AUTHENTICATION SYSTEM

摘要

In the present invention, maintenance terminals used for maintenance inspections are configured so as to be capable of authenticating without issuing an electronic certificate to individual maintenance terminals. A device to be maintained 20 generates a random number and transmits the random number to a maintenance terminal 30 that is performing maintenance, the random number being transmitted in response to a connection request from the maintenance terminal 30. An IC card 40 signs the random number acquired via the maintenance terminal 30 using a maintenance worker secret key, which is held on the IC card 40. On acquiring from the maintenance terminal 30 the random number, the unique number of the maintenance terminal 30, and the signature and maintenance worker certificate transmitted by the IC card 40, the device to be maintained 20 verifies the maintenance worker certificate using a CA certificate acquired from an issuing server 10 prior to performing maintenance, verifies the signature using the maintenance worker certificate, and compares the acquired random number and the generated random number. The issuing server 10 compares the unique number acquired from the device to be maintained 20 with the unique number of the maintenance terminal 30 acquired prior to performing maintenance, and communicates the result of the comparison to the device to be maintained 20.