1. Field of the Invention
This invention relates to an authentication system using an entity device and also to a consolidation apparatus and a program.
2. Description of the Related Art
Authentication technologies are important for authentication of the other end of the line when realizing communications and services by way of networks. Authentication technologies have developed in recent years so as to be able to authenticate not only users of service resources but also equipment terminals, keeping pace with the dissemination of open network environments and the development of federation technologies of distributed service resources.
Normally, authentication technologies are required to rigorously identify or verify the object of authentication. When the object to be authenticated is a person, principal confirmation is required to rigorously confirm the identity of the person.
Biometrics (biometric verification/authentication technologies) is highly promising for applications of confirmation of individuals. Biometrics is a technology of verifying a physical/behavioral characteristic or a property of an individual for matching with the biometric information of the individual that is registered in advance (to be referred to as a biometric template hereinafter) to verify the authenticity of the individual.
Fingerprints, irises, retinas, faces, voices, key strokes, signatures can be used as biometric information among others.
In the biometrics, unlike an existing authentication method such as a password, a user's load is reduced because biometric information of which there is no worrying about a loss or forgetting is utilized. In addition, the biometric information presumes that it is difficult to duplicate the information, and is effective to prevent a user spoofing or the like.
However, with biometrics (to be referred to biometric authentication hereinafter), the outcome of matching can be greatly influenced by the environment of authentication unlike password authentication. The outcome of password authentication indicates that the individual is the right person or not regardless of the environment of authentication. In other words, it indicates that the individual is the right person or not regardless of the touch panel of the keyboard that is used for authentication.
To the contrary, the degree of similarity or the like relative to the biometric template exceeds a predetermined threshold value or not is expressed as the outcome of matching of biometric authentication. However, the degree is significantly influenced by the environment of authentication including the type of biometric information and the precision level of the matching device and can fluctuate. This means that biometric authentication does not give rise to any problem when the authentication system is a stationary system and can secure a predetermined operation environment for the system. However, there may arise a problem that the verifier is required to decide the properness of authentication according not only to the outcome of matching but also to the biometric environment of the requester when the authentication system is an open system where a predetermined operation environment cannot be secured for user.
Authentication systems adapted to use an authentication context such as a biometric authentication context are known to dissolve the above-identified problem (see, inter alia, Koji Okada, Tatsuro Ikeda, Hidehisa Takamizawa, Toshiaki Saisho, “Extensible Personal Authentication Framework using Biometrics and PKI, Pre-Proceedings of the 3rd International Workshop for Applied PKI (IWAP2004)”, pp. 96-107). An authentication context represents a technology by means of which the management entity (entity device) that executes each of the component processes for confirming the identity of a person assures the outcome of the execution to allow the verifier to verify the properness of the execution of the component processes.
Known techniques realized by applying a biometric authentication context include user authentication systems on open networks (see, inter alia, Hidehisa Takamizawa, Koji Okada, Tatsuro Ikeda, Tomoaki Morijiri, “An Online System Using a Biometric Authentication Context” CSS2005, pp. 313-318). This technique can be used by service providers to authenticate service users to whom services are provided by means of a biometric authentication context and provides the advantages (i) and (ii) listed below.
(i) The service user can select the matching device to be used for principal confirmation.
(ii) The service provider can define the authentication policy according to the biometric environment of the user each time of providing a service.
With this technique, it is possible to verify the biometric environment in addition to the outcome of the principal confirmation process using biometric authentication. Thus, it is possible to provide services flexibly depending on the biometric environment of the users. Thus, it is possible to improve the interoperability and convenience.
However, the inventors of the present invention believe that the known techniques realized by applying a biometric authentication context need to be improved in terms of (a) and (b) listed below, although they normally do not give rise to any particular problem.
(a) When a single entity device is provided with a plurality of types of processes defined as principal confirmation processes, it is not possible to determine which combination is to be used.
For example, IC cards that are a type of entity devices include a store-on-card (STOC) type having a processing capability of storing biometric template and a match-on-card (MOC) type having a processing capability of matching and deciding in addition to a processing capability of storing biometric template. Thus, an IC card provided with both an STOC and an MOC capability cannot determine which capability is to be used when a principal confirmation process using the processing capability of storing biometric template is required by a service provider.
(b) Relating to above (a), there is no consolidation apparatus that can handle messages of communications between a service provider on the Internet and an unspecified number of entity devices connected to users' personal computers.
To be more specific, IC cards of the MOC type and those of the STOC type differ from each other not only in terms of processing capability but also in terms of communication protocol for messages of communications that arise in principal confirmation processes. When a consolidation apparatus is provided to handle messages, it is required to grasp the communication protocol for the MOC type and the communication protocol of the STOC type in advance. In other words, relationship between such a consolidation apparatus and the system including such entity devices and one or more than one service providers shows a strong affinity.
As an influence of such a strong affinity, there arise disadvantages as listed below to stakeholders such as entity device developers/venders and service providers.
Entity device developers/venders and service providers develop apparatus and systems of their own brands and install a new communication protocol and a principal confirmation process there. Then, they have to ask consolidation apparatus developers/venders to install the new communication protocol in the consolidation apparatus that consolidation apparatus developers/vendors market. However, it is a time consuming process to persuade consolidation apparatus developers/vendors to update the consolidation apparatus they market.
On the other hand, on the part of consolidation apparatus developers/vendors, it is time consuming to update the consolidation apparatus they market each time a new communication protocol is defined. Additionally, consolidation apparatus developers/vendors are forced to bear a large burden because a variety of versions of consolidation apparatus are released and marketed.
When a service user purchases a new entity device conforming to a new communication protocol in order to be provided with services conforming to the new communication protocol, he or she cannot actually be provided with the services until new consolidation apparatus conforming to the new communication protocol are released.
Because of the above listed disadvantages, there is no consolidation apparatus that can handle messages of communications between a service provider on the Internet and an unspecified number of entity devices connected to users' personal computers as described in (b) above.