In a client-server information processing system, user authentication may be performed to allow a user operating a client to use a service provided by a server. To this end, an information processing system is considered, in which profile data including information about the authentication process is delivered to the client to cause the client to perform at least part of the authentication procedure according to the profile data.
For example, there has been proposed a user authentication method in which a client performs user authentication in response to a request from a server when a user operating the client uses a service provided by the server. In this proposed user authentication method, the client is able to execute plural types of authentication methods, such as password authentication and biometric authentication. The client receives profile data specifying the type of authentication method and an authentication level requested by the server, from the server, and performs the user authentication according to the profile data. The client sends, to the server, the result of the user authentication, the profile data used in the user authentication, and a signature for detecting falsification of the profile data. The server verifies whether the client has performed appropriate user authentication according to proper profile data, on the basis of the information received from the client.
In this connection, there has been proposed a service use permission system for achieving an appropriate authentication level by combining a plurality of authentication methods, such as password authentication, Integrated Circuit (IC) card authentication, and biometric authentication. In the proposed service use permission system, information associating a service identifier with a requested authentication level and information associating an authentication level with a combination of plural authentication methods are stored in advance. When a certain service is desired for use, this proposed service use permission system determines an authentication level requested for the service, finds a combination of authentication methods for satisfying the determined authentication level, and performs the user authentication with the found combination of authentication methods.
Further, there has been proposed a Web authentication system that enables a login to a website from a portable terminal. In the proposed Web authentication system, the portable terminal obtains an authentication ticket including a random authentication number and the address of the website from the Web server. When logging into the website, the portable terminal attaches a signature of the portable terminal to the authentication ticket and sends the authentication ticket to the Web server. The Web server authenticates the portable terminal on the basis of the signature and authentication number.
Still further, there has been proposed a service providing method in which a server provides a service for a user authenticated by another server. In the proposed service providing method, the server stores, in advance, relation information indicating a relation between the server and the other server. The server receives role information indicating the role of the user from a terminal device used by the user, and determines the content of the service to be provided for the user, on the basis of the role information and relation information.
Please see, for example, Japanese Laid-open Patent Publication Nos. 2004-178408, 2008-117326, 2011-170795, and 2013-182460.
An information processing system is considered, in which a client application is installed in an information processing apparatus used by a user, and the client application performs at least part of an authentication procedure according to profile data of a server.
If the profile data has been falsified, there is a risk that an unauthorized user is authorized as an authorized user by error due to a low authentication level. Also, there is another risk that the client application is led to an unauthorized server. To avoid these risks, there is considered a method of confirming the validity of the profile data using a signature or the like, as described earlier, in order to certainly perform an appropriate authentication procedure according to proper profile data.
However, to certainly perform the appropriate authentication procedure according to proper profile data, not only the validity of the profile data itself but also the validity of the client application used by the user needs to be confirmed. This is because an unauthorized client application may conceal an inappropriate authentication procedure performed according to falsified profile data.
With regard to the validity of the client application, for example, there is considered a method of developing a client application including a signature for each service provider (for example, for each server address) and supplying the client application including the signature to users. However, preparing a client application including a signature for each service provider increases the development cost and operating cost of the client application.