JP2004247799A - Information system for access controlling using public key certificate - Google Patents

Information system for access controlling using public key certificate Download PDF

Info

Publication number
JP2004247799A
JP2004247799A JP2003033091A JP2003033091A JP2004247799A JP 2004247799 A JP2004247799 A JP 2004247799A JP 2003033091 A JP2003033091 A JP 2003033091A JP 2003033091 A JP2003033091 A JP 2003033091A JP 2004247799 A JP2004247799 A JP 2004247799A
Authority
JP
Japan
Prior art keywords
terminal
public key
information
key certificate
mutual authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2003033091A
Other languages
Japanese (ja)
Inventor
Yasuko Fukuzawa
Shoji Imamura
Shuichi Ishida
Toshiyuki Kuwana
Takashi Mizuno
将司 今村
利幸 桑名
高志 水野
修一 石田
寧子 福澤
Original Assignee
Hitachi Ltd
株式会社日立製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi Ltd, 株式会社日立製作所 filed Critical Hitachi Ltd
Priority to JP2003033091A priority Critical patent/JP2004247799A/en
Publication of JP2004247799A publication Critical patent/JP2004247799A/en
Application status is Pending legal-status Critical

Links

Images

Abstract

<P>PROBLEM TO BE SOLVED: To provide high speed services using even apparatus having limited resources such as IC cards and a service system allowing a service provider to set minute access rights and easily change or add access rights. <P>SOLUTION: Communications for mutual authentication and those for services are executed at the same time to reduce the number of communications, and a public key certificate and a common key are held when the mutual authentication succeeds, this omitting the verification of the public key certificate and the generation of the common key. Access control information are involved in the public key certificate to be sent to a party, the public key certificate is verified by the public key of a carrier in the process of the mutual authentication, and an access control process is made according to the access control information proved in truth. <P>COPYRIGHT: (C)2004,JPO&NCIPI

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a server client type service system using a network, in which a server provides a plurality of services.
[0002]
[Prior art]
As a method for implementing a flexible access control method on PKI, there is an attribute certificate (for example, see Non-Patent Document 1). However, it is difficult to realize access control using an attribute certificate in a service for an apparatus with limited resources such as an IC card due to a problem of processing speed and memory capacity.
[0003]
[Non-patent document 1]
ITU-T Recommendation X. 509: Information technology-Open Systems Interconnection-The Directory: Public-key and attribute certificate frameworks, 2000
[0004]
[Problems to be solved by the invention]
When the access authority for each service changes during operation in an electronic payment service, etc., the access control data in the IC card or other device is changed by the method in which the user holds the access authority in the IC card or other device. Or have to add. For this reason, changing or adding the access right is costly. When access control using an attribute certificate is performed, verification of a public key certificate used in public key authentication and verification of an attribute certificate are required. For this reason, a plurality of public keys for verifying the certificate are required, and at the same time, the processing speed is reduced. Therefore, it is difficult to realize the device using an apparatus with limited resources such as an IC card.
[0005]
A first object of the present invention is to realize a high-speed service even when an apparatus with limited resources such as an IC card is used. A second object of the present invention is to realize a flexible service system in which a service provider can set a fine access right in providing a service, and can easily change or add an access right even during operation of the system. It is in.
[0006]
[Means for Solving the Problems]
In order to achieve the first object, communication for mutual authentication and communication for a service are simultaneously performed to reduce the number of communication, and a public key certificate when mutual authentication is successful in the mutual authentication. The shared key is held, and the verification of the public key certificate and the generation of the shared key are omitted.
[0007]
In order to achieve the second object, the public key certificate transmitted to the other party includes access control information, and the public key certificate is verified by the public key of the business operator in the process of mutual authentication, and the authenticity is assured. An access control process is performed according to the obtained access control information.
[0008]
BEST MODE FOR CARRYING OUT THE INVENTION
Hereinafter, examples of the present invention will be described.
[0009]
In this embodiment, an automatic ticket gate system in a railway will be described. However, the present invention is applicable to a general system having a configuration as shown in FIG.
[0010]
FIG. 1 is a diagram illustrating a configuration example of a system to which the present embodiment is applied. The system includes a mobile phone (110) possessed by a user who receives an information service, a built-in IC chip (120) built in the mobile phone (110), a service providing server (130), a ticket gate (140), a door ( 160) and a business server (150). The built-in IC chip (120) communicates with the service providing server (130) via the mobile communication network of the mobile phone (110), and the user receives services such as value download. The built-in IC chip (120) performs non-contact communication with the ticket gate device (140) by wireless I / F of the built-in IC chip (120), and the user receives a service such as passing a ticket gate to the door (160). The service providing server (130) and the ticket gate (140) communicate with each other via the Internet or a LAN with a company server (150) managed by a company as a service provider, and add or update an access right. The opening / closing door (160) is a door controlled by the ticket gate device (140) so as to be opened for an authorized service user but closed for an unauthorized service user. The service providing server (130) and the ticket gate device (140) are specific examples of the service providing device. Other specific examples of the service providing device include a ticket vending machine, a conductor terminal, and a POS cash register.
[0011]
FIG. 2 is a diagram showing a schematic configuration of the mobile phone (110). The mobile phone (110) includes a CPU (210), a display device (220), an input device (230), a memory (240), a built-in IC chip (120), a contact I / F (250), and a transmission / reception I / F (260). ). The built-in IC chip (120) has two interfaces, a contact I / F (320) and a non-contact I / F (310). The contact I / F (320) of the built-in IC chip (120) and the contact I / F (250) of the mobile phone are connected, and the built-in IC chip (110) is connected via the transmission / reception I / F (260) of the mobile phone. Thus, communication by a mobile communication network can be performed.
[0012]
FIG. 3 is a diagram showing a schematic configuration of the built-in IC chip (120). The built-in IC chip (120) processes and stores information required for the service. The built-in IC chip (120) has a CPU (330), a memory (340), a contact I / F (320), and a non-contact I / F (310). It communicates with the built-in IC chip (120) by the contact I / F (320). The contactless I / F (310) communicates with a service providing device having a contactless I / F. For the built-in IC chip (120), the authentication processing (341), the access control processing (342), the value reading processing (343), the value change processing (344), the ID reply processing (345), and the business operator public key addition update Processing (346). The built-in IC chip (120) has an ID (350), a user public key certificate (351) including a user public key (352), a user private key (353), and a plurality of business public keys (354, 355). , Value data (356). The ID (350) is a code for uniquely identifying the built-in IC chip (120). The user public key certificate (351) is obtained by adding access control information (362, 365) to an electronic certificate generally used in PKI, and can be verified by the corresponding user CA public key (467, 567). The user public key (352) and the user secret key (353) are individual public key encryption key pairs for each user. The business public key (354, 355) is a public key for each business, and is used for verification of the device public key certificate (460, 463). The value data (356) is information used for receiving services, such as electronic value and personal information.
[0013]
FIG. 4 is a diagram showing a schematic configuration of the service providing server (130). The service providing server (130) and the mobile phone (110) perform communication via the mobile communication network using the transmission / reception I / F (410) and the transmission / reception I / F (260), respectively. The built-in IC chip (120) performs communication by the contact I / F (250) and the contact I / F (320), respectively. When the service providing server (130) communicates with the built-in IC chip (120), the service providing server (130) provides the user with services such as value purchase processing (452). The service providing server (130) includes a CPU (420), a display device (430), an input device (440), a memory (450), and a transmission / reception I / F (410). The service providing server (130) performs an authentication process (451), a value purchase process (452), a value change command sending process (453), a value read command sending process (454), and a device public key certificate addition / update process (455). ) And ID request processing (456). It also has a device public key certificate (460, 463) including a device public key (461) and access control information (462, 465), a device private key (466), and a user CA public key (467). The device public key certificate (460, 463) is obtained by adding access control information (462, 465) to an electronic certificate generally used in PKI, and can be verified with the corresponding company public key (354, 355). . The device public key (461) and the device secret key (466) are a key pair of a public key encryption for each device. The user CA public key (467) is used for verification of the user public key certificate (351).
[0014]
FIG. 5 is a diagram showing a schematic configuration of the ticket gate (140). The ticket gate (140) and the built-in IC chip (120) perform wireless communication with the non-contact I / F (510) and the non-contact I / F (310), respectively, and control the opening / closing door (160) to pass the ticket to the user. It is a device that provides services such as passing. The ticket gate (140) has a CPU (520), a display device (530), an input device (540), a memory (550), and a non-contact I / F (510). The ticket gate device (140) performs an authentication process (551), an opening / closing door control process (554), a value change command transmission process (552), a value read command transmission process (553), and a device public key certificate addition / update process (555). ) And ID request processing (556). It also has a device public key certificate (560, 563) including a device public key (561) and access control information (562, 565), a device private key (566), and a user CA public key (567). The role of the data is the same as that of the service providing server (130).
[0015]
FIG. 6 is a diagram showing a schematic configuration of the business server (150). The business server (150) communicates with the service providing server (130) or the ticket gate (140) via a network such as the Internet LAN by the transmission / reception I / F (610), and the service providing server (130) or the ticket gate. A device that manages access control of a service provided by the device (140). The business server (150) has a CPU (620), a display device (630), an input device (640), a memory (650), and a transmission / reception I / F (610). The business server (150) has an authentication process (651), a device public key certificate addition / update process (652), and a business public key addition / update process (653). The business server (150) has a business public key (655) and a business private key (656). The business public key (655) and the business private key (656) are key pairs of public key cryptography that are individually provided for each business. The business private key (656) is used for signing the device public key certificate (460, 463). The company public key (655) is used for verification of the device public key certificate (460, 463).
[0016]
FIG. 7 shows a process of a value purchase service provided by the service providing server (130). The service providing server (130) and the built-in IC chip (120) communicate with each other via a mobile communication network using a mobile phone (110). The processing flow is as follows. The service providing server (130) performs an ID request process (456) on the built-in IC chip (120). The built-in IC chip (120) that has received the command by the ID request process (456) performs an ID reply process (345) and transmits the ID (350) stored in the built-in IC chip to the service providing server (130). Using the received ID (350), the service providing server (130) performs mutual authentication by the built-in IC chip (120) and the authentication processing (341, 451). During the mutual authentication (341, 451), the temporary key is shared at the same time, and the subsequent communication is encrypted with the temporary key. The built-in IC chip (120) performs access control processing (342) based on access control information (465, 467) included in the device public key certificate (460, 463) transmitted from the service providing server in the mutual authentication (341, 451). ). The service providing server (130) transmits a command to the built-in IC chip (120) by a value read command sending process (454) for the value data (356) permitted to be accessed by the access control process (342). The built-in IC chip (120) that has received the command reads out the value data (356) by the value reading process (343) and transmits it to the service providing server (130). The service providing server (130) that has received the value data (356) checks the remaining amount and the like, and performs a settlement process by a value purchase process (452). The service providing server sends, to the built-in IC chip (120), a command to register new value data (356) settled by the value purchase process (452) in the built-in IC chip (120) by the value change command sending process (453). Send. Upon receiving the command, the built-in IC chip (120) executes a value change process (344) to change to new value data (356).
[0017]
FIG. 8 shows the processing of the ticket gate passing service provided by the ticket gate device (130). The ticket gate (130) and the built-in IC chip (120) perform wireless communication. The processing flow is as follows. The ticket gate (130) performs an ID request process (556) on the built-in IC chip (120). The built-in IC chip (120) that has received the command by the ID request process (556) performs an ID reply process (345) and transmits the ID (350) stored in the built-in IC chip to the ticket gate (130). The ticket gate (130) uses the received ID (350) to perform mutual authentication by the built-in IC chip (120) and the authentication process (341, 551). During the mutual authentication (341, 551), the temporary key is shared at the same time, and the subsequent communication is encrypted with the temporary key. The built-in IC chip (120) performs access control processing (342) based on access control information (565, 567) included in the device public key certificate (560, 563) transmitted from the service providing server in the mutual authentication (341, 545). ). The ticket gate (130) transmits a command to the built-in IC chip (120) by a value read command transmission process (553) for the value data (356) permitted to be accessed by the access control process (342). Upon receiving the command, the built-in IC chip (120) reads out the value data (356) by the value reading process (343) and sends it to the ticket gate (130). The ticket gate device (130) that has received the value data (356) checks the remaining amount, etc., and in accordance with the value change command sending process (552), adds new value data (356) to the built-in IC in order to withdraw the value of the ticket gate passage. A command to be registered in the chip (120) is transmitted to the built-in IC chip (120). Upon receiving the command, the built-in IC chip (120) executes the value change process (344), changes the value data to new value data (356), and transmits the result to the ticket gate (130). When the value data (356) is correctly changed, the ticket gate device (130) receiving the result performs the door control process (554) and opens the door (160). If the value data (356) has not been correctly changed, the door control process (554) is performed, and the door (160) is closed.
[0018]
FIG. 15 shows a processing example of mutual authentication (341, 451, 551) using a public key cryptosystem performed when the service providing apparatus (130, 140) communicates with the built-in IC chip (120) to provide a service. It is. The service providing device generates a random number Ra and transmits it to the IC chip. The IC chip generates an electronic signature P1 for the received random number Ra using the user secret key USu. The IC chip generates a random number Rb. The user public key certificate USce, the electronic signature P1, and the random number Rb are transmitted to the service providing apparatus. The service providing apparatus verifies the received user public key certificate USce with the user CA public key USW, and confirms that the user public key certificate USce is authentic. If it is not authentic, the mutual authentication is unsuccessful. The service providing device confirms that the electronic signature P1 is authentic by the result P2 of verifying the electronic signature P1 with the user public key USW included in the user public key certificate USce. If it is not authentic, the mutual authentication is unsuccessful. The service providing apparatus generates an electronic signature P3 for the random number Rb using the device secret key Ctrl. The service providing device generates a session key KYs for encrypting communication after mutual authentication. The service providing apparatus performs a key derivation calculation using a public key method, and generates a temporary key KYt for encrypting the session key KYs. The service providing apparatus generates a ciphertext P4 obtained by encrypting KYs using the temporary key KYt. The service providing device transmits the electronic signature P3, the ciphertext P4, and the device public key certificate Ctrl to the IC chip. The IC chip verifies the received device public key certificate Ctrl with the business entity public key CAW, and confirms that the device public key certificate is authentic. If it is not authentic, the mutual authentication is unsuccessful. The IC chip verifies that the electronic signature P3 is genuine based on the result P5 of verifying the electronic signature P3 with the device public key CtrlW included in the device public key certificate Ctrl. If it is not authentic, the mutual authentication is unsuccessful. The IC chip performs a key derivation calculation according to the public key method, and generates a temporary key KYt for decrypting the session key KYs. The ciphertext P4 is decrypted with the temporary key KYt to generate the session key KYs. The IC chip transmits a ciphertext P6 obtained by encrypting both pieces of shared information with the session key KYs to the IC chip. The service providing device decrypts the ciphertext P6 to generate shared information. If the shared information is correct, the mutual authentication can confirm that both are genuine. Since both have been confirmed to be authentic by the mutual authentication up to this point, the access control information AC included in the device public key certificate Ctrl is set to perform access control in the IC chip in the subsequent communication.
[0019]
The access control information (462, 465, 562, 565) is included in the device public key certificate (460, 463, 560, 563), and forgery is impossible without the business private key (656). . Further, forgery of the device public key certificate (460, 463, 560, 563) can be detected by mutual authentication (341, 451, 551), so that unauthorized access control processing (342) cannot be performed. The business private key (656) is secret information known only to the business providing the service, and the device public key certificate (460, 463, 560, 563) can be generated only for the business providing the information service. And the authority to perform the access control process (342) can be limited to only the business operator. When there are a plurality of operators, a plurality of operator public keys (655) different for each operator can be stored in the built-in IC chip (120). As described above, different access control processing (342) can be performed for each business operator. Further, a plurality of device public key certificates (460, 463, 560, 563) are generated for one device public key (461, 561) by different access control information (462, 465, 562, 565). Depending on the type of service to be provided, a device public key certificate (460, 463, 560, 563) to be used is selected and mutual authentication (341, 451, 551) is performed. Control processing (342) can be performed.
[0020]
FIG. 9 shows an embodiment of the access control process (342) for the value data (356) based on the access control information (562, 565). The access control information 1 (562) is included in the device public key certificate 1 (560). The access control information 2 (565) is included in the device public key certificate 2 (563). The access control information 1 (562) is an example of setting an access right to each data item of the value data (356) and an access right to a business public key addition / update process (346). The access control information 2 (565) is an example of setting an access right to each data item of the value data (356). Different access control information (562, 565) is set in the two device public key certificates (562, 560), and the access control information (562, 560) is used by the device public key certificate (562, 560) used in the mutual authentication. By executing the access control process (342) according to (562, 565), access control for each data item included in the value data (356) and access control for each process are performed. By switching the device public key certificate (562, 565) used for mutual authentication, it is possible to execute different access control.
[0021]
FIG. 10 shows an example of a method in which the mutual authentication (341, 451, 551) using a cache for improving the processing speed is improved. In general, an apparatus such as an IC chip has a low calculation capability, and thus performing a public key cryptographic calculation causes a reduction in processing speed. Accordingly, the verification of the public key certificate during the mutual authentication and the temporary key derived from the public key certificate are performed on the device public key certificate (460, 463, 560, 563) that succeeds in the mutual authentication (341, 451, 551). And the shared key is stored, and the device public key certificate (460, 463, 560, 563) transmitted from the communication partner matches the stored device public key certificate (460, 463, 560, 563). In such a case, it is possible to omit the verification of the certificate and the calculation of the public key for deriving the temporary key, thereby improving the processing speed without impairing the security. The flow of mutual authentication by the cache is roughly the same as the flow of the example of normal mutual authentication. However, the IC chip holds in advance the device public key certificate Ctrl ′ and the session key KYs ′ upon successful mutual authentication. As long as the memory of the IC chip allows, there is no limit on the number of stored data. Before the IC chip confirms the authenticity of the device public key certificate Ctrl received from the service providing device, the same device public key certificate Ctrl received in the held device public key certificate Ctrl ' In this case, the verification of the device public key certificate Ctrl and the derivation of the temporary key KYt are omitted, and the held device public key certificate Ctrl ′ and the temporary key KYt are used. If the received device public key certificate Ctrl 'is not identical to the received device public key certificate Ctrl, the verification of the device public key certificate Ctrl and the derivation of the temporary key KYt are performed as in FIG. I do. If the mutual authentication is successful, the device public key certificate Ctrl and the temporary key KYt are stored. Whether the held device public key certificate Ctrl ′ and the received device public key certificate Ctrl are the same is determined by checking all data matches and holding the hash value of the device public key certificate Ctrl ′. It can also be compared with the hash value of the received device public key certificate Ctrl to confirm the match.
[0022]
FIG. 11 is an example of a conventional value purchase service by a ticket gate (120). On the other hand, FIG. 12 shows an example of a speeded up value purchase service. Although the value purchase service has been described as an example, the present invention can be applied to other services having the same processing flow. In FIG. 11, the ID reply process (345), the access control process (342), the value read process (342), and the value read command sending process (553) are performed independently of the authentication process (341, 551). Therefore, communication between the built-in IC chip (120) and the ticket gate (140) increases. On the other hand, in FIG. 12, the ID reply process (345), the access control process (342), the value read process (342), and the value read command sending process (553) are performed simultaneously with the authentication process (341, 551). Reduce the number of communications between the built-in IC chip (120) and the ticket gate (140). Specific examples are given below. In the first communication of the authentication processing (345) of the built-in IC chip (120), a random number is transmitted, but by transmitting an ID at the same time, the ID reply processing (345) is performed at the same time. In the first communication of the authentication processing (553) of the ticket inspection apparatus (140), in addition to authentication data such as a signature for a random number in the authentication processing (553), a command by a value read command derivation processing (553) is also transmitted. . The built-in IC chip (120) that has received the communication verifies the signature for the random number transmitted to the ticket gate (140) and, if correct, can authenticate the ticket gate (140). If the authentication is successful, an access control process (342) is executed. After that, a value reading process (343) is executed. The built-in IC chip (120) transmits the result of the value reading process (342) and the authentication data to the ticket gate (140). The ticket gate device (140) executes an authentication process (553) from the received authentication data, and processes the result of the value reading process (342) if the authentication is successful. Thereafter, the processing of the value purchase service is continued.
[0023]
FIG. 13 is an example of the flow of adding or updating the device public key certificate (460, 463). Although an example for the service providing server (130) is shown, the present invention can be similarly applied to a service providing device such as a ticket gate (140). By adding or updating the device public key certificate, it is possible to add a new service, add a service providing device, and modify an existing service within the authority of the operator. Hereinafter, the processing flow will be described. The business server (150) performs mutual authentication (452, 651) with the service providing server (130) and confirms that both are authentic. The business server (150) transmits the device public key certificate to be added or updated by the device public key certificate addition / update processing (652) to the service providing server (130). The service providing server (130) receiving the device public key certificate performs a device public key certificate addition / update process (455) to add or update the device public key certificate.
[0024]
FIG. 14 is an example of the flow of adding or updating a business public key. When it is confirmed that the service providing device and the built-in IC chip (120) are genuine, the business server (150) adds a new business (655) for managing access control or opens an existing business. The key (354, 355) can be replaced with a new operator public key (655). By adding or replacing the operator public key (655), services can be provided by a new operator and information services of existing operators can be stopped in a secure and flexible manner. The flow of adding and replacing the company public key (354, 355) will be described below. Mutual authentication (341, 451, 651) is performed between the provider server (150) and the service providing server (130), and between the service providing server (130) and the built-in IC chip (120). The built-in IC chip (120) performs an access control process (342) based on the access control information obtained by the mutual authentication (341, 451). The business server (150) transmits the business public key (655) to the built-in IC chip (120) via the service providing server (130). The built-in IC chip (120) that has received the business public key (655) performs a business public key addition / update process to add or update the business public key.
[0025]
【The invention's effect】
According to the present invention, a high-speed service is provided even when an apparatus with limited resources such as an IC card is used, and in providing the service, a service provider can set a fine access right, It is possible to provide a flexible service system that can easily change or add an access right even during operation of the system.
[Brief description of the drawings]
FIG. 1 is a diagram of a configuration example of a system.
FIG. 2 is a diagram showing a schematic configuration of a mobile phone.
FIG. 3 is a diagram showing a schematic configuration of a built-in IC chip.
FIG. 4 is a diagram showing a schematic configuration of a service providing server.
FIG. 5 is a diagram showing a schematic configuration of a ticket gate device.
FIG. 6 is a diagram showing a schematic configuration of a business server.
FIG. 7 is a diagram showing a sequence of a value purchase service by the service providing server.
FIG. 8 is a diagram showing a sequence of a ticket passing service by the ticket gate device.
FIG. 9 is a diagram schematically illustrating an access control process for value data based on access control information.
FIG. 10 is a diagram showing a sequence of a high-speed mutual authentication using a cache.
FIG. 11 is a diagram showing a sequence of a value purchase service by a conventional service providing server.
FIG. 12 is a diagram showing a sequence of a value purchase service accelerated by the service providing server.
FIG. 13 is a diagram showing a sequence of a process of adding and updating a device certificate by a business server.
FIG. 14 is a diagram showing a sequence of a process of adding and updating a company public key by the company server.
FIG. 15 is a diagram showing a general public key mutual authentication sequence.
[Explanation of symbols]
110: Mobile phone
120: Built-in IC chip
130: Service providing server
140: Ticket gate device
150: Business server
160: Opening / closing door
354, 355, 655: Business public key
356: Value data
460, 463, 560, 563: Device public key certificate
461, 561: Device public key
462, 465, 562, 565: access control information

Claims (10)

  1. In an information system having a first terminal and a second terminal,
    The first terminal stores a private key, a public key, and a public key certificate of the public key cryptosystem,
    The second terminal stores a private key, a public key, and a public key certificate of a public key cryptosystem. When the public key certificate of the second terminal includes information indicating an access right for each specific information service,
    When the first terminal and the second terminal communicate with each other, the first terminal has a secret key, a public key, and a public key certificate, and the second terminal has a secret key, a public key, and a public key certificate. The mutual authentication of the public key cryptosystem is performed, and only when the mutual authentication succeeds, the access to the first terminal is performed according to the information indicating the access authority for each specific information service included in the public key certificate of the second terminal. Information systems to allow.
  2. The information system according to claim 1,
    When the second terminal provides a plurality of different information services,
    A plurality of public key certificates each storing information indicating a different access right for each information service for the public key of the second terminal;
    An information system for selecting a public key certificate used for mutual authentication for each information service provided by a second terminal.
  3. In the information system according to claim 1 or 2,
    Separate a private key for signing a public key certificate held by the second terminal for each information service provider,
    The first terminal stores public keys of a plurality of information service providers for each information service provider to receive,
    In the mutual authentication between the first terminal and the second terminal,
    An information system in which a first terminal selects a public key of an information service provider that verifies a public key certificate of a second terminal.
  4. The information system according to any one of claims 1 to 3,
    The first terminal holds the information of the public key certificate of the second terminal used in the last successful mutual authentication, the public key of the second terminal, and the shared key derived from the public key of the first terminal. In the case where the information is identical to the information of the public key certificate of the second terminal transmitted from the second terminal in the subsequent mutual authentication,
    In the mutual authentication of the service, the first terminal verifies the public key certificate of the second terminal, and the process of deriving the shared key from the second terminal's public key and the first terminal's public key. An information system characterized by omitting.
  5. The information system according to any one of claims 1 to 4,
    The second terminal transmits the information of the first terminal and the random number generated by the first terminal simultaneously as a reply to the information transmission request to the first terminal performed before the mutual authentication,
    The second terminal simultaneously sends a reply to the random number generated by the first terminal and a data access request to the first terminal,
    After the first terminal authenticates the second terminal, the first terminal executes the access control method according to claim 1, and simultaneously transmits a reply to the data access request from the second terminal and a result of the mutual authentication. An information system, characterized in that:
  6. The information system according to any one of claims 1 to 5,
    There is also a third terminal,
    The third terminal stores a public key and a private key of the public key cryptosystem,
    A second terminal and a third terminal having an interface for communicating with each other;
    When adding or updating the information service provided by the second terminal,
    When the second terminal and the third terminal perform mutual authentication and succeed in the authentication, the third terminal issues a public key certificate including an access right of a specific information service to be newly added or updated to the third terminal. The terminal transmits a public key certificate including information indicating the access right of the specific information service received by the second terminal to the second terminal,
    An information system using a public key certificate added or updated by a second terminal in subsequent mutual authentication.
  7. The information system according to any one of claims 1 to 6,
    When adding a new information service provider or updating the service provider's public key,
    The second terminal and the third terminal perform mutual authentication and succeed in authentication,
    The first terminal and the second terminal perform mutual authentication and succeed in authentication,
    The third terminal transmits a public key for verifying the public key certificate stored in the second terminal to the second terminal,
    The second terminal transmits a public key for verifying a public key certificate stored in the second terminal to the first terminal,
    The first terminal stores the received public key,
    An information system that uses an added or updated public key when the first terminal verifies the public key certificate of the second terminal in the subsequent mutual authentication of the first terminal and the second terminal.
  8. The information system according to any one of claims 1 to 6,
    The first terminal includes an electronic circuit chip having two interfaces, a first interface for performing wireless non-contact communication and a second interface for performing contact communication with the first terminal,
    An information system, wherein a communication system is changed according to an interface type of a second terminal and the service is performed.
  9. The information system according to any one of claims 1 to 8,
    The first terminal is a mobile phone having a built-in electronic circuit chip or a small information device having a communication function. The electronic circuit chip has an interface for performing communication by a mobile communication network of the mobile phone and a non-contact interface for performing wireless communication. Have
    The second terminal is a server that provides an information service,
    An information system, wherein the third terminal is a server managed by an information service provider.
  10. The information system according to claim 9,
    An information system, wherein the second terminal is not a server that provides an information service, but a ticket gate, a conductor terminal, a ticket vending machine, or a POS terminal having a contactless interface for performing wireless communication.
JP2003033091A 2003-02-12 2003-02-12 Information system for access controlling using public key certificate Pending JP2004247799A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2003033091A JP2004247799A (en) 2003-02-12 2003-02-12 Information system for access controlling using public key certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2003033091A JP2004247799A (en) 2003-02-12 2003-02-12 Information system for access controlling using public key certificate

Publications (1)

Publication Number Publication Date
JP2004247799A true JP2004247799A (en) 2004-09-02

Family

ID=33019182

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2003033091A Pending JP2004247799A (en) 2003-02-12 2003-02-12 Information system for access controlling using public key certificate

Country Status (1)

Country Link
JP (1) JP2004247799A (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007041756A (en) * 2005-08-02 2007-02-15 Sony Corp Information processor and method, program, and security chip
JP2007128207A (en) * 2005-11-02 2007-05-24 Fuji Xerox Co Ltd Job processing system, instructions preparation device and image reading device
JP2007133608A (en) * 2005-11-09 2007-05-31 Sony Corp Information processing apparatus, software installation method and optical disk
JP2009129329A (en) * 2007-11-27 2009-06-11 Felica Networks Inc Service providing system, service providing server, and information terminal device
JPWO2008032648A1 (en) * 2006-09-11 2010-01-21 パナソニック株式会社 IC card and access control method thereof
US7716139B2 (en) 2004-10-29 2010-05-11 Research In Motion Limited System and method for verifying digital signatures on certificates
US8010785B2 (en) 2005-12-28 2011-08-30 Brother Kogyo Kabushiki Kaisha Information processing apparatus
JP2011171946A (en) * 2010-02-17 2011-09-01 Toshiba Corp Portable electronic device, method for controlling portable electronic device, and ic card
JP2011209802A (en) * 2010-03-29 2011-10-20 Sony Corp Memory device, host device and memory system
JP2012008756A (en) * 2010-06-24 2012-01-12 Sony Corp Information processing device, information processing method and program
JP4897704B2 (en) * 2004-12-31 2012-03-14 ブリティッシュ・テレコミュニケーションズ・パブリック・リミテッド・カンパニーBritish Telecommunications Public Limited Company Controlling data exchange
WO2012153530A1 (en) * 2011-05-10 2012-11-15 三洋電機株式会社 Terminal apparatus
JP2013037651A (en) * 2011-08-11 2013-02-21 Sony Corp Information processing device and information processing method, and program
KR101337877B1 (en) 2009-12-11 2013-12-06 한국전자통신연구원 Apparatus and method for communicating data using authenticated wireless channel
US9077524B2 (en) 2005-09-29 2015-07-07 Blackberry Limited System and method for providing an indication of randomness quality of random number data generated by a random data service
JP2015181054A (en) * 2015-06-18 2015-10-15 ソニー株式会社 Information processing device and information processing method, and program
WO2016147567A1 (en) * 2015-03-18 2016-09-22 パナソニックIpマネジメント株式会社 Communications device, partner communications device, communications program, and partner communications program

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7716139B2 (en) 2004-10-29 2010-05-11 Research In Motion Limited System and method for verifying digital signatures on certificates
US9621352B2 (en) 2004-10-29 2017-04-11 Blackberry Limited System and method for verifying digital signatures on certificates
US8725643B2 (en) 2004-10-29 2014-05-13 Blackberry Limited System and method for verifying digital signatures on certificates
US8143995B2 (en) 2004-12-31 2012-03-27 British Telecommunications Public Limited Company Control of data exchange
JP4897704B2 (en) * 2004-12-31 2012-03-14 ブリティッシュ・テレコミュニケーションズ・パブリック・リミテッド・カンパニーBritish Telecommunications Public Limited Company Controlling data exchange
JP2007041756A (en) * 2005-08-02 2007-02-15 Sony Corp Information processor and method, program, and security chip
US9077524B2 (en) 2005-09-29 2015-07-07 Blackberry Limited System and method for providing an indication of randomness quality of random number data generated by a random data service
JP2007128207A (en) * 2005-11-02 2007-05-24 Fuji Xerox Co Ltd Job processing system, instructions preparation device and image reading device
JP2007133608A (en) * 2005-11-09 2007-05-31 Sony Corp Information processing apparatus, software installation method and optical disk
US8848496B2 (en) 2005-11-09 2014-09-30 Sony Corporation Information processing apparatus, software installing method, and recording medium
US8120997B2 (en) 2005-11-09 2012-02-21 Sony Corporation Information processing apparatus including a communication unit that communicates with an IC chip and associated methodology
US8010785B2 (en) 2005-12-28 2011-08-30 Brother Kogyo Kabushiki Kaisha Information processing apparatus
JP4598857B2 (en) * 2006-09-11 2010-12-15 パナソニック株式会社 IC card and access control method thereof
JPWO2008032648A1 (en) * 2006-09-11 2010-01-21 パナソニック株式会社 IC card and access control method thereof
JP2009129329A (en) * 2007-11-27 2009-06-11 Felica Networks Inc Service providing system, service providing server, and information terminal device
US8266436B2 (en) 2007-11-27 2012-09-11 Felica Networks, Inc. Service providing system, service providing server and information terminal device
KR101337877B1 (en) 2009-12-11 2013-12-06 한국전자통신연구원 Apparatus and method for communicating data using authenticated wireless channel
JP2011171946A (en) * 2010-02-17 2011-09-01 Toshiba Corp Portable electronic device, method for controlling portable electronic device, and ic card
JP2011209802A (en) * 2010-03-29 2011-10-20 Sony Corp Memory device, host device and memory system
US9053347B2 (en) 2010-03-29 2015-06-09 Sony Corporation Memory device, host device, and memory system
JP2012008756A (en) * 2010-06-24 2012-01-12 Sony Corp Information processing device, information processing method and program
JP2014014095A (en) * 2011-05-10 2014-01-23 Sanyo Electric Co Ltd Terminal device
WO2012153530A1 (en) * 2011-05-10 2012-11-15 三洋電機株式会社 Terminal apparatus
JP2016136721A (en) * 2011-05-10 2016-07-28 パナソニックIpマネジメント株式会社 Terminal device
JP2013037651A (en) * 2011-08-11 2013-02-21 Sony Corp Information processing device and information processing method, and program
WO2016147567A1 (en) * 2015-03-18 2016-09-22 パナソニックIpマネジメント株式会社 Communications device, partner communications device, communications program, and partner communications program
JPWO2016147567A1 (en) * 2015-03-18 2017-11-02 パナソニックIpマネジメント株式会社 Communication device, parent communication device, communication program, and parent communication program
JP2015181054A (en) * 2015-06-18 2015-10-15 ソニー株式会社 Information processing device and information processing method, and program

Similar Documents

Publication Publication Date Title
RU2674329C2 (en) Secure remote payment transaction processing
US20150365404A1 (en) System and Method for Binding a Smartcard and a Smartcard Reader
JP6531092B2 (en) How to secure wireless communication between a mobile application and a gateway
US20190364032A1 (en) Method for carrying out a two-factor authentication
CN103714639B (en) A kind of method and system that realize the operation of POS terminal security
US9813236B2 (en) Multi-factor authentication using a smartcard
US20190005470A1 (en) Accredited certificate issuance system based on block chain and accredited certificate issuance method based on block chain using same, and accredited certificate authentication system based on block chain and accredited certificate authentication method based on block chain using same
US8689290B2 (en) System and method for securing a credential via user and server verification
EP2695148B1 (en) Payment system
US8540146B2 (en) Automated banking machine that operates responsive to data bearing records
CN102834830B (en) The program of reading attributes from ID token
CA2723747C (en) Apparatus and method to prevent man in the middle attack
CN102317904B (en) System and methods for encryption with authentication integrity
US6189098B1 (en) Client/server protocol for proving authenticity
CN102483779B (en) Method for reading attributes from an id token and the computer system
EP2053827B1 (en) Method for secure personalisation of an NFC chipset
ES2266540T3 (en) Method of data certification.
US7720769B1 (en) Card activated cash dispensing automated banking machine system and method
USRE38070E1 (en) Cryptography system and method for providing cryptographic services for a computer application
CA2241052C (en) Application level security system and method
FI111307B (en) Method for transmitting data, an electronic document or similar, a system for transmitting data, an electronic document or similar and a card for use according to the procedure
CN100595748C (en) Electronic value authentication method, authentication system and device
US5784463A (en) Token distribution, registration, and dynamic configuration of user entitlement for an application level security system and method
ES2265694T3 (en) Procedure to verify in a mobile device the authenticity of electronic certificates issued by a certificating authority and corresponding identification module.
DE60023705T2 (en) Secure distribution and protection of key information