WO2024122069A1 - Self authentication system and self authentication method - Google Patents

Self authentication system and self authentication method Download PDF

Info

Publication number
WO2024122069A1
WO2024122069A1 PCT/JP2022/045567 JP2022045567W WO2024122069A1 WO 2024122069 A1 WO2024122069 A1 WO 2024122069A1 JP 2022045567 W JP2022045567 W JP 2022045567W WO 2024122069 A1 WO2024122069 A1 WO 2024122069A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
user terminal
token
server system
otp
Prior art date
Application number
PCT/JP2022/045567
Other languages
French (fr)
Japanese (ja)
Inventor
貴利 中村
直太 高橋
Original Assignee
株式会社 エヌティーアイ
株式会社ナンバーワンソリューションズ
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社 エヌティーアイ, 株式会社ナンバーワンソリューションズ filed Critical 株式会社 エヌティーアイ
Priority to PCT/JP2022/045567 priority Critical patent/WO2024122069A1/en
Publication of WO2024122069A1 publication Critical patent/WO2024122069A1/en

Links

Images

Definitions

  • the present invention generally relates to identity authentication.
  • OTP one-time password
  • An "OTP” is a character string (generally a random number) that can be used only once.
  • the "character string” is composed of multiple (or one) characters, and each character may be any of the following: alphabet, numbers, and other symbols.
  • an OTP is a character string that can be used an upper limit of one number of times, but the "OTP" used in this specification may be an extended OTP that can be used an upper limit of two or more times, or an extended OTP that has an upper limit on the period of use instead of or in addition to the number of times it can be used.
  • Patent Document 1 One example of a personal authentication technology that uses OTP is the technology disclosed in Patent Document 1.
  • WEB functions are used to provide services via the Internet. WEB functions generally involve sending a request specifying a URL (Uniform Resource Locator) from the web browser on a user's terminal to a server system, and the server system then displays the HTML (Hypertext Markup Language) file corresponding to that URL on the web browser on the user's terminal.
  • URL Uniform Resource Locator
  • HTML Hypertext Markup Language
  • two-step authentication is generally adopted as a personal authentication method that uses the OTP.
  • the OTP is transmitted to the user via email, SMS (Short Message Service), a dongle (hardware token), voice call, or an app (for example, an app for issuing OTPs that is separate from a browser or service app).
  • SMS Short Message Service
  • dongle hardware token
  • voice call or an app (for example, an app for issuing OTPs that is separate from a browser or service app).
  • two-step authentication cannot prevent phishing scams.
  • the authentication information e.g., ID and password
  • the malicious third party can masquerade as the user.
  • a server system that communicates with a user terminal having a web browser generates a token and transmits the generated token stored by the user terminal via HTTP.
  • the server system associates the user with the generated token and associates an issued OTP with the generated token associated with the user.
  • the server system transmits a link notification addressed to the user, which describes an OTP link, which is a link having a character string based on the generated token. If the token on which the character string of the specified OTP link on the issued link notification is based matches the stored token, the server system receives an HTTP request according to the OTP link from the user terminal and transmits an HTTP response of the OTP to the user terminal.
  • a requirement for successful user authentication is that the OTP entered by the user matches the OTP associated with the token to which the user is associated.
  • OTP can be provided securely using WEB functions.
  • 1 is a diagram showing a system configuration according to an embodiment of the present invention. 1 is a part of an authentication process performed in one embodiment of the present invention. 4 is the remainder of the authentication process performed in one embodiment of the present invention.
  • an "interface unit” may refer to one or more interface devices.
  • the one or more interface devices may be at least one of the following: One or more I/O (Input/Output) interface devices.
  • the I/O (Input/Output) interface devices are interface devices to at least one of the I/O devices and a remote display computer.
  • the I/O interface device to the display computer may be a communications interface device.
  • the at least one I/O device may be a user interface device, e.g., either an input device such as a keyboard and a pointing device, or an output device such as a display device.
  • One or more communication interface devices may be any communication interface devices.
  • the one or more communication interface devices may be one or more homogeneous communication interface devices (e.g., one or more NICs (Network Interface Cards)) or two or more heterogeneous communication interface devices (e.g., a NIC and an HBA (Host Bus Adapter)).
  • NICs Network Interface Cards
  • HBA Home Bus Adapter
  • memory refers to one or more memory devices, typically a primary storage device. At least one of the memory devices in the memory may be a volatile memory device or a non-volatile memory device.
  • a “persistent storage device” refers to one or more persistent storage devices.
  • a persistent storage device is typically a non-volatile storage device (e.g., an auxiliary storage device), specifically, for example, a hard disk drive (HDD) or a solid state drive (SSD).
  • HDD hard disk drive
  • SSD solid state drive
  • storage device may refer to at least one memory, including memory and persistent storage device.
  • a "processor” refers to one or more processor devices.
  • the at least one processor device is typically a microprocessor device such as a CPU (Central Processing Unit), but may also be other types of processor devices such as a GPU (Graphics Processing Unit).
  • the at least one processor device may be a single-core or multi-core.
  • the at least one processor device may be a processor core.
  • the at least one processor device may also be a processor device in the broader sense, such as a hardware circuit that performs part or all of the processing (e.g., an FPGA (Field-Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit)).
  • FPGA Field-Programmable Gate Array
  • ASIC Application Specific Integrated Circuit
  • yyy unit functions are sometimes described using the expression "yyy unit", but the functions may be realized by one or more computer programs being executed by a processor, or by one or more hardware circuits (e.g., FPGAs or ASICs), or by a combination of these.
  • a function When a function is realized by a program being executed by a processor, the function may be at least a part of the processor, since the specified processing is performed using a storage device and/or an interface device, etc., as appropriate. Processing described with a function as the subject may be processing performed by a processor or a device having the processor.
  • a program may be installed from a program source.
  • the program source may be, for example, a program distribution computer or a storage medium (e.g., a non-transitory storage medium) that is readable by a computer.
  • a program distribution computer or a storage medium (e.g., a non-transitory storage medium) that is readable by a computer.
  • the description of each function is an example, and multiple functions may be combined into one function, or one function may be divided into multiple functions.
  • login authentication is adopted as an example of personal authentication
  • login information such as an ID and password
  • authentication information for personal authentication is adopted as authentication information for personal authentication
  • a login page into which an ID and password are input is adopted as a web page for inputting authentication information for personal authentication.
  • FIG. 1 shows the system configuration for one embodiment of the present invention.
  • Communication takes place between the user terminal 150 and the server system 100 via a communication network such as the Internet.
  • the user terminal 150 is an information processing terminal such as a personal computer or a smartphone.
  • the user terminal 150 has an IF device (interface device) 160, a storage device 180, and a processor 190 connected to them.
  • the user terminal 150 also has a UI (User Interface) device 170 connected to the IF device 160.
  • the IF device 160 communicates with the IF device 110 (described below) of the server system 100, and with the UI device 170.
  • the UI device 170 is at least one of an input device such as a keyboard or a mouse, and a display device such as a liquid crystal display.
  • the UI device 170 may be a device in which the input device and the display device are integrated, such as a touch panel.
  • the storage device 180 stores a key U.
  • the key U is one or more user keys.
  • the user keys are used to encrypt and decrypt information.
  • the nth user key will be represented as "K Un " (n is a natural number).
  • a different user key may be used for each object of multiple cryptographic communication (e.g., an argument as an example of information), or a common user key may be used regardless of the object of multiple cryptographic communication.
  • the processor 190 functions as a web browser 191, a token management unit 192, and an encryption unit 193. These functions 191 to 193 are realized by the processor 190 executing at least a part of one or more computer programs including or excluding the OS (Operating System) of the user terminal 150.
  • the token management unit 192 and the encryption unit 193 may be a function prepared in advance in the user terminal 150 (e.g., a plug-in for the web browser 191), or may be a function embedded in a web page from the server system 100 as a JAVA script ("JAVA" is a registered trademark) (a function obtained from a web page).
  • JAVA a registered trademark
  • the server system 100 may be a physical system consisting of one or more physical computers having computing resources such as an IF device 110, a storage device 120, and a processor 130 connected to them, or it may be a logical system based on such a physical system (e.g., a system as a cloud computing service).
  • IF device 110 communicates with IF device 160 of user terminal 150.
  • the storage device 120 stores the key S and the management DB (database) 121.
  • the key S is one or more server keys corresponding to one or more user keys.
  • the server key is used for encrypting and decrypting information.
  • the server key used may be different for each multiple encryption communication target (e.g., an argument as an example of information), or the server key may be common regardless of the multiple encryption communication target.
  • the user key and the server key are assumed to correspond to each other on a one-to-one basis.
  • the n-th server key corresponding to the n-th user key K Un is represented as "K Sn ". It may be predetermined which user key and which server key are used in which multiple encryption communication, or any user key and server key may be used regardless of which multiple encryption communication is used.
  • Management DB121 is an example of management information, and includes information for each user.
  • the user information includes authentication information such as the user's ID and password.
  • a token and OTP are added to the user information as appropriate.
  • the user authentication information may include other types of information, such as the user's biometric information, instead of or in addition to at least one of the ID and password.
  • the processor 130 functions as a token management unit 131, a WEB-IF unit 132, an encryption unit 133, an OTP management unit 134, and an authentication unit 135.
  • These functions 131 to 135 are realized by the processor 130 executing at least a part of one or more computer programs including or excluding the OS of the server system 100. Furthermore, an explanation of these functions 131 to 135 will be given in the explanation of the authentication process shown in Figures 2 and 3.
  • FIGS. 2 and 3 show the authentication process performed in one embodiment of the present invention.
  • the web browser 191 of the user terminal 150 sends an HTTP request to the server system 100.
  • the "HTTP request" referred to here is a request in which the URL of a login page is specified, but instead of such a request, an HTTP request in which the URL of a web page other than the login page is specified may be used. If the server system 100 determines in response to this HTTP request that the user's login authentication has not been completed, an HTTP response of the login page may be provided to the user terminal 150.
  • S202 The server system 100 receives the HTTP request sent in S201 (or the HTTP request sent by redirection).
  • the token management unit 131 of the server system 100 In response to the HTTP request, the token management unit 131 of the server system 100 generates a token (hereinafter, token A) and temporarily stores it, for example, in the storage device 120.
  • Token A is, for example, a character string as a random number.
  • the WEB-IF unit 132 of the server system 100 provides the user terminal 150 with an HTTP response of a login page to which token A is associated (for example, embedded).
  • the web browser 191 of the user terminal 150 displays the login page from the server system 100, and the token management unit 192 of the user terminal 150 saves the token A associated with the login page.
  • the destination for saving the token A may be the storage device 180 (i.e., local storage), but instead of or in addition to that, it may also be session storage.
  • S204 The web browser 191 of the user terminal 150 accepts input of an ID and PW (password) for the login page.
  • ID and PW password
  • argument P is information including the input ID and password
  • the encryption unit 193 encrypts the argument P using the first user key K U1 and the above-mentioned stored token A (encryption password).
  • the argument P may include information other than the ID and password (for example, a timestamp).
  • the argument encrypted using the first user key K U1 is represented as "argument E U1 ".
  • the WEB browser 191 of the user terminal 150 transmits an HTTP request (for example, a request for personal authentication) associated with the argument EU1 .
  • the server system 100 receives the HTTP request associated with the argument E U1 , and the encryption unit 133 of the server system 100 encrypts the argument E U1 using the temporarily stored token A (encryption password) and the first server key K S1 .
  • the argument encrypted using the first user key K U1 and the first server key K S1 is represented as "argument E U1S1 ".
  • the server system 100 (for example, the WEB-IF unit 132) transmits the argument E U1S1 to the user terminal 150.
  • the user terminal 150 receives the argument E U1S1 , and the encryption unit 193 of the user terminal 150 decrypts the argument E U1S1 using the stored token A (decryption password) and the first user key K U1 . This results in the argument E S1 in which the argument P is encrypted with the first server key K S1 .
  • the user terminal 150 e.g., the WEB browser 191 transmits the argument E S1 to the server system 100.
  • the server system 100 receives the argument E S1 , and the encryption unit 133 of the server system 100 decrypts the argument E S1 using the temporarily stored token A (decryption password) and the first server key K S1 . This obtains the argument P, and therefore the ID and password can be obtained from the argument P.
  • the multiple encryption communication in S206 to S209 (communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100) is performed using HTTP. That is, the transmission and reception of the argument E U1 , the argument E U1S1 , and the argument E S1 is performed using HTTP.
  • the Vernam cipher is used for encryption using the key and the encryption password, and for decryption using the key and the decryption password. Methods other than the Vernam cipher may be used for encryption and decryption.
  • S210 The authentication unit 135 of the server system 100 determines whether or not there is information in the management DB 121 that includes an ID and password that match the ID and password obtained from the argument P. If the result of this determination is false (S210: NO), the authentication unit 135 performs error processing (for example, sending a message to the user terminal 150 instructing the user to re-enter the ID or password). If the result of this determination is true (S210: YES), the process proceeds to S211 in FIG. 3.
  • error processing for example, sending a message to the user terminal 150 instructing the user to re-enter the ID or password.
  • the token management unit 192 of the server system 100 includes the temporarily stored token A in the information (information in the management DB 121) of the user corresponding to the ID and password of S210: YES. In other words, the token management unit 192 associates the user with token A.
  • the WEB-IF unit 132 of the server system 100 provides the user terminal 150 with an OTP input page, which is a WEB page for OTP input with which token A is associated (e.g., embedded).
  • the OTP input page may be provided as an HTTP response to the HTTP request sent in S206.
  • the web browser 191 of the user terminal 150 displays the OTP input page from the server system 100.
  • the token management unit 192 of the user terminal 150 may determine whether or not a token matching the stored token A is associated with the OTP input page. If the result of this determination is false, the user terminal 150 (e.g., the web browser 191) may perform error processing (e.g., display a warning message indicating that the page is invalid).
  • the OTP management unit 134 of the server system 100 transmits a URL notification to the user whose ID and password have been authenticated in S210.
  • the "URL notification” is a notification (e.g., an email or an SMS message) in which an OTP-URL, which is a URL (an example of a link) having a character string based on the token A (a character string including the token A in this embodiment), is described.
  • the OTP-URL includes a character string as an argument (i.e., the argument E U1 ) that can be decrypted using the first user key K U1 and the token A.
  • the argument E U1 is an argument associated with the request transmitted to the server system 100 in S206.
  • the user terminal 150 (for example, a mail application or SMS application, not shown) displays the URL notification from the server system 100 and accepts a user operation to specify the URL described in the notification.
  • S215 The encryption unit 193 of the user terminal 150 decrypts the character string in the specified URL (the character string as the argument EU1 ) using the first user key K U1 and the token A stored above.
  • S216 The token management unit 192 of the user terminal 150 determines whether the token obtained by decryption in S215 matches the stored token A. If the result of this determination is false, the user terminal 150 (e.g., the web browser 191) may perform error processing (e.g., displaying a message instructing the user to start over by entering the ID and password). If the result of this determination is true (S216: YES), the process proceeds to S217.
  • error processing e.g., displaying a message instructing the user to start over by entering the ID and password.
  • the web browser 191 of the user terminal 150 sends an HTTP request specifying the OTP-URL (a request for the OTP display page, which is a web page that displays the OTP).
  • the server system 100 receives a request specifying an OTP-URL, and the OTP management unit 134 of the server system 100 issues an OTP and associates the OTP with information (information in the management DB 121) corresponding to the user whose ID and password were authenticated in S210.
  • the OTP management unit 134 associates the issued OTP with the token associated with the user.
  • the OTP may be issued at any timing after S210: YES, instead of when an HTTP request specifying an OTP-URL is received.
  • the OTP may also be issued by a system external to the server system 100.
  • the following multiple encryption communication is performed.
  • the target of this multiple encryption communication is the OTP.
  • the OTP may be transmitted to the user terminal 150 without being multiple encrypted.
  • (X1) The encryption unit 133 of the server system 100 encrypts the issued OTP using the token A (encryption password) and the second server key K S2 .
  • This encrypted OTP is denoted as "OTP-E S2 ".
  • the first server key K S1 and the second server key K S2 may be the same key.
  • the server system 100 (for example, the WEB-IF unit 132) transmits the OTP-E S2 to the user terminal 150.
  • the user terminal 150 receives the OTP-E S2 , and the encryption unit 193 of the user terminal 150 encrypts the OTP-E S2 using the stored token A (encryption password) and the second user key K U2 corresponding to the second server key K S2 .
  • the OTP encrypted using the second server key K S2 and the second user key K U2 that is, the multiple-encrypted OTP, is represented as "OTP-E S2U2 ".
  • the user terminal 150 (for example, the WEB browser 191) transmits the OTP-E S2U2 to the server system 100.
  • the server system 100 receives the OTP-E S2U2 , and the encryption unit 133 of the server system 100 decrypts the OTP-E S2U2 using the token A (decryption password) and the second server key K S2 . This results in the OTP-E U2 being encrypted with the second user key K U2 .
  • the server system 100 (for example, the WEB-IF unit 132) transmits the OTP-E U2 to the user terminal 150.
  • the user terminal 150 receives the OTP- EU2 , and the encryption unit 193 of the user terminal 150 decrypts the OTP- EU2 using the stored token A (decryption password) and the second user key K U2 . As a result, the OTP is obtained.
  • the multiple encryption communication related to (X1) to (X4) (communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100) is performed by HTTP. That is, the transmission and reception of OTP-E S2 , OTP-E S2U2 and OTP-E U2 is performed by HTTP.
  • S220 The web browser 191 of the user terminal 150 displays the OTP from the server system 100 (e.g., the OTP decrypted with (X4)).
  • S221 The web browser 191 of the user terminal 150 accepts the OTP input on the OTP input page.
  • the server system 100 receives the (token/ID) U3 , and the encryption unit 133 of the server system 100 encrypts the (token/ID) U3 using the issued OTP (decryption password) and the third server key K S3 (a server key corresponding to the third user key K U3 ).
  • the token/ID encrypted using the third user key K U3 and the third server key K S3 that is, the multiple-encrypted token/ID, is represented as "(token/ID) U3S3 ".
  • the server system 100 (for example, the WEB-IF unit 132) transmits the (token/ID) U3S3 to the user terminal 150.
  • the user terminal 150 receives the (token/ID) U3S3 , and the encryption unit 193 of the user terminal 150 decrypts the (token/ID) U3S3 using the stored OTP (decryption password) and the third user key K U3 . This results in the (token/ID) S3 in a state in which the token/ID is encrypted with the third server key K S3 .
  • the user terminal 150 e.g., the WEB browser 191 transmits the (token/ID) S3 to the server system 100.
  • the server system 100 receives the (token/ID) S3 , and the encryption unit 133 of the server system 100 decrypts the (token/ID) S3 using the issued OTP (decryption password) and the third server key K S3 . As a result, the token/ID is acquired.
  • the multiple encryption communication related to (Y1) to (Y3) (communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100) is performed by HTTP. That is, the transmission and reception of (token/ID) U3 , (token/ID) U3S3 , and (token/ID) S3 is performed by HTTP.
  • the authentication unit 135 of the server system 100 refers to the management DB 121 and determines whether the token/ID matches token A and the ID of the user (the user whose ID and password were authenticated in S210). If the result of this determination is false (S223: NO), the authentication unit 135 performs error processing (for example, sending a message to the user terminal 150 indicating that the user should re-enter the ID or password). If the result of this determination is true (S223: YES), the process proceeds to S224.
  • S224 The authentication unit 135 of the server system 100 allows the user to log in (personal authentication successful).
  • the URL notification may be a false notification.
  • a token mismatch is detected in S216. This is because the character string in the OTP-URL is not based on token A. Therefore, S216: NO (error) is returned, and processing does not proceed.
  • the URL notification may be stolen by a third party.
  • this problem can be avoided by using either of the following methods (3-1) or (3-2).
  • (3-1) When the OTP-URL in the URL notification is specified by a third party, a token mismatch is detected in S216. This is because the same token A as the token A on which the character string of the OTP-URL is based is not stored in the user terminal of the third party. Therefore, S216: NO (error) is returned, and the process does not proceed.
  • the OTP to be transmitted in S219 is the target of multiple encryption communication using token A as the encryption password. Token A is not stored in the third party's user terminal. For this reason, decryption of the multiple encrypted OTP fails.
  • the OTP input page is a fake page and a third party tries to impersonate a user by using the OTP input on the fake page.
  • the problem in this case can be avoided by either of the following methods (4-1) or (4-2).
  • (4-1) The input OTP is not associated with a third party in the server system 100. Therefore, S223: NO (error), that is, the identity authentication fails.
  • (4-2) The input OTP is the subject of multiple encryption communication using token A as the decryption password in server system 100. However, token A is not stored in the third party's user terminal. Therefore, decryption fails in server system 100.
  • the personal authentication system includes a token management unit 131, a WEB-IF unit 132, and an OTP management unit 134 provided in the server system 100.
  • the personal authentication system also includes a token management unit 192 provided in a user terminal 150 having a WEB browser 191.
  • the token management unit 131 of the server system 100 generates token A.
  • the WEB-IF unit 132 of the server system 100 transmits the generated token A to the user terminal 150 by HTTP.
  • the token management unit 192 of the user terminal 150 stores the token A from the server system 100.
  • the OTP management unit 134 of the server system 100 associates the issued OTP required for user personal authentication with the token A generated in the server system 100 and associated with the user.
  • the OTP management unit 134 of the server system 100 transmits a link notification (for example, the above-mentioned URL notification) addressed to the user in which an OTP link, which is a link having a character string based on the token A, is described.
  • a link notification for example, the above-mentioned URL notification
  • the token management unit 192 of the user terminal 150 judges whether the token on which the character string of the specified OTP link is based matches the stored token A. If the result of the judgment is positive, the user terminal 150 (WEB browser 191) sends an HTTP request according to the OTP link.
  • the WEB-IF unit 132 of the server system 100 sends an HTTP response of the OTP to the user terminal 150, and the WEB browser 191 of the user terminal 150 displays the OTP.
  • a requirement for successful user authentication is that the OTP entered by the user matches the OTP associated with the token to which the user is associated.
  • the OTP to be provided securely via the WEB function, and even if the OTP is notified via the WEB function, both the user and the communication path can be correctly confirmed.
  • the token generated in the server system 100 is sent to the user terminal 150 via HTTP and stored in the user terminal 150, and in subsequent communications, if a token mismatch is detected, processing will not proceed.
  • a "character string based on token A” can be either a character string that includes token A, or a character string that is information encrypted using token A as the encryption password (this character string may or may not include token A).
  • "whether or not the token on which the character string of the specified OTP link is based matches the stored token A" may be, for example, any of the following. - Whether or not the token obtained from the character string contained in the specified OTP link matches the stored token A. - Whether or not the character string contained in the specified OTP link can be successfully decrypted (for example, decrypted according to the Vernam cipher) using the stored token A as the decryption password.
  • the generation and transmission of token A may be performed when the user is unspecified, or when the user is specified (for example, when the user is specified as the user of a user terminal connected to the company network).
  • An "specified user” may be a user who has not yet had their authentication information such as ID and password authenticated but who has been specified as belonging to a specific range, or a user whose authentication information such as ID and password has been authenticated.
  • the WEB-IF unit 132 of the server system 100 provides a first WEB page (e.g., a login page) that is a WEB page that accepts input of information for personal authentication, and a second WEB page (e.g., an OTP input page) that is a WEB page that accepts input of an OTP. At least one of the first and second WEB pages has the generated token A. In this way, since the token A is transmitted together with the WEB page (e.g., embedded in the WEB page), communication only for transmitting the token A is not required. Note that in the embodiment, the first transmission of the token A is the transmission of a login page in which the token A is embedded, but instead, the transmission of an OTP input page in which the token A is embedded after S210: YES may be performed.
  • the server system 100 has an encryption unit 133 and a server key.
  • the user terminal 150 has an encryption unit 193 and a user key.
  • At least one of the information sent from the server system 100 to the user terminal 150 (typically, information associated with an HTTP response from the server system 100 to the user terminal 150) and the information sent from the user terminal 150 to the server system 100 (typically, information associated with an HTTP request from the user terminal 150 to the server system 100) is subject to multiple encryption. This makes it possible to prevent man-in-the-middle attacks. For example, as follows:
  • the encryption unit 133 of the server system 100 encrypts the target information, which is information to be sent to the user terminal 150 via HTTP, using the server key and the server-side encryption password, which is the generated token A.
  • the WEB-IF unit 132 of the server system 100 sends the first encrypted information, which is the encrypted target information, to the user terminal 150 via HTTP.
  • the encryption unit 193 of the user terminal 150 encrypts the first encrypted information from the server system 100 using the user key and the user-side encryption password, which is the stored token A.
  • the WEB browser 191 of the user terminal 150 sends the second encrypted information, which is the encrypted first encrypted information, to the server system 100 via HTTP.
  • the encryption unit 133 of the server system 100 decrypts the second encrypted information from the user terminal 150 using the server key and the same password as the server-side encryption password.
  • the WEB-IF unit 132 of the server system 100 transmits the first encrypted information, which is the decrypted second encrypted information, to the user terminal 150 via HTTP.
  • the encryption unit 193 of the user terminal 150 decrypts the first encrypted information from the server system 100 using the user key and the same password as the user-side encryption password to obtain the target information. In this way, it is possible to prevent man-in-the-middle attacks on the information transmitted from the server system 100 to the user terminal 150.
  • the "target information" referred to in this paragraph is, for example, an OTP. This allows for secret communication of the OTP.
  • the encryption unit 193 of the user terminal 150 encrypts the target information, which is information to be transmitted to the server system 100 via HTTP, using a user key and a user-side encryption password (at least one of the stored token A and the OTP from the server system 100).
  • the WEB browser 191 of the user terminal 150 transmits the first encrypted information, which is the encrypted target information, to the server system 100 via HTTP.
  • the encryption unit 133 of the server system 100 encrypts the first encrypted information from the user terminal 150 using a server key and a server-side encryption password (at least one of the generated token A and the issued OTP).
  • the WEB-IF unit 132 of the server system 100 transmits the second encrypted information, which is the encrypted first encrypted information, to the user terminal 150 via HTTP.
  • the encryption unit 193 of the user terminal 150 decrypts the second encrypted information from the server system 100 using the user key and the same password as the user-side encryption password.
  • the web browser 191 of the user terminal 150 transmits the first encrypted information, which is the decrypted second encrypted information, to the server system 100 via HTTP.
  • the encryption unit 133 of the server system 100 decrypts the first encrypted information from the user terminal 150 using the server key and the same password as the server-side encryption password to obtain the target information. In this way, it is possible to prevent man-in-the-middle attacks on the information transmitted from the user terminal 150 to the server system 100.
  • the "target information" referred to in this paragraph is, for example, information input by the user to a web page displayed by the web browser 191 of the user terminal 150. This realizes secret communication of the information input by the user (for example, authentication information or OTP).
  • the communication protocol may transition from a first HTTP (e.g., HTTP or HTTPS) to a second HTTP (which may be referred to as "HTTPM" for convenience).
  • HTTP HyperText Transfer Protocol
  • HTTPM HyperText Transfer Protocol
  • this protocol transition may be performed by the WEB-IF unit 132.
  • Communication according to HTTP is multiple encryption communication.
  • the subject of the multiple encryption communication is at least a portion of the information (e.g., arguments of an HTTP request) sent from the WEB browser 191 of the user terminal 150 to the WEB-IF unit 132 of the server system 100 and the information (e.g., arguments of an HTTP response) sent from the WEB-IF unit 132 of the server system 100 to the WEB browser 191 of the user terminal 150.
  • Multiple encryption includes encryption by the encryption unit 133 of the server system 100 using a server key and a server-side encryption password, and encryption by the encryption unit 193 of the user terminal 150 using a user key and a user-side encryption password.
  • Both the server-side encryption password and the user-side encryption password may be at least one of token A and information transmitted and received between the server system 100 and the user terminal 150 in multiple encryption communication using token A as the encryption password (i.e., information shared between the user terminal 150 and the server system 100). Multiple encryption communication can be maintained through such protocol conversion.
  • the personal authentication system described above may be an external system to a service system that provides services other than personal authentication and performs personal authentication on behalf of the service system, or it may be a service system that provides services to users who have been successfully authenticated (i.e., authenticated).
  • the information provided by HTTP when a URL in a URL notification is specified is an OTP, but other types of information may be adopted instead of or in addition to the OTP.
  • "personal authentication" may be performed without an OTP (for example, with only authentication information such as an ID and password), and in communication after successful personal authentication, a token may be issued, the token may be sent to the user terminal, a URL notification may be sent to the user terminal, and information may be provided to the user terminal by HTTP when a URL in the URL notification is specified.
  • communication in the service system communication may always be performed using the above-mentioned HTTP from a predetermined stage.

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

A server SE generates a token TA preserved in a user terminal UE, and transmits TA to UE. SE associates a user with TA, and associates an issued OTP with TA. SE issues a notification in which a link LI having a series of characters based on TA is described. In UE, when a token based on LI designated on the notification is the same as the preserved TA, SE receives an HTTP request from UE according to the LI and transmits, to UE, an HTTP response to the OPT. A requirement for successful self authentication is that an OPT input by the user is the same as the OPT associated with TA associated with the user.

Description

本人認証システム及び本人認証方法Personal authentication system and method
 本発明は、概して、本人認証に関する。 The present invention generally relates to identity authentication.
 ワンタイムパスワード(以下、OTP)を利用した本人認証技術が知られている。「OTP」とは、一回だけ利用可能な文字列(一般的には乱数)である。「文字列」は、複数(又は一つ)の文字で構成されており、各文字は、アルファベット、数字及びその他の符号のうちのいずれかでよい。また、典型的には、OTPは、使用可能な回数の上限が1である文字列であるが、本明細書で使用する「OTP」は、使用可能な回数の上限が2以上である拡張されたOTPであってもよいし、使用可能な回数に代えて又は加えて、使用可能な期間の上限が定められた拡張されたOTPであってもよい。  There is known a personal authentication technology that uses a one-time password (hereinafter, OTP). An "OTP" is a character string (generally a random number) that can be used only once. The "character string" is composed of multiple (or one) characters, and each character may be any of the following: alphabet, numbers, and other symbols. Typically, an OTP is a character string that can be used an upper limit of one number of times, but the "OTP" used in this specification may be an extended OTP that can be used an upper limit of two or more times, or an extended OTP that has an upper limit on the period of use instead of or in addition to the number of times it can be used.
 OTPを利用した本人認証技術として、例えば特許文献1に開示の技術が知られている。 One example of a personal authentication technology that uses OTP is the technology disclosed in Patent Document 1.
特開2011-215940号公報JP 2011-215940 A
 インターネット経由でのサービスの提供にはWEB機能が利用される。WEB機能とは、一般に、ユーザ端末のWEBブラウザからURL(Uniform Resource Locator)を指定したリクエストをサーバシステムへ送り、そのURLに従うHTML(Hypertext Markup Language)ファイルをサーバシステムがユーザ端末のWEBブラウザに表示させる機能である。 WEB functions are used to provide services via the Internet. WEB functions generally involve sending a request specifying a URL (Uniform Resource Locator) from the web browser on a user's terminal to a server system, and the server system then displays the HTML (Hypertext Markup Language) file corresponding to that URL on the web browser on the user's terminal.
 本人認証に必要なOTPも、WEB機能を利用して提供することができれば、ユーザの利便性が向上する。しかし、WEB機能を利用してユーザに安全にOTPを提供する方法は存在しない。ユーザと通信経路の両方を正しく確認することができないためである。  If the OTP required for identity authentication could also be provided using WEB functions, user convenience would be improved. However, there is no method of securely providing an OTP to a user using WEB functions. This is because it is not possible to correctly verify both the user and the communication path.
 そこで、OTPを利用する本人認証方法として、一般に、二段階認証が採用されている。二段階認証では、OTPをユーザに伝える方法として、メール、SMS(Short Message Service)、ドングル(ハードウェアトークン)、電話音声、又は、アプリ(例えば、ブラウザ又はサービス用アプリとは別のアプリとしてのOTP発行用アプリ)が利用される。 Therefore, two-step authentication is generally adopted as a personal authentication method that uses the OTP. In two-step authentication, the OTP is transmitted to the user via email, SMS (Short Message Service), a dongle (hardware token), voice call, or an app (for example, an app for issuing OTPs that is separate from a browser or service app).
 しかし、二段階認証では、フィッシング詐欺を防ぐことができない。すなわち、悪意のある第三者に、偽のWEB画面を介してユーザが入力した認証情報(例えばID及びパスワード)が取得され、且つ、OTPも取得されてしまうと、その悪意のある第三者がユーザ本人に成り済ますことができてしまう。 However, two-step authentication cannot prevent phishing scams. In other words, if a malicious third party obtains the authentication information (e.g., ID and password) entered by the user via a fake web screen and also obtains the OTP, the malicious third party can masquerade as the user.
 WEBブラウザを有するユーザ端末と通信するサーバシステムが、トークンを生成し、当該生成されユーザ端末により保存されるトークンをHTTPで送信する。サーバシステムが、上記生成されたトークンにユーザを関連付け、発行されたOTPを、上記生成されユーザが関連付けられたトークンに関連付ける。サーバシステムが、上記生成されたトークンに基づく文字列を有するリンクであるOTPリンクが記述されたユーザ宛のリンク通知を送信する。発行されたリンク通知上の指定されたOTPリンクが有する文字列の基になっているトークンと、保存されたトークンとが一致する場合に、サーバシステムが、当該OTPリンクに従うHTTPリクエストをユーザ端末から受信し、OTPのHTTPレスポンスをユーザ端末に送信する。ユーザにより入力されたOTPが、ユーザが関連付けられているトークンに関連付けられているOTPに一致していることが、ユーザの本人認証成功の要件である。 A server system that communicates with a user terminal having a web browser generates a token and transmits the generated token stored by the user terminal via HTTP. The server system associates the user with the generated token and associates an issued OTP with the generated token associated with the user. The server system transmits a link notification addressed to the user, which describes an OTP link, which is a link having a character string based on the generated token. If the token on which the character string of the specified OTP link on the issued link notification is based matches the stored token, the server system receives an HTTP request according to the OTP link from the user terminal and transmits an HTTP response of the OTP to the user terminal. A requirement for successful user authentication is that the OTP entered by the user matches the OTP associated with the token to which the user is associated.
 本発明によれば、OTPをWEB機能で安全に提供することができる。 According to the present invention, OTP can be provided securely using WEB functions.
本発明の一実施形態に係るシステム構成を示す図である。1 is a diagram showing a system configuration according to an embodiment of the present invention; 本発明の一実施形態において行われる認証処理の一部である。1 is a part of an authentication process performed in one embodiment of the present invention. 本発明の一実施形態において行われる認証処理の残りである。4 is the remainder of the authentication process performed in one embodiment of the present invention.
 以下の説明では、「インターフェース装置」は、一つ以上のインターフェースデバイスでよい。当該一つ以上のインターフェースデバイスは、下記のうちの少なくとも一つでよい。
・一つ以上のI/O(Input/Output)インターフェースデバイス。I/O(Input/Output)インターフェースデバイスは、I/Oデバイスと遠隔の表示用計算機とのうちの少なくとも一つに対するインターフェースデバイスである。表示用計算機に対するI/Oインターフェースデバイスは、通信インターフェースデバイスでよい。少なくとも一つのI/Oデバイスは、ユーザインターフェースデバイス、例えば、キーボードおよびポインティングデバイスのような入力デバイスと、表示デバイスのような出力デバイスとのうちのいずれでもよい。
・一つ以上の通信インターフェースデバイス。一つ以上の通信インターフェースデバイスは、一つ以上の同種の通信インターフェースデバイス(例えば一つ以上のNIC(Network Interface Card))であってもよいし二つ以上の異種の通信インターフェースデバイス(例えばNICとHBA(Host Bus Adapter))であってもよい。 In the following description, an "interface unit" may refer to one or more interface devices. The one or more interface devices may be at least one of the following:
One or more I/O (Input/Output) interface devices. The I/O (Input/Output) interface devices are interface devices to at least one of the I/O devices and a remote display computer. The I/O interface device to the display computer may be a communications interface device. The at least one I/O device may be a user interface device, e.g., either an input device such as a keyboard and a pointing device, or an output device such as a display device.
One or more communication interface devices. The one or more communication interface devices may be one or more homogeneous communication interface devices (e.g., one or more NICs (Network Interface Cards)) or two or more heterogeneous communication interface devices (e.g., a NIC and an HBA (Host Bus Adapter)).
 また、以下の説明では、「メモリ」は、一つ以上のメモリデバイスであり、典型的には主記憶デバイスでよい。メモリにおける少なくとも一つのメモリデバイスは、揮発性メモリデバイスであってもよいし不揮発性メモリデバイスであってもよい。 Furthermore, in the following description, "memory" refers to one or more memory devices, typically a primary storage device. At least one of the memory devices in the memory may be a volatile memory device or a non-volatile memory device.
 また、以下の説明では、「永続記憶装置」は、一つ以上の永続記憶デバイスである。永続記憶デバイスは、典型的には、不揮発性の記憶デバイス(例えば補助記憶デバイス)であり、具体的には、例えば、HDD(Hard Disk Drive)またはSSD(Solid State Drive)である。 Furthermore, in the following description, a "persistent storage device" refers to one or more persistent storage devices. A persistent storage device is typically a non-volatile storage device (e.g., an auxiliary storage device), specifically, for example, a hard disk drive (HDD) or a solid state drive (SSD).
 また、以下の説明では、「記憶装置」は、メモリと永続記憶装置の少なくともメモリでよい。 In the following description, "storage device" may refer to at least one memory, including memory and persistent storage device.
 また、以下の説明では、「プロセッサ」は、一つ以上のプロセッサデバイスである。少なくとも一つのプロセッサデバイスは、典型的には、CPU(Central Processing Unit)のようなマイクロプロセッサデバイスであるが、GPU(Graphics Processing Unit)のような他種のプロセッサデバイスでもよい。少なくとも一つのプロセッサデバイスは、シングルコアでもよいしマルチコアでもよい。少なくとも一つのプロセッサデバイスは、プロセッサコアでもよい。少なくとも一つのプロセッサデバイスは、処理の一部または全部を行うハードウェア回路(例えばFPGA(Field-Programmable Gate Array)またはASIC(Application Specific Integrated Circuit))といった広義のプロセッサデバイスでもよい。 Furthermore, in the following description, a "processor" refers to one or more processor devices. The at least one processor device is typically a microprocessor device such as a CPU (Central Processing Unit), but may also be other types of processor devices such as a GPU (Graphics Processing Unit). The at least one processor device may be a single-core or multi-core. The at least one processor device may be a processor core. The at least one processor device may also be a processor device in the broader sense, such as a hardware circuit that performs part or all of the processing (e.g., an FPGA (Field-Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit)).
 また、以下の説明では、「yyy部」の表現にて機能を説明することがあるが、機能は、一つ以上のコンピュータプログラムがプロセッサによって実行されることで実現されてもよいし、一つ以上のハードウェア回路(例えばFPGAまたはASIC)によって実現されてもよいし、それらの組合せによって実現されてもよい。プログラムがプロセッサによって実行されることで機能が実現される場合、定められた処理が、適宜に記憶装置および/またはインターフェース装置等を用いながら行われるため、機能はプロセッサの少なくとも一部とされてもよい。機能を主語として説明された処理は、プロセッサあるいはそのプロセッサを有する装置が行う処理としてもよい。プログラムは、プログラムソースからインストールされてもよい。プログラムソースは、例えば、プログラム配布計算機または計算機が読み取り可能な記憶媒体(例えば非一時的な記憶媒体)であってもよい。各機能の説明は一例であり、複数の機能が一つの機能にまとめられたり、一つの機能が複数の機能に分割されたりしてもよい。 In the following description, functions are sometimes described using the expression "yyy unit", but the functions may be realized by one or more computer programs being executed by a processor, or by one or more hardware circuits (e.g., FPGAs or ASICs), or by a combination of these. When a function is realized by a program being executed by a processor, the function may be at least a part of the processor, since the specified processing is performed using a storage device and/or an interface device, etc., as appropriate. Processing described with a function as the subject may be processing performed by a processor or a device having the processor. A program may be installed from a program source. The program source may be, for example, a program distribution computer or a storage medium (e.g., a non-transitory storage medium) that is readable by a computer. The description of each function is an example, and multiple functions may be combined into one function, or one function may be divided into multiple functions.
 以下、図面を参照して、本発明の一実施形態を詳述する。なお、以下の実施形態では、本人認証の一例としてログイン認証が採用され、本人認証用の認証情報としてID及びパスワードといったログイン情報が採用され、本人認証用の認証情報の入力のためのWEBページとしてID及びパスワードが入力されるログインページが採用される。 Below, one embodiment of the present invention will be described in detail with reference to the drawings. In the following embodiment, login authentication is adopted as an example of personal authentication, login information such as an ID and password is adopted as authentication information for personal authentication, and a login page into which an ID and password are input is adopted as a web page for inputting authentication information for personal authentication.
 図1は、本発明の一実施形態に係るシステム構成を示す図である。 FIG. 1 shows the system configuration for one embodiment of the present invention.
 インターネットのような通信ネットワークを介してユーザ端末150とサーバシステム100間で通信が行われる。 Communication takes place between the user terminal 150 and the server system 100 via a communication network such as the Internet.
 ユーザ端末150は、パーソナルコンピュータやスマートフォンのような情報処理端末である。ユーザ端末150は、IF装置(インターフェース装置)160、記憶装置180及びそれらに接続されたプロセッサ190を有する。また、ユーザ端末150は、IF装置160に接続されたUI(User Interface)装置170を有する。 The user terminal 150 is an information processing terminal such as a personal computer or a smartphone. The user terminal 150 has an IF device (interface device) 160, a storage device 180, and a processor 190 connected to them. The user terminal 150 also has a UI (User Interface) device 170 connected to the IF device 160.
 IF装置160は、サーバシステム100の後述のIF装置110と通信したり、UI装置170と通信したりする。 The IF device 160 communicates with the IF device 110 (described below) of the server system 100, and with the UI device 170.
 UI装置170は、キーボードやマウスのような入力装置と、液晶ディスプレイのような表示装置とのうちの少なくとも一つである。UI装置170は、タッチパネルのように入力装置と表示装置とが一体の装置でもよい。 The UI device 170 is at least one of an input device such as a keyboard or a mouse, and a display device such as a liquid crystal display. The UI device 170 may be a device in which the input device and the display device are integrated, such as a touch panel.
 記憶装置180は、鍵Uを記憶する。鍵Uは、一つ又は複数のユーザ鍵である。ユーザ鍵は、情報の暗号化や復号に用いられる。以下、第nのユーザ鍵を「KUn」と表記する(nは自然数)。多重暗号通信対象(例えば情報の一例としての引数)毎に使用されるユーザ鍵が異なってもよいし、多重暗号通信対象に関わらずユーザ鍵が共通でもよい。 The storage device 180 stores a key U. The key U is one or more user keys. The user keys are used to encrypt and decrypt information. Hereinafter, the nth user key will be represented as "K Un " (n is a natural number). A different user key may be used for each object of multiple cryptographic communication (e.g., an argument as an example of information), or a common user key may be used regardless of the object of multiple cryptographic communication.
 プロセッサ190が、WEBブラウザ191、トークン管理部192及び暗号化部193として機能する。これらの機能191~193は、ユーザ端末150のOS(Operating System)を含む又は除く一つ以上のコンピュータプログラムの少なくとも一部をプロセッサ190が実行することにより実現される。例えば、トークン管理部192及び暗号化部193の少なくとも一つは、予めユーザ端末150に用意された機能(例えばWEBブラウザ191のプラグイン)でもよいし、サーバシステム100からのWEBページに対してJAVAスクリプト(「JAVA」は登録商標)のように埋め込まれた機能(WEBページから取得された機能)でもよい。これらの機能191~193の説明は、図2及び図3が表す認証処理の説明の中で行われる。 The processor 190 functions as a web browser 191, a token management unit 192, and an encryption unit 193. These functions 191 to 193 are realized by the processor 190 executing at least a part of one or more computer programs including or excluding the OS (Operating System) of the user terminal 150. For example, at least one of the token management unit 192 and the encryption unit 193 may be a function prepared in advance in the user terminal 150 (e.g., a plug-in for the web browser 191), or may be a function embedded in a web page from the server system 100 as a JAVA script ("JAVA" is a registered trademark) (a function obtained from a web page). These functions 191 to 193 will be explained in the explanation of the authentication process shown in Figures 2 and 3.
 サーバシステム100は、IF装置110、記憶装置120及びそれらに接続されたプロセッサ130といった計算資源を有する一つ以上の物理的な計算機で構成された物理的なシステムでもよいし、そのような物理的なシステムに基づく論理的なシステム(例えば、クラウドコンピューティングサービスとしてのシステム)でもよい。 The server system 100 may be a physical system consisting of one or more physical computers having computing resources such as an IF device 110, a storage device 120, and a processor 130 connected to them, or it may be a logical system based on such a physical system (e.g., a system as a cloud computing service).
 IF装置110は、ユーザ端末150のIF装置160と通信する。 IF device 110 communicates with IF device 160 of user terminal 150.
 記憶装置120が、鍵S及び管理DB(データベース)121を記憶する。 The storage device 120 stores the key S and the management DB (database) 121.
 鍵Sは、一つ又は複数のユーザ鍵にそれぞれ対応した一つ又は複数のサーバ鍵である。サーバ鍵は、情報の暗号化や復号に用いられる。多重暗号通信対象(例えば情報の一例としての引数)毎に使用されるサーバ鍵が異なってもよいし、多重暗号通信対象に関わらずサーバ鍵が共通でもよい。本実施形態では、ユーザ鍵とサーバ鍵は1:1で対応しているとする。以下、第nのユーザ鍵KUnに対応した第nのサーバ鍵を「KSn」と表記する。どの多重暗号通信でどのユーザ鍵及びどのサーバ鍵が使用されるかは予め決められていてもよいし、どの多重暗号通信であるかに関わらず使用されるユーザ鍵及びサーバ鍵はそれぞれ任意でもよい。 The key S is one or more server keys corresponding to one or more user keys. The server key is used for encrypting and decrypting information. The server key used may be different for each multiple encryption communication target (e.g., an argument as an example of information), or the server key may be common regardless of the multiple encryption communication target. In this embodiment, the user key and the server key are assumed to correspond to each other on a one-to-one basis. Hereinafter, the n-th server key corresponding to the n-th user key K Un is represented as "K Sn ". It may be predetermined which user key and which server key are used in which multiple encryption communication, or any user key and server key may be used regardless of which multiple encryption communication is used.
 管理DB121は、管理情報の一例であり、ユーザ毎に情報を含む。例えば、各ユーザについて、当該ユーザの情報は、例えば、当該ユーザのID及びパスワードのような認証情報を含む。また、各ユーザについて、当該ユーザの情報には、適宜に、トークンとOTPが追加される。なお、ユーザの認証情報は、ID及びパスワードの少なくとも一つに代えて又は加えて、ユーザの生体情報のような他種の情報を含んでもよい。 Management DB121 is an example of management information, and includes information for each user. For example, for each user, the user information includes authentication information such as the user's ID and password. In addition, for each user, a token and OTP are added to the user information as appropriate. Note that the user authentication information may include other types of information, such as the user's biometric information, instead of or in addition to at least one of the ID and password.
 プロセッサ130が、トークン管理部131、WEB-IF部132、暗号化部133、OTP管理部134及び認証部135として機能する。これらの機能131~135は、サーバシステム100のOSを含む又は除く一つ以上のコンピュータプログラムの少なくとも一部をプロセッサ130が実行することにより実現される。また、これらの機能131~135の説明は、図2及び図3が表す認証処理の説明の中で行われる。 The processor 130 functions as a token management unit 131, a WEB-IF unit 132, an encryption unit 133, an OTP management unit 134, and an authentication unit 135. These functions 131 to 135 are realized by the processor 130 executing at least a part of one or more computer programs including or excluding the OS of the server system 100. Furthermore, an explanation of these functions 131 to 135 will be given in the explanation of the authentication process shown in Figures 2 and 3.
 図2及び図3は、本発明の一実施形態において行われる認証処理を示す。 FIGS. 2 and 3 show the authentication process performed in one embodiment of the present invention.
 S201で、ユーザ端末150のWEBブラウザ191が、サーバシステム100にHTTPリクエストを送信する。ここで言う「HTTPリクエスト」は、ログインページのURLが指定されたリクエストであるが、そのようなリクエストに代えて、ログインページ以外のWEBページのURLが指定されたHTTPリクエストが採用されてもよい。このHTTPリクエストに応答してユーザのログイン認証が済んでいないことがサーバシステム100により特定された場合には、ログインページのHTTPレスポンスがユーザ端末150に提供されてよい。 In S201, the web browser 191 of the user terminal 150 sends an HTTP request to the server system 100. The "HTTP request" referred to here is a request in which the URL of a login page is specified, but instead of such a request, an HTTP request in which the URL of a web page other than the login page is specified may be used. If the server system 100 determines in response to this HTTP request that the user's login authentication has not been completed, an HTTP response of the login page may be provided to the user terminal 150.
 S202:S201で送信されたHTTPリクエスト(又はリダイレクトにより送信されたHTTPリクエスト)をサーバシステム100が受信する。当該HTTPリクエストに応答して、サーバシステム100のトークン管理部131が、トークン(以下、トークンA)を生成し、例えば記憶装置120に一時保存する。トークンAは、例えば乱数としての文字列である。サーバシステム100のWEB-IF部132が、トークンAが関連付けられた(例えば埋め込まれた)ログインページのHTTPレスポンスを、ユーザ端末150に提供する。 S202: The server system 100 receives the HTTP request sent in S201 (or the HTTP request sent by redirection). In response to the HTTP request, the token management unit 131 of the server system 100 generates a token (hereinafter, token A) and temporarily stores it, for example, in the storage device 120. Token A is, for example, a character string as a random number. The WEB-IF unit 132 of the server system 100 provides the user terminal 150 with an HTTP response of a login page to which token A is associated (for example, embedded).
 S203:ユーザ端末150のWEBブラウザ191が、サーバシステム100からのログインページを表示し、ユーザ端末150のトークン管理部192が、ログインページに関連付けられているトークンAを保存する。トークンAの保存先は、記憶装置180(つまりローカルストレージ)でよいが、それに代えて又は加えて、セッションストレージであってもよい。 S203: The web browser 191 of the user terminal 150 displays the login page from the server system 100, and the token management unit 192 of the user terminal 150 saves the token A associated with the login page. The destination for saving the token A may be the storage device 180 (i.e., local storage), but instead of or in addition to that, it may also be session storage.
 S204:ユーザ端末150のWEBブラウザ191が、ログインページに対するID及びPW(パスワード)の入力を受け付ける。 S204: The web browser 191 of the user terminal 150 accepts input of an ID and PW (password) for the login page.
 S205:S204で例えばログインページ上のログインボタンが押された場合、ユーザ端末150のWEBブラウザ191が、当該入力されたID及びパスワードを含んだ情報である引数(以下、引数P)を暗号化部193に渡し、暗号化部193が、引数Pを、第1のユーザ鍵KU1と上記保存されたトークンA(暗号化用パスワード)とを用いて暗号化する。引数Pは、ID及びパスワード以外の情報(例えば、タイムスタンプ)を含んでもよい。第1のユーザ鍵KU1を用いて暗号化された引数を「引数EU1」と表記する。 S205: For example, if a login button on a login page is pressed in S204, the web browser 191 of the user terminal 150 passes an argument (hereinafter, argument P), which is information including the input ID and password, to the encryption unit 193, and the encryption unit 193 encrypts the argument P using the first user key K U1 and the above-mentioned stored token A (encryption password). The argument P may include information other than the ID and password (for example, a timestamp). The argument encrypted using the first user key K U1 is represented as "argument E U1 ".
 S206:ユーザ端末150のWEBブラウザ191が、引数EU1を関連付けたHTTPリクエスト(例えば、本人認証のリクエスト)を送信する。 S206: The WEB browser 191 of the user terminal 150 transmits an HTTP request (for example, a request for personal authentication) associated with the argument EU1 .
 S207:引数EU1が関連付いたHTTPリクエストをサーバシステム100(例えばWEB-IF部132)が受信し、サーバシステム100の暗号化部133が、上記一時保存されたトークンA(暗号化用パスワード)と第1のサーバ鍵KS1とを用いて引数EU1を暗号化する。第1のユーザ鍵KU1と第1のサーバ鍵KS1とを用いて暗号化された引数、つまり多重暗号された引数を「引数EU1S1」と表記する。サーバシステム100(例えばWEB-IF部132)が、引数EU1S1をユーザ端末150に送信する。 S207: The server system 100 (for example, the WEB-IF unit 132) receives the HTTP request associated with the argument E U1 , and the encryption unit 133 of the server system 100 encrypts the argument E U1 using the temporarily stored token A (encryption password) and the first server key K S1 . The argument encrypted using the first user key K U1 and the first server key K S1 , that is, the multiple-encrypted argument, is represented as "argument E U1S1 ". The server system 100 (for example, the WEB-IF unit 132) transmits the argument E U1S1 to the user terminal 150.
 S208:引数EU1S1をユーザ端末150(例えばWEBブラウザ191)が受信し、ユーザ端末150の暗号化部193が、引数EU1S1を、上記保存されたトークンA(復号用パスワード)と第1のユーザ鍵KU1とを用いて復号する。これにより、引数Pが第1のサーバ鍵KS1で暗号化されている状態の引数ES1が取得される。ユーザ端末150(例えばWEBブラウザ191)が、引数ES1をサーバシステム100に送信する。 S208: The user terminal 150 (e.g., the WEB browser 191) receives the argument E U1S1 , and the encryption unit 193 of the user terminal 150 decrypts the argument E U1S1 using the stored token A (decryption password) and the first user key K U1 . This results in the argument E S1 in which the argument P is encrypted with the first server key K S1 . The user terminal 150 (e.g., the WEB browser 191) transmits the argument E S1 to the server system 100.
 S209:引数ES1をサーバシステム100(例えばWEB-IF部132)が受信し、サーバシステム100の暗号化部133が、上記一時保存されたトークンA(復号用パスワード)と第1のサーバ鍵KS1とを用いて引数ES1を復号する。これにより、引数Pが取得され、故に、引数PからID及びパスワードの取得が可能である。 S209: The server system 100 (for example, the WEB-IF unit 132) receives the argument E S1 , and the encryption unit 133 of the server system 100 decrypts the argument E S1 using the temporarily stored token A (decryption password) and the first server key K S1 . This obtains the argument P, and therefore the ID and password can be obtained from the argument P.
 S206~S209に係る多重暗号通信(ユーザ端末150のWEBブラウザ191とサーバシステム100のWEB-IF部132間の通信)は、HTTPで行われる。すなわち、引数EU1、引数EU1S1及び引数ES1の送受信は、HTTPで行われる。また、鍵及び暗号化用パスワードを用いた暗号化、及び、鍵及び復号用パスワードを用いた復号は、本実施形態では、バーナム暗号が利用される。暗号化及び復号には、バーナム暗号以外の手法が採用されてもよい。 The multiple encryption communication in S206 to S209 (communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100) is performed using HTTP. That is, the transmission and reception of the argument E U1 , the argument E U1S1 , and the argument E S1 is performed using HTTP. In addition, in this embodiment, the Vernam cipher is used for encryption using the key and the encryption password, and for decryption using the key and the decryption password. Methods other than the Vernam cipher may be used for encryption and decryption.
 S210:サーバシステム100の認証部135が、引数Pから取得されたID及びパスワードに一致するID及びパスワードを含んだ情報が管理DB121にあるか否かを判定する。この判定の結果が偽の場合(S210:NO)、認証部135が、エラー処理(例えば、ID又はパスワードの入力のやり直しを表すメッセージをユーザ端末150に送信すること)を行う。この判定の結果が真の場合(S210:YES)、処理が図3のS211に進む。 S210: The authentication unit 135 of the server system 100 determines whether or not there is information in the management DB 121 that includes an ID and password that match the ID and password obtained from the argument P. If the result of this determination is false (S210: NO), the authentication unit 135 performs error processing (for example, sending a message to the user terminal 150 instructing the user to re-enter the ID or password). If the result of this determination is true (S210: YES), the process proceeds to S211 in FIG. 3.
 S211:サーバシステム100のトークン管理部192が、S210:YESのID及びパスワードに対応したユーザの情報(管理DB121内の情報)に、上記一時保存されたトークンAを含める。つまり、トークン管理部192が、トークンAに当該ユーザを関連付ける。サーバシステム100のWEB-IF部132が、トークンAが関連付けられた(例えば埋め込まれた)OTP入力用のWEBページであるOTP入力ページを、ユーザ端末150に提供する。OTP入力ページは、S206で送信されたHTTPリクエストのHTTPレスポンスとして提供されてよい。 S211: The token management unit 192 of the server system 100 includes the temporarily stored token A in the information (information in the management DB 121) of the user corresponding to the ID and password of S210: YES. In other words, the token management unit 192 associates the user with token A. The WEB-IF unit 132 of the server system 100 provides the user terminal 150 with an OTP input page, which is a WEB page for OTP input with which token A is associated (e.g., embedded). The OTP input page may be provided as an HTTP response to the HTTP request sent in S206.
 S212:ユーザ端末150のWEBブラウザ191が、サーバシステム100からのOTP入力ページを表示する。なお、この段階で、ユーザ端末150のトークン管理部192が、上記保存されたトークンAに一致するトークンがOTP入力ページに関連付けられているか否かを判定してよい。この判定の結果が偽の場合、ユーザ端末150(例えばWEBブラウザ191)が、エラー処理(例えば、不正なページであることの警告メッセージを表示すること)を行ってよい。 S212: The web browser 191 of the user terminal 150 displays the OTP input page from the server system 100. At this stage, the token management unit 192 of the user terminal 150 may determine whether or not a token matching the stored token A is associated with the OTP input page. If the result of this determination is false, the user terminal 150 (e.g., the web browser 191) may perform error processing (e.g., display a warning message indicating that the page is invalid).
 S213:S211に並行して、サーバシステム100のOTP管理部134が、URL通知を、S210でID及びパスワードの認証がされたユーザ宛に送信する。「URL通知」とは、トークンAに基づく文字列(本実施形態ではトークンAを含んだ文字列)を有するURL(リンクの一例)であるOTP-URLが記述された通知(例えば、電子メール、又は、SMSメッセージ)である。本実施形態では、OTP-URLは、第1のユーザ鍵KU1とトークンAとを用いて復号可能な引数(つまり引数EU1)としての文字列を含む。引数EU1は、S206でサーバシステム100に送信されたリクエストに関連付けられている引数である。 S213: In parallel with S211, the OTP management unit 134 of the server system 100 transmits a URL notification to the user whose ID and password have been authenticated in S210. The "URL notification" is a notification (e.g., an email or an SMS message) in which an OTP-URL, which is a URL (an example of a link) having a character string based on the token A (a character string including the token A in this embodiment), is described. In this embodiment, the OTP-URL includes a character string as an argument (i.e., the argument E U1 ) that can be decrypted using the first user key K U1 and the token A. The argument E U1 is an argument associated with the request transmitted to the server system 100 in S206.
 S214:ユーザ端末150(例えば、図示しないメールアプリ又はSMSアプリ)が、サーバシステム100からのURL通知を表示し、当該通知に記述されているURLを指定するユーザ操作を受け付ける。 S214: The user terminal 150 (for example, a mail application or SMS application, not shown) displays the URL notification from the server system 100 and accepts a user operation to specify the URL described in the notification.
 S215:ユーザ端末150の暗号化部193が、指定されたURLにおける文字列(引数EU1としての文字列)を、第1のユーザ鍵KU1と上記保存されたトークンAとを用いて復号する。 S215: The encryption unit 193 of the user terminal 150 decrypts the character string in the specified URL (the character string as the argument EU1 ) using the first user key K U1 and the token A stored above.
 S216:ユーザ端末150のトークン管理部192が、S215の復号により得られたトークンと、上記保存されたトークンAとが一致するか否かを判定する。この判定の結果が偽の場合、ユーザ端末150(例えばWEBブラウザ191)が、エラー処理(例えば、ID及びパスワードの入力からやり直すことのメッセージを表示すること)を行ってよい。この判定の結果が真の場合(S216:YES)、処理がS217に進む。 S216: The token management unit 192 of the user terminal 150 determines whether the token obtained by decryption in S215 matches the stored token A. If the result of this determination is false, the user terminal 150 (e.g., the web browser 191) may perform error processing (e.g., displaying a message instructing the user to start over by entering the ID and password). If the result of this determination is true (S216: YES), the process proceeds to S217.
 S217:ユーザ端末150のWEBブラウザ191が、OTP-URLを指定したHTTPリクエスト(OTPを表示したWEBページであるOTP表示ページのリクエスト)を送信する。 S217: The web browser 191 of the user terminal 150 sends an HTTP request specifying the OTP-URL (a request for the OTP display page, which is a web page that displays the OTP).
 S218:OTP-URLを指定したリクエストをサーバシステム100(例えばWEB-IF部132)が受信し、サーバシステム100のOTP管理部134が、OTPを発行し、当該OTPを、S210でID及びパスワードの認証がされたユーザに対応した情報(管理DB121内の情報)に関連付ける。つまり、OTP管理部134が、当該ユーザが関連付けられたトークンに、発行されたOTPを関連付ける。なお、OTPの発行は、OTP-URLを指定したHTTPリクエストを受信したときに代えて、S210:YESの後の任意のタイミングで行われてもよい。また、OTPの発行は、サーバシステム100の外部のシステムにより行われてもよい。 S218: The server system 100 (e.g., the WEB-IF unit 132) receives a request specifying an OTP-URL, and the OTP management unit 134 of the server system 100 issues an OTP and associates the OTP with information (information in the management DB 121) corresponding to the user whose ID and password were authenticated in S210. In other words, the OTP management unit 134 associates the issued OTP with the token associated with the user. Note that the OTP may be issued at any timing after S210: YES, instead of when an HTTP request specifying an OTP-URL is received. The OTP may also be issued by a system external to the server system 100.
 S219:下記の多重暗号通信が行われる。この多重暗号通信の対象は、OTPである。なお、OTPは多重暗号されることなくユーザ端末150に送信されてもよい。
(X1)サーバシステム100の暗号化部133が、発行されたOTPを、トークンA(暗号化用パスワード)と第2のサーバ鍵KS2とを用いて暗号化する。この暗号化されたOTPを「OTP-ES2」と表記する。また、例えば鍵Sにおけるサーバ鍵の1つだけの場合、第1のサーバ鍵KS1と第2のサーバ鍵KS2は同じ鍵でよい。サーバシステム100(例えばWEB-IF部132)が、OTP-ES2をユーザ端末150に送信する。
(X2)ユーザ端末150(例えばWEBブラウザ191)が、OTP-ES2を受信し、ユーザ端末150の暗号化部193が、上記保存されたトークンA(暗号化用パスワード)と第2のサーバ鍵KS2に対応する第2のユーザ鍵KU2とを用いてOTP-ES2を暗号化する。第2のサーバ鍵KS2と第2のユーザ鍵KU2とを用いて暗号化されたOTP、つまり多重暗号されたOTPを「OTP-ES2U2」と表記する。ユーザ端末150(例えばWEBブラウザ191)が、OTP-ES2U2をサーバシステム100に送信する。
(X3)サーバシステム100(例えばWEB-IF部132)が、OTP-ES2U2を受信し、サーバシステム100の暗号化部133が、OTP-ES2U2を、トークンA(復号用パスワード)と第2のサーバ鍵KS2とを用いて復号する。これにより、OTPが第2のユーザ鍵KU2で暗号化されている状態のOTP-EU2が取得される。サーバシステム100(例えばWEB-IF部132)が、OTP-EU2をユーザ端末150に送信する。
(X4)ユーザ端末150(例えばWEBブラウザ191)が、OTP-EU2を受信し、ユーザ端末150の暗号化部193が、上記保存されたトークンA(復号用パスワード)と第2のユーザ鍵KU2とを用いてOTP-EU2を復号する。これにより、OTPが取得される。 S219: The following multiple encryption communication is performed. The target of this multiple encryption communication is the OTP. The OTP may be transmitted to the user terminal 150 without being multiple encrypted.
(X1) The encryption unit 133 of the server system 100 encrypts the issued OTP using the token A (encryption password) and the second server key K S2 . This encrypted OTP is denoted as "OTP-E S2 ". Also, for example, in the case where there is only one server key in the key S, the first server key K S1 and the second server key K S2 may be the same key. The server system 100 (for example, the WEB-IF unit 132) transmits the OTP-E S2 to the user terminal 150.
(X2) The user terminal 150 (for example, the WEB browser 191) receives the OTP-E S2 , and the encryption unit 193 of the user terminal 150 encrypts the OTP-E S2 using the stored token A (encryption password) and the second user key K U2 corresponding to the second server key K S2 . The OTP encrypted using the second server key K S2 and the second user key K U2 , that is, the multiple-encrypted OTP, is represented as "OTP-E S2U2 ". The user terminal 150 (for example, the WEB browser 191) transmits the OTP-E S2U2 to the server system 100.
(X3) The server system 100 (for example, the WEB-IF unit 132) receives the OTP-E S2U2 , and the encryption unit 133 of the server system 100 decrypts the OTP-E S2U2 using the token A (decryption password) and the second server key K S2 . This results in the OTP-E U2 being encrypted with the second user key K U2 . The server system 100 (for example, the WEB-IF unit 132) transmits the OTP-E U2 to the user terminal 150.
(X4) The user terminal 150 (for example, the WEB browser 191) receives the OTP- EU2 , and the encryption unit 193 of the user terminal 150 decrypts the OTP- EU2 using the stored token A (decryption password) and the second user key K U2 . As a result, the OTP is obtained.
 (X1)~(X4)に係る多重暗号通信(ユーザ端末150のWEBブラウザ191とサーバシステム100のWEB-IF部132間の通信)は、HTTPで行われる。すなわち、OTP-ES2、OTP-ES2U2及びOTP-EU2の送受信は、HTTPで行われる。 The multiple encryption communication related to (X1) to (X4) (communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100) is performed by HTTP. That is, the transmission and reception of OTP-E S2 , OTP-E S2U2 and OTP-E U2 is performed by HTTP.
 S220:ユーザ端末150のWEBブラウザ191が、サーバシステム100からのOTP(例えば(X4)で復号されたOTP)を表示する。 S220: The web browser 191 of the user terminal 150 displays the OTP from the server system 100 (e.g., the OTP decrypted with (X4)).
 S221:ユーザ端末150のWEBブラウザ191が、OTP入力ページに対するOTPの入力を受け付ける。 S221: The web browser 191 of the user terminal 150 accepts the OTP input on the OTP input page.
 S222:S221で例えばOTP入力ページ上のログインボタンが押された場合、ユーザ端末150のWEBブラウザ191が、HTTPリクエストを送信する。当該リクエストでは、(トークン/ID)U3が指定される。「(トークン/ID)U3」は、OTP(暗号化用パスワード)と第3のユーザ鍵KU3とを用いて暗号化されたトークンA及びID(ログインのために入力されたユーザのID)である。本実施形態では、トークンA及びIDが、多重暗号通信の対象である。具体的には、下記が行われる。なお、第3のユーザ鍵KU3は、第1のユーザ鍵KU1又は第2のユーザ鍵KU2と同じユーザ鍵でもよいし、それらのユーザ鍵とは異なるユーザ鍵でもよい。
(Y1)サーバシステム100(例えばWEB-IF部132)が、(トークン/ID)U3を受信し、サーバシステム100の暗号化部133が、(トークン/ID)U3を、上記発行されたOTP(復号用パスワード)と第3のサーバ鍵KS3(第3のユーザ鍵KU3に対応したサーバ鍵)とを用いて暗号化する。第3のユーザ鍵KU3と第3のサーバ鍵KS3とを用いて暗号化されたトークン/ID、つまり多重暗号されたトークン/IDを「(トークン/ID)U3S3」と表記する。サーバシステム100(例えばWEB-IF部132)が、(トークン/ID)U3S3をユーザ端末150に送信する。
(Y2)ユーザ端末150(例えばWEBブラウザ191)が、(トークン/ID)U3S3を受信し、ユーザ端末150の暗号化部193が、上記保存されたOTP(復号用パスワード)と第3のユーザ鍵KU3とを用いて(トークン/ID)U3S3を復号する。これにより、トークン/IDが第3のサーバ鍵KS3で暗号化されている状態の(トークン/ID)S3が取得される。ユーザ端末150(例えばWEBブラウザ191)が、(トークン/ID)S3をサーバシステム100に送信する。
(Y3)サーバシステム100(例えばWEB-IF部132)が、(トークン/ID)S3を受信し、サーバシステム100の暗号化部133が、上記発行されたOTP(復号用パスワード)と第3のサーバ鍵KS3とを用いて(トークン/ID)S3を復号する。これにより、トークン/IDが取得される。 S222: When, for example, a login button on an OTP input page is pressed in S221, the WEB browser 191 of the user terminal 150 transmits an HTTP request. In this request, (token/ID) U3 is specified. "(token/ID) U3 " is the token A and ID (user ID entered for login) encrypted using the OTP (encryption password) and the third user key K U3 . In this embodiment, the token A and ID are the targets of multiple encryption communication. Specifically, the following is performed. Note that the third user key K U3 may be the same user key as the first user key K U1 or the second user key K U2 , or may be a user key different from these user keys.
(Y1) The server system 100 (for example, the WEB-IF unit 132) receives the (token/ID) U3 , and the encryption unit 133 of the server system 100 encrypts the (token/ID) U3 using the issued OTP (decryption password) and the third server key K S3 (a server key corresponding to the third user key K U3 ). The token/ID encrypted using the third user key K U3 and the third server key K S3 , that is, the multiple-encrypted token/ID, is represented as "(token/ID) U3S3 ". The server system 100 (for example, the WEB-IF unit 132) transmits the (token/ID) U3S3 to the user terminal 150.
(Y2) The user terminal 150 (e.g., the WEB browser 191) receives the (token/ID) U3S3 , and the encryption unit 193 of the user terminal 150 decrypts the (token/ID) U3S3 using the stored OTP (decryption password) and the third user key K U3 . This results in the (token/ID) S3 in a state in which the token/ID is encrypted with the third server key K S3 . The user terminal 150 (e.g., the WEB browser 191) transmits the (token/ID) S3 to the server system 100.
(Y3) The server system 100 (for example, the WEB-IF unit 132) receives the (token/ID) S3 , and the encryption unit 133 of the server system 100 decrypts the (token/ID) S3 using the issued OTP (decryption password) and the third server key K S3 . As a result, the token/ID is acquired.
 (Y1)~(Y3)に係る多重暗号通信(ユーザ端末150のWEBブラウザ191とサーバシステム100のWEB-IF部132間の通信)は、HTTPで行われる。すなわち、(トークン/ID)U3、(トークン/ID)U3S3及び(トークン/ID)S3の送受信は、HTTPで行われる。 The multiple encryption communication related to (Y1) to (Y3) (communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100) is performed by HTTP. That is, the transmission and reception of (token/ID) U3 , (token/ID) U3S3 , and (token/ID) S3 is performed by HTTP.
 S223:サーバシステム100の認証部135が、管理DB121を参照し、トークン/IDがトークンA及びユーザ(S210でID及びパスワードの認証がされたユーザ)のIDと一致するか否かを判定する。この判定の結果が偽の場合(S223:NO)、認証部135が、エラー処理(例えば、ID又はパスワードの入力のやり直しを表すメッセージをユーザ端末150に送信すること)を行う。この判定の結果が真の場合(S223:YES)、処理がS224に進む。 S223: The authentication unit 135 of the server system 100 refers to the management DB 121 and determines whether the token/ID matches token A and the ID of the user (the user whose ID and password were authenticated in S210). If the result of this determination is false (S223: NO), the authentication unit 135 performs error processing (for example, sending a message to the user terminal 150 indicating that the user should re-enter the ID or password). If the result of this determination is true (S223: YES), the process proceeds to S224.
 S224:サーバシステム100の認証部135が、ユーザのログインを許可する(本人認証の成功)。 S224: The authentication unit 135 of the server system 100 allows the user to log in (personal authentication successful).
 本実施形態を考察すると、例えば下記の通りの問題回避が期待できる。 When considering this embodiment, it is expected that the following problems can be avoided:
 第1に、ログインページが偽のページであり、第三者が、偽のページに入力されたID及びパスワードを使用してユーザになりすまそうとするケースが考えられる。しかし、URL通知におけるOTP-URLが第三者により指定されたときに、S216でトークンの不一致が検出される。トークンA(正しいトークン)が第三者のユーザ端末に存在しないためである。故に、S216:NO(エラー)となり、処理が先に進まない。結果として、このケースの問題は回避可能である。 Firstly, there may be a case where the login page is a fake page, and a third party attempts to impersonate the user by using the ID and password entered on the fake page. However, when the OTP-URL in the URL notification is specified by the third party, a token mismatch is detected in S216. This is because token A (the correct token) does not exist on the third party's user terminal. Therefore, S216: NO (error) occurs, and processing does not proceed. As a result, the problem in this case can be avoided.
 第2に、URL通知が偽の通知であるケースが考えられる。しかし、URL通知におけるOTP-URLがユーザにより指定されたときに、S216でトークンの不一致が検出される。OTP-URLの文字列がトークンAを基にした文字列ではないためである。故に、S216:NO(エラー)となり、処理が先に進まない。 Secondly, the URL notification may be a false notification. However, when the OTP-URL in the URL notification is specified by the user, a token mismatch is detected in S216. This is because the character string in the OTP-URL is not based on token A. Therefore, S216: NO (error) is returned, and processing does not proceed.
 第3に、URL通知が第三者に盗られるケースが考えられる。しかし、下記(3-1)及び(3-2)のいずれかの方法により、このケースの問題は回避される。
(3-1)URL通知におけるOTP-URLが第三者により指定されたときに、S216でトークンの不一致が検出される。OTP-URLの文字列の基になっているトークンAと同じトークンAが、第三者のユーザ端末に保存されていないためである。故に、S216:NO(エラー)となり、処理が先に進まない。
(3-2)S219での送信対象のOTPは、トークンAを暗号化用パスワードとした多重暗号通信の対象である。トークンAは、第三者のユーザ端末に保存されていない。このため、多重暗号されたOTPの復号は失敗する。 Thirdly, the URL notification may be stolen by a third party. However, this problem can be avoided by using either of the following methods (3-1) or (3-2).
(3-1) When the OTP-URL in the URL notification is specified by a third party, a token mismatch is detected in S216. This is because the same token A as the token A on which the character string of the OTP-URL is based is not stored in the user terminal of the third party. Therefore, S216: NO (error) is returned, and the process does not proceed.
(3-2) The OTP to be transmitted in S219 is the target of multiple encryption communication using token A as the encryption password. Token A is not stored in the third party's user terminal. For this reason, decryption of the multiple encrypted OTP fails.
 第4に、OTP入力ページが偽のページであり、第三者が、偽のページに入力されたOTPを使用してユーザになりすまそうとするケースが考えられる。しかし、下記(4-1)及び(4-2)のいずれかの方法により、このケースの問題は回避される。
(4-1)その入力されたOTPは、サーバシステム100において第三者に関連付けられていない。このため、S223:NO(エラー)、つまり、本人認証が失敗する。
(4-2)その入力されたOTPは、サーバシステム100においてトークンAを復号用パスワードとした多重暗号通信の対象である。しかし、トークンAは第三者のユーザ端末に保存されていない。故に、サーバシステム100において復号が失敗する。 Fourth, there may be a case where the OTP input page is a fake page and a third party tries to impersonate a user by using the OTP input on the fake page. However, the problem in this case can be avoided by either of the following methods (4-1) or (4-2).
(4-1) The input OTP is not associated with a third party in the server system 100. Therefore, S223: NO (error), that is, the identity authentication fails.
(4-2) The input OTP is the subject of multiple encryption communication using token A as the decryption password in server system 100. However, token A is not stored in the third party's user terminal. Therefore, decryption fails in server system 100.
 以上の説明を、例えば、下記のように総括することができる。下記の総括は、上述の説明の補足や変形例を含んでよい。 The above explanation can be summarized, for example, as follows. The summary below may include supplements and variations of the above explanation.
 本人認証システムは、サーバシステム100に備えられるトークン管理部131、WEB-IF部132、及びOTP管理部134を備える。また、本人認証システムは、WEBブラウザ191を有するユーザ端末150に備えられるトークン管理部192を備える。サーバシステム100のトークン管理部131が、トークンAを生成する。サーバシステム100のWEB-IF部132が、当該生成されたトークンAをHTTPでユーザ端末150に送信する。ユーザ端末150のトークン管理部192が、サーバシステム100からのトークンAを保存する。サーバシステム100のOTP管理部134が、ユーザの本人認証に必要な発行されたOTPを、サーバシステム100において生成されユーザが関連付けられたトークンAに関連付ける。サーバシステム100のOTP管理部134が、当該トークンAに基づく文字列を有するリンクであるOTPリンクが記述されたユーザ宛のリンク通知(例えば上述のURL通知)を送信する。発行されたリンク通知に記述されているOTPリンクが指定された場合、ユーザ端末150のトークン管理部192が、当該指定されたOTPリンクが有する文字列の基になっているトークンと、保存されたトークンAとが一致するか否かを判定する。当該判定の結果が肯定の場合にユーザ端末150(WEBブラウザ191)により当該OTPリンクに従うHTTPリクエストが送信される。OTPリンクに従うHTTPリクエストをサーバシステム100が受信した場合、サーバシステム100のWEB-IF部132が、OTPのHTTPレスポンスをユーザ端末150に送信し、ユーザ端末150のWEBブラウザ191が、当該OTPを表示する。ユーザの本人認証成功の要件が、ユーザにより入力されたOTPが、ユーザが関連付けられているトークンに関連付けられているOTPに一致していることである。 The personal authentication system includes a token management unit 131, a WEB-IF unit 132, and an OTP management unit 134 provided in the server system 100. The personal authentication system also includes a token management unit 192 provided in a user terminal 150 having a WEB browser 191. The token management unit 131 of the server system 100 generates token A. The WEB-IF unit 132 of the server system 100 transmits the generated token A to the user terminal 150 by HTTP. The token management unit 192 of the user terminal 150 stores the token A from the server system 100. The OTP management unit 134 of the server system 100 associates the issued OTP required for user personal authentication with the token A generated in the server system 100 and associated with the user. The OTP management unit 134 of the server system 100 transmits a link notification (for example, the above-mentioned URL notification) addressed to the user in which an OTP link, which is a link having a character string based on the token A, is described. When the OTP link described in the issued link notification is specified, the token management unit 192 of the user terminal 150 judges whether the token on which the character string of the specified OTP link is based matches the stored token A. If the result of the judgment is positive, the user terminal 150 (WEB browser 191) sends an HTTP request according to the OTP link. When the server system 100 receives the HTTP request according to the OTP link, the WEB-IF unit 132 of the server system 100 sends an HTTP response of the OTP to the user terminal 150, and the WEB browser 191 of the user terminal 150 displays the OTP. A requirement for successful user authentication is that the OTP entered by the user matches the OTP associated with the token to which the user is associated.
 これにより、OTPをWEB機能で安全に提供することができ、OTPをWEB機能で通知しても、ユーザと通信経路の両方を正しく確認することができる。具体的には、サーバシステム100において生成されたトークンがHTTPでユーザ端末150に送信されてユーザ端末150に保存され、以降の通信では、トークンの不一致が検出された場合には処理が先に進まない。 This allows the OTP to be provided securely via the WEB function, and even if the OTP is notified via the WEB function, both the user and the communication path can be correctly confirmed. Specifically, the token generated in the server system 100 is sent to the user terminal 150 via HTTP and stored in the user terminal 150, and in subsequent communications, if a token mismatch is detected, processing will not proceed.
 なお、上記において、「トークンAに基づく文字列」とは、トークンAを含んだ文字列と、トークンAを暗号用パスワードとして用いて暗号化された情報としての文字列(この文字列はトークンAを含んでいてもいなくてもよい)とのいずれかでよい。 In the above, a "character string based on token A" can be either a character string that includes token A, or a character string that is information encrypted using token A as the encryption password (this character string may or may not include token A).
 また、「当該指定されたOTPリンクが有する文字列の基になっているトークンと、保存されたトークンAとが一致するか否か」は、例えば下記のいずれでもよい。
・指定されたOTPリンクが有する文字列から取得されたトークンが、保存されたトークンAと一致するか否か。
・指定されたOTPリンクが有する文字列を、保存されたトークンAを復号用パスワードとして用いて復号すること(例えばバーナム暗号に従う復号)に成功するか否か。 Furthermore, "whether or not the token on which the character string of the specified OTP link is based matches the stored token A" may be, for example, any of the following.
- Whether or not the token obtained from the character string contained in the specified OTP link matches the stored token A.
- Whether or not the character string contained in the specified OTP link can be successfully decrypted (for example, decrypted according to the Vernam cipher) using the stored token A as the decryption password.
 また、トークンAの生成及び送信は、ユーザが不特定の状態において行われてもよいし、ユーザが特定されている状態(例えば、社内ネットワークに接続のユーザ端末のユーザであることが特定されている状態)において行われてもよい。また、「特定されたユーザ」とは、ID及びパスワードのような認証情報の認証は済んでいないが特定の範囲に属していることが特定されているユーザでもよいし、ID及びパスワードのような認証情報の認証が済んだユーザでもよい。 The generation and transmission of token A may be performed when the user is unspecified, or when the user is specified (for example, when the user is specified as the user of a user terminal connected to the company network). An "specified user" may be a user who has not yet had their authentication information such as ID and password authenticated but who has been specified as belonging to a specific range, or a user whose authentication information such as ID and password has been authenticated.
 サーバシステム100のWEB-IF部132が、本人認証用の情報の入力を受け付けるWEBページである第1のWEBページ(例えばログインページ)と、OTPの入力を受け付けるWEBページである第2のWEBページ(例えばOTP入力ページ)とを提供するようになっている。第1のWEBページと第2のWEBページとのうちの少なくとも一つのWEBページが、生成されたトークンAを有する。このように、トークンAが、WEBページと共に(例えばWEBページに埋め込まれた状態で)送信されるので、トークンAの送信のためだけの通信が不要である。なお、実施形態では最初のトークンAの送信は、トークンAが埋め込まれたログインページの送信であるが、それに代えて、S210:YESの後のトークンAが埋め込まれたOTP入力ページの送信でもよい。 The WEB-IF unit 132 of the server system 100 provides a first WEB page (e.g., a login page) that is a WEB page that accepts input of information for personal authentication, and a second WEB page (e.g., an OTP input page) that is a WEB page that accepts input of an OTP. At least one of the first and second WEB pages has the generated token A. In this way, since the token A is transmitted together with the WEB page (e.g., embedded in the WEB page), communication only for transmitting the token A is not required. Note that in the embodiment, the first transmission of the token A is the transmission of a login page in which the token A is embedded, but instead, the transmission of an OTP input page in which the token A is embedded after S210: YES may be performed.
 サーバシステム100が、暗号化部133とサーバ鍵とを有する。ユーザ端末150が、暗号化部193とユーザ鍵とを有する。サーバシステム100からユーザ端末150へ送信される情報(典型的には、サーバシステム100からユーザ端末150へのHTTPレスポンスに関連付けられる情報)と、ユーザ端末150からサーバシステム100へ送信される情報(典型的には、ユーザ端末150からサーバシステム100へのHTTPリクエストに関連付けられる情報)とのうちの少なくとも一方が、多重暗号対象とされる。このため、中間者攻撃の防止が可能である。例えば、下記の通りである。 The server system 100 has an encryption unit 133 and a server key. The user terminal 150 has an encryption unit 193 and a user key. At least one of the information sent from the server system 100 to the user terminal 150 (typically, information associated with an HTTP response from the server system 100 to the user terminal 150) and the information sent from the user terminal 150 to the server system 100 (typically, information associated with an HTTP request from the user terminal 150 to the server system 100) is subject to multiple encryption. This makes it possible to prevent man-in-the-middle attacks. For example, as follows:
 <サーバシステム100からユーザ端末150へ送信される情報の多重暗号通信> <Multiple encryption communication of information sent from server system 100 to user terminal 150>
 サーバシステム100の暗号化部133が、ユーザ端末150にHTTPで送信される情報である対象情報を、サーバ鍵と、生成されたトークンAであるサーバ側暗号化用パスワードとを用いて暗号化する。サーバシステム100のWEB-IF部132が、当該暗号化された対象情報である第1の暗号化情報をユーザ端末150にHTTPで送信する。ユーザ端末150の暗号化部193が、サーバシステム100からの第1の暗号化情報を、ユーザ鍵と、保存されたトークンAであるユーザ側暗号化用パスワードとを用いて暗号化する。ユーザ端末150のWEBブラウザ191が、当該暗号化された第1の暗号化情報である第2の暗号化情報をサーバシステム100にHTTPで送信する。サーバシステム100の暗号化部133が、ユーザ端末150からの第2の暗号化情報を、サーバ鍵と、サーバ側暗号化用パスワードと同じパスワードとを用いて復号する。サーバシステム100のWEB-IF部132が、当該復号された第2の暗号化情報である第1の暗号化情報をユーザ端末150にHTTPで送信する。ユーザ端末150の暗号化部193が、サーバシステム100からの第1の暗号化情報を、ユーザ鍵と、ユーザ側暗号化用パスワードと同じパスワードとを用いて復号することで、対象情報を得る。このようにして、サーバシステム100からユーザ端末150へ送信される情報について中間者攻撃を防ぐことができる。なお、この段落で言う「対象情報」は、例えばOTPである。これにより、OTPの秘匿通信が実現される。 The encryption unit 133 of the server system 100 encrypts the target information, which is information to be sent to the user terminal 150 via HTTP, using the server key and the server-side encryption password, which is the generated token A. The WEB-IF unit 132 of the server system 100 sends the first encrypted information, which is the encrypted target information, to the user terminal 150 via HTTP. The encryption unit 193 of the user terminal 150 encrypts the first encrypted information from the server system 100 using the user key and the user-side encryption password, which is the stored token A. The WEB browser 191 of the user terminal 150 sends the second encrypted information, which is the encrypted first encrypted information, to the server system 100 via HTTP. The encryption unit 133 of the server system 100 decrypts the second encrypted information from the user terminal 150 using the server key and the same password as the server-side encryption password. The WEB-IF unit 132 of the server system 100 transmits the first encrypted information, which is the decrypted second encrypted information, to the user terminal 150 via HTTP. The encryption unit 193 of the user terminal 150 decrypts the first encrypted information from the server system 100 using the user key and the same password as the user-side encryption password to obtain the target information. In this way, it is possible to prevent man-in-the-middle attacks on the information transmitted from the server system 100 to the user terminal 150. Note that the "target information" referred to in this paragraph is, for example, an OTP. This allows for secret communication of the OTP.
 <ユーザ端末150からサーバシステム100へ送信される情報の多重暗号通信> <Multiple encryption communication of information sent from user terminal 150 to server system 100>
 ユーザ端末150の暗号化部193が、サーバシステム100にHTTPで送信される情報である対象情報を、ユーザ鍵と、ユーザ側暗号化用パスワード(保存されたトークンAとサーバシステム100からのOTPとのうちの少なくとも一つ)とを用いて暗号化する。ユーザ端末150のWEBブラウザ191が、当該暗号化された対象情報である第1の暗号化情報をサーバシステム100にHTTPで送信する。サーバシステム100の暗号化部133が、ユーザ端末150からの第1の暗号化情報を、サーバ鍵と、サーバ側暗号化用パスワード(生成されたトークンAと発行されたOTPとのうちの少なくとも一つ)とを用いて暗号化する。サーバシステム100のWEB-IF部132が、当該暗号化された第1の暗号化情報である第2の暗号化情報をユーザ端末150にHTTPで送信する。ユーザ端末150の暗号化部193が、サーバシステム100からの第2の暗号化情報を、ユーザ鍵と、ユーザ側暗号化用パスワードと同じパスワードとを用いて復号する。ユーザ端末150のWEBブラウザ191が、当該復号された第2の暗号化情報である第1の暗号化情報をサーバシステム100にHTTPで送信する。サーバシステム100の暗号化部133が、ユーザ端末150からの第1の暗号化情報を、サーバ鍵と、サーバ側暗号化用パスワードと同じパスワードとを用いて復号することで、対象情報を得る。このようにして、ユーザ端末150からサーバシステム100へ送信される情報について中間者攻撃を防ぐことができる。なお、この段落で言う「対象情報」は、例えば、ユーザ端末150のWEBブラウザ191により表示されたWEBページに対してユーザにより入力された情報である。これにより、ユーザにより入力された情報(例えば、認証情報又はOTP)の秘匿通信が実現される。 The encryption unit 193 of the user terminal 150 encrypts the target information, which is information to be transmitted to the server system 100 via HTTP, using a user key and a user-side encryption password (at least one of the stored token A and the OTP from the server system 100). The WEB browser 191 of the user terminal 150 transmits the first encrypted information, which is the encrypted target information, to the server system 100 via HTTP. The encryption unit 133 of the server system 100 encrypts the first encrypted information from the user terminal 150 using a server key and a server-side encryption password (at least one of the generated token A and the issued OTP). The WEB-IF unit 132 of the server system 100 transmits the second encrypted information, which is the encrypted first encrypted information, to the user terminal 150 via HTTP. The encryption unit 193 of the user terminal 150 decrypts the second encrypted information from the server system 100 using the user key and the same password as the user-side encryption password. The web browser 191 of the user terminal 150 transmits the first encrypted information, which is the decrypted second encrypted information, to the server system 100 via HTTP. The encryption unit 133 of the server system 100 decrypts the first encrypted information from the user terminal 150 using the server key and the same password as the server-side encryption password to obtain the target information. In this way, it is possible to prevent man-in-the-middle attacks on the information transmitted from the user terminal 150 to the server system 100. Note that the "target information" referred to in this paragraph is, for example, information input by the user to a web page displayed by the web browser 191 of the user terminal 150. This realizes secret communication of the information input by the user (for example, authentication information or OTP).
 ユーザ端末150のWEBブラウザ191とサーバシステム100のWEB-IF部132間の通信において、通信のプロトコルが、第1のHTTP(例えば、HTTP又はHTTPS)から第2のHTTP(便宜上「HTTPM」と呼ばれてよい)に遷移してよい。例えば、このプロトコル遷移は、WEB-IF部132により行われてよい。HTTPMに従う通信は、多重暗号通信である。多重暗号通信の対象は、ユーザ端末150のWEBブラウザ191からサーバシステム100のWEB-IF部132へ送信される情報(例えば、HTTPリクエストの引数)と、サーバシステム100のWEB-IF部132からユーザ端末150のWEBブラウザ191へ送信される情報(例えば、HTTPレスポンスの引数)とのうちの少なくとも一部である。多重暗号は、サーバシステム100の暗号化部133によるサーバ鍵とサーバ側の暗号化用パスワードとを用いた暗号化と、ユーザ端末150の暗号化部193によるユーザ鍵とユーザ側の暗号化用パスワードとを用いた暗号化とを含む。サーバ側の暗号化用パスワードとユーザ側の暗号化用パスワードとのいずれも、トークンAと、トークンAを暗号化用パスワードとして用いた多重暗号通信においてサーバシステム100とユーザ端末150間で送受信された情報(つまり、ユーザ端末150とサーバシステム100において共有されている情報)とのうちの少なくとも一つでよい。このようなプロトコル変換を経て多重暗号通信を維持することができる。 In communication between the WEB browser 191 of the user terminal 150 and the WEB-IF unit 132 of the server system 100, the communication protocol may transition from a first HTTP (e.g., HTTP or HTTPS) to a second HTTP (which may be referred to as "HTTPM" for convenience). For example, this protocol transition may be performed by the WEB-IF unit 132. Communication according to HTTP is multiple encryption communication. The subject of the multiple encryption communication is at least a portion of the information (e.g., arguments of an HTTP request) sent from the WEB browser 191 of the user terminal 150 to the WEB-IF unit 132 of the server system 100 and the information (e.g., arguments of an HTTP response) sent from the WEB-IF unit 132 of the server system 100 to the WEB browser 191 of the user terminal 150. Multiple encryption includes encryption by the encryption unit 133 of the server system 100 using a server key and a server-side encryption password, and encryption by the encryption unit 193 of the user terminal 150 using a user key and a user-side encryption password. Both the server-side encryption password and the user-side encryption password may be at least one of token A and information transmitted and received between the server system 100 and the user terminal 150 in multiple encryption communication using token A as the encryption password (i.e., information shared between the user terminal 150 and the server system 100). Multiple encryption communication can be maintained through such protocol conversion.
 以上、本発明の一実施の形態を説明したが、これらは本発明の説明のための例示であって、本発明の範囲をこれらの実施の形態に限定する趣旨ではない。本発明は、他の種々の形態でも実施する事が可能である。 The above describes one embodiment of the present invention, but these are merely examples for the purpose of explaining the present invention, and are not intended to limit the scope of the present invention to these embodiments. The present invention can also be implemented in various other forms.
 例えば、上述の説明における本人認証システムは、本人認証以外のサービスを提供するサービスシステムの外部のシステムであり当該サービスシステムに代わって本人認証を行うシステムでもよいし、本人認証に成功した(つまり認証が済んだ)ユーザに対してサービスを提供するサービスシステムでもよい。 For example, the personal authentication system described above may be an external system to a service system that provides services other than personal authentication and performs personal authentication on behalf of the service system, or it may be a service system that provides services to users who have been successfully authenticated (i.e., authenticated).
 また、上述の説明では、URL通知におけるURLが指定されたときにHTTPで提供される情報はOTPであるが、OTPに代えて又は加えて、他種の情報が採用されてもよい。例えば、「本人認証」が、OTP無しに(例えばID及びパスワードのような認証情報のみで)行われてもよく、本人認証成功後の通信において、トークンの発行、トークンのユーザ端末への送信、URL通知のユーザ端末への送信、当該URL通知におけるURLが指定されたときにHTTPでのユーザ端末への情報提供等が行われてもよい。また、そのサービスシステムでの通信において、所定の段階から、常に上述のHTTPMでの通信が行われてよい。 In addition, in the above explanation, the information provided by HTTP when a URL in a URL notification is specified is an OTP, but other types of information may be adopted instead of or in addition to the OTP. For example, "personal authentication" may be performed without an OTP (for example, with only authentication information such as an ID and password), and in communication after successful personal authentication, a token may be issued, the token may be sent to the user terminal, a URL notification may be sent to the user terminal, and information may be provided to the user terminal by HTTP when a URL in the URL notification is specified. In addition, in communication in the service system, communication may always be performed using the above-mentioned HTTP from a predetermined stage.
 100…サーバシステム、150…ユーザ端末 100: Server system, 150: User terminal

Claims (9)

  1.  サーバシステムに備えられるトークン管理部、WEB-IF(インターフェース)部、及びOTP(ワンタイムパスワード)管理部と、
     WEBブラウザを有するユーザ端末に備えられるトークン管理部と
    を備え、
     前記サーバシステムの前記トークン管理部が、トークンを生成し、
     前記サーバシステムの前記WEB-IF部が、当該生成されたトークンをHTTPで前記ユーザ端末に送信し、
     前記ユーザ端末の前記トークン管理部が、前記サーバシステムからの前記トークンを保存し、
     前記サーバシステムの前記OTP管理部が、ユーザの本人認証に必要な発行されたOTPを、前記生成され前記ユーザが関連付けられたトークンに関連付け、
     前記サーバシステムの前記OTP管理部が、当該トークンに基づく文字列を有するリンクであるOTPリンクが記述されたユーザ宛のリンク通知を送信し、
     前記発行されたリンク通知に記述されている前記OTPリンクが指定された場合、
      前記ユーザ端末の前記トークン管理部が、当該指定されたOTPリンクが有する文字列の基になっているトークンと、前記保存されたトークンとが一致するか否かを判定し、
      当該判定の結果が肯定の場合に前記ユーザ端末により当該OTPリンクに従うHTTPリクエストが送信され、
     前記OTPリンクに従うHTTPリクエストを前記サーバシステムが受信した場合、前記サーバシステムの前記WEB-IF部が、前記OTPのHTTPレスポンスを前記ユーザ端末に送信し、前記ユーザ端末の前記WEBブラウザが、当該OTPを表示し、
     前記ユーザの本人認証成功の要件が、前記ユーザにより入力されたOTPが、前記ユーザが関連付けられているトークンに関連付けられているOTPに一致していることである、
    本人認証システム。     A token management unit, a WEB-IF (interface) unit, and an OTP (one-time password) management unit provided in a server system;
    A token management unit provided in a user terminal having a WEB browser,
    The token manager of the server system generates a token;
    The WEB-IF unit of the server system transmits the generated token to the user terminal by HTTP,
    The token management unit of the user terminal stores the token from the server system;
    The OTP management unit of the server system associates the issued OTP required for user authentication with the generated token associated with the user;
    The OTP management unit of the server system transmits a link notification addressed to a user, the link including an OTP link having a character string based on the token;
    When the OTP link described in the issued link notification is specified,
    The token management unit of the user terminal determines whether or not the token that is the basis of the character string of the specified OTP link matches the stored token;
    If the result of the determination is positive, an HTTP request according to the OTP link is transmitted by the user terminal;
    When the server system receives an HTTP request following the OTP link, the WEB-IF unit of the server system transmits an HTTP response of the OTP to the user terminal, and the WEB browser of the user terminal displays the OTP;
    A requirement for successful authentication of the user is that the OTP entered by the user matches the OTP associated with the token with which the user is associated.
    Identity authentication system.
  2.  前記サーバシステムの前記WEB-IF部が、本人認証用の情報の入力を受け付けるWEBページである第1のWEBページと、OTPの入力を受け付けるWEBページである第2のWEBページとを提供するようになっており、
     前記第1のWEBページと前記第2のWEBページとのうちの少なくとも一つのWEBページが、前記生成されたトークンを有する、
    請求項1に記載の本人認証システム。     the WEB-IF unit of the server system provides a first WEB page which is a WEB page for accepting input of information for personal authentication, and a second WEB page which is a WEB page for accepting input of an OTP;
    At least one of the first web page and the second web page has the generated token;
    2. The personal authentication system according to claim 1.
  3.  前記サーバシステムが、暗号化部とサーバ鍵とを有し、
     前記ユーザ端末が、暗号化部とユーザ鍵とを有し、
     前記サーバシステムの前記暗号化部が、前記ユーザ端末にHTTPで送信される情報である対象情報を、前記サーバ鍵と、前記生成されたトークンであるサーバ側暗号化用パスワードとを用いて暗号化し、前記サーバシステムの前記WEB-IF部が、当該暗号化された対象情報である第1の暗号化情報を前記ユーザ端末にHTTPで送信し、
     前記ユーザ端末の前記暗号化部が、前記サーバシステムからの前記第1の暗号化情報を、前記ユーザ鍵と、前記保存されたトークンであるユーザ側暗号化用パスワードとを用いて暗号化し、前記ユーザ端末の前記WEBブラウザが、当該暗号化された第1の暗号化情報である第2の暗号化情報を前記サーバシステムにHTTPで送信し、
     前記サーバシステムの前記暗号化部が、前記ユーザ端末からの前記第2の暗号化情報を、前記サーバ鍵と、前記サーバ側暗号化用パスワードと同じパスワードとを用いて復号し、前記サーバシステムの前記WEB-IF部が、当該復号された第2の暗号化情報である第1の暗号化情報を前記ユーザ端末にHTTPで送信し、
     前記ユーザ端末の前記暗号化部が、前記サーバシステムからの前記第1の暗号化情報を、前記ユーザ鍵と、前記ユーザ側暗号化用パスワードと同じパスワードとを用いて復号することで、前記対象情報を得る、
    請求項1又は2に記載の本人認証システム。     the server system includes an encryption unit and a server key;
    the user terminal has an encryption unit and a user key;
    the encryption unit of the server system encrypts target information, which is information to be transmitted to the user terminal via HTTP, using the server key and the server-side encryption password, which is the generated token, and the WEB-IF unit of the server system transmits first encrypted information, which is the encrypted target information, to the user terminal via HTTP;
    the encryption unit of the user terminal encrypts the first encrypted information from the server system using the user key and the user-side encryption password which is the stored token, and the WEB browser of the user terminal transmits second encrypted information which is the encrypted first encrypted information to the server system via HTTP;
    the encryption unit of the server system decrypts the second encrypted information from the user terminal by using the server key and the same password as the server-side encryption password, and the WEB-IF unit of the server system transmits the first encrypted information, which is the decrypted second encrypted information, to the user terminal by HTTP;
    the encryption unit of the user terminal decrypts the first encrypted information from the server system using the user key and the same password as the user-side encryption password, thereby obtaining the target information;
    3. The personal authentication system according to claim 1 or 2.
  4.  前記対象情報は、前記OTPである、
    請求項3に記載の本人認証システム。     The target information is the OTP.
    4. The personal authentication system according to claim 3.
  5.  前記サーバシステムが、暗号化部とサーバ鍵とを有し、
     前記ユーザ端末が、暗号化部とユーザ鍵とを有し、
     前記ユーザ端末の前記暗号化部が、前記サーバシステムにHTTPで送信される情報である対象情報を、前記ユーザ鍵と、前記保存されたトークンと前記サーバシステムからのOTPとのうちの少なくとも一つであるユーザ側暗号化用パスワードとを用いて暗号化し、前記ユーザ端末の前記WEBブラウザが、当該暗号化された対象情報である第1の暗号化情報を前記サーバシステムにHTTPで送信し、
     前記サーバシステムの前記暗号化部が、前記ユーザ端末からの前記第1の暗号化情報を、前記サーバ鍵と、前記生成されたトークンと前記発行されたOTPとのうちの少なくとも一つであるサーバ側暗号化用パスワードとを用いて暗号化し、前記サーバシステムの前記WEB-IF部が、当該暗号化された第1の暗号化情報である第2の暗号化情報を前記ユーザ端末にHTTPで送信し、
     前記ユーザ端末の前記暗号化部が、前記サーバシステムからの前記第2の暗号化情報を、前記ユーザ鍵と、前記ユーザ側暗号化用パスワードと同じパスワードとを用いて復号し、前記ユーザ端末の前記WEBブラウザが、当該復号された第2の暗号化情報である第1の暗号化情報を前記サーバシステムにHTTPで送信し、
     前記サーバシステムの前記暗号化部が、前記ユーザ端末からの前記第1の暗号化情報を、前記サーバ鍵と、前記サーバ側暗号化用パスワードと同じパスワードとを用いて復号することで、前記対象情報を得る、
    請求項1又は2に記載の本人認証システム。     the server system includes an encryption unit and a server key;
    the user terminal has an encryption unit and a user key;
    The encryption unit of the user terminal encrypts target information, which is information to be transmitted to the server system via HTTP, using the user key and a user-side encryption password, which is at least one of the stored token and an OTP from the server system, and the WEB browser of the user terminal transmits first encrypted information, which is the encrypted target information, to the server system via HTTP;
    the encryption unit of the server system encrypts the first encrypted information from the user terminal using the server key and a server-side encryption password which is at least one of the generated token and the issued OTP, and the WEB-IF unit of the server system transmits second encrypted information which is the encrypted first encrypted information to the user terminal via HTTP;
    the encryption unit of the user terminal decrypts the second encrypted information from the server system using the user key and the same password as the user-side encryption password, and the WEB browser of the user terminal transmits the first encrypted information, which is the decrypted second encrypted information, to the server system via HTTP;
    the encryption unit of the server system decrypts the first encrypted information from the user terminal by using the server key and the same password as the server-side encryption password, thereby obtaining the target information;
    3. The personal authentication system according to claim 1 or 2.
  6.  前記対象情報は、前記ユーザ端末の前記WEBブラウザにより表示されたWEBページに対してユーザにより入力された情報である、
    請求項5に記載の本人認証システム。     The target information is information input by a user to a web page displayed by the web browser of the user terminal.
    6. The personal authentication system according to claim 5.
  7.  前記サーバシステムが、暗号化部とサーバ鍵とを有し、
     前記ユーザ端末が、暗号化部とユーザ鍵とを有し、
     前記ユーザ端末の前記WEBブラウザと前記サーバシステムの前記WEB-IF部間の通信のプロトコルが第1のHTTPから第2のHTTPに遷移し、
     前記第2のHTTPに従う通信は、多重暗号通信であり、
     前記多重暗号通信の対象は、前記ユーザ端末の前記WEBブラウザから前記サーバシステムの前記WEB-IF部へ送信される情報と、前記サーバシステムの前記WEB-IF部から前記ユーザ端末の前記WEBブラウザへ送信される情報との少なくとも一部であり、
     前記多重暗号は、前記サーバシステムの前記暗号化部による前記サーバ鍵とサーバ側の暗号化用パスワードとを用いた暗号化と、前記ユーザ端末の前記暗号化部による前記ユーザ鍵とユーザ側の暗号化用パスワードとを用いた暗号化とを含み、
     前記サーバ側の暗号化用パスワードと前記ユーザ側の暗号化用パスワードとのいずれも、前記トークンと、前記トークンを暗号化用パスワードとして用いた多重暗号通信において前記サーバシステムと前記ユーザ端末間で送受信された情報とのうちの少なくとも一つである、
    請求項1乃至6のうちのいずれか1項に記載の本人認証システム。     the server system includes an encryption unit and a server key;
    the user terminal has an encryption unit and a user key;
    a protocol of communication between the WEB browser of the user terminal and the WEB-IF unit of the server system transitions from a first HTTP to a second HTTP;
    the second HTTP-compliant communication is a multiple encryption communication,
    the target of the multiple encryption communication is at least a part of information transmitted from the WEB browser of the user terminal to the WEB-IF unit of the server system and information transmitted from the WEB-IF unit of the server system to the WEB browser of the user terminal,
    the multiple encryption includes encryption by the encryption unit of the server system using the server key and a server-side encryption password, and encryption by the encryption unit of the user terminal using the user key and a user-side encryption password,
    Both the encryption password on the server side and the encryption password on the user side are at least one of the token and information transmitted and received between the server system and the user terminal in multiple encryption communication using the token as an encryption password.
    7. An authentication system according to claim 1.
  8.  WEBブラウザを有するユーザ端末と通信するサーバシステムにより行われる本人認証方法であって、
     トークンを生成し、
     当該生成され前記ユーザ端末により保存されるトークンをHTTPで前記ユーザ端末に送信し、
     前記生成されたトークンにユーザを関連付け、
     発行されたOTPを、前記生成され前記ユーザが関連付けられたトークンに関連付け、
     前記生成されたトークンに基づく文字列を有するリンクであるOTPリンクが記述されたユーザ宛のリンク通知を送信し、
     前記発行されたリンク通知上の指定されたOTPリンクが有する文字列の基になっているトークンと、前記保存されたトークンとが一致することが前記ユーザ端末により判定された場合に、当該OTPリンクに従うHTTPリクエストを受信し、前記OTPのHTTPレスポンスを前記ユーザ端末に送信し、
     前記ユーザの本人認証成功の要件が、前記ユーザにより入力されたOTPが、前記ユーザが関連付けられているトークンに関連付けられているOTPに一致していることである、
    本人認証方法。     A method for authenticating an individual by a server system that communicates with a user terminal having a web browser, comprising:
    Generate a token,
    Sending the generated token to the user terminal via HTTP;
    Associating a user with the generated token;
    Associating the issued OTP with the generated token associated with the user;
    Sending a link notification to the user, the link including an OTP link having a character string based on the generated token;
    When the user terminal determines that a token based on a character string of the specified OTP link on the issued link notification matches the stored token, an HTTP request according to the OTP link is received, and an HTTP response of the OTP is transmitted to the user terminal;
    A requirement for successful authentication of the user is that the OTP entered by the user matches the OTP associated with the token with which the user is associated.
    Authentication method.
  9.  請求項1に記載のサーバシステムと通信しWEBブラウザを有するユーザ端末に請求項1に記載のトークン管理部の動作を実行させるためのコンピュータプログラム。 A computer program for causing a user terminal having a web browser that communicates with the server system described in claim 1 to execute the operation of the token management unit described in claim 1.
PCT/JP2022/045567 2022-12-09 2022-12-09 Self authentication system and self authentication method WO2024122069A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/045567 WO2024122069A1 (en) 2022-12-09 2022-12-09 Self authentication system and self authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/045567 WO2024122069A1 (en) 2022-12-09 2022-12-09 Self authentication system and self authentication method

Publications (1)

Publication Number Publication Date
WO2024122069A1 true WO2024122069A1 (en) 2024-06-13

Family

ID=91379084

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/045567 WO2024122069A1 (en) 2022-12-09 2022-12-09 Self authentication system and self authentication method

Country Status (1)

Country Link
WO (1) WO2024122069A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003233591A (en) * 2002-02-12 2003-08-22 Nippon Telegr & Teleph Corp <Ntt> User authentication method using browser phone mail, user authentication server, user authentication method for authenticating server, and user authentication program for authenticating server and recording medium recording the same
JP2004192193A (en) * 2002-12-10 2004-07-08 Nippon Telegr & Teleph Corp <Ntt> User authentication method by mail of browser phone, user authentication server, user authentication method for authentication server, user authentication program for authentication server and recording program recording its program
JP2014501953A (en) * 2010-11-02 2014-01-23 オーセンティファイ・インク A new method for secure user authentication and site authentication
JP2022188998A (en) * 2021-06-10 2022-12-22 株式会社 エヌティーアイ Identity authentication system and identity authentication method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003233591A (en) * 2002-02-12 2003-08-22 Nippon Telegr & Teleph Corp <Ntt> User authentication method using browser phone mail, user authentication server, user authentication method for authenticating server, and user authentication program for authenticating server and recording medium recording the same
JP2004192193A (en) * 2002-12-10 2004-07-08 Nippon Telegr & Teleph Corp <Ntt> User authentication method by mail of browser phone, user authentication server, user authentication method for authentication server, user authentication program for authentication server and recording program recording its program
JP2014501953A (en) * 2010-11-02 2014-01-23 オーセンティファイ・インク A new method for secure user authentication and site authentication
JP2022188998A (en) * 2021-06-10 2022-12-22 株式会社 エヌティーアイ Identity authentication system and identity authentication method

Similar Documents

Publication Publication Date Title
US9871791B2 (en) Multi factor user authentication on multiple devices
EP2520064B1 (en) Distributed authentication with data cloud
US10574648B2 (en) Methods and systems for user authentication
US9917829B1 (en) Method and apparatus for providing a conditional single sign on
US9537861B2 (en) Method of mutual verification between a client and a server
US9191394B2 (en) Protecting user credentials from a computing device
US9185096B2 (en) Identity verification
US8255696B2 (en) One-time password access to password-protected accounts
CN112425118B (en) Public key-private key pair account login and key manager
US10382424B2 (en) Secret store for OAuth offline tokens
US20090007243A1 (en) Method for rendering password theft ineffective
US20240089249A1 (en) Method and system for verification of identify of a user
CN114363088A (en) Method and device for requesting data
Mannan et al. Mercury: Recovering forgotten passwords using personal devices
JP7276737B2 (en) Identity verification system and identity verification method
KR101651607B1 (en) One click log-in method using anonymous ID and system thereof
Tiwari et al. Single sign-on with one time password
WO2024122069A1 (en) Self authentication system and self authentication method
CN112565156B (en) Information registration method, device and system
JP2022528366A (en) Computer systems and methods including the HTML browser approval approach
Xu et al. Qrtoken: Unifying authentication framework to protect user online identity
CN112383542B (en) User login method and system, authentication end and user end
Guan et al. Mobile Browser as a Second Factor for Web Authentication
US20230409680A1 (en) System and method for client device authentication through remote browser isolation
Wu et al. Minimizing SSO effort in verifying SSL anti-phishing indicators