WO2013058515A1 - Login system and method with strengthened security - Google Patents

Login system and method with strengthened security Download PDF

Info

Publication number
WO2013058515A1
WO2013058515A1 PCT/KR2012/008430 KR2012008430W WO2013058515A1 WO 2013058515 A1 WO2013058515 A1 WO 2013058515A1 KR 2012008430 W KR2012008430 W KR 2012008430W WO 2013058515 A1 WO2013058515 A1 WO 2013058515A1
Authority
WO
WIPO (PCT)
Prior art keywords
login
otp
authentication
user client
access server
Prior art date
Application number
PCT/KR2012/008430
Other languages
French (fr)
Inventor
Kyoung Min Lee
Original Assignee
Minwise Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Minwise Co., Ltd. filed Critical Minwise Co., Ltd.
Publication of WO2013058515A1 publication Critical patent/WO2013058515A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key

Definitions

  • the present invention relates to a login system and a login method with strengthened security. More particularly, the present invention relates toa login system and a login method with strengthened security, which enable login to be performed by a single channel, and determine whether final login is allowed by a result value obtained by processing an authentication password which is not managed by an access server which a user desires to access through a randomly generated operation expression.
  • a user in order to access most online sites to use services, a user should input a login ID and a login passwordregistered when the user subscribes to a corresponding site as a member in their input windows. Then, the corresponding site determines whether the input login ID and login password correspond to those registered when the user subscribes to the site, and determines to allow the login.
  • both the login ID and the login password have a fixed value and both of them are directly managed by the corresponding site, if the corresponding site is hacked or user information is illegally distributed by an insider, a primary damage may be generated in the corresponding site and a secondary damage may be also generated due to the use of the illegally distributed user information.
  • most users use the same login ID and login password in a plurality of sites in order to conveniently manage (remember) the login ID and the login password, so that the secondary damage may become a more serious event though only one site is hacked.
  • the login ID and the login password may be illegally leaked easily by a keyboard hacking.
  • OTP One Time Password
  • Publication Patent No. 2010-38990 discloses a security authentication system through the two channels.
  • the corresponding site issues a temporary ID and an temporary password for the corresponding login ID and transmits the temporary ID and password to the corresponding PC.
  • the corresponding site identifies the temporary ID and password to determine whether to authenticate the temporary ID and password.
  • the present invention has been made to solve the above-mentioned problems, and an aspect of the present invention provides a login system and a login method with strengthened security, which enable login to be performed by a single channel, and determines whether final login is allowed by a result value obtained by processing an authentication password which is not managed by an access server which a user desires to access through an randomly generated operation expression.
  • a login system with strengthened security including: an access server database for match-storing a registration login ID and a registration login password of a user client an OTP operation expression generator for generating an OTP operation expression; and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, providing the OTP operation expression generated by the OTP operation expression generator, and, when an OTP is input by the user client, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
  • a login system with strengthened security including: an authentication server database for match-storing a registration login ID of a user client for an access server, identification code of the access server, an authentication password of the user client and an authentication server including a main server for, when receiving an OTP input by the user client, a site identification code of the access server, the registration login ID, and an OTP operation expression from the access server, inquiring about the registration login ID in the authentication server database to extract a matched authentication password, determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the access server, and then transmitting a result to the access server.
  • the login system with strengthened security may further include an access server database for match-storing a registration login ID with a registration login password of a user client an OTP operation expression generator for generating an OTP operation expression; and an access server including a main server for providing the OTP operation expression generated by the OTP operation expression generator when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether login of the user client is allowed according to an authentication success or failure transmitted from the authentication server.
  • an access server database for match-storing a registration login ID with a registration login password of a user client an OTP operation expression generator for generating an OTP operation expression
  • an access server including a main server for providing the OTP operation expression generated by the OTP operation expression generator when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting the input OTP, identification
  • the access server may match-store OTP operation difficulty level information set from two or more levels and the registration login ID in the access server database, and generate the OTP operation expression with reflection of the operation difficulty level information.
  • a login system with strengthened security including: an access server database for match-storing a registration login ID and a registration login password of a user client; and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting identification code of a site of the access server and the registration login ID to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure received from the authentication server.
  • a login system with strengthened security including: an authentication server database for match-storing a registration login ID of a user client for an access server, identification code of the access server, and an authentication password of the user client an OTP operation expression generator for generating an OTP operation expression; and an authentication server including a main server for, when receiving a site identification code of the access server and the registration login ID from the access server, transmitting the OTP operation expression generated by the OTP operation expression generator to the user client, and, when receiving an OTP from the user client, determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP input by the user client and then transmitting a result to the access server.
  • the login system with strengthened security may further include an access server database for match-storing a registration login ID witha registration login password of a user client and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting an identification code of a site of the access server and the registration login ID to the authentication server, and determining whether to allow login of the user client according to an authentication success or failure received form the authentication server.
  • an access server database for match-storing a registration login ID witha registration login password of a user client and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting an identification code of a site of the access server and the registration login ID to the authentication server, and determining whether to allow login of the user client according to an authentication success or failure received form the authentication server.
  • the authentication server may match-store OTP operation difficulty level information set from two or more levels and the registration login ID in the access server database, and generate the OTP operation expression with reflection of the operation difficulty level information.
  • a login method with strengthened security including the steps of: by an access server connected with a user client and an authentication server through a wired/wireless network, (a) when a login ID and a login password input by the user client correspond to a registration login ID and a registration login password, generating an OTP operation expression and providing the generated OTP operation expression to the user client; (b) when an OTP is input by the user client, transmitting the input OTP, an identification code of a site of the access server, the registration login ID, and the OTP operation expression to the authentication server and making a request for an authentication; and (c) determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
  • the OTP operation expression generated in the step of (a) may be generated with reflection of OTP operation difficulty level information set from two or more levels set when the user client subscribes as a member. Further, the login method with strengthened security may further include transmitting an authentication password input by the user client to the authentication server before the step of (a).
  • a login method with strengthened security including the steps of: by an access server connected with a user client and an authentication server through a wired/wireless network, (d) when a login ID and a login password input by the user client correspond to aregistration login ID and a registration login password, providing an identification code of a site of the access server and the registration login ID to the authentication server and making a request for an authentication; and (e) determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
  • the login method with strengthened security may further include transmitting an authentication password input by the user client to the authentication server before the step of (d).
  • a login method with strengthened security including the steps of: by an authentication server connected with a user client and an access server through a wired/wireless network,(f) when receiving an OTP input by the user client, a site identification code of the access server, a registration login ID, and an OTP operation expression from the access server, inquiring about the registration login ID in an authentication server database to extract a matched authentication password; and (g) determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the access server and transmitting a result to the access server.
  • the login method with strengthened security may further include receiving the site identification code of the access server, the registration login ID, and the authentication password from the access server and match-storing the received site identification code, registration login ID, and authentication password in the authentication server database before step of (f).
  • a login method with strengthened security including the steps of: by an authentication server connected with a user client and an access server through a wired/wireless network,(h) when receiving a site identification code of an access server and a registration login ID from the access server, generating an OTP operation expression and transmitting the generated OTP operation expression to a user client; (i) when receiving an OTP from the user client, inquiring about the registration login ID in an authentication server database to extract a matched authentication password; and (j) determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the user client and transmitting a result to the access server.
  • the login method with strengthened security may further include receiving the site identification code of the access server, the registration login ID, the authentication password, and OTP operation difficulty level information set from two or more levels from the access server and match-storing the received site identification code, registration login ID, authentication password, and OTP operation difficulty level information in the authentication server database before the step of (h), wherein the OTP operation expression generated in step of (h) is generated with reflection of the operation difficulty level information.
  • a login system and a login method with strengthened security of the present invention it is possible to provide convenience of use to individual users by further strengthening security in comparison with a conventional login method by performing an authentication for login by an OTP randomly generated by an authentication password and also generating an operation expression for the OTP generation according to a level of difficulty set by the user.
  • FIG. 1 is a sequence chart for describing a member registration process in a login system with strengthened security according to an embodiment of the present invention.
  • FIGs. 2a and 2b are sequence chartsfor describing a login process in the system illustrated in FIG. 1
  • FIGs. 3a and 3b illustrate examples of an OTP operation expression.
  • FIG. 4 is a sequence chart for describing a member registration process in a login system with strengthened security according to another embodiment of the present invention.
  • FIGs. 5a and 5b are sequence charts for describing a login process in the system illustrated in FIG. 4.
  • FIG. 1 is a sequence chart for describing a member registration process in a login system with strengthened security according to an embodiment of the present invention.
  • the login system with strengthened security according to the present invention is implemented largely by connecting an online site requiring login prior to providing a service, for example, a server (hereinafter, referred to as an "access server") 200 such as various portal sites or game sites to various communication terminals of the user, for example, a desktop computer, a notebook computer, a portable terminal (hereinafter, referred to as a "user client”) 100 such as a smart phone or a smart pad equipped with an Internet communication function, and an authentication server 300 for performing an additional authentication in a login process.
  • a server hereinafter, referred to as an "access server”
  • a portable terminal hereinafter, referred to as a "user client”
  • an authentication server 300 for performing an additional authentication in a login process.
  • the access server 200 may include a database 220 for storing member information, for example, various information on members containing a member ID (hereinafter, referred to as a "login ID”) and a registration password (hereinafter, referred to as a "login password”) and a main server 210 for performing functions of communicating between the user client 100 and the authentication server 300 and managing the database 220.
  • the main server 210 includes an OTP operation expression generator 212 randomly generated for an OTP operation which will be described below.
  • the authentication server 300 may includes a database 320 for matching an authentication password registered by the user with identification code information of a corresponding cooperation site and an login ID used in the corresponding cooperation site and then storing them, and a main server 310 for performing functions of executing web communication between the user client 100 and the access server 200 and managing the database.
  • the user client 100 In a process in which the user client 100 subscribes to the access server 200 as a member through the above described login system, the user client 100 first accesses a site of the access server 200, sets a login ID and a login password, and inputs other personal information to subscribe to the site as the member in step S10 and step S12.
  • the access server 200 match-stores the login ID and the login password set by the user in the database 220 in step S14 to register the user as the member.
  • the access server 200 inquires the user client 100 about whether to perform an additional authentication process in the login process in step S16.
  • the access server 200 identifies the request in step S18, and then transmits an additional authentication information input window to the user clientin step S20.
  • the access server 200 considers that the authentication is performed by only the login ID and the login password, and thus terminates a program.
  • the additional authentication information input window includes an authentication password input window for the additional authentication and an operation difficulty level information input window (or setting button) for the operation expression used for the OTP operation.
  • the authentication password may consist of plural characters including a letter, a symbol, or a combination thereof, and an operation difficulty level may be divided into two levels such as “above average” and “below average”, or three or more levels such as “above average”, "average” and “below average”.
  • the numbers or letters included in the authentication password may be restrictively used according to a set operation difficulty level.
  • the authentication password is restrictively made in such a manner that only the numbers are used for the authentication password when the operation difficulty level is the "below average", and the numbers, the letters, the symbols may be used together for the authentication password when the operation difficulty level is equal to or higher than the "below average”.
  • the OTP operation expression generator 212 generates the operation expression by using "+” (addition), “-"(subtraction), or a combination thereof in generating the OTP operation expression when the operation difficulty level is set to a relatively low level, and the OTP operation expression generator 212 generates the operation expression by using "*" (multiplication), " ⁇ " (division) as well as “+” (addition) and "-"(subtraction) when the operation difficulty level is set to a relatively high level.
  • the OTP operation expression may be determined in a range where a rounding up or down of a result value is not generated, for example, in such a manner that both the addition and the subtraction are available, but a maximum of up to 4 is added or subtracted when the authentication password in a corresponding position is "5", and only the subtraction is available, but a maximum of up to 8 is subtracted when the authentication password in a corresponding position is "9" in generating the OTP operation expression by the OTP operation express generator 212.
  • the OTP operation expression may be determined to allow the rounding up or down in generating the OTP operation expression by the OTP operation expression generator 212.
  • the OTP operation expression may be determined that all of the addition, the subtraction, the multiplication, and the division are available for up to 9 in the authentication password, and in this case, the OTP operation expression may be determined such that the rounding up or down is ignored and only the result value is taken. For example, when the authentication password in a corresponding position is "7" and the operation expression is determined as "*5", a result is "35", but the former number "3" is removed and only the latter number "5" is determined as the OTP in the corresponding position.
  • the OTP operation expression may be variously configured by exchanging numbers in particular positions included in the authentication password or replacing a password in a predetermined position with a particular number or letter. Furthermore, it is preferable that before setting an operation difficulty level which the user desires, the user notifies the user client 100 of a limit or available range according to the corresponding operation difficulty level in a form of Help or an example. A reason to allow the user client to directly set the operation difficulty level is to generate the OTP operation expression under sufficient consideration of an individual difference between users.
  • the access server 200 receives additional authentication information from the user client100 in step S22, and then match-stores only operation difficulty level information of the received additional authentication information and the login ID in the database 220 in step S24. Then, the access server 200 transmits together the authentication password input by the user client 100, the login ID of the corresponding user client 100, and an inherent identification code (which can be predetermined) of the site to the authentication server 300 in step S26, so that the access server 200 does not directly manage the authentication password in the future login process. Next, the authentication server 300 match-stores the authentication password received from the access server 300, the site identification code, and the login ID of the corresponding site in the database 320 in step S28.
  • FIGs. 2a and 2b are sequence chartsfor describing a login process through the system illustrated in FIG. 1.
  • the user client 100 accesses the site of the access server 200 in step S50 and inputs the login ID and the login password in step S52 to make a request for login from the access server 200.
  • the access server 200 inquires about the login ID and the login password input by the user client 100 and checks whether both the login IDand the login password accord with those in the database 220 in step S54, and determines whether the user client 100 is a subscribed member according to a result in step S56.
  • step S56 when the user client 100 is not the subscribed member, the access server 200 proceeds to step S57 and rejects the login.
  • the access server 200 proceeds to step S58 and determines whether the corresponding member is the user client 100 having made the request for the additional authentication in the login process.
  • step S58 when the corresponding member is the user client 100 having not made the request for the additional authentication, the access server 200 proceeds to step S59 and immediately allows the login.
  • the access server 200 proceeds to steps S60 and S62, generates an OTP operation expression suitable for the operation difficulty level information set by the corresponding user client 100, and transmits the generated OTP operation expression to the user client 100.
  • FIGs. 3a and 3b illustrate examples of the OTP operation expression.
  • the user client 100 transmits the OTP, which is operated by a brain action of the user and then input, to the OTP access server 200 in step S64, and the access server 200 transmits its site identification code, the ID of the corresponding user client 100, the used OTP operation expression, and the input OTP to the authentication server 300 and makes a request for the authentication in step S66.
  • the authentication server 300 substitutes the authentication password set and registered by the user client 100 in the OTP operation expression received from the access server 200 to obtain the OTP in step S68, and identifies whether the obtained OTP corresponds to the OTP received from the access server 200 in step S66, performs the authentication, and then transmits a result to the access server 200 in steps S70 and S72.
  • step S74 the access server 200 determines whether the authentication is succeeded according to the authentication result received from the authentication server 300 in step S72. When it is determined that the authentication is succeeded, the access server 200 allows the authentication in step S76. When it is determined that the authentication is failed, the access server 200 notifies the user client 100 of the failure, and then rejects the login in step S78.
  • FIG. 4 is a sequence chart for describing a membership registration process in the login system with strengthened security according to another embodiment of the present invention.
  • the same reference numerals are assigned to the same components as those of the embodiment of FIG. 1, and their detailed description will be omitted.
  • the OTP operation expression generator 312 is not included in a main server 210’ of an access server 200’, but is included in a main server 310’ of an authentication server 300’, and accordingly the authentication server 300’ directly generates the OTP operation expression and transmits the generated OTP operation expression to the user client 100 in the login process, unlike the embodiment of FIG. 1.
  • the access server 200 transmits all additional authentication information input by the user client 100 together with its site identification code and the login ID to the authentication server 300 in step S26’ and as a result, the authentication server 300 match-stores the site identification code, the login ID, the authentication password, and the operation difficulty level information in the database 320 in step S28’ unlike the embodiment of FIG. 1.
  • FIGs. 5a and 5b aresequence chartsfor describing a login process in the system illustrated in FIG. 4.
  • the reference numerals are assigned to the same components as those of embodiment of FIGs. 2a and 2b, and their detailed description will be omitted.
  • the authentication server 300’ directly generates the OTP operation expression and transmits the generated OTP operation expression to the user client 100, unlike the embodiment of FIGs. 2a and 2b.
  • the access server 200 transmits its site identification code and the login ID of the corresponding member to the authentication server 300 and makes a request for the authentication in step S80.
  • the authentication server 300 inquires the login ID of the corresponding member in the database 320, identifies the operation difficulty level set by the corresponding member, generates the suitable OTP operation expression, and transmits the generated OTP operation expression to the user client 100 in step S84.
  • the user client 100 transmits the OTP, which is operated by the brain action of the user and then input, to the authentication server 300’ in step S86, and then the authentication server 300’ obtains the OTP by substituting the authentication password set and registered by the user client 100 in the OTP operation expression generated by the authentication server 300’ in step S88. Then, the authentication server 300’ determines whether the obtainedOTP corresponds to the OTP received from the user client 100 in step 86, performs the authentication, and then transmits a result to the access server 200’ in steps S90 and S92.
  • steps S94, S96, and S98 will be omitted because the steps are the same as steps S74, S76, and S78.
  • the login system and the login method with strengthened security are not limited to the above described embodiments, and may be variously modified without departing from the scope of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed are a login system and a login method with strengthened security which enable login to be performed by a single channel, and determine whether final login is allowed by a result value obtained by processing an authentication password which is not managed by an access server which a user desires to access through an randomly generated operation expression. The login system with strengthened security includes an access server database for match-storinga registration login ID anda registration login password of a user client an OTP operation expression generator for generating an OTP operation expression; and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, providing the OTP operation expression generated by the OTP operation expression generator, and, when an OTP is input by the user client, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.

Description

LOGIN SYSTEM AND METHOD WITH STRENGTHENED SECURITY
The present invention relates to a login system and a login method with strengthened security. More particularly, the present invention relates toa login system and a login method with strengthened security, which enable login to be performed by a single channel, and determine whether final login is allowed by a result value obtained by processing an authentication password which is not managed by an access server which a user desires to access through a randomly generated operation expression.
As widely known, in order to access most online sites to use services, a user should input a login ID and a login passwordregistered when the user subscribes to a corresponding site as a member in their input windows. Then, the corresponding site determines whether the input login ID and login password correspond to those registered when the user subscribes to the site, and determines to allow the login.
However, according to a conventional login system, since both the login ID and the login password have a fixed value and both of them are directly managed by the corresponding site, if the corresponding site is hacked or user information is illegally distributed by an insider, a primary damage may be generated in the corresponding site and a secondary damage may be also generated due to the use of the illegally distributed user information. Furthermore, most users use the same login ID and login password in a plurality of sites in order to conveniently manage (remember) the login ID and the login password, so that the secondary damage may become a more serious event though only one site is hacked. In addition, according to the conventional login system, the login ID and the login password may be illegally leaked easily by a keyboard hacking.
Because of such problems, various online sites such as a portal site or a game site have made a lot of efforts in many different fields, and as part of the efforts, an authentication method by a single-use password randomly generated through a One Time Password (OTP) generator has been proposed. However, strictly speaking, the OTP authentication method is only for authenticating a device, not a user, so that there is no particular measure when the device is hacked.
Meanwhile, a method of using two channels, for example, inputting the ID to a PC and inputting the password to a terminal separated from the PC such as a mobile communicationterminal has been proposed, and Publication Patent No. 2010-38990 discloses a security authentication system through the two channels. According to such a prior art, when the user accesses the site through the PC and inputs the login ID, the corresponding site issues a temporary ID and an temporary password for the corresponding login ID and transmits the temporary ID and password to the corresponding PC. Thereafter, when the user inputs the temporary ID through the PC and inputs the temporary password to a telephone terminal through an ARS, the corresponding site identifies the temporary ID and password to determine whether to authenticate the temporary ID and password. However, according to the above described prior art, since two terminals are used in an authentication process, the authentication process is cumbersome and takes a lot time.
The present invention has been made to solve the above-mentioned problems, and an aspect of the present invention provides a login system and a login method with strengthened security, which enable login to be performed by a single channel, and determines whether final login is allowed by a result value obtained by processing an authentication password which is not managed by an access server which a user desires to access through an randomly generated operation expression.
In accordance with an aspect of the present invention, there is provided a login system with strengthened security including: an access server database for match-storing a registration login ID and a registration login password of a user client an OTP operation expression generator for generating an OTP operation expression; and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, providing the OTP operation expression generated by the OTP operation expression generator, and, when an OTP is input by the user client, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
In accordance with another aspect of the present invention, there is provided a login system with strengthened security including: an authentication server database for match-storing a registration login ID of a user client for an access server, identification code of the access server, an authentication password of the user client and an authentication server including a main server for, when receiving an OTP input by the user client, a site identification code of the access server, the registration login ID, and an OTP operation expression from the access server, inquiring about the registration login ID in the authentication server database to extract a matched authentication password, determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the access server, and then transmitting a result to the access server.
The login system with strengthened security may further include an access server database for match-storing a registration login ID with a registration login password of a user client an OTP operation expression generator for generating an OTP operation expression; and an access server including a main server for providing the OTP operation expression generated by the OTP operation expression generator when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether login of the user client is allowed according to an authentication success or failure transmitted from the authentication server.
The access server may match-store OTP operation difficulty level information set from two or more levels and the registration login ID in the access server database, and generate the OTP operation expression with reflection of the operation difficulty level information.
In accordance with still another aspect of the present invention, there is provided a login system with strengthened security including: an access server database for match-storing a registration login ID and a registration login password of a user client; and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting identification code of a site of the access server and the registration login ID to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure received from the authentication server.
In accordance with yet another aspect of the present invention, there is provided a login system with strengthened security including: an authentication server database for match-storing a registration login ID of a user client for an access server, identification code of the access server, and an authentication password of the user client an OTP operation expression generator for generating an OTP operation expression; and an authentication server including a main server for, when receiving a site identification code of the access server and the registration login ID from the access server, transmitting the OTP operation expression generated by the OTP operation expression generator to the user client, and, when receiving an OTP from the user client, determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP input by the user client and then transmitting a result to the access server.
The login system with strengthened security may further include an access server database for match-storing a registration login ID witha registration login password of a user client and an access server including a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting an identification code of a site of the access server and the registration login ID to the authentication server, and determining whether to allow login of the user client according to an authentication success or failure received form the authentication server.
The authentication server may match-store OTP operation difficulty level information set from two or more levels and the registration login ID in the access server database, and generate the OTP operation expression with reflection of the operation difficulty level information.
In accordance with still yet another aspect of the present invention, there is provided a login method with strengthened security including the steps of: by an access server connected with a user client and an authentication server through a wired/wireless network, (a) when a login ID and a login password input by the user client correspond to a registration login ID and a registration login password, generating an OTP operation expression and providing the generated OTP operation expression to the user client; (b) when an OTP is input by the user client, transmitting the input OTP, an identification code of a site of the access server, the registration login ID, and the OTP operation expression to the authentication server and making a request for an authentication; and (c) determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
The OTP operation expression generated in the step of (a) may be generated with reflection of OTP operation difficulty level information set from two or more levels set when the user client subscribes as a member. Further, the login method with strengthened security may further include transmitting an authentication password input by the user client to the authentication server before the step of (a).
In accordance with a further aspect of the present invention, there is provided a login method with strengthened security including the steps of: by an access server connected with a user client and an authentication server through a wired/wireless network, (d) when a login ID and a login password input by the user client correspond to aregistration login ID and a registration login password, providing an identification code of a site of the access server and the registration login ID to the authentication server and making a request for an authentication; and (e) determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
The login method with strengthened security may further include transmitting an authentication password input by the user client to the authentication server before the step of (d).
In accordance with another further aspect of the present invention, there is provided a login method with strengthened security including the steps of: by an authentication server connected with a user client and an access server through a wired/wireless network,(f) when receiving an OTP input by the user client, a site identification code of the access server, a registration login ID, and an OTP operation expression from the access server, inquiring about the registration login ID in an authentication server database to extract a matched authentication password; and (g) determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the access server and transmitting a result to the access server.
The login method with strengthened security may further include receiving the site identification code of the access server, the registration login ID, and the authentication password from the access server and match-storing the received site identification code, registration login ID, and authentication password in the authentication server database before step of (f).
In accordance with still another further aspect of the present invention, there is provided a login method with strengthened security including the steps of: by an authentication server connected with a user client and an access server through a wired/wireless network,(h) when receiving a site identification code of an access server and a registration login ID from the access server, generating an OTP operation expression and transmitting the generated OTP operation expression to a user client; (i) when receiving an OTP from the user client, inquiring about the registration login ID in an authentication server database to extract a matched authentication password; and (j) determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the user client and transmitting a result to the access server.
The login method with strengthened security may further include receiving the site identification code of the access server, the registration login ID, the authentication password, and OTP operation difficulty level information set from two or more levels from the access server and match-storing the received site identification code, registration login ID, authentication password, and OTP operation difficulty level information in the authentication server database before the step of (h), wherein the OTP operation expression generated in step of (h) is generated with reflection of the operation difficulty level information.
According to a method in which a login system and a login method with strengthened security of the present invention, it is possible to provide convenience of use to individual users by further strengthening security in comparison with a conventional login method by performing an authentication for login by an OTP randomly generated by an authentication password and also generating an operation expression for the OTP generation according to a level of difficulty set by the user.
In addition, it is possible to provide convenience to the users while strengthening security by performing an authentication for login by an authentication password, which is not directly managed by an authentication server, through a single channel.
FIG. 1 is a sequence chart for describing a member registration process in a login system with strengthened security according to an embodiment of the present invention.
FIGs. 2a and 2b are sequence chartsfor describing a login process in the system illustrated in FIG. 1
FIGs. 3a and 3b illustrate examples of an OTP operation expression.
FIG. 4 is a sequence chart for describing a member registration process in a login system with strengthened security according to another embodiment of the present invention.
FIGs. 5a and 5b are sequence charts for describing a login process in the system illustrated in FIG. 4.
Hereinafter, exemplary embodiments of a login system and a login method with strengthened security will be described in detail with reference to the accompanying drawings.
FIG. 1 is a sequence chart for describing a member registration process in a login system with strengthened security according to an embodiment of the present invention. As illustrated in FIG. 1, the login system with strengthened security according to the present invention is implemented largely by connecting an online site requiring login prior to providing a service, for example, a server (hereinafter, referred to as an "access server") 200 such as various portal sites or game sites to various communication terminals of the user, for example, a desktop computer, a notebook computer, a portable terminal (hereinafter, referred to as a "user client") 100 such as a smart phone or a smart pad equipped with an Internet communication function, and an authentication server 300 for performing an additional authentication in a login process.
In the above described configuration, the access server 200 may include a database 220 for storing member information, for example, various information on members containing a member ID (hereinafter, referred to as a "login ID") and a registration password (hereinafter, referred to as a "login password") and a main server 210 for performing functions of communicating between the user client 100 and the authentication server 300 and managing the database 220. The main server 210 includes an OTP operation expression generator 212 randomly generated for an OTP operation which will be described below.
Meanwhile, the authentication server 300 may includes a database 320 for matching an authentication password registered by the user with identification code information of a corresponding cooperation site and an login ID used in the corresponding cooperation site and then storing them, and a main server 310 for performing functions of executing web communication between the user client 100 and the access server 200 and managing the database.
In a process in which the user client 100 subscribes to the access server 200 as a member through the above described login system, the user client 100 first accesses a site of the access server 200, sets a login ID and a login password, and inputs other personal information to subscribe to the site as the member in step S10 and step S12.
Then, the access server 200 match-stores the login ID and the login password set by the user in the database 220 in step S14 to register the user as the member.
Next, the access server 200 inquiries the user client 100 about whether to perform an additional authentication process in the login process in step S16. When the user client 100 makes a request for performing the additional authentication process, the access server 200 identifies the request in step S18, and then transmits an additional authentication information input window to the user clientin step S20. On the other hand, when the user client 100 does not make a request for performing the additional authentication process, the access server 200 considers that the authentication is performed by only the login ID and the login password, and thus terminates a program.
Meanwhile, the additional authentication information input window includes an authentication password input window for the additional authentication and an operation difficulty level information input window (or setting button) for the operation expression used for the OTP operation.
Here, the authentication password may consist of plural characters including a letter, a symbol, or a combination thereof, and an operation difficulty level may be divided into two levels such as "above average" and "below average", or three or more levels such as "above average", "average" and "below average". The numbers or letters included in the authentication password may be restrictively used according to a set operation difficulty level. For example, the authentication password is restrictively made in such a manner that only the numbers are used for the authentication password when the operation difficulty level is the "below average", and the numbers, the letters, the symbols may be used together for the authentication password when the operation difficulty level is equal to or higher than the "below average".
Furthermore, it may be restricted such that the OTP operation expression generator 212 generates the operation expression by using "+" (addition), "-"(subtraction), or a combination thereof in generating the OTP operation expression when the operation difficulty level is set to a relatively low level, and the OTP operation expression generator 212 generates the operation expression by using "*" (multiplication), "÷" (division) as well as "+" (addition) and "-"(subtraction) when the operation difficulty level is set to a relatively high level. Further, when the operation difficulty level is set to the relatively low level, the OTP operation expression may be determined in a range where a rounding up or down of a result value is not generated, for example, in such a manner that both the addition and the subtraction are available, but a maximum of up to 4 is added or subtracted when the authentication password in a corresponding position is "5", and only the subtraction is available, but a maximum of up to 8 is subtracted when the authentication password in a corresponding position is "9" in generating the OTP operation expression by the OTP operation express generator 212.
On the other hand, when the operation difficulty level is set to the relatively high level, the OTP operation expression may be determined to allow the rounding up or down in generating the OTP operation expression by the OTP operation expression generator 212. For example, the OTP operation expression may be determined that all of the addition, the subtraction, the multiplication, and the division are available for up to 9 in the authentication password, and in this case, the OTP operation expression may be determined such that the rounding up or down is ignored and only the result value is taken. For example, when the authentication password in a corresponding position is "7" and the operation expression is determined as "*5", a result is "35", but the former number "3" is removed and only the latter number "5" is determined as the OTP in the corresponding position.
Up to now, the operation difficulty level has been described, but the OTP operation expression may be variously configured by exchanging numbers in particular positions included in the authentication password or replacing a password in a predetermined position with a particular number or letter. Furthermore, it is preferable that before setting an operation difficulty level which the user desires, the user notifies the user client 100 of a limit or available range according to the corresponding operation difficulty level in a form of Help or an example. A reason to allow the user client to directly set the operation difficulty level is to generate the OTP operation expression under sufficient consideration of an individual difference between users.
Referring back to FIG. 1, the access server 200 receives additional authentication information from the user client100 in step S22, and then match-stores only operation difficulty level information of the received additional authentication information and the login ID in the database 220 in step S24. Then, the access server 200 transmits together the authentication password input by the user client 100, the login ID of the corresponding user client 100, and an inherent identification code (which can be predetermined) of the site to the authentication server 300 in step S26, so that the access server 200 does not directly manage the authentication password in the future login process. Next, the authentication server 300 match-stores the authentication password received from the access server 300, the site identification code, and the login ID of the corresponding site in the database 320 in step S28.
FIGs. 2a and 2b are sequence chartsfor describing a login process through the system illustrated in FIG. 1. As illustrated in FIGs. 2a and 2b, the user client 100 accesses the site of the access server 200 in step S50 and inputs the login ID and the login password in step S52 to make a request for login from the access server 200.
Then, the access server 200 inquires about the login ID and the login password input by the user client 100 and checks whether both the login IDand the login password accord with those in the database 220 in step S54, and determines whether the user client 100 is a subscribed member according to a result in step S56.
As a result of the determination in step S56, when the user client 100 is not the subscribed member, the access server 200 proceeds to step S57 and rejects the login. When the user client 100 is the subscribed member, the access server 200 proceeds to step S58 and determines whether the corresponding member is the user client 100 having made the request for the additional authentication in the login process. As a result of the determination in step S58, when the corresponding member is the user client 100 having not made the request for the additional authentication, the access server 200 proceeds to step S59 and immediately allows the login. When the corresponding member is the user client 100 having made the request for the additional authentication, the access server 200 proceeds to steps S60 and S62, generates an OTP operation expression suitable for the operation difficulty level information set by the corresponding user client 100, and transmits the generated OTP operation expression to the user client 100.
FIGs. 3a and 3b illustrate examples of the OTP operation expression. First, the example illustrated in FIG. 3acorresponds to the OTP operation expression having a relatively low operation difficulty level set by the user client 100, and the OTP operation expression is configured such that 3 is added to a third character froman uppermost character of the authentication password set by the user client 100 and 1 is subtracted from a sixth character when the authentication password has a total of eight characters. Accordingly, for example, when the authentication password registered by the user client 100 in the membership subscription process is "2/4/3/6/4/5/7/1", a final result value, that is, OTP is "2/4/6(=3+3)/6/4/5/6(=7-1)/1".
Next, the example illustrated in FIG. 3bcorresponds to the OTP operation expression having a relatively high operation difficulty level set by the user client 100, and the OTP operation expression is configured such that a second character from an uppermost character of the authentication password set by the user client 100 is multiplied by 3 and a fifth character is moved forward as much as a second letter (or number) when the authentication password has a total of eight characters. Accordingly, for example, when the authentication password set by the user client 100 is "2/4/3/6/l/u/c/k", a final result value, that is, OTP is "2/2(only the latter number is taken from 4*3=12)/3/6/j/u/c/k".
Referring back to FIG. 2b, the user client 100 transmits the OTP, which is operated by a brain action of the user and then input, to the OTP access server 200 in step S64, and the access server 200 transmits its site identification code, the ID of the corresponding user client 100, the used OTP operation expression, and the input OTP to the authentication server 300 and makes a request for the authentication in step S66.
Then, the authentication server 300 substitutes the authentication password set and registered by the user client 100 in the OTP operation expression received from the access server 200 to obtain the OTP in step S68, and identifies whether the obtained OTP corresponds to the OTP received from the access server 200 in step S66, performs the authentication, and then transmits a result to the access server 200 in steps S70 and S72.
Thereafter, in step S74, the access server 200 determines whether the authentication is succeeded according to the authentication result received from the authentication server 300 in step S72. When it is determined that the authentication is succeeded, the access server 200 allows the authentication in step S76. When it is determined that the authentication is failed, the access server 200 notifies the user client 100 of the failure, and then rejects the login in step S78.
FIG. 4 is a sequence chart for describing a membership registration process in the login system with strengthened security according to another embodiment of the present invention. The same reference numerals are assigned to the same components as those of the embodiment of FIG. 1, and their detailed description will be omitted. In this embodiment, the OTP operation expression generator 312 is not included in a main server 210’ of an access server 200’, but is included in a main server 310’ of an authentication server 300’, and accordingly the authentication server 300’ directly generates the OTP operation expression and transmits the generated OTP operation expression to the user client 100 in the login process, unlike the embodiment of FIG. 1. Further, due to a difference in such a configuration, the access server 200 transmits all additional authentication information input by the user client 100 together with its site identification code and the login ID to the authentication server 300 in step S26’ and as a result, the authentication server 300 match-stores the site identification code, the login ID, the authentication password, and the operation difficulty level information in the database 320 in step S28’ unlike the embodiment of FIG. 1.
FIGs. 5a and 5b aresequence chartsfor describing a login process in the system illustrated in FIG. 4. The reference numerals are assigned to the same components as those of embodiment of FIGs. 2a and 2b, and their detailed description will be omitted. In this embodiment, the authentication server 300’ directly generates the OTP operation expression and transmits the generated OTP operation expression to the user client 100, unlike the embodiment of FIGs. 2a and 2b. In a detailed description thereof, when it is identified that the corresponding member is the user client 100 having made the request for the additionalauthentication in step S58, the access server 200 transmits its site identification code and the login ID of the corresponding member to the authentication server 300 and makes a request for the authentication in step S80.
In response to the request, the authentication server 300 inquires the login ID of the corresponding member in the database 320, identifies the operation difficulty level set by the corresponding member, generates the suitable OTP operation expression, and transmits the generated OTP operation expression to the user client 100 in step S84.
Next, the user client 100 transmits the OTP, which is operated by the brain action of the user and then input, to the authentication server 300’ in step S86, and then the authentication server 300’ obtains the OTP by substituting the authentication password set and registered by the user client 100 in the OTP operation expression generated by the authentication server 300’ in step S88. Then, the authentication server 300’ determines whether the obtainedOTP corresponds to the OTP received from the user client 100 in step 86, performs the authentication, and then transmits a result to the access server 200’ in steps S90 and S92.
Detailed descriptions of steps S94, S96, and S98 will be omitted because the steps are the same as steps S74, S76, and S78.
The login system and the login method with strengthened security are not limited to the above described embodiments, and may be variously modified without departing from the scope of the present invention.

Claims (17)

  1. A login system with strengthened security comprising:
    an access server database for match-storing a registration login ID and a registration login password of a user client
    an OTP operation expression generator for generating an OTP operation expression; and
    an access server comprising a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, providing the OTP operation expression generated by the OTP operation expression generator, and, when an OTP is input by the user client, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
  2. A login system with strengthened security comprising:
    an authentication server database for match-storing a registration login ID of a user client for an access server, identification code of the access server, an authentication password of the user client and
    an authentication server comprising a main server for, when receiving an OTP input by the user client, a site identification code of the access server, the registration login ID, and an OTP operation expression from the access server, inquiring about the registration login ID in the authentication server database to extract a matched authentication password, determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the access server, and then transmitting a result to the access server.
  3. The login system with strengthened security as claimed in claim 2, further comprising:
    an access server database for match-storing a registration login ID with a registration login password of a user client
    an OTP operation expression generator for generating an OTP operation expression; and
    an access server comprising a main server for providing the OTP operation expression generated by the OTP operation expression generator when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting the input OTP, identification code of an access server site, the registration login ID, and the OTP operation expression to an authentication server, and determining whether login of the user client is allowed according to an authentication success or failure transmitted from the authentication server.
  4. The login system with strengthened security as claimed in claim 3, wherein the access server match-stores OTP operation difficulty level information setfrom two or more levels and the registration login ID in the access server database, and generates the OTP operation expression with reflection of the operation difficulty level information.
  5. A login system with strengthened security comprising:
    an access server database for match-storing a registration login ID and a registration login password of a user client; and
    an access server comprising a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting identification code of a site of the access server and the registration login ID to an authentication server, and determining whether to allow login of the user client according to an authentication success or failure received from the authentication server.
  6. A login system with strengthened security comprising:
    an authentication server database for match-storing a registration login ID of a user clientfor an access server, identification code of the access server, and an authentication password of the user client
    an OTP operation expression generator for generating an OTP operation expression; and
    an authentication server comprising a main server for, when receiving a site identification codeof the access server and the registration login ID from the access server, transmitting the OTP operation expression generated by the OTP operation expression generator to the user client, and, when receiving an OTP from the user client, determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP input by the user client and then transmitting a result to the access server.
  7. The login system with strengthened security as claimed in claim 6, further comprising:
    an access server database for match-storing a registration login ID with a registration login password of a user client and
    an access server comprising a main server for, when a login ID and a login password input by the user client correspond to the registration login ID and the registration login password, transmitting an identification code of a site of the access server and the registration login ID to the authentication server, and determining whether to allow login of the user client according to an authentication success or failure received form the authentication server.
  8. The login system with strengthened security as claimed in claim 6 or 7, wherein the authentication server match-stores OTP operation difficulty level information set from two or more levels and the registration login ID in the access server database, and generates the OTP operation expression with reflection of the operation difficulty level information.
  9. A login method with strengthened security comprising the steps of:
    by an access server connected with a user client and an authentication server through a wired/wireless network,
    (a) when a login ID and a login password input by the user client correspond to a registration login ID and a registration login password, generating an OTP operation expression and providing the generated OTP operation expression to the user client;
    (b) when an OTP is input by the user client, transmitting the input OTP, an identification code of a site of the access server, the registration login ID, and the OTP operation expression to the authentication server and making a request for an authentication; and
    (c) determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
  10. The login method with strengthened security as claimed in claim 9, wherein the OTP operation expression generated in the step of (a) is generated with reflection of OTP operation difficulty level information set from two or more levels set when the user client subscribes as a member.
  11. The login method with strengthened security as claimed in claim 9 or 10, further comprising transmitting an authentication password input by the user client to the authentication server before the step of (a).
  12. A login method with strengthened security comprising the steps of:
    by an access server connected with a user client and an authentication server through a wired/wireless network,
    (d) when a login ID and a login passwordinput by the user client correspond to a registration login ID and a registration login password, providing an identification code of a site of the access server and the registration login ID to the authentication server and making a request for an authentication; and
    (e) determining whether to allow login of the user client according to an authentication success or failure transmitted from the authentication server.
  13. The login method with strengthened security as claimed in claim 12, further comprising transmitting an authentication password input by the user client to the authentication server before the step of (d).
  14. A login method with strengthened security comprising the steps of:
    by an authentication server connected with a user client and an access server through a wired/wireless network,
    (f) when receiving an OTP input by the user client, a site identification code of the access server, a registration login ID, and an OTP operation expression from the access server, inquiring about the registration login ID in an authentication server database to extract a matched authentication password; and
    (g) determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the access server and transmitting a result to the access server.
  15. The login method with strengthened security as claimed in claim 14, further comprising receiving the site identification code of the access server, the registration login ID, and the authentication password from the access server and match-storing the received site identification code, registration login ID, and authentication password in the authentication server database before step of (f).
  16. A login method with strengthened security comprising the steps of:
    by an authentication server connected with a user client and an access server through a wired/wireless network,
    (h) when receiving a site identification code of an access server and a registration login ID from the access server,generating an OTP operation expression and transmitting the generated OTP operation expression to a user client;
    (i) when receiving an OTP from the user client, inquiring about the registration login ID in an authentication server database to extract a matched authentication password; and
    (j) determining whether an OTP obtained by substituting the authentication password in the OTP operation expression corresponds to the OTP received from the user client and transmitting a result to the access server.
  17. The login method with strengthened security as claimed in claim 16, further comprising receiving the site identification code of the access server, the registration login ID, the authentication password, and OTP operation difficulty level information set from two or more levels from the access server and match-storing the received site identification code, registration login ID, authentication password, and OTP operation difficulty level information in the authentication server database before the step of (h),
    wherein the OTP operation expression generated in step of (h) is generated with reflection of the operation difficulty level information.
PCT/KR2012/008430 2011-10-18 2012-10-16 Login system and method with strengthened security WO2013058515A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020110106320A KR101118605B1 (en) 2011-10-18 2011-10-18 Log-in system and method with strengthened security
KR10-2011-0106320 2011-10-18

Publications (1)

Publication Number Publication Date
WO2013058515A1 true WO2013058515A1 (en) 2013-04-25

Family

ID=45840571

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2012/008430 WO2013058515A1 (en) 2011-10-18 2012-10-16 Login system and method with strengthened security

Country Status (2)

Country Link
KR (1) KR101118605B1 (en)
WO (1) WO2013058515A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114640471A (en) * 2022-03-21 2022-06-17 重庆市规划和自然资源信息中心 Centralized government affair office client safety operation and maintenance method based on domestic operating system

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101420149B1 (en) * 2012-05-02 2014-07-17 주식회사 시큐브 Two-factor authentication login server system and method thereof
KR102428409B1 (en) * 2020-04-21 2022-08-03 (주)새움소프트 User authentication device, user authentication method using security code and computer program

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20010067759A (en) * 2001-03-20 2001-07-13 남충희 One Time Identification Service
US20070162745A1 (en) * 2003-10-14 2007-07-12 Lev Ginzburg User Authentication System and Method
KR20090099955A (en) * 2008-03-19 2009-09-23 슬림디스크 주식회사 The digital music album using flash memory and smart card cob, the playing device and the method of connecting with pc
KR20090100337A (en) * 2007-10-11 2009-09-23 주식회사 인포틱스 Security authentication method and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11203248A (en) 1998-01-16 1999-07-30 Nissin Electric Co Ltd Authentication device and recording medium for storing program for operating the device
JP4324951B2 (en) 2001-04-17 2009-09-02 横河電機株式会社 Password system
JP4913624B2 (en) 2007-02-21 2012-04-11 株式会社野村総合研究所 Authentication system and authentication method
KR100980321B1 (en) * 2008-07-31 2010-09-07 고려대학교 산학협력단 System for user authenticating and Method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20010067759A (en) * 2001-03-20 2001-07-13 남충희 One Time Identification Service
US20070162745A1 (en) * 2003-10-14 2007-07-12 Lev Ginzburg User Authentication System and Method
KR20090100337A (en) * 2007-10-11 2009-09-23 주식회사 인포틱스 Security authentication method and system
KR20090099955A (en) * 2008-03-19 2009-09-23 슬림디스크 주식회사 The digital music album using flash memory and smart card cob, the playing device and the method of connecting with pc

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114640471A (en) * 2022-03-21 2022-06-17 重庆市规划和自然资源信息中心 Centralized government affair office client safety operation and maintenance method based on domestic operating system

Also Published As

Publication number Publication date
KR101118605B1 (en) 2012-02-27

Similar Documents

Publication Publication Date Title
US8839393B2 (en) Authentication policy usage for authenticating a user
US8341710B2 (en) Ubiquitous webtoken
KR100885227B1 (en) Authentication network system
US20100333186A1 (en) Two-way authentication using a combined code
EP1538787A2 (en) Device pairing
US20120066749A1 (en) Method and computer program for generation and verification of otp between server and mobile device using multiple channels
WO2012043963A1 (en) Authentication method and server
KR20120062008A (en) Image-based man-in-the-middle protection in numeric comparison association models
WO2006020329B1 (en) Method and apparatus for determining authentication capabilities
CN101765998B (en) Using authentication ticket to initialize computer
WO2013100697A1 (en) Method, apparatus, and computer-readable recording medium for authenticating a user
WO2021145555A1 (en) Blockchain-based multinode authentication method and apparatus therefor
CN104488302A (en) Wireless connection authentication method and server
WO2011136464A1 (en) Password security input system using shift value of password key and password security input method thereof
WO2013058515A1 (en) Login system and method with strengthened security
KR20100099773A (en) System and method for log-in process
CN108566371B (en) Social authentication method, system and terminal equipment
CN113709740A (en) Method and system for displaying account information on authorized login page
KR102353189B1 (en) Authentication device using dynamic 2D code and driving method Thereof
WO2020022528A1 (en) System and method for generating security code or virtual account
JP5550175B2 (en) Server apparatus, information processing system, and information processing method
US11411952B2 (en) Systems and methods for multi-level authentication
WO2017065577A1 (en) User authentication method and system using variable key pad and face recognition
WO2018194302A1 (en) Authentication method using portable device
WO2016076558A1 (en) Certification pattern determination method and payment method using same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12841709

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12841709

Country of ref document: EP

Kind code of ref document: A1