WO2005041480A1 - Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre - Google Patents

Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre Download PDF

Info

Publication number
WO2005041480A1
WO2005041480A1 PCT/CN2003/000912 CN0300912W WO2005041480A1 WO 2005041480 A1 WO2005041480 A1 WO 2005041480A1 CN 0300912 W CN0300912 W CN 0300912W WO 2005041480 A1 WO2005041480 A1 WO 2005041480A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
authentication
hardware
mail server
user
Prior art date
Application number
PCT/CN2003/000912
Other languages
English (en)
Chinese (zh)
Inventor
Hui Lin
Original Assignee
Hui Lin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hui Lin filed Critical Hui Lin
Priority to AU2003277472A priority Critical patent/AU2003277472A1/en
Priority to PCT/CN2003/000912 priority patent/WO2005041480A1/fr
Priority to CN200380110622.XA priority patent/CN1860729A/zh
Publication of WO2005041480A1 publication Critical patent/WO2005041480A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Definitions

  • the present invention relates to a mail server login security authentication method and IC card authentication hardware, and more particularly to a design with high security and high value that uses authentication hardware as a mail server login medium. Background technique
  • e-Mail is an indispensable main tool for information delivery and business engagement, accounting for up to about 70% of corporate network resource use, and growing rapidly at a rate of 500% each year.
  • CNET Magazine's estimates at the end of 2001, the number of email accounts had exceeded the 1 billion mark. If an average of 20 to 30 letters were received per day for each email address, there would be tens of billions of emails in various different days. Transmission on the Internet, which shows the importance of email in the current Internet.
  • SMSTP Simple Mail Transfer Protocol
  • the traditional mail transfer protocol does not have the function of user authentication, which is quite easy to be abused as a forwarding point for advertising mail or spam.
  • the mail delivery mechanism without the identity authentication function also causes difficulties for system management or network administrators in handling problem mail tracking.
  • any membership-based function on the network including login to the Mail Server, has its own set of passwords or a random set of passwords by the server itself
  • information information is encrypted on the web server side; even if encryption is implemented, in order to prevent the leakage of communication Internet information, there are programs and logics for research and design of encryption technology.
  • the customer is relatively resistant, but in the current situation, it cannot be completely prevented, which obviously indicates that a computer protected only by a password is not secure enough.
  • hackers in order to fully grasp the connection established above, and impersonate the original user to access resources and services on the remote host, will also impersonate the identity of the host and return a lot of useless data to the user. who attempted to paralysis disease client computing power of the computer system (Denial of service; DoS) 0
  • DoS paralysis disease client computing power of the computer system
  • the hacker can not only fake original user identity in order to access the resources and services on the remote host, any release, tamper Or delete the data so that the system administrator on the host side cannot detect it. What is more serious is that the hacker deletes and modifies the data in such an inconspicuous manner, making it difficult for the original user to clear himself when the source (user identity) of the message cannot be confirmed.
  • LAN local area network
  • Ethernet-based IP networks are used as an example. All the data (packets) are broadcasted to all PCs in the local area network. Because each PC has a Network Interface Card, it can filter out packets that are not sent to itself. The hidden problem gives another good opportunity for hackers to invade (intercept the data transmitted on the LAN).
  • All packets are broadcast to all PCs in the local area network in a broadcast (Broadcasting) manner, and exist in the form of plain text. Therefore, anyone connected to a local area network can play the role of a sniffer and generously peek at other people's data.
  • the purpose of the present invention is to solve the existing mail server (Mail Server) login method.
  • the password encoding and decoding operations on the mail server (Mail Server) alone cannot really ensure that it cannot be cracked by hackers. Only password login protection is available.
  • the computer is not secure enough.
  • a mail server login security authentication method wherein: an identity check secret is built in Integrated circuit card identification code ICCID (Integrated Circuit Card Identification) and an international verification code Global Identification Number GLN (Global Number) integrated circuit IC (Integrated Circuit) card is placed in an IC card reading device (Reader), and the device
  • ICCID Integrated Circuit Card Identification
  • GLN Global Number
  • IC Integrated Circuit
  • Step a The user uses the authentication hardware of the device, an IC card and an IC card reader, to log in to the Mail Server, enter the information the user needs to log in, and press the Login button.
  • Step b Use the embedded program of the IC card to direct its login process to the CA authentication server, and pass the ICCID password built in the IC card to the CA (Certification Authority) authentication server, and pass the CA authentication server
  • a special program is used to determine whether the IC card of the authentication hardware is legal and the audit authority. If it is correct, the number of logins is recorded on the database of the CA identity authentication server, and a successful authentication hardware authentication is generated (Server
  • Step c After the foregoing steps are correct, the IC card uses the embedded program of the IC card to use the random random value (Random) obtained for decoding Built-in ICCID password and generate an IC card authentication
  • the ICCID password and IC card authentication are transmitted to the CA authentication server by means of (Client Result) for decryption again to confirm the correctness of the authentication hardware and user information.
  • IC card authentication hardware for mail server login security authentication, in which: the IC card has a built-in identity verification code ICCID and an international verification code GLN, the IC card is placed in an IC card reading device (Reader), and the device It is generally used on computer-compatible hardware as authentication hardware; the device's IC card authentication hardware can be a Universal Serial Bus (Universal Serial USB)
  • the authentication hardware of the device's IC card can be a universal connection PS2 (Public
  • the authentication hardware of the IC card of the device may be a piece of hardware with wireless communication.
  • the authentication hardware of the IC card of the device can be an IEEE1394 interface hardware.
  • the authentication hardware of the IC card of the device may be an IR (infrared) interface hardware.
  • the authentication hardware of the device's IC card can be a flash memory.
  • the device's IC card authentication hardware can be a PCMCIA (Personal Memory Card
  • the authentication hardware of the IC card of the device may be a keyboard, a mouse, or a game joystick.
  • the authentication hardware of the device's IC card can be a Web Cam (network camera).
  • the main idea of the present invention is that the current network security loopholes are full, and the users are not sufficiently protected from using their private data online. Therefore, they are devoted to researching the use of an IC card with an authentication hardware, and CA identity authentication server (security control mechanism). ) In order to achieve the five major information security requirements to enhance the secure transmission of electronic data networks, namely:
  • Ensuring that data messages are not peeped or stolen by third parties to protect the privacy of data transmitted by data can be accomplished by data encryption.
  • Sending and receiving messages to prevent users from later denying that they have transmitted data can be achieved through digital signatures and a public key infrastructure.
  • the execution authority of the functions of the security control module can be determined.
  • the IC card used in the present invention is mainly burned into the chip in the form of firmware, and has the advantage of large storage capacity. It is not common for people to make and edit by themselves, and it is not easy to be counterfeited and stolen.
  • the function of preventing cracking is strong, which can effectively prevent the problem of malicious misappropriation, and it can be more effectively used with the result of mutual encryption and decryption and cross-comparison between the mail server at the destination and the CA identity authentication server. Users swim in a secure network environment and can appreciate the beauty that technology brings to humans.
  • the authentication hardware that comes with the device is hardware that is generally compatible with a computer's USB interface or PS2 slot, or has wireless communication and infrared transmission. It can be used as a storage medium, for example, it can be matched with flash memory, so that the data can not be stored only on a fixed hard disk, so that it has the confidentiality, security and mobility of data access, and can even be widely applied to all Compatible peripheral hardware can be regarded as legally used. Its hardware presentation method is similar to the use of ordinary access keys. Its use mode is more acceptable to ordinary users.
  • the present invention can also be used to set the read permission of personal files, and the unlocking method can be successfully unlocked only through the present invention, which is convenient and safe. In addition, it can protect the privacy of personal data in a thorough manner. It can even lock the use rights of peripheral hardware and prohibit people without the use rights.
  • the present invention can ensure the security of the user's authentication at the mail server through the above-mentioned several encryption and decryption and encoding protection actions, and avoid the leakage of the user's private information, and the CA identity authentication server can be more appropriate. Provides a more secure and better-protected environment for the mail server.
  • the present invention uses an IC card to store the user's private authentication data and an identity check password ICCID.
  • the IC card device is generally compatible with computer USB interface or PS2 slot or hardware with wireless communication. It is used as authentication hardware, and an authentication program is used in the mail server. The user uses this authentication hardware to log in to the mail.
  • Server (Mail Server), through several encryption and decryption and encoding protection actions to ensure the security of the user's login authentication on the website, and to prevent the leakage of the user's private information, and can be a mail server (Mail Server) ) Provide a more secure and high-quality network environment.
  • FIG. 1 is a flowchart of steps of the present invention
  • FIG. 2 is a schematic diagram of available hardware of the IC card device used in the present invention.
  • FIG. 3 is a schematic diagram of the entity process guidance of the present invention.
  • FIG. 4 is a diagram of an embodiment of an application of the IC card provided by the present invention.
  • FIG. 5 is a diagram of an embodiment of an integrated application of an IC card device and a PCMCIA interface device with the present invention
  • FIG. 6 is a diagram of an embodiment of the integrated application of the IC card device and the flash memory in accordance with the present invention
  • FIG. 7 is a schematic diagram of the IC card device in the present invention inserted into the shell of the computer host with the flash memory.
  • FIG. 1 is a flowchart of the steps of the present invention.
  • the diagram includes four main steps: & , b, c, and d.
  • Another correct login process includes five main steps, including step. 1 to step. 5:
  • Step a The user logs in to the mail server using the authentication hardware of the device—an IC card and an IC card reader (Reader) ( Mail Server), enter the information the user needs to log in, and press the Login button;
  • Step b Use the embedded program of the IC card to direct its login process to the CA identity authentication server, and pass the ICCID password built into the IC card to the CA identity authentication server (step. 1), and pass the CA identity authentication server special Program to determine whether the IC card on the authentication hardware is legal and the audit authority. If it is correct, record the number of logins on the CA identity authentication server database to generate a server result that successfully authenticates the authentication hardware and return the decoding process. Random random value (Random) generated in the IC card (step. 2);
  • Step c After the foregoing steps are correct, the IC card uses the embedded random value of the IC card to decode the built-in ICCID password, and generates an IC card authentication (Client Result) (step. 3) , And direct its registration process to the mail server (Mail Server), and the ICCID password, the use of industrial card certification (Client Result), the user enters the information to the mail server (Mail Server), let mail The server (Mail Server) determines whether the information entered by the user is correct according to its database, and queries the availability date (avail date);
  • Step d After the previous steps are correct, the mail server (Mail Server) transmits the accepted ICCID password and IC card authentication to the CA identity authentication server by means of (Client Result) for decryption again to confirm the authentication hardware and user information. Correctness (step. 4).
  • the first step a refers to: the user checks the password ICCID and the international verification code GLN by an IC card built-in identity, puts the IC card into an IC card reading device (Reader), and the device is generally compatible with a computer USB interface or PS2 slot, or hardware with wireless communication, infrared transmission, etc., as authentication hardware, and use this authentication hardware to log in to the Mail Server login mode, register its user name (Usemame) and After the password, press Login.
  • the CA identity authentication server After the hardware authentication is passed, the CA identity authentication server The device will send the random random value generated back to the IC card as a KEY for cross-comparison with the CA identity authentication server after the mail server end passes the second-step authentication process; If the ICCID password in the IC card on the authentication hardware is not authorized in the comparison result (Validated), the system will notify the user that the hardware authentication fails and the communication is lost. Qualifications login. This is the first certification process.
  • Step c refers to: the first step of the authentication process is successful, the general application website server (AP Server) will first receive the KEY value sent by the CA identity authentication server on the IC card, ICCID password, the user entered by the user Name (Username) and typed Password (Password), and then direct its process to the Mail Server (Mail Server) to check whether the Username and Password are correct, and check the effective use of the user Whether the period has expired.
  • AP Server general application website server
  • Step d refers to: if the comparison is correct in step c, the KEY value and the ICCID password are returned to the CA identity authentication server for encryption and decryption, and the value of the ICCID password is first decrypted through a special process, and the CA identity is compared by this.
  • the authentication database corresponds to the ICCID password and is authorized to pass the (Validated) EKI, and then the KEY value is used to decrypt the EKI value.
  • the comparison is consistent with the Server Result. If they match, the second step authentication is passed.
  • the user passes the cross If the comparison is determined to be a legitimate user, the user can pass the login portal with legal use rights, continue to import the next Web Page, and clear the Server Result encrypted and decrypted on the CA identity authentication server, so that when the user next logs in A new Server Result can be generated and stored temporarily. If the comparison result does not match, the Mail Server is notified of the authentication hardware ICCID password error, the authentication fails, and the qualification for customs clearance registration is lost. This is the second step authentication process.
  • FIG. 2 is a schematic diagram of the available hardware of the device of the present invention.
  • the IC card 30 is mainly burned into the chip in the form of firmware, and has the advantage of large storage capacity, and it is not easy for ordinary people to make and edit, and it is not easy to be counterfeited and stolen. Its anti-counterfeiting and crack-proof functions are strong. Effectively prevent the problem of malicious misappropriation, and match the results of mutual encryption, decryption, and cross-comparison between the destination mail server and the CA identity authentication server, which can effectively allow users to swim on the secure network. Environment.
  • the authentication hardware 40 with the IC card 30 can be compatible with the computer's USB interface or PS2 slot or wireless communication hardware. It can also be used as a storage medium. For example, it can be used on a flash memory. It also has the confidentiality and security of data access, and its future development is very broad.
  • FIG. 3 is a schematic diagram of the physical process guidance of the present invention.
  • the figure shows the process guidance of the actual operation of the present invention.
  • Route 1 is used by the user.
  • Authentication hardware (device IC card) 50 devices log in to the mail server (Mail Server) on the computer that wants to receive mail 70 log in to its user profile
  • route 2 is the Member Login window, after the user enters Username and Password Press the Login button and touch Route 3.
  • the embedded program of the IC card will first direct its login process to the CA authentication server 60 for encryption and decryption.
  • Route 3 is the authentication process 1 (Winsock) of the present invention.
  • the value of the ICCID password is first decrypted through a special process, and then it is compared with the CA identity authentication database, corresponding to the ICCID password and authorized to pass the (Validated) EKI, and then decrypted to obtain KI
  • a random random value (Random) is generated and the result encrypted by KI is stored in the database of the CA identity authentication server.
  • the encrypted result is the result of successful authentication hardware authentication (Se rver Result), and can be used to record the number of times the user has logged in using this authentication hardware, to confirm the legitimacy of the authentication hardware and whether the password ICCID has the right to log in to the website, and multiple people have been granted the right to perform hardware authentication
  • the router 4 is immediately triggered to send the random random value (Random) generated by the CA identity authentication server back to the IC card.
  • the embedded program of the IC card When the IC card receives the random random value (Random), the embedded program of the IC card will first The built-in ICCID password is first decrypted to obtain a KI value (the ⁇ value here does not check whether it is authorized authentication hardware, the right to audit and compare is in the CA identity authentication ⁇ ] server), and then use the and The received random random value (Random) is encrypted to generate an IC card authentication (Client Result) for general application web server (Ap Server) end Perform cross-comparison with the CA identity authentication server during the second step authentication process; and if the ICCID password set in the IC card on the authentication hardware is not authorized in the comparison result (Validate 2N has not opened the card), then The system will notify the user that the hardware authentication failed, and lose the qualification for customs registration.
  • a KI value the ⁇ value here does not check whether it is authorized authentication hardware, the right to audit and compare is in the CA identity authentication ⁇ ] server
  • route 5 will be triggered to direct the process to the Mail Server 70, and the Mail Server 70 will receive the ICCID password and IC on the IX card first.
  • card authentication Relying on card authentication (Client Result), the user enters the user name (Username) and the typed password (Password).
  • the mail server (Mai 1 Server) 70 will first compare the user with its own database. If the Username and Password are correct, and check whether the user's valid use period has expired, if the comparison is correct, then touch Route 6 to perform the authentication process, and use the ICCID password and IC card authentication (Cl ient Result) Returns the CA identity authentication server for cross-comparison.
  • the ICCID password is first decrypted through a special process, and the CA identity authentication database is compared to find the corresponding ICCID password and authorized to pass. (Validate two Y) After the successful authentication of the certified hardware authentication (Server Result), compare the successful authentication of the authenticated hardware authentication (Server Result) with the IC card authentication (Client Result), if they match, then the second step of authentication is passed, and route 7 is triggered. If the user crosses this pair and is determined to be a legitimate user, then he can pass the login entry with legal use rights and legally pass the mail server (Mail Server ) 70 Send and receive emails and access the email data, and clear the Server Result encrypted and decrypted on the CA identity authentication server. This is the final step and route 8. If the comparison result does not match, notify the mail server. (Mail Server) 70 The ICCID password of the authentication hardware is incorrect, the authentication fails, and the user is disqualified from customs clearance.
  • FIG. 4 shows the present invention using an IC card with a built-in identity verification code ICCID and an international verification-password GLN, and the IC card is installed in a generally compatible computer USB interface or PS2 slot or has wireless communication and infrared transmission.
  • the IC card of the present invention can also be installed on a keyboard (Ke Board) for hardware control.
  • the use of permissions, and the embedded program of the IC card will display a locked screen of the keyboard (Key Board) on the desktop of the computer.
  • the keyboard cannot be touched.
  • Embodiment B is the IC card device of the present invention on the mouse.
  • the mouse hardware can also be used to control the use permission.
  • the IC card device of the present invention is on a game stick
  • the small picture of the embodiment D the IC card device of the present invention is on a Web Cam (network camera), which can be used for peripheral hardware control.
  • the application of the authority can further expand the security protection mechanism to the extreme through the application of the embodiments of the present invention.
  • FIG. 5 it is a diagram of an embodiment of the integrated application of the IC card device and the PCMCIA interface device with the present invention. Through this embodiment, the application of the present invention can be made more affinity and widely implemented.
  • FIG. 6 a diagram of an embodiment of the integrated application of the device of the present invention in a flash memory.
  • the present invention is matched with an IC card device on the flash memory, so that the data cannot be stored only in a fixed hard disk, so that it has more
  • the confidentiality, security and mobility of data access bring more convenient requirements and convenience.
  • Fig. 7 is a schematic diagram of inserting an IC card device matched with the present invention into a computer host casing with a flash memory, and inserting the authentication hardware using the USB interface of the present invention into a USB slot of the computer host casing, and then All the previous steps.
  • the mail server (Mail Server) login security authentication system and method provided by the present invention can replace the existing mail server login mode, which uses an IC card and an identity check.
  • the password ICCID and an international verification password GLN, and this IC card device is generally compatible with the computer's USB interface or PS2 slot or wireless communication, infrared transmission hardware, as authentication hardware, users use this authentication
  • the system performs a cross-comparison system between the server of the destination and the server of the authentication through several channels of encryption and decryption.

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

La présente invention concerne un procédé de certification de sécurité pour la configuration d'un serveur de courrier, et un matériel de certification équipé d'une carte à circuit intégré. Une carte à circuit intégré est utilisée, qui contient un code secret de contrôle d'identité (ICCID) et un numéro international de vérification. La carte à circuit intégré est insérée dans un lecteur de carte, puis configurée pour une interface USB, pour une fente PS2, ou pour le matériel équipé d'un dispositif de communication sans fil à transmission par infrarouge utilisé comme matériel de certification. La comparaison d'un programme présent dans la carte à circuit intégré avec un mécanisme de contrôle de sécurité permet à un utilisateur d'authentifier la source et la confidentialité des données de messagerie de l'utilisateur. La carte à circuit intégré et le lecteur de carte étant facilement configurables pour un matériel périphérique d'un ordinateur ordinaire, ils se prêtent à un usage étendu et peuvent être utilisés comme support de stockage pour assurer un accès aux données confidentiel, sûr et aisé.
PCT/CN2003/000912 2003-10-29 2003-10-29 Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre WO2005041480A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
AU2003277472A AU2003277472A1 (en) 2003-10-29 2003-10-29 A method of mail server landing security certification and ic card certification hardware
PCT/CN2003/000912 WO2005041480A1 (fr) 2003-10-29 2003-10-29 Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre
CN200380110622.XA CN1860729A (zh) 2003-10-29 2003-10-29 邮件伺服器登入安全认证方法及ic卡认证硬件

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2003/000912 WO2005041480A1 (fr) 2003-10-29 2003-10-29 Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre

Publications (1)

Publication Number Publication Date
WO2005041480A1 true WO2005041480A1 (fr) 2005-05-06

Family

ID=34468820

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2003/000912 WO2005041480A1 (fr) 2003-10-29 2003-10-29 Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre

Country Status (3)

Country Link
CN (1) CN1860729A (fr)
AU (1) AU2003277472A1 (fr)
WO (1) WO2005041480A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1181560A (zh) * 1996-10-05 1998-05-13 三星电子株式会社 鉴别用户的装置及其方法
US6115472A (en) * 1996-09-11 2000-09-05 Nippon Telegraph And Telephone Corporation Contents transmission control method with user authentication functions and recording medium with the method recorded thereon
CN1275744A (zh) * 2000-07-20 2000-12-06 成都久力信息技术有限公司 计算机应用层网络安全控管系统及其相关程序方法
US6359699B1 (en) * 1997-06-24 2002-03-19 Hitachi, Ltd. IC card processing system and processing method
CN2489384Y (zh) * 2001-07-31 2002-05-01 台均实业有限公司 带有读卡器的电脑键盘

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6115472A (en) * 1996-09-11 2000-09-05 Nippon Telegraph And Telephone Corporation Contents transmission control method with user authentication functions and recording medium with the method recorded thereon
CN1181560A (zh) * 1996-10-05 1998-05-13 三星电子株式会社 鉴别用户的装置及其方法
US6359699B1 (en) * 1997-06-24 2002-03-19 Hitachi, Ltd. IC card processing system and processing method
CN1275744A (zh) * 2000-07-20 2000-12-06 成都久力信息技术有限公司 计算机应用层网络安全控管系统及其相关程序方法
CN2489384Y (zh) * 2001-07-31 2002-05-01 台均实业有限公司 带有读卡器的电脑键盘

Also Published As

Publication number Publication date
AU2003277472A1 (en) 2005-05-11
CN1860729A (zh) 2006-11-08

Similar Documents

Publication Publication Date Title
CN101192926B (zh) 帐号保护的方法及系统
EP1498800B1 (fr) Gestion de connexions protégées dans des réseaux dynamiques
US7613919B2 (en) Single-use password authentication
JP2018049650A (ja) データセキュリティサービス
US20020150253A1 (en) Methods and arrangements for protecting information in forwarded authentication messages
US20080148057A1 (en) Security token
US7571311B2 (en) Scheme for sub-realms within an authentication protocol
US20100250937A1 (en) Method And System For Securely Caching Authentication Elements
WO2000030292A1 (fr) Procede et systeme d'authentification et d'utilisation de ressources sures dans un systeme informatique
CN110650021A (zh) 一种认证终端网络实名认证方法和系统
JP2001186122A (ja) 認証システム及び認証方法
WO2008053279A1 (fr) Ouvrir une session sur un dispositif utilisateur vers un serveur
KR101510290B1 (ko) Vpn에서 이중 인증을 구현하기 위한 장치 및 이의 동작 방법
US20050066199A1 (en) Identification process of application of data storage and identification hardware with IC card
US20150121504A1 (en) Identification process of application of data storage and identification hardware with ic card
TWI328956B (fr)
US20100058453A1 (en) Identification process of application of data storage and identification hardware with ic card
EP1689120B1 (fr) Procédé d'authentification en matière d'application de stockage d'informations
US20050066161A1 (en) Mail sever security login identification system and method with IC card identification hardware device
WO2005041481A1 (fr) Procede de certification de securite d'habilitation d'internet et de materiel de certification de carte a circuit integre
JP2006074487A (ja) 認証管理方法及び認証管理システム
WO2005041480A1 (fr) Procede de certification de securite pour la configuration d'un serveur de courrier, et materiel de certification a carte a circuit integre
JP2007201685A (ja) 認証機関を用いたセキュアな情報コンテンツ公開方法
Nagar et al. A secure authenticate framework for cloud computing environment
TW200539045A (en) Data storage application, IC card, fingerprint scanner authentication hardware and process flow method

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200380110622.X

Country of ref document: CN

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP