JP2004341597A - Secured attribute authentication system, attribute certificate issuance server and access control server - Google Patents

Secured attribute authentication system, attribute certificate issuance server and access control server Download PDF

Info

Publication number
JP2004341597A
JP2004341597A JP2003134313A JP2003134313A JP2004341597A JP 2004341597 A JP2004341597 A JP 2004341597A JP 2003134313 A JP2003134313 A JP 2003134313A JP 2003134313 A JP2003134313 A JP 2003134313A JP 2004341597 A JP2004341597 A JP 2004341597A
Authority
JP
Japan
Prior art keywords
attribute certificate
server
amount
user terminal
personal information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2003134313A
Other languages
Japanese (ja)
Inventor
Takahiro Matsumura
隆宏 松村
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to JP2003134313A priority Critical patent/JP2004341597A/en
Publication of JP2004341597A publication Critical patent/JP2004341597A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

<P>PROBLEM TO BE SOLVED: To provide an attribute authentication system that can guarantee identity while keeping personal information secret and recover damages in case of trouble. <P>SOLUTION: A user terminal 1 requests access to an access control server 2, receives a server policy 24 for access permission, and sends the server policy 24 and electronic money to an attribute certificate issuance server 3 to request the issuance of an attribute certificate. The attribute certificate issuance server 3 extracts personal information about the user of the user terminal 1 from a personal information database 32, issues an attribute certificate with the received amount of electronic money set as an amount of security at an attribute certificate issuance part 34, and sends it to the user terminal 1. The user terminal 1 sends the attribute certificate to the access control server 2. The access control server 2 checks the contents of the attribute certificate against the server policy 24 to determine access availability. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

【0001】
【発明の属する技術分野】
本発明は、個人情報を秘匿しつつアクセス制御を行う認証システムに関する。
【0002】
【従来の技術】
ネットワークサービスへのアクセス制御ではシステム側は個人情報の提示を求めるが、ユーザ側では個人情報の悪用懸念から、身元が確実であることは示しながらも個人情報をできるだけ提示せずに済ませたい、という要望があった。
【0003】
そうした要望にこたえる方式として、特許文献1では、信頼ある個人情報を基にアクセス制御が可能になって、個人情報を秘匿しながらの身元保証が可能になっている。
【0004】
【特許文献1】
特開2002−132730号公報
【0005】
【発明が解決しようとする課題】
しかしながら、特許文献1は下記のような問題点があった。
【0006】
ユーザ側の行為が原因でトラブルが発生すると、アクセスを許可したシステム側はユーザを特定することはできるが、ユーザに損害を賠償させるためには、なお損害賠償請求の裁判を起こす等の行動を取らなければならない。システム側は裁判にかかる経費が大きいのに損害賠償請求額が小さい場合は、うかつに裁判を起こせない。こうして、少額の損害を与えた場合にはユーザ側が裁判に訴えられる可能性が少ないために、ユーザに対してトラブルを起こさせない抑止力は期待できない。トラブルが発生した場合に、システム側が損害額を迅速に回収できる仕組みがない。
【0007】
そこで、本発明の目的は、個人情報を秘匿しながら身元保証し、かつトラブル発生後は損害額を回収可能な担保付き属性認証システムを提供することにある。
【0008】
【課題を解決するための手段】
上記目的を達成するために、本発明の属性認証システムは、
ネットワークに接続された1つ以上のユーザ端末と、
開示すべき個人情報項目と、その第三者認証の必要性と、担保金の額を内容とするサーバポリシーが設定され、各ユーザ端末に前記サーバポリシーと要属性証明書を通知して、アクセス要求を受信した場合には添付された属性証明書の内容を前記サーバポリシーと照合してアクセス可否を判別するアクセス制御サーバと、
ユーザ端末から前記サーバポリシーを受け取り、属性証明書の発行要求を受け付けると、個人情報データベースに登録されている、前記ユーザ端末のユーザの個人情報を取り出し、担保金の額が設定された属性証明書を作成して、前記発行要求を送付したユーザ端末に送る属性証明書発行サーバを有する。
【0009】
もしもユーザがサービスを利用した結果、不法行為等サービス提供者に損害を与えた場合、アクセス制御サーバは受け取った属性証明書のIDを属性証明書発行サーバに対して送り、担保額の電子マネーの差し押さえを要求することができる。この結果、サービス提供側の泣き寝入りを少なくすることが期待できる。
【0010】
【発明の実施の形態】
次に、本発明の実施の形態について図面を参照して説明する。
【0011】
図1は本発明の一実施形態の認証システムの構成図である。
【0012】
本実施形態の認証システムはユーザ端末1とアクセス制御サーバ2と属性証明書発行サーバ3からなり、これらはネットワーク4で互いに接続される。
【0013】
ユーザ端末1はネットワーク4を介して他ノードとデータを送受信するデータ送受信部11と、送受信部11等を制御する制御部12を含む。アクセス制御サーバ2は、データを送受信するデータ送受信部21と、サービスポリシー24を管理し、サービスへのアクセスを許可するか否かを判定するサービス許可判定部22と、サービス許可判定部22等を制御する制御部23を含む。属性証明書発行サーバ3は、データを送受信するデータ送受信部31と、個人情報データベース32と、個人情報データベース32を管理するデータベース管理部33と、属性証明書を発行する属性証明書発行部34と、データ送受信部31とデータベース管理部33と属性証明書発行部34を制御する制御部35を含む。個人情報データベース32は、ユーザID・氏名・連絡先(住所)・生年月日・性別・ハンドル名・所属・メールアドレス・預託された電子マネー額等を管理している。
【0014】
図2は、アクセス制御サーバ2でサービス利用許可のために設定されたサーバポリシー24のデータ構造の例を示す。サーバポリシー24は、サーバのURL(Uniform Resource Locator)アドレス、サービスを提供するディレクトリのURLアドレスと、サービスのIDと、サービスを利用するために必要な情報を含む。サービスを利用するために必要な情報には、個人に関する何らかの属性情報(例えば、ハンドル名)、第三者機関での認証が必要か否か、サービス利用に伴うトラブルで発生した損害をユーザに補償してもらうために担保として要求する電子マネーの額が含まれる。
【0015】
図3は、属性証明書発行サーバ3で発行される担保付き属性証明書のデータ構造の例を示す。担保付き属性証明書には、属性証明書のIDと、認証機関のID、サーバポリシーで開示を要求された属性情報(この例ではハンドル名)、証明書の有効期間、担保として認証機関がユーザから預託された電子マネーの金額、有効対象であるアクセス制御サーバのID、認証機関のデジタル署名を含む。
【0016】
図4はユーザ端末1の処理を示すフローチャートである。アクセス制御サーバ2へアクセス要求を送信する(ステップ101)。アクセス制御サーバ2からアクセス許可のためのサーバポリシー24を受け取る(ステップ102)。属性証明書発行サーバ3に、受け取ったサーバポリシー24と電子マネーを送り、属性証明書の発行を依頼する(ステップ103)。属性証明書発行サーバ3から担保付き属性証明書を受け取る(ステップ104)。アクセス制御サーバ2に担保付き属性証明書を送り、アクセスを要求する(ステップ105)。アクセス制御サーバ2よりアクセスを許可され、サービスを利用する(ステップ106)。
【0017】
図5は属性証明書発行サーバ3の処理を示すフローチャートである。制御部35は送受信部31を介して、ユーザ端末1からのサーバポリシー24と電子マネーを受け取り、担保付き属性証明書の発行要求を受け付ける(ステップ201)。次いでサーバポリシー24を解析し、アクセス制御サーバ2からアクセス許可されるために必要な個人情報と、認証が必要か否か、担保の電子マネーの額を調べ、条件を満たしているか判定する(ステップ202)。先にユーザ端末1から受け取った担保額の電子マネーは属性証明書発行サーバ3内に保管し、個人情報データベース32に預託された電子マネーの額に追記(加算)する(ステップ203)。サーバポリシー24の要求条件に応じて個人情報データベース32から、ユーザの属性情報であって、ユーザが開示を認めているものを取り出す(ステップ204)。サーバポリシー24で必要とされた額の電子マネーを担保として扱うために一定期間ユーザが引き出すことをできないようにし、属性証明書発行部34で、先に取り出した個人の属性情報をもとにして、担保付き属性証明書を発行する(ステップ205)。発行した担保付き属性証明書をユーザ端末1に送る(ステップ206)。
【0018】
図6はアクセス制御サーバ2での処理を示すフローチャートである。まず、ユーザ端末1からサービス利用のためのアクセス要求を受け付ける(ステップ301)。ユーザ端末1に対して、既に設定されているアクセス許可のためのサーバポリシー24を送る(ステップ302)。ユーザ端末1から担保付き属性証明書を受け取ると(ステップ303)、サービス許可判定部22でサーバポリシー24と担保付き属性証明書の内容を比較してサーバポリシーの条件が満たされていれば、ユーザ端末1にアクセス許可を通知する(ステップ304)。
【0019】
もしもユーザがサービスを利用した結果、不法行為等サービス提供者に損害を与えた場合、アクセス制御サーバ2は受け取った属性証明書のIDを属性証明書発行サーバ3に対して送り、担保額の電子マネーの差し押さえを要求することができる。この結果、サービス提供側の泣き寝入りを少なくすることが期待できる。
【0020】
【発明の効果】
以上説明したように、本発明によれば、個人情報をある程度秘匿しながら身元保証が可能なだけでなく、サービス利用に伴うトラブルがあった場合でもアクセス許可者が損害補償額を迅速に回収し得る。
【図面の簡単な説明】
【図1】本発明の一実施形態の担保付き属性認証システムの構成図である。
【図2】サーバポリシー24のデータ構造の例を示す図である。
【図3】担保付き属性証明書のデータ構造の例を示す図である。
【図4】ユーザ端末1での処理のフローチャートである。
【図5】属性証明書発行サーバ3での処理のフローチャートである。
【図6】アクセス制御サーバ2での処理のフローチャートである。
【符号の説明】
1 ユーザ端末
2 アクセス制御サーバ
3 属性証明書発行サーバ
4 ネットワーク
11 データ送受信部
12 制御部
21 データ送受信部
22 サービス許可判定部
23 制御部
24 サーバポリシー
31 データ送受信部
32 個人情報データベース
33 データベース管理部
34 属性証明書発行部
35 制御部
101〜106,201〜206,301〜304 ステップ[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to an authentication system that performs access control while keeping personal information confidential.
[0002]
[Prior art]
In controlling access to network services, the system side requests the presentation of personal information, but the user side wants to avoid presenting personal information as much as possible while showing that his / her identity is certain due to concerns about misuse of personal information. There was a request.
[0003]
As a method for responding to such a demand, in Patent Literature 1, access control can be performed based on reliable personal information, and identity assurance while concealing personal information is possible.
[0004]
[Patent Document 1]
JP-A-2002-132730
[Problems to be solved by the invention]
However, Patent Document 1 has the following problems.
[0006]
If a trouble occurs due to the user's action, the system that has granted access can identify the user, but in order to compensate the user for damages, take actions such as still invoking a claim for damages. Have to take. If the cost of the trial is high but the amount of the claim for damages is small, the system cannot inadvertently bring the trial. In this way, if a small amount of damage is caused, there is little possibility that the user will be sued in a trial, so that a deterrent that does not cause trouble for the user cannot be expected. In the event of trouble, there is no mechanism by which the system can quickly recover the damage amount.
[0007]
SUMMARY OF THE INVENTION It is an object of the present invention to provide a secured attribute authentication system capable of guaranteeing the identity while concealing personal information and recovering the amount of damage after a trouble occurs.
[0008]
[Means for Solving the Problems]
In order to achieve the above object, an attribute authentication system of the present invention comprises:
One or more user terminals connected to the network;
A personal information item to be disclosed, the necessity of third-party authentication thereof, and a server policy containing the amount of the security deposit are set, and the user terminal is notified of the server policy and the attribute-required certificate, and is accessed. When receiving the request, an access control server that determines the access permission by comparing the content of the attached attribute certificate with the server policy,
When the server policy is received from the user terminal and the issuance request of the attribute certificate is received, the personal information of the user of the user terminal registered in the personal information database is taken out, and the attribute certificate in which the amount of the security is set And sends an attribute certificate issuing server to the user terminal that sent the issuance request.
[0009]
If the user uses the service and damages the service provider such as tort, the access control server sends the ID of the received attribute certificate to the attribute certificate issuing server, and the security amount of the electronic money is You can request foreclosure. As a result, it can be expected that the service provider side will be less likely to fall asleep.
[0010]
BEST MODE FOR CARRYING OUT THE INVENTION
Next, embodiments of the present invention will be described with reference to the drawings.
[0011]
FIG. 1 is a configuration diagram of an authentication system according to an embodiment of the present invention.
[0012]
The authentication system according to the present embodiment includes a user terminal 1, an access control server 2, and an attribute certificate issuing server 3, which are connected to each other via a network 4.
[0013]
The user terminal 1 includes a data transmission / reception unit 11 for transmitting / receiving data to / from another node via the network 4 and a control unit 12 for controlling the transmission / reception unit 11 and the like. The access control server 2 includes a data transmission / reception unit 21 for transmitting / receiving data, a service permission determination unit 22 that manages a service policy 24 and determines whether to permit access to a service, and a service permission determination unit 22. It includes a control unit 23 for controlling. The attribute certificate issuing server 3 includes a data transmitting / receiving unit 31 for transmitting / receiving data, a personal information database 32, a database managing unit 33 for managing the personal information database 32, and an attribute certificate issuing unit 34 for issuing an attribute certificate. And a control unit 35 for controlling the data transmitting / receiving unit 31, the database management unit 33, and the attribute certificate issuing unit 34. The personal information database 32 manages user ID, name, contact information (address), date of birth, gender, handle name, affiliation, e-mail address, amount of deposited electronic money, and the like.
[0014]
FIG. 2 shows an example of the data structure of the server policy 24 set for permitting use of the service by the access control server 2. The server policy 24 includes a URL (Uniform Resource Locator) address of the server, a URL address of a directory providing a service, a service ID, and information necessary for using the service. The information required to use the service includes some attribute information about the individual (for example, handle name), whether or not authentication by a third party is necessary, and compensation for damages caused by troubles associated with using the service to the user. Includes the amount of electronic money requested as collateral to get paid.
[0015]
FIG. 3 shows an example of the data structure of a secured attribute certificate issued by the attribute certificate issuing server 3. In the secured attribute certificate, the ID of the attribute certificate, the ID of the certificate authority, the attribute information required to be disclosed by the server policy (handle name in this example), the validity period of the certificate, and the certificate authority Includes the amount of electronic money deposited from, the ID of the access control server to be validated, and the digital signature of the certification authority.
[0016]
FIG. 4 is a flowchart showing the processing of the user terminal 1. An access request is transmitted to the access control server 2 (step 101). A server policy 24 for permitting access is received from the access control server 2 (step 102). The server policy 24 and the electronic money received are sent to the attribute certificate issuing server 3 to request issuance of the attribute certificate (step 103). The secured attribute certificate is received from the attribute certificate issuing server 3 (step 104). The secured attribute certificate is sent to the access control server 2 to request access (step 105). Access is permitted by the access control server 2, and the service is used (step 106).
[0017]
FIG. 5 is a flowchart showing the process of the attribute certificate issuing server 3. The control unit 35 receives the server policy 24 and the electronic money from the user terminal 1 via the transmission / reception unit 31, and receives a request for issuing a secured attribute certificate (step 201). Next, the server policy 24 is analyzed, and the personal information necessary for permitting the access from the access control server 2, the authentication is required, and the amount of the electronic money of the security is checked to determine whether the condition is satisfied (step 202). The electronic money of the security amount previously received from the user terminal 1 is stored in the attribute certificate issuing server 3 and added (added) to the amount of electronic money deposited in the personal information database 32 (step 203). In accordance with the requirement of the server policy 24, user attribute information which is permitted to be disclosed by the user is extracted from the personal information database 32 (step 204). In order to handle the electronic money of the amount required by the server policy 24 as collateral, the user cannot withdraw the electronic money for a certain period of time, and the attribute certificate issuance unit 34 sets the electronic certificate based on the attribute information of the individual extracted earlier. Then, a secured attribute certificate is issued (step 205). The issued secured attribute certificate is sent to the user terminal 1 (step 206).
[0018]
FIG. 6 is a flowchart showing the processing in the access control server 2. First, an access request for using a service is received from the user terminal 1 (step 301). The server policy 24 for access permission already set is sent to the user terminal 1 (step 302). Upon receiving the secured attribute certificate from the user terminal 1 (step 303), the service permission determining unit 22 compares the contents of the server policy 24 with the secured attribute certificate. The terminal 1 is notified of the access permission (step 304).
[0019]
If the user damages the service provider as a result of using the service, the access control server 2 sends the received ID of the attribute certificate to the attribute certificate issuing server 3 and sends the security certificate electronically. You can request foreclosure of money. As a result, it can be expected that the service provider side will be less likely to fall asleep.
[0020]
【The invention's effect】
As described above, according to the present invention, not only is it possible to guarantee the identity while concealing the personal information to some extent, but also in the event of a trouble with the use of the service, the access permitter can quickly recover the damage compensation amount. obtain.
[Brief description of the drawings]
FIG. 1 is a configuration diagram of a secured attribute authentication system according to an embodiment of the present invention.
FIG. 2 is a diagram showing an example of a data structure of a server policy 24.
FIG. 3 is a diagram illustrating an example of a data structure of a secured attribute certificate.
FIG. 4 is a flowchart of a process in the user terminal 1.
FIG. 5 is a flowchart of a process in the attribute certificate issuing server 3.
FIG. 6 is a flowchart of a process in the access control server 2.
[Explanation of symbols]
Reference Signs List 1 User terminal 2 Access control server 3 Attribute certificate issuing server 4 Network 11 Data transmission / reception unit 12 Control unit 21 Data transmission / reception unit 22 Service permission determination unit 23 Control unit 24 Server policy 31 Data transmission / reception unit 32 Personal information database 33 Database management unit 34 Attribute certificate issuing unit 35 Control units 101 to 106, 201 to 206, 301 to 304 Step

Claims (7)

ネットワークに接続された1つ以上のユーザ端末と、
開示すべき個人情報項目と、その第三者認証の必要性と、担保金の額を内容とするサーバポリシーが設定され、各ユーザ端末に前記サーバポリシーと要属性証明書を通知して、アクセス要求を受信した場合には添付された属性証明書の内容を前記サーバポリシーと照合してアクセス可否を判別するアクセス制御サーバと、
前記ユーザ端末から前記サーバポリシーを受け取り、属性証明書の発行要求を受け付けると、個人情報データベースに登録されている、前記ユーザ端末のユーザの個人情報を取り出し、担保金の額が設定された属性証明書を作成して、前記発行要求を送付したユーザ端末に送る属性証明書発行サーバを有する担保付き認証システム。One or more user terminals connected to the network;
A personal information item to be disclosed, the necessity of third-party authentication thereof, and a server policy containing the amount of the security deposit are set, and the user terminal is notified of the server policy and the attribute-required certificate, and is accessed. When receiving the request, an access control server that determines the access permission by comparing the content of the attached attribute certificate with the server policy,
When the server policy is received from the user terminal and an attribute certificate issuance request is received, the personal information of the user of the user terminal registered in the personal information database is taken out and the attribute certificate in which the amount of the security is set is set. A secured authentication system having an attribute certificate issuing server that creates a certificate and sends it to the user terminal that sent the issuance request. 前記属性証明書に有効対象として前記アクセス制御サーバが設定される、請求項1記載の認証システム。The authentication system according to claim 1, wherein the access control server is set as a valid target in the attribute certificate. 前記サーバポリシーに設定される担保金の額が電子マネーの額であり、前記ユーザ端末から前記属性証明書発行サーバに担保金の額の電子マネーが送られて前記属性証明書発行サーバ内に保管され、前記属性証明書に設定された担保金の額がユーザ端末から送られた電子マネーの額である、請求項1または2に記載の認証システム。The amount of security money set in the server policy is the amount of electronic money, and the user terminal sends electronic money of the amount of security money to the attribute certificate issuing server and stores it in the attribute certificate issuing server. 3. The authentication system according to claim 1, wherein the amount of the security money set in the attribute certificate is the amount of electronic money sent from the user terminal. 開示すべき個人情報項目と、その第三者認証の必要性と、担保金の額を内容とするサーバポリシーと、
データ送受信部と、
前記データ送受信部を介して各ユーザ端末に前記サーバポリシーと要属性証明書を通知し、前記データ送受信部を介してアクセス要求を受信した場合には添付された属性証明書の内容を前記サーバポリシーと照合してアクセス可否を判別するサービス許可判定部を有するアクセス制御サーバ。Items of personal information to be disclosed, necessity of third-party authentication, server policy containing the amount of collateral,
A data transmitting and receiving unit;
Notifying each user terminal of the server policy and the required attribute certificate via the data transmission / reception unit, and when an access request is received via the data transmission / reception unit, the content of the attached attribute certificate is transmitted to the server policy. An access control server having a service permission determination unit that determines whether access is possible by comparing with an access control server. ユーザの個人情報を管理している個人情報データベースと、
データ送受信部と、
前記データ送受信部を介して前記ユーザ端末から開示すべき個人情報項目と、その第三者認証の必要性と、担保金の額を内容とするサーバポリシーを受け取り、属性証明書の発行要求を受け付けると、前記個人情報データベースに登録されている、前記ユーザ端末のユーザの個人情報を取り出すデータベース管理部と、
担保金の額が設定された属性証明書を作成して、前記発行要求を送付したユーザ端末に前記データ送受信部を介して送る属性証明書発行部を有する属性証明書発行サーバ。A personal information database that manages the user's personal information,
A data transmitting and receiving unit;
A personal information item to be disclosed from the user terminal via the data transmission / reception unit, a necessity of third-party authentication thereof, and a server policy containing the amount of the security deposit are received, and an attribute certificate issuance request is received. And a database management unit that retrieves personal information of the user of the user terminal, which is registered in the personal information database,
An attribute certificate issuing server having an attribute certificate issuing unit that creates an attribute certificate in which a security amount is set and sends the created attribute certificate to the user terminal that sent the issuance request via the data transmitting / receiving unit. 前記属性証明書に有効対象として前記アクセス制御サーバが設定される、請求項5記載の属性証明書発行サーバ。The attribute certificate issuing server according to claim 5, wherein the access control server is set as a valid target in the attribute certificate. 前記サーバポリシーに設定される担保金の額が電子マネーの額であり、前記ユーザ端末から前記属性証明書発行サーバに担保金の額の電子マネーが送られて前記属性証明書発行サーバ内に保管され、前記属性証明書に設定された担保金の額がユーザ端末から送られた電子マネーの額である、請求項5または6に記載の属性証明書発行サーバ。The amount of security money set in the server policy is the amount of electronic money, and the user terminal sends electronic money of the amount of security money to the attribute certificate issuing server and stores it in the attribute certificate issuing server. 7. The attribute certificate issuing server according to claim 5, wherein the amount of the security money set in the attribute certificate is an amount of electronic money sent from the user terminal.
JP2003134313A 2003-05-13 2003-05-13 Secured attribute authentication system, attribute certificate issuance server and access control server Pending JP2004341597A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2003134313A JP2004341597A (en) 2003-05-13 2003-05-13 Secured attribute authentication system, attribute certificate issuance server and access control server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2003134313A JP2004341597A (en) 2003-05-13 2003-05-13 Secured attribute authentication system, attribute certificate issuance server and access control server

Publications (1)

Publication Number Publication Date
JP2004341597A true JP2004341597A (en) 2004-12-02

Family

ID=33524909

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2003134313A Pending JP2004341597A (en) 2003-05-13 2003-05-13 Secured attribute authentication system, attribute certificate issuance server and access control server

Country Status (1)

Country Link
JP (1) JP2004341597A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008205878A (en) * 2007-02-21 2008-09-04 Kddi Corp Attribute authentication system, and attribute authentication method and program in its system
WO2015066023A1 (en) * 2013-10-29 2015-05-07 Jung Edward K Y Supporting guaranty provisioning via user attribute proffering
US9818105B2 (en) 2013-10-29 2017-11-14 Elwha Llc Guaranty provisioning via wireless service purveyance
US9934498B2 (en) 2013-10-29 2018-04-03 Elwha Llc Facilitating guaranty provisioning for an exchange
US10157407B2 (en) 2013-10-29 2018-12-18 Elwha Llc Financier-facilitated guaranty provisioning
CN110058555A (en) * 2018-07-09 2019-07-26 江苏恒宝智能***技术有限公司 A kind of equipment authentication method and device based on Internet of Things

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008205878A (en) * 2007-02-21 2008-09-04 Kddi Corp Attribute authentication system, and attribute authentication method and program in its system
WO2015066023A1 (en) * 2013-10-29 2015-05-07 Jung Edward K Y Supporting guaranty provisioning via user attribute proffering
US9818105B2 (en) 2013-10-29 2017-11-14 Elwha Llc Guaranty provisioning via wireless service purveyance
US9934498B2 (en) 2013-10-29 2018-04-03 Elwha Llc Facilitating guaranty provisioning for an exchange
US10157407B2 (en) 2013-10-29 2018-12-18 Elwha Llc Financier-facilitated guaranty provisioning
CN110058555A (en) * 2018-07-09 2019-07-26 江苏恒宝智能***技术有限公司 A kind of equipment authentication method and device based on Internet of Things
CN110058555B (en) * 2018-07-09 2021-08-31 江苏恒宝智能***技术有限公司 Equipment authentication method and device based on Internet of things

Similar Documents

Publication Publication Date Title
CN111164594B (en) System and method for mapping a de-centralized identity to a real entity
CN111213147B (en) Systems and methods for blockchain-based cross-entity authentication
CN111316303B (en) Systems and methods for blockchain-based cross-entity authentication
US11818253B2 (en) Trustworthy data exchange using distributed databases
US9542540B2 (en) System and method for managing application program access to a protected resource residing on a mobile device
JP5479111B2 (en) Control of distribution and use of digital ID presentation
JP2002132730A (en) System and method for authentication or access management based on reliability and disclosure degree of personal information
US20080097998A1 (en) Data file access control
US7520339B2 (en) Apparatus for achieving integrated management of distributed user information
JP2003519846A (en) Policy notification method and system
US20140150080A1 (en) Authorizing access to digital content
US20080270571A1 (en) Method and system of verifying permission for a remote computer system to access a web page
CN109274650B (en) Electronic image retrieval management system and method
CA2310535A1 (en) Vault controller context manager and methods of operation for securely maintaining state information between successive browser connections in an electronic business system
US8880433B2 (en) Dynamic authentication of mark use
JP2004341597A (en) Secured attribute authentication system, attribute certificate issuance server and access control server
US20110173273A1 (en) Method and system for inhibiting phishing
US20030172298A1 (en) Method and system for maintaining secure access to web server services using server-delegated permissions
JP2000331088A (en) Method and system for approval mark management
JP2005020536A (en) Electronic data signature device and program for signature device
US20240095720A1 (en) Automatic token wallet generation
US20220294805A1 (en) System and method of securely establishing control of a resource
US20130167198A1 (en) Protocol for sequential rights transactions
JP2005122251A (en) Security system, server computer, security method, and program for security
KR100710527B1 (en) Method of authentication for internet service using XMPP and system thereof

Legal Events

Date Code Title Description
RD04 Notification of resignation of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7424

Effective date: 20050617