For individual authentication through a network, there is a system using biometric authentication.
For example, there is a system of performing individual authentication using public key information registered in an IC card and biometric information that is digitally signed in association with the information (for example, refer to Patent Document 1).
Further, there is an authentication server and device that performs the individual authentication in accordance with an application policy by selecting a biometric authentication technique that satisfies a safety level such as the acceptance rate of a stranger and the permissible risk that are requested by the application (for example, refer to Patent Document 2).
There is a system that performs the individual authentication by negotiating an authentication policy such as the acceptance rate of a stranger in which the application requires a client and a guarantee of a security level regulated in ISO15408 with an authentication model in accordance with a resource of the client and a privacy policy between the client and the application (for example, refer to Patent Document 3).
There is an identity verification system and device in which a biometric authentication process result that is carried out in an apparatus is digitally signed following a biometric authentication level required by the service using equipment certificates based on the public key information of the equipment connected to the client (for example, Patent Document 4).
There is an individual authentication system and program that decides an interruption of processing a statement of mutual agreement by informing the encrypted biometric information to the server during the agreement process of TLS (Transport Layer Security), decoding and performing biometric collation in the server(for example, refer to Patent Document 5).
Further, information of which a vulnerability problem related to the biometric authentication is evaluated and analyzed is opened to the public (for example, refer to Non-Patent Document 1, Non-Patent Document 2, and Non-Patent Document 3).
[Patent Document 1]Japanese Patent Application Kokai Publication No. 2000-215280
[Patent Document 2]Japanese Patent Application Kokai Publication No. 2003-256360
[Patent Document 3]Japanese Patent Application Kokai Publication No. 2004-348308
[Patent Document 4]Japanese Patent Application Kokai Publication No. 2003-143136
[Patent Document 5]Japanese Patent Application Kokai Publication No. 2003-224562
[Non-Patent Document 1]Nikkei Byte, April 2005 issue, pp 60-67, “Wet Finger and Dry Finger—Practice of First Fingerprint Authentication”
[Non-Patent Document 2]Financial Services Agency, The Japanese Government, Ninth Study Group Relating to Forged Cash Card, Apr. 15, 2005, “About Biometric Authentication in Financial Trading” [search on Feb. 6, 2006], Internet URL
http://www.fsa.go.jp/singi/singi_fccsg/gaiyou/f-20050415-singi_fccsg/02. pdf
[Non-Patent Document 3]The Institute of Electronics, Information, and Communication Engineers (IEICE), Ubiquitous Network, Biometric Security in Society, Proceedings of First Study Presentation of Study Group, Jul. 22 and 23, 2003, pp 43-47, “Analysis Related Threat and Vulnerability in Biometric Authentication”