JP2012128726A - Network authentication system, network authentication method and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To appropriately execute a network authentication without depending on a communication protocol and further, even in the case where a communication that does not utilize a browser is required.SOLUTION: A user terminal transmits an authentication request to an authentication server. In response to the received authentication request, the authentication server performs an authentication, after the completion of authentication processing, utilizes a sanitizable signature to create a file for identifying a user such as user information or a user access history and an authentication file and transmits the created files to the user terminal. The user terminal stores the received files, selects a service that the user desires to utilize, processes the authentication file, and transmits an authentication request to a service providing server together with the authentication file. The service providing server verifies the authentication file, acquires ID information in the authentication file and, after the completion of verification processing and ID information acquisition, provides information.

Description

  The present invention relates to a network authentication system, a network authentication method, and a program that do not depend on a communication protocol by utilizing a technique for identifying a user, such as user information and a user access history.

  As an authentication method for using services on the Internet, when using a browser, there is a method using an authentication cookie (see, for example, Non-Patent Document 1). In a client server system in which a user terminal is a client and a server on the service provider side is a server, when the server authenticates the user by some method (for example, ID / password), the user status called an authentication cookie is displayed. The file shown is created on the client side, and subsequent authentication is performed by using the file. However, the continuation of the authentication state using the cookie is assumed to be used by the browser.

  On the other hand, in recent years, opportunities for receiving services via portable terminals are increasing not only indoors but also outdoors due to the miniaturization of terminals and the ubiquitous network. For this reason, it is assumed that the service is used when the service is transferred from one terminal to another terminal, or the service is provided such that different services cooperate to provide the service.

  In order to provide a security function in such service use, cooperation between the terminal side and the network side is required, and construction of a platform technology for that purpose is required. In the communication between the terminal and the network side on such a platform, there is a possibility that the browser is not used, so there is a possibility that the authentication by the previous cookie cannot be used as it is.

  In addition, as one example of use of this platform technology, there is a single sign-on technology that reduces the authentication effort on the service provider side. FIG. 6 shows an outline of single sign-on when this browser redirection is used.

  As shown in FIG. 6, this system includes a user terminal 1, an authentication server 2, and a service providing server 3, and the processing is as follows. First, the user terminal 1 transmits a service use request to the service providing server 3. Specifically, the top screen of the service site is accessed on the user terminal 1 ((1) in the figure).

  The service providing server 3 leads to the site of the authentication server 2 by redirection ((2) in the figure). As a result, an authentication screen is displayed on the user terminal 1 ((3) in the figure). The user inputs necessary information such as ID and password as information for authentication on the authentication screen ((4) in the figure).

  When the authentication by the authentication server 2 is completed, an authentication cookie is transmitted from the authentication server 2, and the user terminal 1 stores it ((5) in the figure). Next, the user is guided to the service providing server 3 by redirection, and the authentication status of the user is notified from the authentication server 2 to the service providing server 3 ((6) in the figure). The service providing server 3 notified of the user authentication status provides a service to the user terminal 1 and stores a service providing cookie ((7) in the figure). In this way, single scion is realized on the assumption that the browser is used, and a cookie for authentication is held in the user terminal 1 in the process.

RFC 2965 HTTP State Management Mechanism. Oct, 2000.

  However, as described above, user authentication using cookies in service use on the Internet is premised on use in a browser, so that it is difficult to use the technology in a browser-independent communication method There is. Further, in the platform technology for the terminal, it is assumed that communication between the terminal and the network side requires communication without using a browser. However, the conventional technology cannot cope with such communication. There is.

  Accordingly, the present invention has been made in view of the above-described problems, and is a network authentication system and network that can appropriately perform network authentication even when communication that does not depend on a communication protocol and that does not use a browser is required. An object is to provide an authentication method and program.

  The present invention proposes the following matters in order to solve the above problems. In addition, in order to make an understanding easy, although the code | symbol corresponding to embodiment of this invention is attached | subjected and demonstrated, it is not limited to this.

  (1) The present invention is a network authentication system comprising a user terminal, an authentication server, and a non-browser-based service providing server, wherein the user terminal provides service from the service providing server from the authentication server. User authentication is performed, and the user terminal includes first transmission means (for example, corresponding to the authentication request transmission unit 11 in FIG. 2) that transmits an authentication request to the authentication server, and the authentication server receives the received authentication. Authentication processing means (for example, corresponding to the authentication processing unit 22 in FIG. 3) that authenticates the request, and a user such as user information and user access history using a sanitized signature after the completion of the authentication processing Authentication file creation means (for example, equivalent to the authentication file creation unit 23 in FIG. 3) for creating a file for identifying and an authentication file; Second transmission means for transmitting the formed file to the user terminal, and the user terminal stores the received file (for example, equivalent to the file storage unit 13 in FIG. 2) and use A selection means (for example, corresponding to the service selection unit 14 in FIG. 2) for selecting a service to be performed, and an authentication file processing unit (for example, equivalent to the authentication file processing unit 15 in FIG. 2) for processing the authentication file; And a third transmitting means (for example, corresponding to the authentication file transmitting unit 16 in FIG. 2) for transmitting an authentication request together with the authentication file to the service providing server. Authentication means for verifying the authentication file (e.g., equivalent to the authentication file verification unit 32 of FIG. 4), and ID for acquiring ID information in the authentication file Information acquisition means (for example, equivalent to the ID information acquisition section 33 in FIG. 4) and information provision means for providing information after the verification process and ID information acquisition are completed (for example, in the information provision section 34 in FIG. 4). A network authentication system characterized by comprising

  According to the present invention, the user terminal is user-authenticated from the authentication server regarding the provision of the service from the service providing server, and the first transmission means of the user terminal transmits an authentication request to the authentication server. The authentication processing unit of the authentication server performs authentication for the received authentication request. The authentication file creation means uses a sanitized signature after the completion of the authentication process, and creates a file for identifying the user, such as user information and user access history, and an authentication file. The second transmission means transmits the created file to the user terminal. The storage means of the user terminal stores the received file. The authentication file processing means processes the authentication file. The selection means selects a service to be used. The third transmission unit transmits an authentication request together with the authentication file to the service providing server. The authentication means of the service providing server verifies the authentication file. The ID information acquisition unit acquires ID information in the authentication file. The information providing means provides information after the verification process and the acquisition of ID information are completed. Therefore, a non-browser-dependent protocol can be used even for single sign-on using browser redirection. Further, the ID information submitted to the service provider can be controlled on the client side, and the privacy of the user can be protected. At this time, ID information that does not need to be sent to the service is removed, but the validity of the authentication file is ensured by using a sanitized signature technique.

  (2) In the authentication system of (1), the present invention prepares all user ID information after the authentication file creation means of the authentication server completes user authentication, and Among them, description means (for example, equivalent to the description unit 151 in FIG. 5) for describing the i-th ID information as the info information, and the same number of random numbers as the ID information are generated, and the i-th random number is set to rand_i. Means (for example, equivalent to the random number generation unit 152 in FIG. 5) and bit sum calculation means for calculating the bit sum (info_i || rand_i) of the info_i and the land_i (for example, equivalent to the bit sum calculation unit 153 in FIG. 5) ) And a one-way hash function h (), the hash value of the bit sum is calculated, and the i-th data is represented by hdata_i = h (info_i || r and hash value calculation means (for example, the hash of FIG. 5), and creates a bit sum of all the hdata and sets the hash value as hdata_all = h (hdata_0 || hdata_1 || ... data | ndata_n) A signature calculation unit (equivalent to the signature generation unit 155 of FIG. 5), which generates a signature for the hdata_all using its own secret key and uses the signature data as sign_all. And a network authentication system that generates an authentication file (F_auth) from the info_i, rand_i, and sign_all.

  According to the present invention, the description means prepares all user ID information after completing the user authentication, and describes the i-th ID information among these ID information as info_i. The random number generation means generates as many random numbers as the ID information, and sets the i-th random number as rand_i. The hash value computing means computes a hash value of the bit sum using a bit sum computing means for computing a bit sum (info_i || rand_i) of info_i and rand_i and a one-way hash function h (). , The i-th data is set to hdata_i = h (info_i || rand_i), a bit sum of all the hdata is created, and the hash value thereof is hdata_all = h (hdata_0 || hdata_1 || ... || data ) The signature generation means generates a signature for hdata_all using its own private key, and sets this signature data as sign_all. Then, an authentication file (F_auth) is generated from info_i, rand_i, and sign_all. Therefore, by using the sanitized signature technique, the ID information provided to the service can be dynamically changed on the user side.

  (3) In the authentication system of (2), the present invention provides the authentication file processing unit of the user terminal to a service to be used among ID information of the authentication file acquired from the authentication server. Only the data i = n (n = k_1, k_2, k_3...) Is selected and the authentication file is processed, and the third transmission means performs info_i, rand_i (i = n) for the service desired to be used. ), Hdata_i (iεn), hdata_all, sign_all are sent as the authentication file.

  According to the present invention, the authentication file processing means of the user terminal includes the data i = n (n = k_1, k_2, k_3) provided to the service to be used among the ID information of the authentication file acquired from the authentication server. ..) Are selected and the authentication file is processed, and the third transmission means performs info_i, rand_i (i = n), hdata_i (iεn), hda_all, sign_all for the service to be used. Is sent as an authentication file. Therefore, even for browser-independent services, the ID information provided to the service is dynamically changed on the client side by performing processing that selects only necessary information from the authentication file generated by the authentication server. Is possible.

  (4) In the authentication system according to (2), the authentication unit of the service providing server generates hda_i (i = n) from info_i and rand_i (i = n) sent from the user terminal. Further, the signature verification processing is performed by using reconstructing means for generating hdata_all together with hdata_i (i∈n) (for example, equivalent to the reconstructing unit 221 in FIG. 6) and sign_all using the public key of the authentication server. The network authentication system is characterized by comprising signature verification processing means (for example, corresponding to the signature verification processing unit 222 in FIG. 6).

  According to the present invention, the reconstruction unit generates hdata_i (i = n) from info_i and rand_i (i = n) sent from the user terminal, and hdata_all together with hdata_i (i∈n). Is generated. The signature verification processing means performs a signature verification process on sign_all using the public key of the authentication server. Therefore, since the signature of the authentication server can be verified, authentication can be completed at high speed.

  (5) In the network authentication system according to (1), the user terminal is user-authenticated by single sign-on from the authentication server with respect to providing a service from the service providing server. A network authentication system is proposed.

  According to this invention, the user terminal is user-authenticated by single sign-on from the authentication server regarding the provision of the service from the service providing server. Therefore, a non-browser-dependent protocol can be used even for single sign-on using browser redirection.

  (6) The network authentication system according to (1) proposes a network authentication system in which the file for identifying the user is a cookie file.

  According to the present invention, the file for identifying the user is a cookie file. Therefore, user authentication based on single sign-on using browser redirection can be used between the user terminal and the service providing server. For authentication with the authentication server, a separate authentication file is used, and a browser-independent protocol is used. It can be used.

  (7) The present invention proposes a network authentication system characterized in that a secure communication path is formed between the user terminal and the authentication server in the network authentication system of (1). .

  According to the present invention, a safe communication path is formed between the user terminal and the authentication server. Therefore, it is possible to prevent leakage of an authentication file exchanged between the user terminal and the authentication server, thereby protecting the privacy of the user.

  (8) The present invention is a network authentication method in a network authentication system including a user terminal, an authentication server, and a non-browser-based service providing server, wherein the user terminal relates to provision of a service from the service providing server. User authentication is performed from the authentication server, and the user terminal transmits an authentication request to the authentication server (for example, corresponding to step S101 in FIG. 7), and the authentication request received by the authentication server. In response to the second step of authentication (for example, corresponding to step S102 in FIG. 7), the authentication server uses the sanitized signature after the completion of the authentication process, and the user information and user access history The third step of creating a file for identifying the user and the authentication file (for example, the step of FIG. And the authentication server transmits the created file to the user terminal (for example, equivalent to step S104 in FIG. 7), and the user terminal receives the file. A fifth step (for example, corresponding to step S105 in FIG. 7), a sixth step for the user terminal to select a service to be used (for example, corresponding to step S106 in FIG. 7), and the user The terminal processes the authentication file in a seventh step (for example, corresponding to step S107 in FIG. 7), and the user terminal transmits an authentication request together with the authentication file to the service providing server. And an eighth step (for example, corresponding to step S108 in FIG. 7), and the service providing server verifies the authentication file. The ninth step (for example, equivalent to step S109 in FIG. 7) and the tenth step for the service providing server to obtain ID information in the authentication file (for example, equivalent to step S110 in FIG. 7) And the service providing server includes an eleventh step (for example, corresponding to step S111 in FIG. 7) for providing information after the verification process and acquisition of the ID information are completed. A network authentication method is proposed.

  According to this invention, the user terminal is user-authenticated from the authentication server regarding the provision of the service from the service providing server, and the user terminal transmits an authentication request to the authentication server. The authentication server authenticates the received authentication request, and after completing the authentication process, uses a sanitized signature to identify a user information, a user access history file, etc. And send the created file to the user terminal. The user terminal stores the received file, selects a service to be used, processes the authentication file, and transmits an authentication request together with the authentication file to the service providing server. The service providing server performs verification of the authentication file, acquires ID information in the authentication file, and provides information after completing the verification process and acquisition of the ID information. Therefore, a non-browser-dependent protocol can be used even for single sign-on using browser redirection. Further, the ID information to be submitted to the service provider can be controlled on the client side by using the sanitized signature technique, and the privacy of the user can be protected.

  (9) In the network authentication method of (8), the present invention prepares all user ID information after the third step completes user authentication, and among these ID information, i A description step (for example, corresponding to step S201 in FIG. 8) that describes the ID information as info_i, and a random number generation step that generates the same number of random numbers as the ID information and uses the i-th random number as rand_i (for example, 8), a bit sum operation step (for example, corresponding to step S203 in FIG. 8) for calculating a bit sum (info_i || rand_i) of the info_i and the land_i, and a one-way hash function The hash value of the bit sum is calculated using h (), and the i-th data is represented by hdata_i = h (info_i || r and_i), and a hash value calculation step (for example, step of FIG. 8), which generates a bit sum of all the hdata and sets the hash value as hdata_all = h (hdata — 0 || hdata — 1 ||... | hdata_n) S204), a signature generation step (for example, corresponding to step S205 in FIG. 8), in which a signature is generated for the hda_all using its own secret key and the signature data is set to sign_all, and the info_i , Rand_i and sign_all, an authentication file generation step (for example, corresponding to step S206 in FIG. 8) for generating an authentication file (F_auth) is proposed.

  According to the present invention, in the third step, after the user authentication is completed, all the user ID information is prepared, and among these ID information, the i-th ID information is described as info_i, and the ID The same number of random numbers as the information is generated, and the i-th random number is set to rand_i. Next, a bit sum (info_i || rand_i) of info_i and rand_i is calculated, a hash value of the bit sum is calculated using a one-way hash function h (), and the i-th data is converted to hdata_i = H (info_i || rand_i), a bit sum of all the hdata is created, and the hash value thereof is hdata_all = h (hdata_0 || hdata_1 || ... | hdata_n). Further, a signature is generated with respect to data_all using its own secret key, and this signature data is set to sign_all, and an authentication file (F_auth) is generated from info_i, rand_i, and sign_all. Therefore, by using the sanitized signature technique, the ID information provided to the service can be dynamically changed on the user side.

  (10) In the network authentication method according to (8), the present invention provides the data i = n provided to the service to be used among the ID information of the authentication file acquired by the seventh step in the authentication server. (N = k_1, k_2, k_3...) Are selected and the authentication file is processed, and the eighth step determines info_i, rand_i (i = n), and hda_i for the service to be used. The present invention proposes a network authentication method comprising sending (iεn), hda_all, and sign_all as an authentication file.

  According to this invention, in the seventh step, data i = n (n = k_1, k_2, k_3...) Provided to the service to be used among the ID information of the authentication file acquired from the authentication server. In the eighth step, info_i, rand_i (i = n), hda_i (i∈n), hdata_all, sign_all are used as authentication files for the service to be used in the eighth step. Send it. Therefore, even for browser-independent services, the ID information provided to the service is dynamically changed on the client side by performing processing that selects only necessary information from the authentication file generated by the authentication server. Is possible.

  (11) In the present invention, in the network authentication method of (8), the eighth step generates hddata_i (i = n) from info_i, rand_i (i = n) sent from the user terminal. Furthermore, in addition to hdata_i (i∈n), a generation step for generating hdata_all (for example, equivalent to step S301 in FIG. 9), and signature verification for performing signature verification using sign_all using the public key of the authentication server A network authentication method characterized by comprising processing steps (for example, corresponding to step S302 in FIG. 9) is proposed.

  According to the present invention, the eighth step generates hdata_i (i = n) from info_i and rand_i (i = n) sent from the user terminal, and further combines with hdata_i (i∈n). , Hdata_all is generated, and signature_all is signed using the public key of the authentication server. Therefore, since the signature of the authentication server can be verified, authentication can be completed at high speed.

  (12) The present invention is a program for causing a computer to execute a network authentication method in a network authentication system including a user terminal, an authentication server, and a non-browser-based service providing server, wherein the user terminal provides the service provision Regarding the provision of services from a server, the user authentication is performed from the authentication server, and the user terminal transmits an authentication request to the authentication server (for example, corresponding to step S101 in FIG. 7); A second step in which the authentication server authenticates the received authentication request (for example, corresponding to step S102 in FIG. 7), and the authentication server uses a sanitized signature after the completion of the authentication process. , Files for identifying users such as user information and user access history, and authentication files A third step (for example, corresponding to step S103 in FIG. 7) and a fourth step for the authentication server to transmit the created file to the user terminal (for example, corresponding to step S104 in FIG. 7). ), A fifth step in which the user terminal stores the received file (for example, corresponding to step S105 in FIG. 7), and a sixth step in which the user terminal selects a service to be used (for example, 7) (corresponding to step S106 in FIG. 7), a seventh step in which the user terminal processes the authentication file (for example, corresponding to step S107 in FIG. 7), and the user terminal to the service providing server And an eighth step of transmitting an authentication request together with the authentication file (e.g., corresponding to step S108 in FIG. 7), and the server The service providing server performs a ninth step of verifying the authentication file (for example, corresponding to step S109 in FIG. 7), and the service providing server obtains ID information in the authentication file. Step (e.g., corresponding to step S110 in FIG. 7) and the service providing server, after completing the verification process and acquisition of ID information, an eleventh step (e.g., in step S111 in FIG. 7) And a program for causing a computer to execute the program.

  According to this invention, the user terminal is user-authenticated from the authentication server regarding the provision of the service from the service providing server, and the user terminal transmits an authentication request to the authentication server. The authentication server authenticates the received authentication request, and after completing the authentication process, uses a sanitized signature to identify a user information, a user access history file, etc. And send the created file to the user terminal. The user terminal stores the received file, selects a service to be used, processes the authentication file, and transmits an authentication request together with the authentication file to the service providing server. The service providing server performs verification of the authentication file, acquires ID information in the authentication file, and provides information after completing the verification process and acquisition of the ID information. Therefore, a non-browser-dependent protocol can be used even for single sign-on using browser redirection. Further, the ID information to be submitted to the service provider can be controlled on the client side by using the sanitized signature technique, and the privacy of the user can be protected.

  According to the present invention, it is possible to use a non-browser-dependent protocol even with single sign-on using browser redirection. Further, since the signature of the authentication server can be verified, there is an effect that the authentication can be completed at high speed. Furthermore, the ID information to be submitted to the service provider can be controlled on the client side by using the sanitized signature technique, and the privacy of the user can be protected.

It is a figure which shows the structure of the network authentication system which concerns on this embodiment. It is a figure which shows the structure of the user terminal which concerns on this embodiment. It is a figure which shows the structure of the authentication server which concerns on this embodiment. It is a figure which shows the structure of the service provision server which concerns on this embodiment. It is a figure which shows the detailed structure of the authentication file preparation part of the authentication server which concerns on this embodiment. It is a figure which shows the detailed structure of the authentication file verification part of the service provision server which concerns on this embodiment. It is a figure which shows the process of the network authentication system which concerns on this embodiment. It is a figure which shows the process of the authentication file preparation part of the authentication server which concerns on this embodiment. It is a figure which shows the process of the file verification part for authentication of the service provision server which concerns on this embodiment. It is a figure for demonstrating the structure and process of a system which performs single sign-on.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
Note that the constituent elements in the present embodiment can be appropriately replaced with existing constituent elements and the like, and various variations including combinations with other existing constituent elements are possible. Therefore, the description of the present embodiment does not limit the contents of the invention described in the claims.

  The network authentication system according to the present embodiment will be described with reference to FIGS.

<Configuration of network authentication system>
The configuration of the network authentication system according to the present embodiment will be described with reference to FIG.

  The network authentication system according to this embodiment includes a user terminal 1, an authentication server 2, and a service providing server 3. Here, user authentication is performed between the user terminal 1 and the service providing server 3 by single sign-on via the authentication server 2.

  In addition, the service providing server 3 that provides platform functions (not shown) manages sessions such as single sign-on and subsequent service use, and manages user information and service use status. In addition, although it is assumed that a browser is used for authentication between the authentication server 2 and the service providing server 3 and service use by a user, some browsers are not used depending on the service. In order to cope with this situation, the present embodiment proposes an authentication method using an authentication file. At this time, it is assumed that the selection of ID information provided to the service providing server 3 is different for each service from the viewpoint of privacy protection. For this reason, the ID information provided to the service providing server 3 can be dynamically selected on the client side by using a sanitary signature technique.

<Configuration of user terminal>
The configuration of the user terminal according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 2, the user terminal according to the present embodiment includes an authentication request transmission unit 11, a reception unit 12, a file storage unit 13, a service selection unit 14, an authentication file processing unit 15, and an authentication The file transmission unit 16 is configured.

  The authentication request transmission unit 11 transmits an authentication request by transmitting an ID, a password, and the like to the authentication server 2. The receiving unit 12 receives a file (for example, a cookie file) for identifying a user such as the created user information and the user access history and an authentication file after the authentication process in the authentication server 2 is completed.

  The file storage unit 13 stores a file (for example, a cookie file) for identifying a user, such as user information and user access history received by the receiving unit 12, and an authentication file. The service selection unit 14 selects a service to be used.

  The authentication file processing unit 15 selects and processes ID information provided to the service from the authentication file. The authentication file transmitting unit 16 transmits an authentication request to the service providing server 3 together with the processed authentication file.

<Configuration of authentication server>
The configuration of the authentication server according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 3, the authentication server according to the present embodiment includes an authentication request receiving unit 21, an authentication processing unit 22, an authentication file creating unit 23, and an authentication file transmitting unit 24.

  The authentication request receiving unit 21 receives an authentication request accompanied by an ID, a password, and the like from the user terminal 1. The authentication processing unit 22 performs user authentication based on the received ID, password, and the like. The authentication file creation unit 23 creates a file (for example, a cookie file) for identifying a user, such as user information and a user access history, and an authentication file after completion of the authentication process. In the authentication file, the user authentication state (authenticated), the expiration date, and ID information necessary for providing the service are described. In addition, ID information not to be sent is deleted from the original authentication file so that the information provided on the client side can be selected. Sex is guaranteed. The authentication file transmission unit 24 transmits the created file to the user terminal 1.

<Configuration of service providing server>
The configuration of the function providing server according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 4, the service providing server according to the present embodiment includes an authentication file receiving unit 31, an authentication file verifying unit 32, an ID information acquiring unit 33, and an information providing unit 34. .

  The authentication file receiving unit 31 receives an authentication file from the user terminal 1. The authentication file verification unit 32 verifies the authentication file. The ID information acquisition unit 33 acquires ID information in the authentication file. The information providing unit 34 provides information to the user terminal 1 after completing the verification process and obtaining the ID information.

<Detailed configuration of authentication file creation unit of authentication server>
The detailed configuration of the authentication file creation unit of the authentication server according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 5, the authentication file creation unit of the authentication server according to the present embodiment includes a description unit 151, a random number generation unit 152, a bit sum operation unit 153, a hash value operation unit 154, and a signature generation unit. 155 and an authentication file creation unit 156.

  The description part 151 prepares all the user ID information after completing the user authentication, and describes the i-th ID information among these ID information as info_i. The random number generation unit 152 generates the same number of random numbers as the ID information, and sets the i-th random number as rand_i. The bit sum calculation unit 153 calculates the bit sum (info_i || rand_i) of info_i and rand_i.

  The hash value calculation unit 154 calculates a hash value of a bit sum using a one-way hash function h (), and sets the i-th data to hdata_i = h (info_i || rand_i) and all A bit sum of hdata is created, and its hash value is set to hdata_all = h (hdata — 0 || data__1 ||... || hdata_n). The signature generation unit 155 generates a signature for hdata_all using its own secret key, and sets the signature data as sign_all. The authentication file creation unit 156 generates an authentication file (F_auth) from info_i, rand_i, and sign_all.

<Detailed configuration of the authentication file verification unit of the service providing server>
A detailed configuration of the authentication file verification unit of the service providing server according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 6, the authentication file verification unit of the service providing server according to the present embodiment includes a reconstruction unit 221 and a signature verification processing unit 222.

  The reconstruction unit 221 generates hdata_i (i = n) from info_i and rand_i (i = n) sent from the user terminal, and further generates hdata_all together with hdata_i (i∈n). The signature verification processing unit 222 performs signature verification processing on sign_all using the public key of the authentication server.

<Network authentication system processing>
Processing of the function providing server according to the present embodiment will be described using FIG.

  First, as a precondition, the user terminal 1 is user-authenticated from the authentication server 2 regarding the provision of the service from the service providing server 3. The user terminal 1 transmits an authentication request to the authentication server 2 (step S101). The authentication server 2 authenticates the received authentication request (step S102), and uses a sanitized signature after the completion of the authentication process to identify a user such as user information or user access history. And an authentication file are created (step S103), and the created file is transmitted to the user terminal 1 (step S104).

  The user terminal 1 stores the received file (step S105), selects a service to be used (step S106), processes the authentication file (step S107), and sends the authentication file to the service providing server 3. At the same time, an authentication request is transmitted (step S108). The service providing server 3 verifies the authentication file (step S109), acquires ID information in the authentication file (step S110), and provides information after the verification process and acquisition of the ID information are completed. (Step S111).

<Processing of authentication file creation unit of authentication server>
The processing of the authentication file creation unit of the authentication server according to the present embodiment will be described with reference to FIG.

  First, after completing the user authentication, all the ID information of the user is prepared, and among these ID information, the i-th ID information is described as info_i (step S201). A random number is generated, and the i-th random number is set to rand_i (step S202).

  Next, a bit sum (info_i || rand_i) of info_i and rand_i is calculated (step S203), a hash value of the bit sum is calculated using a one-way hash function h (), and the i-th data Hdata_i = h (info_i || rand_i), a bit sum of all the hdata is created, and the hash value is set as hdata_all = h (hdata_0 || hdata_1 || ... | hdata_n) (step S204).

  Further, a signature is generated for hdata_all using its own private key, and this signature data is set as sign_all (step S205), and an authentication file (F_auth) is generated from info_i, rand_i, and sign_all (step S206). .

<Processing of authentication file verification unit of service providing server>
The process of the authentication file verification unit of the service providing server according to the present embodiment will be described with reference to FIG.

  First, hdata_i (i = n) is generated from info_i and rand_i (i = n) sent from the user terminal, and hdata_all is generated together with hdata_i (i ≠ n) (step S301). Then, the signature verification process is performed on the sign_all using the public key of the authentication server (step S302).

  Therefore, according to the present embodiment, it is possible to use a non-browser-dependent protocol even with single sign-on using browser redirection. Further, since the signature of the authentication server can be verified, the authentication can be completed at high speed. Furthermore, the ID information submitted to the service provider can be controlled on the client side by using a sanitized signature technique, and the privacy of the user can be protected.

  The network authentication system of the present invention is recorded by recording the processing of the network authentication system on a computer-readable recording medium, and causing the user terminal, the authentication server, and the service providing server to read and execute the program recorded on the recording medium. Can be realized. The computer system here includes an OS and hardware such as peripheral devices.

  Further, the “computer system” includes a homepage providing environment (or display environment) if a WWW (World Wide Web) system is used. The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.

  The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

  The embodiments of the present invention have been described in detail with reference to the drawings. However, the specific configuration is not limited to the embodiments, and includes designs and the like that do not depart from the gist of the present invention.

DESCRIPTION OF SYMBOLS 1; User terminal 2; Authentication server 3; Service provision server 11; Authentication request transmission part 12; Reception part 13; File storage part 14; Service selection part 15; Authentication file processing part 16; Request receiving unit 22; Authentication processing unit 23; Authentication file creation unit 31; Authentication file reception unit 32; Authentication file verification unit 33; ID information acquisition unit 34; Information provision unit 151; Description unit 152; Random number generation unit 153 ; Bit sum operation unit 154; hash value operation unit 155; signature generation unit 156; authentication file generation unit 221; reconstruction unit 222; signature verification processing unit

Claims (12)

A network authentication system comprising a user terminal, an authentication server, and a non-browser-based service providing server,
The user terminal is user-authenticated from the authentication server for providing a service from the service providing server,
The user terminal is
First transmission means for transmitting an authentication request to the authentication server;
The authentication server is
An authentication processing means for authenticating the received authentication request;
An authentication file creation means for creating a file for identifying a user such as user information and a user access history and an authentication file by using a sanitized signature after the completion of the authentication processing;
Second transmission means for transmitting the created file to the user terminal;
With
The user terminal is
Storage means for storing the received file;
A selection means for selecting a service to be used;
An authentication file processing means for processing the authentication file;
A third transmission means for transmitting an authentication request to the service providing server together with the processed authentication file;
The service providing server is
Authentication means for verifying the authentication file;
ID information acquisition means for acquiring ID information in the authentication file;
Information providing means for providing information after the verification process and acquisition of ID information are completed;
A network authentication system characterized by comprising: The authentication file creation means of the authentication server comprises:
After completing the user authentication, all the user ID information is prepared, and the description means for describing the i-th ID information among these ID information as info_i,
Random number generation means for generating the same number of random numbers as the ID information and setting the i-th random number as rand_i;
Bit sum calculation means for calculating a bit sum (info_i || rand_i) of the info_i and the land_i;
The hash value of the bit sum is calculated using a one-way hash function h (), and the i-th data is set to hdata_i = h (info_i || rand_i) and a bit sum of all hdata is generated And a hash value calculation means whose hash value is hdata_all = h (hdata — 0 || hdata — 1 ||... | Hdata_n);
A signature generation unit that generates a signature for the hdata_all using its own private key and sets the signature data as sign_all;
With
2. The network authentication system according to claim 1, wherein an authentication file (F_auth) is generated from the info_i, rand_i, and sign_all. The authentication file processing means of the user terminal comprises:
Of the ID information of the authentication file acquired from the authentication server, only the data i = n (n = k_1, k_2, k_3...) Provided to the service to be used is selected and the authentication file is processed. The third sending means sends info_i, rand_i (i = n), hdata_i (iεn), hdata_all, sign_all as the authentication file to the service to be used. Item 3. The network authentication system according to Item 2. The authentication means of the service providing server includes:
Reconstructing means for generating hdata_i (i = n) from info_i, rand_i (i = n) sent from the user terminal, and further generating hdata_all together with hdata_i (i∈n);
signature verification processing means for performing signature verification processing using the public key of the authentication server for sign_all;
The network authentication system according to claim 2, further comprising:   The network authentication system according to claim 1, wherein the user terminal is user-authenticated by single sign-on from the authentication server for providing a service from the service providing server.   The network authentication system according to claim 1, wherein the file for identifying the user is a cookie file.   The network authentication system according to claim 1, wherein a secure communication path is formed between the user terminal and the authentication server. A network authentication method in a network authentication system comprising a user terminal, an authentication server, and a non-browser-based service providing server,
The user terminal is user-authenticated from the authentication server for providing a service from the service providing server,
A first step in which the user terminal transmits an authentication request to the authentication server;
A second step in which the authentication server authenticates the received authentication request;
A third step in which the authentication server uses a sanitized signature to create a file for identifying a user, such as user information and a user access history, and an authentication file after completion of the authentication process;
A fourth step in which the authentication server transmits the created file to the user terminal;
A fifth step in which the user terminal stores the received file;
A sixth step in which the user terminal selects a service to be used;
A seventh step in which the user terminal processes the authentication file;
An eighth step in which the user terminal transmits an authentication request together with the authentication file to the service providing server;
A ninth step in which the service providing server verifies the authentication file;
A tenth step in which the service providing server acquires ID information in the authentication file;
An eleventh step in which the service providing server provides information after the verification process and acquisition of the ID information are completed;
A network authentication method comprising: The third step is
After completing the user authentication, all the user ID information is prepared, and among these ID information, the i-th ID information is described as info_i,
A random number generating step for generating the same number of random numbers as the ID information and setting the i-th random number as rand_i;
A bit sum operation step of calculating a bit sum (info_i || rand_i) of the info_i and the land_i;
The hash value of the bit sum is calculated using a one-way hash function h (), and the i-th data is set to hdata_i = h (info_i || rand_i) and a bit sum of all hdata is generated A hash value calculation step in which the hash value is hdata_all = h (hdata — 0 || hdata — 1 ||... | Hdata — n)
A signature generation step for generating a signature for the hdata_all using its own private key and setting the signature data as sign_all;
An authentication file generating step for generating an authentication file (F_auth) from the info_i, rand_i and sign_all;
The network authentication method according to claim 8, further comprising:   The seventh step selects only the data i = n (n = k_1, k_2, k_3...) Provided to the service to be used from the ID information of the authentication file acquired from the authentication server. The authentication file is processed, and the eighth step sends info_i, rand_i (i = n), hda_i (iεn), hda_all, sign_all as authentication files to the service to be used. The network authentication method according to claim 8. The ninth step comprises:
A generating step of generating hdata_i (i = n) from info_i, rand_i (i = n) sent from the user terminal, and generating hdata_all together with hdata_i (i∈n);
a signature verification processing step for performing signature verification processing on the sign_all using the public key of the authentication server;
The network authentication method according to claim 8, further comprising: A program for causing a computer to execute a network authentication method in a network authentication system including a user terminal, an authentication server, and a non-browser-based service providing server,
The user terminal is user-authenticated from the authentication server for providing a service from the service providing server,
A first step in which the user terminal transmits an authentication request to the authentication server;
A second step in which the authentication server authenticates the received authentication request;
A third step in which the authentication server uses a sanitized signature to create a file for identifying a user, such as user information and a user access history, and an authentication file after completion of the authentication process;
A fourth step in which the authentication server transmits the created file to the user terminal;
A fifth step in which the user terminal stores the received file;
A sixth step in which the user terminal selects a service to be used;
A seventh step in which the user terminal processes the authentication file;
An eighth step in which the user terminal transmits an authentication request together with the authentication file to the service providing server;
A ninth step in which the service providing server verifies the authentication file;
A tenth step in which the service providing server acquires ID information in the authentication file;
An eleventh step in which the service providing server provides information after the verification process and acquisition of the ID information are completed;
A program that causes a computer to execute.