-03 2008-02-07 Eric Chun Wah Law Mutual authentication and secure channel establishment between two parties using consecutive one-time passwords
US20090025080A1 (en) 2006-09-27 2009-01-22 Craig Lund System and method for authenticating a client to a server via an ipsec vpn and facilitating a secure migration to ssl vpn remote access
JP2008129673A (ja) * 2006-11-17 2008-06-05 Nippon Telegr & Teleph Corp <Ntt> ユーザ認証システム、ユーザ認証方法、それに用いるゲートウェイ及びプログラムとその記録媒体
US20080137863A1 (en) 2006-12-06 2008-06-12 Motorola, Inc. Method and system for using a key management facility to negotiate a security association via an internet key exchange on behalf of another device
US20080183851A1 (en) 2007-01-30 2008-07-31 Utstarcom, Inc. Apparatus and Method Pertaining to Management of On-Line Certificate Status Protocol Responses in a Cache
KR20070072463A (ko) * 2007-06-14 2007-07-04 이상곤 일회용 비밀번호를 이용한 공인인증서 보안 강화 방안
KR100980831B1 (ko) * 2007-12-12 2010-09-10 한국전자통신연구원 일회용 패스워드를 이용한 신뢰성 있는 통신 시스템 및방법
KR101096726B1 (ko) * 2008-05-19 2011-12-21 에스케이플래닛 주식회사 콘텐츠 drm 변환 시스템 및 방법과 이를 위한 인증 서버및 사용자 단말기

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101495956A (zh) * 2005-08-11 2009-07-29 晟碟以色列有限公司 扩展一次性密码方法和装置

Also Published As

Publication number Publication date
JP2013531834A (ja) 2013-08-08
EP2569897B1 (en) 2014-08-20
AU2011253346B2 (en) 2014-05-01
CN102893575A (zh) 2013-01-23
CA2798024C (en) 2017-04-04
US8799649B2 (en) 2014-08-05
WO2011142971A3 (en) 2012-01-26
CA2798024A1 (en) 2011-11-17
EP2569897A4 (en) 2013-12-04
EP2569897A2 (en) 2013-03-20
JP5827680B2 (ja) 2015-12-02
AU2011253346A1 (en) 2012-12-13
WO2011142971A2 (en) 2011-11-17
US20110283103A1 (en) 2011-11-17

Similar Documents

Publication Publication Date Title
US12170662B2 (en) Domain unrestricted mobile initiated login
US11855767B2 (en) Methods and systems for distributing encrypted cryptographic data
US10819526B2 (en) Identity-based certificate authority system architecture
CN102893575B (zh) 借助于ipsec和ike第1版认证的一次性密码
US9038138B2 (en) Device token protocol for authorization and persistent authentication shared across applications
US8532620B2 (en) Trusted mobile device based security
JP5844001B2 (ja) マルチパーティシステムにおける安全な認証
EP2632108B1 (en) Method and system for secure communication
US9332002B1 (en) Authenticating and authorizing a user by way of a digital certificate
CN102577301A (zh) 用于可信认证和登录的方法和装置
US11677547B1 (en) Mobile authenticator for performing a role in user authentication
JP2020078067A (ja) モバイルデバイスを有するユーザがスタンドアロンコンピューティングデバイスの能力にアクセスすることをセキュアに可能にするためのシステム及び方法
US20160285843A1 (en) System and method for scoping a user identity assertion to collaborative devices
WO2022140469A1 (en) Domain unrestricted mobile initiated login
KR20250008746A (ko) 암호화 서명 위임
US20250226985A1 (en) Techniques for phishing-resistant enrollment and on-device authentication
US20250337717A1 (en) Secure request transport across transport layer connections
Biehl OpenID Connect & JWT
US20250247385A1 (en) Techniques for inter-client authorization
Paul et al. UI Component and Authentication
Changelog View this document as: a single page| multiple pages. Wed, 28 Aug 2024 20: 39: 12-0500

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: MICROSOFT TECHNOLOGY LICENSING LLC

Free format text: FORMER OWNER: MICROSOFT CORP.

Effective date: 20150727

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20150727

Address after: Washington State

Applicant after: Micro soft technique license Co., Ltd

Address before: Washington State

Applicant before: Microsoft Corp.

C14 Grant of patent or utility model
GR01 Patent grant