JP2008541242A - トークン共有システムおよび方法 - Google Patents
トークン共有システムおよび方法 Download PDFInfo
- Publication number
- JP2008541242A JP2008541242A JP2008510256A JP2008510256A JP2008541242A JP 2008541242 A JP2008541242 A JP 2008541242A JP 2008510256 A JP2008510256 A JP 2008510256A JP 2008510256 A JP2008510256 A JP 2008510256A JP 2008541242 A JP2008541242 A JP 2008541242A
- Authority
- JP
- Japan
- Prior art keywords
- token
- validation
- time password
- identifier
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/40—User authentication by quorum, i.e. whereby two or more security principals are required
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2117—User registration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2129—Authenticate client device independently of the user
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Abstract
Description
本発明の実施形態にしたがった中央トークンサービスインフラストラクチャは、例えば、ハードウェアトークン上に記憶および/またはハードウェアトークンによって実現される、証明書またはOTPのような、第2の要素の信用証明書を提供したり妥当性確認をしたりするために使用される。第2の要素を実現するトークンは、さまざまなアプリケーションおよび/またはウェブサイトのうちの任意のものにおいてアクティブ化されてもよい。アプリケーション自体のユーザデータベースにおいて、ユーザ名およびパスワードのような第1の要素をアプリケーションが管理することができる。トークンのアクティブ化の一部分として、アプリケーションは、ローカルユーザ名と、トークンシリアル番号のような共有される第2の要素のトークン識別子との間のマッピングを記憶することができる。
本発明の別の実施形態にしたがった分散型アーキテクチャを使用して、第2の要素の妥当性確認をすることができる。図2は、分散型バリデーションアーキテクチャの実施形態を示している。ISP204および銀行102は、インターネットのようなネットワーク104を通して、トークンルックアップサービス201に結合されている。ISP204はトークン記憶装置203を備えていてもよく、トークン記憶装置203はデータベースであってもよい。これは、トークン識別子を、予め計算されたOTPと、および/またはトークン識別子に関係付けられているトークン中に記憶されている1つ以上のシークレットと、および/またはトークンからのOTPを確認するのに必要とされる他の情報と相関付けるものである。この相関付けは、ISP204におけるワンタイムパスワードバリデーションサーバ205において実現されてもよい。
本発明の別の実施形態にしたがうと、Java(登録商標)セル電話機のような次世代移動体デバイス、ならびに、記憶およびアプリケーション能力を備えているPDA、ならびに、証明書を管理する何らかの形態のグラフィックインターフェイスに対して、クレデンシャルウォレットモデルに影響を及ぼす。この実施形態では、移動体デバイスは、第2の要素の信用証明書の複数のインスタンスを含むことが可能な「ウォレット」であってもよい。強力な認証を必要とする各サイトに対して、適切な1つまたは複数の信用証明書にアクセスすることができる。
Claims (6)
- 認証システムにおいて、
識別子を有し、ワンタイムパスワードを発生させるように構成および配置されているトークンと、
トークンによって発生されたワンタイムパスワードの妥当性確認をするように構成および配置され、ネットワークアドレスを有しているワンタイムパスワードバリデーションサーバと、
トークン識別子をバリデーションサーバのネットワークのロケーションと相関付けるように構成および配置されているトークンルックアップサービスと、
トークンのユーザによって提供された少なくとも第1の認証要素の妥当性確認をし、第1の要素の妥当性確認が成功した場合、ワンタイムパスワードバリデーションサーバのロケーションに対する要求をトークンルックアップサーバに送り、ワンタイムパスワードバリデーション要求をワンタイムパスワードバリデーションサーバに送るように構成および配置されているリソースバリデーションサーバとを具備する認証システム。 - トークンのユーザによって提供された第1の認証要素は、ユーザ名を含む請求項1記載のシステム。
- トークンのユーザによって提供された第1の認証要素は、トークンのユーザとリソースバリデーションサービスとの間で共有されるシークレットを含む請求項1記載のシステム。
- プロセッサと、
プロセッサに結合されているメモリとを具備し、
プロセッサおよびメモリは、ワンタイムパスワードバリデーションサーバのネットワークアドレスとトークン識別子とを記憶するように構成および配置され、
ワンタイムパスワードバリデーションサーバは、トークン識別子に対応しているトークンによって発生されるワンタイムパスワードの妥当性確認をするように構成および配置されているトークンルックアップサーバ。 - プロセッサおよびメモリは、
トークンのワンタイムパスワードバリデーションサーバのネットワークアドレスに対する要求であって、トークンに対応しているトークン識別子を含む要求を受け取り、
受け取ったトークン識別子に対応するネットワークアドレスを決定し、
要求に応答して、決定されたネットワークアドレスを送るようにさらに構成および適合されている請求項4記載のトークンルックアップサーバ。 - 認証する方法において、
トークンルックアップサービスにおいて、ワンタイムパスワードバリデーションサーバのネットワークアドレスに対する要求であって、トークン識別子を含む要求を受け取ることと、
ワンタイムパスワードバリデーションサーバと受け取ったトークン識別子とに対応しているネットワークアドレスを決定することと、
要求に応答して、ネットワークアドレスを送ることとを含む方法。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US67821405P | 2005-05-06 | 2005-05-06 | |
US60/678,214 | 2005-05-06 | ||
PCT/US2006/017404 WO2006121854A2 (en) | 2005-05-06 | 2006-05-05 | Token sharing system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2008541242A true JP2008541242A (ja) | 2008-11-20 |
JP5207965B2 JP5207965B2 (ja) | 2013-06-12 |
Family
ID=37397124
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2008510256A Active JP5207965B2 (ja) | 2005-05-06 | 2006-05-05 | トークン共有システムおよび方法 |
Country Status (8)
Country | Link |
---|---|
US (1) | US9185108B2 (ja) |
EP (1) | EP1883782B1 (ja) |
JP (1) | JP5207965B2 (ja) |
KR (1) | KR101281217B1 (ja) |
CN (1) | CN101218559A (ja) |
AU (1) | AU2006244447B2 (ja) |
CA (1) | CA2607562C (ja) |
WO (1) | WO2006121854A2 (ja) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4892008B2 (ja) * | 2007-02-07 | 2012-03-07 | 日本電信電話株式会社 | 証明書認証方法、証明書発行装置及び認証装置 |
JP2012203781A (ja) * | 2011-03-28 | 2012-10-22 | Nippon Telegraph & Telephone West Corp | 認証システム、認証連携装置、認証方法 |
JP2014026476A (ja) * | 2012-07-27 | 2014-02-06 | Dainippon Printing Co Ltd | 回収収容体およびそれを用いた認証システム |
JP2015518228A (ja) * | 2012-06-11 | 2015-06-25 | シマンテック コーポレーションSymantec Corporation | 多要素認証を実施するためのシステム及び方法 |
Families Citing this family (75)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101048898B (zh) * | 2004-10-29 | 2012-02-01 | 麦德托尼克公司 | 锂离子电池及医疗装置 |
WO2006121854A2 (en) | 2005-05-06 | 2006-11-16 | Verisign, Inc. | Token sharing system and method |
EP1833219B1 (en) * | 2006-03-08 | 2014-10-08 | Monitise Limited | Methods, apparatus and software for using a token to calculate time-limited password within cellular telephone |
WO2007119667A1 (en) * | 2006-03-29 | 2007-10-25 | Casio Computer Co., Ltd. | Identification information output device |
US9769158B2 (en) * | 2006-06-07 | 2017-09-19 | Red Hat, Inc. | Guided enrollment and login for token users |
US20090077118A1 (en) * | 2007-03-16 | 2009-03-19 | Novell, Inc. | Information card federation point tracking and management |
US20090077655A1 (en) * | 2007-09-19 | 2009-03-19 | Novell, Inc. | Processing html extensions to enable support of information cards by a relying party |
US20090204622A1 (en) * | 2008-02-11 | 2009-08-13 | Novell, Inc. | Visual and non-visual cues for conveying state of information cards, electronic wallets, and keyrings |
US20090178112A1 (en) * | 2007-03-16 | 2009-07-09 | Novell, Inc. | Level of service descriptors |
US8151324B2 (en) | 2007-03-16 | 2012-04-03 | Lloyd Leon Burch | Remotable information cards |
US20090228885A1 (en) * | 2008-03-07 | 2009-09-10 | Novell, Inc. | System and method for using workflows with information cards |
US20090077627A1 (en) * | 2007-03-16 | 2009-03-19 | Novell, Inc. | Information card federation point tracking and management |
US20090249430A1 (en) * | 2008-03-25 | 2009-10-01 | Novell, Inc. | Claim category handling |
US8087060B2 (en) | 2007-03-16 | 2011-12-27 | James Mark Norman | Chaining information card selectors |
US8954745B2 (en) | 2007-04-03 | 2015-02-10 | Alcatel Lucent | Method and apparatus for generating one-time passwords |
JP4663676B2 (ja) * | 2007-04-20 | 2011-04-06 | さくら情報システム株式会社 | ワンタイムパスワード装置およびシステム |
US20090031407A1 (en) * | 2007-07-24 | 2009-01-29 | Shaobo Kuang | Method and system for security check or verification |
US8839383B2 (en) * | 2007-08-20 | 2014-09-16 | Goldman, Sachs & Co. | Authentification broker for the securities industry |
US20090183246A1 (en) * | 2008-01-15 | 2009-07-16 | Authlogic Inc. | Universal multi-factor authentication |
US20090199284A1 (en) * | 2008-02-06 | 2009-08-06 | Novell, Inc. | Methods for setting and changing the user credential in information cards |
US8117648B2 (en) * | 2008-02-08 | 2012-02-14 | Intersections, Inc. | Secure information storage and delivery system and method |
US20090205035A1 (en) * | 2008-02-11 | 2009-08-13 | Novell, Inc. | Info card selector reception of identity provider based data pertaining to info cards |
US20090217368A1 (en) * | 2008-02-27 | 2009-08-27 | Novell, Inc. | System and method for secure account reset utilizing information cards |
US8079069B2 (en) * | 2008-03-24 | 2011-12-13 | Oracle International Corporation | Cardspace history validator |
US20090272797A1 (en) * | 2008-04-30 | 2009-11-05 | Novell, Inc. A Delaware Corporation | Dynamic information card rendering |
US20100011409A1 (en) * | 2008-07-09 | 2010-01-14 | Novell, Inc. | Non-interactive information card token generation |
US8438622B2 (en) * | 2008-07-10 | 2013-05-07 | Honesty Online, Llc | Methods and apparatus for authorizing access to data |
US20100031328A1 (en) * | 2008-07-31 | 2010-02-04 | Novell, Inc. | Site-specific credential generation using information cards |
US8032932B2 (en) | 2008-08-22 | 2011-10-04 | Citibank, N.A. | Systems and methods for providing security token authentication |
US8561172B2 (en) * | 2008-08-29 | 2013-10-15 | Novell Intellectual Property Holdings, Inc. | System and method for virtual information cards |
US20100083000A1 (en) * | 2008-09-16 | 2010-04-01 | Validity Sensors, Inc. | Fingerprint Sensor Device and System with Verification Token and Methods of Using |
US20100095372A1 (en) * | 2008-10-09 | 2010-04-15 | Novell, Inc. | Trusted relying party proxy for information card tokens |
US8083135B2 (en) * | 2009-01-12 | 2011-12-27 | Novell, Inc. | Information card overlay |
US8632003B2 (en) * | 2009-01-27 | 2014-01-21 | Novell, Inc. | Multiple persona information cards |
US20100251353A1 (en) * | 2009-03-25 | 2010-09-30 | Novell, Inc. | User-authorized information card delegation |
WO2010117329A1 (en) * | 2009-04-09 | 2010-10-14 | Nordic Edge Ab | Method and system for generating one-time passwords |
US9088414B2 (en) * | 2009-06-01 | 2015-07-21 | Microsoft Technology Licensing, Llc | Asynchronous identity establishment through a web-based application |
US8904519B2 (en) * | 2009-06-18 | 2014-12-02 | Verisign, Inc. | Shared registration system multi-factor authentication |
US20110083170A1 (en) * | 2009-10-06 | 2011-04-07 | Validity Sensors, Inc. | User Enrollment via Biometric Device |
US9021601B2 (en) | 2009-10-23 | 2015-04-28 | Vasco Data Security, Inc. | Strong authentication token usable with a plurality of independent application providers |
US8850196B2 (en) | 2010-03-29 | 2014-09-30 | Motorola Solutions, Inc. | Methods for authentication using near-field |
GB201016084D0 (en) * | 2010-09-24 | 2010-11-10 | Pixelmags Inc | Authorization method |
US8590030B1 (en) * | 2011-04-14 | 2013-11-19 | Symantec Corporation | Credential seed provisioning system |
US9818111B2 (en) | 2011-04-15 | 2017-11-14 | Shift4 Corporation | Merchant-based token sharing |
US8688589B2 (en) | 2011-04-15 | 2014-04-01 | Shift4 Corporation | Method and system for utilizing authorization factor pools |
US9256874B2 (en) | 2011-04-15 | 2016-02-09 | Shift4 Corporation | Method and system for enabling merchants to share tokens |
WO2013062393A1 (ko) * | 2011-10-28 | 2013-05-02 | 삼성전자 주식회사 | 이동 통신 시스템 에서 단일 사용자 승인을 지원하는 관리 방법 및 장치 |
KR101615572B1 (ko) | 2011-12-27 | 2016-04-26 | 인텔 코포레이션 | 장치-특정 일회용 패스워드를 통한 네트워크 인증 |
JP5968077B2 (ja) * | 2012-05-22 | 2016-08-10 | キヤノン株式会社 | 情報処理装置、その制御方法、プログラム、及び画像処理装置 |
US20130347075A1 (en) * | 2012-06-22 | 2013-12-26 | Tyfone, Inc. | Method and apparatus for secure consolidation of cloud services |
US9589399B2 (en) | 2012-07-02 | 2017-03-07 | Synaptics Incorporated | Credential quality assessment engine systems and methods |
US10540515B2 (en) | 2012-11-09 | 2020-01-21 | autoGraph, Inc. | Consumer and brand owner data management tools and consumer privacy tools |
US8955081B2 (en) * | 2012-12-27 | 2015-02-10 | Motorola Solutions, Inc. | Method and apparatus for single sign-on collaboraton among mobile devices |
US8782766B1 (en) * | 2012-12-27 | 2014-07-15 | Motorola Solutions, Inc. | Method and apparatus for single sign-on collaboration among mobile devices |
US8806205B2 (en) | 2012-12-27 | 2014-08-12 | Motorola Solutions, Inc. | Apparatus for and method of multi-factor authentication among collaborating communication devices |
CN103647645B (zh) * | 2013-11-05 | 2017-04-05 | 北京宏基恒信科技有限责任公司 | 多认证服务器的动态口令认证方法、系统和装置 |
WO2016109440A1 (en) * | 2014-12-31 | 2016-07-07 | Wrafl, Inc. | Secure computing for virtual environment and interactive experiences |
CN105847220A (zh) * | 2015-01-14 | 2016-08-10 | 北京神州泰岳软件股份有限公司 | 一种认证方法、系统和服务平台 |
US11456876B2 (en) * | 2015-03-26 | 2022-09-27 | Assa Abloy Ab | Virtual credentials and licenses |
US10305891B2 (en) * | 2016-05-12 | 2019-05-28 | Bank Of America Corporation | Preventing unauthorized access to secured information systems using multi-device authentication techniques |
US10091194B2 (en) | 2016-05-12 | 2018-10-02 | Bank Of America Corporation | Preventing unauthorized access to secured information systems using multi-device authentication techniques |
US10212152B2 (en) * | 2016-05-19 | 2019-02-19 | Sugarcrm Inc. | Advanced application security utilizing an application key |
CN109155030B (zh) * | 2016-06-01 | 2022-07-12 | 万事达卡国际公司 | 用于便利网络交易的系统和方法 |
EP3465525A4 (en) * | 2016-06-02 | 2020-04-01 | AutoGraph, Inc. | INSTRUMENTS FOR MANAGING CONSUMER AND BRAND OWNERS 'DATA AND PRIVACY INSTRUMENTS FOR CONSUMERS |
US10607001B2 (en) * | 2016-06-29 | 2020-03-31 | Hancom Inc. | Web-based electronic document service apparatus capable of authenticating document editing and operating method thereof |
US20180047018A1 (en) * | 2016-08-15 | 2018-02-15 | Capital One Services, Llc | Browser extension for field detection and automatic population and submission |
US10498724B2 (en) * | 2016-12-22 | 2019-12-03 | Fujitsu Limited | Digital community system |
US10554641B2 (en) | 2017-02-27 | 2020-02-04 | International Business Machines Corporation | Second factor authorization via a hardware token device |
US10003464B1 (en) * | 2017-06-07 | 2018-06-19 | Cerebral, Incorporated | Biometric identification system and associated methods |
JP6647258B2 (ja) | 2017-09-11 | 2020-02-14 | Capy株式会社 | ユーザ認証方法、評価装置、プログラム、及びユーザ認証システム |
US11405375B2 (en) * | 2018-09-27 | 2022-08-02 | Lenovo (Singapore) Pte. Ltd. | Device and method for receiving a temporary credit token |
WO2020101787A1 (en) * | 2018-11-15 | 2020-05-22 | Visa International Service Association | Collaborative risk aware authentication |
US11469894B2 (en) | 2019-05-20 | 2022-10-11 | Citrix Systems, Inc. | Computing system and methods providing session access based upon authentication token with different authentication credentials |
JP7395938B2 (ja) * | 2019-10-09 | 2023-12-12 | 富士フイルムビジネスイノベーション株式会社 | 情報処理装置、情報処理システム及びプログラム |
US20230137767A1 (en) * | 2021-10-28 | 2023-05-04 | Google Llc | Using co-located secondary devices to protect against cookie theft |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001069138A (ja) * | 1999-08-27 | 2001-03-16 | Inst Of Systems Information Technologies Kyushu | 共有鍵暗号型のicカードによるインターネット上のユーザー認証方式 |
US20030046551A1 (en) * | 2001-08-24 | 2003-03-06 | Sean Brennan | System and method for accomplishing two-factor user authentication using the internet |
JP2004524605A (ja) * | 2000-12-14 | 2004-08-12 | クィジッド テクノロジーズ リミテッド | 認証システム |
JP2004342088A (ja) * | 2003-04-21 | 2004-12-02 | Sony Corp | 端末機器認証システム、端末機器、第1の振り分けサーバ、振り分けシステム、サービスサーバ、第2の振り分けサーバ、端末機器方法、第1の振り分け方法、振り分け方法、サービス提供方法、サービスサーバ方法、第1の振り分け方法、第2の振り分け方法、端末機器プログラム、第1の振り分けプログラム、振り分けプログラム、サービスサーバプログラム、第2の振り分けプログラム、及び記憶媒体 |
US20050033703A1 (en) * | 2002-09-09 | 2005-02-10 | John Holdsworth | Systems and methods for enrolling a token in an online authentication program |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5544322A (en) * | 1994-05-09 | 1996-08-06 | International Business Machines Corporation | System and method for policy-based inter-realm authentication within a distributed processing system |
US5943423A (en) | 1995-12-15 | 1999-08-24 | Entegrity Solutions Corporation | Smart token system for secure electronic transactions and identification |
US5930804A (en) * | 1997-06-09 | 1999-07-27 | Philips Electronics North America Corporation | Web-based biometric authentication system and method |
US6263446B1 (en) | 1997-12-23 | 2001-07-17 | Arcot Systems, Inc. | Method and apparatus for secure distribution of authentication credentials to roaming users |
US6510236B1 (en) * | 1998-12-11 | 2003-01-21 | International Business Machines Corporation | Authentication framework for managing authentication requests from multiple authentication devices |
FI19992343A (fi) * | 1999-10-29 | 2001-04-30 | Nokia Mobile Phones Ltd | Menetelmä ja järjestely käyttäjän luotettavaksi tunnistamiseksi tietokonejärjestelmässä |
ATE311063T1 (de) | 2000-02-08 | 2005-12-15 | Swisscom Mobile Ag | Vereinter einloggungsprozess |
AU2002345935A1 (en) * | 2001-06-26 | 2003-03-03 | Enterprises Solutions, Inc. | Transaction verification system and method |
US7085840B2 (en) * | 2001-10-29 | 2006-08-01 | Sun Microsystems, Inc. | Enhanced quality of identification in a data communications network |
US6781920B2 (en) * | 2001-12-05 | 2004-08-24 | International Business Machines Corporation | Method for resolving meeting conflicts within an electronic calendar application |
US7996888B2 (en) | 2002-01-11 | 2011-08-09 | Nokia Corporation | Virtual identity apparatus and method for using same |
US7349949B1 (en) * | 2002-12-26 | 2008-03-25 | International Business Machines Corporation | System and method for facilitating development of a customizable portlet |
US7359982B1 (en) * | 2002-12-26 | 2008-04-15 | International Business Machines Corporation | System and method for facilitating access to content information |
US7370195B2 (en) * | 2003-09-22 | 2008-05-06 | Microsoft Corporation | Moving principals across security boundaries without service interruption |
US7762470B2 (en) | 2003-11-17 | 2010-07-27 | Dpd Patent Trust Ltd. | RFID token with multiple interface controller |
WO2006121854A2 (en) | 2005-05-06 | 2006-11-16 | Verisign, Inc. | Token sharing system and method |
-
2006
- 2006-05-05 WO PCT/US2006/017404 patent/WO2006121854A2/en active Application Filing
- 2006-05-05 EP EP06759151.1A patent/EP1883782B1/en active Active
- 2006-05-05 CA CA2607562A patent/CA2607562C/en not_active Expired - Fee Related
- 2006-05-05 US US11/418,227 patent/US9185108B2/en not_active Expired - Fee Related
- 2006-05-05 CN CNA2006800246984A patent/CN101218559A/zh active Pending
- 2006-05-05 KR KR1020077028558A patent/KR101281217B1/ko active IP Right Grant
- 2006-05-05 AU AU2006244447A patent/AU2006244447B2/en not_active Ceased
- 2006-05-05 JP JP2008510256A patent/JP5207965B2/ja active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001069138A (ja) * | 1999-08-27 | 2001-03-16 | Inst Of Systems Information Technologies Kyushu | 共有鍵暗号型のicカードによるインターネット上のユーザー認証方式 |
JP2004524605A (ja) * | 2000-12-14 | 2004-08-12 | クィジッド テクノロジーズ リミテッド | 認証システム |
US20030046551A1 (en) * | 2001-08-24 | 2003-03-06 | Sean Brennan | System and method for accomplishing two-factor user authentication using the internet |
US20050033703A1 (en) * | 2002-09-09 | 2005-02-10 | John Holdsworth | Systems and methods for enrolling a token in an online authentication program |
JP2004342088A (ja) * | 2003-04-21 | 2004-12-02 | Sony Corp | 端末機器認証システム、端末機器、第1の振り分けサーバ、振り分けシステム、サービスサーバ、第2の振り分けサーバ、端末機器方法、第1の振り分け方法、振り分け方法、サービス提供方法、サービスサーバ方法、第1の振り分け方法、第2の振り分け方法、端末機器プログラム、第1の振り分けプログラム、振り分けプログラム、サービスサーバプログラム、第2の振り分けプログラム、及び記憶媒体 |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4892008B2 (ja) * | 2007-02-07 | 2012-03-07 | 日本電信電話株式会社 | 証明書認証方法、証明書発行装置及び認証装置 |
US8775796B2 (en) | 2007-02-07 | 2014-07-08 | Nippon Telegraph And Telephone Corporation | Certificate authenticating method, certificate issuing device, and authentication device |
JP2012203781A (ja) * | 2011-03-28 | 2012-10-22 | Nippon Telegraph & Telephone West Corp | 認証システム、認証連携装置、認証方法 |
JP2015518228A (ja) * | 2012-06-11 | 2015-06-25 | シマンテック コーポレーションSymantec Corporation | 多要素認証を実施するためのシステム及び方法 |
JP2014026476A (ja) * | 2012-07-27 | 2014-02-06 | Dainippon Printing Co Ltd | 回収収容体およびそれを用いた認証システム |
Also Published As
Publication number | Publication date |
---|---|
EP1883782A2 (en) | 2008-02-06 |
US9185108B2 (en) | 2015-11-10 |
EP1883782A4 (en) | 2013-01-23 |
KR101281217B1 (ko) | 2013-07-02 |
CA2607562A1 (en) | 2006-11-16 |
JP5207965B2 (ja) | 2013-06-12 |
WO2006121854A3 (en) | 2008-01-17 |
CN101218559A (zh) | 2008-07-09 |
AU2006244447A1 (en) | 2006-11-16 |
KR20080012946A (ko) | 2008-02-12 |
EP1883782B1 (en) | 2014-10-15 |
AU2006244447B2 (en) | 2011-08-18 |
CA2607562C (en) | 2016-07-12 |
WO2006121854A2 (en) | 2006-11-16 |
US20070016943A1 (en) | 2007-01-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5207965B2 (ja) | トークン共有システムおよび方法 | |
Lux et al. | Distributed-ledger-based authentication with decentralized identifiers and verifiable credentials | |
US7591008B2 (en) | Client authentication using multiple user certificates | |
US20070150942A1 (en) | Centralized identity verification and/or password validation | |
US10250589B2 (en) | System and method for protecting access to authentication systems | |
KR20040049272A (ko) | 네트워크 위치의 하위 위치에 대한 사용자의 인증을 위한방법 및 시스템 | |
Gupta et al. | An identity based access control and mutual authentication framework for distributed cloud computing services in IoT environment using smart cards | |
US20080256617A1 (en) | Centralized Identity Verification and/or Password Validation | |
Chalaemwongwan et al. | A practical national digital ID framework on blockchain (NIDBC) | |
US7428637B1 (en) | Dynamic authentication and initialization method | |
Casey et al. | An interoperable architecture for usable password-less authentication | |
US20150143129A1 (en) | Secure mobile identity | |
Kizza | Authentication | |
Binu et al. | A mobile based remote user authentication scheme without verifier table for cloud based services | |
Shaikh et al. | Identity management in cloud computing | |
Pavlovski et al. | Unified framework for multifactor authentication | |
Halpin et al. | Federated identity as capabilities | |
Abhishek et al. | A comprehensive study on two-factor authentication with one time passwords | |
EP2530618B1 (en) | Sign-On system with distributed access | |
Pravinbhai | Implementation of multi-tier authentication technique for single-sign on access of cloud services | |
Solworth et al. | sayI: Trusted user authentication at Internet scale | |
Gupta et al. | Prompt and Secure Data Storage and Recovery System | |
KR101066729B1 (ko) | 네트워크 위치의 하위 위치에 대한 사용자의 인증을 위한 방법 및 시스템 | |
Singh | A secure and reliable authentication mechanism for users of microsoft cardspace framework | |
Olmsted | Secure autonomous process communication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20090428 |
|
RD03 | Notification of appointment of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7423 Effective date: 20090904 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20090904 |
|
RD04 | Notification of resignation of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7424 Effective date: 20091104 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20111207 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20120104 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20120404 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20120411 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20120426 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20120821 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20121221 |
|
A911 | Transfer to examiner for re-examination before appeal (zenchi) |
Free format text: JAPANESE INTERMEDIATE CODE: A911 Effective date: 20130107 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20130122 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20130219 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20160301 Year of fee payment: 3 |
|
R150 | Certificate of patent or registration of utility model |
Free format text: JAPANESE INTERMEDIATE CODE: R150 Ref document number: 5207965 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |