User authentication method and user authentication system

Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C713S162000, C713S167000, C713S168000, C713S185000, C713S193000, C713S152000, C380S043000, C380S262000, C705S051000

Reexamination Certificate

active

06615353

ABSTRACT:

BACKGROUND OF THE INVENTION
1. Field of Invention
This invention relates to a user authentication method and system; and more particularly, to user authentication in the “intranet” or “extranett”. The invention may be used in a system that utilizes a one time password function and a storage medium, such as a floppy disk, as a physical key for authentication.
The term “intranet” as used herein is a system analogous to the internet, for example, constructed in a company, and “extranet” is a membership system intranet. Also, the term “one time password” as used herein means a password that varies with each use.
2. Description of the Prior Art
The following types of authentication systems are currently available in the art:
(1) Access function limitation in a web server. One of the functions of conventional web servers is the function of access limitation. This function has been used in systems where a user name and a password are inputted, such as in personal computer communication.
(2) Function of access limitation using cryptocards. The cryptocard is a type of electronic or smart card. If a user name is inputted, the host sends back an ID code. The prescribed computation is executed based on this ID code, and the code obtained as a result of the computation is transmitted to the host; which uses the code as the user authentication code.
There are many disadvantages and deficiencies with these prior art systems. For example, in the case of system (1), since the user name and password are inputted, it is possible for the user name and password to be stolen when passed through a transmission line. When stolen, it is very difficult to locate the source of the theft or the location of the destination of such theft. Also, if non-specific users are managed with this system, the resource provider may allow many non-specific users to access the user name and password. As another example, in the case of system (2), reliable security can be maintained by a challenge and response function (that is the user authentication code creation and notification of that code to the host). However, disadvantageously, such a system is expensive and the cryptocard itself is expensive, and furthermore the system is not economically effective for systems that do not require high grade security.
SUMMARY OF THE INVENTION
Accordingly, an object of the invention is to overcome the aforementioned and other disadvantages, problems, and deficiencies of the prior art.
Another object is to provide a user authentication method and system that can provide reliable security at low cost.
A further object is to provide such as system wherein a floppy disc is used as a storage medium, in place of the prior art use of cryptocards.
The foregoing and other features, advantages and objectives are attained in various aspects of the invention which encompasses a user authentication method and system, as set forth in greater detail hereinbelow.
A first aspect of the invention comprises a method using control equipment and an operating section connected to the control equipment and comprising the steps of
reading a storage medium that stores specific parameters and creating a user authentication code from the specific parameters and other parameters provided by the control equipment using a specific function on the operating section side;
sending the created user authentication code to the control equipment;
comparing the user authentication code sent from the operating section with another code computed using a specific function generated in the control equipment on the control equipment side; and
allowing the information to be inputted or outputted or otherwise interchanged between the control equipment and the operating section when both codes coincide as a result of the comparison.
According to a first configuration of the invention, information is inputted or outputted or otherwise interchanged between the control equipment and the operating section only when a user authentication code created in the operating section coincides with another code generated in the control equipment as a result of the comparison of the two codes. In this case, the user authentication code created in the operating section is prepared from a specific function using a storage medium storing specific parameters in advance, Consequently, reliable security is possible at low cost for users desiring access to the control equipment.
A floppy disk can be used as the storage medium, and the user name, last access client ID, last access date and time, sequential number and seed can be selected as the parameters to be record. With use of a floppy disk as the low cost storage medium, a low cost highly reliable authentication method and system are realized.
A second aspect of the invention encompases a user authentication system comprising control equipment; an operation system connected to the control equipment; means for reading a storage medium storing specific parameters and for creating in the operating section a user authentication code using a specific function from the specific parameters and from other parameters provided by the control equipment; an authentication manager means for generating a specific code based on parameters sent from the storage medium using a specific function; an authentication web server means for downloading an applet for authentication to a browser that accesses the server for authenticating a URL (home based address) with a key sent from the operating section; and means for displaying a targeted page in a display section by acquiring the targeted page from the linked web server, respectively, in the control equipment.
According to the second aspect, information is inputted or outputted or otherwise interchanged between the control equipment and operating section only when a user authentication code, created in the operating section, coincides with another code generated in the control equipment as a result of the comparison of the two codes. In this case, the user authentication code created in the operating section is prepared from a specific function using a storage medium which stores the specific parameters in advance. Consequently, reliable security is realized with use of a low cost storage medium when the user desires to access the control equipment.
As with the prior configuration, advantageously, a floppy disk can be used as the storage medium, and the user name, last access client ID, last access date and time, sequential number and seed can be selected as the parameters to be recorded.
A third aspect of the invention encompasses a method for use in an information transmission system comprising a host and at least one terminal connected thereto and comprising the following steps:
reading a storage medium in which are stored specific parameters at the at least one terminal;
creating a user authentication code from the specific parameters using a specific function at the at least one termnial;
sending the created user authentication code and user name to the host from the at least one terminal;
comparing the user authentication code sent from the at least one terminal with another code using a host generated specific function in the host; and
allowing the host to implement information transmission to the at least one terminal when the two codes coincide as a result of the comparision.
According to a third configuration of the invention, the information transmission is executed between the host and the at least one terminal only when the user authentication code created at the at least one terminal coincides with another code generated in the host as a result of the comparison of the two codes. In this case, the user authentication code created at the at least one terminal is prepared from a specific function using a storage medium which stores specific parameters in advance. Consequently, reliable security is maintained with a low cost storage medium when the user desires access to the host.
As with the previously discussed configuration, a floppy disk can be used as the storage medium and the user name, last a

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

User authentication method and user authentication system does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with User authentication method and user authentication system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and User authentication method and user authentication system will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3031660

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.