処理中

しばらくお待ちください...

設定

設定

出願の表示

1. EP3480715 - USER AUTHENTICATION METHOD, EVALUATION DEVICE, PROGRAM AND USER AUTHENTICATION SYSTEM

官庁
欧州特許庁(EPO)
出願番号 18800464
出願日 08.05.2018
公開番号 3480715
公開日 08.05.2019
公報種別 B1
IPC
G06F 21/31
G物理学
06計算;計数
F電気的デジタルデータ処理
21不正行為から計算機,その部品,プログラムまたはデータを保護するためのセキュリティ装置
30認証,すなわちセキュリティ主体の身元又は認可の確立
31ユーザーの認証
G06F 21/62
G物理学
06計算;計数
F電気的デジタルデータ処理
21不正行為から計算機,その部品,プログラムまたはデータを保護するためのセキュリティ装置
60データを保護するもの
62プラットフォームからのデータへのアクセスを保護するもの,例.鍵またはアクセスコントロールルールを用いるもの
H04L 9/32
H電気
04電気通信技術
Lデジタル情報の伝送,例.電信通信
9秘密または安全な通信のための配置
32システムの利用者の身元または権限の照合のための手段を含むもの
H04L 29/06
H電気
04電気通信技術
Lデジタル情報の伝送,例.電信通信
29グループH04L1/00~H04L27/00の単一のグループに包含されない配置,装置,回路または方式
02通信制御;通信処理
06プロトコルによって特徴づけられるもの
CPC
G06F 21/31
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
31User authentication
H04L 9/0866
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
08Key distribution ; or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
0866involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
H04L 9/321
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system ; or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
321involving a third party or a trusted authority
H04L 9/3236
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system ; or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
3236using cryptographic hash functions
H04L 63/1466
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
H04L 9/3239
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system ; or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
3236using cryptographic hash functions
3239involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
出願人 CAPY JAPAN INC
発明者 WATANABE TAKANOBU
OKADA MITSUO
指定国 (国コード)
優先権情報 2017173799 11.09.2017 JP
発明の名称
(DE) BENUTZERAUTHENTIFIZIERUNGSVERFAHREN, BEURTEILUNGSVORRICHTUNG, PROGRAMM UND VERFAHREN ZUR BENUTZERAUTHENTIFIZIERUNG
(EN) USER AUTHENTICATION METHOD, EVALUATION DEVICE, PROGRAM AND USER AUTHENTICATION SYSTEM
(FR) PROCÉDÉ D'AUTHENTIFICATION D'UTILISATEUR, DISPOSITIF D'ÉVALUATION, PROGRAMME ET SYSTÈME D'AUTHENTIFICATION D'UTILISATEUR
要約
(EN) In an evaluation device 1, a receiver part 120a receives, from an authentication device 2 that performs a user login authentication, a hash value of a user identifier for identifying a user, which is generated in a terminal unit 3 used for the login by the user, and information indicating a login environment of the terminal unit 3, which is encrypted in the terminal unit 3. A decoding part 121 decodes the encrypted information indicating the login environment of the terminal unit 3. A risk calculation part 122 calculates an evaluation value that indicates a risk of the login being an unauthorized access based on a statistic related to a degree of similarity between the login environment of the terminal unit 3 and a previous login environment by the user corresponding to the hash value. A transmitter part 120b transmits, to the authentication device 2, a comparison result between the calculated evaluation value and a predetermined threshold.
(FR) L'invention concerne un dispositif d'évaluation (1) dans lequel une unité de réception (120a) reçoit, de la part d'un dispositif d'authentification (2) qui exécute une authentification de connexion d'utilisateur, une valeur de hachage d'un identifiant d'utilisateur qui est destinée à identifier un utilisateur et qui est générée par un terminal (3) utilisé par l'utilisateur pour se connecter, et des informations qui sont codées par le terminal (3) et indiquent l'environnement de connexion du terminal (3). Une unité de décodage (121) décode les informations codées qui indiquent l'environnement de connexion du terminal (3). Une unité de calcul de risque (122) calcule une valeur d'évaluation indiquant le risque que la connexion soit un accès frauduleux, sur la base d'une quantité statistique relative à la similarité entre l'environnement de connexion du terminal (3) et l'environnement d'une connexion passée par un utilisateur correspondant à la valeur de hachage. Une unité de transmission (120b) transmet au dispositif d'authentification (2) le résultat d'une comparaison entre la valeur d'évaluation calculée et une valeur de seuil prescrite.