処理中

しばらくお待ちください...

設定

設定

出願の表示

1. CN111417943 - User authentication method, evaluation device, program and user authentication system

官庁
中華人民共和国
出願番号 201880059057.5
出願日 08.05.2018
公開番号 111417943
公開日 14.07.2020
公報種別 A
IPC
G06F 21/31
G物理学
06計算;計数
F電気的デジタルデータ処理
21不正行為から計算機,その部品,プログラムまたはデータを保護するためのセキュリティ装置
30認証,すなわちセキュリティ主体の身元又は認可の確立
31ユーザーの認証
G06F 21/62
G物理学
06計算;計数
F電気的デジタルデータ処理
21不正行為から計算機,その部品,プログラムまたはデータを保護するためのセキュリティ装置
60データを保護するもの
62プラットフォームからのデータへのアクセスを保護するもの,例.鍵またはアクセスコントロールルールを用いるもの
H04L 9/32
H電気
04電気通信技術
Lデジタル情報の伝送,例.電信通信
9秘密または安全な通信のための配置
32システムの利用者の身元または権限の照合のための手段を含むもの
CPC
G06F 21/44
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
44Program or device authentication
H04L 63/08
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
H04L 63/04
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
04for providing a confidential data exchange among entities communicating through data packet networks
H04L 63/105
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
105Multiple levels of security
H04L 2463/082
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
2463Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
082applying multi-factor authentication
H04L 9/3239
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system ; or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
3236using cryptographic hash functions
3239involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
出願人 CAPY JAPAN INC.
CAPY株式会社
発明者 WATANABE TAKANOBU
渡边孝信
OKADA MITSUO
冈田满雄
代理人 北京林达刘知识产权代理事务所(普通合伙) 11277
北京林达刘知识产权代理事务所(普通合伙) 11277
優先権情報 2017173799 11.09.2017 JP
発明の名称
(EN) User authentication method, evaluation device, program and user authentication system
(ZH) 用户认证方法、评价装置、程序以及用户认证系统
要約
(EN) In an evaluation device (1), a receiving unit (120a) receives, from an authentication device (2) that executes user login authentication, a hash value of a user identifier which is for identifying a user and is generated by a terminal (3) used by the user to login, and information which is encoded by the terminal (3) and indicates the login environment of the terminal (3). A decoding unit (121) decodes the encoded information indicating the login environment of the terminal (3). A risk calculation unit (122) calculates an evaluation value indicating the risk of the login being a fraudulent access, on the basis of a statistical amount relating to the similarity between the login environment of the terminal 3 and the environment of a past login by a user corresponding to the hash value. A transmission unit (120b) transmits, to the authentication device (2), the result of a comparison between the calculated evaluation value and a prescribed threshold value.
(ZH) 在评价装置(1)中,接收部(120a)从执行用户的登录认证的认证装置(2)接收用户在登录时使用的终端(3)中生成的用于识别用户的用户标识符的哈希值和在终端(3)中被加密的表示终端(3)的登录环境的信息。解密部(121)对被加密的表示终端(3)的登录环境的信息进行解密。风险计算部(122)基于与终端(3)的登录环境和用户的过去的登录环境的相似度有关的统计量来计算表示登录为非法访问的风险的评价值,该用户与哈希值对应。发送部(120b)向认证装置(2)发送计算出的评价值与规定的阈值之间的比较结果。