摘要 |
PROBLEM TO BE SOLVED: To perform authentication of a user of service through an authentication terminal as storing personal information and biological information, etc. which are information unique to the user not in an authentication server managed by a service provider but in a portable information storage device managed by the user himself/herself. SOLUTION: When authentication information of the user A is registered, the portable information storage device 110 is issued to the user A, device authentication information is registered in the portable information storage device 110 and the authentication server 130, user authentication information is registered in the portable information storage device 110, when the user A receives the authentication by the authentication terminal 120, the portable information storage device 110 is connected to the authentication terminal 120, the authentication information unique to the user A is provided to the authentication terminal 120, output of a one-way function using random numbers as a key and the user authentication information as input is acquired, these pieces of authentication information are compared with each other by a user authentication information comparison part 124 and a device authentication information comparison part 125 and the authentication of the user A is performed by whether or not the pieces of authentication information coincide. COPYRIGHT: (C)2006,JPO&NCIPI |