JP2003124926A5 - - Google Patents
Download PDFInfo
- Publication number
- JP2003124926A5 JP2003124926A5 JP2001316575A JP2001316575A JP2003124926A5 JP 2003124926 A5 JP2003124926 A5 JP 2003124926A5 JP 2001316575 A JP2001316575 A JP 2001316575A JP 2001316575 A JP2001316575 A JP 2001316575A JP 2003124926 A5 JP2003124926 A5 JP 2003124926A5
- Authority
- JP
- Japan
- Prior art keywords
- computer
- session
- data
- electronic certificate
- application data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 claims 4
- 241000255777 Lepidoptera Species 0.000 claims 1
- 238000000034 method Methods 0.000 claims 1
Claims (5)
前記第2の計算機からの当該セション固有のセションデータを含むセション確立要求に対し、前記第3の計算機によって生成された当該セション固有のセションデータを付加して前記第1の計算機へセション確立要求を送信し、前記第1の計算機によって生成された当該セション固有のセションデータと第1の電子証明書を前記第3の計算機へ送信し、前記第3の計算機によって受信した前記第1の電子証明書を認証後に前記第1の電子証明書と前記第2の計算機から得られた前記セションデータとを含めた第2の電子証明書を前記第2の計算機へ送信し、前記第2の計算機によって前記セションデータの少なくとも一部、前記第1の電子証明書及び前記第2の電子証明書を認証することを特徴とする認証処理方法。A first computer, a second computer that issues a session establishment request to the first computer, and application data interposed between the first computer and the second computer and transmitted and received between the two computers. An authentication process of an encrypted communication system for encrypting and transmitting / receiving the application data between the first computer and the second computer based on a common key encryption method, the system including a third computer to be relayed. In the method,
A session establishment request including the session-specific session data from the second computer and the session-specific session data generated by the third computer is added to the session establishment request to the first computer. Transmitting, transmitting the session-specific session data and the first digital certificate generated by the first computer to the third computer, and receiving the first digital certificate received by the third computer After the authentication, a second electronic certificate including the first electronic certificate and the session data obtained from the second computer is transmitted to the second computer, and the second computer An authentication processing method comprising: authenticating at least a part of session data, the first electronic certificate and the second electronic certificate.
前記第2の計算機からの当該セション固有のセションデータを含むセション確立要求に対し、前記第3の計算機によって生成された当該セション固有のセションデータを付加して前記第1の計算機へセション確立要求を送信し、前記第1の計算機によって生成された当該セション固有のセションデータを前記第3の計算機を介して前記第2の計算機へ送信し、前記第3の計算機によって前記セションデータのうちの少なくとも一部を含む第1の電子証明書を前記第2の計算機へ送信し、前記第2の計算機によって受信した前記セションデータと前記第1の電子証明書を認証後に前記第1の計算機から得られた前記セションデータを含む第2の電子証明書を前記第3の計算機へ送信し、前記第3の計算機によって受信した前記第2の電子証明書を認証後に前記第2の電子証明書と前記第1の計算機から得られた前記セションデータを含めた第3の電子証明書を前記第1の計算機へ送信し、前記第1の計算機によって前記セションデータの少なくとも一部、前記第2の電子証明書及び前記第3の電子証明書を認証することを特徴とする認証処理方法。A first computer that receives a session establishment request, a second computer that issues a session establishment request to the first computer, and a second computer interposed between the first computer and the second computer and A third computer for relaying application data to be transmitted and received, wherein the third computer encrypts and transmits and receives the application data between the first computer and the second computer based on a common key cryptosystem. In the authentication processing method of the encryption communication system,
A session establishment request including the session-specific session data from the second computer and the session-specific session data generated by the third computer is added to the session establishment request to the first computer. Transmitting the session-specific session data generated by the first computer to the second computer via the third computer, wherein at least one of the session data is transmitted by the third computer. A first electronic certificate including a part is transmitted to the second computer, and the session data received by the second computer and the first electronic certificate are obtained from the first computer after authentication. Transmitting a second electronic certificate including the session data to the third computer, and receiving the second electronic certificate by the third computer; After the authentication, a third electronic certificate including the second electronic certificate and the session data obtained from the first computer is transmitted to the first computer, and the session data is transmitted by the first computer. Authenticating at least a part of the second electronic certificate and the third electronic certificate.
前記第2の計算機からの当該セション固有のセションデータを含むセション確立要求に対し、生成した当該セション固有のセションデータを付加して前記第1の計算機へセション確立要求を送信する前記第3の計算機に設けられる手段、生成した当該セション固有のセションデータと第1の電子証明書を前記第3の計算機へ送信する前記第1の計算機に設けられる手段、受信した前記第1の電子証明書を認証後に前記第1の電子証明書と前記第2の計算機から得られた前記セションデータを含めた第2の電子証明書を前記第2の計算機へ送信する前記第3の計算機に設けられる手段、および前記セションデータの少なくとも一部、前記第1の電子証明書及び前記第2の電子証明書を認証する前記第2の計算機に設けられる手段を有することを特徴とする認証処理システム。A first computer, a second computer that issues a session establishment request to the first computer, and application data interposed between the first computer and the second computer and transmitted and received between the two computers. a system and a third computer for relaying, in encrypted communication system for transmitting and receiving by encrypting the application data between the second computer and the first computer based on a common key encryption method,
The third computer, which adds a generated session-specific session data to the session establishment request including the session-specific session data from the second computer and transmits the session establishment request to the first computer. Means for transmitting the generated session data unique to the session and the first electronic certificate to the third computer, means for authenticating the received first electronic certificate Means provided in the third computer for later transmitting to the second computer a second digital certificate including the first electronic certificate and the session data obtained from the second computer ; and At least a portion of the session data, further comprising means provided in the second computer to authenticate the first electronic certificate and the second digital certificate Authentication processing system to butterflies.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2001316575A JP3842100B2 (en) | 2001-10-15 | 2001-10-15 | Authentication processing method and system in encrypted communication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2001316575A JP3842100B2 (en) | 2001-10-15 | 2001-10-15 | Authentication processing method and system in encrypted communication system |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2003124926A JP2003124926A (en) | 2003-04-25 |
JP2003124926A5 true JP2003124926A5 (en) | 2004-11-11 |
JP3842100B2 JP3842100B2 (en) | 2006-11-08 |
Family
ID=19134571
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2001316575A Expired - Fee Related JP3842100B2 (en) | 2001-10-15 | 2001-10-15 | Authentication processing method and system in encrypted communication system |
Country Status (1)
Country | Link |
---|---|
JP (1) | JP3842100B2 (en) |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4778210B2 (en) * | 2003-09-12 | 2011-09-21 | 株式会社リコー | COMMUNICATION DEVICE, COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND PROGRAM |
JP4671638B2 (en) * | 2003-09-12 | 2011-04-20 | 株式会社リコー | COMMUNICATION DEVICE, COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND PROGRAM |
JP2006129143A (en) * | 2004-10-29 | 2006-05-18 | Toppan Printing Co Ltd | Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus |
JP4520840B2 (en) * | 2004-12-02 | 2010-08-11 | 株式会社日立製作所 | Encrypted communication relay method, gateway server device, encrypted communication program, and encrypted communication program storage medium |
JP4690767B2 (en) | 2005-05-11 | 2011-06-01 | 株式会社日立製作所 | Network system, server device, and communication method |
JP4578352B2 (en) * | 2005-08-12 | 2010-11-10 | シャープ株式会社 | Communication mediating apparatus, data providing apparatus, and data providing system |
US20090235069A1 (en) * | 2006-04-10 | 2009-09-17 | Trust Integration Services B.V. | Arrangement of and method for secure data transmission |
JP2007334753A (en) * | 2006-06-16 | 2007-12-27 | Nippon Telegr & Teleph Corp <Ntt> | Access management system and method |
US20100242102A1 (en) * | 2006-06-27 | 2010-09-23 | Microsoft Corporation | Biometric credential verification framework |
US8225096B2 (en) | 2006-10-27 | 2012-07-17 | International Business Machines Corporation | System, apparatus, method, and program product for authenticating communication partner using electronic certificate containing personal information |
US9055107B2 (en) | 2006-12-01 | 2015-06-09 | Microsoft Technology Licensing, Llc | Authentication delegation based on re-verification of cryptographic evidence |
JP5039146B2 (en) * | 2007-11-07 | 2012-10-03 | 日本電信電話株式会社 | Common key setting method, relay device, and program |
US8301895B2 (en) | 2009-12-02 | 2012-10-30 | Microsoft Corporation | Identity based network policy enablement |
JP4879347B2 (en) * | 2009-12-25 | 2012-02-22 | キヤノンItソリューションズ株式会社 | Relay processing device, relay processing method and program |
JP5022474B2 (en) * | 2010-05-07 | 2012-09-12 | 株式会社日立製作所 | Server apparatus, communication method and program |
CN109474433B (en) * | 2018-10-23 | 2023-01-10 | 航天信息股份有限公司 | Client certificate issuing method and device based on billing system |
JP6705602B1 (en) * | 2019-01-24 | 2020-06-03 | Necプラットフォームズ株式会社 | Relay device, relay method, and control program |
US11206135B2 (en) | 2019-11-11 | 2021-12-21 | International Business Machines Corporation | Forward secrecy in Transport Layer Security (TLS) using ephemeral keys |
-
2001
- 2001-10-15 JP JP2001316575A patent/JP3842100B2/en not_active Expired - Fee Related
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3391620B1 (en) | Systems and methods for secure multi-party communications using a proxy | |
JP2003124926A5 (en) | ||
US8086847B2 (en) | Computer program product and computer system for peer-to-peer communications | |
US8438628B2 (en) | Method and apparatus for split-terminating a secure network connection, with client authentication | |
US7584505B2 (en) | Inspected secure communication protocol | |
US20140059354A1 (en) | Scalable Session Management | |
CN108650210A (en) | A kind of Verification System and method | |
CN101247232B (en) | Encryption technique method based on digital signature in data communication transmission | |
JP5845393B2 (en) | Cryptographic communication apparatus and cryptographic communication system | |
CA2446304A1 (en) | Use and generation of a session key in a secure socket layer connection | |
JP2004166270A5 (en) | ||
WO2008054375A3 (en) | Constrained cryptographic keys | |
JP2005534049A5 (en) | ||
JP2006276093A5 (en) | ||
EP1577736A3 (en) | Efficient and secure authentication of computing systems | |
EP0938209A3 (en) | Method and apparatus for conducting crypto-ignition processes between thin client devices and server devices over data networks | |
JP2008500755A5 (en) | ||
JP2008533882A (en) | How to backup and restore encryption keys | |
IL159295A0 (en) | Authentication of a user across communication sessions | |
JP2002374239A (en) | Method for cryptographing information | |
CN101706854A (en) | USB information security equipment and method for communication between USB information security equipment and mainframe | |
CN110611681A (en) | Encryption method and device and storage medium | |
KR100890720B1 (en) | Method for Selectively Encrypting Web Contents and Computer-Readable Recording Medium Where Program Executing the Same Method | |
CN100464337C (en) | Method and equipment for carrying out safety communication between USB device and host | |
CN107682380B (en) | Cross authentication method and device |