KR20160114961A - Method for Providing One Time Password Linked Transaction by using Secure Operating System - Google Patents

Method for Providing One Time Password Linked Transaction by using Secure Operating System Download PDF

Info

Publication number
KR20160114961A
KR20160114961A KR1020150041507A KR20150041507A KR20160114961A KR 20160114961 A KR20160114961 A KR 20160114961A KR 1020150041507 A KR1020150041507 A KR 1020150041507A KR 20150041507 A KR20150041507 A KR 20150041507A KR 20160114961 A KR20160114961 A KR 20160114961A
Authority
KR
South Korea
Prior art keywords
program
secure
otp
memory area
general
Prior art date
Application number
KR1020150041507A
Other languages
Korean (ko)
Inventor
김종서
Original Assignee
(주)에이티솔루션즈
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)에이티솔루션즈 filed Critical (주)에이티솔루션즈
Priority to KR1020150041507A priority Critical patent/KR20160114961A/en
Publication of KR20160114961A publication Critical patent/KR20160114961A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Technology Law (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Economics (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Development Economics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to a method for providing a one time password (OTP) associated with a trade using a secured operating system. The method of providing an OTP associated with a trade using a secured operating system according to the present invention is executed by a wireless terminal, on which a secured operating system (OS) having a secured kernel and a normal OS with a disclosed kernel structure are installed, and comprises: a first step in which a program (n) for the normal OS program allocates a memory area accessible by a program (s) assigned by the secured OS or acknowledges a pre-allocated memory area; a second step in which the program (n) provides trade information (or a portion of the trade information) to the memory area; a third step in which the program (s) for the secured OS acknowledges the trade information (or a portion of the trade information) from the memory area; a fourth step in which the program (s) dynamically generates an OTP by using the trade information (or a portion of the trade information) as a seed value for a code generating algorithm provided in the secured OS; a fifth step in which the program (s) provides the generated OTP to the memory area; and a sixth step in which the program (n) refers to the OTP in the memory area. According to the present invention, an OTP associated with a trade can be protected safely from hacking or falsification of a normal OS.

Description

Technical Field [0001] The present invention relates to a method and apparatus for providing a transaction-

The present invention provides a security OS (Secure Operating System) having a secure kernel and a wireless terminal equipped with a general OS in which a kernel structure is disclosed, a separate security OS isolated from the general OS during various transactions through a general OS An OTP linked with the transaction of the general OS is generated and used.

Recently, a Trust Zone technology has been proposed in which each physical processor core is divided into two worlds, Secure World and Normal World, and each world is isolated. Trust Zone technology is equipped with a normal operating system in the normal world, and Secure World is equipped with a security-enhanced operating system. By keeping Secure World isolated from the normal world, even if the normal world is hacked or forged, security of the normal world and isolated secure world .

The isolation of Secure World and Normal World in Trust Zone technology is one of the key points to ensure the security of Secure World. An application executed in the secure world can directly access and control various components such as a display device, a communication device, and an input device provided in the terminal without using the operating system of the normal world (Patent Registration No. 10-1259824) . Although Secure World and Normal World physically share a single processor core in a single terminal and Secure World runs through Normal World, Secure and Normal Worlds, in terms of hardware and software, Other systems.

Accordingly, when a user inputs an OTP (One Time Password) while using the Internet banking through a personal computer, the OTP application is loaded in a secure world (= trust zone) of the wireless terminal possessed by the user and is executed to generate an OTP The user can visually recognize the OTP on the screen of the wireless terminal and use it in the form of inputting it to the Internet banking through the personal computer.

However, in the case of using OTP during mobile banking or mobile payment using a wireless terminal, even if an OTP is generated through an OTP application of a secure world (= Trust Zone), it is difficult for the user to perceive it by the naked eye and use it for mobile banking or mobile payment It has a problem. In other words, most of the applications you use are loaded in NormalWorld and run in NormalWorld, either during mobile banking via banking apps running in NormalWorld, or through SecureWorld during mobile payments through payment applications launched in NormalWorld The control right of the display is transferred to the secure world at the moment when the secure world is activated and the control right of the display is transferred to the normal world at the moment of returning to the normal world. Therefore, even if the secure world is driven to generate the OTP, It is very difficult to input it into a banking app or a payment application executed in the normal world while recognizing it with the naked eye.

SUMMARY OF THE INVENTION An object of the present invention to overcome the above problems is to provide a wireless terminal in which when a heterogeneous OS including a normal OS and a secure OS is mounted, ) Allocates a memory area accessible from the designated program (s) of the security OS among transaction operations using the transaction information, or confirms a pre-allocated memory area and provides transaction information (or a part of transaction information) to the memory area , The OTP is dynamically generated using the transaction information (or a part of the transaction information) through the program (s) of the secure OS, so that the heterogeneous general OS and the secure OS can generate or use the transaction-linked OTP through the memory region And a method for providing a transaction-related opportunistic using a security operating system.

A method for providing transaction interoperability using a secure operating system according to the present invention is a method for providing a transaction interoperability using a security operating system, including a secure OS (Secure Operating System) having a secure kernel and a normal operating system (N) of the general OS allocates a memory area accessible from a designated program (s) of the secure OS or identifies a pre-allocated memory area, and a step (s) of the security OS checks the transaction information (or a part of the transaction information) from the memory area, and a second step of providing the transaction information (or part of the transaction information) A third step of generating a One Time Password (OTP) by using the transaction information (or a part of the transaction information) as a seed value of a code generation algorithm provided in the secure OS, Is the first step and, in the fifth step of the program (s) is provided to the OTP generated in the memory area, the program (n) 4 This includes a sixth step of referring to the OTP memory area.

According to the present invention, the secure OS may include a trust zone installed in the processor.

According to the present invention, a method for providing transaction interoperability using the security operating system comprises the steps of: identifying the program (s) assigned to the secure OS as the program (n), or identifying the program And storing the identification information in the general OS storage area.

According to another aspect of the present invention, there is provided a method for providing transaction interoperability using the secure operating system, the method further comprising: storing and maintaining state information on the program (n) immediately before the program (n) can do.

According to the present invention, the first step may further include the step of the program (n) operating a secure OS through a SMC (Secure Monitor Call) command.

According to the present invention, in the first step, the program (n) allocates the memory area to the general OS or the pre-allocated memory area.

According to the present invention, the first step may allocate the memory area to the security monitor that performs the switching procedure between the general OS and the secure OS, or may check the pre-allocated memory area.

According to the present invention, in the first step, the program (n) can allocate a memory area accessible from the program (s) of the secure OS to the security server on the network or check the pre-allocated memory area.

According to the present invention, the first step may further comprise setting the program (n) as a process at the general OS side in which the program (n) refers to the memory area.

According to another aspect of the present invention, there is provided a method for providing transaction interoperability using the secure operating system, wherein the program (s) further comprises storing one or more fixed seed values in a storage area of the secure OS, And using the stored one or more fixed seed values as a seed value of the code generation algorithm.

According to the present invention, the fourth step further includes using at least one dynamic seed value, which is confirmed by the program (s) through the secure OS, as a seed value of the code generation algorithm, And may include a time value that the program s confirms via the timer of the secure OS.

According to another aspect of the present invention, there is provided a method for providing transaction interoperability using a security operating system, comprising: receiving a PIN (Personal Identification Number) by accessing an input means of a wireless terminal through a secure OS, And authenticating the validity of the PIN input via the OS.

According to the present invention, in the fourth step, the program (s) may access the screen output means of the wireless terminal through the secure OS and output the generated OTP.

According to the present invention, the sixth step includes the steps of: the program (n) verifying the OTP of the memory area; and the program (n) displaying the confirmed OTP through the screen output means of the wireless terminal . ≪ / RTI >

According to the present invention, in the sixth step, the program (n) confirms the OTP of the memory area, and the program (n) transmits the confirmed OTP to the designated server through the communication means of the wireless terminal .

According to the present invention, when a heterogeneous OS including a general OS and a secure OS is installed in a wireless terminal, a transaction operation of the general OS is performed through a secure OS isolated from the general OS during a transaction operation through a general OS It is advantageous to safely protect the transaction-linked OTP against hacking or tampering of the general OS while generating and / or using the transaction-linked OTP through the wireless terminal.

1 is a diagram illustrating a functional configuration of a wireless terminal according to an embodiment of the present invention.
2 is a diagram showing a functional configuration of a program according to an embodiment of the present invention.
3 is a diagram illustrating a process of preparing a program s in a secure OS according to an embodiment of the present invention.
4 is a diagram illustrating a transaction interoperation process between a general OS and a secure OS according to an embodiment of the present invention.
FIG. 5 is a diagram illustrating a process of generating and using a transaction-linked OTP through a secure OS according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a functional block diagram of a wireless terminal 100 according to an embodiment of the present invention.

1 is a block diagram illustrating a configuration of a general OS 110 in a wireless terminal 100 equipped with a secure OS 120 having a secure kernel 130 and a general OS 110 having a kernel structure disclosed therein, 1 is a block diagram illustrating a functional configuration for providing an OTP interworking with a transaction of the wireless terminal 100 according to an exemplary embodiment of the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the following claims. The wireless terminal 100 of FIG. 1 may include various terminals such as a smart phone, a tablet PC, and a PDA, which are equipped with the secure OS 120 and the general OS 110.

1, the wireless terminal 100 includes a control unit 105, a memory unit 165, a screen output unit 135, a user input unit 140, a sound processing unit 145, and a short range wireless communication unit 150. [ A wireless network communication unit 155, a USIM reader 160, and a USIM, and has a battery for power supply.

The control unit 105 is a general term for controlling the operation of the wireless terminal 100. The control unit 105 physically includes a processor and an execution memory, ). Preferably, the processor may comprise an ARM processor.

According to the present invention, the control unit 105 includes a normal world in which a normal OS 110 in which a kernel structure, an API and a driver are displayed, and a secure kernel And a secure world in which a secure operating system 120 (Secure Operating System) having a security function 130 is operated. The normal world and the secure world are constructed in a mutually isolated structure. Preferably, the secure OS 120 includes a Trust Zone of the ARM processor. Hereinafter, a functional configuration for the present invention on the general OS 110 and the secure OS 120 will be described with reference to the control unit 105 for convenience.

The memory unit 165 is a generic name of a nonvolatile memory corresponding to a storage unit included in the wireless terminal 100 and includes at least one program code executed through the control unit 105 and at least one And stores the data set.

According to the present invention, the memory unit 165 may include a general OS storage area accessed by the general OS 110 and a secure OS storage area accessed by the secure OS 120, I can not access the OS storage area. The general OS storage area may store program codes corresponding to applications executed through the general OS 110 and at least one data set used by applications of the general OS 110. [ The secure OS storage area may store program codes corresponding to applications executed through the secure OS 120 and at least one data set used by applications of the secure OS 120. [

The general OS 110 has a kernel (hereinafter, referred to as a "general kernel 115" in contrast to the security kernel 130 of the secure OS 120) The general kernel 115 of the wireless terminal 100 includes various functions of the wireless terminal 100 such as the screen output unit 135, the user input unit 140, the sound processing unit 145, the near field wireless communication unit 150, Resources, and may be provided with a driver on the general OS 110 for this purpose. The general kernel 115 of the general OS 110 can not access the secure OS storage area and the general OS 110 and the secure OS 120 are isolated from each other.

The secure OS 120 includes a secure kernel 130 in which a kernel structure is not disclosed and the secure kernel 130 of the secure OS 120 includes a screen output unit 135, a user input unit 140, The mobile terminal 100 may access various resources of the wireless terminal 100 such as the processor 145, the short range wireless communication unit 150 and the wireless network communication unit 155 and may include a driver on the secure OS 120 for this purpose. Preferably, the secure kernel 130 of the secure OS 120 can not access the normal OS storage area, and the secure OS 120 and the normal OS 110 are isolated from each other.

The screen output unit 135 may include a display such as a liquid crystal display (LCD) or a touch screen including a touch input unit as a screen output unit provided in the wireless terminal 100 .

The general kernel 115 of the general OS 110 includes a driver for accessing and controlling the display or the touch screen of the screen output unit 135. The general kernel 115 is connected to the screen output unit 135, The security OS 120 can not access the screen output unit 135. In this case,

The secure kernel 130 of the secure OS 120 has a separate security driver for accessing and controlling the display or the touch screen of the screen output unit 135, The general OS 110 can not access the screen output unit 135 when accessing and controlling the display unit 135. [

The user input unit 140 may be a user input unit provided in the wireless terminal 100 and may include a touch input unit of the touch screen when the screen output unit 135 includes a touch screen. A keypad, and a key button.

The general kernel 115 of the general OS 110 includes a driver for accessing and controlling a touch input unit, a keypad or a key button of the user input unit 140. The general kernel 115 is connected to the user input unit 140 The security OS 120 can not access the user input unit 140. In this case,

The secure kernel 130 of the secure OS 120 has a separate security driver for accessing and controlling the touch input unit, keypad or key button of the user input unit 140, When accessing and controlling the input unit 140, the general OS 110 can not access the user input unit 140.

The sound processing unit 145 may include sound output means and sound input means provided in the wireless terminal 100, and may include a speaker for outputting sound and a microphone for receiving sound.

The general kernel 115 of the general OS 110 includes a driver for accessing and controlling the speaker or microphone of the sound processing unit 145. The general kernel 115 accesses the sound processing unit 145 The security OS 120 can not access the sound processing unit 145 controlled by the general OS 110. [

The secure kernel 130 of the secure OS 120 includes a separate security driver for accessing and controlling the speaker or microphone of the sound processing unit 145. The secure kernel 130 may include a sound driver 145, The general OS 110 can not access the sound processing unit 145 controlled by the secure OS 120. In this case,

The wireless network communication unit 155 and the short-range wireless communication unit 150 are communication means for connecting the wireless terminal 100 to a communication network. Preferably, the wireless terminal 100 is a wireless communication unit And may further include one or more short-range wireless communication units 150. FIG.

The wireless network communication unit 155 collectively refers to communication means for connecting the wireless terminal 100 to a wireless communication network via a base station and includes an antenna for transmitting and receiving a radio frequency signal of a specific frequency band, And at least one processing module. The wireless network communication unit 155 may connect the wireless terminal 100 to a call network including a call channel and a data channel via an exchange and may transmit wireless network data based on a packet communication, To a data network providing communication (e.g., the Internet).

According to an embodiment of the present invention, the wireless network communication unit 155 is a mobile communication unit that performs at least one of connection to a mobile communication network, location registration, call processing, call connection, data communication, and handoff according to the CDMA / WCDMA / ≪ / RTI > Meanwhile, according to the intention of a person skilled in the art, the wireless network communication unit 155 may further include a portable Internet communication configuration for performing at least one of connection to the portable Internet, location registration, data communication and handoff according to the IEEE 802.16 standard, It is evident that the present invention is not limited by the wireless communication configuration provided by the wireless network communication unit 155. [ That is, the wireless network communication unit 155 is a general term for a component that connects to a wireless communication network through a cell-based base station irrespective of a frequency band of a wireless section, a type of a communication network, or a protocol.

The general kernel 115 of the general OS 110 includes a driver for accessing and controlling the wireless network communication unit 155. When the general kernel 115 accesses and controls the sound processing unit 145 The secure OS 120 can not access the wireless network communication unit 155 controlled by the general OS 110.

The secure kernel 130 of the secure OS 120 has a separate security driver for accessing and controlling the wireless network communication unit 155. The secure kernel 130 may access the wireless network communication unit 155 The general OS 110 can not access the wireless network communication unit 155 controlled by the secure OS 120. In this case,

The short-range wireless communication unit 150 is a generic term of a communication unit that connects a communication session using a radio frequency signal within a predetermined distance (for example, about 10 m) as a communication medium and connects the wireless terminal 100 to a communication network The wireless terminal 100 can be connected to the communication network through at least one of Wi-Fi communication, Bluetooth communication, public wireless communication, and UWB. According to an embodiment of the present invention, the short-distance wireless communication unit 150 can connect the wireless terminal 100 to a data network providing packet-based short-range wireless data communication through a wireless AP.

The general kernel 115 of the general OS 110 includes a driver for accessing and controlling the short range wireless communication unit 150. When the general kernel 115 accesses and controls the sound processing unit 145 The secure OS 120 can not access the short range wireless communication unit 150 controlled by the general OS 110. [

The secure kernel 130 of the secure OS 120 has a separate security driver for accessing and controlling the short-range wireless communication unit 150. When the secure kernel 130 accesses the short-range wireless communication unit 150 The general OS 110 can not access the short range wireless communication unit 150 controlled by the secure OS 120. [

The USIM reader 160 is a generic term of a configuration for exchanging at least one data set with a universal subscriber identity module that is mounted or detached from the wireless terminal 100 based on the ISO / IEC 7816 standard , And the data set is exchanged in a half duplex communication manner through an APDU (Application Protocol Data Unit).

The USIM is an SIM type card having an IC chip conforming to the ISO / IEC 7816 standard, and includes an input / output interface including at least one contact connected to the USIM reader 160, a program code for at least one IC chip (Or processing) the program code for the IC chip or extracting (or processing) the data set in accordance with at least one command transmitted from the wireless terminal 100 in connection with the input / output interface To the input / output interface.

According to the present invention, the general OS 110 is loaded with various applications operating using the general kernel 115, and the user can control various applications executed in the general OS 110 through the general kernel 115 The normal OS 115 performs a user operation by the user input unit 140 controlled through the general kernel 115 while displaying one or more interface screens through the screen output unit 135. The general OS 115, The application of the present invention performs a designated transaction operation and provides various services to the user. Hereinafter, an application (or a program module embedded in or linked to an application) operating in accordance with the present invention on the general OS 110 is referred to as " program (n) 200 " Preferably, the program (n) 200 may include an application that uses an OTP (One Time Password) such as a banking application or a payment application executed in the general OS 110. However, the program (n) 200 is not limited to a banking app or a payment application, and any application may use the OTP on the general OS 110 and belong to the scope of the present invention.

According to the embodiment of the present invention, the program (n) 200 of the general OS 110 is provided in the upper part of the general kernel 115 on the OS structure and operates using the general kernel 115.

According to the present invention, at least one security application operating on the secure kernel 130 is installed in the secure OS 120. [ The security application on the secure OS 120 operates using the secure kernel 130 and may be connected to the screen output unit 135, the user input unit 140, the sound processing unit 145, The wireless network communication unit 155, the short range wireless communication unit 150, and the like. Hereinafter, a security application (or a program module embedded in or linked to a security application) operating in accordance with the present invention on a general OS 110 is referred to as " program (s) 240 " Preferably, the program (s) 240 may include an OTP app running in the secure OS 120.

According to an embodiment of the present invention, the program (s) 240 of the secure OS 120 is provided in the upper part of the secure kernel 130 on the OS structure and operates using the secure kernel 130.

The OS of the wireless terminal 100 is switched from the general OS 110 to the secure OS 120 in the secure OS 120 (or between the general OS 110 and the secure OS 120) Or a security monitor 125 (Secure Monitor) that performs a series of procedures for switching from the security OS 120 to the general OS 110. [ Since the security monitor 125 uses the command of the secure OS 120, FIG. 1 illustrates the security monitor 125 as being provided in the secure OS 120 for the sake of convenience.

The security monitor 125 monitors whether an SMC (Secure Monitor Call) command is generated through the kernel or an IRQ (Interrupt Request) to FIQ (Fast Interrupt Request) Can be performed.

2 is a diagram showing a functional configuration of a program according to an embodiment of the present invention.

2 shows the functional configuration of the program (n) 200 of the general OS 110 and the program (s) 240 of the secure OS 120. In the technical field of the present invention, It will be understood by those skilled in the art that various changes and modifications of the program may be made without departing from the spirit and scope of the present invention as defined by the following claims. The technical characteristics are not limited only by the method shown in FIG.

Referring to FIG. 2, a program (s) 240 of the secure OS 120 includes a code generation algorithm for generating an OTP, and a fixed seed value to be substituted into a designated code generation algorithm for generating an OTP And a seed storage unit 245 for storing the seed in the secure OS storage area.

The program (s) 240 is a generic name of a program that is executed in the secure OS 120 and generates an OTP, preferably a code generation algorithm (e.g., a hash algorithm such as MD4, MD5, or SHA) Built in. The program (s) 240 is recorded in the secure OS storage area according to a specified security procedure, and is executed when the OS of the wireless terminal 100 is switched to the secure OS 120.

When the program (s) 240 mounted on the secure OS 120 is executed at least once, the seed storage unit 245 stores the fixed seed value necessary to generate the OTP in the designated seed storage area on the secure OS storage area Is stored. If the fixed seed value required for OTP generation is not stored in the seed storage area, the seed storage unit 245 acquires one or more fixed seed values according to a designated procedure and stores the acquired fixed seed value in the seed storage area. The seed storage unit 245 preferably communicates with a designated server using the communication means of the wireless terminal 100 (for example, the wireless network communication unit 155, the short-range wireless communication unit 150, etc.) Key value, or obtain a key value to be used as a fixed seed by performing a specified key exchange procedure with the server. Alternatively, the seed storage unit 245 may acquire at least one of unique information (e.g., MIN, IMSI, IMEI, etc.) allocated to the wireless terminal 100 with the fixed seed. The seed storage unit 245 stores the obtained one or more fixed seed values in the seed author area set in the secure OS storage area, and the general OS 110 can not access the seed storage area.

Referring to FIG. 2, the program (s) 240 of the secure OS 120 registers PIN information for PIN (Personal Identification Number) authentication for dynamically generating an OTP on the secure OS 120 And a PIN registration unit 250 for registering the PIN.

When the program (s) 240 mounted on the secure OS 120 is executed at least once, the PIN registration unit 250 stores PIN information for creating an OTP in the designated PIN storage area on the secure OS storage area . If the PIN information is not stored in the PIN storage area, the PIN registration unit 250 obtains the access right of the screen output unit 135 and the user input unit 140 according to a designated procedure, And receives the PIN information through the user input unit 140 and stores the received PIN information in the PIN storage area. The PIN registration unit 250 may encrypt the PIN information according to a designated encryption scheme and store the encrypted PIN information in the PIN storage area. The general OS 110 can not access the PIN storage area.

2, the program (n) 200 of the general OS 110 includes an OTP determination unit 205 for determining whether to generate or use an OTP while performing a specified transaction operation, An information checking unit 210 for checking transaction information (or a part of transaction information) corresponding to the transaction operation, and a series of procedures for switching to the secure OS 120 through the general kernel 115, (S) 240 of the secure OS 120 or identifies a pre-allocated memory area and provides the confirmed transaction information (or a part of the transaction information) to the memory area And an interlocking procedure unit 215 for interlocking. Meanwhile, according to another embodiment of the present invention, the process of allocating the memory area or checking the pre-allocated memory area may be performed through the program (s) 240 of the secure OS 120, (s) 240 to allocate / verify the memory area may be included as a scope of right.

The program (n) 200 is executed in the general OS 110 and performs at least one designated transaction operation among banking, payment, and authentication. The OTP determination unit 205 determines whether the OTP Is to be performed. For example, when the program (n) 200 is a banking app, the OTP determination unit 205 can confirm a procedure for inputting an OTP during a banking transaction through the program (n) Or if the program (n) 200 is a payment application, the OTP determination unit 205 can confirm that the program (n) 200 has received a push requesting the OTP.

When the OTP generation / use is confirmed through the OTP determination unit 205, the information verification unit 210 confirms transaction information (or a part of transaction information) in connection with the designated transaction operation. For example, when the program (n) 200 is a banking app, the transaction information (or a part of the transaction information) includes an account number (or a part of an account number), a password A portion of the transaction amount), or a combination of two or more of them.

The interworking procedure unit 215 checks whether the secure OS 120 is loaded in the wireless terminal 100 at least at the first execution of the program (n) 200 installed in the general OS 110 (S) 240 for creating an OTP in the secure OS 120 when the secure OS 120 is installed in the wireless terminal 100. The secure OS 120 may include a program (s) If the program (s) 240 for generating an OTP is installed in the secure OS 120, the interworking procedure unit 215 determines that the program (s) 240 is installed in the secure OS 120 (S) 240 mounted on the secure OS 120 and / or the identification information of the program (s) 240 mounted on the secure OS 120 in the general OS storage area.

(S) 240 to the secure OS 120 based on the identification information when it is confirmed that the OTP generation unit 205 performs the OTP generation / use procedure through the OTP determination unit 205, (S) 240 installed in the secure OS 120 and confirms that the program (s) 240 is installed.

(S) 240 of the secure OS 120 through the identification information, the interworking procedure unit 215 determines whether to execute the OTP generation / use procedure using the general kernel 115 (N) 200 immediately before switching to the secure OS 120 via the network interface (OS). Preferably, the interworking procedure unit 215 transmits a program requiring the OTP through the general kernel 115 at the time of switching the OS of the wireless terminal 100 from the general OS 110 to the secure OS 120 (OS) of the wireless terminal 100 is switched from the general OS 110 to the secure OS 120 by storing the state information of the wireless terminal 100 in the normal OS storage area, When the state of the program (n) 200 is changed to a state requiring the OTP (for example, an interface screen state of the program (n) 200, a communication of the program (n) Session state, etc.).

According to an embodiment of the present invention, the interworking procedure unit 215 may be configured to execute the security OS 120 immediately before switching to the secure OS 120 through the general kernel 115 (for example, immediately before the security OS 120 is driven via the SMC command) The program (n) 200 may be initialized and / or the general OS 110 (n) may be initialized in the process of switching the general OS 110 to the secure OS 120 by maintaining the state information of the program When the OS of the wireless terminal 100 is switched from the secure OS 120 to the normal OS 110 even if an exceptional situation occurs such as a page fault occurs during the procedure of switching from the secure OS 120 to the secure OS 120, The state of the program (n) 200 can be restored to the state immediately before switching to the secure OS 120 using the state information.

(S) 240 of the secure OS 120 and / or the status information of the program (n) 200 is stored in the secure OS 120, , The interworking procedure unit 215 generates an SMC command for operating the secure OS 120 through the general kernel 115. [ The security monitor 125 verifies the validity of the SMC command and performs a procedure for driving the secure OS 120 according to the SMC command when the verification is successful.

Meanwhile, the linking procedure unit 215 accesses the secure OS 120, which is accessible from the program (n) 200, at a specified point in time before, during, or after starting the operation of the secure OS 120. [ (S) 240 of the program (s) 240, or identifies pre-allocated memory areas. For example, the allocated memory area may include a shared memory for inter-process communication between the program (n) 200 of the general OS 110 and the program (s) 240 of the secure OS 120 have. While the normal shared memory is allocated in the OS for inter-process communication within the same OS, the memory region of the present invention is used for inter-process communication of heterogeneous processes executed in heterogeneous OS including general OS 110 and secure OS 120 Which is a shared memory for providing the data.

According to the first memory area allocation method of the present invention, the linkage procedure unit 215 allocates the memory area on the general OS 110 or identifies the memory area allocated on the general OS 110 . In this case, the security monitor 125 can access or monitor the memory area of the general OS 110, and the program (s) 240 of the secure OS 120 can be accessed through the security monitor 125 (Or access to) the memory area of the OS 110 indirectly.

According to the second memory area allocation method of the present invention, the linkage procedure unit 215 allocates the memory area on the security monitor 125 or the memory area allocated to the security monitor 125 have. In this case, the interworking procedure unit 215 can allocate the memory area to the security monitor 125 or check the memory area allocated to the security monitor 125 through the SMC command.

According to the third memory area allocation method of the present invention, the linkage procedure unit 215 can access (or connect) with the program (n) 200 and can also access the program (s) 240 (Or connectable) to the security server on the network, or to identify the memory area allocated to the security server. When the memory area is allocated to the security server on the network, the program (n) 200 of the general OS 110 and the program (s) 240 of the secure OS 120 communicate with the security server, You can read or write data to and from the memory area.

The interworking procedure unit 215 can set the program (n) 200 as a process of the general OS 110 that refers to the allocated memory area. Preferably, the interworking procedure unit 215 provides a PID (Process ID) of the program (n) 200 to the memory area so that the program (s) 240 of the secure OS 120 operates The program (s) 240 can set the program (n) 200 as a process of the general OS 110 side to read data recorded in the allocated memory area.

When a memory area accessible by the program (s) 240 of the secure OS 120 is allocated through at least one of the first to third memory area allocation schemes, or when a pre-allocated memory area is identified, The procedure unit 215 can set a program (s) 240 designated as a process accessible to the allocated memory area in the secure OS 120. [ For example, the interworking procedure unit 215 may store the address information of the allocated memory area (for example, a memory address on a RAM, a memory address of a RAM provided in the processor, (S) 240 used by the secure OS 120 through the security monitor 125 and a network address (and / or identification value) identifying the memory area . ≪ / RTI >

(S) 240 of the secure OS 120 is allocated / verified and / or the memory region is made accessible in the program (s) 240 of the secure OS 120 The interlocking procedure unit 215 may be configured to interlock with the security monitor 125 to prevent access to the memory area from other processes of the general OS 110 except for the program n 200 . Preferably, the interworking procedure unit 215 uses the memory access control function of the security monitor 125 to control the process of the general OS 110 in a process other than the program (n) Can not be accessed.

Meanwhile, a memory area accessible by the program (s) 240 of the secure OS 120 may be allocated, or a pre-allocated memory area may be identified through at least one of the first to third memory area allocation methods, and / Alternatively, when the access control procedure of the memory area is performed, the linkage procedure unit 215 provides the transaction information (or a part of the transaction information) confirmed through the information checking unit 210 to the memory area, The program (s) 240 of the secure OS 120 refers to the transaction information (or a part of the transaction information) to determine whether or not the program (s) 240 associated with the transaction operation performed through the program (n) 200 of the general OS 110 OTP is generated.

When the secure OS 120 is activated by the SMC command and the program (s) 240 of the secure OS 120 is executed, the access right of the allocated / confirmed memory area is managed by the security monitor 125 (S) 240 of the secure OS 120. In this case,

Referring to FIG. 2, the program (s) 240 of the secure OS 120 may identify a memory area allocated through at least one of the first to third memory area allocation methods, And an interlock processing unit 255 for performing a procedure for interlocking.

When the security OS 120 is activated and the program (s) 240 of the secure OS 120 is executed, the interworking processor 255 interlocks with the operation procedure performed through the security monitor 125, (S) 240 and accesses the memory area through at least one of the first to third memory area allocation methods. Preferably, the interworking processor 255 may perform a procedure for obtaining an access right to the memory area.

Meanwhile, the interworking processor 255 may check the memory area at any time before referring to the memory area in the program (s) 240, and the interlocking processor 255 may check the memory area at a specific time The present invention is not limited thereto.

Referring to FIG. 2, when the user's PIN information is stored in the designated PIN storage area of the secure OS 120 through the PIN registration unit 250, the program (s) And a PIN authentication unit 260 receiving the PIN information through the input unit of the wireless terminal 100 and authenticating the validity.

When the secure OS 120 is activated and the program (s) 240 of the secure OS 120 is executed, the PIN authentication unit 260 transmits the screen output unit 135 and the user input unit 140, displays an interface for PIN authentication on the screen output unit 135, inputs PIN information through the user input unit 140, and compares the PIN information with the PIN information stored in the PIN storage area (Or verification operation) to verify the validity of the input PIN information.

Referring to FIG. 2, the program (s) 240 of the secure OS 120 may include a transaction (s) 240 for confirming transaction information (or a part of transaction information) from a memory area shared with the program And an OTP generation unit 280 for dynamically generating an OTP by using the transaction information (or a part of transaction information) as a seed value of a code generation algorithm included in the secure OS 120, A seed generating unit 270 generating a transaction interlocking seed value assignable to the designated code generating algorithm using the transaction information (or a part of the transaction information); and a seed generating unit 270 generating one or more fixed seed values And a seed confirmation unit (275) for confirming at least one dynamic seed value confirmed through the secure OS (120).

When the secure OS 120 is activated and the program (s) 240 of the secure OS 120 is executed and / or the PIN authentication is successful, the transaction interlocking unit 265 transmits, to the interworking processing unit 255, (Or a part of the transaction information) corresponding to the transaction operation of the general OS 110 from the memory area shared with the program (n) 200 of the general OS 110 in connection with the general OS 110. [ If the confirmed transaction information (or part of the transaction information) is not immediately available as the seed value of the code generation algorithm, the seed generation unit 270 generates the transaction information (or a part of the transaction information) (For example, hash of the transaction information (or a part of the transaction information)) to generate a transaction interlocking seed value corresponding to the transaction information (or a part of the transaction information).

Meanwhile, when one or more fixed seed values other than the seed value corresponding to the transaction information (or a part of the transaction information) is substituted into the code generation algorithm, the seed confirmation unit 275 transmits, to the seed storage unit 245, One or more fixed seed values stored in the designated seed storage area of the secure OS 120 can be confirmed.

Meanwhile, when at least one dynamic seed value other than the seed value corresponding to the transaction information (or a part of the transaction information) is substituted into the code generation algorithm, the seed identification unit 275 identifies Identify at least one dynamic seed value to assign to the designated code generation algorithm using the resource. For example, the seed confirmation unit 275 may use a timer accessible by the secure OS 120 to set a time value to be confirmed through the timer of the secure OS 120 as a dynamic seed value to be substituted into the code generation algorithm Can be confirmed. Or the seed confirmation unit 275 acquires the access right to the communication means of the wireless terminal 100 and acquires a key value to be used as a dynamic seed of the code generation algorithm Value, etc.), or may exchange a key value to be used as a dynamic seed with the server according to a specified key exchange algorithm.

The OTP generation unit 280 may generate the transaction information (or a part of the transaction information) confirmed through the transaction interlock unit 265 or the transaction interlocked seed value generated through the seed generation unit 270, And generates the OTP dynamically. If the OTP is generated by substituting at least one fixed seed value and / or at least one dynamic seed value into the code generation algorithm in addition to the transaction information (or a part of the transaction information) or the transaction interworking seed value, The seed generation unit 270 generates the seed generation unit 270 with the code generation algorithm in addition to the transaction information (or a part of the transaction information) confirmed through the transaction interlock unit 265 or the transaction interlocking seed value generated through the seed generation unit 270, (275) further substitutes the identified one or more fixed seed values and / or the at least one dynamic seed value to generate the OTP dynamically.

Referring to FIG. 2, the program (s) 240 of the secure OS 120 includes an OTP provider 290 that provides the generated OTP to the memory area, And an OTP output unit 285 for outputting the generated OTP through a screen output unit.

The OTP output unit 285 may obtain the access right of the screen output unit 135 and output the generated OTP to the screen output unit 135 according to a designated procedure. Since the OTP is output through the secure OS 120, the OTP output through the secure OS 120 is securely protected even if the normal OS 110 is hacked.

The OTP provider 290 provides the generated OTP to the memory area identified through the interworking processor 255. The security monitor 125 monitors the OS of the wireless terminal 100 according to a designated procedure. And switches from the secure OS 120 to the normal OS 110. [ Preferably, the OTP provider 290 records the generated OTP in the memory area so as to read or refer to the generated OTP through the program (n) 200 of the general OS 110 .

According to the modified embodiment of the present invention, the OTP provider 290 may encrypt the OTP and provide the OTP to the memory area. When outputting the OTP from the program (n) 200 of the general OS 110, the encrypted OTP can be decrypted only through the program (n) 200 of the general OS 110, It is not decoded through another program of the computer 110. Meanwhile, when transmitting the OTP from the program (n) 200 of the general OS 110 to a designated server, the OTP provider 290 can encrypt the OTP so as to be decryptable only through the designated server, In this case, the encrypted OTP can be decrypted only through the designated server (i.e., not decrypted through the program (n) 200 of the general OS 110). Meanwhile, according to another modified embodiment of the present invention, the OTP provider 290 can transmit the OTP, which is normally created through the communication means of the wireless terminal 100, to the designated server. In this case, May not be provided.

When the OS of the wireless terminal 100 is switched to the general OS 110 according to an embodiment of the present invention, the interworking procedure unit 215 of the program (n) 200 acquires the access right of the memory area (Or based on the acquired rights) to access the memory area. Meanwhile, the interworking procedure unit 215 of the program (n) 200 may restore the status of the program (n) 200 immediately before switching to the secure OS 120 using the status information.

Referring to FIG. 2, the program 200 of the generic OS 110 includes an OTP 220 for checking the OTP generated through the program (s) 240 of the secure OS 120 by referring to the memory area, And a display unit for displaying the confirmed OTP and / or transmitting the confirmed OTP to the designated server through the communication means of the wireless terminal 100 And an OTP processing unit 225.

When the OS of the wireless terminal 100 is switched to the general OS 110, the OTP checking unit 220 refers to the memory area in cooperation with the linkage procedure unit 215, The program (s) 240 identifies the OTP provided to the memory area.

When the OTP generated through the program (s) 240 of the secure OS 120 is confirmed through the OTP checking unit 220, the OTP processing unit 225 displays the screen output means of the wireless terminal 100 To output the identified OTP. Preferably, the OTP processor 225 may output the OTP on an interface screen for inputting / using the OTP among the designated transaction operation procedures of the program (n) 200. If the OTP is encrypted through the program (s) 240 of the secure OS 120, the OTP processing unit 225 may decrypt and output the encrypted OTP. The OTP output through the OTP processor 225 may be keyed into the program 200 of the general OS 110 by the user. In this case, The OTP can be transferred to the specified server. Meanwhile, the OTP may be transmitted to a designated server through another program associated with the general OS 110 linked to the program (n) 200, in addition to the program (n) It will be apparent that the present invention is capable of being input through another terminal other than the wireless terminal 100 and transmitted to a designated server.

Alternatively, the OTP processing unit 225 may transmit the confirmed OTP to the designated server through the communication unit of the wireless terminal 100. The OTP processing unit 225 may transmit the OTP to a designated server after screen output or to a designated server without outputting the screen. When the OTP is transmitted to a designated server without outputting the OTP, the OTP is transmitted to the OTP provider 290 of the program (s) 240 through the program (s) 240 of the secure OS 120 The OTP encrypted through the program (s) 240 of the secure OS 120 may not be decrypted by the general OS 110. In this case,

The server receiving the OTP generates an OTP verification value through a seed value and a code generation algorithm identical to the method of generating the OTP in the program (s) 240 of the secure OS 120 to authenticate the validity of the OTP (For example, at least one of banking and settlement) using the program (n) 200. In this case,

FIG. 3 is a diagram illustrating a process of preparing a program (s) 240 in the secure OS 120 according to an embodiment of the present invention.

More specifically, FIG. 3 illustrates a process of loading the program (s) 240 in the secure OS 120 and storing one or more fixed seed values for generating an OTP. In the technical field of the present invention, (E. G., A method in which some steps have been omitted or procedures have been changed) regarding the process of preparing the program (s) 240 by referring to and / or modifying the drawing (3) However, the present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 3, a program (n) 200 of a general OS 110 is connected to a security OS 120 (or a wireless terminal 100) based on a model (or a type of a processor) ) (Trust zone) is mounted (300). If the secure OS 120 is installed in the wireless terminal 100, the program 200 performs a procedure for loading the program 240 specified in the secure OS 120 (305).

(S) 240 is loaded (310) in the secure OS 120 according to a designated procedure and the program (s) 240 obtains one or more fixed seed values according to a designated procedure (315 (320) in the seed storage area provided in the secure OS storage area. Meanwhile, the program (s) 240 may perform a procedure for registering PIN information for generating an OTP, and may store the registered PIN information in a PIN storage area provided in the secure OS storage area (325).

When the program (s) 240 is loaded on the secure OS 120, the program 200 of the general OS 110 transmits the program 240 to the secure OS 120 (S) 240 mounted on the secure OS 120 and / or information identifying the presence of the program (s) 240 mounted on the secure OS 120.

4 is a diagram illustrating a transaction interlocking process between the general OS 110 and the security OS 120 according to an embodiment of the present invention.

In more detail, FIG. 4 shows an example in which the program (n) 200 of the general OS 110 interlocks with the program (s) 240 of the secure OS 120 when generating / using the OTP while performing the specified transaction operation 4 is a flowchart illustrating a process of interworking between the general OS 110 and the secure OS 120 according to an exemplary embodiment of the present invention. It is to be understood that the present invention is not limited to the embodiment (s), but it is to be understood that the invention may be practiced otherwise than as specifically described herein, Technical features are not limited.

Referring to FIG. 4, a program (n) 200 of the general OS 110 performs a designated transaction operation (400) and determines whether to generate / use an OTP during the designated transaction operation (405 ). If it is necessary to generate / use the OTP, the program (n) 200 includes a program (s) 240 for generating an OTP on the secure OS 120 side of the wireless terminal 100 using the identification information, (410). If the program (s) 240 is not loaded in the secure OS 120, the program 200 may execute a procedure for loading the program 240 into the secure OS 120 Can be performed.

Meanwhile, when the program (s) 240 is loaded on the secure OS 120, the program (n) 200 confirms the transaction information (or a part of the transaction information) corresponding to the transaction operation ). For example, when the program (n) 200 is a banking app, the transaction information (or a part of the transaction information) includes an account number (or a part of an account number), a password A portion of the transaction amount), or a combination of two or more of them.

The program n 200 stores and maintains state information of the program n 200 before switching to the secure OS 120 and transmits the OS of the wireless terminal 100 to the secure OS 120 (S) 240 of the secure OS 120, or identifies the pre-allocated memory area (425). If the memory area is allocated / confirmed, the program (n) 200 sets the access right of the program (n) 200 to the allocated / confirmed memory area, and at the same time, (Or a part of transaction information) corresponding to the transaction operation to the memory area (step 435) while setting the program (s) 240 to access the memory area (step 430) , And processes the OS of the wireless terminal 100 to be switched to the secure OS 120 through the security monitor 125 (440).

When the OS of the wireless terminal 100 is switched to the secure OS 120 and the program s 240 is executed 445, the program s 240 performs the process shown in FIG. 3 If the PIN information is registered in the PIN storage area of the secure OS 120 and acquires the access right to the screen output unit 135 and the user input unit 140 of the wireless terminal 100 when the PIN information is registered, And outputs the input interface and confirms the PIN information input through the interface (450). If the PIN information is input, the program (s) 240 authenticates the validity of the input PIN information through the PIN information stored in the PIN storage area (455). If the validity of the PIN information is not authenticated The program s 240 processes the OS of the wireless terminal 100 to be switched to the general OS 110 in step 460. If the OS of the wireless terminal 100 switches to the general OS 110, (N) 200 of the general OS 110 restores the state of the program (n) 200 before switching to the secure OS 120 (step 465).

Meanwhile, when the validity of the PIN information is authenticated, the program (s) 240 identifies a memory area that is allocated through the program (n) 200 and can be shared with the program (n) 200 470). The memory area may be allocated through the program (s) 240 according to an implementation method, and the present invention may include an embodiment in which the program (s) 240 allocates the memory area. If the memory area accessible by the program (s) 240 is not confirmed, the program (s) 240 processes the OS of the wireless terminal 100 to switch to the general OS 110 (460) , When the OS of the wireless terminal 100 is switched to the general OS 110, the program n of the general OS 110 transmits the program n (n) before the switch to the secure OS 120 200) (step 465).

Meanwhile, if a memory area accessible by the program (s) 240 is confirmed, the program (s) 240 confirms the access right to the memory area (475). If the access right to the memory area is not confirmed, the program (s) 240 processes the OS of the wireless terminal 100 to switch to the general OS 110 (460), and the wireless terminal 100 (N) 200 of the general OS 110 restores the state of the program (n) 200 before switching to the secure OS 120 when the OS of the general OS 110 is switched to the general OS 110 (465).

FIG. 5 is a diagram illustrating a process of generating and using a transaction-linked OTP through the secure OS 120 according to an embodiment of the present invention.

5 shows an example in which an OTP is generated and provided in a program (s) 240 of the secure OS 120 and a program (n) 200 of the generic OS 110 is generated through the secure OS 120 (OTP) using the secure OS 120. The OTP can be used to identify and use the OTP, and if it is known to those skilled in the art, refer to and / However, the present invention is not limited to the above-described embodiments, and various embodiments of the present invention may be embodied in various ways (for example, a method in which some steps are omitted or an order is changed) And the technical features thereof are not limited only by the illustrated method.

Referring to FIG. 5, a memory area shared by the program (s) 240 of the secure OS 120 and the program (n) 200 of the general OS 110 is checked through the process shown in FIG. 4 When the access right is confirmed, the program (s) 240 confirms transaction information (or a part of transaction information) provided by the program (n) 200 of the general OS 110 from the memory area (500 ). If the transaction information (or a part of transaction information) is not confirmed from the memory area, the program (s) 240 processes the OS of the wireless terminal 100 to switch to the general OS 110 (535 (N) 200 of the general OS 110 is the program (n) before switching to the secure OS 120 when the OS of the wireless terminal 100 is switched to the general OS 110. [ (540).

Meanwhile, if the transaction information (or a part of the transaction information) is confirmed from the memory area, the program (s) 240 determines the transaction information (or a part of the transaction information) as a seed value to be substituted into the code generation algorithm Alternatively, a transaction interworking seed value is generated using the transaction information (or a part of the transaction information) (505), and the seed value is substituted into the designated code generation algorithm to dynamically generate the OTP (520).

Meanwhile, when one or more fixed seed values are included in the seed value to be substituted into the code generation algorithm, the program (s) 240 accesses the seed stored in the seed storage area of the secure OS storage area In this case, the program (s) 240 may check the seed value corresponding to the transaction information (or a part of the transaction information) and the determined fixed seed value The OTP can be dynamically generated (520) by substituting the value.

Meanwhile, the program (s) 240 can confirm at least one dynamic seed value using resources (for example, a timer, communication means, etc.) of the wireless terminal 100 accessible through the secure OS 120 In this case, the program (s) 240 can dynamically generate an OTP by substituting the seed value corresponding to the transaction information (or a part of the transaction information) and the confirmed dynamic seed value into the designated code generation algorithm (520), the OTP can be dynamically generated by substituting the seed value corresponding to the transaction information (or a part of the transaction information), the determined fixed seed value, and the dynamic seed value into the designated code generation algorithm according to the execution method (520).

The program (s) 240 can output the generated OTP to the screen output unit 135 of the wireless terminal 100 (525), and transmits the generated OTP to the general OS (N) 200 of the memory 110 in step 530. The program (n) According to an embodiment of the present invention, the program (s) 240 may encrypt the OTP using the designated encryption method and provide the encrypted OTP to the memory area (530). The program (s) 240 processes the OS of the wireless terminal 100 to be switched to the general OS 110 (step 535). When the OS of the wireless terminal 100 is switched to the general OS 110 The program 200 of the general OS 110 restores the state of the program 200 before switching to the secure OS 120 in operation 540.

The program 200 of the general OS 110 identifies and accesses 545 a memory area shared with the program 240 of the secure OS 120, (S) 240 of the OTP 120 (550). If the dynamically generated OTP is not confirmed through the program (s) 240 of the secure OS 120, the program (n) 200 outputs an OTP error and the operation of the program (n) (Step 555).

Meanwhile, when the dynamically generated OTP is confirmed through the program (s) 240 of the secure OS 120, the program (n) 200 is transmitted through the program (s) 240 of the secure OS 120 (560) the generated OTP, and / or transmit the OTP generated through the program (s) 240 of the secure OS 120 to the designated server (560). Meanwhile, if the OTP generated through the program (s) 240 of the secure OS 120 is encrypted, the program (n) 200 can decrypt the encrypted OTP and output the decrypted OTP (560). Then, the program (n) 200 performs a transaction operation procedure using the OTP (565).

100: wireless terminal 110: general OS
115: Generic kernel 120: Security OS
125: Security Monitor 130: Security Kernel
200: program (n) 205: OTP judgment unit
210: information confirmation unit 215:
220: OTP verification unit 225: OTP processing unit
240: program (s) 245: seed storage
250: PIN registration unit 255:
260: PIN authentication unit 265: Transaction interlocking unit
270: Seed Generator 275: Seed Verifier
280: OTP generation unit 285: OTP output unit
290: OTP supply

Claims (15)

A method for executing a secure operating system (OS) having a secure kernel and a normal operating system (OS) having a kernel structure,
A first step in which the program (n) of the general OS allocates a memory area accessible by the designated program (s) of the secure OS or identifies an allocated memory area;
A second step of the program (n) providing transaction information (or a part of transaction information) to the memory area;
A third step of the program (s) of the secure OS verifying transaction information (or part of transaction information) from the memory area;
A fourth step of dynamically generating an OTP (One Time Password) using the transaction information (or a part of transaction information) as a seed value of a code generation algorithm provided in the secure OS;
The program (s) providing the generated OTP to the memory area; And
And the program (n) refers to the OTP of the memory area.
The method of claim 1,
And a trust zone mounted on the processor.
The method according to claim 1,
Further comprising the step of identifying that the program (n) has the program (s) assigned to the secure OS installed or the identification information identifying the program (s) mounted on the secure OS in the general OS storage area A method for providing a transaction - oriented service using a secure operating system.
The method according to claim 1,
Further comprising storing and maintaining status information on the program (n) immediately before the program (n) is switched to the secure OS.
2. The method according to claim 1,
Further comprising the step of the program (n) operating a secure OS through a SMC (Secure Monitor Call) command.
2. The method according to claim 1,
Wherein the program (n) allocates the memory area to a general OS or identifies a pre-allocated memory area.
2. The method according to claim 1,
Wherein the program (n) allocates the memory area to the security monitor performing the switching procedure between the general OS and the security OS, or verifies the pre-allocated memory area.
2. The method according to claim 1,
Wherein the program (n) allocates a memory area accessible from a program (s) of a secure OS to a security server on the network or identifies a pre-allocated memory area.
2. The method according to claim 1,
Further comprising setting the program (n) as a process of a general OS side in which the program (n) refers to the memory area.
The method according to claim 1,
Further comprising the step of the program (s) storing one or more fixed seed values in a storage area of the secure OS,
Wherein the fourth step further comprises using the stored one or more fixed seed values as a seed value of the code generation algorithm.
The method as claimed in claim 1,
Using the at least one dynamic seed value confirmed by the program (s) through the secure OS as a seed value of the code generation algorithm,
Wherein the dynamic seed value includes a time value that the program (s) confirms via a timer of the secure OS.
The method according to claim 1,
Receiving the PIN (Personal Identification Number) by accessing the input means of the wireless terminal through the security OS; And
And authenticating the validity of the PIN entered through the secure OS. ≪ RTI ID = 0.0 > [10] < / RTI >
The method as claimed in claim 1,
Further comprising the step of the program (s) accessing the screen output means of the wireless terminal through the secure OS and outputting the generated OTP.
The method as claimed in claim 1,
The program (n) verifying the OTP of the memory area; And
And the program (n) displaying the confirmed OTP through the screen output means of the wireless terminal.
The method as claimed in claim 1,
The program (n) verifying the OTP of the memory area; And
And transmitting the confirmed OTP to the designated server through the communication unit of the wireless terminal by the program (n).
KR1020150041507A 2015-03-25 2015-03-25 Method for Providing One Time Password Linked Transaction by using Secure Operating System KR20160114961A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150041507A KR20160114961A (en) 2015-03-25 2015-03-25 Method for Providing One Time Password Linked Transaction by using Secure Operating System

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150041507A KR20160114961A (en) 2015-03-25 2015-03-25 Method for Providing One Time Password Linked Transaction by using Secure Operating System

Publications (1)

Publication Number Publication Date
KR20160114961A true KR20160114961A (en) 2016-10-06

Family

ID=57164305

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150041507A KR20160114961A (en) 2015-03-25 2015-03-25 Method for Providing One Time Password Linked Transaction by using Secure Operating System

Country Status (1)

Country Link
KR (1) KR20160114961A (en)

Similar Documents

Publication Publication Date Title
US20040006713A1 (en) Device authentication system
KR101628615B1 (en) Method for Providing Safety Electronic Signature by using Secure Operating System
KR101662947B1 (en) Method for Providing Session Security by using Secure Operating System
KR101628610B1 (en) Method for Providing One Time Password by using Secure Operating System
KR20160124336A (en) Method for Providing Electronic Signature by using Secure Operating System
KR101628614B1 (en) Method for Processing Electronic Signature by using Secure Operating System
KR20170010341A (en) Method for Processing Certification by using Secure Operating System
KR101866031B1 (en) Method for Providing Server type One Time Password by using Secure Operating System
KR20160114961A (en) Method for Providing One Time Password Linked Transaction by using Secure Operating System
KR101678793B1 (en) Method for Verifying Integrity of Application by using Secure Operating System
KR101702770B1 (en) Method for Providing Security Keypad by using Secure Operating System
KR20170095797A (en) Method for Processing Certification by using Secure Operating System
KR101639794B1 (en) Authentication method and system for user confirmation and user authentication
KR101505735B1 (en) Method for Authenticating Near Field Communication Card by using Time Verification
KR20160114966A (en) Method for Processing Certification by using Secure Operating System
KR101972492B1 (en) Method for Operating Multiple One Time Password based on SD Memory
KR101777042B1 (en) Card for Generating Electronic Signature based on Asynchronous Local Area Radio Communication
KR101777041B1 (en) Method for Generating One Time Password based on Asynchronous Local Area Radio Communication
KR101777043B1 (en) Method for Generating Electronic Signature based on Asynchronous Local Area Radio Communication
KR101846646B1 (en) Method for Providing Security Communication based on Asynchronous Local Area Radio Communication
KR101777044B1 (en) Card for Generating One Time Password based on Asynchronous Local Area Radio Communication
KR101972483B1 (en) Method for Creating One Time Password based on Time Verification by using SD Memory
KR101972485B1 (en) Method for Operating Multiple One Time Password based on USIM
KR101702771B1 (en) Method for Providing High Speed Data Encoding/Decoding by using Secure Operating System
EP3654213A1 (en) Method, first and second device and system for connecting to at least one chip

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment