JP6991773B2 - システム、デバイス管理システム、及びその方法 - Google Patents

システム、デバイス管理システム、及びその方法 Download PDF

Info

Publication number
JP6991773B2
JP6991773B2 JP2017148620A JP2017148620A JP6991773B2 JP 6991773 B2 JP6991773 B2 JP 6991773B2 JP 2017148620 A JP2017148620 A JP 2017148620A JP 2017148620 A JP2017148620 A JP 2017148620A JP 6991773 B2 JP6991773 B2 JP 6991773B2
Authority
JP
Japan
Prior art keywords
user
authentication
terminal
network device
device management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2017148620A
Other languages
English (en)
Japanese (ja)
Other versions
JP2019028805A5 (enExample
JP2019028805A (ja
Inventor
弘孝 船山
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Canon Inc
Original Assignee
Canon Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Canon Inc filed Critical Canon Inc
Priority to JP2017148620A priority Critical patent/JP6991773B2/ja
Priority to CN201810844129.9A priority patent/CN109327429B/zh
Priority to US16/047,897 priority patent/US10984084B2/en
Priority to EP18186218.6A priority patent/EP3438862B1/en
Priority to KR1020180088403A priority patent/KR102357559B1/ko
Publication of JP2019028805A publication Critical patent/JP2019028805A/ja
Publication of JP2019028805A5 publication Critical patent/JP2019028805A5/ja
Application granted granted Critical
Publication of JP6991773B2 publication Critical patent/JP6991773B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Power Engineering (AREA)
  • Facsimiles In General (AREA)
  • Collating Specific Patterns (AREA)
  • Computer And Data Communications (AREA)
JP2017148620A 2017-07-31 2017-07-31 システム、デバイス管理システム、及びその方法 Active JP6991773B2 (ja)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2017148620A JP6991773B2 (ja) 2017-07-31 2017-07-31 システム、デバイス管理システム、及びその方法
CN201810844129.9A CN109327429B (zh) 2017-07-31 2018-07-27 认证系统、装置管理系统及其方法
US16/047,897 US10984084B2 (en) 2017-07-31 2018-07-27 System, device management system, and methods for the same
EP18186218.6A EP3438862B1 (en) 2017-07-31 2018-07-30 Device management with challenge response and biometric user authentication
KR1020180088403A KR102357559B1 (ko) 2017-07-31 2018-07-30 시스템, 디바이스 관리 시스템 및 그 방법

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2017148620A JP6991773B2 (ja) 2017-07-31 2017-07-31 システム、デバイス管理システム、及びその方法

Publications (3)

Publication Number Publication Date
JP2019028805A JP2019028805A (ja) 2019-02-21
JP2019028805A5 JP2019028805A5 (enExample) 2020-08-27
JP6991773B2 true JP6991773B2 (ja) 2022-01-13

Family

ID=63244378

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2017148620A Active JP6991773B2 (ja) 2017-07-31 2017-07-31 システム、デバイス管理システム、及びその方法

Country Status (5)

Country Link
US (1) US10984084B2 (enExample)
EP (1) EP3438862B1 (enExample)
JP (1) JP6991773B2 (enExample)
KR (1) KR102357559B1 (enExample)
CN (1) CN109327429B (enExample)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109714167B (zh) * 2019-03-15 2020-08-25 北京邮电大学 适用于移动应用签名的身份认证与密钥协商方法及设备
CN110417769A (zh) * 2019-07-24 2019-11-05 孙洪亮 一种工业互联网平台多重身份认证方法
CN114258542A (zh) * 2019-08-16 2022-03-29 惠普发展公司,有限责任合伙企业 远程命令
CN112311785A (zh) * 2020-10-27 2021-02-02 珠海格力电器股份有限公司 设备认证信息级联更新的方法和装置
JP7532220B2 (ja) * 2020-11-10 2024-08-13 キヤノン株式会社 通信装置、通信装置の制御方法、及びプログラム
JP7517177B2 (ja) * 2021-01-28 2024-07-17 富士フイルムビジネスイノベーション株式会社 情報処理装置及び情報処理プログラム
JP7282113B2 (ja) * 2021-02-10 2023-05-26 株式会社日立製作所 ユーザのリソースへのアクセスを制御するシステム及び方法
TW202516950A (zh) * 2023-10-05 2025-04-16 宏碁股份有限公司 連線授權系統和方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007094165A1 (ja) 2006-02-15 2007-08-23 Nec Corporation 本人確認システムおよびプログラム、並びに、本人確認方法
JP2008033949A (ja) 2007-09-03 2008-02-14 Hitachi Ltd 生体認証システム
JP2010092442A (ja) 2008-10-13 2010-04-22 Kodo Joho Gijutsu Kenkyusho:Kk 本人認証のための方法、システム、判定装置、端末装置、サーバ装置、プログラムおよび記録媒体

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110237234A1 (en) * 2010-03-23 2011-09-29 Fujitsu Limited System and methods for remote maintenance in an electronic network with multiple clients
JP5753772B2 (ja) 2011-12-12 2015-07-22 株式会社日立製作所 生体認証システム
US9455839B2 (en) 2014-07-30 2016-09-27 Master Lock Company Llc Wireless key management for authentication
JP6265873B2 (ja) 2014-09-24 2018-01-24 キヤノン株式会社 モバイル端末とその制御方法、及びプログラム
KR101575687B1 (ko) * 2015-09-07 2015-12-21 권봉균 생체인식 본인인증 방법
CN106899551B (zh) 2015-12-21 2020-04-17 中国电信股份有限公司 认证方法、认证终端以及系统
CN106686004B (zh) 2017-02-28 2019-07-12 飞天诚信科技股份有限公司 一种登录认证方法及系统
JP6759152B2 (ja) * 2017-05-24 2020-09-23 キヤノン株式会社 画像処理装置、方法、プログラム及びシステム
JP6882080B2 (ja) * 2017-05-31 2021-06-02 キヤノン株式会社 画像処理装置、方法、プログラム及びシステム
JP7030476B2 (ja) * 2017-11-06 2022-03-07 キヤノン株式会社 画像処理装置、画像処理装置の制御方法、プログラム、システム、およびシステムの制御方法
JP7066380B2 (ja) * 2017-11-17 2022-05-13 キヤノン株式会社 システム、システムにおける方法、情報処理装置、情報処理装置における方法、およびプログラム
JP7091057B2 (ja) * 2017-11-22 2022-06-27 キヤノン株式会社 情報処理装置、情報処理装置における方法、およびプログラム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007094165A1 (ja) 2006-02-15 2007-08-23 Nec Corporation 本人確認システムおよびプログラム、並びに、本人確認方法
US20100287369A1 (en) 2006-02-15 2010-11-11 Nec Corporation Id system and program, and id method
JP2008033949A (ja) 2007-09-03 2008-02-14 Hitachi Ltd 生体認証システム
JP2010092442A (ja) 2008-10-13 2010-04-22 Kodo Joho Gijutsu Kenkyusho:Kk 本人認証のための方法、システム、判定装置、端末装置、サーバ装置、プログラムおよび記録媒体

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
井澤 秀益 HIDEMITSU IZAWA,次世代認証技術を金融機関が導入する際の留意点 -FIDOを中心に-,日本銀行 金融研究所ディスカッション・ペーパー・シリーズ 次世代認証技術を金融機関が導入する際の留意点 -FIDOを中心に- Discussion Paper No.2016-J-3 [online] ,日本銀行,2016年02月29日,pp.2-7
緒方 祐介 ほか,公開鍵秘密鍵を用いた認証方式に関するセキュリティ、利便性、運用性における一考察,電子情報通信学会技術研究報告,日本,一般社団法人電子情報通信学会,2015年10月08日,Vol.115 No.252,p. 13-18

Also Published As

Publication number Publication date
CN109327429A (zh) 2019-02-12
EP3438862A1 (en) 2019-02-06
EP3438862B1 (en) 2020-09-09
US20190034607A1 (en) 2019-01-31
KR20190013637A (ko) 2019-02-11
KR102357559B1 (ko) 2022-02-04
CN109327429B (zh) 2021-08-17
JP2019028805A (ja) 2019-02-21
US10984084B2 (en) 2021-04-20

Similar Documents

Publication Publication Date Title
JP6991773B2 (ja) システム、デバイス管理システム、及びその方法
JP6727799B2 (ja) 権限委譲システム、情報処理装置、認可サーバ、制御方法およびプログラム
US11023568B2 (en) Image processing apparatus, system related to image processing apparatus, and method
US20200280446A1 (en) Service usage apparatus, method therefor, and non-transitory computer-readable storage medium
JP6882080B2 (ja) 画像処理装置、方法、プログラム及びシステム
US10750050B2 (en) IMAGE PROCESSING APPARATUS, METHOD FOR CONTROLLING IMAGE Processing apparatus, program storage medium, system, and method for controlling system for use in biometric authentication
US9288213B2 (en) System and service providing apparatus
JP6467869B2 (ja) 情報処理システム及び情報処理方法
US10326758B2 (en) Service provision system, information processing system, information processing apparatus, and service provision method
CN103716483B (zh) 通信系统、客户端设备、中继设备和方法
US9203822B2 (en) Network system, data processing apparatus, and method for multi-factor authentication
JP6278651B2 (ja) ネットワークシステム、管理サーバシステム、制御方法及びプログラム
CN101166156A (zh) 文档管理系统和文档管理方法
JP2019096077A (ja) 情報処理装置、情報処理装置における方法、およびプログラム
JP6942541B2 (ja) 画像形成装置とその制御方法、及びプログラム
JP2019096938A (ja) システム、システムにおける方法、情報処理装置、情報処理装置における方法、およびプログラム
WO2013042306A1 (ja) 認証システム、認証サーバ、認証方法および認証用プログラム
CN109428725A (zh) 信息处理设备、控制方法和存储介质
JP5558230B2 (ja) ログ情報処理装置、画像形成装置、ログ情報処理方法およびログ情報処理プログラム
JP2014179027A (ja) システム、画像形成システム、情報処理方法およびプログラム
JP2014137672A (ja) 管理システム、管理方法およびコンピュータプログラム
JP2020036319A (ja) 情報処理システム
KR20140043628A (ko) 보안 로그인 처리 방법
JP2010186380A (ja) 情報管理システム
JP5212721B2 (ja) リモートアクセス管理システム及び方法

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20200713

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20200713

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20210531

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20210615

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20210727

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20210831

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20211019

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20211109

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20211208

R151 Written notification of patent or utility model registration

Ref document number: 6991773

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R151