KR101632541B1 - Method for Service File Security Using Universal Subscriber Identity Module - Google Patents
Method for Service File Security Using Universal Subscriber Identity Module Download PDFInfo
- Publication number
- KR101632541B1 KR101632541B1 KR1020150148010A KR20150148010A KR101632541B1 KR 101632541 B1 KR101632541 B1 KR 101632541B1 KR 1020150148010 A KR1020150148010 A KR 1020150148010A KR 20150148010 A KR20150148010 A KR 20150148010A KR 101632541 B1 KR101632541 B1 KR 101632541B1
- Authority
- KR
- South Korea
- Prior art keywords
- mobile terminal
- server
- security
- usim card
- file
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Abstract
Description
BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to a method of providing file security services using a USIM, and more particularly, to a service method for protecting various documents stored in a smart phone or a cloud server,
In the past, various files stored in a smart phone or a cloud server, pictures, videos, etc. are often hacked or leaked and illegally distributed. For example, a case in which various personal information of an individual is exposed or distributed, such as an exposure photograph of an entertainer stored in a cloud server is hacked and distributed, or a cloud server account of a security company is leaked, have.
In order to prevent this, various methods of securing the file information stored in the smart phone, the cloud server, and the like are performed, but the effectiveness is low.
SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and it is an object of the present invention to provide a mobile terminal and a mobile terminal, which can issue and store a cipher key on a USIM card installed in the mobile terminal and store the encrypted file in a mobile terminal or a cloud server using a cipher key, The purpose of the file security service is to provide a file security service that can not be restored or checked even if the file is hacked or leaked.
(A) downloading and installing a security applet connected to a mobile communication company server by a mobile terminal owned by a mobile communication subscriber; (b) registering an ID of a Universal Subscriber Identity Module (USIM) card in a mobile communication company server using the security applet installed in the mobile terminal; (c) the mobile communication company server transmits the ID of the USIM card received from the mobile terminal to the security server, and the security server receives the master key from the KMS (Key Management System) to generate personalization data; (d) receiving the personalization data including the master key from the security server via the OTA (over the air), and storing the received personalization data in the USIM card; (e) when the mobile terminal stores a master key in a USIM card, downloading and installing a security application from a mobile communication company server; (f) encrypting the target file using the security application when the encryption target file stored in the mobile terminal is selected by the mobile communication subscriber; (g) uploading the encrypted file to the cloud server and storing the encrypted file in the mobile terminal, and allowing the cloud server to download the encrypted file at the request of the mobile terminal, and (h) And decrypting the encrypted file downloaded from the cloud server by using the stored master key.
Further, in the present invention, in the step (f), the mobile terminal may further include a step of encrypting and deleting the target file.
Also, in the present invention, the mobile terminal may further include a step of displaying the decrypted file as visible information.
Also, in the present invention, the KMS may further include backing up the generated master key to HSM (Hierarchical Storage Management) and storing the master key.
In addition, the present invention provides a security system for a mobile communication terminal, comprising: a USIM card installed in a mobile terminal, in which a security applet downloaded from a mobile communication company server is installed and a master key received from a security server is stored; A mobile communication company server transmitting the security applet and security application to the mobile terminal, receiving and registering the ID of the USIM card installed in the mobile terminal, and transmitting the ID of the USIM card to the security server; A security server for receiving the ID of the USIM card from the mobile communication company server and generating personalized data using a master key of the KMS and storing the generated personalization data in a USIM card installed in the mobile terminal; A KMS for generating and transmitting a master key to the security server, and a cloud server for storing the encrypted file uploaded from the mobile terminal and transmitting the stored file to the mobile terminal. Feature.
According to the present invention, contents are not recoverable even if an encrypted file is leaked by issuing and storing an encryption key in a USIM card installed in a mobile terminal of a subscriber of a mobile communication company, encrypting various files and storing them in a mobile terminal or a cloud server, To provide secure file storage and to provide subscriber convenience for mobile communication companies and to provide high-tech security services that can increase sales.
1 is a block diagram illustrating a file security service system using a USIM according to an embodiment of the present invention.
2 is a flowchart illustrating a file security service method using a USIM according to the present invention.
Hereinafter, a file security service system using a USIM according to the present invention will be described in detail with reference to the accompanying drawings.
1, the
The mobile
The
The
A file security service method using the USIM according to the present invention will now be described with reference to FIG.
In FIG. 2, the
The mobile
When the master key is stored in the USIM card 11 (S8), the
Next, the
Therefore, according to the file security service method using the USIM of the present invention, after a master key corresponding to the ID of the USIM card installed in the mobile terminal of the mobile communication subscriber is issued and stored, the content including various documents, So that it is not possible to decrypt the file without the master key stored in the USIM card, so that even if hacking or leakage occurs, the contents can not be checked, so that the file information of the individual can not be viewed or distributed without permission There is one advantage.
While the invention has been shown and described with respect to the specific embodiments thereof, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined by the appended claims. Anyone who has it will know it easily.
10: mobile terminal 11: USIM card 20: mobile communication company server 30: security server 40: KMS 45: HSM 50:
Claims (5)
(a) connecting a mobile terminal held by a mobile communication subscriber to a mobile communication company server to download and install a security applet;
(b) registering an ID of a Universal Subscriber Identity Module (USIM) card in a mobile communication company server using the security applet installed in the mobile terminal;
(c) The mobile communication company server transmits the ID of the USIM card received from the mobile terminal to the security server, and the security server receives the master key from the KMS (Key Management System) to generate personalization data. Backing up the key to HSM (Hierarchical Storage Management) and storing the key;
(d) receiving the personalization data including the master key from the security server via the OTA (over the air), and storing the received personalization data in the USIM card;
(e) when the mobile terminal stores a master key in a USIM card, downloading and installing a security application from a mobile communication company server;
(f) encrypting the target file using the security application when the encryption target file stored in the mobile terminal is selected by the mobile communication subscriber, the mobile terminal encrypting the target file after the encryption;
(g) allowing the mobile terminal to upload the encrypted file to the cloud server and store the encrypted file, and allowing the cloud server to download the encrypted file at the request of the mobile terminal;
(h) the mobile terminal decrypts the encrypted file downloaded from the cloud server using the master key stored in the USIM card, and
(i) the mobile terminal displays the decrypted file as visible information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150148010A KR101632541B1 (en) | 2015-10-23 | 2015-10-23 | Method for Service File Security Using Universal Subscriber Identity Module |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150148010A KR101632541B1 (en) | 2015-10-23 | 2015-10-23 | Method for Service File Security Using Universal Subscriber Identity Module |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101632541B1 true KR101632541B1 (en) | 2016-06-21 |
Family
ID=56354075
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150148010A KR101632541B1 (en) | 2015-10-23 | 2015-10-23 | Method for Service File Security Using Universal Subscriber Identity Module |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101632541B1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019216847A3 (en) * | 2017-11-17 | 2020-01-02 | Turkcell Teknoloji Arastirma Ve Gelistirme Anonim Sirketi | A sim-based data security system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20130031435A (en) * | 2011-09-21 | 2013-03-29 | 주식회사 팬택 | Method and apparatus for generating and managing of encryption key portable terminal |
KR101293260B1 (en) | 2011-12-14 | 2013-08-09 | 한국전자통신연구원 | Mobile communication terminal and method |
-
2015
- 2015-10-23 KR KR1020150148010A patent/KR101632541B1/en active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20130031435A (en) * | 2011-09-21 | 2013-03-29 | 주식회사 팬택 | Method and apparatus for generating and managing of encryption key portable terminal |
KR101293260B1 (en) | 2011-12-14 | 2013-08-09 | 한국전자통신연구원 | Mobile communication terminal and method |
Non-Patent Citations (2)
Title |
---|
Pearson et al., "A Privacy Manager for Cloud Computing.", Cloud Computing. Springer Berlin Heidelberg, 90-106, 2009.* * |
아이마켓코리아, "[기업보안] 암호화키 관리의 중요성/보안키 관리 시스템(KMS)", 인터넷 블로그(http://itblog.imarketkorea.com/20), 2014.06.25.* * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019216847A3 (en) * | 2017-11-17 | 2020-01-02 | Turkcell Teknoloji Arastirma Ve Gelistirme Anonim Sirketi | A sim-based data security system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10223096B2 (en) | Logging operating system updates of a secure element of an electronic device | |
US9118662B2 (en) | Method and system for distributed off-line logon using one-time passwords | |
EP2765750A1 (en) | Controlling application access to mobile device functions | |
CN109039652B (en) | Digital certificate generation and application method | |
CA3186475A1 (en) | Transaction messaging | |
US9942047B2 (en) | Controlling application access to mobile device functions | |
CA3058012C (en) | Cryptography chip with identity verification | |
US11095620B1 (en) | Secure method, system, and computer program product for exchange of data | |
US11405782B2 (en) | Methods and systems for securing and utilizing a personal data store on a mobile device | |
CN103973646A (en) | Method, client device and system for storing services by aid of public cloud | |
KR101660674B1 (en) | an NFC mobile phone ID card certification system by the using of HCE function | |
US20160210596A1 (en) | Method, device and system for controlling presentation of application | |
JP5781678B1 (en) | Electronic data utilization system, portable terminal device, and method in electronic data utilization system | |
KR101473656B1 (en) | Method and apparatus for security of mobile data | |
US20150074415A1 (en) | Image Verification By An Electronic Device | |
KR101680536B1 (en) | Method for Service Security of Mobile Business Data for Enterprise and System thereof | |
KR101632541B1 (en) | Method for Service File Security Using Universal Subscriber Identity Module | |
Lee et al. | An NFC Anti-Counterfeiting framework for ID verification and image protection | |
CN110008654B (en) | Electronic file processing method and device | |
JP5678150B2 (en) | User terminal, key management system, and program | |
CN108875437A (en) | A kind of ID card information querying method and system | |
EP3975015B1 (en) | Applet package sending method and device and computer readable medium | |
KR20110035759A (en) | Method and system for issuing of mobile application | |
KR100753829B1 (en) | Mobile reader and contents server having contents security function, and method in mobile reader | |
CN114218536A (en) | Resource request method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20190401 Year of fee payment: 4 |