| CPC H04L 9/30 (2013.01) [H04L 9/3263 (2013.01)] | 9 Claims |
|
1. A request verification system, comprising:
an authorization data generation apparatus that includes a first processor and a first memory, stores a certificate including a public key, and is configured to generate and output authorization data for authorizing a providing of a service; and
a verification apparatus that includes a second processor and a second memory, and shares the certificate with the authorization data generation apparatus; and
a computer that includes a third processor and a third memory, wherein
the verification apparatus generates an identification (ID) corresponding to the computer and transmits the ID to the authorization data generation apparatus,
the authorization data generation apparatus generates the authorization data using the ID as optional data included in the authorization data and transmits the authorization data to the computer,
the verification apparatus, in response to receiving a verification request of the authorization data from the computer, verifies the authorization data using the certificate,
the verification apparatus provides, in a case that verification of the authorization data is successful, the service corresponding to the ID included in the authorization data to the computer,
the authorization data generation apparatus generates the authorization data only once using the ID, and
the verification apparatus stores the ID included in the authorization data received in the verification request every time the verification is performed, and rejects a second verification request of second authorization data including a same ID as the ID.
|