Patent Application
20100217990
The present invention relates to technologies for communication through a network, and more specifically, to a technology for communication with one device having a function to send connection establishment request information to other device before the connection between the one device and the other device not being established, but not having a function to establish a connection with the other device when connection establishment request information being sent from the other device before the connection between the one device and the other device not being established.
The Hyper Text Transfer Protocol (HTTP) is one communication protocol used on the Internet (refer to Non-patent literature 1, for example).
In HTTP communication, a two-way connection is first established between a client device and a server device in accordance with the Transmission Control Protocol (TCP), as described below (three-way handshake).
1. The client device sends connection establishment request information (SYN packet) to the server device that is in the standby state.
2. The server device sends to the client device acknowledgment information and connection establishment request information for the client device (ACK and SYN packets).
3. The client device sends acknowledgment information (ACK packet) to the server device.
Through the two-way connection established as described above, the client device sends request information to the server device, and the server device returns response information to the client device.
Non-patent literature 1: “RFC 2616 Hypertext Transfer Protocol—HTTP/1.1”, retrieved through the Internet on Apr. 9, 2008, URL: http://www.ietforg/rfc/rfc2616.txt
With that type of communication method, however, a second terminal which has not yet established a connection cannot start communication at a desired timing with a first terminal having a connection establishment request function to send connection establishment request information to a device without an established connection but not having a connection standby function to receive, in the standby state, connection establishment request information from a device and to establish a connection with the device.
With the conventional method, when the second terminal which has not yet established a connection communicates with the first terminal at a desired timing, the second terminal must first establish a connection with the first terminal by sending connection establishment request information to the first terminal. However, if the first terminal does not have the connection standby function, this processing cannot be executed. This type of problem is not a problem that can occur only with HTTP but is a problem that can occur with any type of communication protocol that establishes a connection between devices and uses the established connection for communication between the devices.
In view of the problem, an object of the present invention is to provide a technique that allows the second terminal which has not yet established a connection to start communication at a desired timing with the first terminal having the connection establishment request function but not having the connection standby function.
According to the present invention, transmission of first connection establishment request information to a relay server device having a connection standby function from a transmitter of a first terminal having a connection establishment request function but not having the connection standby function triggers the establishment of a first connection between the relay server device and the first terminal. A communication path endpoint association unit of the relay server device next stores an identifier and first endpoint information corresponding to the first connection in association with each other in a memory. Then, transmission of second connection establishment request information to the relay server device from a transmitter of a second terminal triggers the establishment of a second connection between the relay server device and the second terminal. Next, the transmitter of the second terminal sends, via the second connection, second request information having transmission information and the identifier. A receiver of the relay server device receives the second request information via the second connection. A communication path endpoint search unit of the relay server device searches through the memory for a match with the identifier included in the second request information and extracts the first endpoint information associated with the identifier. A transmitter of the relay server device sends the transmission information included in the second request information as response information to the first request information via the first connection corresponding to the first endpoint information. A receiver of the first terminal receives the transmission information via the first connection.
According to the present invention, a second terminal which has not yet established a connection can start communication at a desired timing with a first terminal having a connection establishment request function but not having a connection standby function.
Now, best modes for carrying out the present invention will be described with reference to the drawings.
[Basic Aspects]
The basic aspects of the present invention will now be described.
[First Aspect]
The basic structure of a first aspect will be exemplified below.
[Basic Structure of First Aspect]
As shown in
[Basic Processing in First Aspect]
The basic processing in the first aspect will be exemplified next.
The transmission of first connection establishment request information from a transmitter 10a of the first terminal 10 to the relay server device 30 triggers the establishment of a first connection between the relay server device 30 and the first terminal 10 by a first connection processor 10c of the first terminal 10 and a first connection processor 30c of the relay server device 30.
More specifically, the transmitter 10a of the first terminal 10 sends the first connection establishment request information (SYN) to the relay server device 30. The reception of the first connection establishment request information (SYN) by a receiver 30b of the relay server device 30 triggers transmission of acknowledgment information (ACK) and the first connection establishment request information (SYN) to the first terminal 10 by a transmitter 30a of the relay server device 30. The reception of the information by a receiver 10b of the first terminal 10 triggers transmission of acknowledgment information (ACK) to the relay server device 30 by the transmitter 10a of the first terminal 10, and the receiver 30b of the relay server device 30 receives the acknowledgment information (ACK). Through this processing, the first connection processor 30c and the first connection processor 10c establish a first connection between the relay server device 30 and the first terminal 10.
Next, the transmitter 10a of the first terminal 10 sends first request information (RQ-1) having the identifier (ID) of the first terminal 10 via the first connection, and the receiver 30b of the relay server device 30 receives the first request information (RQ-1) via the first connection. A communication path endpoint association unit 30e of the relay server device 30 stores the identifier (ID) of the first terminal provided by the first request information (RQ-1) and first endpoint information (T-1) corresponding to the first connection, in association with each other, in a memory 30g.
The transmission of second connection establishment request information to the relay server device by a transmitter 20a of the second terminal 20 triggers the establishment of a second connection between the relay server device 30 and the second terminal 20, by a second connection processor 30d of the relay server device 30 and a second connection processor 20c of the second terminal 20.
More specifically, the transmitter 20a of the second terminal 20 first sends the second connection establishment request information (SYN) to the relay server device 30. The reception of the second connection establishment request information (SYN) by the receiver 30b of the relay server device 30 triggers the transmission of acknowledgment information (ACK) and the second connection establishment request information (SYN) to the second terminal 20, by the transmitter 30a of the relay server device 30. The reception of the information by a receiver 20b of the second terminal 20 triggers the transmission of acknowledgment information (ACK) to the relay server device 30 by the transmitter 20a of the second terminal 20, and the receiver 30b of the relay server device 30 receives the acknowledgment information (ACK). Through this processing, the second connection processor 30c and the second connection processor 20c establish the second connection between the relay server device 30 and the second terminal 20.
Next, the transmitter 20a of the second terminal 20 sends second request information (RQ-2) having transmission information (TR) and the identifier (ID) of the first terminal via the second connection, and the receiver 30b of the relay server device 30 receives the second request information (RQ-2) via the second connection. A communication path endpoint search unit 30f of the relay server device 30 searches through the memory 30g for a match with the identifier (ID) of the first terminal provided by the second request information (RQ-2) and extracts the first endpoint information (T-1) associated with the identifier (ID) of the first terminal.
The transmitter 30a of the relay server device 30 sends the transmission information (TR) provided by the second request information as response information to the first request information via the first connection corresponding to the extracted first endpoint information (T-1), and the receiver 10b of the first terminal 10 receives the transmission information (TR) via the first connection.
[Features of First Aspect]
In the first aspect, the transmission of the first connection establishment request information to the relay server device 30 having the connection standby function by the first terminal 10 having the connection establishment request function but not having the connection standby function leads to the establishment of the first connection between the first terminal 10 and the relay server device 30. The transmission of the second connection establishment request information to the relay server device 30 having the connection standby function by the second terminal 20 having the connection establishment request function leads to the establishment of the second connection between the second terminal 20 and the relay server device 30. In the first aspect, the first endpoint information corresponding to the first connection and the identifier of the first terminal 10 are stored in association with each other in the memory 30g of the relay server device 30. This allows the second terminal 20 to send the identifier via the second connection and allows the relay server device 30 to search through the memory 30g for a match with the identifier and to extract the endpoint of the first connection.
As has been described above, the second terminal 20 can establish, at a desired timing, the communication path from the second terminal 20 to the first terminal 10 via the second connection, the relay server device 30, and the first connection and can start communication with the first terminal 10.
The identifier of the first terminal 10 can be a fixed value specific to the first terminal 10 or can be specified randomly each time the identifier of the first terminal 10 is sent. In the configuration in which the identifier of the first terminal 10 is specified randomly each time it is sent, even if the identifier is stolen through eavesdropping by a third party, the problem of the third party being able to access the first terminal 10 by using the identifier and then extracting the endpoint of the first connection fraudulently and semipermanently can be avoided.
It is preferable that the identifier provided by the second request information be identified by information input via an input unit (not shown), which is the user interface of the second terminal 20. In that case, the communication path from the second terminal 20 to the first terminal 10 is established only when a user knowing the information identifying the identifier of the first terminal 10 is using the second terminal 20. This allows the right to access the first terminal 10 to be managed. An example of the information identifying the identifier of the first terminal 10 input to the input unit of the second terminal 20 is the identifier itself or non-identifier information that can identify the identifier uniquely in the second terminal 20. An example of the non-identifier information that can identify the identifier uniquely is the URL (uniform resource locator) of the first terminal 10 associated with the identifier in the second terminal 20.
[Second Aspect]
The basic structure of a second aspect will be exemplified next.
[Basic Structure of Second Aspect]
As shown in
[Basic Processing in Second Aspect]
The basic processing in the second aspect will be exemplified next.
The transmission of first connection establishment request information to the relay server device 130 having the connection standby function, by a transmitter 10a of the first terminal 10 triggers the establishment of a first connection between the relay server device 130 and the first terminal 10 by a first connection processor 10c of the first terminal 10 and a first connection processor 30c of the relay server device 130.
The transmitter 10a of the first terminal 10 sends first request information (RQ-1) via the first connection, and a receiver 30b of the relay server device 130 receives the first request information (RQ-1) via the first connection. A communication path endpoint association unit 130e of the relay server device 130 stores a temporary identifier (TID) consisting of a temporarily generated random character string (generated by a temporary identifier generator 130h, for example) and first endpoint information (T-1) corresponding to the first connection, in association with each other, in a memory 130g.
The transmission of second connection establishment request information to the relay server device 130 by a transmitter 20a of the second terminal 120 triggers the establishment of a second connection between the relay server device 130 and the second terminal 120 by a second connection processor 30d of the relay server device 130 and a second connection processor 20c of the second terminal 120.
The transmitter 20a of the second terminal 120 sends second request information (RQ-2) having transmission information (TR) and a temporary identifier (TID) via the second connection, and the receiver 30b of the relay server device 130 receives the second request information (RQ-2) via the second connection. A communication path endpoint search unit 130f of the relay server device 130 searches through the memory 130g for a match with the temporary identifier (TID) provided by the second request information (RQ-2) and extracts the first endpoint information (T-1) associated with the temporary identifier (TID).
The transmitter 30a of the relay server device 130 sends the transmission information (TR) provided by the second request information as response information to the first request information, via the first connection corresponding to the extracted first endpoint information (T-1), and the receiver 10b of the first terminal 10 receives the transmission information (TR) via the first connection.
[Features of Second Aspect]
In the second aspect, the transmission of the first connection establishment request information to the relay server device 130 having the connection standby function by the first terminal 10 having the connection establishment request function but not having the connection standby function leads to the establishment of the first connection between the first terminal 10 and the relay server device 130. The transmission of the second connection establishment request information to the relay server device 130 having the connection standby function by the second terminal 120 having the connection establishment request function leads to the establishment of the second connection between the second terminal 120 and the relay server device 130. In the second aspect, the first endpoint information corresponding to the first connection and the temporary identifier which is generated temporarily at random are stored in association with each other in the memory 130g of the relay server device 130. This allows the second terminal 120 to send the temporary identifier via the second connection and allows the relay server device 130 to search through the memory 130g for a match with the temporary identifier and to extract the endpoint of the first connection.
As has been described above, the second terminal 120 can establish, at a desired timing, a communication path from the second terminal 120 to the first terminal 10 via the second connection, the relay server device 130, and the first connection and can start communication with the first terminal 10.
The temporary identifier sent from the second terminal 120 to the relay server device 130 is data that have been generated temporarily at random. Accordingly, even if the temporary identifier is stolen through eavesdropping by a third party, the problem of the third party being able to access the first terminal 10 by using the temporary identifier and then extracting the endpoint of the first connection fraudulently and semipermanently can be avoided. The temporary identifier does not require as tight security management as the identifier of the first terminal 10 requires, and the data is easy to handle. Since the temporary identifier that is easy to handle in terms of security management can be used, the second aspect can be applied easily to a wider range of applications.
The system may be configured such that the transmitter 30a of the relay server device 130 sends the temporary identifier to the first terminal 10; an output unit (not shown), which is the user interface of the first terminal 10, outputs the temporary identifier; an input unit (not shown), which is the user interface of the second terminal 120, accepts the input of the temporary identifier; and the second request information includes the temporary identifier. In that case, the communication path from the second terminal 120 to the first terminal 10 is established only when a user who owns the first terminal 10 is using the second terminal 120. Therefore, the right to access the first terminal 10 can be managed.
A first embodiment is an embodiment where the first aspect is applied to a single sign-on system. The first embodiment will now be described.
[Structure]
As shown in
The target server device 240 is a server device that provides service information to the user device 220 used by the user. The user authentication device 210 is a device that authenticates the user using the user device 220. The result of user authentication made by the user authentication device 210 is sent to the target server device 240. The target server device 240 recognizes the user as an authorized user from the result and provides the service information to the user device 220. The result of user authentication made by the user authentication device 210 can also be passed to another target server device, so that once the user is authenticated, the user can use a plurality of target server devices (single sign-on).
As shown in
The shown user authentication device 210 is configured by reading predetermined programs (an operating system (OS), an application program, etc.) into a known computer having an input device such as a keyboard, input keys, a mouse, or a touch screen, an output device such as a display unit or a speaker, a central processing unit (CPU), a random access memory (RAM), a read-only memory (ROM), and the like and by executing those programs on the CPU. Known computers that can configure the user authentication device 210 described above include a personal computer, a personal digital assistant (PDA) terminal, and a cellular phone terminal. In this embodiment, the user authentication device 210 configured by using a cellular phone terminal, which is a mobile communication terminal, will be described as an example. The user authentication device 210 has the connection establishment request function but does not have the connection standby function.
As shown in
The shown user device 220 is configured by reading predetermined programs (an operating system (OS), an application program such as a browser, etc.) into a known computer having an input device such as a keyboard, input keys, a mouse, or a touch screen, an output device such as a display unit, a speaker, or a vibrator, a CPU, a RAM, a ROM, and the like and by executing the programs on the CPU. Known computers that can configure the user device 220 described above include a personal computer, a PDA terminal, and a cellular phone terminal. The user device 220 has the connection establishment request function but does not have the connection standby function.
As exemplified in
The shown relay server device 230 is configured by reading predetermined programs into a known computer having a CPU, a RAM, a ROM, and the like and by executing those programs on the CPU. Known computers that can configure the relay server device 230 include a server machine, for example. The relay server device 230 has the connection standby function.
As exemplified in
The shown target server device 240 is configured by reading predetermined programs into a known computer having a CPU, a RAM, a ROM, and the like and by executing those programs on the CPU. Known computers that can configure the target server device 240 include a server machine, for example. The target server device 240 has the connection standby function.
[Processing]
The processing in the first embodiment will be described next.
[Preprocessing]
In preprocessing, user authentication device address information (AUTADR), which is the address of the user authentication device 210, relay server device address information (ISADR), which is the address of the relay server device 230, a relay server device standby port number (ISPN-0), which is a port number assigned to the standby socket 230i of the relay server device 230, a first secret key (SK-1) of the public key encryption system, and a user authentication device identifier (AUTID), which is the identifier of the user authentication device 210, are stored in the storage section 210j of the user authentication device 210.
User device address information (UADR), which is the address of the user device 220, the relay server device standby port number (ISPN-0), which is the port number assigned to the standby socket 230i of the relay server device 230, target server device address information (TSADR), which is the address of the target server device 240, and a target server device standby port number (TSPN-0), which is a port number assigned to the standby socket 240d of the target server device 240, are stored in the memory 220j of the user device 220.
In the memory 230g of the relay server device 230, the relay server device address information (ISADR), which is the address of the relay server device 230, is stored.
Also the target server device address information (TSADR), which is the address of the target server device 240, and a first public key (PK-1) corresponding to the first secret key (SK-1), are stored in the memory 240i of the target server device 240.
[Communication Processing]
Startup of the user authentication device 210 (
The processing of step S1 is implemented by the known TCP three-way handshake, for example. Details of the processing in step S1 will be described below.
[Details of Step S1]
The first connection processor 210c of the user authentication device 210 (
The first connection establishment request information is received by the receiver 230b of the relay server device 230 (
The first connection processor 230c reads the user authentication device address information (AUTADR), the user-authentication-device-side first port number (AUTPN-1), the relay server device address information (ISADR), and the relay-server-device-side first port number (ISPN-1) from the memory 230g and generates first connection establishment request information including these pieces of information. The first connection processor 230c also generates acknowledgment information and sends the generated first connection establishment request information and acknowledgment information (for example, ACK and SYN packets) to the transmitter 230a. The transmitter 230a sends these pieces of information through the network 250 to the user authentication device 210.
The first connection establishment request information and the acknowledgment information are received by the receiver 210b of the user authentication device 210 (
The first connection processor 210c generates acknowledgment information (for example, an ACK packet) and sends it from the transmitter 210a to the relay server device 230. When the acknowledgment information is received by the relay server device 230, the first connection is established between the relay server device 230 and the user authentication device 210 (the description of [Details of step S1] is now completed).
When the first connection is established, the communication processor 210e of the user authentication device 210 (
The user authentication device identifier (AUTID) included in the first request information (RQ-1) received by the receiver 230b of the relay server device 230 is sent through the first socket 230j to the communication path endpoint association unit 230e. The communication path endpoint association unit 230e stores the user authentication device identifier (AUTID) and the first socket number (SN-1) (corresponding to first endpoint information) corresponding to the first connection in association with each other in the memory 230g (step S4).
The transmitter 220a of the user device 220 sends third connection establishment request information to the target server device 240 (
The processing of step S7 is performed in the same way as in step S1, for example. Details of step S7 will now be described in detail.
[Details of Step S7]
The third connection processor 220d of the user device 220 (
The third connection establishment request information is received by the receiver 240b of the target server device 240 (
The third connection processor 240c reads the user device address information (UADR), the user-device-side third port number (UPN-3), the target server device address information (TSADR), and the target-server-device-side third port number (TSPN-3) from the memory 240i and generates third connection establishment request information including these pieces of information. The third connection processor 240c also generates acknowledgment information and sends the generated third connection establishment request information and acknowledgment information (for example, ACK and SYN packets) to the transmitter 240a. The transmitter 240a sends these pieces of information through the network 250 to the user device 220.
The third connection establishment request information and the acknowledgment information are received by the receiver 220b of the user device 220 (
The third connection processor 220d generates acknowledgment information (for example, an ACK packet) and sends it from the transmitter 220a to the target server device 240. When the acknowledgment information is received by the target server device 240, the third connection is established between the target server device 240 and the user device 220 (the description of [Details of step S7] is now completed).
Then, the communication processor 220g of the user device 220 sends a log-in request to the third socket 220f; the third socket 220f sends the information to the transmitter 220a; and the transmitter 220a sends the information via the third connection to the target server device 240. The communication processor 240f of the target server device 240 sends input directive information (IND) to the third socket 240e; the third socket 240e sends the information to the transmitter 240a; and the transmitter 240a sends the information via the third connection to the user device 220 (step S7a). The input directive information (IND) is received by the receiver 220b of the user device 220, and this causes the output unit 220i of the user device 220 (
The communication processor 220g of the user device 220 (
The relay server device address information (ISADR), the user authentication device identifier (AUTID), and the service request information (SRQ) included in the received information are sent through the third socket 240e to the communication processor 240f. The communication processor 240f stores the relay server device address information (ISADR) and the user authentication device identifier (AUTID) in the memory 240i, generates session information (SID) corresponding to the service request information (SRQ), and stores the service request information (SRQ) and the session information (SID) in association with each other in the memory 240i (step S10).
The communication processor 240f reads the relay server device address information (ISADR), the user authentication device identifier (AUTID), the target server device address information (TSADR), and the session information (SID) from the memory 240i, and sends these pieces of information together with authentication request information (AUTRQ) to the third socket 240e. The third socket 240e sends these pieces of information to the transmitter 240a. The transmitter 240a sends these pieces of information as response information to the information sent in step S8, via the third connection, to the user device 220 (
The relay server device address information (ISADR), the user authentication device identifier (AUTID), the target server device address information (TSADR), the session information (SID), and the authentication request information (AUTRQ) included in the received information are sent through the third socket 220f to the communication processor 220g and are stored in the memory 220j.
The transmitter 220a of the user device 220 sends second connection establishment request information to the relay server device 230 (
The processing in step S13 is performed in the same way as in step S1, for example. Details of step S13 will be described in detail next.
[Details of Step S13]
The second connection processor 220c of the user device 220 (
The second connection establishment request information is received by the receiver 230b of the relay server device 230 (
The second connection processor 230d reads the user device address information (UADR), the user-device-side second port number (UPN-2), the relay server device address information (ISADR), and the relay-server-device-side second port number (ISPN-2) from the memory 230g and generates second connection establishment request information including these pieces of information. The second connection processor 230d also generates acknowledgment information and sends the generated second connection establishment request information and acknowledgment information (for example, ACK and SYN packets) to the transmitter 230a. The transmitter 230a sends these pieces of information through the network 250 to the user device 220.
The second connection establishment request information and the acknowledgment information are received by the receiver 220b of the user device 220 (
The second connection processor 220c generates acknowledgment information (for example, an ACK packet) and sends it from the transmitter 220a to the relay server device 230. When the acknowledgment information is received by the relay server device 230, a second connection is established between the relay server device 230 and the user device 220 (the description of [Details of step S13] is now completed).
The communication processor 220g of the user device 220 (
The user authentication device identifier (AUTID), the authentication request information (AUTRQ), the target server device address information (TSADR), and the session information (SID), included in the received second request information (RQ-2), are sent through the second socket 230k to the communication processor 230h, and the communication processor 230h stores these pieces of information in the memory 230g.
The communication path endpoint search unit 230f reads the user authentication device identifier (AUTID) included in the second request information (RQ-2) from the memory 230g, searches through the memory 230g for a match with the first socket number (SN-1) (corresponding to the first endpoint information) associated with the same user authentication device identifier (AUTID), and extracts the information (step S16). The extracted first socket number (SN-1) is sent to the communication processor 230h. The first socket number (SN-1) must be extracted by the processing in step S16 because the processing by the relay server device 230 in steps S1 to S4 and the processing by the relay server device 230 in step S13 and thereafter are executed in different threads or processes.
The communication processor 230h of the relay server device 230 reads the authentication request information (AUTRQ), the target server device address information (TSADR), and the session information (SID) from the memory 230g and sends the read information to the first socket 230j corresponding to the first socket number (SN-1) extracted in step S16. The first socket 230j sends the authentication request information (AUTRQ), the target server device address information (TSADR), and the session information (SID) (corresponding to the transmission information) to the transmitter 230a. The transmitter 230a sends the transmission information via the first connection, as response information to the information sent in step S2 (step S17). The transmission information is received by the receiver 210b of the user authentication device 210 (
The authentication request information (AUTRQ), the target server device address information (TSADR), and the session information (SID) included in the received information are sent through the first socket 210d to the communication processor 210e. The communication processor 210e sends the authentication request information (AUTRQ) to the authentication processor 210g and stores the target server device address information (TSADR) and the session information (SID) in the memory 210j.
The communication processor 210e, to which the authentication request information (AUTRQ) has been sent, causes the output unit 210i, which is a user interface, to output input directive information (IND) (step S19). The input directive information (IND) is directive information which prompts the user to input authentication information required in user authentication. In the example described in the first embodiment, information prompting the input of a choice as to whether to authenticate the user is output as the input directive information (IND). The input directive information (IND) can be provided in any form, such as an image, video, sound, vibration, etc. For example, an image having a message asking whether to send the result of authentication and a Yes/No choice button, together with an alarm sound, is output as the input directive information (IND).
The user, upon noticing the output input directive information (IND), inputs authentication information (AUT) to the input unit 210h of the user authentication device 210, which is a user interface (step S20). The authentication information (AUT) in the example shown in this embodiment is information indicating the selection as to whether to authenticate the user. For example, if the input directive information (IND) has an image showing a message asking whether to send the authentication result and a Yes/No choice button, together with an alarm sound, the user uses the input unit 210h to select the Yes button or the No button to input the selection information as authentication information (AUT).
The authentication information (AUT) input to the input unit 210h is sent to the authentication processor 210g. On condition that the authentication information (AUT) is the information indicating selection made to authenticate the user, the authentication processor 210g generates authentication result information (AUTRS) (corresponding to reply information) indicating that the user authentication has succeeded and stores the authentication result information (AUTRS) in the memory 210j (step S21). This means that the user is approved as an authorized user because the user is in an environment in which information can be input to the input unit 210h of the user authentication device 210 (the user owns the user authentication device 210, for example). The signature generator 210f reads a first secret key (SK-1) and the authentication result information (AUTRS) from the memory 210j, generates signature information (SIGN) (signature information of the authentication result information (AUTRS)) obtained by encrypting information including the authentication result information (AUTRS) using the first secret key (SK-1) with the public key encryption system, and stores the signature information (SIGN) in the memory 210j (step S22).
The communication processor 210e reads the authentication result information (AUTRS), the signature information (SIGN), the target server device address information (TSADR), and the session information (SID) (corresponding to the reply information) from the memory 210j and sends the reply information to the first socket 210d. The first socket 210d sends the reply information to the transmitter 210a, and the transmitter 210a sends the reply information via the first connection (step S23). The sent reply information is received via the first connection by the receiver 230b of the relay server device 230 (
The communication processor 230h of the relay server device 230 reads the authentication result information (AUTRS), the signature information (SIGN), the target server device address information (TSADR), and the session information (SID) from the memory 230g and sends these pieces of information to the second socket 230k. The communication processor 230h can identify the second socket 230k because the processing by the relay server device 230 in steps S13 to S29 has been executed in the same thread and because the second socket number (SN-2) of the second connection established in step S13 has been stored in the temporary memory 230p during the processing. The second socket 230k sends the authentication result information (AUTRS), the signature information (SIGN), the target server device address information (TSADR), and the session information (SID) (corresponding to the transmission information) to the transmitter 230a. The transmitter 230a sends the transmission information as response information to the information sent in step S14, via the second connection (step S25). The transmission information is received via the second connection by the receiver 220b of the user device 220 (
The first connection processor 210c of the user authentication device 210 and the first connection processor 230c of the relay server device 230 release the first connection by TCP processing, for example (step S27). This deletes the first socket 210d and the first socket 230j and also deletes the first socket number (SN-1) and the associated information from the memory 210j and the memory 230g. The communication processor 230h of the relay server device 230 disassociates the user authentication device identifier (AUTID) from the first socket number (SN-1), stored in the memory 230g (step S28). The second connection processor 220c of the user device 220 and the second connection processor 230d of the relay server device 230 release the second connection by TCP processing, for example (step S29). This deletes the second socket 220e and the second socket 230k and also deletes the second socket number (SN-2) and the associated information from the memory 220j and the memory 230g.
The communication processor 220g of the user device 220 (
The authentication result verifier 240g reads a first public key (PK-1), the authentication result information (AUTRS), and the signature information (SIGN) from the memory 240i, decrypts the signature information (SIGN) by using the first public key (PK-1), and compares the decryption result and the authentication result information (AUTRS). The authentication result verifier 240g verifies the signature information (SIGN) by this comparison, judges the validity of the authentication result information (AUTRS), and outputs the result of judgment (step S32). The result of judgment is input to the permission unit 240h. If the result of judgment indicates that the authentication result information (AUTRS) is invalid (rejection) (step S33), the permission unit 240h rejects the log-in of the user device 220 (step S34).
If the result of judgment indicates that the authentication result information (AUTRS) is valid (acceptance) (step S33), the permission unit 240h permits the log-in of the user device 220 (step S35) and also permits the communication of service information (SERV) between the target server device 240 and the user device 220.
When the service information (SERV) communication is allowed, the communication processor 240f reads service request information (SRQ) associated with the same session information (SID) as that received in step S31 from the memory 240i. Then, the communication processor 240f identifies the service information (SERV) corresponding to a service request identified by the service request information (SRQ). The service information (SERV) is sent through the third socket 240e to the transmitter 240a, and the transmitter 240a sends the identified service information (SERV) as response information to the information sent in step S30, via the third connection to the user device 220 (step S36).
The third connection processor 220d of the user device 220 and the third connection processor 240c of the target server device 240 release the third connection by TCP processing, for example (step S37). This deletes the third socket 220f and the third socket 240e and also deletes the third socket number (SN-3) and the associated information from the memory 220j and the memory 240i.
[Features of First Embodiment]
In the first embodiment, the relay server device 230 having the connection standby function is provided; the transmission of the first connection establishment request information to the relay server device 230, by the user authentication device 210, causes the first connection to be established between the relay server device 230 and the user authentication device 210; and the relay server device 230 stores the user authentication device identifier (AUTID) and the first socket number (SN-1) corresponding to the first connection in association with each other in the memory 230g. Then, the user device 220 sends the second connection establishment request information to the relay server device 230 at a desired timing. This causes the relay server device 230 and the user device 220 to establish the second connection between the relay server device 230 and the user device 220. This allows the user device 220 to have a communication path to the user authentication device 210 not having the connection standby function (from the user device 220 to the user authentication device 210 through the second connection, the relay server device 230, and the first connection) at a desired timing, so that information can be sent there.
The communication path from the user device 220 to the user authentication device 210 can be established in the same way, so that the user device 220 can send information to the user authentication device 210 not having the connection standby function at a desired timing and can receive the response information. In this type of processing, the user device 220 does not need the connection standby function.
In the first embodiment, the system can be configured such that the interface on the side of the user device 220 conforms to standard specifications (such as OASIS SAML), the specifications of the user authentication device 210 conform to the specifications of the cellular phone, and the relay server device 230 is provided with a function to convert the difference between the specifications (format conversion function).
In the first embodiment, the user can present authentication information (AUT) needed in user authentication processing to the user authentication device 210 without using the network 250. Therefore, the authentication information (AUT) will not be stolen by a third party by eavesdropping on the network 250.
The single sign-on function can be implemented by the user authentication device 210 performing the user authentication processing and the target server device 240 using the result of authentication.
The user authentication device 210 and the user device 220 are provided in different housings. Therefore, the user who owns the user authentication device 210 can use a given device as the user device 220.
In the first embodiment, the validity of the user can be verified by checking whether the user can perceive the input directive information (IND) and can input the authentication information (AUT) through the user interface of the user authentication device 210. Therefore, the validity of the user can be confirmed without performing complicated personal authentication processing using a password or the like.
In step S7c of the first embodiment, the user inputs the user authentication device identifier (AUTID) of the user authentication device 210 directly to the input unit 220h, and in step S8 of the first embodiment, the user authentication device identifier (AUTID) is sent to the target server device 240. However, the system may be configured such that the user authentication device identifier (AUTID) and information identifying it (URL or the like) are stored in association with each other in the memory 210j of the user authentication device 210, and if the user inputs the information identifying the user authentication device identifier (AUTID) to the input unit 220h in step S7c, the user authentication device identifier (AUTID) associated with the input information is sent to the target server device 240 in step S8. In that case, it is preferable that the bit length of the information identifying the user authentication device identifier (AUTID) be shorter than the bit length of the user authentication device identifier (AUTID). Then, both user convenience and security can be provided. As the bit length of the information identifying the user authentication device identifier (AUTID) decreases, the user can handle it more easily, and as the bit length of the user authentication device identifier (AUTID) increases, the degree of security increases. In this modified embodiment, by storing the user authentication device identifier (AUTID) and the information identifying the identifier in association with each other in the user authentication device 210, the two merits can coexist.
A second embodiment is a modification of the first embodiment. The second embodiment differs from the first embodiment in the following points: A connection is established, an information request is sent, and when the response information is returned, the connection is released (HTTP, etc.); even in that case, the relay server device stores the session information (SID) and the second socket number (SN-2) in association with each other in the memory, so that the endpoint of the second connection can be detected. The differences from the first embodiment will be mainly described below, and a description of items common to the first embodiment will be omitted.
[Structure]
As shown in
[Processing]
Processing in the second embodiment will be described next.
[Preprocessing]
Preprocessing is the same as that in the first embodiment, and a description thereof will be omitted.
[Communication Processing]
By processing identical to step S1 in the first embodiment, the user authentication device 210 and the relay server device 330 establish a first connection, and processing identical to steps S2 to S4 is executed. Then, the user device 220 and the target server device 240 establish a third connection by processing identical to step S7, and the third connection is released by executing processing identical to step S7a (step S100). This causes processing identical to steps S7b to S7c to be executed, and by the processing identical to step S7, the user device 220 and the target server device 240 establish a third connection, and then processing identical to steps S8 to S12 is executed. Then, the user device 220 and the target server device 240 release the third connection (step S101). By processing identical to step S13 in the first embodiment, the user device 220 and the relay server device 330 establish a second connection, and processing identical to steps S14 and S15 is executed.
The communication path endpoint association unit 330e of the relay server device 330 stores the session information (SID) included in the second request information (RQ-2) received in step S15 and the second socket number (SN-2) (corresponding to the second endpoint information) of the second socket 230k corresponding to the second connection in association with each other in the memory 230g (step S102).
Processing identical to steps S16 to S18 in the first embodiment is executed, and then the user authentication device 210 and the relay server device 330 release the first connection (step S103). The communication processor 230h of the relay server device 330 disassociates the user authentication device identifier (AUTID) from the first socket number (SN-1), stored in the memory 230g (step S104). The user authentication device 210 then executes processing identical to steps S19 to S22 in the first embodiment.
By the processing identical to step S1 in the first embodiment, the user authentication device 210 and the relay server device 330 establish a first connection, and processing identical to steps S23 and S24 is executed.
The communication path endpoint search unit 330f of the relay server device 330 searches through the memory 230g for a match with the session information (SID) included in the reply information (the authentication result information (AUTRS), the signature information (SIGN), the target server device address information, and the session information (SID)) and extracts the second socket number (SN-2) (corresponding to the second endpoint information) associated with the same session information (SID) as that included in the reply information (step S108). The second socket number (SN-2) associated with the session information (SID) must be extracted in the processing in step S108 because the processing of the relay server device 230 in step S13, where the second connection is established, and the processing in step S109 and thereafter that use the second connection are executed in different threads or processes.
The communication processor 230h of the relay server device 330 reads the reply information from the memory 230g and sends the read information to the second socket 230k corresponding to the second socket number (SN-2) extracted in step S108. The second socket 230k sends the reply information to the transmitter 230a, and the transmitter 230a sends the reply information as response information to the information sent in step S14, via the second connection (step S109). The reply information is received via the second connection by the receiver 220b of the user device 220 (step S110).
The user device 220 and the relay server device 330 release the second connection (step S111), the user authentication device 210 and the relay server device 330 release the first connection (step S112), and the communication processor 230h of the relay server device 330 disassociates the session information (SID) from the second socket number (SN-2), stored in the memory 230g (step S113).
By the processing identical to step S7 in the first embodiment, the user device 220 and the target server device 240 establish a third connection, and processing identical to steps S30 to S37 is executed.
[Features of Second Embodiment]
In the second embodiment, the communication processing is performed in accordance with a protocol such as HTTP or HTTPS, where a connection is established, an information request is sent, and when the response information is returned, the connection is released. In the processing, the thread (or process) in which the relay server device 330 and the user device 220 establish the second connection in step S13 differs from the thread (or process) in which the relay server device 330 and the user authentication device 210 establish and execute the first connection in a second round in step S109. Normally, the relay server device 330 cannot know the second socket number (SN-2) corresponding to the second connection established in a different thread (or process) in the processing of step S109.
In the second embodiment, however, the relay server device 330 stores the session information (SID) and the second socket number (SN-2) of the second connection in association with each other in the memory 230g (step S102), and before step S109 is executed, the memory 230g is searched for the session information (SID) included in the reply information, and the second socket number (SN-2) associated with the same session information (SID) as that included in the reply information is extracted (step S108). Accordingly, in the processing in step S109, the relay server device 330 can know the second socket number (SN-2) corresponding to the second connection established in another thread (or process) and can send the response information to the user device 220 via the second connection.
The other features are the same as those of the first embodiment.
A third embodiment is an embodiment applying the second aspect to a single sign-on system. The third embodiment will now be described.
[Structure]
As shown in
As shown in
[Preprocessing]
Preprocessing is the same as that in the first embodiment, and a description thereof will be omitted.
[Communication Processing]
By processing identical to step S1 in the first embodiment, the user authentication device 410 and the relay server device 430 establish a first connection. After the first connection is established, the communication processor 210e of the user authentication device 410 (
By processing identical to step S7 in the first embodiment, the user device 420 and the target server device 440 establish a third connection, and processing identical to step S7a is executed. Then, the output unit 220i of the user device 420 (
The communication processor 220g of the user device 420 (
The relay server device address information (ISADR), the temporary identifier (TID), and the service request information (SRQ) included in the received information are sent through the third socket 240e to the communication processor 240f. The communication processor 240f stores the relay server device address information (ISADR) and the temporary identifier (TID) in the memory 240i, generates session information (SID) corresponding to the service request information (SRQ), and stores the service request information (SRQ) and the session information (SID) in association with each other in the memory 240i (step S212).
The communication processor 240f reads the relay server device address information (ISADR), the temporary identifier (TID), the target server device address information (TSADR), and the session information (SID) from the memory 240i and sends them together with authentication request information (AUTRQ) to the third socket 240e. The third socket 240e sends these pieces of information to the transmitter 240a. The transmitter 240a sends these pieces of information as response information to the information sent in step S210, via the third connection to the user device 420 (
By processing identical to step S13 in the first embodiment, the user device 420 and the relay server device 430 establish a second connection.
The communication processor 220g of the user device 420 (
Processing identical to steps S17 to S27 in the first embodiment is executed, and the communication processor 230h of the relay server device 430 disassociates the temporary identifier (TID), the user authentication device identifier (AUTID), and the first socket number (SN-1), stored in the memory 230g (step S218). Then, processing identical to steps S29 to S37 in the first embodiment is executed.
[Features of Third Embodiment]
In the third embodiment, the temporarily generated temporary identifier (TID) and the first socket number (SN-1) are stored in association with each other in the relay server device 430, so that the endpoint of the first connection can be detected. Instead of the user authentication device identifier (AUTID), the temporary identifier (TID) is sent to the target server device 440. This improves the degree of security, in comparison with the method of sending the user authentication device identifier (AUTID) to the target server device 440. The other features are the same as those in the first embodiment.
A fourth embodiment is a modification of the third embodiment. The fourth embodiment differs from the third embodiment in the following points: A connection is established, an information request is sent, and when the response information is returned, the connection is released (HTTP, etc.); even in that case, the relay server device stores the session information (SID) and the second socket number (SN-2) in association with each other in the memory, so that the endpoint of the second connection can be detected.
[Structure]
As shown in
[Processing]
Processing in the fourth embodiment will be described next.
[Preprocessing]
Preprocessing is the same as that in the first embodiment, and a description thereof will be omitted.
[Communication Processing]
Startup of the user authentication device 510 (
The processing in step S301 is performed in the same way as in step S1 in the first embodiment, for example. This generates the fourth socket 510d in the user authentication device 510 (
Processing identical to steps S201 to S206 in the third embodiment is executed via the established fourth connection, and then the fourth connection between the relay server device 530 and the user authentication device 510 is released.
By this processing, the temporary identifier (TID) received by the receiver 210b of the user authentication device 510 is sent through the fourth socket 510d to the communication processor 210e, and the communication processor 210e stores the temporary identifier in the memory 210j. The temporary identifier (TID) is further sent to the output unit 410i, and the output unit 410i outputs it (step S303). Then, by the processing identical to step S1 in the first embodiment, the relay server device 530 and the user authentication device 510 establish a first connection, and processing identical to steps S2 to S4 in the first embodiment is executed. This causes the user authentication device identifier (AUTID) and a first socket number (SN-1) (first contact point information) to be stored in association with each other in the memory 230g of the relay server device 530.
By processing identical to step S7 in the first embodiment, the user device 420 and the target server device 440 establish a third connection, and after processing identical to step S7a is executed, the third connection is released (step S303a). Then, processing identical to steps S208 and S209 in the third embodiment is executed, and by the processing identical to step S7 in the first embodiment, the user device 420 and the target server device 440 establish a third connection. After processing identical to steps S210 to S214 in the third embodiment is executed, the third connection is released (step S304).
By processing identical to step S13 in the first embodiment, the user device 420 and the relay server device 430 establish a second connection.
The communication processor 220g of the user device 420 (
The communication path endpoint association unit 330e of the relay server device 530 stores the session information (SID) included in the second request information (RQ-2) received in step S306 and the second socket number (SN-2) (corresponding to the second endpoint information) of the second socket 230k corresponding to the second connection in association with each other in the memory 230g (step S307).
The communication path endpoint search unit 230f reads the temporary identifier (TID) included in the second request information (RQ-2) from the memory 230g. The communication path endpoint search unit 230f extracts the user authentication device identifier (AUTID) associated with the same temporary identifier (TID) from the memory 230g and also extracts a first socket number (SN-1) (corresponding to the first endpoint information) associated with the user authentication device identifier (AUTID), from the memory 230g (step S308). The extracted first socket number (SN-1) is sent to the communication processor 230h.
After processing identical to steps S17 and S18 in the first embodiment is executed, the first connection is released. Then, the communication processor 230h of the relay server device 530 disassociates the temporary identifier (TID), the user authentication device identifier (AUTID), and the first socket number (SN-1), stored in the memory 230g (step 5310).
Processing identical to steps S19 to S22 in the first embodiment is executed. Then (
The communication path endpoint search unit 330f of the relay server device 530 searches through the memory 530g for a match with the session information (SID) included in the reply information (the authentication result information, the signature information, the target server device address information, and the session information) and extracts the second socket number (SN-2) (corresponding to the second endpoint information) associated with the same session information (SID) as included in the reply information (step S108).
The communication processor 230h of the relay server device 530 reads the reply information from the memory 230g and sends the read information to the second socket 230k corresponding to the second socket number (SN-2) extracted in step S108. The second socket 230k sends the reply information to the transmitter 230a, and the transmitter 230a sends the reply information as response information to the information sent in step S14, via the second connection (step S109). The reply information is received via the second connection by the receiver 220b of the user device 420 (step S110).
The user device 420 and the relay server device 530 release the second connection (step S111), the user authentication device 510 and the relay server device 530 release the first connection (step S112), and the communication processor 230h of the relay server device 530 disassociates the session information (SID) from the second socket number (SN-2), stored in the memory 230g (step S113).
By the processing identical to step S7 in the first embodiment, the user device 420 and the target server device 440 establish a third connection, and processing identical to steps S30 to S37 is executed.
[Features of Fourth Embodiment]
In the fourth embodiment again, the temporarily generated temporary identifier (TID) is stored in association with the first socket number (SN-1) in the relay server device 530, so that the endpoint of the first connection can be detected. Instead of the user authentication device identifier (AUTID), the temporary identifier (TID) is sent to the target server device 440. This improves the degree of security in comparison with the method of sending the user authentication device identifier (AUTID) to the target server device 440.
In the fourth embodiment, the communication processing is performed in accordance with a protocol such as HTTP or HTTPS, where a connection is established, an information request is sent, and when the response information is returned, the connection is released. In the processing, the thread (or process) in which the relay server device 530 and the user device 420 establish the second connection in step S13 differs from the thread (or process) in which the relay server device 530 and the user authentication device 510 establish and execute the first connection in a second round in step S109. Normally, the relay server device 530 cannot know the second socket number (SN-2) corresponding to the second connection established in a different thread (or process) in the processing of step S109.
In the fourth embodiment, however, the relay server device 530 stores the session information (SID) and the second socket number (SN-2) of the second connection in association with each other in the memory 230g (step S307), and before step S109 is executed, the memory 230g is searched for a match with the session information (SID) included in the reply information, and the second socket number (SN-2) associated with the same session information (SID) as that included in the reply information is extracted (step S108). Accordingly, in the processing of step S109, the relay server device 530 can know the second socket number (SN-2) corresponding to the second connection established in another thread (or process) and can send the response information to the user device 220 via the second connection. The other features are the same as those in the first embodiment.
A fifth embodiment is a modification of the embodiments described earlier. The fifth embodiment differs from the embodiments described earlier in the following points: The relay server device generates the sign information (SIGN) of the authentication result information (AUTRS) by using a first secret key (SK-1) of the user authentication device (corresponding to the first terminal); the target server device verifies a public key certificate (CER) by using a second public key (PK-2); and the target server device verifies the signature information (SIGN) by using the first public key (PK-1) included in the public key certificate (CER). This modification can be made to any of the first to fourth embodiments. For simplification of description, an example where this modification is made to the first embodiment will now be described. Its differences from the first embodiment will be described mainly, and a description of items common to the first embodiment will be omitted.
[Structure]
As shown in
[Processing]
Processing in the fifth embodiment will be described next.
[Preprocessing]
The certificate issuing server device 650 issues a public key certificate (CER) including a first public key (PK-1) and encrypted text obtained by encrypting information including the first public key (PK-1), using a second secret key of the certificate issuing server device 650. The issued public key certificate (CER) is stored in the memory 210j of the user authentication device 610. The second public key (PK-2) corresponding to the second secret key is stored in the memory 230g of the relay server device 630 and the memory 240i of the target server device 640.
User authentication device address information (AUTADR), relay server device address information (ISADR), and a relay server device standby port number (ISPN-0) are stored in the memory 210j of the user authentication device 610. Relay server device address information (ISADR), a first secret key (SK-1) of the user authentication device 610 corresponding to the first public key (PK-1), and a second public key (PK-2) corresponding to the second secret key are stored in the memory 230g of the relay server device 630. Target server device address information (TSADR) and the second public key (PK-2) corresponding to the second secret key are stored in the memory 240i of the target server device 640.
Preprocessing of the user device 220 is the same as that in the first embodiment.
[Communication Processing]
As in step S1 in the first embodiment, the relay server device 630 and the user authentication device 610 establish a first connection, and processing identical to steps S2 to S21 is executed.
The communication processor 210e of the user authentication device 610 reads the authentication result information (AUTRS), the target server device address information (TSADR), and the session information (SID) (corresponding to the reply information) from the memory 210j and sends the read information to the first socket 210d. The first socket 210d sends the information to the transmitter 210a, and the transmitter 210a sends the reply information via the first connection (step S408). The sent reply information is received via the first connection by the receiver 230b of the relay server device 630 (
The signature generator 630r reads the first secret key (SK-1) and the authentication result information (AUTRS) from the memory 230g, generates signature information (SIGN) (signature information of the authentication result information (AUTRS)) by encrypting information including the authentication result information (AUTRS), using the first secret key (SK-1) with the public key encryption system, and stores the signature information (SIGN) in the memory 230g (step S410).
The communication processor 230h of the relay server device 630 reads the authentication result information (AUTRS), the signature information (SIGN), the public key certificate (CER), the target server device address information (TSADR), and the session information (SID) from the memory 230g and sends the read information to the second socket 230k. The second socket 230k sends the authentication result information (AUTRS), the signature information (SIGN), the public key certificate (CER), the target server device address information (TSADR), and the session information (SID) (corresponding to the transmission information) to the transmitter 230a. The transmitter 230a sends the transmission information as response information to the information sent in step S14, via the second connection (step S411). The transmission information is received via the second connection by the receiver 220b of the user device 620 (
The user authentication device 610 and the relay server device 630 release the first connection (step S413), and the communication processor 230h of the relay server device 630 disassociates the user authentication device identifier (AUTID) from the first socket number (SN-1), stored in the memory 230g (step S414). The user device 620 and the relay server device 630 release the second connection (step S415).
The communication processor 220g of the user device 220 (
The public key certificate verifier 640m reads the public key certificate (CER) and the second public key (PK-2) from the memory 240i, verifies the public key certificate (CER) by using the second public key (PK-2), judges whether the public key certificate (CER) is valid, and outputs the result of judgment (step S418). The result of judgment is sent to the permission unit 240h. If the result of judgment indicates that the public key certificate (CER) is invalid, the permission unit 240h rejects the log-in of the user device 220 (step S420).
If the result of judgment indicates that the public key certificate (CER) is valid, processing identical to steps S32 to S37 in the first embodiment is executed.
[Features of Fifth Embodiment]
The public key encryption system, which requires a large amount of computation, is usually used for the signature information (SIGN). Accordingly, if the user authentication device 610 is a device with a low computational performance (a mobile communication terminal such as a cellular phone terminal), the generation of the signature information (SIGN) in the user authentication device 610 is not desirable, in terms of performance efficiency. In the fifth embodiment, however, the user authentication device 610 does not generate the signature information (SIGN); the signature generator 630r of the relay server device 630 generates the signature information (SIGN) of the authentication result information (AUTRS) by using the first secret key (SK-1) of the user authentication device 610 (corresponding to the first terminal) (step S410). As a result, if the relay server device 630 has higher computational performance than the user authentication device 610, the processing speed of the entire system can be improved.
A sixth embodiment is a modification of the first to fourth embodiments. The sixth embodiment differs from the first to fourth embodiments in the following point: When the user authentication device (corresponding to the first terminal) accesses the relay server device, the user authentication device generates signature information (SIGN) of the authentication result information (AUTRS) by using its first secret key (SK-1) and sends the signature information to the relay server device, and the relay server device authenticates the user authentication device by verifying the signature information (SIGN). In this modification, the signature information (SIGN) used in user authentication by the target server device is used also in the authentication of the user authentication device by the relay server device. The modification can be made to any of the first to fourth embodiments described earlier. For simplification of description, an example where this modification is made to the first embodiment will now be described. Its differences from the first embodiment will be described mainly, and a description of items common to the first embodiment will be omitted.
As shown in
[Processing]
Processing in the sixth embodiment will be described next.
[Preprocessing]
Preprocessing in the sixth embodiment is the same as that in the first embodiment except that the first public key (PK-1) corresponding to the first secret key (SK-1) of the user authentication device 210 has been stored in the memory 230g of the relay server device 230.
[Communication Processing]
Processing identical to steps S1 to S24 is executed. This causes reply information including signature information (SIGN) obtained by encrypting information including the authentication result information (AUTRS), using the first secret key with the public key encryption system, to be sent from the user authentication device 210 to the relay server device 730 via the first connection. The signature information (SIGN) is sent to the first terminal authentication unit 730q, and the first terminal authentication unit 730q verifies the signature information (SIGN) by using the first public key (PK-1) read from the memory 230g (step S501). If the result of verification of the signature information (SIGN) is rejection (step S502), the processing ends with failure of terminal authentication of the user authentication device 210 (step S503). If the result of verification of the signature information (SIGN) is acceptance (step S502), the terminal authentication of the user authentication device 210 succeeds (step S504), and processing identical to steps S25 to S37 is executed.
[Features of Sixth Embodiment]
The signature information (SIGN) used in user authentication (steps S32 to S35) in the target server device is used also in the authentication of the user authentication device by the relay server device (steps S501 to S504). This can improve the degree of system security without increasing the amount of computation in the user authentication device.
[Modifications etc.]
The present invention is not confined to the embodiments described above. For example, the user authentication device identifier (AUTID) may be generated randomly each time a series of processing is executed in each of the embodiments. This improves the degree of security. The processing described above may be performed in any protocol other than HTTP and HTTPS, such as the simple object access protocol (SOAP).
The processing described above may be executed in the order in which it is described and may be executed in parallel or separately in accordance with the processing capability of the device that executes the processing or as necessary. Naturally, any modification can be made within the scope of the present invention.
If the structure described above is implemented by a computer, the processing of the function to be provided by each device is described in a program. By executing the program on the computer, the corresponding processing function is implemented on the computer.
The program describing the processing can be recorded on a computer-readable recording medium. The computer-readable recording medium can be any type of magnetic recording device, optical disc, magneto-optical recording medium, or semiconductor memory, for example. More specifically, a hard disk drive, a flexible disk, a magnetic tape or the like can be used as the magnetic recording device; a DVD (digital versatile disc), DVD-RAM (random access memory), CD-ROM (compact disc read only memory), CD-R/RW (recordable/rewritable), or the like can be used as the optical disc; an MO (magneto-optical disc) or the like can be used as a magneto-optical recording medium; and an EEP-ROM (electronically erasable and programmable read only memory) or the like can be used as the semiconductor memory, for example.
The program is distributed by selling, transferring, or lending a portable recording medium, such as a DVD or a CD-ROM, with the program recorded on it, for example. The program may also be distributed by storing the program in a storage device of a server computer and transferring the program from the server computer through a network to another computer.
The computer which executes this type of program first temporarily stores the program recorded on the portable recording medium or the program transferred from the server computer in its own storage device. When executing the processing, the computer reads the program stored in its recording medium and executes the processing in accordance with the read program. In another style of program execution, the computer may read the program directly from the portable recording medium and may execute the processing in accordance with the program. Further, the computer may also execute the processing in accordance with the received program each time the program is transferred from the server computer. The processing may also be executed by a so-called application service provider (ASP) service, in which a server computer does not transfer the program to a local computer, and the processing of the function is implemented just by giving execution instructions and receiving results. The program in the embodiments described above includes information used in the processing by the computer and close to a program (not a direct instruction to the computer but data having a characteristic of specifying the processing of the computer).
Although the device is implemented by executing the predetermined program on the computer in the embodiments described above, at least a part of the processing can be implemented by hardware.
The field of application of the present invention is a single sign-on system using a cellular phone terminal as a user authentication device, for example.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2007-207411 | Aug 2007 | JP | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/JP2008/059825 | 5/28/2008 | WO | 00 | 5/3/2010 |
