-
公开(公告)号:US10523446B2
公开(公告)日:2019-12-31
申请号:US14934261
申请日:2015-11-06
Inventor: Ayaka Ichijo , Manabu Maeda , Yuji Unagami
Abstract: Upon receiving a new CRL, a device with a large storage capacity in an authentication system detects another device connected to a controller to which this device is connecting, and determines whether or not to transmit the new CRL depending on the magnitude of the storage capacity of the device that has been detected.
-
公开(公告)号:US10440021B2
公开(公告)日:2019-10-08
申请号:US15358283
申请日:2016-11-22
Inventor: Yuji Unagami , Manabu Maeda , Tomoki Takazoe , Yoichi Masuda , Hideki Matsushima
Abstract: A first controller generates a first group key, executes first mutual authentication with devices within a group, and shares a first group key with devices that have succeeded in authentication. At least one controller within the group decides a coordinator that manages a group key used in common in the group, from controllers including a second controller newly joined in the group. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator. The coordinator performs encrypted communication within the group using the first group key. The coordinator generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executes third mutual authentication with the devices and controllers within the group, and updates the group key of the devices and controllers that have succeeded in authentication to the second group key.
-
公开(公告)号:US10116454B2
公开(公告)日:2018-10-30
申请号:US14930034
申请日:2015-11-02
Inventor: Tomoyuki Haga , Motoji Ohmori , Natsume Matsuzaki , Hideki Matsushima , Yuji Unagami , Manabu Maeda , Yoshihiro Ujiie
Abstract: In an authentication method according to the present disclosure, (1) a device transmits device history information with a CRL added thereto (hereinafter, device history information with added CRL) to a controller, (2) the controller transmits the device history information with added CRL to a server, and (3) if the version of the CRL included in the device history information with added CRL is older than the version of the CRL stored on the server, the server judges that the controller is unauthorized.
-
公开(公告)号:US09729332B2
公开(公告)日:2017-08-08
申请号:US14726633
申请日:2015-06-01
Inventor: Yuji Unagami , Motoji Ohmori , Natsume Matsuzaki , Hideki Matsushima , Tomoyuki Haga , Manabu Maeda , Yoshihiro Ujiie
CPC classification number: H04L9/3268 , G06F21/33 , G06F21/44 , H04L63/0823
Abstract: An authentication system according to the present disclosure includes a first controller connected to a first server via a first network, a second controller connected to a second server via a second network, and a device. The device compares a next issue date described in a first certificate revocation list acquired from the first controller and an issue date described in a second certificate revocation list acquired from the second controller thereby determining whether the first controller is invalid or not.
-
公开(公告)号:US09699185B2
公开(公告)日:2017-07-04
申请号:US14604964
申请日:2015-01-26
Inventor: Ayaka Ichijo , Motoji Ohmori , Manabu Maeda , Yuji Unagami
CPC classification number: H04L63/0876 , G06F21/30 , G06F21/44 , H04W12/06
Abstract: A server holds correspondence information in which a device identifier of a device for which an authentication process is successful and area network information concerning an area network including a controller are associated with each other. In the case where the authentication process is successful, the device holds area network information concerning an area network including a controller for which authentication is successful. In response to a connection request from a new device, the server checks whether an identifier of the new device is registered in the correspondence information. If the identifier is registered, the server determines whether the area network information associated with the identifier matches the area network information held by the new device. If the pieces of information do not match, the server detects the new device as an unauthorized device.
-
Patent Agency Ranking
公开(公告)号:US11792023B2
公开(公告)日:2023-10-17
申请号:US17270378
申请日:2019-05-10
Inventor: Tomoki Takazoe , Yoichi Masuda , Kenji Yasu , Yuji Unagami
CPC classification number: H04L9/3268 , H04L9/30
Abstract: A GM acquires a first certificate revocation list designating revoked public key certificates and distributed from a certificate authority server. The GM generates a second certificate revocation list produced by extracting information on a plurality of home electric appliances from the first certificate revocation list. The GM restricts communication with a device for which the public key certificate is revoked, by distributing the second certificate revocation list generated to the plurality of home electric appliances.
-
公开(公告)号:US10992667B2
公开(公告)日:2021-04-27
申请号:US16552445
申请日:2019-08-27
Inventor: Yuji Unagami , Manabu Maeda , Tomoki Takazoe , Yoichi Masuda , Hideki Matsushima
Abstract: A first controller generates a first group key, executes first mutual authentication with devices within a group, and shares the first group key with the devices that have succeeded in first mutual authentication. When a second controller joins the group, the first controller decides a coordinator that manages a group key used in common in the group. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator when the second mutual authentication is successful. The coordinator performs encrypted communication within the group using the first group key, generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executes third mutual authentication with the devices and a third controller, and updates the first group key of the devices and the third controller that have succeeded in the third authentication.
-
公开(公告)号:US10951400B2
公开(公告)日:2021-03-16
申请号:US16511293
申请日:2019-07-15
Inventor: Yuji Unagami , Manabu Maeda , Hideki Matsushima , Tomoki Takazoe , Yoichi Masuda
Abstract: An authentication method for a group of devices connected to a network includes selecting the first controller as a coordinator, the coordinator being configured to manage a group key to be used in common in the group. The method includes generating the group key, and performing first mutual authentication and second mutual authentication. The method also includes sharing the group key with each device for which the first mutual authentication has been successful, and sharing the group key with each second controller for which the second mutual authentication has been successful. The method further includes encrypting transmission data by using the group key to generate encrypted data, generating, authentication data by using the group key, and simultaneously broadcasting a message to each device for which the first mutual authentication has been successful and each second controller for which the second mutual authentication has been successful.
-
公开(公告)号:US10764275B2
公开(公告)日:2020-09-01
申请号:US15753148
申请日:2016-08-04
Inventor: Tomoki Takazoe , Yoichi Masuda , Hideki Matsushima , Yuji Unagami
Abstract: A new controller (supporting device authentication) is a controller which performs encrypted communication with a device which has succeeded in mutual authentication using an electronic certificate, and the controller includes: a determining unit that determines whether or not a communication target device with which communication is to be performed is an authentication support device that supports the mutual authentication; a functional restriction unit that, when the communication target device is determined not to be the authentication support device by the determining unit, imposes a functional restriction on one or more functions of the communication target device which are operable by the new controller (supporting device authentication); and a communication unit which performs communication in plain text with the communication target device with the functional restriction imposed by the functional restriction unit.
-
公开(公告)号:US10609027B2
公开(公告)日:2020-03-31
申请号:US15322279
申请日:2015-05-27
Inventor: Yoichi Masuda , Tomoki Takazoe , Manabu Maeda , Yuji Unagami
Abstract: A communication system, including: a NW management device which (i) forms a network together with an authenticated target device, and (ii) manages the network by delivering a session key for use in communication in the network to the authenticated target device; and a device authenticated by the NW management device, wherein the NW management device: determines whether or not to permit the device to be an alternative management device which manages the network in replace of the NW management device when communication is impossible in the network; shares, with the device, authentication information about the authenticated target device, when permitting the device to be the alternative management device; and the device shares the authentication information with the NW management device, and starts managing the network using the authentication information as the alternative management device when determining that the NW management device cannot communicate in the network.
-
-
-
-
-
-
-
-
-
Search Results
15
records
(took 0.017 seconds)
