KR20160114345A - One time password generation and recognition system and method thereof - Google Patents
One time password generation and recognition system and method thereof Download PDFInfo
- Publication number
- KR20160114345A KR20160114345A KR1020150040718A KR20150040718A KR20160114345A KR 20160114345 A KR20160114345 A KR 20160114345A KR 1020150040718 A KR1020150040718 A KR 1020150040718A KR 20150040718 A KR20150040718 A KR 20150040718A KR 20160114345 A KR20160114345 A KR 20160114345A
- Authority
- KR
- South Korea
- Prior art keywords
- otp
- user
- code
- user terminal
- valid
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
Abstract
An embodiment of the present invention relates to an OTP generation and authentication system, and an OTP generation and authentication method using the OTP generation and authentication system. A technical problem to be solved is that, when a user accesses a target server using an OTP processing device, To select a shipped product for receiving the OTP code, and to authenticate the connection using the ID, password, and OTP code.
To this end, an embodiment of the present invention provides an OTP generation and authentication system for generating and authenticating an OTP (One Time Password) for connection between a user terminal and a target server, the OTP generation and authentication system comprising: A target server displaying an authentication window; A user terminal for selecting an OTP classification item in the authentication window, inputting an ID and a password, OTP registration information for the selected OTP classification item, and requesting generation of the user OTP code; And an OTP processing server for generating the user OTP code at the request of the user terminal and transmitting the user OTP code to the OTP classification item, and allowing the user to access the target server if the user ID and password input from the user terminal and the user OTP code are valid, Gt; OTP < / RTI > generation and authentication system.
Description
One embodiment of the present invention relates to an OTP generation and authentication system in which a user can select a transmission product for receiving an OTP code generated for OTP authentication, and an OTP generation and authentication method using the OTP generation and authentication system.
In order to efficiently manage directories in a complicated enterprise computing environment, a directory service such as Active Directory is being provided in a window environment.
Conventionally, when logging on to a directory service such as an Active Directory, user authentication is performed by relying on input of a user ID or a user password.
However, the user authentication by inputting the user ID or the user password can log on to the active directory if the user ID or the user password is leaked, thereby causing a problem of data security of the enterprise.
In one embodiment of the present invention, when a user accesses a target server using an OTP processing device, the user can select a sending product for receiving the OTP code generated for OTP authentication, And an OTP generation and authentication method using the OTP generation and authentication system.
In addition, when the user accesses the target server using the OTP processing device, one embodiment of the present invention may include authentication by using not only the ID and password but also a combination of the matching number and the OTP code arbitrarily input by the user The present invention provides an OTP generation and authentication system capable of doubling security, and an OTP generation and authentication method using the same.
The OTP generation and authentication system according to an embodiment of the present invention is an OTP generation and authentication system for generating and authenticating an OTP (One Time Password) for connection between a user terminal and a target server, A target server for displaying an authentication window for OTP generation; A user terminal for selecting an OTP classification item in the authentication window, inputting an ID and a password, OTP registration information for the selected OTP classification item, and requesting generation of the user OTP code; And an OTP processing server for generating the user OTP code at the request of the user terminal and transmitting the generated OTP code to the OTP classification item, and for allowing the user to access the target server if the user ID and password input from the user terminal and the user OTP code are valid, . ≪ / RTI >
The OTP classification item may include at least one of a mobile application, an e-mail, an SMS, and a web.
Wherein the OTP registration information includes at least one of an OTP key for the mobile application, an address of the email, a phone number of the SMS-enabled user terminal, or a web corresponding to the mobile application, e-mail, It can be a pin number to be input.
The OTP processing server requests a matching code from the user terminal when the ID and password input by the user terminal are valid, receives a matching code from the user terminal, generates a user OTP code, and transmits the user OTP code to the user terminal And allow access to the target server when the user OTP code inputted by the user terminal is valid and the difference or sum of the user OTP code inputted by the user terminal and the matching code is valid.
The OTP processing server requests a matching code from the user terminal when the ID and password input by the user terminal are valid, receives a matching code from the user terminal, generates a user OTP code, and transmits the user OTP code to the user terminal And may allow access to the target server if the user OTP code entered by the user terminal is valid and the matching code entered by the user terminal is valid.
The OTP processing server may generate a user OTP code including an OTP key value and a time value, and may determine that the user OTP code is valid for the same user OTP code input from the user terminal for a post-reference time based on the time value.
According to another aspect of the present invention, there is provided an OTP generation and authentication method for generating and authenticating an OTP (One Time Password) for connection between a user terminal and a target server using an OTP processing server, A first step of transmitting a server connection request received from the user terminal to the target server; A second step of transmitting an authentication window for OTP generation to the user terminal through the target server; In the transmitted authentication window, an OTP authentication check is performed by a user's operation, an OTP classification item is selected, and OTP registration information for the selected OTP classification item is inputted to request the OTP processing server to generate a user OTP code A third step; A fourth step of generating a user OTP code according to the request and transmitting the generated OTP code to the selected OTP classification item; A fifth step of inputting an ID and a password and a user OTP code in the authentication window based on the transmitted user OTP code; And a sixth step of allowing access to the target server when the user ID and password input by the user terminal and the user OTP code are valid.
The sixth step includes a step 6-1 of requesting the user terminal for a matching code when the ID and the password input by the user terminal are valid. Receiving the matching code from the user terminal, generating a user OTP code, and transmitting the user OTP code to the user terminal; A sixth step of determining whether the user OTP code input by the user terminal is valid; If the user OTP code input by the user terminal is valid, requesting the user terminal for the difference or sum of the user OTP code and the matching code; And allowing the connection to the target server if the difference or sum of the user OTP code inputted by the user terminal and the matching code is valid.
The sixth step includes a step 6-1 of requesting the user terminal for a matching code when the ID and the password input by the user terminal are valid. Receiving the matching code from the user terminal, generating a user OTP code, and transmitting the user OTP code to the user terminal; A sixth step of determining whether the user OTP code input by the user terminal is valid; A step (6-4) of requesting the user terminal to input the matching code if the user OTP code inputted by the user terminal is valid; And allowing a connection to the server if the matching code input by the user terminal is valid.
The OTP generation and authentication system, and the OTP generation and authentication method using the OTP generation and authentication system according to an embodiment of the present invention, when a user accesses a target server using an OTP processing apparatus, sends out an OTP code generated for OTP authentication Since the product can be selected and the connection is authenticated using the ID, password and OTP code, the security can be enhanced.
In addition, when the user accesses the target server using the OTP processing device, the user authenticates the connection using not only the ID and the password but also the combination of the matching number and the OTP code arbitrarily input by the user Therefore, security can be doubled during OTP authentication.
1 is a diagram schematically illustrating an OTP generation and authentication system according to an embodiment of the present invention.
FIGS. 2A and 2B are diagrams illustrating screens for setting up an environment for the OTP generation and authentication system of FIG.
3A to 3E are diagrams illustrating a screen in which a user sets an OTP classification item in the OTP generation and authentication system of FIG.
FIGS. 4A to 4F are diagrams illustrating a screen for inputting an OTP code using the OTP generation and authentication system of FIG. 1. FIG.
5 is a flowchart illustrating a process of connecting to a target server through an OTP generation and authentication method according to another embodiment of the present invention.
6 is a flowchart illustrating a process of connecting to a target server through an OTP generation and authentication method according to another embodiment of the present invention.
7 is a flowchart illustrating a process of connecting to a target server through an OTP generation and authentication method according to another embodiment of the present invention.
The terms used in this specification will be briefly described and the present invention will be described in detail.
While the present invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments. Also, in certain cases, there may be a term selected arbitrarily by the applicant, in which case the meaning thereof will be described in detail in the description of the corresponding invention. Therefore, the term used in the present invention should be defined based on the meaning of the term, not on the name of a simple term, but on the entire contents of the present invention.
When an element is referred to as "including" an element throughout the specification, it is to be understood that the element may include other elements as well, without departing from the spirit or scope of the present invention. Also, the terms "part," " module, "and the like described in the specification mean units for processing at least one function or operation, which may be implemented in hardware or software or a combination of hardware and software .
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.
FIG. 1 is a view schematically showing an OTP generation and authentication system according to an embodiment of the present invention. FIGS. 2A and 2B are diagrams illustrating a screen for setting an environment for a user for the OTP generation and authentication system of FIG. FIGS. 3A to 3E are views showing a screen in which a user sets an OTP classification item in the OTP generation and authentication system of FIG. 1. FIG. 4A to FIG. 4F are views illustrating a screen for inputting an OTP code using the OTP generation and authentication system of FIG. Fig.
1, an OTP generation and authentication system according to an embodiment of the present invention generates an OTP (One Time Password) for connection between a
The
The
More specifically, the
The
To this end, the
In order to solve the conventional problem that the reliability of the OTP authentication is reduced because it is not easy to exactly match the self time of the
More specifically, the
Before generating and authenticating the user OTP code using the OTP generation and authentication system configured as described above, the user inputs the number of OTP users and the OTP classification item (i.e., OTP sending product) for OTP authentication as shown in FIGS. 2A and 2B, Etc., and selects the use of OTP authentication option.
Then, as shown in FIG. 3A, the user performs an OTP authentication check, and clicks on the OTP registration button. Then, as shown in FIG. 3B, the OTP classification item is displayed as a mobile OTP key, As shown in FIG. 3D, the OTP is registered by inputting a telephone number or a user's pin number for web connection as shown in FIG. 3E.
Then, as shown in FIG. 4A, the OTP sending button is clicked to send the user OTP, which is the authentication number, to the OTP registered by the user. In this case, if the user sets the OTP registration to mobile, the authentication number is sent to the
4D, when the user sets the OTP registration to the e-mail, the authentication number is sent to the e-mail registered by the user, and the pop-up window that the 'OTP authentication number is sent by e-mail' is exposed to the
4E, when the user sets the OTP registration to the web, a pop-up window called 'PIN input' is displayed on the
Hereinafter, a process for OTP generation and authentication of the
FIG. 5 is a flowchart illustrating a process of connecting to a
5, the OTP generation and authentication process of the
Further, the
In addition, the
The OTP generation and authentication system according to an embodiment of the present invention and the OTP generation and authentication method using the OTP generation and authentication system according to an embodiment of the present invention, when the user accesses the
The present invention is not limited to the above-described embodiments, but may be modified in various ways as fall within the scope of the following claims. For example, the OTP generation and authentication system according to the present invention is not limited to the above- It will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined in the appended claims.
10: user terminal 20: OTP processing server
30: Target server 210: Relay module
220: OTP processing module
Claims (9)
A target server for displaying an authentication window for OTP generation in response to a user access request;
A user terminal for selecting an OTP classification item in the authentication window, inputting an ID and a password, OTP registration information for the selected OTP classification item, and requesting generation of the user OTP code; And
An OTP processing server for generating the user OTP code at the request of the user terminal and transmitting the user OTP code to the OTP classification item and allowing the user to access the target server when the user ID and password input from the user terminal and the user OTP code are valid; And an OTP generation and authentication system.
Wherein the OTP classification item includes at least one of a mobile application, an e-mail, an SMS, or a web.
Wherein the OTP registration information includes at least one of an OTP key for the mobile application, an address of the email, a phone number of the SMS-enabled user terminal, or a web corresponding to the mobile application, e-mail, Wherein the OTP generation and authentication system can be an input pin number.
The OTP processing server requests a matching code from the user terminal when the ID and password input by the user terminal are valid, receives a matching code from the user terminal, generates a user OTP code, and transmits the user OTP code to the user terminal And permits the connection to the target server when the user OTP code inputted by the user terminal is valid and the difference or sum of the user OTP code inputted by the user terminal and the matching code is valid. OTP generation and authentication system.
The OTP processing server requests a matching code from the user terminal when the ID and password input by the user terminal are valid, receives a matching code from the user terminal, generates a user OTP code, and transmits the user OTP code to the user terminal Wherein the OTP generation and authentication system permits access to the target server if the user OTP code entered by the user terminal is valid and the matching code entered by the user terminal is valid.
Wherein the OTP processing server generates a user OTP code including an OTP key value and a time value and determines that the user OTP code is valid for the same user OTP code input from the user terminal for a pre- OTP generation and authentication system.
A first step of transmitting a server connection request received from the user terminal to the target server;
A second step of transmitting an authentication window for OTP generation to the user terminal through the target server;
In the transmitted authentication window, an OTP authentication check is performed by a user's operation, an OTP classification item is selected, and OTP registration information for the selected OTP classification item is inputted to request the OTP processing server to generate a user OTP code A third step;
A fourth step of generating a user OTP code according to the request and transmitting the generated OTP code to the selected OTP classification item;
A fifth step of inputting an ID and a password and a user OTP code in the authentication window based on the transmitted user OTP code; And
And a sixth step of allowing the connection to the target server when the user ID and password input by the user terminal and the user OTP code are valid.
In the sixth step
A step 6-1 of requesting a matching code from the user terminal if the ID and the password input by the user terminal are valid;
Receiving the matching code from the user terminal, generating a user OTP code, and transmitting the user OTP code to the user terminal;
A sixth step of determining whether the user OTP code input by the user terminal is valid;
If the user OTP code input by the user terminal is valid, requesting the user terminal for the difference or sum of the user OTP code and the matching code; And
And allowing the connection to the target server when the difference or sum of the user OTP code inputted by the user terminal and the matching code is valid.
In the sixth step
A step 6-1 of requesting a matching code from the user terminal if the ID and the password input by the user terminal are valid;
Receiving the matching code from the user terminal, generating a user OTP code, and transmitting the user OTP code to the user terminal;
A sixth step of determining whether the user OTP code input by the user terminal is valid;
A step (6-4) of requesting the user terminal to input the matching code if the user OTP code inputted by the user terminal is valid; And
And allowing the connection to the server if the matching code inputted by the user terminal is valid.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150040718A KR101671463B1 (en) | 2015-03-24 | 2015-03-24 | One time password generation and recognition system and method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150040718A KR101671463B1 (en) | 2015-03-24 | 2015-03-24 | One time password generation and recognition system and method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20160114345A true KR20160114345A (en) | 2016-10-05 |
KR101671463B1 KR101671463B1 (en) | 2016-11-01 |
Family
ID=57153966
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150040718A KR101671463B1 (en) | 2015-03-24 | 2015-03-24 | One time password generation and recognition system and method thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101671463B1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20190027572A (en) | 2017-09-07 | 2019-03-15 | 김덕상 | Method for generating One-Time Password |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008287461A (en) * | 2007-05-17 | 2008-11-27 | Nomura Research Institute Ltd | Authentication apparatus, authentication system, authentication method, and authentication program |
KR101007601B1 (en) | 2010-06-18 | 2011-01-12 | 주식회사 미래테크놀로지 | Otp generation device |
KR101033547B1 (en) | 2010-08-19 | 2011-05-11 | (주)필라넷 | Otp authentification device and pc security log-on method using the same |
KR101161182B1 (en) * | 2011-10-20 | 2012-08-07 | 주식회사 인포바인 | Method and system capable of user integrated authentication according to security level of internet site by automatically detecting user authentication request |
KR20140033529A (en) * | 2012-08-16 | 2014-03-19 | 네이버 주식회사 | System, method and computer readable recording medium for providing a log in using one time password |
KR101451214B1 (en) * | 2012-09-14 | 2014-10-15 | 주식회사 엘지씨엔에스 | Payment method, server performing the same, storage media storing the same and system performing the same |
-
2015
- 2015-03-24 KR KR1020150040718A patent/KR101671463B1/en active IP Right Grant
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008287461A (en) * | 2007-05-17 | 2008-11-27 | Nomura Research Institute Ltd | Authentication apparatus, authentication system, authentication method, and authentication program |
KR101007601B1 (en) | 2010-06-18 | 2011-01-12 | 주식회사 미래테크놀로지 | Otp generation device |
KR101033547B1 (en) | 2010-08-19 | 2011-05-11 | (주)필라넷 | Otp authentification device and pc security log-on method using the same |
KR101161182B1 (en) * | 2011-10-20 | 2012-08-07 | 주식회사 인포바인 | Method and system capable of user integrated authentication according to security level of internet site by automatically detecting user authentication request |
KR20140033529A (en) * | 2012-08-16 | 2014-03-19 | 네이버 주식회사 | System, method and computer readable recording medium for providing a log in using one time password |
KR101451214B1 (en) * | 2012-09-14 | 2014-10-15 | 주식회사 엘지씨엔에스 | Payment method, server performing the same, storage media storing the same and system performing the same |
Also Published As
Publication number | Publication date |
---|---|
KR101671463B1 (en) | 2016-11-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10223520B2 (en) | System and method for integrating two-factor authentication in a device | |
KR101214836B1 (en) | Authentication method and authentication system | |
JP5462021B2 (en) | Authentication system, authentication method, and authentication program | |
CN103034530B (en) | Provide services on the Internet exchange time use method and system | |
KR20170058991A (en) | Verification information transmission method and terminal | |
CN111628871B (en) | Block chain transaction processing method and device, electronic equipment and storage medium | |
JP4960738B2 (en) | Authentication system, authentication method, and authentication program | |
JP2011215753A (en) | Authentication system and authentication method | |
CN106254319B (en) | Light application login control method and device | |
JP2010097512A (en) | Application download system and method of portable terminal | |
KR102055897B1 (en) | Authentication Method and System for Service Connection of Internet Site using Phone Number | |
CN107426266B (en) | Data processing method and server | |
KR20140115861A (en) | Method of banking services using mobile device | |
US20200128013A1 (en) | Systems and methods for multi-device multi-factor authentication | |
US11222100B2 (en) | Client server system | |
KR20090025047A (en) | Web page sharing system and method using a internet cookie on wire and wireless | |
KR101425854B1 (en) | Methods and Apparatus for Integrated Authentication for Auto-Login | |
US10778434B2 (en) | Smart login method using messenger service and apparatus thereof | |
US9537807B2 (en) | Automatically transitioning a user from a call to action to an enrollment interface | |
KR101671463B1 (en) | One time password generation and recognition system and method thereof | |
KR20210055878A (en) | Menagement system of product safety information based on blockchain | |
CN110912959B (en) | Equipment access method and device, management and control system and electronic equipment | |
JP2002278929A (en) | One time password generating module, system and method for distributing the same, portable terminal, one time password managing server, web server, program, and recording medium recorded with program | |
TW202105205A (en) | Authentication system and authentication method | |
JP2015176166A (en) | Network authentication method for secure user identification information verification using user positioning information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |