JP6526248B2 - サーバ及びプログラム - Google Patents
サーバ及びプログラム Download PDFInfo
- Publication number
- JP6526248B2 JP6526248B2 JP2017563431A JP2017563431A JP6526248B2 JP 6526248 B2 JP6526248 B2 JP 6526248B2 JP 2017563431 A JP2017563431 A JP 2017563431A JP 2017563431 A JP2017563431 A JP 2017563431A JP 6526248 B2 JP6526248 B2 JP 6526248B2
- Authority
- JP
- Japan
- Prior art keywords
- token
- request
- mobile terminal
- server
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 claims description 26
- 238000012545 processing Methods 0.000 claims description 23
- 230000008569 process Effects 0.000 claims description 18
- 238000010295 mobile communication Methods 0.000 description 11
- 230000004044 response Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 6
- 238000012546 transfer Methods 0.000 description 4
- 125000002066 L-histidyl group Chemical group [H]N1C([H])=NC(C([H])([H])[C@](C(=O)[*])([H])N([H])[H])=C1[H] 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M11/00—Telephonic communication systems specially adapted for combination with other electrical systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Description
Claims (6)
- モバイルネットワーク内に配置され、モバイル端末にトークンを提供するサーバであって、
ネットワークインタフェースと、
前記ネットワークインタフェースに結合された処理部とを備え、
前記処理部は、
モバイル端末からトークンを求めるリクエストを受信し、
前記リクエストを前記モバイルネットワーク経由で受信したかを判定し、
前記リクエストを前記モバイルネットワーク経由で受信した場合に、
前記モバイル端末とのセッションに基づいて前記モバイル端末の加入者識別情報を取得し、
前記加入者識別情報に関連付けられたユーザプロファイルを含み、電子署名が付されたトークンを取得し、
前記トークンを前記モバイル端末へ送信し、
前記リクエストを前記モバイルネットワーク以外を経由して受信した場合に、前記トークンを送信しないことを前記モバイル端末に通知する
ように構成されることを特徴とするサーバ。 - モバイルネットワーク内に配置され、モバイル端末にトークンを提供するサーバであって、
ネットワークインタフェースと、
前記ネットワークインタフェースに結合された処理部とを備え、
前記処理部は、
モバイル端末からトークンを求めるリクエストを受信し、
前記リクエストを前記モバイルネットワーク経由で受信したかを判定し、
前記リクエストを前記モバイルネットワーク経由で受信した場合に、前記モバイル端末とのセッションに基づいて前記モバイル端末の加入者識別情報を取得し、
前記リクエストを前記モバイルネットワーク以外を経由して受信した場合に、前記モバイル端末に対して認証処理を行うことによって前記加入者識別情報を取得し、
前記加入者識別情報に関連付けられたユーザプロファイルを含み、電子署名が付されたトークンを取得し、
前記トークンを前記モバイル端末へ送信する
ように構成されることを特徴とするサーバ。 - 前記サーバは、前記モバイルネットワーク経由のアクセスを着信する第1ネットワークインタフェースと、前記モバイルネットワーク以外を経由したアクセスを着信する第2ネットワークインタフェースとを備え、
前記処理部は、前記リクエストが前記第1ネットワークインタフェースに着信したことに基づいて、前記リクエストを前記モバイルネットワーク経由で受信したと判定する
ようにさらに構成されることを特徴とする請求項1又は2に記載のサーバ。 - 前記処理部は、
前記モバイル端末の装置識別情報を取得し、
前記装置識別情報が前記加入者識別情報に対応しない場合に、前記モバイル端末に前記トークンを送信しない
ようにさらに構成されることを特徴とする請求項1乃至3の何れか1項に記載のサーバ。 - 前記ネットワークインタフェースにリンクローカルアドレスが割り当てられることを特徴とする請求項1乃至4の何れか1項に記載のサーバ。
- コンピュータを請求項1乃至5の何れか1項に記載のサーバの制御部として機能させるためのプログラム。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2016/052175 WO2017130292A1 (ja) | 2016-01-26 | 2016-01-26 | サーバ、モバイル端末及びプログラム |
Publications (2)
Publication Number | Publication Date |
---|---|
JPWO2017130292A1 JPWO2017130292A1 (ja) | 2018-12-20 |
JP6526248B2 true JP6526248B2 (ja) | 2019-06-12 |
Family
ID=59397882
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2017563431A Active JP6526248B2 (ja) | 2016-01-26 | 2016-01-26 | サーバ及びプログラム |
Country Status (7)
Country | Link |
---|---|
US (2) | US11201861B2 (ja) |
EP (1) | EP3410757B1 (ja) |
JP (1) | JP6526248B2 (ja) |
CN (1) | CN108496380B (ja) |
HK (1) | HK1254321A1 (ja) |
SG (1) | SG11201806343XA (ja) |
WO (1) | WO2017130292A1 (ja) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10542117B2 (en) | 2015-09-03 | 2020-01-21 | Verisign, Inc. | Systems and methods for providing secure access to shared registration systems |
US11329821B2 (en) * | 2015-12-28 | 2022-05-10 | Verisign, Inc. | Shared registration system |
JP7185978B2 (ja) | 2018-07-03 | 2022-12-08 | 株式会社ソラコム | 認証情報の設定を仲介するための装置及び方法 |
JP6892846B2 (ja) * | 2018-07-25 | 2021-06-23 | Kddi株式会社 | 認証用装置とサービス用装置とを含むコアネットワークシステムのユーザ認証方法 |
US10868808B1 (en) * | 2018-10-16 | 2020-12-15 | Sprint Communications Company L.P. | Server application access authentication based on SIM |
US11082451B2 (en) * | 2018-12-31 | 2021-08-03 | Citrix Systems, Inc. | Maintaining continuous network service |
US11070980B1 (en) | 2019-03-25 | 2021-07-20 | Sprint Communications Company L.P. | Secondary device authentication proxied from authenticated primary device |
US11657298B2 (en) | 2019-04-19 | 2023-05-23 | T-Mobile Usa, Inc. | Card engine for producing dynamically configured content |
EP3820106A1 (en) * | 2019-11-07 | 2021-05-12 | Nokia Solutions and Networks Oy | Method and apparatus for provisioning of internet devices |
US11675773B2 (en) | 2020-01-22 | 2023-06-13 | T-Mobile Usa, Inc. | Content management |
US11483155B2 (en) * | 2020-01-22 | 2022-10-25 | T-Mobile Usa, Inc. | Access control using proof-of-possession token |
US11481196B2 (en) | 2020-01-22 | 2022-10-25 | T-Mobile Usa, Inc. | User interface for accessing and modifying development area content |
US11601279B2 (en) * | 2020-06-12 | 2023-03-07 | Capital One Services, Llc | Systems and methods for payment authentication |
JP7280338B1 (ja) | 2021-12-06 | 2023-05-23 | エヌ・ティ・ティ・コミュニケーションズ株式会社 | 情報処理システム、トークン発行装置、情報処理方法、及びプログラム |
Family Cites Families (44)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101147377B (zh) | 2005-02-04 | 2013-03-27 | 高通股份有限公司 | 无线通信的安全自启动 |
US8996423B2 (en) * | 2005-04-19 | 2015-03-31 | Microsoft Corporation | Authentication for a commercial transaction using a mobile module |
GB2458470A (en) * | 2008-03-17 | 2009-09-23 | Vodafone Plc | Mobile terminal authorisation arrangements |
CN102016823A (zh) * | 2008-04-25 | 2011-04-13 | 中兴通讯股份有限公司 | 运营级的对等(p2p)网络、系统和方法 |
US9379895B2 (en) * | 2008-07-24 | 2016-06-28 | Zscaler, Inc. | HTTP authentication and authorization management |
US8078870B2 (en) * | 2009-05-14 | 2011-12-13 | Microsoft Corporation | HTTP-based authentication |
US20110030039A1 (en) | 2009-07-31 | 2011-02-03 | Eric Bilange | Device, method and apparatus for authentication on untrusted networks via trusted networks |
US20120184242A1 (en) * | 2009-10-01 | 2012-07-19 | Rambus Inc. | Methods and Systems for Enhancing Wireless Coverage |
US8171529B2 (en) * | 2009-12-17 | 2012-05-01 | Intel Corporation | Secure subscriber identity module service |
US20110173105A1 (en) * | 2010-01-08 | 2011-07-14 | Nokia Corporation | Utilizing AAA/HLR infrastructure for Web-SSO service charging |
CA2789495C (en) * | 2010-02-12 | 2019-03-12 | Bce Inc. | Seamless mobile subscriber identification |
US8301141B1 (en) * | 2010-08-26 | 2012-10-30 | Sprint Communications Company L.P. | Automatic profile updating for a wireless communication device |
US8627422B2 (en) * | 2010-11-06 | 2014-01-07 | Qualcomm Incorporated | Authentication in secure user plane location (SUPL) systems |
US8863256B1 (en) * | 2011-01-14 | 2014-10-14 | Cisco Technology, Inc. | System and method for enabling secure transactions using flexible identity management in a vehicular environment |
KR20130007797A (ko) * | 2011-07-11 | 2013-01-21 | 삼성전자주식회사 | 개방형 인증 방법 및 시스템 |
US8769626B2 (en) * | 2011-11-29 | 2014-07-01 | Cisco Technology, Inc. | Web authentication support for proxy mobile IP |
SG11201403482TA (en) * | 2011-12-21 | 2014-07-30 | Ssh Comm Security Oyj | Automated access, key, certificate, and credential management |
AU2013202553B2 (en) * | 2012-03-30 | 2015-10-01 | Commvault Systems, Inc. | Information management of mobile device data |
US9007635B2 (en) * | 2012-06-18 | 2015-04-14 | Canon Kabushiki Kaisha | Image-forming apparatus communicating with an information-processing apparatus |
WO2014084760A1 (en) * | 2012-11-27 | 2014-06-05 | Telefonaktiebolaget Lm Ericsson (Publ) | System for handling access by wireless devices in wi-fi network |
EP2932676B1 (en) * | 2012-12-17 | 2019-03-13 | Telefonaktiebolaget LM Ericsson (publ) | Authenticating public land mobile networks to mobile stations |
US9294454B2 (en) * | 2013-03-15 | 2016-03-22 | Microsoft Technology Licensing, Llc | Actively federated mobile authentication |
WO2014198745A1 (en) * | 2013-06-12 | 2014-12-18 | Telecom Italia S.P.A. | Mobile device authentication in heterogeneous communication networks scenario |
CA2918788C (en) * | 2013-07-24 | 2020-06-16 | Visa International Service Association | Systems and methods for interoperable network token processing |
US9413749B2 (en) * | 2013-08-20 | 2016-08-09 | Vascode Technologies Ltd. | System and method of authentication of a first party respective of a second party aided by a third party |
JP6153168B2 (ja) * | 2013-11-27 | 2017-06-28 | 日本電信電話株式会社 | 接続認証方法、そのシステムおよび端末 |
KR102144509B1 (ko) * | 2014-03-06 | 2020-08-14 | 삼성전자주식회사 | 근접 통신 방법 및 장치 |
US9270758B2 (en) * | 2014-03-31 | 2016-02-23 | Cellco Partnership | System for mobile application notary service |
US9942043B2 (en) * | 2014-04-23 | 2018-04-10 | Visa International Service Association | Token security on a communication device |
WO2015199319A1 (en) * | 2014-06-23 | 2015-12-30 | Samsung Electronics Co., Ltd. | Method and apparatus for optimizing internet communications |
EP3189414A4 (en) * | 2014-08-22 | 2018-04-18 | Priv8Pay, Inc. | Verification system for secure transmission in a distributed processing network |
AU2015311866B2 (en) * | 2014-09-03 | 2018-06-07 | Nant Holdings Ip, Llc | Synthetic genomic variant-based secure transaction devices, systems and methods |
US9420463B2 (en) * | 2014-09-30 | 2016-08-16 | Sap Se | Authorization based on access token |
US9553843B1 (en) * | 2014-10-08 | 2017-01-24 | Google Inc. | Service directory profile for a fabric network |
CA2910654A1 (en) * | 2014-11-10 | 2016-05-10 | Investel Capital Corporation | System and method for migrating a voice over data call between distinct data networks, and a voice over data call intermediating system and method therefor |
KR102272838B1 (ko) * | 2014-11-11 | 2021-07-06 | 삼성전자주식회사 | 이동통신 네트워크를 통한 데이터 서비스 제공 방법 및 장치 |
US10219153B2 (en) * | 2015-01-09 | 2019-02-26 | Samsung Electronics Co., Ltd. | Mutual authentication between user equipment and an evolved packet core |
US10659443B2 (en) * | 2015-01-23 | 2020-05-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and apparatus for obtaining a scoped token |
JP2016152471A (ja) * | 2015-02-17 | 2016-08-22 | 日本電気株式会社 | 通信システム及び通信方法 |
US9887991B2 (en) * | 2015-03-27 | 2018-02-06 | Yahoo Holdings, Inc. | Facilitation of service login |
US9538378B2 (en) * | 2015-04-01 | 2017-01-03 | Verizon Patent And Licensing Inc. | Controlling access to a long term evolution network via a non-long term evolution access network |
US20180159940A1 (en) * | 2015-07-03 | 2018-06-07 | Telefonaktiebolaget Lm Ericsson (Publ) | Method And Server For Managing Content Requests |
CN105072108B (zh) * | 2015-08-04 | 2018-10-19 | 小米科技有限责任公司 | 用户信息的传输方法、装置及系统 |
EP3160176B1 (en) * | 2015-10-19 | 2019-12-11 | Vodafone GmbH | Using a service of a mobile packet core network without having a sim card |
-
2016
- 2016-01-26 SG SG11201806343XA patent/SG11201806343XA/en unknown
- 2016-01-26 CN CN201680079732.1A patent/CN108496380B/zh active Active
- 2016-01-26 EP EP16887879.1A patent/EP3410757B1/en active Active
- 2016-01-26 WO PCT/JP2016/052175 patent/WO2017130292A1/ja active Application Filing
- 2016-01-26 JP JP2017563431A patent/JP6526248B2/ja active Active
-
2018
- 2018-07-20 US US16/040,907 patent/US11201861B2/en active Active
- 2018-10-17 HK HK18113290.0A patent/HK1254321A1/zh unknown
-
2021
- 2021-11-01 US US17/516,108 patent/US11831629B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
JPWO2017130292A1 (ja) | 2018-12-20 |
US11201861B2 (en) | 2021-12-14 |
US20180351943A1 (en) | 2018-12-06 |
US20220060464A1 (en) | 2022-02-24 |
HK1254321A1 (zh) | 2019-07-19 |
CN108496380B (zh) | 2021-02-02 |
SG11201806343XA (en) | 2018-08-30 |
EP3410757B1 (en) | 2019-12-18 |
WO2017130292A1 (ja) | 2017-08-03 |
US11831629B2 (en) | 2023-11-28 |
EP3410757A4 (en) | 2019-01-02 |
EP3410757A1 (en) | 2018-12-05 |
CN108496380A (zh) | 2018-09-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6526248B2 (ja) | サーバ及びプログラム | |
EP1998506B1 (en) | Method for controlling the connection of a virtual network | |
EP3120591B1 (en) | User identifier based device, identity and activity management system | |
CN110800331A (zh) | 网络验证方法、相关设备及系统 | |
US20100122338A1 (en) | Network system, dhcp server device, and dhcp client device | |
US9549318B2 (en) | System and method for delayed device registration on a network | |
US9107072B2 (en) | Seamless mobile subscriber identification | |
US11165768B2 (en) | Technique for connecting to a service | |
CN103997479B (zh) | 一种非对称服务ip代理方法和设备 | |
CN102710621B (zh) | 一种用户认证方法和系统 | |
CN104426656A (zh) | 数据收发方法及系统、消息的处理方法及装置 | |
US8769623B2 (en) | Grouping multiple network addresses of a subscriber into a single communication session | |
US10505913B2 (en) | Communication management system, access point, communication management device, connection control method, communication management method, and program | |
JP2016115260A (ja) | 権限移譲システム、権限移譲システムに用いられる認可サーバー、リソースサーバー、クライアント、媒介装置、権限移譲方法およびプログラム | |
KR20120044381A (ko) | 신원과 위치 정보가 분리된 네트워크에서 사용자가 icp 웹사이트에 로그인 하는 방법, 시스템 및 로그인 장치 | |
US20120106399A1 (en) | Identity management system | |
WO2018073572A1 (en) | Portal aggregation service mapping subscriber device identifiers to portal addresses to which connection and authentication requests are redirected and facilitating mass subscriber apparatus configuration | |
CN106954214B (zh) | 电子设备及其控制方法 | |
JP2013105250A (ja) | アクセス回線特定・認証システム | |
CN103200147B (zh) | 第三方业务的请求方法及装置 | |
JP2004078280A (ja) | リモートアクセス仲介システム及び方法 | |
JP2006229265A (ja) | ゲートウェイシステム | |
JP5632429B2 (ja) | オープンな通信環境にクローズな通信環境を構築するサービス認証方法及びシステム | |
CN106549918A (zh) | 一种推送业务异常原因页面的方法及装置 | |
WO2013034108A1 (zh) | 一种构建云服务的系统及方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20180724 |
|
A529 | Written submission of copy of amendment under article 34 pct |
Free format text: JAPANESE INTERMEDIATE CODE: A5211 Effective date: 20180724 |
|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20180724 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20190329 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20190507 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 6526248 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |