Title:
ユーザ認証システム、およびその方法
Document Type and Number:
Japanese Patent JP3939736
Kind Code:
B1
Abstract:
Disclosed is a user authentication system, which is designed to present a presentation pattern to a user subject to authentication, and apply a one-time-password derivation rule serving as a password of the user to certain pattern elements included in the presentation pattern at specific positions so as to create a one-time password. An authentication server is operable to generate a pattern seed value adapted to be combined with a user ID so as to allow a presentation pattern to be uniquely determined, and transmit the generated pattern seed value to an authentication-requesting client. The authentication-requesting client is operable to display a presentation pattern created based on an entered user ID and the received pattern seed value and in accordance with a given pattern-element-sequence creation rule, so as to allow the user to enter therein a one-time password, and transmit the entered one-time password to the authentication server. The authentication server is operable to duplicate the presentation pattern so as to create a verification code, and compare between the received one-time password and the created verification code, so as to carry out user authentication. The present invention provides a matrix authentication scheme capable of reducing the risk of password leakage.
Inventors:
Ueda Yukiya
Ai Saito
Naruto Tamai
Ai Saito
Naruto Tamai
Application Number:
JP2006086603A
Publication Date:
July 04, 2007
Filing Date:
March 27, 2006
Export Citation:
Assignee:
CSE Inc.
International Classes:
G06F21/31; H04L9/32
Domestic Patent References:
| JP200639997A |
Foreign References:
| WO2003069490A1 |
Attorney, Agent or Firm:
Sadao Kumakura
Fumiaki Otsuka
Takaki Nishijima
Hiroyuki Suda
Naoki Kondo
Fumiaki Otsuka
Takaki Nishijima
Hiroyuki Suda
Naoki Kondo