+

WO2009080999A3 - Procede d'authentification d'un utilisateur - Google Patents

Procede d'authentification d'un utilisateur Download PDF

Info

Publication number
WO2009080999A3
WO2009080999A3 PCT/FR2008/052280 FR2008052280W WO2009080999A3 WO 2009080999 A3 WO2009080999 A3 WO 2009080999A3 FR 2008052280 W FR2008052280 W FR 2008052280W WO 2009080999 A3 WO2009080999 A3 WO 2009080999A3
Authority
WO
WIPO (PCT)
Prior art keywords
user
browser
server
portal
authentication
Prior art date
Application number
PCT/FR2008/052280
Other languages
English (en)
Other versions
WO2009080999A2 (fr
Inventor
Alain Leclercq
Yves Arnail
Bernard Delbourg
Original Assignee
Mediscs Soc Par Actions Simpli
Alain Leclercq
Yves Arnail
Bernard Delbourg
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from FR0759714A external-priority patent/FR2958826A1/fr
Application filed by Mediscs Soc Par Actions Simpli, Alain Leclercq, Yves Arnail, Bernard Delbourg filed Critical Mediscs Soc Par Actions Simpli
Priority to US12/746,388 priority Critical patent/US20100257366A1/en
Priority to EP08864309A priority patent/EP2220812A2/fr
Publication of WO2009080999A2 publication Critical patent/WO2009080999A2/fr
Publication of WO2009080999A3 publication Critical patent/WO2009080999A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé d'authentification d'un utilisateur (1) à partir d'un terminal mobile de type téléphone cellulaire (2), dans lequelledit utilisateur (1) visualise au travers d'un navigateur un portail d'accès à un servicehébergé sur un serveur (4); ledit utilisateur (1) demande son authentification au travers du navigateur via ledit portail; ledit portail initie une présession de manière à afficher au travers dudit navigateur, des données (5) temporaires l'accèsindépendantes dudit utilisateur (1); ledit utilisateur (1) saisie sur son téléphone (2) les données visualisées; ledit téléphone (2) envoie automatiquement une requête (6) audit serveur (4), incluant au moins un certificat d'authentification (7) propre à l'utilisateur (1) et lesdites données visualisées (5); ladite requête (6) est chiffrée à l'aide de la clef publique d'un certificat (8) dudit serveur (4) et, en cas d'authentification de l'utilisateur (1), l'accès au service est autorisé au travers d'une session sécurisée dans le navigateur.
PCT/FR2008/052280 2007-12-11 2008-12-11 Procede d'authentification d'un utilisateur WO2009080999A2 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US12/746,388 US20100257366A1 (en) 2007-12-11 2008-12-11 Method of authenticating a user
EP08864309A EP2220812A2 (fr) 2007-12-11 2008-12-11 Procedé d'authentification d'un utilisateur

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
FR0759714A FR2958826A1 (fr) 2007-12-11 2007-12-11 Procede d'authentification d'un utilisateur.
FR0759714 2007-12-11
FR0850367A FR2958821A1 (fr) 2007-12-11 2008-01-21 Procede d'authentification d'un utilisateur
FR0850367 2008-01-21

Publications (2)

Publication Number Publication Date
WO2009080999A2 WO2009080999A2 (fr) 2009-07-02
WO2009080999A3 true WO2009080999A3 (fr) 2009-08-20

Family

ID=40756506

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2008/052280 WO2009080999A2 (fr) 2007-12-11 2008-12-11 Procede d'authentification d'un utilisateur

Country Status (4)

Country Link
US (1) US20100257366A1 (fr)
EP (1) EP2220812A2 (fr)
FR (1) FR2958821A1 (fr)
WO (1) WO2009080999A2 (fr)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8627422B2 (en) * 2010-11-06 2014-01-07 Qualcomm Incorporated Authentication in secure user plane location (SUPL) systems
GB2481663B (en) 2010-11-25 2012-06-13 Richard H Harris Handling encoded information
US10009319B2 (en) 2011-02-07 2018-06-26 Qualcomm Incorporated Methods, apparatuses and articles for identifying and authorizing location servers and location services using a proxy location server
US8738027B2 (en) 2011-02-07 2014-05-27 Qualcomm Incorporated Methods and apparatus for identifying and authorizing location servers and location services
US8935777B2 (en) * 2012-02-17 2015-01-13 Ebay Inc. Login using QR code
HUE032102T2 (en) * 2012-12-07 2017-08-28 Microsec Szamitastechnikai Fejlesztoe Zrt Authentication of system and user with mobile device by means of certificates
FI20135275A7 (fi) * 2013-03-22 2014-09-23 Meontrust Oy Tapahtumien auktorisointimenetelmä ja -järjestelmä
US11683325B2 (en) 2020-08-11 2023-06-20 Capital One Services, Llc Systems and methods for verified messaging via short-range transceiver

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030097444A1 (en) * 2001-11-08 2003-05-22 Santanu Dutta Method and apparatus for authorizing internet transactions using the public land mobile network (PLMN)

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5884158A (en) * 1996-10-15 1999-03-16 Pitney Bowes Inc. Cellular telephone authentication system using a digital certificate
JP3905961B2 (ja) * 1997-11-11 2007-04-18 インターナショナル・ビジネス・マシーンズ・コーポレーション 臨時署名認証の方法及びそのシステム
CN1385051A (zh) * 1999-08-31 2002-12-11 艾利森电话股份有限公司 用于分组数据网络的全球移动通信系统安全性
US6834112B1 (en) * 2000-04-21 2004-12-21 Intel Corporation Secure distribution of private keys to multiple clients
US7207060B2 (en) * 2001-10-18 2007-04-17 Nokia Corporation Method, system and computer program product for secure ticketing in a communications device
GB2401293B (en) * 2002-01-17 2004-12-22 Toshiba Res Europ Ltd Data transmission links
US7366905B2 (en) * 2002-02-28 2008-04-29 Nokia Corporation Method and system for user generated keys and certificates
CN1849632A (zh) * 2003-07-02 2006-10-18 莫比培国际公司 数字移动电话交易和支付系统
US9282455B2 (en) * 2004-10-01 2016-03-08 Intel Corporation System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks
JP4555046B2 (ja) * 2004-10-15 2010-09-29 ヒタチグローバルストレージテクノロジーズネザーランドビーブイ データ転送システム及びデータ転送方法
US20060206710A1 (en) * 2005-03-11 2006-09-14 Christian Gehrmann Network assisted terminal to SIM/UICC key establishment
US7661146B2 (en) * 2005-07-01 2010-02-09 Privamed, Inc. Method and system for providing a secure multi-user portable database
BRPI0615559A2 (pt) * 2005-07-20 2017-09-12 Verimatrix Inc sistema e método de autenticação de usúario de rede
US7958370B2 (en) * 2005-09-29 2011-06-07 Hitachi Global Storage Technologies, Netherlands, B.V. System and device for managing control data
US20100242102A1 (en) * 2006-06-27 2010-09-23 Microsoft Corporation Biometric credential verification framework
US8225096B2 (en) * 2006-10-27 2012-07-17 International Business Machines Corporation System, apparatus, method, and program product for authenticating communication partner using electronic certificate containing personal information
WO2008072211A2 (fr) * 2006-12-14 2008-06-19 Iwics Inc Hiérarchie de gestion de réseau distribué dans un réseau de communications multi-station
US8406428B2 (en) * 2008-12-11 2013-03-26 International Business Machines Corporation Secure method and apparatus to verify personal identity over a network

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030097444A1 (en) * 2001-11-08 2003-05-22 Santanu Dutta Method and apparatus for authorizing internet transactions using the public land mobile network (PLMN)

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MICHIRU TANAKA ET AL: "A Method and Its Usability for User Authentication by Utilizing a Matrix Code Reader on Mobile Phones", INFORMATION SECURITY APPLICATIONS; [LECTURE NOTES IN COMPUTER SCIENCE; LNCS], SPRINGER, vol. 4298, 28 August 2006 (2006-08-28), pages 225 - 236, XP019077665, ISBN: 978-3-540-71092-9 *
STALLINGS W: "Cryptography and Network Security: Principles and Practice. Second Edition", PRENTICE HALL, 1998, NJ, US, pages 309 - 311, XP002490389, ISBN: 0-13-869017-0 *

Also Published As

Publication number Publication date
US20100257366A1 (en) 2010-10-07
EP2220812A2 (fr) 2010-08-25
WO2009080999A2 (fr) 2009-07-02
FR2958821A1 (fr) 2011-10-14

Similar Documents

Publication Publication Date Title
WO2009080999A3 (fr) Procede d'authentification d'un utilisateur
WO2006118829A3 (fr) Prevention de l'acces frauduleux a des comptes d'utilisateurs reseau
CN103581184B (zh) 移动终端访问企业内网服务器的方法和系统
WO2009026049A3 (fr) Appareil et procédé pour authentifier un dispositif réseau
JP2006260538A5 (fr)
WO2012069263A3 (fr) Procédé pour autoriser l'accès à un contenu protégé
WO2017197974A1 (fr) Procédé d'authentification de sécurité basé sur des caractéristiques biométriques, dispositif et équipement électronique
WO2009070430A3 (fr) Dispositif et procédés pour fournir des services d'authentification individualisés dynamiques échelonnables à l'aide de téléphones mobiles
WO2005096701A3 (fr) Systeme et procede d'activation d'autorisation d'un dispositif de reseau utilisant des certificats d'attributs
US20120303830A1 (en) Data processing device and data processing method
WO2008039582A3 (fr) Système et procédé pour sécuriser les applications logicielles
WO2006107542A3 (fr) Systeme et procede pour effectuer une authentification de machine sans mise a jour de titres accreditifs supplementaires
CN1714529A (zh) 具有便利和安全设备注册的基于域的数字权利管理系统
WO2007114866A3 (fr) Procédé d'authentification hors ligne sur un dispositif à ressources limitées
WO2006065973A3 (fr) Systemes et procedes destines a permettre la confiance dans une collaboration federee
WO2008060820A3 (fr) Système et procédé d'authentification d'accès au serveur à distance
WO2009115528A3 (fr) Arrangements d'autorisation de terminal mobile
WO2009112693A3 (fr) Procede d'authentification et de signature d'un utilisateur aupres d'un service applicatif, utilisant un telephone mobile comme second facteur en complement et independamment d'un premier facteur
WO2006137983A3 (fr) Procede et appareil destines a acceder a des donnees numeriques au moyen d'informations biometriques
CN102685086A (zh) 一种文件访问方法和系统
WO2007078332A3 (fr) Authentification de donnees sim facilitant l'acces a un reseau informatique/multimedia
WO2005003907A3 (fr) Procede et dispositif pour authentifier et autoriser un acces utilisateur a un systeme
FR2871007B1 (fr) Deverrouillage securise d'un terminal mobile
WO2007021495A3 (fr) Autorisation d'acces d'un dispositif a des services de reseau dans des reseaux dynamiques
WO2007076248A3 (fr) Procede et dispositif permettant a un demandeur d'acceder a un service

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08864309

Country of ref document: EP

Kind code of ref document: A2

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2008864309

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 12746388

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载