KR100755025B1 - Wireless-data certification system for communication - Google Patents

Wireless-data certification system for communication Download PDF

Info

Publication number
KR100755025B1
KR100755025B1 KR1020060018926A KR20060018926A KR100755025B1 KR 100755025 B1 KR100755025 B1 KR 100755025B1 KR 1020060018926 A KR1020060018926 A KR 1020060018926A KR 20060018926 A KR20060018926 A KR 20060018926A KR 100755025 B1 KR100755025 B1 KR 100755025B1
Authority
KR
South Korea
Prior art keywords
communication
channel
authentication
wireless
data communication
Prior art date
Application number
KR1020060018926A
Other languages
Korean (ko)
Inventor
문동원
Original Assignee
(주)유브릿지
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)유브릿지 filed Critical (주)유브릿지
Priority to KR1020060018926A priority Critical patent/KR100755025B1/en
Priority to PCT/KR2007/000987 priority patent/WO2007097601A1/en
Application granted granted Critical
Publication of KR100755025B1 publication Critical patent/KR100755025B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Abstract

A system for certificating wireless-data communication is provided to increase a security level by performing a certification process through local area communication. A system for certificating wireless-data communication includes a data communication channel, a certification channel, a master device(100), and a slave device(200). The data communication channel communicates with two-way data between wireless communication devices. The certification channel performs a certificating process for being connected between the wireless communication devices. The master device(100) has a first communication unit and a second communication unit. The first communication unit communicates at a long distance of over 1 meter between the master device(100) and the slave device(200) through the data communication channel. The second communication unit communicates at a short distance of under 1 meter between the master device(100) and the slave device(200) through the certification channel. The slave device(200) has a third communication unit and a fourth communication unit. The third communication unit communicates at a long distance of over 1 meter between the master device(100) and the slave device(200) through the data communication channel and the master device(100). The fourth communication unit communicates at a short distance of under 1 meter between the master device(100) and the slave device(200) through the certification channel.

Description

무선데이터 통신인증시스템{Wireless-data Certification System for Communication}Wireless-data Certification System for Communication

도 1은 본 발명의 일실시예에 따른 통신인증시스템을 도시한 블럭도.1 is a block diagram showing a communication authentication system according to an embodiment of the present invention.

도 2는 본 발명의 다른 실시예에 따른 통신인증시스템을 도시한 블럭도.2 is a block diagram showing a communication authentication system according to another embodiment of the present invention.

도 3은 본 발명에 따른 통신인증과정을 나타내는 순서도.3 is a flow chart showing a communication authentication process according to the present invention.

<도면의 주요부분에 대한 부호의 설명><Description of the symbols for the main parts of the drawings>

100 : 마스터장치 200 : 슬레이브장치100: master device 200: slave device

본 발명은 근거리 통신방식의 인증채널을 통해 공유키의 입력 없이 인증절차가 이루어지도록 하는 무선데이터 통신인증시스템에 관한 것으로 더욱 상세하게는 무선 데이터 통신하는 마스터장치 및 슬레이브장치 간에 연결 설정을 위한 인증채널을 마련하고 상기 인증채널을 통해 근거리 통신할 수 있는 제 2통신수단과 제 4통신수단을 각각 장착함으로써 공유키의 입력 없이 근거리 통신으로 인증절차가 이루어질 수 있도록 하는 무선데이터 통신인증시스템에 관한 것이다.The present invention relates to a wireless data communication authentication system for performing an authentication procedure without input of a shared key through an authentication channel of a short range communication method. More particularly, the present invention relates to an authentication channel for establishing a connection between a master device and a slave device for wireless data communication. And a second communication means and a fourth communication means capable of performing short-range communication through the authentication channel, respectively, so that the authentication procedure can be performed by short-range communication without input of a shared key.

본 발명에서의 근거리 통신이라 함은 원거리 통신의 상대적인 개념으로서 보 통 1미터 이내에 통신이 이루어지는 것으로 정의하며, 원거리 통신은 상대적으로 근거리 통신보다 다소 먼 거리에서 통신이 되는 것을 의미한다. Short-range communication in the present invention is a relative concept of the long-distance communication is defined as the communication is usually within 1 meter, the long-distance communication means that the communication at a relatively far distance than the relatively short distance communication.

일반적으로 무선통신 기기 간의 통신을 위해 연결하는 과정에는 보안을 위해 암호화나 인증절차를 거치게 된다. In general, the connection process for communication between wireless communication devices undergoes encryption or authentication for security.

예를 들면, 무선랜의 경우 액세스포인트(AP)와 단말기 간에 공유비밀키 인증(Shared Key authentication)을 이용한다. 구체적으로는, 단말기가 관련 공유키를 알고 있다는 것을 증명함으로써 이루어진다.For example, in the case of a wireless LAN, shared key authentication is used between an AP and a terminal. Specifically, this is done by proving that the terminal knows the associated shared key.

이에 따라 액세스포인트에 연결하고자 하는 노트북 또는 PDA 등의 단말기를 통해 공유키를 입력하여 인증이 이루어짐으로써 무선 통신이 가능하게 된다.Accordingly, wireless communication is possible by inputting a shared key through a terminal such as a notebook or PDA to be connected to an access point.

또한 블루투스 통신기기간의 경우 목적하는 통신기기를 조회하고 패킷을 수신하여 조회스캔 한 다음 목적하는 통신기기에 의한 공유키 입력요구에 따라 입력이 완료되면 기기간 무선 통신이 가능하게 된다. In addition, in the case of Bluetooth communication devices, the target communication device is inquired, the packet is received and scanned, and then the wireless communication between the devices is possible when the input is completed according to the shared key input request by the target communication device.

물론 블루투스 통신기기간에 휴대폰과 헤드셋의 경우와 같이 사용자인터페이스(UI)수단이 없거나 암호 또는 보안의 필요성이 상대적으로 작은 경우 이러한 공유키 입력과정이 생략되나, 이와 같이 인증기능을 제공하지 않을 경우 블루투스 규약에 위배되지는 않지만 공공장소 등에서 해당기기를 사용할 때 다른 블루투스 기기를 통해 접속을 시도할 경우에 이를 막을 방법이 없다는 문제점이 있다.Of course, if there is no user interface (UI) means or the need for a password or security is relatively small, such as a mobile phone and a headset during the period of the Bluetooth communication, this shared key input process is omitted, but if the authentication function is not provided in this way, the Bluetooth protocol Although not in violation of the above, there is a problem in that there is no way to prevent this when trying to connect through other Bluetooth devices when using the device in a public place.

이에 따라 상기 AP와 노트북 또는 PDA의 경우나 블루투스 통신기기의 경우에 인증절차가 요구될 경우 공유키의 입력이 필수적으로 수반되며 이에 따라 매번 사용자의 공유키 입력에 따른 불편을 감수하여야 했다.Accordingly, when the authentication procedure is required in the case of the AP, the notebook or the PDA, or the Bluetooth communication device, the input of the shared key is necessarily accompanied, and accordingly, the user has to bear the inconvenience of inputting the shared key every time.

또한 공유키를 잊어버린 경우에는 무선 통신 자체가 불가능하게 됨에 따라 안전하고 편리한 인증시스템의 개선이 요구된다. In addition, if the shared key is forgotten, wireless communication itself becomes impossible, and thus, a safe and convenient authentication system is required to be improved.

본 발명은 상기의 문제점을 해결하기 위해 안출된 것으로서 원거리 데이터 통신하는 마스터장치 및 슬레이브장치 간에 연결 설정을 위한 인증채널을 마련하고 상기 인증채널을 통해 근거리 통신할 수 있는 제 2통신수단과 제 4통신수단을 각각 장착함으로써 공유키의 입력 없이 근거리 통신으로 인증절차가 이루어질 수 있도록 하는 무선데이터 통신인증시스템 및 그 방법을 제공함에 그 목적이 있다.The present invention has been made to solve the above problems, and the second communication means and the fourth communication to establish an authentication channel for establishing a connection between the master device and the slave device for remote data communication and to perform short-range communication through the authentication channel. It is an object of the present invention to provide a wireless data communication authentication system and method for enabling authentication to be performed in short-range communication without inputting a shared key.

본 발명은 상기의 목적을 달성하기 위해 아래와 같은 특징을 갖는다.The present invention has the following features to achieve the above object.

본 발명은 무선통신장치 간의 연결 설정을 위한 인증시스템에 있어서,The present invention provides an authentication system for establishing a connection between wireless communication devices.

양 무선통신장치 간의 쌍방향 데이터 통신을 하는 데이터 통신채널과; 상기 양 무선통신장치 간의 연결 설정을 위해 인증절차를 수행하기 위한 인증채널과; 상기 데이터 통신채널을 통해 원거리통신을 하기 위한 제 1통신수단과 인증채널을 통해 근거리통신을 하기 위한 제 2통신수단을 탑재하는 마스터장치; 및 상기 마스터장치와 데이터 통신채널을 통해 원거리통신을 하기 위한 제 3통신수단과 인증채널을 통해 근거리통신을 하기 위한 제 4통신수단을 탑재하는 슬레이브장치;를 포함하여 구성된다.A data communication channel for bidirectional data communication between both wireless communication devices; An authentication channel for performing an authentication procedure for establishing a connection between the two wireless communication devices; A master device equipped with a first communication means for long-distance communication through said data communication channel and a second communication means for short-range communication via an authentication channel; And a slave device having a third communication means for long-distance communication through the data communication channel with the master device and a fourth communication means for short-range communication through the authentication channel.

또한 상기 데이터 통신채널은 무선랜통신, 블루투스통신 또는 지그비통신 중 선택되는 어느 하나이며, 상기 인증채널은 알에프아이디통신, 원와이어통신 또는 적외선통신 중 어느 하나이다.In addition, the data communication channel is any one selected from the wireless LAN communication, Bluetooth communication or ZigBee communication, the authentication channel is any one of RF ID communication, one-wire communication or infrared communication.

아울러 상기 인증채널로 알에프아이디통신을 하기 위해 슬레이브장치에는 제 4통신수단으로 알에프아이디 태그가 부착되고, 마스터장치에는 제 2통신수단으로 알에프아이디 리더기가 탑재된다.In addition, an RFID tag is attached as a fourth communication means to a slave device and an RFID reader is mounted as a second communication means in the master device for RF ID communication through the authentication channel.

이하 본 발명에 따른 하나의 바람직한 실시예를 첨부 도면을 참조하여 자세히 설명한다. Hereinafter, one preferred embodiment according to the present invention will be described in detail with reference to the accompanying drawings.

도 1은 본 발명의 일실시예에 따른 통신인증시스템을 도시한 구성도이도, 도 2는 본 발명의 다른 실시예에 따른 통신인증시스템을 도시한 구성도이며, 도 3은 본 발명에 따른 통신인증과정을 나타내는 순서도이다.1 is a block diagram showing a communication authentication system according to an embodiment of the present invention, Figure 2 is a block diagram showing a communication authentication system according to another embodiment of the present invention, Figure 3 is a communication according to the present invention This is a flowchart showing the authentication process.

도면을 참조하면, 본 발명에 따른 인증시스템은 크게 무선통신장치 간에 데이터 통신이 이루어지도록 하는 데이터 통신채널과, 무선통신장치 간에 데이터 통신을 위한 연결 설정과정인 인증과정이 이루어지도록 하는 인증채널과, 상기 데이터 통신채널과 인증채널을 통해 통신 및 인증 가능하도록 제 1통신수단과 제 2통신수단이 탑재된 마스터장치(100) 및 제 3통신수단과 제 4통신수단이 탑재된 슬레이브장치(200)로 구성된다.Referring to the drawings, the authentication system according to the present invention includes a data communication channel for large data communication between the wireless communication device, an authentication channel for the authentication process that is a connection setting process for the data communication between the wireless communication device is performed; To the master device 100 equipped with the first communication means and the second communication means and the slave device 200 equipped with the third communication means and the fourth communication means so as to be able to communicate and authenticate through the data communication channel and the authentication channel. It is composed.

여기서 상기 데이터 통신채널은 무선랜 통신채널, 블루투스 통신채널 또는 지그비 통신채널인 것이 바람직하며, 상기 각각의 통신채널에 따라 마스터장치(100) 및 슬레이브장치(200)에 장착되는 제 1통신수단 및 제 3통신수단이 달라지게 됨은 물론이다.Preferably, the data communication channel is a wireless LAN communication channel, a Bluetooth communication channel or a Zigbee communication channel, and the first communication means and the first communication means mounted on the master device 100 and the slave device 200 according to the respective communication channels. Of course, the communication means will be different.

예를 들어 상기 데이터 통신채널이 무선랜 통신채널인 경우 슬레이브장치 (200)는 액세스포인트(AP)가 될 수 있으며, 마스터장치(100)는 이에 접속하여 무선 데이터 통신을 하고자 하는 정보단말기가 해당될 것이다. For example, when the data communication channel is a wireless LAN communication channel, the slave device 200 may be an access point (AP), and the master device 100 may access an information terminal for wireless data communication by connecting thereto. will be.

각 통신채널에 따라 장착되는 제 1통신수단및 제 3통신수단은 양 무선통신장치가 선택된 통신채널에 따라 무선데이터 통신이 가능한 것이면 본 발명의 범주에 벗어나지 않으며, 상기 각 통신채널에 따라 무선데이터 통신 가능하도록 하는 통신모듈에 관해서는 공지된 사항이므로 설명은 생략하도록 한다.The first communication means and the third communication means mounted according to each communication channel do not deviate from the scope of the present invention as long as both wireless communication devices are capable of wireless data communication according to the selected communication channel, and the wireless data communication according to each communication channel. The communication module to enable it is a well-known matter, so description thereof will be omitted.

한편 상기 인증채널은 상기 양 무선통신장치가 데이터통신 하기 이전에 연결 설정하는 단계에서 보안을 위한 인증절차를 수행하기 위해 별도로 구비되는 통신채널로서 종래에는 데이터 통신채널과 인증채널을 분리해 구비하지 않고 동일한 통신채널을 이용하였다.Meanwhile, the authentication channel is a communication channel that is separately provided to perform an authentication process for security in the step of establishing the connection before the data communication between the two wireless communication devices. Conventionally, the authentication channel is not provided separately from the data communication channel. The same communication channel was used.

이에 따라 인증절차를 거치도록 설정된 경우에는 매번 공유키 등의 입력과정이 필요하여 사용의 불편함을 초래하였고 이를 제거하기 위해 인증절차를 거치지 않을 경우에는 보안이 위협되는 난점이 있었다.Accordingly, when it is set to go through the authentication process, input process such as shared key is required every time, resulting in inconvenience of use, and when there is no authentication process to remove it, there is a difficulty that security is threatened.

따라서 본 발명은 이를 개선하여 상기 데이터 통신채널과 인증채널을 별도로 두어 원거리 통신이 가능한 데이터 통신채널을 이용하기 이전에 1m이내의 근거리 통신방식을 이용하는 인증채널을 통해 양 기기 간을 소정거리 이내에 잠시 접촉시키는 것으로 인증절차를 완료할 수 있게 된다. Accordingly, the present invention improves this and makes a short contact between the two devices within a predetermined distance through an authentication channel using a short range communication method within 1m before using the data communication channel capable of remote communication by separating the data communication channel and the authentication channel separately. By doing so, the authentication process can be completed.

이는 인증채널과 데이터 통신이 이루어지는 데이터 통신채널 방식이 다르게 때문에 가능한 것임은 물론이다. This is of course possible because the data communication channel method in which the authentication channel and the data communication are made is different.

또한 상기 인증채널은 알에프아이디통신 또는 원와이어통신인 것이 바람직하 며, 알에프아이디통신의 경우 1m이내의 근거리 통신을 충족하기 위해 수동식(Passive) 태그를 이용한 것이 바람직하다.In addition, the authentication channel is preferably RF ID communication or one-wire communication, in the case of RF ID communication, it is preferable to use a passive tag (Passive) to meet the short-range communication within 1m.

또한 상기 알에프아이디통신인 경우에는 비접촉식이며, 원와이어통신의 경우 접촉식이므로 목적하는 보안수준에 따라 선택하면 될 것이다. In addition, the RF ID communication is contactless, and in the case of one-wire communication, it is a contact type may be selected according to the desired security level.

즉, 비접촉식의 경우 접촉식보다는 덜 근접하여도 되므로 사용의 편리함은 있을 것이나 보안수준은 약간 떨어지게 되어 사용자가 이를 고려하여 선택하면 될 것이다. That is, in the case of the non-contact type, it may be less convenient than the contact type, so there may be convenience of use, but the security level may be slightly lowered, and the user may select it in consideration of this.

이에 따라 상기 알에프아이디통신을 인증채널로 선택한 경우 마스터장치(100)에는 제 2통신수단으로 알에프아이디 리더기가 장착되고, 슬레이브장치(200)에는 제 4통신수단으로 알에프아이디 태그가 부착된다.Accordingly, when the RFID ID communication is selected as the authentication channel, the RFID reader is mounted on the master device 100 as the second communication means, and the RFID tag is attached to the slave device 200 as the fourth communication means.

이때 상기 알에프아이디 태그는 Passive 방식인 것이 바람직하며, 탈부착할 수 있도록 구성하여 선택적으로 인증채널을 사용할 수 있도록 할 수 있다.In this case, the RFID tag is preferably a passive type, and may be configured to be detachable so that the authentication channel can be selectively used.

도 1에 따라 본 발명의 사상을 좀더 상세히 설명하면 다음과 같다. Referring to Figure 1 in more detail the spirit of the present invention.

도면을 참조하면, 본 발명에 따른 액세스포인트(AP)와 노트북 간에 무선랜 통신을 하기 위해 우선 노트북을 액세스포인트(AP)로 근접시켜 본 실시예에서 채택된 알에프아이디통신방식의 인증채널을 통해 인증과정을 수행한다.Referring to the drawings, in order to perform wireless LAN communication between an access point (AP) and a notebook computer according to the present invention, the notebook is first approached to an access point (AP) to authenticate through the authentication channel of the RF ID communication method adopted in this embodiment. Perform the process.

이는 노트북의 알에프아이디 리더기가 장착된 부분을 액세스포인트의 알에프아이디 태그가 부착된 부분으로 근접시킴으로써 알에프아이디 통신에 의해 액세스포인트의 태그에 내장된 공유키 정보가 노트북의 리더기로 전송되고 이를 통해 기 존의 인증절차에서의 공유키 입력을 대체하게 된다.This allows the RFID-reader of the laptop to be close to the RFID-tagged portion of the access point, so that the shared key information embedded in the accesspoint's tag is transmitted to the laptop's reader by RFID communication. It will replace the shared key input in the authentication procedure of.

이에 따라 인증절차가 완료되면, 노트북을 무선랜통신이 가능한 범위 내에 이동시켜 무선랜모듈을 통한 데이터 통신을 수행할 수 있게 된다.Accordingly, when the authentication process is completed, it is possible to perform a data communication through the wireless LAN module by moving the notebook within the range capable of wireless LAN communication.

도 2의 경우 상기와 같은 과정으로 무선 헤드셋과 휴대용 단말기를 1m이내로 근접시켜 알에프아이디 통신을 통해 무선 헤드셋의 공유키 정보를 블루투스 모듈을 탑재한 휴대용 단말기가 전송받아 인증절차를 수행하기 위한 공유키 입력을 대체하도록 구성됨은 물론이다. In the case of FIG. 2, the wireless headset and the portable terminal are located within 1 m by the above process, and the portable terminal equipped with the Bluetooth module receives the shared key information of the wireless headset through RF ID communication. Of course, it is configured to replace.

도 3에 따라 본 발명에 따른 통신인증시스템의 수행과정을 살펴보면 다음과 같다.Looking at the performance of the communication authentication system according to the present invention according to Figure 3 as follows.

우선 양 무선통신장치인 마스터장치(100)와 슬레이브장치(200) 간에 전원을 켠 상태로 연결 설정을 할 준비를 한 다음(S10) 마스터장치(100)가 일정 범위 내에 위치하는 슬레이브장치(200)를 인식하게 된다.(S20)First, the connection between the master device 100 and the slave device 200, which are both wireless communication devices, is turned on and ready to establish a connection (S10). Then, the slave device 200 in which the master device 100 is located within a predetermined range. It will be recognized (S20).

상기 일정 범위 혹은 원거리라 함은 근거리에 비해 다소 거리가 상대적으로 먼 거리를 가리키는 것으로서 본 발명에서는 블루투스, 지그비, 무선랜등의 통신이 가능한 거리를 말한다.The predetermined range or long range refers to a relatively far distance rather than a short distance, and in the present invention, refers to a distance in which communication such as Bluetooth, Zigbee, or WLAN is possible.

이에 따라 마스터장치(100)와 슬레이브장치(200)를 근거리 접촉시키면(S30) 마스터장치(100)는 슬레이브장치(200)로부터 공유키 정보를 전송받고(S40) 이 공유키 정보를 통해 인증과정이 완료된다. Accordingly, when the master device 100 and the slave device 200 are in close contact with each other (S30), the master device 100 receives shared key information from the slave device 200 (S40) and the authentication process is performed through the shared key information. Is done.

본 발명에서 근거리라 함은 원거리에 비해 상대적으로 가까운 거리를 가리키 는 것으로서 1미터 이내 아주 근접한 거리를 말하며 원와이어 통신 혹은 알에프아이디 통신등 지하철 혹은 버스에서의 요금 지불 카드와 유사하다고 볼 수 있다. In the present invention, the basis means a relatively close distance to a distance, and refers to a very close distance within 1 meter and may be considered to be similar to a payment card on a subway or a bus such as one-wire communication or RF ID communication.

상기 근거리 접촉(30)시에 마스터장치(100)는 슬레이브장치(200)로부터 공유키뿐만 아니라 슬레이브의 고유정보 예를 들면 무선랜의 MAC Address(맥어드레스), 블루투스의 BD Address도 함께 전송을 받을 수 있도록 할 수 있으므로 장치 접속이 보다 정확하고 빠르게 이루어질 수 있다.At the close contact 30, the master device 100 receives not only the shared key from the slave device 200 but also unique information of the slave, for example, the MAC address of the wireless LAN and the BD address of Bluetooth. The device connection can be made more accurate and faster.

그런 다음 마스터장치(100)와 슬레이브장치(200) 간에는 무선 접속이 되게 되며(S50) 제 1통신수단과 제 3통신수단을 통해 데이터 통신을 수행하게 된다.(S60)Then, there is a wireless connection between the master device 100 and the slave device 200 (S50) and performs data communication through the first communication means and the third communication means (S60).

한편, 마스터장치(100)가 일정 범위(원거리)내에 위치하는 슬레이브장치(200)를 인식하는(S20) 단계는 사용자의 설정에 따라 마스터장치(100)와 슬레이브장치(200)를 근거리에 접근시킨(S30)후에 이루어질 수도 있다.Meanwhile, in the step S20 of recognizing the slave device 200 located within a predetermined range (far distance), the master device 100 makes the master device 100 and the slave device 200 approach each other according to a user's setting. It may be made after (S30).

이러한 경우 마스터장치에서 원거리에 접근하는 모든 슬레이브를 인식하지 않을 수 있으므로 마스터장치에서 부하가 걸리지 않으며, 보안 수준도 향상되게 되는 효과가 있다. In this case, the master device may not recognize all the slaves approaching the remote, so there is no load on the master device and the security level is improved.

상기에서 기술된 바와 같이 본 발명은 원거리 데이터 통신하는 마스터장치 및 슬레이브장치 간에 연결 설정을 위한 인증채널을 마련하고 상기 인증채널을 통해 근거리 통신할 수 있는 제 2통신수단과 제 4통신수단을 각각 장착함으로써 공유 키의 입력 없이 근거리 통신으로 인증절차가 이루어질 수 있도록 한다.As described above, the present invention provides an authentication channel for establishing a connection between a master device and a slave device for remote data communication, and includes second communication means and fourth communication means capable of short-range communication through the authentication channel. By doing so, the authentication process can be performed by short-range communication without input of a shared key.

이에 따라 근거리통신을 통해 인증절차를 수행하여야 함으로써 무선통신장치를 이용하는 정당사용자에 의해 일정 보안 수준이 만족되므로 인증절차를 구비하지 않는 경우보다는 보안수준이 증대되며, 공유키 입력이 필요 없게 됨에 따라 종래 인증절차를 구비하는 경우보다는 사용의 편리함이 증대되는 효과가 있다. Accordingly, since the authentication process must be performed through short-range communication, a certain level of security is satisfied by a party user using a wireless communication device, so that the level of security is increased rather than a case where no authentication procedure is provided, and thus the shared key input is unnecessary. There is an effect that the convenience of use is increased rather than having an authentication procedure.

Claims (5)

삭제delete 삭제delete 삭제delete 무선통신장치 간의 연결 설정을 위한 인증시스템에 있어서,In the authentication system for establishing a connection between wireless communication devices, 양 무선통신장치 간의 쌍방향 데이터 통신을 하는 데이터 통신채널과;A data communication channel for bidirectional data communication between both wireless communication devices; 상기 양 무선통신장치 간의 연결 설정을 위해 인증절차를 수행하기 위한 인증채널과; An authentication channel for performing an authentication procedure for establishing a connection between the two wireless communication devices; 상기 데이터 통신채널을 통해 마스터와 슬레이브간 1미터 넘는 거리의 원거리통신을 하기 위한 제 1통신수단과 인증채널을 통해 마스터와 슬레이브간 1미터 이내의 근거리통신을 하기 위한 제 2통신수단을 탑재하는 마스터장치 및 A master having first communication means for long distance communication of a distance of more than 1 meter between the master and slave through the data communication channel, and a second communication means for short range communication within 1 meter of the master and slave via the authentication channel. Device and 상기 마스터장치와 데이터 통신채널을 통해 마스터와 슬레이브간 1미터 넘는 거리의 원거리통신을 하기 위한 제 3통신수단과 인증채널을 통해 마스터와 슬레이브간 1미터 이내의 근거리통신을 하기 위한 제 4통신수단을 탑재하는 슬레이브장치를 포함하여 구성되되,A third communication means for long-distance communication of a distance of more than 1 meter between the master and the slave through the data communication channel with the master device and a fourth communication means for short-range communication within 1 meter between the master and the slave through the authentication channel. It is configured to include a slave device to be mounted, 상기 데이터 통신채널은 무선랜통신, 블루투스통신 또는 지그비통신 중 선택되는 어느 하나인 것을 특징으로 하며,The data communication channel is any one selected from wireless LAN communication, Bluetooth communication or ZigBee communication, 상기 인증채널은 원와이어통신 또는 적외선통신인 것을 특징으로 하는 무선데이터 통신인증시스템.The authentication channel is a wireless data communication authentication system, characterized in that the one-wire communication or infrared communication. 삭제delete
KR1020060018926A 2006-02-27 2006-02-27 Wireless-data certification system for communication KR100755025B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020060018926A KR100755025B1 (en) 2006-02-27 2006-02-27 Wireless-data certification system for communication
PCT/KR2007/000987 WO2007097601A1 (en) 2006-02-27 2007-02-27 Wireless-data certification system for communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020060018926A KR100755025B1 (en) 2006-02-27 2006-02-27 Wireless-data certification system for communication

Publications (1)

Publication Number Publication Date
KR100755025B1 true KR100755025B1 (en) 2007-09-06

Family

ID=38437595

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020060018926A KR100755025B1 (en) 2006-02-27 2006-02-27 Wireless-data certification system for communication

Country Status (2)

Country Link
KR (1) KR100755025B1 (en)
WO (1) WO2007097601A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI658717B (en) * 2013-10-01 2019-05-01 瑞士商伊文修股份有限公司 Access control method, access control system and computer-readable storage medium
KR20160099396A (en) * 2015-02-12 2016-08-22 삼성전자주식회사 Using method for communication service and electronic device supporting the same

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003101545A (en) 2001-09-19 2003-04-04 Hitachi Software Eng Co Ltd Method for controlling access to lan from wireless lan terminal, wireless lan base station apparatus and wireless lan terminal apparatus
WO2005008901A2 (en) 2003-07-15 2005-01-27 Nery Ben-Azar Wireless signal coding and authentication
KR20050072789A (en) * 2002-11-06 2005-07-12 차이나 아이더블유엔콤 씨오., 엘티디 A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely
KR20060051187A (en) * 2004-09-22 2006-05-19 삼성전자주식회사 Method for managing communication security in wireless network and apparatus for the same
KR20060089469A (en) * 2005-02-04 2006-08-09 삼성전자주식회사 Method of key establishment between wireless communication devices

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004342088A (en) * 2003-04-21 2004-12-02 Sony Corp Terminal apparatus authentication system, terminal apparatus, first sorting server, sorting system, service server, second sorting server, terminal apparatus method, first sorting method, sorting method, service provision method, service server method, first sorting method, second sorting method, terminal apparatus program, first sorting program, sorting program, service server program, second sorting program, and storage medium
JP4240297B2 (en) * 2003-04-21 2009-03-18 ソニー株式会社 Terminal device, authentication terminal program, device authentication server, device authentication program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003101545A (en) 2001-09-19 2003-04-04 Hitachi Software Eng Co Ltd Method for controlling access to lan from wireless lan terminal, wireless lan base station apparatus and wireless lan terminal apparatus
KR20050072789A (en) * 2002-11-06 2005-07-12 차이나 아이더블유엔콤 씨오., 엘티디 A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely
WO2005008901A2 (en) 2003-07-15 2005-01-27 Nery Ben-Azar Wireless signal coding and authentication
KR20060051187A (en) * 2004-09-22 2006-05-19 삼성전자주식회사 Method for managing communication security in wireless network and apparatus for the same
KR20060089469A (en) * 2005-02-04 2006-08-09 삼성전자주식회사 Method of key establishment between wireless communication devices

Also Published As

Publication number Publication date
WO2007097601A1 (en) 2007-08-30

Similar Documents

Publication Publication Date Title
US9268932B2 (en) Authentication of devices in a wireless network
US20180249313A1 (en) Smart device, electronic apparatus, and nfc-based network connection method
US20120238216A1 (en) Systems and methods for managing bluetooth device pairings
EP2747370A1 (en) Method and apparatus for providing secure access to a network
CN102869014A (en) Terminal and data communication method
CN105282868B (en) System and method for WiFi network to be temporarily added
TWI449397B (en) Near field communication electronic device, login system using the same and method thereof
WO2013127124A1 (en) Method, system and terminal for implementing wi-fi connection through nfc
CN103517272B (en) Wireless network user authentication system and wireless network connection method thereof
KR20150014316A (en) Image forming apparatus and near field communication (NFC) device supporting function of NFC and method for performing authentication thereof
KR100722990B1 (en) System for controlling opening/locking of door using mobile terminal and recording-medium storing the controlling method
CN105516889A (en) Bluetooth connection method and terminal
CN107396283A (en) A kind of router wireless connection authentication method and system
CN103236926A (en) Point-to-point-based data transmission system and data transmission method
WO2015064431A1 (en) Control device and control method which use authentication device
JP6310251B2 (en) COMMUNICATION DEVICE, ITS CONTROL METHOD, AND PROGRAM
KR101321875B1 (en) System of NFC secure print and method thereof
KR100755025B1 (en) Wireless-data certification system for communication
CN104640112A (en) Authentication method, device and system
CN107454557B (en) Router connection method and system
KR100799794B1 (en) Remote controller having the function of setting network and setting method for wireless network using the same
CN103544440B (en) Secure printing method
KR100827813B1 (en) Method for pairing between bluetooth devices using tag and bluetooth device for the same
KR101674125B1 (en) Method and apparatus for connecting multi-terminal by using authentication
KR102172855B1 (en) Method for Providing Server Type One Time Code for Medium Separation by using User’s Handheld type Medium

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
J201 Request for trial against refusal decision
B701 Decision to grant
GRNT Written decision to grant
G170 Publication of correction
FPAY Annual fee payment

Payment date: 20120827

Year of fee payment: 6

FPAY Annual fee payment

Payment date: 20130819

Year of fee payment: 7

FPAY Annual fee payment

Payment date: 20140829

Year of fee payment: 8

FPAY Annual fee payment

Payment date: 20150828

Year of fee payment: 9

FPAY Annual fee payment

Payment date: 20160829

Year of fee payment: 10

FPAY Annual fee payment

Payment date: 20170616

Year of fee payment: 11

FPAY Annual fee payment

Payment date: 20180719

Year of fee payment: 12

FPAY Annual fee payment

Payment date: 20190715

Year of fee payment: 13