JP2019004475A - Authentication under ubiquitous environment - Google Patents

Abstract

To provide a more enhanced service authentication function.SOLUTION: Biological information encrypted on the basis of a public key authentication document is previously stored into equipment (e.g., a smart card, a communication terminal machine or the like) which a user hold or has, and an authentication (primary user authentication) through a biological matching is performed in the equipment. For the user authentication (secondary user authentication) for execution of transaction approval performed in a service provision server, the public key authentication document that is matched to the encrypted biological information is used. As an additional authentication element for enhancing a security of the primary and secondary user authentication, One Time Password, Keystroke, Dynamic Signature, or position information is adapted.SELECTED DRAWING: Figure 1a

Description

  The present invention relates to user authentication and IoT device authentication in a ubiquitous environment including online / offline authentication.

  The contents described in this part merely provide background information according to the embodiment of the present invention, and do not constitute the prior art.

  The use of the Internet of Things (IoT) has been discussed throughout the industry. For example, not only various remote services provided by smart TVs, robot cleaners, car navigation systems, and cloud services that are used by individuals, but also remote management and management of facilities that are difficult for people to access directly, such as dams and nuclear power plants Attempts have also been made to use IoT in control and traffic control systems. However, an IoT device and an IoT system equipped with a communication function and a function for securing and processing data by itself can be a target of a cyber attack because the relationship between the subject and the owner is not clear.

  In particular, the IoT devices that currently constitute the IoT network are generally vulnerable to attacks from the outside because they often have simple computing functions and weak security. Due to the characteristics of the IoT network, there is a possibility that a security vulnerability in a specific field and a cyber attack aimed at this adversely affect other industrial fields.

  In the case of an IoT device equipped with only a simple communication function, it is impossible to individually install and operate security software (SW). Therefore, whether a security hardware (HW) module is built in the IoT device, Or another device such as applying a security solution to the entire system is required. As an example of IoT security becoming a problem, malicious code can be put into an IoT device or network, and important information can be leaked, or it can be forged or altered to damage the system, allowing attackers to control it remotely and freely. The situation is that it will be. In particular, a typical example is that if a terminal infected with a malicious code is connected to a network, it can cause very serious damage. For example, a situation may occur in which an unmanned vehicle, an electric vehicle, or a smart vehicle is remotely controlled to cause an accident, and a medical device in a hospital is malfunctioned to endanger a patient's life.

  In the IoT network, the integrity of the IoT device should be ensured, whether or not a reliable IoT device is connected to the network should be transparent, and whether a legitimate user uses the terminal or the network Must be able to confirm.

  In conventional information protection-related systems, illegal users have acquired legitimate user personal information, passwords (PW), biometric information, etc., and used them for hacking. Another example of vulnerability is that the public key certificate issued by the Certificate Authority (Certificate Authority) does not contain the actual personal authentication information. There was a vulnerability that can be used in. In addition, if you know the stolen authentication information such as ID / PW or biometric information related to the user and remotely access the business system of a company or government organization using a legitimate terminal, there is no problem. There was a problem that the system could be used freely. As long as there is an electronic identification card made of an IC chip of an employee picked up on the road, the problem of physical security is that it is possible to steal photos and use it like a user authorized at a normal company entrance / exit gate. A typical example of the problem. In addition, ID, PW, biometric information, token, OTP, and PKI certificate are not integrated and used as Multi-Factor authentication. Examples of hacking to use are reported in the media.

  Embodiments of the present invention provide a method related to user authentication and IoT device authentication in a ubiquitous environment including online / offline authentication, an apparatus using the same, and an authentication system.

  In at least one embodiment of the present invention, biometric information encrypted based on a public key certificate is stored in advance in an apparatus (for example, a smart card, a communication terminal, etc.) owned or possessed by the user. In the apparatus, user authentication (primary user authentication) is performed via biometric matching. Furthermore, a public key certificate that matches the encrypted biometric information is used for user authentication (secondary user authentication) for transaction approval performed at the service providing server. Further, in at least one embodiment of the present invention, as an additional authentication factor for strengthening the security of primary / secondary user authentication, One Time Password (OTP), Keystroke, dynamic signature (Dynamic Signature), position information, etc. are adopted. Further, in at least one embodiment of the present invention, an authentication mechanism configured by primary user authentication and secondary user authentication is applied when controlling access to the IoT device.

  In at least one embodiment of the present invention, an encryption algorithm defined in a public key certificate is used in a user registration method performed by a portable device held by a user in an authentication management system based on a public key certificate. A user registration method including the steps of encrypting a user's biometric information or a combination of biometric information and storing the encrypted biometric information in a portable device. This method includes a step of generating a biometric code by tokenizing encrypted biometric information or a combination of biometric information, and inserting a verification code including at least a biometric code into an extended field of a public key certificate to form a key pair ( Generating a personal key and a public key). The method further includes the step of transferring the public key to the remote object and requesting user registration.

  In at least one embodiment of the present invention, the public key certificate area represents an additional code obtained from the unique identification information given to the portable device in addition to the biometric code, and a position for requesting user authentication. From the additional code obtained from the position information, the additional code obtained from the unique identification information given to the user, the additional code obtained from the characteristic information representing the behavioral characteristics of the user, and the device identification information given to the IoT device It may further include at least one of the obtained additional codes.

  In at least one embodiment of the present invention, in a user authentication method performed by a portable device held by a user in an authentication management system based on a public key certificate, a verification code including a biometric code is included in the portable device. An encrypted biometric information or a combination of biometric information from which an inserted personal key and biometric code are obtained is stored, and a user authentication method includes: obtaining a user's biometric information or biometric information combination; Comparing the biometric information or a combination of biometric information with at least one of the encrypted biometric information and biometric code stored in advance in the portable device. This method transfers authentication information including a verification code inserted in a personal key to a remote object when the user's biometric information or a combination of biometric information is matched with at least one of the encrypted biometric information and biometric code. And requesting user authentication.

  In at least one embodiment of the present invention, in an authentication management system based on a public key certificate, an authentication management method performed by a remote object connected via a network to a portable device held by a user, the authentication management method includes: Receiving a public key corresponding to the personal key into which the verification code including the biometric code is inserted from the portable device, and performing user registration based on the received public key. Here, the biometric code is obtained from a user's biometric information or a combination of biometric information. The authentication management method includes receiving authentication information including a verification code inserted into a personal key from a portable device, verifying the received authentication information using a public key, and authenticating a user based on the verification result Further included.

  In at least one embodiment of the present invention, an authentication management method performed by a public terminal providing a service and a service providing server for managing the service in an authentication management system based on a public key certificate. The service providing server includes a step of receiving a public key corresponding to a personal key into which a verification code including a biometric code is inserted from a portable device, and performing user registration based on the received public key. Here, the biometric code is obtained from a user's biometric information or a combination of biometric information. In this authentication management method, a public terminal receives authentication information including a verification code inserted into a personal key from a portable device, requests verification using the public key of the received authentication information from the service providing server, and verifies the verification result. And a step of authenticating the user based on the information and a step of providing the service by the public terminal when the user is successfully authenticated.

  According to at least one embodiment of the present invention described above, a more enhanced service authentication function is provided. Encryption stored in a smart card (or communication terminal) using a public key certificate (ie, a biometric certificate) that is encoded or tokenized and inserted into the extended area of the public key certificate It is possible to prevent forgery and alteration of the converted biometric information and electronic signature.

  Furthermore, according to at least one embodiment of the present invention, an accounting system, an electronic payment system, an electronic identification card issued by a government / public institution / financial institution, passport, pension, insurance, transportation card, electronic election, electronic wallet Can be applied to coupons and the like. In this case, even if another person knows simple personal information, card information, biometric information or certified certificate information of a specific user, it is possible to prevent unauthorized use by others.

  Furthermore, according to at least one embodiment of the present invention, it is possible to enhance information protection for remote connection to a business system.

1 is a schematic diagram of a user authentication management system in a ubiquitous environment according to at least one embodiment of the present invention. FIG.

1 is a schematic diagram of a user authentication management system in a ubiquitous environment according to at least one embodiment of the present invention. FIG.

1 is a schematic diagram illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention. 1 is a schematic diagram illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention. 1 is a schematic diagram illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention.

FIG. 2 is a schematic diagram illustrating a hierarchical structure of a smart card according to at least one embodiment of the present invention.

1 is a schematic diagram illustrating a physical configuration of a smart card according to at least one embodiment of the present invention.

FIG. 3 is a functional block diagram of a smart card according to at least one embodiment of the present invention.

It is the schematic for demonstrating the user registration procedure which concerns on the at least 1 Example of this invention.

It is the schematic for demonstrating the user registration procedure which concerns on the at least 1 Example of this invention.

It is the schematic which shows the format of the public key certificate applied to the user authentication management system which concerns on the at least 1 Example of this invention.

It is the schematic which shows the example of the format of the code stored in EV area | region of the public key / private key shown in FIG. 5b, and the example of the format of the authentication information transferred from a smart card.

5 is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention.

5 is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention.

1 is a schematic diagram of a user management system for an IoT device in a ubiquitous environment according to at least one embodiment of the present invention. FIG. 1 is a schematic diagram of a user management system for an IoT device in a ubiquitous environment according to at least one embodiment of the present invention. FIG.

FIG. 6 is a schematic diagram for explaining a device user registration procedure according to at least one embodiment of the present invention.

FIG. 6 is a schematic diagram for explaining a device user registration procedure according to at least one embodiment of the present invention.

FIG. 6 is a schematic diagram for explaining a device user authentication procedure according to at least one embodiment of the present invention.

FIG. 6 is a schematic diagram for explaining a device user authentication procedure according to at least one embodiment of the present invention.

It is the schematic which shows the concept of the ubiquitous authentication system by an online / offline environment.

FIG. 6 is a schematic diagram for explaining a user authentication procedure in an offline environment according to at least one embodiment of the present invention.

6 is a table illustrating exemplary fields of application applicable to at least one embodiment of the invention.

It is the schematic for demonstrating that various biometric information or these combination can be divided and utilized for various uses.

  Hereinafter, embodiments disclosed in the present specification will be described in detail with reference to the accompanying drawings. In assigning reference numerals to constituent elements in each drawing, the same constituent elements are assigned the same reference numerals as much as possible even if they are shown on different drawings. In the description of the embodiments of the present invention, if it is determined that a specific description related to a known configuration or function can diminish the gist of the present invention, the detailed description thereof will be omitted.

  Furthermore, terms such as first, second, A, B, (a), (b) can be used in describing the components of the present invention. Such terms are for distinguishing the constituent elements from other constituent elements, and the essence and order of the constituent elements are not limited by the terms. Throughout the specification, “including” or “comprising” a certain component does not exclude other components but includes other components unless specifically stated to the contrary. It means that you can. In addition, terms such as “unit” and “module” described in the specification mean a unit for processing at least one function or operation, and such a processing unit includes hardware, software, or hardware and software. It is realizable by the combination of. Furthermore, the term “Internet of Things (IoT)” used in the description of the present invention refers to M2M (Machine to Machines), MTC (Machine Type Communications), SDC (Smart Devices) used for each standardization organization. Communication), MOC (Machine Oriented Communications) and the like should be understood.

  FIG. 1a is a schematic diagram of a user authentication management system in a ubiquitous environment according to at least one embodiment of the present invention.

  As shown in FIG. 1a, a user authentication management system includes a certificate authority (CA, 110), a smart card (120, a service providing server (130), an authentication server (140), a communication terminal (150), and A log storage server (160) is included.

  The certificate authority (CA, 110) issues a public key certificate (Public Key Certificate) in which information of the certificate authority (certificate version, expiration date, algorithm, issue period, etc.) is recorded. In the process of user registration, the public key certificate is converted into a public key certificate that matches the user's biometric information. That is, the public key certificate is used to generate a public key / individual key in which a code matching the user's biometric information is inserted. The public key certificate is a public certificate or a private certificate based on Public Key Infrastructure (PKI). A public key certificate is generally issued from a server of a certification authority (CA, 110) by a user, but a secure area of a communication terminal or a smart card (for example, when designing or producing a product) IC chip, Secure Element (SE), Trusted Executed Environment (TEE), OS, CPU, memory, CloudSE, etc.) may be installed in advance.

  The smart card (120) stores a personal key, encrypted biometric data (Encrypted Biometric Data) for comparison with sensed biometric information, and various other information in a built-in biosensor, IC chip or memory. doing. A biometric code generated by encoding (or tokenizing) the encrypted biometric information is inserted into the personal key.

  The smart card (120) encrypts the user's biometric information based on the public key certificate, and encodes (or tokenizes) the encrypted biometric information to generate a biometric code. The smart card (120) inserts the generated biometric code into the public key certificate to generate one key pair (ie, public key and personal key). The biometric code or the personal key is used to verify the integrity of the encrypted biometric information, non-repudiation, and the like, and can be used as a biosignature (BioSignature). it can. The biometric code generated in this way can be used like a token, or can be used in combination with OTP (also called One Time Password, Dynamic Code). Here, the biometric information encoded and inserted into the public key certificate can include registered subscriber's fingerprint information, blood vessel information, voice information, iris information, handwritten information, face information, heart beat, and the like. . The smart card (120) transfers the public key to the service providing server (130) or the authentication server (140), and the service providing server or the authentication server uses the received public key later for the authentication procedure.

  In at least one embodiment of the present invention, the smart card (120) merges and inserts a biometric code obtained by encoding a plurality of different biometric information of a user into a single certificate. For example, fingerprint + iris, face + speech, heartbeat + iris, etc., different types of biometric information, fingerprint 1 (thumb) + fingerprint 2 (index finger), iris 1 (right side) + iris 2 (left side) In this way, combinations of the same type of biological information can be used. When a combination of a plurality of pieces of biometric information is used, the input order of each piece of biometric information (for example, fingerprint 1 → fingerprint 2 → fingerprint 3 or fingerprint → iris) can be added as an authentication factor. In at least one embodiment of the present invention, the smart card may insert different biometric information or combinations of biometric information of users into different public key certificates. In at least one embodiment of the present invention, a code value extracted from a user's physical signature (Hand-write Signature or Dynamic Signature), Key Stroke, biometric information input method, or the like is added to the certificate as an additional authentication factor. can do. In this case, additional authentication of time, speed, direction, pressure, position information, etc., which is a behavior characteristic (or behavior pattern element) for inputting a key signature for a user to input a physical signature or a word or number of a predetermined meaning It can be considered as an element.

  In at least one embodiment of the present invention, the smart card (120) can generate a single key pair by concatenating various additional codes as an additional purpose or authentication factor to the biometric code. For example, the additional code obtained from the unique identification information given to the smart card (120), the additional code obtained from the location information indicating the location where the user authentication (or registration) is requested, and the unique identification given to the user Linking at least one of the additional code obtained from the information, the additional code obtained from the characteristic information indicating the behavioral characteristics of the user, and the additional code obtained from the device identification information given to the IoT device to the biometric code Can do.

  Further, the smart card (120) generates a single key pair (public key / personal key) by inserting a biometric code into a public key certificate, and thereby obtains a plurality of biometric codes from different biometric information or combinations of biometric information. It is possible to generate and insert a plurality of biometric codes into the extended field of the public key certificate in a form separated from each other. Each biometric code can be chained with one or more additional codes as described above. As a result, the personal key and the public key include a plurality of biometric codes in which a plurality of biometric codes or additional codes are chained. In this case, the plurality of biometric codes can be used for different purposes. For example, one of a plurality of biometric codes is designated to perform proper user authentication of the personal key. The remaining biometric code is used to request remote user registration cancellation based on the public key that has already been transferred to notify the use of the private key forced by others. Alternatively, it can be designated to request initialization of an authentication management system managed by an authentication server, a centralized controller, or the like.

  The communication terminal (150) is wired or wirelessly connected to the smart card (120), and responds to a tunneling start signal received from the smart card (120) between the smart card (120) and the service providing server (130). A virtual private network (VPN) is established, and authentication information based on the registered certificate is received from the smart card (120) and transmitted to the service providing server (130). The communication terminal (150) obtains user biometric information, dynamic signature, IoT device identification information, etc. required by the user registration procedure or user authentication procedure for generating the personal key / public key of the smart card (120). It can be used as a means for The communication terminal 150 may include or be connected to one or more biometric sensors, a touch screen, a camera, an MIC, and the like. The communication terminal (150) is not only a communication terminal owned by an individual (for example, a mobile phone, a tablet PC, a desktop computer, a set-up box, etc.) but also a service terminal (ATM, Kiosk, POS) used in the public. Etc.), and should be understood to encompass all devices capable of communicating with remote objects on a communication network.

  The authentication server verifies the authentication information transferred from the smart card (or communication terminal) using the public key acquired in the user registration procedure. For example, the authentication server receives a public key generated by a smart card (or communication terminal) using a public key certificate (Public Key Certificate) in a user registration procedure. The authentication information transferred from the card (or communication terminal) is verified based on the public key.

  The service providing server (130) provides various services such as bank / credit card (Bank / Credit Card) service, Payment service, e-Government service, Cloud service, IoT device linkage service, and Emergency service to authenticated users. Means the service provider's server. The service providing server (130) authenticates the user based on the authentication information received from the smart card via the smart card (or communication terminal). For example, the service providing server can request the authentication server to verify the authentication information and authenticate the user based on the verification result. In at least one embodiment of the present invention, the service providing server and the authentication server can be realized by functional components in one server.

  The log storage server (160) stores log data representing a connection history of the smart card (120) to the service providing server via the communication terminal (150) and an authentication result. The log storage server 160 may record and store an access attempt and a result when the service providing server 130 connects to the certification authority server, the card company server, etc. and confirms information for the user again. it can. Furthermore, the log data storage server (160) also functions as a VPN firewall that monitors the VPN (170) established between the smart card (120) and the service providing server (130) and blocks unauthorized user access. You can also. Further, the log storage server can confirm whether or not the user is a valid user of the electronic wallet, and can issue or print an electronic receipt including the biometric code.

  Data stored in the log storage server (160) can be used for digital forensics. For example, the log data can be used later as confirmation / evidence for user actions. For example, the authentication information transferred from the smart card to the service providing server (130) may include the user's physical signature information. By storing such physical signature information together with log data, It can be output as a printed matter on an electronic receipt or invoice, or can be displayed in an electronic form.

  FIG. 1b is a schematic diagram illustrating a system for identity management in a ubiquitous environment according to at least one embodiment of the present invention.

  Although FIG. 1a shows that the smart card (120) is configured independently of the communication terminal (150), as shown in FIG. 1b, in at least one embodiment of the present invention, the smart card (120) 120) can be integrated into the communication terminal (150). That is, a certificate that matches the user's biometric information can be stored / managed in a secure element (SE: Secure Memory and Execution Environment), CPU, OS, etc. in the communication terminal (150). The Secure Element in the communication terminal (150) can be realized in an IC chip such as a SIM, USIM, microSD card, or NFC card.

  The communication terminal 150 can perform a user authentication procedure using a certificate that matches the user's biometric information without being linked to the smart card. Further, the communication terminal may include various types of biometric sensors for sensing biometric information, and may include appropriate input / sensing means for obtaining device information from the IoT device, or such means. Can be linked with an external device. The communication terminal 150 has features corresponding to various features given to the functions and operations of the smart card described throughout the present invention, unless otherwise specified.

  The communication terminal of FIG. 1b includes a communication terminal owned by an individual (for example, a mobile phone, a wearable device (a watch, glasses, a ring, etc.), a tablet PC, a desktop computer, a set-up box, and the like. It should be understood as a meaning encompassing all devices capable of communicating with remote objects on a communication network.

  2A to 2C are schematic views illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention. 2a to 2c assume a case where the communication terminal of FIG. 1 is realized as a mobile terminal such as a smartphone.

  In at least one embodiment of the present invention, as shown in FIG. 2a, the smart card can communicate with a communication terminal through a small-sized dongle. The dongle can exchange information with the smart card in a contact or non-connection manner. The dongle is connected to, for example, an audio terminal (Audio Jack) or a micro USB terminal of a smartphone. According to such a configuration, the user connects the smart card and the communication terminal so that they can communicate by connecting the dongle to the smartphone and tagging the smart card with the dongle or swiping the smart card. be able to. The dongle preferably provides hardware based encryption for security.

  In at least one embodiment of the present invention, as shown in FIG. 2b, the smart card can be directly communicably connected to a communication terminal using a wireless communication method (eg, NFC, RFID, etc.).

  In at least one embodiment of the present invention, as shown in FIG. 2c, the smart card can be realized as a USB dongle type that can be directly connected to a communication terminal.

  FIG. 3a is a schematic diagram illustrating a hierarchical structure of a smart card according to at least one embodiment of the present invention.

  The physical hierarchy of the smart card includes a CPU, Memory, and I / O Port. Memory is Read Only Memory (ROM), Random-access Memory (RAM), Electrically Erasable Programmable Programmable Read Only Memory (EEPROM), Erasable Programmable ROM (EPROM), ERAM One of them or a combination thereof can be realized. Optionally, the smart card can further include a display and / or one or more biometric sensors. As an option, the smart card may further include a Physical Unclonable Function (PUF) circuit.

  The smart card application hierarchy relates to functional components of the smart card OS or applet. For example, a biometric data acquisition module, a biometric data management module, a biometric authentication module (biometric data management module), and a biometric authentication module (biometric data management module) Biometric Authentication Module), Device Information Acquisition Module (Device Data Acquisition Module), VPN Management Module (VPN Management Module), OTP Generation Module (OTP Generation Module), Key Management Module (KeyMad Module) le) and an authentication processing module (Authentication Execution Module). A description of each functional component will be described later with reference to FIG.

  FIG. 3b is a schematic diagram illustrating a physical configuration of a smart card according to at least one embodiment of the present invention.

  As shown in FIG. 3b, in at least one embodiment of the present invention, the smart card (300) includes an IC chip (301) incorporating a CPU, a memory, an OS, a PUF circuit, etc., and one or more biosensors (303). ), A display (Display, 304).

  The smart card (300) of FIG. 3b is configured to sense at least a part of one or more pieces of biometric information necessary for a user registration procedure and a user authentication procedure from a user using a built-in biometric sensor (303). Is done. The biometric sensor (303) includes a fingerprint recognition sensor, an iris recognition sensor, a voice recognition sensor, a blood vessel recognition sensor, a handwriting recognition sensor, a facial sensor, a heart beat sensor, and a dynamic signature sensor. Can be realized. In particular, the dynamic signature sensor can be coupled to a display (304) that includes a touch screen.

The smart card (300) can display the One Time Password (OTP) generated by the OTP generation module built in the OS, CPU, memory, etc. of the IC chip (301) on the display (304). Furthermore, the smart card (300) can display the following information on the display (304).
-Biometric matching result-Absence of personal key corresponding to input biometric information or combination of biometric information-List of multiple personal keys corresponding to input biometric information or combination of biometric information-Input biometric information or biometric Use of personal key corresponding to combination of information-registered dynamic signature

  FIG. 3c is a smart card functional block diagram according to at least one embodiment of the invention.

  Each component of the smart card shown in FIG. 3c is a functional component combined with a functional component or a physical component that is logically partitioned. That is, since each configuration corresponds to a functional component for realizing the technical idea of the present invention, even if each component is integrated or separated to perform a function, the functional configuration of the present invention is not changed. It should be construed as being within the scope of the present invention if performed, functioning, and feasible, and any component that performs the same or similar function, regardless of its name match or mismatch. Should be construed as being within the scope of

  As shown in FIG. 3c, the functional elements of the smart card are a biometric information acquisition module (311), a biometric information management module (312), a key management module (313), a biometric authentication module (314), a VPN management module (315). ), An authentication processing module (316), a device information acquisition module (318), and an OTP generation module (317).

  The biometric information acquisition module (311) acquires the biometric information of the user through a user registration procedure and a user authentication procedure. In at least one embodiment of the present invention, the biometric information acquisition module (311) can acquire biometric information of a user from a biometric sensor built in the smart card (310). In at least one embodiment of the present invention, the biometric information acquisition module (311) includes biometric information sensed from a communication terminal equipped with a biometric sensor or other external device (eg, ATM, Kiosk, POS, CARD Reader, etc.). Can be earned.

  The biometric information management module (312) encrypts the biometric information acquired by the biometric information acquisition module (311) in the user registration procedure based on the public key certificate, and the encrypted biometric information is a smart card (for example, a smart card). And stored in a memory built in the IC chip, a biosensor built in the smart card, etc.). In at least one embodiment of the present invention, the biometric information management module (312) encrypts and stores a plurality of biometric information for subscribers. For example, fingerprint information for a subscriber's finger can be stored on a smart card, and iris information for the subscriber's eyes can be stored. Furthermore, it is possible to store biometric information of various combinations such as a subscriber's fingerprint + iris and iris + face.

  The key management module (313) encodes (or tokenizes) the biometric information encrypted based on the public key certificate to generate a biometric code, and the generated biometric code is converted into the public key certificate (110). One key pair (individual key, public key) into which the biometric code is inserted is generated. The key management module (313) installs or stores the generated personal key in the Memory, CPU, OS, Application, etc. built in the smart card IC chip, and generates the generated public key in the authentication server (or service providing server). ). In at least one embodiment of the present invention, the key management module 313 may generate a single key pair by concatenating various additional codes as additional purposes or authentication factors to the biometric code. it can. In the following, in order to avoid ambiguity, a public key certificate used to generate a key pair, that is, a public key certificate without a biometric code inserted is referred to as a “Blank Certificate”.

  In at least one embodiment of the present invention, a blank certificate can be pre-installed or stored on the smart card. In other words, at the smart card production / issuance stage, governments, producers, financial operators, service providers, etc. install or store one or more blank certificates in the smart card IC chip, OS, CPU, Memory, etc. in advance. I can keep it. In this case, it is desirable to provide a restriction so that only the organization that issues the smart card (120) can store the certificate on the smart card. In at least one embodiment of the present invention, the smart card can receive a blank certificate from a certificate authority (CA) server via a communication terminal. In at least one embodiment of the present invention, the certificate management module 313 can copy a blank certificate stored in a computer or a communication terminal. For example, the expiration date and purpose of use of the blank certificate may be limited depending on the type and purpose of the service, the service provision period, the reliability of the user, and the like. The expiration date of the blank certificate may be the same as the expiration date of the smart card. Further, the plurality of blank certificates may have different expiration dates, and may be used for different purposes.

  The biometric authentication module (314) compares the biometric information acquired by the biometric information acquisition module (311) with the encrypted biometric information stored in the smart card. Furthermore, the biometric authentication module (314) compares the biometric information acquired by the biometric information acquisition module (311) with the biometric code inserted in the public key certificate stored in the smart card. That is, the biometric authentication module (314) determines whether the biometric information matches the already stored encrypted biometric information and biometric code. In at least one embodiment of the invention, the biometric authentication module (314) is configured to compare only one of the stored stored biometric information or biometric code with the acquired biometric information. May be.

  The VPN management module (315) is responsible for establishing and managing a VPN with a remote entity such as a service providing server, and provides end-to-end encryption and a secure transfer interval. For example, when it is determined that the acquired biometric information matches the already stored encrypted biometric information and biometric code, the VPN management module (315) starts tunneling to establish a VPN with the service providing server. Transfer the signal to the communication terminal. The tunneling start signal can include a destination URL for establishing a VPN. Here, communication terminals are not only communication terminals owned by individuals (for example, mobile phones, tablet PCs, desktop computers, set-up boxes, etc.) but also service terminals (ATM, Kiosk, POS) used in the public. Etc.), and should be understood to encompass all devices capable of communicating with remote objects on a communication network.

  When the biometric information management module (312) manages a plurality of biometric information, the VPN management module (315) has already stored live biometric information input via the biometric information input module (311). A tunneling start signal can be transferred by designating different destination URLs for establishing a VPN depending on which of a plurality of pieces of biometric information is matched. Destination URL provides various services such as bank / credit card (Bank / Credit Card) service, Payment service, e-Government service, Cloud service, IoT device linkage service, Emergency service to authenticated users Means your server. Such a URL can be designated at the smart card manufacturing stage, the certificate issuance stage, or the personal key / public key generation stage. For example, the URL may be inserted into a public key certificate stored in advance on the smart card or stored in the same storage area as the public key certificate. The storage area is preferably an area where data in the IC chip cannot be changed. In at least one embodiment of the present invention, when additionally issuing a new public key certificate with a smart card, a URL associated with the issued public key certificate is received together, or the associated URL is The inserted public key certificate is issued. Such a public key certificate is preferably stored in an area in the IC chip where data can be changed. Furthermore, it is desirable to insert the URL into the personal key / public key in a form merged with the biometric code.

  Furthermore, among a plurality of pieces of biological information, a specific combination of specific pieces of biological information or a combination of pieces of pieces of biological information (in some cases, an order may be given) can be designated as an application for informing a user's emergency situation. For example, a tunneling start signal corresponding to specific biological information can be configured to open a VPN at a preset URL (for example, the Metropolitan Police Department server or the safety management server) in order to notify the user's emergency situation. According to such a configuration, when the user has to perform a user authentication procedure using the smart card (120) forcibly by another person's threat, the specific information set in advance among the plurality of registered biometric information. By using the biometric information, it is possible to transfer the user's emergency status signal to the Metropolitan Police Department server so as not to be noticed by the threatening others. Such emergency status signals can later be utilized as insurance treatment for compulsory use or evidence for litigation.

  When a communication tunnel is established in the service providing server, the authentication processing module (316) transfers authentication information based on the personal key managed by the key management module (313) to the service providing server, and the smart card (120) A process of authenticating that the user is a valid user is performed. The authentication information will be described later with reference to FIG.

  The smart card can further include an OTP generation module (317). The OTP generation module (317) generates a one-time password (One Time Password: OTP) by a method set in advance by the issuing organization of the smart card (120). In at least one embodiment of the present invention, the OTP generated by the OTP generation module (317) is displayed on a smart card display so that a user of the smart card (120) can recognize the OTP generation module (317). The OTP input by the user is transmitted to the authentication processing module (316). In at least one embodiment of the present invention, the one-time password generated by the OTP generation module (317) can be immediately transmitted to the authentication processing module (316) without being displayed on the display. The OTP transmitted to the authentication processing module (316) is transferred to the target terminal together with the authentication information based on the certificate. Thus, it is possible to verify (authenticate) that the smart card (120) is issued by a valid issuing organization. In the prior art in the technical field, a smart card and a separate OTP device are used.

  The smart card (120) may further include a device information acquisition module (318). The device information acquisition module (318) acquires the identification information of the IoT device. The IoT device identification information means device-specific identification information given to each IoT device at the time of production, distribution, or purchase, and more specific contents will be described later with reference to FIG. The device information acquisition module (318) may be a communication terminal (150) or other external device (eg, ATM, Kiosk, POS, CARD Reader) equipped with a sensor embedded in the smart card (120) or one or more sensors. Etc.) can be received from the IoT device identification information.

  FIG. 4a is a schematic diagram for explaining a user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 4a is suitable for the user authentication system having the configuration shown in FIG. 1a. Although FIG. 4a assumes that a public key certificate is stored in advance on the smart card (eg, when the smart card is produced or issued), a new public key certificate is obtained from the certificate authority (CA) server. It can also be received.

  First, the communication terminal acquires the user's biometric information and transmits the acquired user's biometric information to the smart card (S401 to S402). Here, the biometric information can be obtained by using a biosensor built in the communication terminal or using an external biosensor connected to the communication terminal. Unlike the example shown in FIG. 4a, in at least one embodiment of the present invention, the smart card can directly acquire the user's biometric information using a built-in biometric sensor.

  The smart card that has acquired the biometric information of the user encrypts the biometric information of the user based on the public key certificate stored in advance (Pre-stored) or already existing (Pre-existing) (S403). That is, the smart card encrypts the biometric information using an encryption algorithm defined in the public key certificate.

  The smart card encodes or tokenizes the encrypted biometric information to generate a code value (S404). The encoding or tokenization algorithm may be embedded in the smart card application or may be specified in the public key certificate. For example, in at least one embodiment of the present invention, a message reduction algorithm (Message-Digest Algorithm) defined in a public key certificate may be used for encoding or tokenizing. Since the value of the code is information obtained by encoding the user's biometric information based on the public key certificate, it can also be referred to as “Biometric Code” or “Biometric Digital Signature”.

  Next, the smart card generates a single key pair (public key, personal key) by inserting the biometric code into the EV area (Extended Validation Domain) of the public key certificate. That is, a biometric code is inserted into the generated personal key and public key. The personal key is stored in the smart card together with the encrypted biometric information for later use in the user authentication procedure (S405). Although not shown in FIG. 4a, various additional codes generated in the same or similar manner as the biometric code can be chained to the biometric code as an additional authentication factor. For example, in the area of the public key certificate, in addition to the biometric code, an additional code obtained from the unique identification information given to the portable device and an additional information obtained from the location information indicating the location where user authentication is requested Of the code, the additional code obtained from the unique identification information given to the user, the additional code obtained from the characteristic information indicating the behavior characteristic of the user, and the additional code obtained from the device identification information given to the IoT device At least one can be further inserted. The additional code will be described later with reference to FIG.

  Further, the smart card requests the user registration by transferring the public key to the authentication server (or service providing server) via the communication terminal (S406). A public private network (VPN) can be used for transferring the public key. The authentication server registers the user and manages the public key with another secure DB (S407 to S408).

  FIG. 4b is a schematic diagram for explaining a user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 4b is suitable for the user authentication system having the configuration shown in FIG. 1b. Accordingly, the communication terminal of FIG. 4b includes a communication terminal owned by an individual (for example, a mobile phone, a tablet PC, a desktop computer, a set-up box, etc.) and further communicates with a remote object on the communication network. It should be understood as a comprehensive meaning of all possible devices.

  First, the communication terminal requests a certificate authority (CA) server to issue a public key certificate for user registration (S451). Upon receiving the public key certificate issuance request, the server of the certification authority (CA) issues a public key certificate to the communication terminal (S452). Unlike the example shown in FIG. 4a, in at least one embodiment of the present invention, the communication terminal stores a public key certificate in advance (for example, when the communication terminal is produced or sold).

  Next, the communication terminal acquires the user's biometric information (S453). Here, the biometric information can be obtained by using a biometric sensor built in the communication terminal or an external device biometric sensor connected to the communication terminal.

  Next, the communication terminal encrypts the user's biometric information with the issued public key certificate (S454). That is, the communication terminal encrypts biometric information using an encryption algorithm defined in the public key certificate. The encrypted biometric information is stored in the communication terminal for later use in user authentication procedures.

  The communication terminal encodes or tokenizes the encrypted biometric information to generate a code value (ie, biometric code) (S455). The encoding or tokenization algorithm is built into the application of the communication terminal or is specified in the public key certificate. In at least one embodiment of the present invention, a message reduction algorithm (Message-Digest Algorithm) defined in a public key certificate or the like is used for encoding or tokenizing.

  Next, the communication terminal inserts the generated biometric code into the EV area (Extended Validation Domain) of the public key certificate to generate one key pair (public key, personal key) (S456). That is, a biometric code is inserted into the generated personal key and public key. The personal key is stored in the communication terminal for later use in user authentication procedures. Although not shown in FIG. 4a, other additional codes can be generated in the same or similar manner as the biometric code and added as additional authentication to the public key certificate.

  Also, the communication terminal transfers the public key to the authentication server (or service providing server) and requests user registration (S457). A public private network (VPN) can be used for transferring the public key. The authentication server registers the user and manages the public key in a separate secure DB (S458 to S459).

  FIG. 5A and FIG. 5B are schematic diagrams showing a format of a public key certificate (Public Key Certificate) applied to a ubiquitous management system according to at least one embodiment of the present invention.

  A public key certificate (eg, ITU-T standard X.509 certificate of public key infrastructure (PKI)) is a kind of electronic guarantee that makes the other party trustworthy when doing business or transactions on the Internet web. Means. The public key certificate can be issued by a certificate authority designated by a specific government or financial institution, a private certificate authority, a product producer, or a device service provider.

  FIG. 5A shows an example of the format of a public key certificate that has not undergone the user registration procedure. The public key certificate includes a version, serial number, signature algorithm, issuer, expiration date, public key, issuer's electronic signature, and the like. It should be noted that the EV area (Extended Validated Domain) of the public key certificate that has not undergone the user registration procedure is free.

  FIG. 5B shows an example of the format of a public key certificate (public key / personal key) generated from a public key certificate through a user registration procedure. Unlike the example shown in FIG. 5 (a), the biometric information of the user is encoded in the public key certificate that has undergone the user registration procedure or the EV area (Extended Validated Domain) of the public key / personal key generated therefrom. The generated biometric code is inserted. Various additional codes can be linked as additional authentication factors to the biometric code stored in the EV area. A specific additional code will be described later with reference to FIG.

  In at least one embodiment of the present invention, various issuers and public key certificates in various formats can be used. Therefore, the format of the public key certificate into which the biometric code is inserted is not limited to FIGS. 5 (a) and 5 (b). It is not limited to the EV area.

  FIG. 6 is a schematic diagram showing an example of a format of a code stored in the EV area of the public key / private key shown in FIG. 5B and an example of a format of authentication information transferred from the smart card.

  As described above, the body of the biometric code generated by simply coding the biometric information of the user can be stored in the EV area of the public key / private key (see FIG. 6A). It is also possible to store codes constructed by chaining one or more additional codes of various types. For example, in at least one embodiment of the present invention, an additional code (ie, Device Code) encoded (or tokenized) from the identification information of the IoT device owned by the user can be chained to the biometric code (see FIG. 6 (b) and (c)). Here, the identification information of the IoT device means unique identification information given to each IoT device at the time of production, distribution, or purchase. IoT device identification information includes a device number, shipping information, serial number, Electronic Product Code (EPC), Universal Product Code (UPC), Physically Uncundable Function (PUF), Global Shipment The identification information of the IoT device can be collected from Bar Code, QR Code attached to the IoT device in the form of a printed matter, or an electronic element built in the IoT device. The usage of the device code will be described later with reference to FIG.

  In at least one embodiment of the present invention, an additional code encoded (or tokenized) from identification information of a smart card or communication terminal in which a public key certificate is stored can be chained to a biometric code (FIG. 6). (See (d)). Here, the identification information of the smart card or the communication terminal in which the public key certificate is stored includes, for example, Cryptographic Hash Functions Value, Physical Uncundable Function (PUF), Payment Card Number, and the like.

  In at least one embodiment of the present invention, unique identification information (for example, Social Security Number, Personal Accession Number) given to a user for public purposes by a government or a bank, or information related to a user's behavior characteristics Additional code encoded (or tokenized) from (e.g., Key Stroke, Dynamic Signature) can be chained to the biocode. (See (e) and (f) of FIG. 6). Information related to the behavioral characteristics of the user can be obtained through a smart card or a touch screen provided in the communication terminal.

  In at least one embodiment of the present invention, encoded (or tokenized) from communication terminal (or smart card) location information (eg, Global Positioning System (GPS), Group on Earth Observation (GEO) Location) Additional codes can be chained to biometric codes. The additional code is stolen by considering whether it is a transaction action (for example, financial transaction, trust service action, financial settlement, payment service, charge addition) at a position outside the normal transaction position as a cumulative authentication factor. It can be applied to detect and prevent or prove fraudulent transactions due to loss, etc.

  Further, a plurality of additional codes can be linked to the biometric code (see (g) to (i) in FIG. 6). FIG. 6J shows a code in which a plurality of additional codes are chained to the biometric code. The lengths of the biometric code and the additional code in the chained code may be the same or different from each other.

  As an algorithm for generating such an additional code, substantially the same method as that for generating the biometric code can be applied. Furthermore, the data encrypted during the generation process of the additional code (for example, the encrypted dynamic signature) can be stored in the smart card or the communication terminal together with the personal key. The stored encrypted data can be used as an additional authentication means for primary user authentication (based on biometric matching) performed in a smart card or communication terminal.

  FIG. 6J shows an example of a code included in the authentication information transferred to the service providing server in the user authentication procedure. That is, the authentication information includes a code inserted (chained) into the personal key. A detailed description thereof will be described later with reference to FIG. 7a.

  In particular, the code inserted in the personal key / public key and the authentication information transferred from the smart card can have various formats depending on the application and / or the level of security, The combination is not limited. Furthermore, elements other than the authentication elements shown in FIG. 6 can be additionally used.

  FIG. 7a is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 7a is suitable for the user authentication system having the configuration shown in FIG. 1a.

  First, the communication terminal acquires the user's biometric information and transmits the acquired user's biometric information to the smart card (S701 to S702). Here, the biometric information can be obtained by using a biosensor built in the communication terminal or using an external biosensor connected to the communication terminal. Unlike the example shown in FIG. 7a, in at least one embodiment of the present invention, the smart card can directly acquire the biometric information of the user using a built-in biometric sensor.

  Next, the smart card compares the acquired biometric information with the encrypted biometric information stored in the smart card and / or the biometric code inserted into the personal key stored in the smart card (S703). That is, the smart card determines whether the acquired biometric information matches the already stored encrypted biometric information and / or biometric code.

  Next, when the acquired biometric information matches the already stored biometric information and biometric code, the smart card transfers authentication information based on the personal key to the service providing server via the communication terminal. (S704). A virtual private network (VPN) can be used for transferring authentication information. For example, a smart card transfers a tunneling start signal for establishing a VPN with a service providing server to a communication terminal, and the communication terminal responds to the tunneling start signal and the service providing server transmits a VPN between the smart card and the smart card. Open. The smart card transfers authentication information to the service providing server via the established VPN. The tunneling start signal may include VPN destination URL information.

  The service providing server requests the authentication server to verify the received authentication information (S705). The authentication server verifies the authentication information using the public key already registered. The service providing server completes user authentication based on the verification result of the authentication server (S706 to S708).

  On the other hand, the authentication information to be transferred to the service providing server is generated based on a code (see (a) to (i) in FIG. 6) inserted in the personal key stored in the smart card. For example, the authentication information may include a biometric code inserted in the EV area of the public key certificate or the chained code itself (Contain). In at least one embodiment of the present invention, the authentication information includes not only a code inserted in the EV area of the certificate but also an OTP generated by an OTP generator based on software embedded in the smart card ( (See (j) in FIG. 6). Each authentication factor (Biometric Code, OTP, PUF, etc.) can be transferred in an independent form, but can be transferred as a single authentication data in which the authentication factors are chained (Concatenated).

  In at least one embodiment of the present invention, the authentication information transmitted to the service providing server may further include unique information for proving the user's authentication action. The unique information is preferably realized in the form of a bar code that can authenticate the user, an electronic signature of the user (e-Signing), and the like. Further, such a barcode, a user's electronic signature, and the like may be output in a printed matter. The authentication act using the smart card can increase the reliability of the contract between each other by enabling printing in the form of a barcode or signature on a receipt or slip. In at least one embodiment of the present invention, the authentication information transmitted to the service providing server may further include time point information regarding a transfer time point of the authentication information. In at least one embodiment of the present invention, the authentication information transmitted to the service providing server includes time information about user registration time (for example, private key / public key generation time or user registration completion time of the authentication server). , Time Stamp).

  According to such a user authentication procedure, the following user experience (User Experience) can be provided as compared with the conventional technique. For example, assume that a smart card is used to connect to Internet banking. The conventional process of inputting a user ID (Identifier) necessary for connecting to a service providing server that provides an Internet banking service can be replaced with a process of establishing a communication tunnel based on the user's biometric information. . Furthermore, the conventional process of inputting the user's password can be replaced with a process of transferring authentication information including a code inserted into the personal key through the established communication tunnel. Further, the conventional process of inputting the password of the public key certificate can be replaced with a process of comparing the biometric information of the user with the matching information included in the public key certificate. That is, according to at least one embodiment of the present invention, the process of inputting a certificate and a password required by a conventional service providing server can be omitted. In this way, by performing tunneling and authentication processing using a smart card, single sign-on using biometric information can be realized.

  Furthermore, according to the prior art Multi-Factor Authentication, all authentication elements such as ID, password, certificate password, and OTP are managed as objective authentication elements. On the other hand, according to at least one embodiment of the present invention, the encrypted user biometric information, biometric code, and additional code are used as authentication information in a linked form. Therefore, One-Stop, Tap & Pay ubiquitous authentication, and multi-factor authentication with enhanced security can be realized.

  FIG. 7b is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 7b is suitable for the user authentication system having the configuration shown in FIG. 1b.

  First, the communication terminal acquires the user's biometric information (S751). Here, in order to acquire biometric information, a biometric sensor built in the communication terminal can be used, or a biosensor of an external device connected to the communication terminal can be used.

  Next, the communication terminal compares the acquired biometric information with the encrypted biometric information stored in the communication terminal and / or the biometric code inserted into the personal key stored in the communication terminal ( S752). That is, the communication terminal determines whether or not the acquired biometric information matches the already stored encrypted biometric information and / or biometric code.

  Next, if it is determined that the acquired biometric information matches the already stored encrypted biometric information and biometric code, the communication terminal transfers authentication information based on the personal key to the service providing server (S753). . A virtual private network (VPN) can be used for transferring authentication information. For example, a communication terminal establishes a VPN between a service providing server and a smart card, and the smart card transfers authentication information to the service providing server via the established VPN.

  The service providing server requests the authentication server to verify the received authentication information (S754). The authentication server verifies the authentication information using the public key already registered. The service providing server completes user authentication based on the verification result of the authentication server (S755 to 757).

  In the above description, the user authentication method using the personal key / public key into which the biometric code is inserted has been described. In at least one embodiment of the present invention described below, the biometric code of the user and the identification information of the IoT device are associated with each other and utilized for management and control of the IoT device. Hereinafter, at least one embodiment of the present invention relating to an IoT device will be described with reference to FIGS. 8, 9, 10a, and 10b.

  8a and 8b are schematic views of a user management system for an IoT device in a ubiquitous environment according to at least one embodiment of the present invention.

  As shown in FIG. 8a, a plurality of IoT devices (850) having a wired / wireless communication function form an IoT network (800). As described above, the smart card (810) adds the identification information of the IoT device owned by the user in addition to the biometric code when generating the personal key / public key from the public key certificate. A code (i.e., Device Code) can be inserted. According to this, it is possible to prove the ownership relationship between the user and the IoT device by associating the biometric code of the user with the identification information of the IoT device.

  According to at least one embodiment of the present invention, the smart card (810) generates a personal key and a public key in which a biometric code and a device code are inserted, the personal key is stored therein, and the public key is Communicate to the associated IoT device (850). The smart card (810) transfers authentication information based on the personal key to the IoT device (850), and the IoT device (850) verifies the authentication information using the public key, thereby performing user (owner) authentication. It can be carried out.

  On the other hand, in a network covering a predetermined area such as a company, a building, a business site, a Home, or a Car, an IoT device (for example, a home network) that manages (registers, monitors, controls, etc.) various IoT devices connected to the network. Set-up Boxes, Access Points, etc.), i.e., Centralized Controller (830). The central controller 830 can additionally perform the role of a user interface, and can further have a function of providing various integrated services by combining the functions of the respective IoT devices 850. In this case, the smart card (810) transmits the public key corresponding to the individual IoT device (850) to the central control device (830), thereby registering the IoT device (850) on the network and the IoT device (850). It can be used for user (owner) authentication for remote control (Remote Control).

  Furthermore, the smart card (810) transfers the public key to the server (840) of the IoT service provider that provides the IoT service, thereby registering the IoT device on the network and performing remote control of the IoT device (Remote Control). It can be used for user (owner) authentication.

  Furthermore, the smart card (810) is a user (owner) required for registering, changing, or transferring the owner of the IoT device by transferring the public key to the server of the producer / seller of the IoT device (850). Can be used for authentication.

  Furthermore, the smart card transfers a public key associated with each IoT device to a communication terminal (820, for example, a mobile phone), and the communication terminal (820) uses the public key of the IoT device, respectively. It can be used as an integrated remote controller for controlling other IoT devices. For example, the user performs a user authentication procedure (primary authentication) on the communication terminal (820) using a personal key stored in the smart card, and if the primary authentication is successful, the communication terminal without the linkage with the smart card. The individual IoT device or the central control device (830) can be controlled using the public key stored in (820).

  On the other hand, according to at least one embodiment of the present invention, a specific biometric information combination may be used for an application for a reset function of an IoT device or an application for controlling an essential function of an IoT device. it can. For example, a personal key / public key into which code information generated from a combination of specific biometric information is inserted is used for a reset function of the IoT device when the IoT device falls into a state such as failure or control. It can be used in applications for controlling essential functions of IoT devices.

  Meanwhile, the function of the smart card (810) of FIG. 8a can be integrated into the communication terminal (820). That is, according to at least one embodiment of the present invention, as shown in FIG. 8b, the communication terminal 860 generates a personal key and a public key in which a biometric code and a device code are inserted. The communication terminal (860) stores the personal key inside, and the public key is related to the IoT device (850), the server of the IoT service provider (840), the server of the producer / seller of the IoT device, the center It transmits to a control apparatus (830).

  Hereinafter, a user (owner) registration and authentication procedure of the IoT device performed for the central control apparatus will be described with reference to FIGS. 9A to 10B. It is obvious that the same or similar procedures can be performed for individual IoT devices, IoT service provider servers, and IoT device producer / seller servers.

  FIG. 9 a is a schematic diagram for explaining a device user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 9a is suitable for a device user authentication system having the configuration shown in FIG. 8a.

  As an optional pre-procedure, the smart card (810) can be used by a user who performs a device user registration procedure using an already stored encrypted biometric information and / or personal key into which a biometric code is inserted. On the other hand, biometric authentication can be performed. That is, the smart card (810) can be configured to allow device user registration procedures only for registered users.

  First, the communication terminal (820) acquires the user's biometric information, and transmits the acquired user's biometric information to the smart card (810) (S901 to S902). Here, the biometric information can be obtained by using a biometric sensor built in the communication terminal (820) or a biosensor provided in an external device connected to the communication terminal (820). Unlike the example shown in FIG. 9a, in another embodiment, the smart card (810) can directly acquire the user's biometric information using a built-in biometric sensor.

  The smart card (810) encrypts the user's biometric information using a public key certificate that is already stored, and encodes (or tokenizes) the encrypted biometric information to generate a biometric code (S903). ). The encryption and encoding (or tokenization) algorithm may be embedded in the smart card (810) application or may be specified in the public key certificate.

  Next, the smart card (810) acquires device identification data (Device Identity Data) given to the IoT device via the communication terminal (S904 to S905). Here, the device identification information may be a sensor built in the communication terminal (820) or a sensor provided in an external device connected to the communication terminal (820). Unlike the example shown in FIG. 9a, the smart card can also acquire the device identification information directly using a built-in sensor.

  Next, the smart card (810) generates a device code from the device identification information in the same or similar manner as the biometric code (S906). That is, the smart card (810) encrypts the device identification information, and encodes or tokenizes the encrypted device identification information to generate a device code.

  Next, the smart card (810) inserts the biometric code and the device code into an EV area (Extended Validated Domain) of the public key certificate to generate one key pair (public key, personal key). That is, the biometric code and the device code are inserted into the generated personal key and public key. The biometric code and the device code inserted in the personal key and the public key may be in a mutually linked form. The personal key is stored in the smart card (810) together with the biometric information encrypted in the smart card (810) (S907). Although not shown in FIG. 9a, other additional codes generated in the same or similar manner as the biometric code can be used to generate the personal key and public key. It can be added as an additional authentication factor to the EV area of the public key certificate.

  Next, the smart card (810) requests device user registration through the communication terminal while providing a public key to the central controller (S908). A public private network (VPN) can be used for the transfer of the public key. The central controller (830) registers the device user and manages the public key with another secure DB (S909 to S910).

  FIG. 9b is a schematic diagram for explaining a device user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 9b is suitable for a device user authentication system having the configuration shown in FIG. 8b.

  As an optional pre-procedure, the communication terminal (860) performs a device user registration procedure using the already stored encrypted biometric information and / or personal key with the biometric code inserted. Can be biometrically authenticated. That is, the communication terminal 860 can be configured to allow a device user registration procedure only to registered users.

  First, the communication terminal (860) acquires the user's biometric information (S951 to S952). Here, the biometric information can be obtained by using a biometric sensor built in the communication terminal (860) or a biosensor provided in an external device connected to the communication terminal (860).

  The communication terminal (860) encrypts the user's biometric information using a public key certificate already stored, and encodes (or tokenizes) the encrypted biometric information to generate a biometric code ( S953). Encryption and encoding (or tokenization) algorithms may be embedded in the smart card application or may be specified in a public key certificate.

  Next, the communication terminal (860) acquires device identification information given to the IoT device (S954 to S955). Here, for acquiring the device identification information, a sensor built in the communication terminal can be used, or a sensor provided in an external device connected to the communication terminal can be used.

  Next, the communication terminal (860) generates a device code from the device identification information in the same or similar manner as the biometric code (S956). That is, the communication terminal 860 encrypts the device identification information, and encodes or tokenizes the encrypted device identification information to generate a device code.

  Next, the communication terminal (860) inserts the biometric code and the device code into the EV area (Extended Validated Domain) of the public key certificate to generate one key pair (public key, personal key). That is, the biometric code and the device code are inserted into the generated personal key and public key. The biometric code and the device code inserted in the personal key and the public key may be in a mutually linked form. The personal key is stored in the communication terminal (860) together with the encrypted biometric information (S957). Although not shown in FIG. 9a, other additional codes generated in the same or similar manner as the biometric code can be used to generate the personal key and public key. It can be added as an additional authentication factor to the EV area of the public key certificate.

  Next, the communication terminal (860) requests device user registration while providing the public key to the central controller (830) (S958). A public private network (VPN) can be used for transferring the public key. The central controller (830) registers the device user and manages the public key with another secure DB (S959 to S960).

  In the device user registration procedure shown in FIGS. 9a and 9b, a new key pair (a personal key, a private key, a personal key, It was described as generating a public key. However, in another embodiment, a new key pair (personal key, public key) can be generated by additionally inserting a device code into the already stored personal key.

  FIG. 10a is a schematic diagram for explaining a device user authentication procedure according to at least one embodiment of the present invention. The user authentication procedure shown in FIG. 10a is suitable for a device user authentication system having the configuration shown in FIG. 8a.

  First, the communication terminal (820) acquires the user's biometric information and transmits the acquired user's biometric information to the smart card (810) (S1001 to S1002). Here, in order to acquire biometric information, a biometric sensor built in the communication terminal (820) or an external biosensor connected to the communication terminal (820) can be used. Unlike the example shown in FIG. 10a, in another embodiment, the smart card (810) can directly acquire the user's biometric information using a built-in biometric sensor.

  Next, the smart card (810) stores the acquired biometric information in the encrypted biometric information already stored in the smart card (810) and / or the personal key already stored in the smart card (810). It is compared with the biomedical code inserted (Contained) (S1003). That is, the smart card (810) determines whether the acquired live biometric data (Live Biometric Data) matches the already stored encrypted biometric information and / or biometric code.

  Next, when the acquired biometric information matches the already stored encrypted biometric information and / or biometric code, the smart card (810) sends the authentication information based on the personal key to the central controller (830). (S1004). A virtual private network (VPN) can be used for transferring authentication information. For example, the smart card (810) transfers a tunneling start signal for establishing a VPN with the central control unit (830) to the communication terminal (820), and the communication terminal (820) responds to the tunneling start signal in the center. A VPN is established between the control device (830) and the smart card (810), and the smart card (810) transfers authentication information to the central control device (830) via the established VPN.

  The central controller (830) verifies the received authentication information using the public key that has already been registered, and completes device user authentication based on the verification result (S1005 to S1007). In at least one embodiment of the present invention, the central controller (830) requests the IoT service providing server (840) or the authentication server (not shown) to verify the authentication information received from the smart card (810), and Device user authentication can also be completed based on the verification result.

  FIG. 10b is a schematic diagram for explaining a user device authentication procedure according to at least one embodiment of the present invention. The user authentication procedure shown in FIG. 10b is suitable for a device user authentication system having the configuration shown in FIG. 8b.

  First, the communication terminal (860) acquires the user's biometric information (S1051 to S1052). Here, a biometric sensor built in the communication terminal (860) can be used to acquire biometric information, or a biosensor of an external device connected to the communication terminal (860) can be used.

  Next, the communication terminal 860 compares the acquired biometric information with the encrypted biometric information already stored and / or the biometric code contained in the stored personal key (Contained). (S1053). That is, the communication terminal 860 determines whether the acquired biometric information matches the already stored encrypted biometric information and / or biometric code.

  Next, when the acquired biometric information matches the already stored encrypted biometric information and biometric code, the communication terminal (860) sends authentication information based on the personal key to the central controller (830). Transfer (S1054). A virtual private network (VPN) can be used for transferring the authentication information. For example, the communication terminal (860) establishes a VPN with the central controller (830), and transfers authentication information to the central controller (830) via the established VPN.

  The central control device (830) verifies the received authentication information using the already registered public key, and completes the device user authentication based on the verification result (S1055 to S1057). In some embodiments, the central controller 830 requests verification of the received authentication information from the IoT service providing server 840 or the authentication server (not shown), and performs device user authentication based on the verification result. Can also be completed.

  FIG. 11 is a schematic diagram showing the concept of a ubiquitous authentication system in an online / offline environment.

  Although all ubiquitous certifications deal with online certifications, the environment in developing countries does not provide the Internet and minimal communication means in all regions. In addition, temporary online failures may occur due to disasters such as earthquakes, typhoons, floods, blackouts, and heavy snowfall. In order to overcome such temporary and non-temporary restrictions, it is necessary to appropriately supplement the authentication system based on the online environment. For example, service terminals (or public terminals) such as ATM, POS, and Kiosk need to allow minimum cash withdrawal and settlement even in an offline environment. As another example, even if a smart home network is temporarily in an offline environment, it is necessary to allow access authority limited to a centralized controller that centrally manages IoT devices in the home. As another example, a smart car has a network of a plurality of sensors or IoT devices in order to perform functions such as unmanned driving, automatic driving, position information, and navigation on-line. Even when such a smart car is placed in an offline environment, it is necessary to give a limited range of authority (authentication) as compared to the online environment.

  The present invention uses a part of various authentication means such as on-line biometric information (biometric code), PKI, OTP, and the like (for example, cash withdrawal) with a partly limited service with a minimum power in an offline environment. Provide a user authentication method that enables payment for food and beverage purchases, access control, etc. In at least one embodiment of the present invention, the service providing server provides predetermined authentication information (Credentials) or a token (Token) that can be used for user authentication in an offline environment to a user who has completed user registration. For example, the authentication information may be a modified public key derived from a public key received from a smart card or communication terminal held or possessed by the user in the user registration procedure.

  FIG. 12 is a schematic diagram for explaining a user authentication procedure in an offline environment according to at least one embodiment of the present invention. Although FIG. 12 assumes the use of a smart card, the same method is applied when a communication terminal (for example, a smartphone) is used instead of the smart card.

  First, a public terminal in an offline environment (for example, ATM, POS, Centralized Controller, etc.) acquires user biometric information and transmits the acquired user biometric information to a smart card (S1201 to S1202). Here, in order to acquire biometric information, a biosensor built in the public terminal can be used, or an external biosensor connected to the public terminal can be used. Unlike the example shown in FIG. 12, in another embodiment, the smart card can directly acquire the biometric information of the user using the built-in biometric sensor.

  Next, the smart card inserts the acquired biometric information into the encrypted biometric information already stored in the smart card and / or the biometric code (Contained) inserted into the personal key already stored in the smart card. (S1203). That is, the smart card determines whether the acquired live biometric data matches with the already stored encrypted biometric information and / or biometric code.

  Next, when the acquired biometric data matches the already stored encrypted biometric information and / or biocode, the smart card authenticates based on the private key and the service providing server in advance. The authentication information based on the modified public key provided from is transferred to the public terminal (S1204).

  The public terminal in the offline environment performs authentication within a limited range from the online environment without requesting the service providing server to verify the received authentication information. That is, service, transaction, and access authority restricted to a predetermined range are allowed. In some embodiments, the public terminal can verify whether the verification code inserted in the received authentication information is generated based on the same public key certificate.

  Relevant transaction information (ie transaction details or service provision details and associated authentication information) is a secure area such as a smart card and / or a secure element such as a public terminal for later reconciliation of transaction details online. Stored (S1205). Furthermore, the transaction information can be stored in an encrypted state using a personal key / public key.

  When returning to the online environment again, the public terminal transfers the stored transaction information to the service providing server (S1206). The service providing server verifies the authentication information included in the transaction information via the authentication server, and settles the transaction details included in the transaction information based on the verification result (S1207 to S1209).

  FIG. 13 is a table illustrating exemplary fields of application applicable to at least one embodiment of the present invention.

  Although multiple authentication methods can be used for user authentication, information for various purposes such as credit cards + electronic identification cards + electronic passports + driver's licenses should be gradually integrated into smart cards. Can do.

  As shown in the table of FIG. 13, the application fields to which various embodiments of the present invention can be applied can be roughly divided into four areas.

  The term “financial and identification section” refers to online / offline financial transactions and user authentication associated with various types of identification. In order to apply to such fields, smart cards (or communication terminals) are used for electronic identification, pension, medical insurance, electronic wallet, digital money, medical records, driver's license, electronic election, discount coupon (Credit Card). / Debit Card / Cyber Money / E-Wallet / Digital Coupon / Financial Data / National ID / Driver's License / Medical Information / e-Voting / Pensation). Some of the information may be inserted into the EV area of the related service use public key certificate. For example, in the EV area of a public key certificate issued for use in electronic identification, a code representing unique identification information (for example, resident registration number, social security number, etc.) given to an individual is provided. It may be inserted. Further, some information may be stored in advance in the same area as the related public key certificate for service use.

  A physical access area is an application area for the purpose of entry / exit control and the like, and a smart card (or a communication terminal) can serve as an ID badge or an entry / exit card. Use location information (for example, GEO, GIS, GPS information, etc.) of a smart card (or communication terminal) or a code obtained by encoding the same to a personal key / public key for use in such an application area. Can do. The added location information or code can be used as an additional authentication factor for detecting alteration, forgery, etc.

  The single sign-on (SSO Section) area is an authentication function that makes it possible to use resources on several independent software systems in a single user authentication process. In at least one embodiment of the present invention, the authentication and password required by the service providing server (130) are obtained by performing an authentication procedure based on the biometric matching and the personal key / public key into which the biometric code is inserted. The input process can be omitted, and single sign-on (biological single sign-on) can be realized. In at least one embodiment of the present invention, a personal key generated by any communication terminal (for example, a smartphone) owned or possessed by the user is stored in its own Cloud, and the user possesses or possesses it. The personal key can be downloaded and used by other communication terminals (for example, tablet PCs, smart watches, etc.). According to this, it is not necessary to generate a personal key for the same purpose for each communication terminal, and a personal key generated by one communication terminal can be shared by a plurality of communication terminals owned or possessed by the user. it can.

  The device user authentication section (Device User Authentication Section) represents an application area for supporting user authentication for registering an IoT device or controlling access to the IoT device. In the public key / personal key used in such an application area, not only the biometric code but also Device Code in which the identification information of the IoT device is encoded is further inserted. Further, the public key is transmitted to each IoT device, central control device, IoT service server, IoT Vendor server, etc., and used for device user authentication, remote control, and the like.

  FIG. 14 is a schematic diagram for explaining that various biological information or a combination thereof can be used by being divided into various uses. It is a figure for demonstrating that various biological information or these combination can be divided and used for various uses.

  As described above, in at least one embodiment of the present invention, a plurality of biometric information different from each other and / or a combination thereof can be used. For example, FIG. 14 shows an example in which ten pieces of fingerprint information are used for different uses as examples of different types of biological information of the same type. That is, in at least one embodiment of the present invention, the same kind of biometric information is encoded and inserted into one personal key / public key, or a separate personal key / public key is provided for each biometric information. Each can also be generated.

  Furthermore, FIG. 14 illustrates that various combinations of biological information are used in different applications. That is, in at least one embodiment of the present invention, a plurality of combinations of biometric information can be encoded and inserted into one personal key / public key, and a separate key pair (personal key Public key) can also be generated. Furthermore, the input order of biometric information can be given to each combination of the same biometric information.

  On the other hand, in the description of various embodiments of the present invention, encrypted biometric information used for biometric matching is stored in a smart card or a communication terminal in addition to a personal key into which a biometric code is inserted throughout the specification. It was assumed that However, it is not desirable that such features be treated as an essential component in all embodiments of the present invention. For example, in some embodiments, encrypted biometric information is not stored in a smart card or a communication terminal, and only a biometric code inserted into a personal key can be used for biometric matching. Furthermore, in some embodiments, a hash value (Hash Value) of personal biometric information managed by a government agency (for example, an administrative department, an investigation agency, an immigration control department, etc.) can be used. The hash value can be stored in advance in a partial area of the smart card, or can be inserted into the EV area of a public key certificate issued by the related organization. Further, the encrypted biometric information used for biometric matching may be biometric information encrypted by an encryption algorithm defined in a public key certificate, or encrypted using a personal key into which a biometric code is inserted. Biological information may be used. Furthermore, the biometric information encrypted using the public key certificate may be stored together with the personal key in a state of being additionally encrypted with the personal key.

  On the other hand, the above-described method can be realized as a computer-readable code on a computer-readable recording medium. Computer readable recording media include all types of recording devices that store data that can be read by a computer system. That is, computer-readable recording media include magnetic storage media (eg, ROM, floppy disk, hard disk, etc.), optical interpretation media (eg, CD-ROM, DVD, etc.), and carrier waves (eg, Internet). Storage media such as transfer via). Further, the computer-readable recording medium can store and execute a computer-readable code distributed in a networked computer system and distributed.

  As mentioned above, although this invention was demonstrated using embodiment, the technical scope of this invention is not limited to the range as described in the said embodiment. It will be apparent to those skilled in the art that various modifications or improvements can be added to the above embodiment. It is apparent from the scope of the claims that the embodiments added with such changes or improvements can be included in the technical scope of the present invention.

Claims (30)

In the user registration method performed by the portable device held by the user in the authentication management system based on the public key certificate,
Encrypting a user's biometric information or a combination of biometric information using an encryption algorithm defined in the public key certificate, and storing the encrypted biometric information in the portable device;
Generating a biometric code by tokenizing the encrypted biometric information or a combination of biometric information;
Inserting a verification code including at least the biometric code into an extended field of the public key certificate to generate one key pair (including a personal key and a public key);
Transferring the public key to a remote object and requesting registration of the user;
Comprising
User registration method. The verification code further includes an additional code generated by encrypting the unique identification information given to the portable device and tokenizing the encrypted unique identification information.
The user registration method according to claim 1. The verification code further includes an additional code generated by encrypting characteristic information representing the behavior characteristic of the user and tokenizing the encrypted characteristic information.
The user registration method according to claim 1. The verification code further includes an additional code generated by encrypting position information indicating a position where the user authentication is requested and tokenizing the encrypted position information.
The user registration method according to claim 1. The verification code further includes an additional code generated by encrypting the unique identification information given to the user and tokenizing the encrypted unique identification information.
The user registration method according to claim 1. Inserting a biometric code obtained from different biometric information or a combination of different biometric information into a plurality of public key certificates to generate one key pair for each public key certificate,
The user registration method according to claim 1. The plurality of public key certificates have different uses.
The user registration method according to claim 6. The step of generating the one key pair includes:
Generating an additional biological code from biological information or a combination of biological information different from the biological information or combination of biological information used to generate the biological code;
Further inserting an additional verification code including at least the additional biometric code into an extended field of the public key certificate to generate a key pair (including a personal key and a public key);
including,
The user registration method according to claim 1. The additional verification code is designated for use to inform that the use of the personal key is forced by another person.
The user registration method according to claim 8. The additional verification code is designated for use requesting to cancel the user registration based on the public key already transferred.
The user registration method according to claim 8. The additional verification code is designated for an application requesting initialization of an authentication management system managed by the remote object.
The user registration method according to claim 8. In the extended field of the public key certificate, data relating to at least one of an electronic identification card, a driver's license, electronic money, and a medical card is provided as additional information corresponding to the purpose of use specified by the public key certificate. Further including
The user registration method according to claim 1. The extension field of the public key certificate includes URL information of a remote object that transfers the public key.
The user registration method according to claim 1. Further comprising an additional code generated by encrypting the device identification information provided to the IoT device and tokenizing the encrypted device identification information;
The user registration method according to claim 1. Insert a biometric code obtained from different biometric information or a combination of different biometric information and an additional code obtained from device identification information of different IoT devices into a plurality of public key certificates. Generate a key pair,
The user registration method according to claim 14. The public key is transferred using a virtual private network (VPN).
The user registration method according to claim 1. The portable device is a smart card or a mobile communication terminal.
The user registration method according to claim 1. In a user authentication method performed by a portable device held by a user in an authentication management system based on a public key certificate, the portable device obtains a personal key into which a verification code including a biometric code is inserted and the biometric code. Encrypted biometric information or a combination of biometric information is stored, and the user authentication method includes:
Obtaining a user's biometric information or a combination of biometric information;
Comparing the biometric information of the user or a combination of biometric information with at least one of the encrypted biometric information already stored in the portable device and the biometric code;
When the biometric information of the user or a combination of biometric information matches at least one of the encrypted biometric information and the biometric code, authentication information including a verification code inserted in the personal key is transferred to the remote object. Requesting authentication of the user;
Comprising
User authentication method. The verification code inserted into the personal key includes an additional code obtained from unique identification information given to the portable device, an additional code obtained from location information indicating a location where the user authentication is requested, and the user At least one of the additional code obtained from the unique identification information given to the user, the additional code obtained from the characteristic information representing the behavioral characteristics of the user, and the additional code obtained from the device identification information given to the IoT device. Including further,
The user authentication method according to claim 18. The authentication information further includes an OTP generated by an OTP generation module built in the portable device.
The user authentication method according to claim 18. The authentication information further includes information regarding a transfer time point of the authentication information.
The user authentication method according to claim 18. The authentication information further includes information on a location where the user is requested to authenticate,
The user authentication method according to claim 18. The authentication information further includes information related to the generation time of the personal key.
The user authentication method according to claim 18. For the transfer of the authentication information, a virtual private network (VPN) is used.
The user authentication method according to claim 18. The destination URL of the virtual private network is included in the extension field of the personal key.
The user authentication method according to claim 18. The portable device is a smart card or a mobile communication terminal.
The user authentication method according to claim 18. In an authentication management method performed by a remote object connected by a network with a portable device held by a user in an authentication management system based on a public key certificate,
A public key corresponding to a personal key into which a verification code including a biometric code obtained from the biometric information of a user or a combination of biometric information is inserted is received from the portable device, and user registration is performed based on the received public key. Process,
Receiving authentication information including a verification code inserted into the personal key from the portable device, verifying the received authentication information using the public key, and authenticating the user based on a verification result;
Comprising
Authentication management method. In an authentication management method performed by a public terminal that provides a service in an authentication management system based on a public key certificate and a service providing server that manages the public terminal,
The service providing server receives a public key corresponding to a personal key into which a verification code including a biometric code obtained from a user's biometric information or a combination of biometric information is inserted from a portable device, and based on the received public key User registration process,
The public terminal receives authentication information including a verification code inserted into the personal key from the portable device, requests the service providing server to verify the received authentication information using the public key, and Authenticating the user based on the verification results;
If the user authentication is successful, the public terminal provides a service;
Comprising
Authentication management method. The user registration step is for use when the public terminal and the service providing server are in an offline state, and the service providing server generates a modified public key using the public key. And transmitting the modified public key to the portable device,
The authentication management method according to claim 28. When the public terminal and the service providing server are in an offline state, the public terminal receives a verification code inserted into the personal key and a verification code inserted into the modified public key from the portable device. And verifying whether or not the received verification code is generated based on the same public key certificate, and if the verification is successful, providing a service in a limited range from the online status;
When the offline status changes to an online status, the public terminal transmits the verification code and service providing information to the service providing server, the service providing server verifies the verification code, and the service is based on the verification result. The process of producing the provided information;
Further comprising
The authentication management method according to claim 29.