| 发明名称 | Certificate authenticating method, certificate issuing device, and authentication device | ||
| 摘要 | A terminal device 4 transmits a certificate issue request including a communication ID thereof and a sub ID to a certificate issuing device 7 via a NW1 (a first network). The certificate issuing device 7 inquires of a communication ID (identifier) checking device 5 whether or not the communication ID included in the certificate issue request is in use or not and inquires of a communication ID/sub ID checking device 6 whether or not the communication ID and the sub ID are associated with each other. If both the check results are OK, the certificate issuing device 7 generates a certificate including the ID of the certificate issuing device 7, the communication ID, the sub ID and a validity period and transmits the certificate to the terminal device 4. In this way, a certificate with a short validity period can be issued only based on the access to the NW1 using the communication ID and the sub ID. | ||
| 申请公布号 | US8775796(B2) | 申请公布日期 | 2014.07.08 |
| 申请号 | US200812523420 | 申请日期 | 2008.02.07 |
| 申请人 | Nippon Telegraph and Telephone Corporation | 发明人 | Karasawa Kei;Kawashima Masahisa;Tsuruoka Yukio;Takahashi Kenji;Orihara Shingo |
| 分类号 | H04L9/32 | 主分类号 | H04L9/32 |
| 代理机构 | Oblon, Spivak, McClelland, Maier & Neustadt, L.L.P. | 代理人 | Oblon, Spivak, McClelland, Maier & Neustadt, L.L.P. |
| 主权项 | 1. A certificate authenticating method that authenticates a terminal device capable of connecting to a first network by using a communication ID to allow the terminal device to connect a second network different from the first network, the terminal device having a sub ID, wherein ID is an abbreviation of identifier, comprising: (a) a step by the terminal device of transmitting, via the first network, a certificate issue request including at least the communication ID and the sub ID to a certificate issuing device connected to the first network, the communication ID being a global IP address and the sub ID being a private IP address; (b) a step by the certificate issuing device of requesting a communication ID checking device to check whether or not the communication ID of the terminal device included in the certificate issue request is in use when the certificate issue request is received from the terminal device via the first network, requesting a communication ID/sub ID checking device to check whether or not the association between the communication ID and the sub ID is proper, generating a certificate including at least an ID of the certificate issuing device, the communication ID and the sub ID of the terminal device and a validity period if at least the check results from the communication ID checking device and the communication ID/sub ID checking device are OK, and transmitting the certificate to the terminal device; (c) a step by the terminal device of transmitting an authentication request including at least the sub ID for authentication of the certificate to an authentication device on the second network; and (d) a step by the authentication device of carrying out authentication of the certificate in response to the authentication request. | ||
| 地址 | Tokyo JP | ||