KR19980079314A - How to manage document security on the network - Google Patents

How to manage document security on the network Download PDF

Info

Publication number
KR19980079314A
KR19980079314A KR1019970039400A KR19970039400A KR19980079314A KR 19980079314 A KR19980079314 A KR 19980079314A KR 1019970039400 A KR1019970039400 A KR 1019970039400A KR 19970039400 A KR19970039400 A KR 19970039400A KR 19980079314 A KR19980079314 A KR 19980079314A
Authority
KR
South Korea
Prior art keywords
document
user
password
network
signature
Prior art date
Application number
KR1019970039400A
Other languages
Korean (ko)
Other versions
KR100474257B1 (en
Inventor
양영이
Original Assignee
윤종용
삼성전자 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 윤종용, 삼성전자 주식회사 filed Critical 윤종용
Priority to KR1019970039400A priority Critical patent/KR100474257B1/en
Publication of KR19980079314A publication Critical patent/KR19980079314A/en
Application granted granted Critical
Publication of KR100474257B1 publication Critical patent/KR100474257B1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

본 발명은 네트웍 상에서의 문서 보안관리를 위해 픽셀 단위의 시스템 사용자의 서명을 미리 부여한 사용자 ID와 패스워드를 이용하여 암호화하고, 이를 사용자 ID와 패스워드를 이용하여 해독하도록 한 네트웍 상의 문서 보안관리 방법에 관한 것이다.The present invention relates to a method for managing document security on a network, which encrypts using a user ID and password that has been pre-signed by a system user in pixels for document security management on a network, and decrypts the same using a user ID and a password. will be.

시스템에 모든 사용자의 서명을 등록하고 등록된 서명에 대해 사용자 ID 및 패스워드를 부여하는 제 1 과정과, 픽셀 단위로 나뉘어진 서명과 사용자 ID와 패스워드를 이용하여 송신측에서 송신할 문서를 암호화하는 제 2 과정과, 암호화된 문서가 네트웍 상에서 전송되는 제 3 과정과, 전송된 문서를 수신측에서 사용자 ID와 패스워드를 이용하여 해독화하는 제 4 과정으로 이루어지고, 픽셀 단위로 나뉘어진 사용자의 서명과 사용자 ID및 패스워드를 이용하여 암호화함으로써 네트웍 상에서 다른 사용자에 의해 문서가 유출되지 않고 안전하게 문서의 보안을 유지할 수 있다.The first step of registering the signatures of all users in the system and assigning the user ID and password to the registered signatures, and encrypting the document to be sent by the sender using the signature and user ID and password divided by pixel. A second process of transmitting an encrypted document on the network, and a fourth process of decrypting the transmitted document by using a user ID and a password at a receiving side. By encrypting using a user ID and password, documents can be secured without being leaked by other users on the network.

Description

네트웍 상의 문서 보안관리 방법How to manage document security on the network

본 발명은 네트웍 상에서의 문서 보안관리를 위해 픽셀 단위의 시스템 사용자의 서명을 미리 부여한 사용자 ID와 패스워드를 이용하여 암호화하고, 이를 사용자 ID와 패스워드를 이용하여 해독하도록 한 네트웍 상의 문서 보안관리 방법에 관한 것이다.The present invention relates to a method for managing document security on a network, which encrypts using a user ID and password that has been pre-signed by a system user in pixels for document security management on a network, and decrypts the same using a user ID and a password. will be.

도 1은 네트웍 상에서 문서를 송수신하기 위한 시스템의 개략적인 구성을 나타내는 블록도로서, 문서를 송신할 송신측의 PC(10)와, 문서를 수신할 수신측의 PC(11)와, 상기 송신측의 PC(10)와 수신측의 PC(11)를 연결하여 문서를 송수신할 수 있도록 하는 네트웍(12)으로 구성되어 있다.Fig. 1 is a block diagram showing a schematic configuration of a system for transmitting and receiving a document on a network. The PC 10 of a sending side to send a document, the PC 11 of a receiving side to receive a document, and the sending side It consists of a network 12 to connect the PC 10 and the PC (11) of the receiving side to transmit and receive documents.

문서를 송신 및 수신할 때에는 문서에 대한 정보가 해커에 의해 외부로 노출되는 것을 방지하기 위하여 송신측에서는 송신할 문서를 암호화하고, 수신측에서는 암호화된 문서를 해독하여 원래의 정보를 읽어들이게 된다.When transmitting and receiving documents, the sender encrypts the document to be transmitted and the receiver decrypts the encrypted document to read the original information in order to prevent the information about the document from being exposed to the outside by hackers.

그런데 종래의 네트웍 상에서의 보안관리를 위한 암호화 방법은 이미 많은 사용자에게 그 기술이 알려져 있고, 보안관리를 위해 서명을 사용할 경우에도 서명을 하나의 그림화면으로 입력받아 픽셀 단위로 나누지 않고 하나의 파일 형태로 저장하고 암호화하므로 이동 및 복사가 쉽게 가능하여 서명이 유출되는 문제점이 있었다.However, the encryption method for security management in a conventional network is already known to many users, and even when using a signature for security management, a signature is inputted as a picture screen and divided into pixel units instead of a pixel unit. Because it is stored and encrypted, it is easy to move and copy, so there is a problem that the signature is leaked.

이러한 종래의 네트웍 상의 문서 보안관리 방법은 다른 사용자가 네트웍에 접근하여 문서를 외부로 손쉽게 유출할 수 있는 문제점이 있었다.The conventional document security management method on the network has a problem that another user can easily access the network to leak the document to the outside.

따라서, 본 발명은 전술한 문제점을 해결하기 위한 것으로서, 본 발명의 목적은, 다른 사용자에 의해 문서가 외부로 유출되지 않도록 픽셀 단위로 나뉘어진 사용자의 서명과 사용자 ID및 패스워드를 이용하여 암호화하는 네트웍 상의 문서보안관리 방법을 제공함에 있다.Accordingly, an object of the present invention is to solve the above-described problem, and an object of the present invention is to encrypt a document using a user's signature, a user ID, and a password divided by pixels so that a document is not leaked by another user. To provide a document security management method.

상기와 같은 본 발명의 목적은, 시스템에 모든 사용자의 서명을 등록하고 등록된 서명에 대한 사용자 ID와 패스워드를 부여한 후, 문서를 송신할 때 송신측에서는 필셀 단위로 암호화된 서명과 부여된 사용자 ID와 패스워드를 이용하여 암호화하고, 수신측에서는 사용자 ID와 패스워드를 이용하여 이를 해독하도록 제어함으로써 달성된다.The above object of the present invention is to register the signatures of all users in the system, assign user IDs and passwords for the registered signatures, and when transmitting the document, the sender encrypts the signed signatures and the given user IDs in units of pixels. This is accomplished by encrypting using a password and controlling the decryption using the user ID and password at the receiving end.

도 1은 네트웍 상에서 문서를 송수신하기 위한 시스템의 개략적인 구성을 나타내는 블록도,1 is a block diagram showing a schematic configuration of a system for transmitting and receiving documents on a network;

도 2는 본 발명에 의한 네트웍 상의 문서 보안관리 방법을 설명하기 위한 플로우챠트이다.2 is a flowchart illustrating a document security management method on a network according to the present invention.

* 도면의 주요부분에 사용된 부호의 설명 *Explanation of symbols used in the main part of the drawing

10 : 송신측 PC11 : 수신측 PC10: sending PC11: receiving PC

12 : 네트12: Net

이하, 본 발명에 의한 네트웍 상에서의 문서 보안관리 방법의 바람직한 실시예에 대하여 첨부도면을 참조하여 상세히 설명한다.Hereinafter, with reference to the accompanying drawings, a preferred embodiment of a document security management method on a network according to the present invention will be described in detail.

도 2는 본 발명에 의한 네트웍 상의 문서 보안관리 방법을 설명하기 위한 플로우챠트로서, 이는 시스템에 모든 사용자의 서명을 등록하고 등록된 서명에 대해 사용자 ID 및 패스워드를 부여하는 제 1 과정(S100)과, 제 1 과정(S100)에서 등록된 픽셀 단위로 나뉘어진 서명과 사용자 ID와 패스워드를 이용하여 송신측에서 송신할 문서를 암호화하는 제 2 과정(S200)과, 상기 제 2 과정(S200)에서 암호화된 문서가 네트웍 상에서 전송되는 제 3 과정(S300)과, 상기 제 3 과정(S300)에서 전송된 문서를 수신측에서 사용자 ID와 패스워드를 이용하여 해독화하는 제 4 과정(S400)으로 크게 나눌 수 있다.FIG. 2 is a flowchart illustrating a method for managing document security on a network according to the present invention, which includes a first process (S100) of registering signatures of all users in a system and granting a user ID and password to a registered signature; A second step (S200) of encrypting a document to be transmitted by a transmitter by using a signature divided by a pixel unit registered in the first step (S100), a user ID and a password, and an encryption at the second step (S200). The document can be divided into a third process (S300) of transmitting the document on the network and a fourth process (S400) of decrypting the document transmitted in the third process (S300) using a user ID and a password at the receiving side. have.

먼저 모든 시스템에 개인마다 독특한 서명을 등록한다(S10). 이때 등록된 서명에 대해서는 읽기 및 복사가 불가능하고 쓰기만 가능하므로 등록만 가능하고 조회할 수는 없다.First, a unique signature is registered for each individual in all systems (S10). At this time, the registered signature cannot be read, copied, and only written, so it can only be registered and not inquired.

그리고 시스템에 등록된 각각의 서명에 대해 사용자 ID와 패스워드를 부여하는데(S11), 만일 사용자에게 부여된 사용자 ID와 패스워드를 분실했을 경우에는 이에 대해 조회할 수 없으므로 서명을 완전히 삭제하고 사용자 ID와 패스워드를 재부여하도록 한다.In addition, a user ID and password are assigned to each signature registered in the system (S11). If the user ID and password assigned to the user are lost, the user ID and password cannot be queried. Therefore, the signature is completely deleted and the user ID and password are deleted. To re-grant.

이후 네트웍 상의 보안을 유지하기 위하여 시스템에 접근하는 사용자의 사용자 ID와 패스워드의 조합을 이용하여 네트웍 사용에 대한 권한을 체크한다(S12).After that, in order to maintain security on the network, the authority for network use is checked using a combination of a user ID and a password of a user accessing the system (S12).

그리고 문서를 송신할 때 다른 사용자가 문서에 접근할 수 없도록 개인의 서명을 사용하여 문서를 암호화하는데(S13), 이때 서명이 유출되는 것을 방지하기 위해 서명을 픽셀 단위로 나누어 암호화하게 된다.When the document is transmitted, the document is encrypted using a personal signature so that other users cannot access the document (S13). At this time, the signature is encrypted by dividing the pixel to prevent the signature from being leaked.

암호화된 서명을 사용자 ID와 패스워드를 이용하여 다시 암호화하고(S14), 수신측인 상대국가 또는 기관과 암호화 및 해독화에 대한 사전 협정을 갖는다(S15).The encrypted signature is re-encrypted using the user ID and password (S14), and has a prior agreement on encryption and decryption with the destination country or institution as the receiving party (S15).

네트웍 상에서 전송이 시작되면 네트웍에서 자체적으로 보안관리를 하게 되고(S16), 수신측에서는 암호화된 문서를 수신받아 픽셀 단위로 수신받은 서명에 사용자 ID와 패스워드를 조합하여 암호를 해독하면(S17) 디코딩 신호가 분리된 원래의 문서를 받을 수 있게 된다(S18).When transmission is started on the network, the network manages its own security (S16), and when the receiving side receives the encrypted document and decrypts the password by combining the user ID and password with the signature received in units of pixels (S17), the decoding signal Is able to receive the original document separated (S18).

이상 설명한 바와 같이, 본 발명에 의한 네트웍 상에서의 문서 보안관리 방법에 의하면, 픽셀 단위로 나뉘어진 사용자 ID 및 패스워드를 이용하여 암호화함으로써 네트웍 상에서 다른 사용자에 의해 문서가 유출되지 않고 안전하게 문서의 보안을 유지할 수 있다.As described above, according to the method for managing document security on a network according to the present invention, by encrypting using a user ID and a password divided by pixels, a document can be securely secured without being leaked by another user on the network. Can be.

Claims (3)

시스템에 모든 사용자의 서명을 등록하고 등록된 서명에 대해 사용자 ID 및 패스워드를 부여하는 제 1 과정과;Registering a signature of all users in the system and granting a user ID and password to the registered signature; 상기 제 1 과정에서 등록된 픽셀 단위로 나뉘어진 서명과 사용자 ID와 패스워드를 이용하여 송신측에서 송신할 문서를 암호화하는 제 2 과정과;A second step of encrypting a document to be transmitted by a transmitter using a signature divided in units of pixels registered in the first step, a user ID and a password; 상기 제2 과정에서 암호화된 문서가 네트웍 상에서 전송되는 제 3 과정; 및A third step of transmitting the document encrypted in the second step on a network; And 상기 제 3과정에서 전송된 문서를 수신측에서 사용자 ID와 패스워드를 이용하여 해독화하는 제 4 과정으로 이루어 것을 특징으로 하는 네트웍 상의 문서 보안관리 방법.And a fourth process of decrypting the document transmitted in the third process by using a user ID and a password at a receiving side. 제 1항에 있어서,The method of claim 1, 상기 제 1 과정에서 서명이 유출되는 것을 방지하기 위해서 등록된 서명에 대한 읽기 및 복사가 불가능하고 등록만 가능하도록 한 것을 특징으로 하는 네트웍상의 문서 보안관리 방법.In order to prevent the signature from being leaked in the first step, the method for managing security of a document on a network, characterized in that reading and copying of a registered signature is impossible and only registration is possible. 제 1 항에 있어서, 상기 제2 과정은;The method of claim 1, wherein the second process comprises: 문서를 송신할 때 다른 사용자가 문서에 접근할 수 없도록 개인의 서명을 픽셀 단위로 나누어 암호화하는 제1 스텝과;A first step of dividing and encrypting an individual's signature in units of pixels so that another user cannot access the document when transmitting the document; 암호화된 서명을 사용자 ID와 패스워드를 이용하여 다시 암호화하는 제2 스텝과; 및A second step of encrypting the encrypted signature again using a user ID and a password; And 문서를 수신할 상대국가 또는 기관과 암호화 및 해독화에 대한 사전 협정을 갖는 제3 스텝으로 이루어진 것을 특징으로 하는 네트웍상의 문서 보안관리 방법.And a third step of having a prior agreement on encryption and decryption with a counterpart country or institution that will receive the document.
KR1019970039400A 1997-08-19 1997-08-19 How to manage document security on the network KR100474257B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1019970039400A KR100474257B1 (en) 1997-08-19 1997-08-19 How to manage document security on the network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1019970039400A KR100474257B1 (en) 1997-08-19 1997-08-19 How to manage document security on the network

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
KR2019970007281 Division 1997-04-09

Publications (2)

Publication Number Publication Date
KR19980079314A true KR19980079314A (en) 1998-11-25
KR100474257B1 KR100474257B1 (en) 2005-06-07

Family

ID=37309564

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1019970039400A KR100474257B1 (en) 1997-08-19 1997-08-19 How to manage document security on the network

Country Status (1)

Country Link
KR (1) KR100474257B1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20010079297A (en) * 2000-07-13 2001-08-22 신동욱 Method for applying locking function to an electronic document transmitted through network
KR20020065687A (en) * 2001-02-07 2002-08-14 (주)케이사인 The Integrated Office Program for Security Services
KR100375883B1 (en) * 2000-04-07 2003-03-17 주식회사 아이포소프트 Method and web system for Web-based secure data exchanges using signed applets
KR100407464B1 (en) * 2000-11-10 2003-11-28 알파로직스(주) Multi-step encryption/decryption apparatus and method by pixel unit

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5195133A (en) * 1991-01-11 1993-03-16 Ncr Corporation Apparatus and method for producing a digitized transaction record including an encrypted signature
US5544255A (en) * 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
KR100194638B1 (en) * 1996-06-11 1999-06-15 정선종 Additional Digital Signature Method Using Personally Identifiable Information

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100375883B1 (en) * 2000-04-07 2003-03-17 주식회사 아이포소프트 Method and web system for Web-based secure data exchanges using signed applets
KR20010079297A (en) * 2000-07-13 2001-08-22 신동욱 Method for applying locking function to an electronic document transmitted through network
KR100407464B1 (en) * 2000-11-10 2003-11-28 알파로직스(주) Multi-step encryption/decryption apparatus and method by pixel unit
KR20020065687A (en) * 2001-02-07 2002-08-14 (주)케이사인 The Integrated Office Program for Security Services

Also Published As

Publication number Publication date
KR100474257B1 (en) 2005-06-07

Similar Documents

Publication Publication Date Title
KR100749867B1 (en) System and method for securely installing a cryptographic system on a secure device
RU2147790C1 (en) Method for transferring software license to hardware unit
KR20080105970A (en) Image encryption/decryption system
US20140022586A1 (en) Method for Enforcing Document Privacy Through Third Party Systems
KR20030027066A (en) Device arranged for exchanging data, and method of authenticating
US7472123B2 (en) Server device, communication device, and program for managing contents usage
JPH1013401A (en) Method for establishing secured communication and related ciphering/decoding system
JPH09179768A (en) File ciphering system and file deciphering system
CN101515989A (en) Image processing apparatus, image processing method, and image forming apparatus
US6839838B2 (en) Data management system, information processing apparatus, authentification management apparatus, method and storage medium
JP4847301B2 (en) Content protection system, content protection device, and content protection method
KR20020067663A (en) Data distribution system
JPH09200194A (en) Device and method for security communication
WO2005025129A1 (en) Digital literary work protection system and digital literary work protection method
KR100474257B1 (en) How to manage document security on the network
US20050063002A1 (en) Recording medium recording program for print job encryption
KR970056124A (en) Differential Factor Cryptography Method and System
KR100875341B1 (en) How to create a virtual private network using a public network
JPH09191318A (en) Gateway system
JP2004135021A (en) Storage device and server device
JP2006039740A (en) Communication device
KR20140127491A (en) Method for managing fax data received through network and apparatus using the same
US20080059794A1 (en) Method, apparatus and computer readable medium for secure conversion of confidential files
JP7000961B2 (en) File operation management system and file operation management method
JP2006031483A (en) Communication device

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20130130

Year of fee payment: 9

FPAY Annual fee payment

Payment date: 20140128

Year of fee payment: 10

FPAY Annual fee payment

Payment date: 20150129

Year of fee payment: 11

FPAY Annual fee payment

Payment date: 20160128

Year of fee payment: 12

EXPY Expiration of term