JP5334320B2 - 暗号証拠の再検証に基づく認証委任 - Google Patents
暗号証拠の再検証に基づく認証委任 Download PDFInfo
- Publication number
- JP5334320B2 JP5334320B2 JP2009539518A JP2009539518A JP5334320B2 JP 5334320 B2 JP5334320 B2 JP 5334320B2 JP 2009539518 A JP2009539518 A JP 2009539518A JP 2009539518 A JP2009539518 A JP 2009539518A JP 5334320 B2 JP5334320 B2 JP 5334320B2
- Authority
- JP
- Japan
- Prior art keywords
- user
- client
- gateway
- authentication
- handshake
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/121—Timestamp
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Telephonic Communication Services (AREA)
Description
1)TLSハンドシェイクは、クライアント認証を含まない。
2)クライアントとゲートウェイは、(新しいセキュリティパラメータを交渉する代わりに)以前のTLSセッションを再開するまたは現在のセッションを繰り返す決定をする。この場合、TLSハンドシェイクは、証明書検証メッセージを含まない(RFC2246の30−31ページ参照)。
3)クライアント証明書は、署名機能(すなわち、固定ディフィー・へルマンパラメーターを含むものを除くすべての証明書)を有する。例えば、暗号スイート ECDH_ECDSAとECDH_RSA(RFC4492参照)は、クライアント認証をサポートするが、証明書検証メッセージは利用しない。
(1)サーバーは、タイムスタンプまたはノンスをサーバーのハローメッセージ内に、このメッセージのランダムフィールドの一部として、置く(ハンドシェイクプロトコルのこの態様の詳細は、RFC2246の7.4.1.3節に見出すことができる)
(2)サーバーは、タイムスタンプまたはノンスをサーバーのハロー拡張子に置く(詳細は、RFC3546の2.2節に見出すことができる)
(3)クライアント/ユーザーは、タイムスタンプをクライアントのハローメッセージ内に、このメッセージのランダムフィールドの一部として、置く(ハンドシェイクプロトコルのこの態様の詳細は、RFC2246の7.4.1.2節に見出すことができる)
(4)クライアント/ユーザーは、タイムスタンプをクライアントのハロー拡張子内に置く(詳細は、RFC3546の2.1節に見出すことができる)
AS(Authentication Service、認証サービス)交換
クライアントは、典型的にはTGT(Ticket Granting Ticket、チケット保証チケット)である、KerberosAS(authentication server)から「最初の」チケットを取得する。AS−REQメッセージ420とAS−REP425メッセージはそれぞれ、クライアントとAS間の要求メッセージと応答メッセージである。
TGS(Ticket Granting Service、チケット保証サービス)交換
続いてクライアントは、認証するためにTGTを使用して、KerberosTGS(ticket-granting server)から特定のサービスのサービスチケットを要求する。TGS−REQメッセージ430とTGS−REP435メッセージはそれぞれ、クライアントとTGS間の要求メッセージと応答メッセージである。
クライアント/サーバーAP(Authentication Protocol、認証プロトコル)交換
次にクライアントは、クライアントのチケットセッション鍵の所有を認証するサービスチケットと認証コードから成るAP−REQメッセージ440を用いて要求する。サーバーは、随意的に、AP−REPメッセージ445を用いて応答することができる。AP交換は、典型的には、セッション固有対称鍵を交渉する。
Claims (17)
- ゲートウェイを介してサービスプロバイダーにアクセスするクライアント/ユーザー間の認証委任の方法であって、
前記クライアント/ユーザーと前記ゲートウェイ間のクライアント認証を有するTLSハンドシェイクを実行するステップであって、前記TLSハンドシェイクは、複数のメッセージ交換を特定するプロトコルによって定義される、ステップと、
前記クライアント/ユーザーが前記ゲートウェイに認証されたことを証明する認証証拠として、前記TLSハンドシェイクにおいて交換されたメッセージを記録するステップであって、前記TLSハンドシェイクにおいて交換されたメッセージは、証明書検証メッセージまでの、前記プロトコルにおいて特定されたすべてのメッセージを含み、前記証明書検証メッセージは、前記TLSハンドシェイクの以前のすべてのメッセージに対する署名から成る、ステップと、
前記記録を前記ゲートウェイから前記サービスプロバイダーに直接提供するステップと
を備え、前記サービスプロバイダーは、前記クライアント/ユーザーと前記ゲートウェイ間の認証に関与しないことを特徴とする方法。 - 時間に関連するデータを前記TLSハンドシェイクのメッセージに組み込むステップをさらに備えることを特徴とする請求項1に記載の方法。
- 前記クライアント/ユーザーは、前記時間に関連するデータを組み込むことを特徴とする請求項2に記載の方法。
- 前記ゲートウェイは、前記時間に関連するデータを組み込むことを特徴とする請求項2に記載の方法。
- 前記サービスプロバイダーによって提供されたノンスを、前記TLSハンドシェイクの一部として、前記ゲートウェイから前記クライアント/ユーザーまでのメッセージに組み込むステップをさらに備えることを特徴とする請求項1に記載の方法。
- 前記サービスプロバイダーは、受信したすべての記録のメモリを保持する、および同じ記録が2回以上使用されていないことを確認することを特徴とする請求項1に記載の方法。
- TLSハンドシェイクを実行する前記ステップは、
クライアント認証を有しない第1のハンドシェイクを実行するステップと、
前記第1のハンドシェイクの実行の成功した完了後、クライアント認証を有する第2のハンドシェイクを実行するステップと
をさらに備えることを特徴とする請求項1に記載の方法。 - 前記クライアント/ユーザーとゲートウェイ間の前記第2のハンドシェイクは、前記第1のハンドシェイクから得たセッション鍵によって暗号化されることを特徴とする請求項7に記載の方法。
- 前記サービスプロバイダーに提供された前記記録は、暗号化されないことを特徴とする請求項8に記載の方法。
- 認証委任を使用して、エンドサーバー上のサービスへのアクセスを許可する方法であって、
前記エンドサーバーが、ユーザーによって要求されたサービスにアクセスするために、要求を受信するステップと、
前記エンドサーバーが、前記ユーザーと前記ゲートウェイ/中間サーバー間で実行されるクライアント認証を有するTLSハンドシェイクにおいて交換されたメッセージの記録を、前記ユーザーが前記ゲートウェイ/中間サーバーに認証されたことを証明する認証証拠として、前記ゲートウェイ/中間サーバーから直接受信するステップであって、前記TLSハンドシェイクは、複数のメッセージ交換を特定するプロトコルによって定義され、前記TLSハンドシェイクにおいて交換されたメッセージは、証明書検証メッセージまでの、前記プロトコルにおいて特定されたすべてのメッセージを含み、前記証明書検証メッセージは、前記TLSハンドシェイクの以前のすべてのメッセージに対する署名から成る、ステップと、
前記エンドサーバーが、前記記録を利用して、前記TLSハンドシェイクを再検証する、および前記ユーザーのアイデンティティを確認するステップと
を備え、前記エンドサーバーは、前記ユーザーと前記ゲートウェイ/中間サーバー間の認証に関与しないことを特徴とする方法。 - ゲートウェイを介してサービスプロバイダーにアクセスするクライアント/ユーザー間の認証委任の方法であって、前記ゲートウェイは、
前記クライアント/ユーザーと前記ゲートウェイ間のクライアント認証を有するTLSハンドシェイクを実行するステップであって、前記TLSハンドシェイクは、複数のメッセージ交換を特定するプロトコルによって定義される、ステップと、
前記クライアント/ユーザーが前記ゲートウェイに認証されたことを証明する認証証拠として、前記TLSハンドシェイクにおいて交換されたメッセージを記録するステップであって、前記TLSハンドシェイクにおいて交換されたメッセージは、証明書検証メッセージまでの、前記プロトコルにおいて特定されたすべてのメッセージを含み、前記証明書検証メッセージは、前記TLSハンドシェイクの以前のすべてのメッセージに対する署名から成る、ステップと、
前記記録を前記ゲートウェイから第三者エンティティに直接提供するステップと、
前記第三者エンティティによる前記記録の有効性の確認後、ユーザー資格を前記第三者エンティティから受信するステップと、
前記ユーザー資格を用いて、前記ユーザーを前記サービスプロバイダーに対して認証するステップと
を備える方法を実行し、
前記サービスプロバイダーは、前記クライアント/ユーザーと前記ゲートウェイ間の認証に関与しないことを特徴とする方法。 - 前記第三者エンティティは、認証局(Certificate Authority)であることを特徴とする請求項11に記載の方法。
- ユーザー資格を受信する前記ステップは、一時的な証明書およびそれに関連する秘密鍵を受信することを備えることを特徴とする請求項12に記載の方法。
- 前記ユーザーを前記サービスプロバイダーに対して認証する前記ステップは、PKINITを用いたKerberosを使用して実行されることを特徴とする請求項12に記載の方法。
- 前記第三者エンティティはKDCであり、ユーザー資格を受信する前記ステップは前記KDCからKerberosのサービスチケットを受信することを備えることを特徴とする請求項11に記載の方法。
- 前記第三者エンティティは、単一デバイスのゲートウェイと一緒に常駐することを特徴とする請求項11に記載の方法。
- TLSハンドシェイクを実行する前記ステップは、
クライアント認証を有しない第1のハンドシェイクを実行するステップと、
前記第1のハンドシェイクを実行するステップの成功した完了後、クライアント認証を有する第2のハンドシェイクを実行するステップと
をさらに備えることを特徴とする請求項11に記載の方法。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/607,720 US9055107B2 (en) | 2006-12-01 | 2006-12-01 | Authentication delegation based on re-verification of cryptographic evidence |
US11/607,720 | 2006-12-01 | ||
PCT/US2007/086122 WO2008127447A2 (en) | 2006-12-01 | 2007-11-30 | Authentication delegation based on re-verification of cryptographic evidence |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2013024845A Division JP5599910B2 (ja) | 2006-12-01 | 2013-02-12 | 暗号証拠の再検証に基づく認証委任 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2010512069A JP2010512069A (ja) | 2010-04-15 |
JP5334320B2 true JP5334320B2 (ja) | 2013-11-06 |
Family
ID=39477460
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2009539518A Active JP5334320B2 (ja) | 2006-12-01 | 2007-11-30 | 暗号証拠の再検証に基づく認証委任 |
JP2013024845A Active JP5599910B2 (ja) | 2006-12-01 | 2013-02-12 | 暗号証拠の再検証に基づく認証委任 |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2013024845A Active JP5599910B2 (ja) | 2006-12-01 | 2013-02-12 | 暗号証拠の再検証に基づく認証委任 |
Country Status (7)
Country | Link |
---|---|
US (1) | US9055107B2 (ja) |
EP (1) | EP2098006B1 (ja) |
JP (2) | JP5334320B2 (ja) |
KR (1) | KR101459802B1 (ja) |
CN (1) | CN101542965A (ja) |
TW (1) | TWI429256B (ja) |
WO (1) | WO2008127447A2 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013138474A (ja) * | 2006-12-01 | 2013-07-11 | Microsoft Corp | 暗号証拠の再検証に基づく認証委任 |
Families Citing this family (147)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8380854B2 (en) | 2000-03-21 | 2013-02-19 | F5 Networks, Inc. | Simplified method for processing multiple connections from the same client |
US7343413B2 (en) | 2000-03-21 | 2008-03-11 | F5 Networks, Inc. | Method and system for optimizing a network by independently scaling control segments and data flow |
US8332923B2 (en) * | 2007-01-19 | 2012-12-11 | Toshiba America Research, Inc. | Kerberized handover keying |
JP2009086802A (ja) * | 2007-09-28 | 2009-04-23 | Hitachi Ltd | 認証仲介方法およびシステム |
US8387130B2 (en) * | 2007-12-10 | 2013-02-26 | Emc Corporation | Authenticated service virtualization |
US8516566B2 (en) * | 2007-10-25 | 2013-08-20 | Apple Inc. | Systems and methods for using external authentication service for Kerberos pre-authentication |
US8806053B1 (en) | 2008-04-29 | 2014-08-12 | F5 Networks, Inc. | Methods and systems for optimizing network traffic using preemptive acknowledgment signals |
US8566444B1 (en) | 2008-10-30 | 2013-10-22 | F5 Networks, Inc. | Methods and system for simultaneous multiple rules checking |
US8555069B2 (en) * | 2009-03-06 | 2013-10-08 | Microsoft Corporation | Fast-reconnection of negotiable authentication network clients |
US8064896B2 (en) * | 2009-03-09 | 2011-11-22 | Apple Inc. | Push notification service |
US10157280B2 (en) | 2009-09-23 | 2018-12-18 | F5 Networks, Inc. | System and method for identifying security breach attempts of a website |
JP5325061B2 (ja) * | 2009-09-25 | 2013-10-23 | 株式会社日立製作所 | 鍵管理装置および鍵管理方法 |
US10721269B1 (en) | 2009-11-06 | 2020-07-21 | F5 Networks, Inc. | Methods and system for returning requests with javascript for clients before passing a request to a server |
US8868961B1 (en) | 2009-11-06 | 2014-10-21 | F5 Networks, Inc. | Methods for acquiring hyper transport timing and devices thereof |
US8301895B2 (en) * | 2009-12-02 | 2012-10-30 | Microsoft Corporation | Identity based network policy enablement |
TWI519098B (zh) * | 2009-12-28 | 2016-01-21 | 內數位專利控股公司 | 機器對機器閘道架構 |
US9544143B2 (en) | 2010-03-03 | 2017-01-10 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions |
US9532222B2 (en) | 2010-03-03 | 2016-12-27 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
US9141625B1 (en) | 2010-06-22 | 2015-09-22 | F5 Networks, Inc. | Methods for preserving flow state during virtual machine migration and devices thereof |
US10015286B1 (en) * | 2010-06-23 | 2018-07-03 | F5 Networks, Inc. | System and method for proxying HTTP single sign on across network domains |
US8908545B1 (en) | 2010-07-08 | 2014-12-09 | F5 Networks, Inc. | System and method for handling TCP performance in network access with driver initiated application tunnel |
US8347100B1 (en) | 2010-07-14 | 2013-01-01 | F5 Networks, Inc. | Methods for DNSSEC proxying and deployment amelioration and systems thereof |
US9083760B1 (en) | 2010-08-09 | 2015-07-14 | F5 Networks, Inc. | Dynamic cloning and reservation of detached idle connections |
US9645992B2 (en) | 2010-08-21 | 2017-05-09 | Oracle International Corporation | Methods and apparatuses for interaction with web applications and web application data |
US8630174B1 (en) | 2010-09-14 | 2014-01-14 | F5 Networks, Inc. | System and method for post shaping TCP packetization |
US8886981B1 (en) | 2010-09-15 | 2014-11-11 | F5 Networks, Inc. | Systems and methods for idle driven scheduling |
US8804504B1 (en) | 2010-09-16 | 2014-08-12 | F5 Networks, Inc. | System and method for reducing CPU load in processing PPP packets on a SSL-VPN tunneling device |
AU2010224455B8 (en) * | 2010-09-28 | 2011-05-26 | Mu Hua Investments Limited | Biometric key |
WO2012058643A2 (en) | 2010-10-29 | 2012-05-03 | F5 Networks, Inc. | System and method for on the fly protocol conversion in obtaining policy enforcement information |
WO2012058486A2 (en) | 2010-10-29 | 2012-05-03 | F5 Networks, Inc. | Automated policy builder |
US8627467B2 (en) | 2011-01-14 | 2014-01-07 | F5 Networks, Inc. | System and method for selectively storing web objects in a cache memory based on policy decisions |
US10135831B2 (en) | 2011-01-28 | 2018-11-20 | F5 Networks, Inc. | System and method for combining an access control system with a traffic management system |
US9021552B2 (en) * | 2011-04-05 | 2015-04-28 | Sap Se | User authentication for intermediate representational state transfer (REST) client via certificate authority |
CN102833067B (zh) * | 2011-06-15 | 2017-05-17 | 中兴通讯股份有限公司 | 三方认证的方法、系统及终端设备的认证状态管理方法 |
US9246819B1 (en) | 2011-06-20 | 2016-01-26 | F5 Networks, Inc. | System and method for performing message-based load balancing |
US9015469B2 (en) | 2011-07-28 | 2015-04-21 | Cloudflare, Inc. | Supporting secure sessions in a cloud-based proxy service |
US9467463B2 (en) | 2011-09-02 | 2016-10-11 | Duo Security, Inc. | System and method for assessing vulnerability of a mobile device |
US9270766B2 (en) | 2011-12-30 | 2016-02-23 | F5 Networks, Inc. | Methods for identifying network traffic characteristics to correlate and manage one or more subsequent flows and devices thereof |
US10230566B1 (en) | 2012-02-17 | 2019-03-12 | F5 Networks, Inc. | Methods for dynamically constructing a service principal name and devices thereof |
US9231879B1 (en) | 2012-02-20 | 2016-01-05 | F5 Networks, Inc. | Methods for policy-based network traffic queue management and devices thereof |
US9172753B1 (en) | 2012-02-20 | 2015-10-27 | F5 Networks, Inc. | Methods for optimizing HTTP header based authentication and devices thereof |
US9722972B2 (en) * | 2012-02-26 | 2017-08-01 | Oracle International Corporation | Methods and apparatuses for secure communication |
KR20170106515A (ko) * | 2012-03-08 | 2017-09-20 | 인텔 코포레이션 | 다중 팩터 인증 기관 |
US9450758B1 (en) * | 2012-03-12 | 2016-09-20 | Amazon Technologies, Inc. | Virtual requests |
US8656471B1 (en) | 2012-03-12 | 2014-02-18 | Amazon Technologies, Inc. | Virtual requests |
US8966570B1 (en) | 2012-03-22 | 2015-02-24 | Amazon Technologies, Inc. | Entity to authorize delegation of permissions |
WO2013163648A2 (en) | 2012-04-27 | 2013-10-31 | F5 Networks, Inc. | Methods for optimizing service of content requests and devices thereof |
CN103581873A (zh) * | 2012-07-25 | 2014-02-12 | 中国电信股份有限公司 | 智能卡与用户识别模块安全绑定的方法、系统和管理平台 |
US9054863B2 (en) | 2012-09-04 | 2015-06-09 | Rockwell Automation Asia Pacific Business Center Pte. Ltd. | Industrial protocol system authentication and firewall |
KR20140052703A (ko) * | 2012-10-25 | 2014-05-07 | 삼성전자주식회사 | 프록시 서버를 이용한 웹 서비스 가속 방법 및 장치 |
WO2014083382A1 (en) | 2012-11-27 | 2014-06-05 | Robojar Pty Ltd | A system and method for authenticating the legitimacy of a request for a resource by a user |
JP5614465B2 (ja) * | 2013-01-30 | 2014-10-29 | 沖電気工業株式会社 | 暗号通信装置、代行サーバ、暗号通信装置プログラム及び代行サーバプログラム |
US9418213B1 (en) * | 2013-02-06 | 2016-08-16 | Amazon Technologies, Inc. | Delegated permissions in a distributed electronic environment |
US10375155B1 (en) | 2013-02-19 | 2019-08-06 | F5 Networks, Inc. | System and method for achieving hardware acceleration for asymmetric flow connections |
US10909518B2 (en) * | 2013-03-07 | 2021-02-02 | Paypal, Inc. | Delegation payment with picture |
US8782774B1 (en) | 2013-03-07 | 2014-07-15 | Cloudflare, Inc. | Secure session capability using public-key cryptography without access to the private key |
US9344422B2 (en) | 2013-03-15 | 2016-05-17 | Oracle International Corporation | Method to modify android application life cycle to control its execution in a containerized workspace environment |
CN104903909B (zh) | 2013-03-15 | 2018-07-31 | 甲骨文国际公司 | 在应用之间计算机内受保护的通信的方法及设备 |
US9129112B2 (en) | 2013-03-15 | 2015-09-08 | Oracle International Corporation | Methods, systems and machine-readable media for providing security services |
US10270748B2 (en) | 2013-03-22 | 2019-04-23 | Nok Nok Labs, Inc. | Advanced authentication techniques and applications |
US9887983B2 (en) | 2013-10-29 | 2018-02-06 | Nok Nok Labs, Inc. | Apparatus and method for implementing composite authenticators |
US9305298B2 (en) | 2013-03-22 | 2016-04-05 | Nok Nok Labs, Inc. | System and method for location-based authentication |
US9154488B2 (en) * | 2013-05-03 | 2015-10-06 | Citrix Systems, Inc. | Secured access to resources using a proxy |
CN104158791A (zh) * | 2013-05-14 | 2014-11-19 | 北大方正集团有限公司 | 一种分布式环境下的安全通信认证方法及系统 |
US9961077B2 (en) | 2013-05-30 | 2018-05-01 | Nok Nok Labs, Inc. | System and method for biometric authentication with device attestation |
US9049169B1 (en) * | 2013-05-30 | 2015-06-02 | Trend Micro Incorporated | Mobile email protection for private computer networks |
US9305161B1 (en) * | 2013-06-24 | 2016-04-05 | Emc Corporation | Password hardening system using password shares distributed across multiple servers |
US9515996B1 (en) * | 2013-06-28 | 2016-12-06 | EMC IP Holding Company LLC | Distributed password-based authentication in a public key cryptography authentication system |
US10187317B1 (en) | 2013-11-15 | 2019-01-22 | F5 Networks, Inc. | Methods for traffic rate control and devices thereof |
US8966267B1 (en) | 2014-04-08 | 2015-02-24 | Cloudflare, Inc. | Secure session capability using public-key cryptography without access to the private key |
US8996873B1 (en) | 2014-04-08 | 2015-03-31 | Cloudflare, Inc. | Secure session capability using public-key cryptography without access to the private key |
US9184911B2 (en) * | 2014-04-08 | 2015-11-10 | Cloudflare, Inc. | Secure session capability using public-key cryptography without access to the private key |
US9762590B2 (en) * | 2014-04-17 | 2017-09-12 | Duo Security, Inc. | System and method for an integrity focused authentication service |
US9654469B1 (en) | 2014-05-02 | 2017-05-16 | Nok Nok Labs, Inc. | Web-based user authentication techniques and applications |
US9577999B1 (en) | 2014-05-02 | 2017-02-21 | Nok Nok Labs, Inc. | Enhanced security for registration of authentication devices |
US9413533B1 (en) | 2014-05-02 | 2016-08-09 | Nok Nok Labs, Inc. | System and method for authorizing a new authenticator |
US10015143B1 (en) | 2014-06-05 | 2018-07-03 | F5 Networks, Inc. | Methods for securing one or more license entitlement grants and devices thereof |
US9531714B2 (en) | 2014-06-27 | 2016-12-27 | Citrix Systems, Inc. | Enterprise authentication via third party authentication support |
US11838851B1 (en) | 2014-07-15 | 2023-12-05 | F5, Inc. | Methods for managing L7 traffic classification and devices thereof |
CN105262605B (zh) * | 2014-07-17 | 2018-09-25 | 阿里巴巴集团控股有限公司 | 一种获取本地信息的方法、装置及系统 |
US9875347B2 (en) | 2014-07-31 | 2018-01-23 | Nok Nok Labs, Inc. | System and method for performing authentication using data analytics |
US10148630B2 (en) | 2014-07-31 | 2018-12-04 | Nok Nok Labs, Inc. | System and method for implementing a hosted authentication service |
US9455979B2 (en) | 2014-07-31 | 2016-09-27 | Nok Nok Labs, Inc. | System and method for establishing trust using secure transmission protocols |
US9749131B2 (en) | 2014-07-31 | 2017-08-29 | Nok Nok Labs, Inc. | System and method for implementing a one-time-password using asymmetric cryptography |
US10122630B1 (en) | 2014-08-15 | 2018-11-06 | F5 Networks, Inc. | Methods for network traffic presteering and devices thereof |
US9736154B2 (en) * | 2014-09-16 | 2017-08-15 | Nok Nok Labs, Inc. | System and method for integrating an authentication service within a network architecture |
CN106663018B (zh) | 2014-09-24 | 2020-09-15 | 甲骨文国际公司 | 修改移动设备应用生命周期的系统、方法、介质和设备 |
EP3213488A1 (en) * | 2014-10-31 | 2017-09-06 | Convida Wireless, LLC | End-to-end service layer authentication |
CN105577738B (zh) * | 2014-11-10 | 2019-08-02 | 中国移动通信集团公司 | 一种处理终端信息的方法、装置及系统 |
US10182013B1 (en) | 2014-12-01 | 2019-01-15 | F5 Networks, Inc. | Methods for managing progressive image delivery and devices thereof |
CN104660583B (zh) * | 2014-12-29 | 2018-05-29 | 国家电网公司 | 一种基于Web加密服务的加密服务方法 |
US11895138B1 (en) | 2015-02-02 | 2024-02-06 | F5, Inc. | Methods for improving web scanner accuracy and devices thereof |
EP3272094B1 (en) | 2015-03-16 | 2021-06-23 | Convida Wireless, LLC | End-to-end authentication at the service layer using public keying mechanisms |
US10834065B1 (en) | 2015-03-31 | 2020-11-10 | F5 Networks, Inc. | Methods for SSL protected NTLM re-authentication and devices thereof |
US11350254B1 (en) | 2015-05-05 | 2022-05-31 | F5, Inc. | Methods for enforcing compliance policies and devices thereof |
US10505818B1 (en) | 2015-05-05 | 2019-12-10 | F5 Networks. Inc. | Methods for analyzing and load balancing based on server health and devices thereof |
EP3304336B1 (en) | 2015-06-01 | 2019-10-09 | Duo Security, Inc. | Method for enforcing endpoint health standards |
US9450944B1 (en) | 2015-10-14 | 2016-09-20 | FullArmor Corporation | System and method for pass-through authentication |
US9509684B1 (en) * | 2015-10-14 | 2016-11-29 | FullArmor Corporation | System and method for resource access with identity impersonation |
US9762563B2 (en) | 2015-10-14 | 2017-09-12 | FullArmor Corporation | Resource access system and method |
CN106656928A (zh) * | 2015-10-30 | 2017-05-10 | 西门子公司 | 云环境下的客户端与服务器之间的认证方法和装置 |
US10277569B1 (en) * | 2015-12-03 | 2019-04-30 | Amazon Technologies, Inc. | Cross-region cache of regional sessions |
US10182044B1 (en) | 2015-12-03 | 2019-01-15 | Amazon Technologies, Inc. | Personalizing global session identifiers |
US9894067B1 (en) | 2015-12-03 | 2018-02-13 | Amazon Technologies, Inc. | Cross-region roles |
US9900160B1 (en) | 2015-12-03 | 2018-02-20 | Amazon Technologies, Inc. | Asymmetric session credentials |
US11757946B1 (en) | 2015-12-22 | 2023-09-12 | F5, Inc. | Methods for analyzing network traffic and enforcing network policies and devices thereof |
CN105471896B (zh) * | 2015-12-28 | 2019-01-15 | 深信服科技股份有限公司 | 基于ssl的代理方法、装置及系统 |
US10404698B1 (en) | 2016-01-15 | 2019-09-03 | F5 Networks, Inc. | Methods for adaptive organization of web application access points in webtops and devices thereof |
US10797888B1 (en) | 2016-01-20 | 2020-10-06 | F5 Networks, Inc. | Methods for secured SCEP enrollment for client devices and devices thereof |
US11178150B1 (en) | 2016-01-20 | 2021-11-16 | F5 Networks, Inc. | Methods for enforcing access control list based on managed application and devices thereof |
US9888290B1 (en) * | 2016-03-24 | 2018-02-06 | Sprint Communications Company L.P. | Service denial notification in secure socket layer (SSL) processing |
US11197331B2 (en) * | 2016-06-10 | 2021-12-07 | Apple Inc. | Zero-round-trip-time connectivity over the wider area network |
US10791088B1 (en) | 2016-06-17 | 2020-09-29 | F5 Networks, Inc. | Methods for disaggregating subscribers via DHCP address translation and devices thereof |
US10637853B2 (en) | 2016-08-05 | 2020-04-28 | Nok Nok Labs, Inc. | Authentication techniques including speech and/or lip movement analysis |
US10769635B2 (en) | 2016-08-05 | 2020-09-08 | Nok Nok Labs, Inc. | Authentication techniques including speech and/or lip movement analysis |
US11063758B1 (en) | 2016-11-01 | 2021-07-13 | F5 Networks, Inc. | Methods for facilitating cipher selection and devices thereof |
US10505792B1 (en) | 2016-11-02 | 2019-12-10 | F5 Networks, Inc. | Methods for facilitating network traffic analytics and devices thereof |
US10091195B2 (en) | 2016-12-31 | 2018-10-02 | Nok Nok Labs, Inc. | System and method for bootstrapping a user binding |
US10237070B2 (en) | 2016-12-31 | 2019-03-19 | Nok Nok Labs, Inc. | System and method for sharing keys across authenticators |
US11496438B1 (en) | 2017-02-07 | 2022-11-08 | F5, Inc. | Methods for improved network security using asymmetric traffic delivery and devices thereof |
US10791119B1 (en) | 2017-03-14 | 2020-09-29 | F5 Networks, Inc. | Methods for temporal password injection and devices thereof |
US10356075B2 (en) | 2017-03-15 | 2019-07-16 | International Business Machines Corporation | Automated verification of chains of credentials |
US10812266B1 (en) | 2017-03-17 | 2020-10-20 | F5 Networks, Inc. | Methods for managing security tokens based on security violations and devices thereof |
US10931662B1 (en) | 2017-04-10 | 2021-02-23 | F5 Networks, Inc. | Methods for ephemeral authentication screening and devices thereof |
US10972453B1 (en) | 2017-05-03 | 2021-04-06 | F5 Networks, Inc. | Methods for token refreshment based on single sign-on (SSO) for federated identity environments and devices thereof |
US11122042B1 (en) | 2017-05-12 | 2021-09-14 | F5 Networks, Inc. | Methods for dynamically managing user access control and devices thereof |
US11343237B1 (en) | 2017-05-12 | 2022-05-24 | F5, Inc. | Methods for managing a federated identity environment using security and access control data and devices thereof |
US11558202B2 (en) | 2017-07-31 | 2023-01-17 | Cisco Technology, Inc. | Network device authentication |
US11122083B1 (en) | 2017-09-08 | 2021-09-14 | F5 Networks, Inc. | Methods for managing network connections based on DNS data and network policies and devices thereof |
SG11202002430PA (en) * | 2017-09-19 | 2020-04-29 | Abiomed Inc | Systems and methods for time-based one-time password management for a medical device |
US11868995B2 (en) | 2017-11-27 | 2024-01-09 | Nok Nok Labs, Inc. | Extending a secure key storage for transaction confirmation and cryptocurrency |
US10412113B2 (en) | 2017-12-08 | 2019-09-10 | Duo Security, Inc. | Systems and methods for intelligently configuring computer security |
US11831409B2 (en) | 2018-01-12 | 2023-11-28 | Nok Nok Labs, Inc. | System and method for binding verifiable claims |
US11658995B1 (en) | 2018-03-20 | 2023-05-23 | F5, Inc. | Methods for dynamically mitigating network attacks and devices thereof |
US11044200B1 (en) | 2018-07-06 | 2021-06-22 | F5 Networks, Inc. | Methods for service stitching using a packet header and devices thereof |
CN109102437A (zh) * | 2018-08-10 | 2018-12-28 | 山东省计算中心(国家超级计算济南中心) | 一种基于区块链的网页自动取证方法及系统 |
US11658962B2 (en) | 2018-12-07 | 2023-05-23 | Cisco Technology, Inc. | Systems and methods of push-based verification of a transaction |
AU2020232980A1 (en) * | 2019-03-05 | 2021-11-04 | Red Piranha Limited | Network data traffic identification |
US11792024B2 (en) | 2019-03-29 | 2023-10-17 | Nok Nok Labs, Inc. | System and method for efficient challenge-response authentication |
US11275865B2 (en) | 2019-08-23 | 2022-03-15 | Conduent Business Services, Llc | Privacy friendly decentralized ledger based identity management system and methods |
MY193195A (en) * | 2019-09-02 | 2022-09-26 | Grabtaxi Holdings Pte Ltd | Communications server apparatus and method for determination of an abstention attack |
CN110708170B (zh) * | 2019-12-13 | 2020-03-27 | 腾讯科技(深圳)有限公司 | 一种数据处理方法、装置以及计算机可读存储介质 |
US10903990B1 (en) | 2020-03-11 | 2021-01-26 | Cloudflare, Inc. | Establishing a cryptographic tunnel between a first tunnel endpoint and a second tunnel endpoint where a private key used during the tunnel establishment is remotely located from the second tunnel endpoint |
US11601519B2 (en) * | 2020-06-09 | 2023-03-07 | Twilio Inc. | Edge communication locations |
US11968293B2 (en) * | 2020-11-18 | 2024-04-23 | International Business Machines Corporation | Private key management |
EP4002756B1 (en) * | 2020-11-24 | 2022-11-02 | Axis AB | Systems and methods of managing a certificate associated with a component located at a remote location |
CN116132072B (zh) * | 2023-04-19 | 2023-06-30 | 湖南工商大学 | 一种网络信息的安全认证方法及系统 |
Family Cites Families (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5586260A (en) * | 1993-02-12 | 1996-12-17 | Digital Equipment Corporation | Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms |
JP3595109B2 (ja) * | 1997-05-28 | 2004-12-02 | 日本ユニシス株式会社 | 認証装置、端末装置、および、それら装置における認証方法、並びに、記憶媒体 |
FI104666B (fi) * | 1997-11-10 | 2000-04-14 | Nokia Networks Oy | Varma kättelyprotokolla |
US6128738A (en) * | 1998-04-22 | 2000-10-03 | International Business Machines Corporation | Certificate based security in SNA data flows |
US6438550B1 (en) * | 1998-12-10 | 2002-08-20 | International Business Machines Corporation | Method and apparatus for client authentication and application configuration via smart cards |
US6367009B1 (en) * | 1998-12-17 | 2002-04-02 | International Business Machines Corporation | Extending SSL to a multi-tier environment using delegation of authentication and authority |
GB9905056D0 (en) * | 1999-03-05 | 1999-04-28 | Hewlett Packard Co | Computing apparatus & methods of operating computer apparatus |
US6601171B1 (en) * | 1999-02-18 | 2003-07-29 | Novell, Inc. | Deputization in a distributed computing system |
US6643774B1 (en) * | 1999-04-08 | 2003-11-04 | International Business Machines Corporation | Authentication method to enable servers using public key authentication to obtain user-delegated tickets |
US6584567B1 (en) | 1999-06-30 | 2003-06-24 | International Business Machines Corporation | Dynamic connection to multiple origin servers in a transcoding proxy |
US6934848B1 (en) * | 2000-07-19 | 2005-08-23 | International Business Machines Corporation | Technique for handling subsequent user identification and password requests within a certificate-based host session |
US20030014624A1 (en) * | 2000-07-31 | 2003-01-16 | Andes Networks, Inc. | Non-proxy internet communication |
FI20001837A (fi) * | 2000-08-18 | 2002-02-19 | Nokia Corp | Autentikointi |
US7395549B1 (en) | 2000-10-17 | 2008-07-01 | Sun Microsystems, Inc. | Method and apparatus for providing a key distribution center without storing long-term server secrets |
SE0004338L (sv) * | 2000-11-24 | 2002-05-25 | Columbitech Ab | Datanätbaserat system |
JP2002244557A (ja) | 2001-02-16 | 2002-08-30 | Atr Adaptive Communications Res Lab | 暗号通信システムおよびそれに用いる認証方法 |
US7698381B2 (en) * | 2001-06-20 | 2010-04-13 | Microsoft Corporation | Methods and systems for controlling the scope of delegation of authentication credentials |
JP3842100B2 (ja) | 2001-10-15 | 2006-11-08 | 株式会社日立製作所 | 暗号化通信システムにおける認証処理方法及びそのシステム |
JP2003229849A (ja) | 2002-02-05 | 2003-08-15 | Ntt Docomo Inc | 中継方法、中継装置、プログラム、及び記録媒体 |
US6874089B2 (en) * | 2002-02-25 | 2005-03-29 | Network Resonance, Inc. | System, method and computer program product for guaranteeing electronic transactions |
US7529933B2 (en) * | 2002-05-30 | 2009-05-05 | Microsoft Corporation | TLS tunneling |
GB2410660B (en) * | 2002-10-14 | 2005-10-19 | Toshiba Res Europ Ltd | Methods and systems for flexible delegation |
US7644275B2 (en) * | 2003-04-15 | 2010-01-05 | Microsoft Corporation | Pass-thru for client authentication |
CN1820481B (zh) | 2003-07-11 | 2010-05-05 | 国际商业机器公司 | 在客户机-服务器环境中认证客户机的系统和方法 |
FI20031258A0 (fi) | 2003-09-04 | 2003-09-04 | Nokia Corp | Sijainnin yksityisyys viestintäjärjestelmässä |
US20050138426A1 (en) * | 2003-11-07 | 2005-06-23 | Brian Styslinger | Method, system, and apparatus for managing, monitoring, auditing, cataloging, scoring, and improving vulnerability assessment tests, as well as automating retesting efforts and elements of tests |
JP4520840B2 (ja) | 2004-12-02 | 2010-08-11 | 株式会社日立製作所 | 暗号化通信の中継方法、ゲートウェイサーバ装置、暗号化通信のプログラムおよび暗号化通信のプログラム記憶媒体 |
KR100687722B1 (ko) | 2004-12-16 | 2007-02-27 | 한국전자통신연구원 | 인증 서버 및 인증 서버를 이용한 사용자 인증 방법 |
US8365293B2 (en) * | 2005-01-25 | 2013-01-29 | Redphone Security, Inc. | Securing computer network interactions between entities with authorization assurances |
US8959596B2 (en) * | 2006-06-15 | 2015-02-17 | Microsoft Technology Licensing, Llc | One-time password validation in a multi-entity environment |
US20080022374A1 (en) * | 2006-06-29 | 2008-01-24 | Research In Motion Limited | System and method for securely communicating with a server |
US8095787B2 (en) * | 2006-08-21 | 2012-01-10 | Citrix Systems, Inc. | Systems and methods for optimizing SSL handshake processing |
US9055107B2 (en) | 2006-12-01 | 2015-06-09 | Microsoft Technology Licensing, Llc | Authentication delegation based on re-verification of cryptographic evidence |
-
2006
- 2006-12-01 US US11/607,720 patent/US9055107B2/en active Active
-
2007
- 2007-11-22 TW TW096144323A patent/TWI429256B/zh not_active IP Right Cessation
- 2007-11-30 KR KR1020097013796A patent/KR101459802B1/ko active IP Right Grant
- 2007-11-30 EP EP07873646.9A patent/EP2098006B1/en active Active
- 2007-11-30 CN CNA200780044272XA patent/CN101542965A/zh active Pending
- 2007-11-30 WO PCT/US2007/086122 patent/WO2008127447A2/en active Application Filing
- 2007-11-30 JP JP2009539518A patent/JP5334320B2/ja active Active
-
2013
- 2013-02-12 JP JP2013024845A patent/JP5599910B2/ja active Active
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013138474A (ja) * | 2006-12-01 | 2013-07-11 | Microsoft Corp | 暗号証拠の再検証に基づく認証委任 |
US9055107B2 (en) | 2006-12-01 | 2015-06-09 | Microsoft Technology Licensing, Llc | Authentication delegation based on re-verification of cryptographic evidence |
Also Published As
Publication number | Publication date |
---|---|
JP2013138474A (ja) | 2013-07-11 |
TWI429256B (zh) | 2014-03-01 |
KR101459802B1 (ko) | 2014-11-07 |
JP5599910B2 (ja) | 2014-10-01 |
KR20090095630A (ko) | 2009-09-09 |
US9055107B2 (en) | 2015-06-09 |
US20080134311A1 (en) | 2008-06-05 |
CN101542965A (zh) | 2009-09-23 |
TW200833060A (en) | 2008-08-01 |
EP2098006B1 (en) | 2018-08-01 |
WO2008127447A2 (en) | 2008-10-23 |
JP2010512069A (ja) | 2010-04-15 |
WO2008127447A3 (en) | 2009-03-26 |
EP2098006A4 (en) | 2012-07-04 |
EP2098006A2 (en) | 2009-09-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5599910B2 (ja) | 暗号証拠の再検証に基づく認証委任 | |
US7496755B2 (en) | Method and system for a single-sign-on operation providing grid access and network access | |
CA2463034C (en) | Method and system for providing client privacy when requesting content from a public server | |
US20170054707A1 (en) | Method and Apparatus for Trusted Authentication and Logon | |
JP5688087B2 (ja) | 信頼できる認証およびログオンのための方法および装置 | |
US20060294366A1 (en) | Method and system for establishing a secure connection based on an attribute certificate having user credentials | |
EP2957064B1 (en) | Method of privacy-preserving proof of reliability between three communicating parties | |
Bazaz et al. | A review on single sign on enabling technologies and protocols | |
JP5186648B2 (ja) | 安全なオンライン取引を容易にするシステム及び方法 | |
EP2359525B1 (en) | Method for enabling limitation of service access | |
JP4499575B2 (ja) | ネットワークセキュリティ方法およびネットワークセキュリティシステム | |
Gajek et al. | A browser-based kerberos authentication scheme | |
JP2017139026A (ja) | 信頼できる認証およびログオンのための方法および装置 | |
EP2530618B1 (en) | Sign-On system with distributed access | |
JP2015111440A (ja) | 信頼できる認証およびログオンのための方法および装置 | |
Chen et al. | SSL/TLS session-aware user authentication using a gaa bootstrapped key | |
Singh et al. | Survey and analysis of Modern Authentication system | |
Jacobson | Trust negotiation in session-layer protocols | |
Joshi | Kerberos Security in Distributed Systems | |
Hosseyni et al. | Formal security analysis of the OpenID FAPI 2.0 Security Profile with FAPI 2.0 Message Signing, FAPI-CIBA, Dynamic Client Registration and Management: technical report | |
Kim | A survey of Kerberos V and public-key Kerberos security | |
JP2023163173A (ja) | 秘密鍵の安全な回復 | |
CN117527421A (zh) | 一种实现http协议安全传输的方法 | |
Hassan | User-defined key pair protocol | |
Dong et al. | Security Analysis of Real World Protocols |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20101027 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20121109 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20130212 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20130628 |
|
RD03 | Notification of appointment of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7423 Effective date: 20130701 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20130729 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 5334320 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |