发明名称 |
SYSTEM FOR REMOTELY AUTHENTICATING THE IDENTITY OF USERS BY MEANS OF NETWORK-BASED SMART CARDS |
摘要 |
The invention relates to a system for remotely authenticating the identity of users by means of smart cards, comprising: a smart card (10) which provides a user authentication certificate (C.X.509.U_AUT), an access point (20) for the smart card, and a remote authentication server (30) for authenticating said smart card. According to the invention, the smart card (10) is configured as an independent authentication requester in order to respond to a stack of network protocols, in relation to which a remote, smart-card-controlled authentication mechanism is implemented, and the access point is configured as a network access server in order to act as an authentication intermediary (A) between the smart card and the remote authentication server. In response to a remote mutual authentication between the remote authentication server and the smart card, an end-to-end secure channel (40) is maintained using a session key (Ksk, KSA/eID) and defined between the smart card and the remote authentication server and the identity of the user is authenticated by means of said secure channel using the authentication certificate (C.X.509.U_AUT). |
申请公布号 |
WO2009080854(A1) |
申请公布日期 |
2009.07.02 |
申请号 |
WO2008ES00791 |
申请日期 |
2008.12.22 |
申请人 |
UNIVERSIDAD CARLOS III DE MADRID;TORRES MARQUEZ, JOAQUIN;IZQUIERDO MANZANARES, ANTONIO;SIERRA CAMARA, JOSE, MARIA |
发明人 |
TORRES MARQUEZ, JOAQUIN;IZQUIERDO MANZANARES, ANTONIO;SIERRA CAMARA, JOSE, MARIA |
分类号 |
G07F7/10;G07F7/08;H04L12/28;H04L29/06 |
主分类号 |
G07F7/10 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|