Patent application number | Description | Published |
20090327706 | ACCOUNT MANAGEMENT SYSTEM, ROOT-ACCOUNT MANAGEMENT APPARATUS, DERIVED-ACCOUNT MANAGEMENT APPARATUS, AND PROGRAM - A root-account management apparatus generates an electronic signature based on a survival condition and a secret key when an authentication result of a user of a client apparatus is proper, and transmits derived-account credence element information including the survival condition, the electronic signature and a public key certificate to a derived-account management apparatus. The derived-account management apparatus creates derived-account information which becomes valid when the survival condition is satisfied so that the derived-account information includes both the derived-account credence element information which becomes invalid when a validity term of the public key certificate expires and a biometric information template of the user which is valid regardless of this validity term. Accordingly, even if an authentication element as a root (public key certificate) becomes invalid, a derived authentication element (biometric information template) can be prevented from becoming invalid. | 12-31-2009 |
20100180124 | VERIFICATION APPARATUS AND PROGRAM - According to one embodiment of the present invention, the first authentication context includes the template certificate indicative of the validity of a template and the first apparatus evaluation certificate indicative of the validity of the first apparatus evaluating information whilst the second authentication context includes the second apparatus evaluating certificate indicative of the validity of the second apparatus evaluating information. And the template certificate and the first and second evaluation certificates are verified when verifying the first and second authentication contexts. Thus, the validity of the template used for authentication or the apparatus evaluating information included in the authentication context can be verified. | 07-15-2010 |
20100191967 | CLIENT APPARATUS, SERVER APPARATUS, AND PROGRAM - A client apparatus receives a message including a random number from a server apparatus during the handshake of agreement process, creates a biometric negotiation message including the biometric authentication method information and sends the biometric negotiation message to the server apparatus. Then, the client apparatus executes a biometric authentication based on biometric authentication method information notified from the server apparatus and encrypts the random number based on the private key. In addition, the client apparatus generates an authenticator from a result of the biometric authentication, the biometric authentication method information, the encrypted random number, and the client certificate, and sends to the server apparatus an authentication context including these. The server apparatus verifies the authentication context and establishes a secure session in one handshake. | 07-29-2010 |
20110185413 | SYSTEM, APPARATUS, AND PROGRAM FOR BIOMETRIC AUTHENTICATION - A client apparatus transmits environmental information acquired from an environmental information acquisition device as well as a biometric authentication information matching result to a server apparatus. The server apparatus verifies the validity of the environmental information such as a luminance as well as the validity of the biometric authentication information matching result. If an environment is problematic, the server apparatus notifies the client apparatus that the environmental information is problematic. The client apparatus overcomes the problem of the environment such as the luminance based on the notification from the server apparatus and then retries a biometric authentication. The possibility of re-failure due to the environmental problem can be reduced during a retry of the biometric authentication. | 07-28-2011 |
20110307446 | INFORMATION LIFE CYCLE MANAGEMENT SYSTEM, INFORMATION MANAGEMENT SERVER APPARATUS, INFORMATION MEDIA CONTROLLING APPARATUS AND PROGRAM - According to one embodiment, even when the information media controlling apparatus which requests replication registration of electronic data and the information media controlling apparatus which acquires a child management file generated by replication registration are separate apparatuses, the information management server apparatus registers a child management ID of electronic data and a post office box ID of the acquisition destination of a child management file, in the post office box management table based on replication registration request information received from one information media controlling apparatus, and has the other information media controlling apparatus which is the acquisition destination acquire the child management file based on the post office box management table. | 12-15-2011 |
20120105901 | DOCUMENT MANAGEMENT SUPPORT SYSTEM, INFORMATION MANAGEMENT SERVER APPARATUS, AND INFORMATION MEDIUM CONTROLLER - According to one embodiment, an information management server apparatus transmits processing result information that includes management register information including a child management ID when traceable duplication request information received from an information medium controller satisfy an access control policy and a permission policy. On the basis of the processing result information, the information medium controller outputs document print data that includes the child management ID tag and an electronic data body, and management register data including the management register information. When a paper document printed by the document print data is collected after being distributed, the information medium controller transmits a collection completion update request including the child management ID read from the paper document by an exclusive reader. On the basis of the child management ID in the collection completion update request, the information management server apparatus updates the status information to “collected”. | 05-03-2012 |
20120162688 | ACCESS CONTROL SYSTEM, APPARATUS, AND PROGRAM - According to one embodiment, a deriving operation control device obtains derivation control information and a derivation attribute. A deriving operation propriety determination unit extracts the number of times of previously-performed derivation from the derivation attribute. The deriving operation propriety determination unit extracts the upper limit number of times enabling derivation from the derivation control information and determines that a deriving operation is possible when the number of times of previously-performed derivation is equal to or below the upper limit number of times enabling derivation. A deriving operation execution unit executes the deriving operation. | 06-28-2012 |
20130242324 | SELECTIVE DUPLICATING SYSTEM AND INFORMATION MANAGEMENT SERVER DEVICE - According to one embodiment, an information management server device determines whether to permit the duplicating of the original data selected in the duplication source selection information. The information management server device reads the management ID of the original data related to the management ID in the duplication request and the electronic data body related to the entity ID with reference to the first and second storage units when the determination result for the original data has shown that the duplicating is permitted and creates duplicated original data by giving a new management ID to duplicated data obtained by duplicating the electronic data body. | 09-19-2013 |
20130250335 | ACCESS CONTROL SYSTEM, APPARATUS, AND PROGRAM - According to one embodiment, a deriving operation control device obtains derivation control information and a derivation attribute. A deriving operation propriety determination unit extracts the number of times of previously-performed derivation from the derivation attribute. The deriving operation propriety determination unit extracts the upper limit number of times enabling derivation from the derivation control information and determines that a deriving operation is possible when the number of times of previously-performed derivation is equal to or below the upper limit number of times enabling derivation. A deriving operation execution unit executes the deriving operation. | 09-26-2013 |
20140259120 | Authentication Entity Device, Verification Device and Authentication Request Device - A verification device transmits challenge information to a first entity device, and for each authentication context received in return, verifies that challenge information identical to the challenge information transmitted in advance is described, to thereby confirm that the authentication context is the current one. As a result, a repetitive attack in which the past authentication context is repeatedly used is prevented and the security against repetitive attacks is improved. | 09-11-2014 |