| 摘要 |
PROBLEM TO BE SOLVED: To provide a flexible, tamper-resistant authentication system or a personal authentication device (PAD) which can support application in authentication, authorization, and accounting. SOLUTION: The PAD stores at least one public key associated with a certificate authority (CA) and receives one or more digital certificates. This digital certificates are authenticated on the basis of the stored CA public keys, and the PAD outputs a service key depending on the application.The operation of the PAD and the nature of the service key may be determined by digital certificate that it receives during operation. Using a stored PAD secret key that is kept secret, the PAD may perform a variety of security-related tasks, including authenticating itself to a user, signing service keys that the PAD generates, and decrypting content on received digital certificates. COPYRIGHT: (C)2005,JPO&NCIPI |
