The present invention relates to an authentication method which is used on the network, and also to an authentication system which uses this, and particularly to an authentication method in which mutual authentication that is high in security is enabled between different realms (units of administration authority of authentication) without previously setting an IP (Internet Protocol) address of a Key Distribution Center (hereinafter, referred to as KDC), to a terminal, and also to an authentication system which uses this.
As an authentication method of performing authentication on a general network such as the Internet, there is Kerberos authentication (an authentication method which was developed by Project Athena in Massachusetts Institute of Technology, and which is used on a network). As technical references relating to Kerberos authentication, there are the following references.
Patent Reference 1: Japanese Patent Unexamined Publication No. 2003-099401
Patent Reference 2: Japanese Patent Unexamined Publication No. 2004-178361
Patent Reference 3: Japanese Patent Unexamined Publication No. 2005-018748
A KDC in Kerberos authentication is configured by one or more computers. In a KDC, usually, functions of an Authentication Server (hereinafter, referred to as AS) and a Ticket Granting Server (hereinafter, referred to as TGS) operate.
In response to a request from a terminal, the AS issues a Ticket Granting Ticket (a certificate for certifying the terminal itself, hereinafter, referred to as TGT). The TGS issues a service ticket for using a service provided by a server or the like.
The terminal 1, the terminal 2, and the KDC 3 are included in a realm 100, and the KDC 4 and the terminal 5 are included in a realm 101. The terminal 1 is mutually connected to the terminal 2, the KDC 3, the KDC 4, the terminal 5, and the DNS server 6 via a network or the like.
Hereinafter, the operation of the example of the related art shown in
The procedure of an authentication process in the case where the terminal 1 receives a service provided by the terminal 2 will be described with reference to
Actually, data transmission/reception between a terminal and a KDC or a terminal and a terminal is performed by a message in accordance with the Kerberos protocol, and also a TGT and a service ticket are transmitted/received with being included in the message. For the sake of simplicity of description, however, this will be omitted in the subsequent description.
In “S001” in
The terminal 1 receives “encrypted TGT A” and encrypted “session key A”, and decrypts encrypted “session key A” with “secret key B” to obtain “session key A”. If the terminal which receives encrypted “session key A” is not the terminal 1, the terminal does not have “secret key B”, and hence the key cannot be decrypted, so that “session key A” cannot be obtained.
At the timing when the terminal 1 obtains “session key A”, therefore, the process of “authentication of the terminal 1” by the AS of the KDC 3 is completed.
In “S003” in
The TGS of the KDC 3 receives the authenticator encrypted with “session key A”, “encrypted TGT A”, and the identifier such as the name of the terminal 2, and decrypts “encrypted TGT A” with “secret key A”. From the decrypted TGT A, “session key A” is obtained, and the authenticator of the terminal 1 encrypted with “session key A” is decrypted.
The TGS of the KDC 3 compares the decrypted TGT A with the authenticator of the terminal 1, and checks that the terminal certified by the TGT A is the terminal 1. In “S004” in
The terminal 1 receives “encrypted service ticket A” and encrypted “session key B”, and decrypts encrypted “session key B” with “session key A” to obtain “session key B”. If the terminal which receives encrypted “session key B” is not the terminal 1, the terminal does not have “session key A”, and hence the key cannot be decrypted, so that “session key B” cannot be obtained.
At the timing when the terminal 1 obtains “session key B”, therefore, the process of “authentication of the terminal 1” by the TGS of the KDC 3 is completed.
In “S005” in
In “S006” in
Next, the procedure of an authentication process in the case where the terminal 1 receives a service provided by the terminal 5 in the different realm will be described with reference to
The terminal 1 receives “encrypted TGT A” and encrypted “session key A”, and decrypts encrypted “session key A” with “secret key B” to obtain “session key A”. If the terminal which receives encrypted “session key A” is not the terminal 1, the terminal does not have “secret key B”, and hence the key cannot be decrypted, so that “session key A” cannot be obtained.
At the timing when the terminal 1 obtains “session key A”, therefore, the process of “authentication of the terminal 1” by the AS of the KDC 3 is completed.
In “S103” in
The TGS of the KDC 3 receives the authenticator encrypted with “session key A”, “encrypted TGT A”, and the identifier such as the name of the KDC 4, and decrypts “encrypted TGT A” with “secret key A”. From the decrypted TGT A, “session key A” is obtained, and the authenticator of the terminal 1 encrypted with “session key A” is decrypted.
The TGS of the KDC 3 compares the decrypted TGT A with the authenticator of the terminal 1, and checks that the terminal certified by the TGT A is the terminal 1. In “S104” in
The terminal 1 receives “encrypted TGT B” and encrypted “session key C”, and decrypts encrypted “session key C” with “session key A” to obtain “session key C”. If the terminal which receives encrypted “session key C” is not the terminal 1, the terminal does not have “session key A”, and hence the key cannot be decrypted, so that “session key C” cannot be obtained.
At the timing when the terminal 1 obtains “session key C”, therefore, the process of “authentication of the terminal 1” by the TGS of the KDC 3 is completed.
In “S105” in
The TGS of the KDC 4 receives the authenticator encrypted with “session key C”, “encrypted TGT B”, and the identifier such as the name of the terminal 2, and decrypts “encrypted TGT B” with “secret key C”. From the decrypted TGT B, “session key C” is obtained, and the authenticator of the terminal 1 encrypted with “session key C” is decrypted.
The TGS of the KDC 4 compares the decrypted TGT B with the authenticator of the terminal 1, and checks that the terminal certified by the TGT B is the terminal 1. In “S106” in
The terminal 1 receives “encrypted service ticket B” and encrypted “session key D”, and decrypts encrypted “session key D” with “session key C” to obtain “session key D”. If the terminal which receives encrypted “session key D” is not the terminal 1, the terminal does not have “session key C”, and hence the key cannot be decrypted, so that “session key D” cannot be obtained.
At the timing when the terminal 1 obtains “session key D”, therefore, the process of “authentication of the terminal 1” by the TGS of the KDC 4 is completed.
In “S107” in
In “S108” in
In the case where an authentication service between different realms is to be provided, the IP address of the KDC 4 is previously set in the terminal 1, or the terminal 1 obtains the IP addresses of the KDC 4 from the DNS server 6 as shown in
As a result, the terminal 1 obtains the TGT B for accessing the KDC 4 in the realm 101, from the AS of the KDC 3, the service ticket B to the terminal 5 is obtained with using the TGT B from the TGS of the KDC 4, and authentication is requested with using the service ticket B to the terminal B, thereby allowing the terminal 1 belonging to the realm 100 to be authenticated by the terminal 5 belonging to the realm 101. Therefore, mutual authentication is enabled between different realms.
In the related art example shown in
In the case where the IP address of the KDC 4 is previously set, there are problems in that, when the number of terminals is increased, the manhour required for the setting is enormous, and that resetting is necessary each time when the IP address of the KDC 4 is changed.
In the case where the IP address of the KDC 4 is obtained from the DNS server 6, it is not necessary to previously set the IP address of the KDC 4, but there is a problem in that the security is low.
Therefore, the problem to be solved by the invention is to realize an authentication method in which mutual authentication that is high in security is enabled between different realms without previously setting an IP address of a KDC, to a terminal, and also an authentication system which uses this.
In order to attain the object, the authentication method of the invention is
an authentication method in which authentication is performed between terminals respectively belonging to a first realm and a second realm that is different from the first realm, with using a Kerberos authentication method, wherein
in order to obtain authentication with a terminal belonging to the second realm, a terminal belonging to the first realm requests a ticket granting ticket for accessing a key distribution center in the second realm, from a key distribution center in the first realm,
the key distribution center in the first realm transmits an encrypted IP address of the key distribution center in the second realm together with the requested ticket granting ticket, to the terminal belonging to the first realm,
based on the IP address, the terminal belonging to the first realm accesses the key distribution center in the second realm, to receive provision of a service ticket, and
the terminal belonging to the second realm authenticates the terminal belonging to the first realm with using the service ticket.
Therefore, mutual authentication that is high in security is enabled between different realms without previously setting an IP address of a key distribution center to a terminal.
The authentication system of the invention is an authentication system in which authentication is performed between terminals respectively belonging to a first realm and a second realm that is different from the first realm, with using a Kerberos authentication method, wherein the system comprises:
a terminal which belongs to the first realm, and which, in order to obtain authentication with a terminal belonging to the second realm, requests a ticket granting ticket for accessing a key distribution center in the second realm;
a key distribution center which is in the first realm, and which transmits an encrypted IP address of the key distribution center in the second realm together with the requested ticket granting ticket, to the terminal belonging to the first realm;
the key distribution center which is in the second realm, and which provides a service ticket based on the ticket granting ticket obtained by the terminal belonging to the first realm; and
a terminal which belongs to the second realm, and which authenticates the terminal belonging to the first realm with using the service ticket.
Therefore, mutual authentication that is high in security is enabled between different realms without previously setting an IP address of a key distribution center to a terminal.
The authentication system of the invention is
an authentication system in which authentication is performed between terminals respectively belonging to different realms, with using a Kerberos authentication method, wherein the system comprises:
a terminal which belongs to a first realm, and which, in order to obtain authentication with an arbitrary one of plural terminals respectively belonging to plural different realms, requests a ticket granting ticket for accessing a key distribution center in a second realm to which the arbitrary terminal belongs;
a key distribution center which is in the first realm, which selects an IP address of the key distribution center in the second realm to which the arbitrary terminal belongs, from IP addresses of plural key distribution centers respectively in the plural different realms, and which transmits the selected encrypted IP address of the key distribution center in the second realm together with the requested ticket granting ticket, to the terminal belonging to the first realm;
the key distribution center which is in the second realm, and which provides a service ticket based on the ticket granting ticket obtained by the terminal belonging to the first realm; and
the arbitrary terminal which authenticates the terminal belonging to the first realm with using the service ticket.
Therefore, mutual authentication that is high in security is enabled between different realms without previously setting an IP address of a key distribution center to a terminal.
The authentication system of the invention is
an authentication system in which authentication is performed between terminals respectively belonging to different realms, with using a Kerberos authentication method, wherein the system comprises:
a first terminal which belongs to a first realm, and which, in order to obtain authentication with a second terminal belonging to a third realm, requests a ticket granting ticket for accessing a key distribution center in the third realm, from a first key distribution center in the first realm or a second key distribution center in a second realm;
the first key distribution center which transmits an encrypted IP address of the second key distribution center together with the requested ticket granting ticket, to the first terminal;
the second key distribution center which transmits an encrypted IP address of the third key distribution center together with the requested ticket granting ticket, to the first terminal;
the third key distribution center which provides a service ticket based on the ticket granting ticket that is obtained by the first terminal from the second key distribution center; and
the second terminal which authenticates the first terminal with using the service ticket.
Therefore, mutual authentication that is high in security is enabled between different realms without previously setting an IP address of a key distribution center to a terminal.
According to the authentication method and the authentication system of the invention, an encrypted IP address of a key distribution center in a different realm together with a ticket granting ticket, to a terminal, whereby mutual authentication that is high in security is enabled between different realms without previously setting the IP address of the key distribution center to a terminal.
1, 2, 5, 7, 9, 11, 13, 15, 17, 20 terminal
3, 4, 8, 10, 12, 14, 16, 18, 19, 21 key distribution center
6 DNS server
100, 101, 102, 103, 104, 105, 106, 107, 108, 109 realm
Hereinafter, the invention will be described in detail with reference to the drawings.
In
Hereinafter, the operation of the embodiment shown in
In the operation of the embodiment shown in
In the following description, the detailed description of encryption between a terminal and a KDC or a terminal and a terminal is identical with that of
The procedure of an authentication process in the case where the terminal 7 receives a service provided by the terminal 9 in the different realm will be described with reference to
The terminal 7 previously recognizes that the terminal 9 is under administration of the KDC 10. In “S203” in
In “S205” in
In “S207” in
As a result, the terminal 7 obtains the TGT reply message in which the IP address of the KDC 10 is embedded in the encryption portion, from the TGS of the KDC 8, and extracts and decrypts the encrypted IP address of the KDC 10, whereby the terminal 7 is enabled to safely obtain the IP address of the KDC 10. Furthermore, a service ticket to the terminal 9 is obtained from the TGS of the KDC 10 with using the TGT, authentication is requested to the terminal 9 with using the service ticket, and the terminal 7 is authenticated by the terminal 9, whereby mutual authentication that is high in security is enabled between different realms without previously setting the IP address of the KDC 10 to the terminal 7.
In
The terminal 11 is mutually connected to the KDC 12, the terminal 13, the KDC 14, the terminal 15, and the KDC 16 via a network or the like.
Hereinafter, the operation of the embodiment shown in
Specifically, in the case where the terminal 11 is to access the terminal 13, the TGS of the KDC 12 selects the IP address of the KDC 14, embeds the selected IP address in an encryption portion of a TGT reply message to a TGT request for accessing the KDC 14, and then transmits the message to the terminal 11. By contrast, in the case where the terminal 11 is to access the terminal 15, the TGS of the KDC 12. selects the IP address of the KDC 16, embeds the selected IP address in an encryption portion of a TGT reply message to a TGT request for accessing the KDC 16, and then transmits the message to the terminal 11.
As a result, in the case where the terminal 11 is to access the terminal 13, the TGS of the KDC 12 selects the IP address of the KDC 14, embeds the selected IP address in the encryption portion of the TGT reply message to the TGT request for accessing the KDC 14, and then transmits the message to the terminal 11. In the case where the terminal 11 is to access the terminal 15, the TGS of the KDC 12 selects the IP address of the KDC 16, embeds the selected IP address in the encryption portion of the TGT reply message to the TGT request for accessing the KDC 16, and then transmits the message to the terminal 11. Therefore, the terminal 11 can safely obtain the IP address of the KDC 14 or 16. Consequently, mutual authentication that is high in security is enabled between different realms without previously setting the IP address of the KDC 14 or 16 to the terminal 11.
In
The terminal 17 is mutually connected to the KDC 18, the KDC 19, the terminal 20, and the KDC 21 via a network or the like.
Hereinafter, the operation of the embodiment shown in
The operation of the embodiment shown in
In this case, the terminal belonging to the first realm, or the KDC in the first realm previously recognizes that the KDC in the second realm knows the IP address of the KDC in the third realm.
In “S301” in
In “S303” in
In “S305” in
In “S307” in
In “S309” in
As a result, the terminal 17 obtains the TGT reply message in which the IP address of the KDC 19 in the realm 108 is embedded in the encryption portion, from the TGS of the KDC 18, and extracts and decrypts the encrypted IP address of the KDC 19, and the terminal 17 obtains the TGT reply message in which the IP address of the KDC 21 in the realm 109 is embedded in the encryption portion, from the TGS of the KDC 19, and extracts and decrypts the encrypted IP address of the KDC 21, whereby the terminal 17 is enabled to safely obtain the IP addresses of the KDCs 19 and 21.
Furthermore, the terminal 17 obtains a service ticket to the terminal 20 from the TGS of the KDC 21 with using the TGT obtained from the TGS of the KDC 19, authentication is requested to the terminal 20 with using the service ticket, and the terminal 17 is authenticated by the terminal 20, whereby mutual authentication that is high in security is enabled between different realms without previously setting the IP addresses of the KDCs 19 and 21 to the terminal 17.
In the embodiments shown in
In the embodiment shown in
In the embodiment shown in
The present application is based on Japanese Patent Application (No. 2006-138578) filed May 18, 2006, and its disclosure is incorporated herein by reference.
Number | Date | Country | Kind |
---|---|---|---|
2006-138578 | May 2006 | JP | national |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/JP2007/060163 | 5/17/2007 | WO | 00 | 2/27/2008 |