JP7109909B2 - コンピュータネットワーク内のユーザの認証 - Google Patents

コンピュータネットワーク内のユーザの認証 Download PDF

Info

Publication number
JP7109909B2
JP7109909B2 JP2017224431A JP2017224431A JP7109909B2 JP 7109909 B2 JP7109909 B2 JP 7109909B2 JP 2017224431 A JP2017224431 A JP 2017224431A JP 2017224431 A JP2017224431 A JP 2017224431A JP 7109909 B2 JP7109909 B2 JP 7109909B2
Authority
JP
Japan
Prior art keywords
authenticator
temporary
host
user
network device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2017224431A
Other languages
English (en)
Japanese (ja)
Other versions
JP2018117340A5 (enExample
JP2018117340A (ja
Inventor
ロッシ マルック
Original Assignee
エスエスホー コミュニケーションズ セキュリティ オサケユイチアユルキネン
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by エスエスホー コミュニケーションズ セキュリティ オサケユイチアユルキネン filed Critical エスエスホー コミュニケーションズ セキュリティ オサケユイチアユルキネン
Publication of JP2018117340A publication Critical patent/JP2018117340A/ja
Publication of JP2018117340A5 publication Critical patent/JP2018117340A5/ja
Application granted granted Critical
Publication of JP7109909B2 publication Critical patent/JP7109909B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
JP2017224431A 2016-11-28 2017-11-22 コンピュータネットワーク内のユーザの認証 Active JP7109909B2 (ja)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/361,672 2016-11-28
US15/361,672 US10764263B2 (en) 2016-11-28 2016-11-28 Authentication of users in a computer network

Publications (3)

Publication Number Publication Date
JP2018117340A JP2018117340A (ja) 2018-07-26
JP2018117340A5 JP2018117340A5 (enExample) 2021-01-14
JP7109909B2 true JP7109909B2 (ja) 2022-08-01

Family

ID=60480193

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2017224431A Active JP7109909B2 (ja) 2016-11-28 2017-11-22 コンピュータネットワーク内のユーザの認証

Country Status (3)

Country Link
US (1) US10764263B2 (enExample)
EP (1) EP3328023B1 (enExample)
JP (1) JP7109909B2 (enExample)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10951421B2 (en) * 2016-11-28 2021-03-16 Ssh Communications Security Oyj Accessing hosts in a computer network
US11418352B2 (en) * 2018-02-21 2022-08-16 Akamai Technologies, Inc. Certificate authority (CA) security model in an overlay network supporting a branch appliance
CN117326592A (zh) 2018-06-20 2024-01-02 住友金属矿山株式会社 复合钨氧化物膜及其制造方法以及具有该膜的膜形成基材和物品
US20210409385A1 (en) * 2018-11-23 2021-12-30 Nokia Solutions And Networks Oy Method and apparatus for authenticating a device or user
US12099997B1 (en) 2020-01-31 2024-09-24 Steven Mark Hoffberg Tokenized fungible liabilities
CN111404957B (zh) * 2020-03-25 2022-12-30 湖南快乐阳光互动娱乐传媒有限公司 一种基于ssh提升cdn服务器安全性的方法及系统
CN112491867B (zh) * 2020-11-24 2021-11-12 北京航空航天大学 一种基于会话相似性分析的ssh中间人攻击检测系统
US11824860B2 (en) 2021-06-16 2023-11-21 Ebay Inc. Session-centric access control for secure ephemeral shells
US12278807B2 (en) * 2021-09-30 2025-04-15 Fortinet, Inc. Proxy SSH public key authentication in cloud environment
US12401526B2 (en) 2023-07-18 2025-08-26 Oracle International Corporation Updating digital certificates associated with a virtual cloud network
US12425239B2 (en) 2023-08-10 2025-09-23 Oracle International Corporation Authenticating certificate bundles with asymmetric keys
US12401657B2 (en) 2023-09-13 2025-08-26 Oracle International Corporation Aggregating certificate authority certificates for authenticating network entities located in different trust zones
US12425240B2 (en) 2023-09-13 2025-09-23 Oracle International Corporation Certificate revocation list management services
US12401634B2 (en) 2023-09-14 2025-08-26 Oracle International Corporation Distributing certificate bundles according to fault domains
US12432076B2 (en) 2023-10-24 2025-09-30 Oracle International Corporation Provisioning hosts with operator accounts for use by clients to access target resources
US12438733B2 (en) 2023-10-25 2025-10-07 Oracle International Corporation Authorizing requests for access credentials, for accessing cloud resources, based on successful stateless validation of digital certificates
US12495032B2 (en) 2024-03-08 2025-12-09 Oracle International Corporation Orchestrating distribution of digital certificates to an execution environment of a computing network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005085102A (ja) 2003-09-10 2005-03-31 Canon Inc 保証システム
JP2008005434A (ja) 2006-06-26 2008-01-10 Toshiba Corp 通信制御装置、通信制御方法および通信制御プログラム
JP2009533945A (ja) 2006-04-10 2009-09-17 トラスト インテグレーション サービシィズ ベスローテン フェンノートシャップ データを安全に伝送するための装置および方法
JP2010192947A (ja) 2009-02-13 2010-09-02 Fuji Xerox Co Ltd 通信システム、中継装置、末端装置、及びプログラム
US20130081132A1 (en) 2011-09-28 2013-03-28 Samsung Sds Co., Ltd. Apparatus and method for providing virtual private network service based on mutual authentication

Family Cites Families (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6367009B1 (en) * 1998-12-17 2002-04-02 International Business Machines Corporation Extending SSL to a multi-tier environment using delegation of authentication and authority
US7085931B1 (en) 1999-09-03 2006-08-01 Secure Computing Corporation Virtual smart card system and method
US20020080190A1 (en) 2000-12-23 2002-06-27 International Business Machines Corporation Back-up and usage of secure copies of smart card data objects
JP4602606B2 (ja) 2001-08-15 2010-12-22 ソニー株式会社 認証処理システム、認証処理方法、および認証デバイス、並びにコンピュータ・プログラム
KR100449484B1 (ko) 2001-10-18 2004-09-21 한국전자통신연구원 공개키 기반 구조 인증시스템에서 생체정보를 이용한인증서 발급 방법
SE0104344D0 (sv) 2001-12-20 2001-12-20 Au System Ab Publ System och förfarande
US7506368B1 (en) * 2003-02-13 2009-03-17 Cisco Technology, Inc. Methods and apparatus for network communications via a transparent security proxy
US8214884B2 (en) 2003-06-27 2012-07-03 Attachmate Corporation Computer-based dynamic secure non-cached delivery of security credentials such as digitally signed certificates or keys
US7472277B2 (en) * 2004-06-17 2008-12-30 International Business Machines Corporation User controlled anonymity when evaluating into a role
US7853995B2 (en) 2005-11-18 2010-12-14 Microsoft Corporation Short-lived certificate authority service
CA2531533C (en) 2005-12-28 2013-08-06 Bce Inc. Session-based public key infrastructure
US7882538B1 (en) 2006-02-02 2011-02-01 Juniper Networks, Inc. Local caching of endpoint security information
US8015594B2 (en) 2006-03-17 2011-09-06 Cisco Technology, Inc. Techniques for validating public keys using AAA services
WO2008009112A1 (en) * 2006-07-18 2008-01-24 Certicom Corp. System and method for authenticating a gaming device
US8181227B2 (en) 2006-08-29 2012-05-15 Akamai Technologies, Inc. System and method for client-side authenticaton for secure internet communications
US7469151B2 (en) 2006-09-01 2008-12-23 Vivotech, Inc. Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities
US8402514B1 (en) 2006-11-17 2013-03-19 Network Appliance, Inc. Hierarchy-aware role-based access control
US8214635B2 (en) 2006-11-28 2012-07-03 Cisco Technology, Inc. Transparent proxy of encrypted sessions
US20090037729A1 (en) 2007-08-03 2009-02-05 Lawrence Smith Authentication factors with public-key infrastructure
WO2009070430A2 (en) 2007-11-08 2009-06-04 Suridx, Inc. Apparatus and methods for providing scalable, dynamic, individualized credential services using mobile telephones
US8539562B2 (en) 2010-12-09 2013-09-17 International Business Machines Corporation Automated management of system credentials
US8843750B1 (en) * 2011-01-28 2014-09-23 Symantec Corporation Monitoring content transmitted through secured communication channels
US9008316B2 (en) * 2012-03-29 2015-04-14 Microsoft Technology Licensing, Llc Role-based distributed key management
US9369279B2 (en) 2013-09-23 2016-06-14 Venafi, Inc. Handling key rotation problems
US9369282B2 (en) 2014-01-29 2016-06-14 Red Hat, Inc. Mobile device user authentication for accessing protected network resources
EP3050011B1 (en) * 2014-05-02 2017-09-20 Barclays Bank Plc. Transaction authentication
US10021088B2 (en) 2014-09-30 2018-07-10 Citrix Systems, Inc. Fast smart card logon
US9538376B2 (en) * 2014-12-23 2017-01-03 Ssh Communications Security Oyj Authenticating data communications
WO2017004470A1 (en) * 2015-06-30 2017-01-05 Visa International Service Association Mutual authentication of confidential communication
US10645577B2 (en) * 2016-07-15 2020-05-05 Avago Technologies International Sales Pte. Limited Enhanced secure provisioning for hotspots

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005085102A (ja) 2003-09-10 2005-03-31 Canon Inc 保証システム
JP2009533945A (ja) 2006-04-10 2009-09-17 トラスト インテグレーション サービシィズ ベスローテン フェンノートシャップ データを安全に伝送するための装置および方法
JP2008005434A (ja) 2006-06-26 2008-01-10 Toshiba Corp 通信制御装置、通信制御方法および通信制御プログラム
JP2010192947A (ja) 2009-02-13 2010-09-02 Fuji Xerox Co Ltd 通信システム、中継装置、末端装置、及びプログラム
US20130081132A1 (en) 2011-09-28 2013-03-28 Samsung Sds Co., Ltd. Apparatus and method for providing virtual private network service based on mutual authentication

Also Published As

Publication number Publication date
US20180152426A1 (en) 2018-05-31
EP3328023A1 (en) 2018-05-30
EP3328023B1 (en) 2022-03-16
JP2018117340A (ja) 2018-07-26
US10764263B2 (en) 2020-09-01

Similar Documents

Publication Publication Date Title
JP7109909B2 (ja) コンピュータネットワーク内のユーザの認証
US12101416B2 (en) Accessing hosts in a computer network
US12309262B2 (en) System and method for pre-shared key (PSK) based document security
US10706427B2 (en) Authenticating and enforcing compliance of devices using external services
US8549300B1 (en) Virtual single sign-on for certificate-protected resources
US9887975B1 (en) Systems and methods for delegated cryptography
CN102047262B (zh) 用于分布式安全内容管理系统的认证
Winter et al. Transport layer security (TLS) encryption for RADIUS
US8281371B1 (en) Authentication and authorization in network layer two and network layer three
US9699158B2 (en) Network user identification and authentication
EP3328025B1 (en) Accessing hosts in a hybrid computer network
US20030217148A1 (en) Method and apparatus for LAN authentication on switch
US10484357B1 (en) Method and apparatus for federated single sign on using authentication broker
US9538376B2 (en) Authenticating data communications
JP2009538478A5 (enExample)
US20180375866A1 (en) Secure communication network
US20160182471A1 (en) Network security broker
CN104813607A (zh) 用于专用网络的基于电子集合的两级访问控制
Ali et al. Flexible and scalable public key security for SSH
HK1256070B (en) Accessing hosts in a hybrid computer network
JP2006216014A (ja) メッセージを認証するためのシステムおよび方法、メッセージを認証するためのファイアウォール、ネットワーク装置、および、コンピュータ読み取り可能な媒体
Winter et al. RFC 6614: Transport Layer Security (TLS) Encryption for RADIUS
Howlett Internet-Draft Janet Intended status: Informational S. Hartman Expires: January 4, 2014 Painless Security July 3, 2013

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20201117

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20201117

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20211020

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20211116

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20220214

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20220621

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20220720

R150 Certificate of patent or registration of utility model

Ref document number: 7109909

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250