CN109327429B - 认证系统、装置管理系统及其方法 - Google Patents

认证系统、装置管理系统及其方法 Download PDF

Info

Publication number
CN109327429B
CN109327429B CN201810844129.9A CN201810844129A CN109327429B CN 109327429 B CN109327429 B CN 109327429B CN 201810844129 A CN201810844129 A CN 201810844129A CN 109327429 B CN109327429 B CN 109327429B
Authority
CN
China
Prior art keywords
terminal
user
network device
authentication
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810844129.9A
Other languages
English (en)
Chinese (zh)
Other versions
CN109327429A (zh
Inventor
船山弘孝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Canon Inc
Original Assignee
Canon Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Canon Inc filed Critical Canon Inc
Publication of CN109327429A publication Critical patent/CN109327429A/zh
Application granted granted Critical
Publication of CN109327429B publication Critical patent/CN109327429B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Power Engineering (AREA)
  • Facsimiles In General (AREA)
  • Collating Specific Patterns (AREA)
  • Computer And Data Communications (AREA)
CN201810844129.9A 2017-07-31 2018-07-27 认证系统、装置管理系统及其方法 Active CN109327429B (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2017148620A JP6991773B2 (ja) 2017-07-31 2017-07-31 システム、デバイス管理システム、及びその方法
JP2017-148620 2017-07-31

Publications (2)

Publication Number Publication Date
CN109327429A CN109327429A (zh) 2019-02-12
CN109327429B true CN109327429B (zh) 2021-08-17

Family

ID=63244378

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810844129.9A Active CN109327429B (zh) 2017-07-31 2018-07-27 认证系统、装置管理系统及其方法

Country Status (5)

Country Link
US (1) US10984084B2 (enExample)
EP (1) EP3438862B1 (enExample)
JP (1) JP6991773B2 (enExample)
KR (1) KR102357559B1 (enExample)
CN (1) CN109327429B (enExample)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109714167B (zh) * 2019-03-15 2020-08-25 北京邮电大学 适用于移动应用签名的身份认证与密钥协商方法及设备
CN110417769A (zh) * 2019-07-24 2019-11-05 孙洪亮 一种工业互联网平台多重身份认证方法
WO2021034302A1 (en) * 2019-08-16 2021-02-25 Hewlett-Packard Development Company, L.P. Remote commands
CN112311785A (zh) * 2020-10-27 2021-02-02 珠海格力电器股份有限公司 设备认证信息级联更新的方法和装置
JP7532220B2 (ja) * 2020-11-10 2024-08-13 キヤノン株式会社 通信装置、通信装置の制御方法、及びプログラム
JP7517177B2 (ja) * 2021-01-28 2024-07-17 富士フイルムビジネスイノベーション株式会社 情報処理装置及び情報処理プログラム
JP7282113B2 (ja) * 2021-02-10 2023-05-26 株式会社日立製作所 ユーザのリソースへのアクセスを制御するシステム及び方法
TW202516950A (zh) * 2023-10-05 2025-04-16 宏碁股份有限公司 連線授權系統和方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016047064A1 (en) * 2014-09-24 2016-03-31 Canon Kabushiki Kaisha Communication system, mobile terminal, method of controlling the mobile terminal, and storage medium
WO2017043717A1 (ko) * 2015-09-07 2017-03-16 권봉균 생체인식 본인인증 방법
CN106686004A (zh) * 2017-02-28 2017-05-17 飞天诚信科技股份有限公司 一种登录认证方法及系统
CN106899551A (zh) * 2015-12-21 2017-06-27 中国电信股份有限公司 认证方法、认证终端以及系统

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPWO2007094165A1 (ja) * 2006-02-15 2009-07-02 日本電気株式会社 本人確認システムおよびプログラム、並びに、本人確認方法
JP4586055B2 (ja) * 2007-09-03 2010-11-24 株式会社日立製作所 生体認証システム
JP5538701B2 (ja) * 2008-10-13 2014-07-02 正義 石澤 本人認証のための方法、システム、判定装置、端末装置、サーバ装置、プログラムおよび記録媒体
US9059978B2 (en) * 2010-03-23 2015-06-16 Fujitsu Limited System and methods for remote maintenance in an electronic network with multiple clients
JP5753772B2 (ja) 2011-12-12 2015-07-22 株式会社日立製作所 生体認証システム
US9455839B2 (en) 2014-07-30 2016-09-27 Master Lock Company Llc Wireless key management for authentication
JP6759152B2 (ja) * 2017-05-24 2020-09-23 キヤノン株式会社 画像処理装置、方法、プログラム及びシステム
JP6882080B2 (ja) * 2017-05-31 2021-06-02 キヤノン株式会社 画像処理装置、方法、プログラム及びシステム
JP7030476B2 (ja) * 2017-11-06 2022-03-07 キヤノン株式会社 画像処理装置、画像処理装置の制御方法、プログラム、システム、およびシステムの制御方法
JP7066380B2 (ja) * 2017-11-17 2022-05-13 キヤノン株式会社 システム、システムにおける方法、情報処理装置、情報処理装置における方法、およびプログラム
JP7091057B2 (ja) * 2017-11-22 2022-06-27 キヤノン株式会社 情報処理装置、情報処理装置における方法、およびプログラム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016047064A1 (en) * 2014-09-24 2016-03-31 Canon Kabushiki Kaisha Communication system, mobile terminal, method of controlling the mobile terminal, and storage medium
WO2017043717A1 (ko) * 2015-09-07 2017-03-16 권봉균 생체인식 본인인증 방법
CN106899551A (zh) * 2015-12-21 2017-06-27 中国电信股份有限公司 认证方法、认证终端以及系统
CN106686004A (zh) * 2017-02-28 2017-05-17 飞天诚信科技股份有限公司 一种登录认证方法及系统

Also Published As

Publication number Publication date
US20190034607A1 (en) 2019-01-31
KR102357559B1 (ko) 2022-02-04
CN109327429A (zh) 2019-02-12
KR20190013637A (ko) 2019-02-11
JP6991773B2 (ja) 2022-01-13
EP3438862B1 (en) 2020-09-09
US10984084B2 (en) 2021-04-20
JP2019028805A (ja) 2019-02-21
EP3438862A1 (en) 2019-02-06

Similar Documents

Publication Publication Date Title
CN109327429B (zh) 认证系统、装置管理系统及其方法
US20200280446A1 (en) Service usage apparatus, method therefor, and non-transitory computer-readable storage medium
US10623191B2 (en) Information processing apparatus, information processing system, information processing method, and recording medium
US10326758B2 (en) Service provision system, information processing system, information processing apparatus, and service provision method
CN110046485B (zh) 信息处理系统及方法、信息处理设备及方法和存储介质
US9053303B2 (en) Apparatus, authentication system, authentication control method, authentication control program, and computer-readable recording medium having authentication control program
US10750050B2 (en) IMAGE PROCESSING APPARATUS, METHOD FOR CONTROLLING IMAGE Processing apparatus, program storage medium, system, and method for controlling system for use in biometric authentication
US20190123907A1 (en) Authentication device based on biometric information, control server connected to the same, and login method based on biometric information thereof
JP6278651B2 (ja) ネットワークシステム、管理サーバシステム、制御方法及びプログラム
CN102810051A (zh) 图像形成系统和图像形成装置
JP6659170B2 (ja) 情報処理装置、情報処理方法及びプログラム
EP2889752A1 (en) Apparatus and method for controlling printing using virtual printer, and authentication server and authentication method therefor
US10498710B2 (en) System, relay client, control method, and storage medium having password reset for authentication
JP5558230B2 (ja) ログ情報処理装置、画像形成装置、ログ情報処理方法およびログ情報処理プログラム
US9380042B2 (en) Method for operating a network device
US9423990B2 (en) Non-transitory computer readable recording medium storing an account management program, image forming apparatus and image forming system
JP2017212694A (ja) 情報処理装置、情報処理方法及びプログラム
US11481166B2 (en) Information processing system, information processing apparatus for controlling access to resources and functions for managing users allowed to access the resources
US20220417378A1 (en) Authentication system, information processing apparatus, and image forming apparatus
US9041964B2 (en) Image forming apparatus, computer-readable non-transitory storage medium with uploading program stored thereon, and uploading system
US20220308809A1 (en) Information processing apparatus, information processing system, and non-transitory computer readable medium
JP6942926B2 (ja) 印刷管理装置
CN113656787B (zh) 服务提供设备、终端、鉴权设备、资源访问方法及系统
KR20160099358A (ko) 클라우드 문서 중앙화 시스템의 인증 방법
JP5610051B2 (ja) 認証制御装置、認証制御方法、プログラム、及び記録媒体

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant