KR101679665B1 - Security method for electronic device using power line communication, recording medium and device for performing the method - Google Patents

Security method for electronic device using power line communication, recording medium and device for performing the method Download PDF

Info

Publication number
KR101679665B1
KR101679665B1 KR1020150154013A KR20150154013A KR101679665B1 KR 101679665 B1 KR101679665 B1 KR 101679665B1 KR 1020150154013 A KR1020150154013 A KR 1020150154013A KR 20150154013 A KR20150154013 A KR 20150154013A KR 101679665 B1 KR101679665 B1 KR 101679665B1
Authority
KR
South Korea
Prior art keywords
electronic device
security
authentication
power line
access
Prior art date
Application number
KR1020150154013A
Other languages
Korean (ko)
Inventor
이호
Original Assignee
이호
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 이호 filed Critical 이호
Priority to KR1020150154013A priority Critical patent/KR101679665B1/en
Application granted granted Critical
Publication of KR101679665B1 publication Critical patent/KR101679665B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B3/00Line transmission systems
    • H04B3/54Systems for transmission via power distribution lines
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Cable Transmission Systems, Equalization Of Radio And Reduction Of Echo (AREA)

Abstract

The present invention relates to a method for security for an electronic device by using Power Line Communication (PLC), and a recording medium and device for performing the method. The method for security for an electronic device by using PLC comprises the steps of: performing authentication for use of an electronic device via PLC with a security server when power is supplied to the electronic device; preventing the electronic device from being used when the authentication for use of the electronic device fails; and, when the authentication for use of the electronic device has been completed, monitoring the use of the electronic device and controlling a right to access at least one security target among a file and program stored in the electronic device and a storage medium and peripheral device connected to the electronic device. Accordingly, efficient and enhanced security for an electronic device can be provided.

Description

TECHNICAL FIELD [0001] The present invention relates to a security method of an electronic device using power line communication, a recording medium and a device for performing the security method,

The present invention relates to a security method of an electronic device using power line communication, a recording medium and an apparatus for performing the security method, and more particularly, to a security device using a power line communication, And a recording medium and an apparatus for performing the security method.

Power Line Communication (PLC) has been studied since 1920s as a new technology that transmits voice, text data, and video using power lines that supply electricity to homes and offices.

If you plug in only the electric plug without a telephone line, you can use it from broadband internet communication to internet telephone (VoIP), home networking, home automation and remote meter reading.

Currents commonly used in homes today are 60 Hz in frequency and 110 V or 220 V in voltage. For example, power line communication enables high-speed communication by transmitting communication signals in a frequency band other than 60 Hz, i.e., 1 to 30 MHz frequency band.

This power line communication can be used only at 60 to 70% of the high-speed Internet service facility cost using the existing optical communication cable network, and there is an advantage that the communication fee is greatly reduced because there is no need to pay the line fee.

In addition, home networking can be implemented using power lines that already exist in the home without additional wiring work. There is no need to install a local area network (LAN), which has a large cost burden, in general business sites, which is advantageous in terms of convenience and cost.

KR 10-2008-0038964 A KR 10-0961842 B1

SUMMARY OF THE INVENTION Accordingly, the present invention has been made in view of the above problems, and it is an object of the present invention to provide a security method of an electronic device using power line communication for controlling use and access to an electronic device represented by a personal computer.

It is another object of the present invention to provide a recording medium on which a computer program for performing an electronic device security method using the power line communication is recorded.

It is still another object of the present invention to provide an apparatus for performing an electronic device security method using the power line communication.

According to an aspect of the present invention, there is provided a method for security of an electronic device using power line communication, the method comprising: receiving power from the security server through power line communication (PLC) Performing authentication of use of the device; Blocking use of the electronic device if authentication of use of the electronic device fails; And controlling access to the security object of at least one of a file stored in the electronic device, a program, and a storage medium connected to the electronic device, or a peripheral device, when the use authentication of the electronic device is completed .

In an embodiment of the present invention, the security method of the electronic device using the power line communication may further include performing authentication of the user by communicating with the security server when the use authentication of the electronic device is completed.

In the embodiment of the present invention, the step of controlling the access right to the secured object may include a step of releasing the encryption and allowing the access when the electronic device or the user having access to the secured object accesses have.

In the embodiment of the present invention, the step of controlling the access right to the secured object may include the step of blocking access when the electronic device or the user who is not authorized to access the secured object does not release the encryption .

In the embodiment of the present invention, the step of performing the use authentication of the electronic device through the power line communication with the security server may include the step of, when the electronic device includes the display unit, And displaying on the display unit of the electronic device.

In an embodiment of the present invention, blocking the use of the electronic device may lock the electronic device from use.

In an embodiment of the present invention, the security method of an electronic device using the power line communication is characterized in that when the security target is a file or a program, when a file or a program is stored in the electronic device, And when the storage medium or the peripheral device is connected to the electronic device, encrypting the security object.

In an exemplary embodiment of the present invention, the security method of an electronic device using the power line communication may further include storing an access record of the security object in the security server to record security breach.

In an embodiment of the present invention, the security method of the electronic device using the power line communication may further include blocking the use of the electronic device under the control of the security server.

According to another aspect of the present invention, there is provided a computer-readable storage medium storing a computer program for performing an electronic device security method using power line communication.

According to another aspect of the present invention, there is provided a security device for an electronic device using power line communication, the security device comprising: a power line communication (PLC: Power Line Communication) A power line communication unit; An electronic device use authentication unit which authenticates the use of the electronic device through the connection with the security server through the power line communication; An access authority authenticating unit that monitors the use of the electronic device and authenticates an access right to a security object when the use authentication of the electronic device is completed; And a control unit for blocking use of the electronic device or controlling access to the security object according to the use authentication of the electronic device and the access authorization result.

In an embodiment of the present invention, the security target may be at least one of a file stored in the electronic device, a program, a storage medium connected to the electronic device, and a peripheral device.

In the embodiment of the present invention, the security device of the electronic device using the power line communication is characterized in that when the security target is a file or a program, when a file or a program is stored in the electronic device, And an encryption unit encrypting the security object when the storage medium or the peripheral device is connected to the electronic device.

In an embodiment of the present invention, the security device of the electronic device using the power line communication may further include a user authentication unit for performing user authentication by communicating with the security server when the use authentication of the electronic device is completed.

In an embodiment of the present invention, the control unit can release the encryption and allow access when an electronic device or a user having access to the security target approaches.

In an embodiment of the present invention, the control unit may block access by not releasing an electronic device or encryption which is not authorized to access the security target.

In an embodiment of the present invention, when the electronic device includes a display unit, the electronic device use authentication unit may display on the display unit of the electronic device that the use authentication with the security server is in progress.

In an embodiment of the present invention, the control unit may include a method of not allowing the electronic device to log in, a method of shutting off the power source, a method of forcibly logging out the electronic device, And locking the electronic device in an unusable manner by at least one of a method of restricting operation of the input device of the electronic device and a method of restricting the operation of the input device of the electronic device.

In an embodiment of the present invention, the security device of the electronic device using the power line communication may further include a recorder for storing an access record of the security object in the security server to record security breach.

In an embodiment of the present invention, the control unit may block use of the electronic device under the control of the security server.

According to the security method of the electronic device using the power line communication, in the use of the electronic device represented by a PC such as a desktop, a notebook, and a peripheral device such as a projector, a printer, etc., Access is granted, and only individual authorized permissions are granted.

Accordingly, the physical authentication through the power line is performed first, the individual authentication is performed secondarily, and the access right authentication is finally performed, so that security is enhanced without giving additional inconvenience to the user.

In addition, since the electronic device can be used only in the security area connectable with the authentication server, the electronic device can not be used when the electronic device is stolen or lost, and even if the electronic device is physically disassembled, can do. Furthermore, costs can be reduced because existing infrastructure can be used without the need for a separate device or equipment.

1 is a conceptual diagram of a security system of an electronic device using power line communication according to the present invention.
2 is a block diagram of a security device of an electronic device using power line communication according to an embodiment of the present invention.
3 is a block diagram of a security device of an electronic device using power line communication according to another embodiment of the present invention.
Fig. 4 is an illustration of an electronic device display when authenticating use of the electronic device of Figs. 2 and 3;
5 is a macro flowchart of a security method of an electronic device using power line communication according to the present invention.
6 and 7 are detailed flowcharts of a security method of an electronic device using power line communication according to embodiments of the present invention.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

Hereinafter, preferred embodiments of the present invention will be described in more detail with reference to the drawings.

1 is a conceptual diagram of a security system of an electronic device using power line communication according to the present invention. 2 is a block diagram of a security device of an electronic device using power line communication according to an embodiment of the present invention. 3 is a block diagram of a security device of an electronic device using power line communication according to another embodiment of the present invention. Fig. 4 is an illustration of an electronic device display when authenticating use of the electronic device of Figs. 2 and 3;

The security device 10 according to the present invention authorizes use and access to an electronic device supplied with power through power line communication (PLC).

1, a security system 1 including a security device 10 according to the present invention includes an authentication server 200 and a power supply 400 formed in a security area (SA) Electronic devices 100 and 300, respectively. In addition, it may further include peripheral devices 500, 600, 700 of the electronic device 100, 300 formed in the security area SA.

The security area (SA) is an area formed by a virtual network for performing security, and can be set to, for example, a company, a public office, a building, or a factory. The electronic devices 100 and 300 and the peripheral devices 500, 600, and 700 formed in the security area SA are usable only when they are authenticated through the authentication server 200.

The authentication server 200 may be formed inside or outside the security area SA and performs power line communication with the security device 10 to authenticate the electronic device 100 or 300. The power supply 400 is a device for supplying power through a power line, and may be an outlet, a plug, or the like.

The electronic devices 100 and 300 are typically a PC, a notebook computer, or the like, but may be any electronic device that receives power through a power line. For example, it is possible to use a printer, a projector, a fax machine, a tablet computer, a netbook, a PDA, a PMP, a PSP, an MP3 player, an e-book reader, An electronic watch, a game machine, and the like, as well as a desktop computer, a smart TV, and the like.

The peripheral devices 500, 600, and 700 may be connected to the electronic devices 100 and 300 such as a printer, a projector, a facsimile, a storage device, an external hard disk, Lt; / RTI > devices.

Referring to FIG. 2, the security device 10 includes a power line communication unit 110, a security unit 130, and a control unit 150 according to an exemplary embodiment of the present invention. The configuration of the power line communication unit 110, the security unit 130 and the control unit 150 may be formed inside the electronic device 100 or 300 and all configurations may include one integrated module Or each configuration may be formed as a separate module.

In another embodiment, the power line communication unit 110 may be a separate device from the electronic device 100, 300 and may be interfaced with the electronic device 100, 300. For example, a storage device (e.g., USB) storing a separate hardware on which a power line communication module is mounted, and may be connected to the electronic devices 100 and 300. [

The power line communication unit 110 may be formed near the power supply unit 400 and may include the security unit 130 and the control unit 150 formed in or connected to the electronic devices 100 and 300, Communication may be performed.

When power is supplied to the electronic devices 100 and 300 through the power supply 400, the power line communication unit 110 applies a security protocol to the authentication server 200 to perform power line communication (PLC: Power Line Communication.

In other words, the power supply 400 is used as a communication terminal, and data is transmitted and received using a power line as a communication line. Power line communication enables high-speed communication by transmitting a communication signal in a frequency band (for example, 1 to 30 MHz) other than the commercial frequency band. In relation to the standardization, international standardization work of technology preemption level is being promoted such as home plug of USA, PLC Forum of Europe, and PLC Forum-Korea of Korea in 2000.

The security unit 130 performs authentication of the electronic devices 100 and 300 primarily through power line communication with the authentication server 200 and performs authentication for a security target to perform two-step authentication .

When power is supplied to the electronic devices 100 and 300 through the power supply 400, the security unit 130 first performs connection authentication through power line communication with the authentication server 200 When the access authentication of the electronic device use authenticating unit 131 and the electronic device use authenticating unit 131 is completed, the use of the electronic device 100 or 300 is monitored and the access right to the security object is authenticated And an authority authentication unit 135.

When the electronic devices 100 and 300 are connected to the power supply unit 400, the electronic device use authentication unit 131 physically performs connection authentication with the authentication server 200 through power line communication, Allowing the use of electronic devices 100, 300.

The connection authentication of the electronic device use authentication unit 131 is automatically performed when power is applied to the electronic apparatuses 100 and 300 (for example, a plug of the PC is plugged into an outlet) Do not ask.

The electronic device use authenticating unit 131 authenticates the authentication server 200 by using the MAC address and unique ID of the electronic device 100 or 300 and the default key used for generating the temporary key, May be transmitted to the authentication server 200 through the power line communication unit 110. The default key is a key for encryption, which is basically provided in ordinary power line communication.

Upon receiving the data, the authentication server 200 checks an internal database, compares the MAC address and unique ID of devices registered in the database, verifies whether there is a matching MAC address and unique ID, and generates an authentication value And transmits it to the power line communication unit 110.

The power line communication unit 110 and the authentication server 200 may communicate with each other through a server or a device acting as an intermediary or intermediary, and transmit and receive encrypted signals to each other.

During the use authentication with the authentication server 200, the electronic devices 100 and 300 perform functions for use authentication only, and the user can not perform other functions of the electronic devices 100 and 300.

The physical devices 100 and 300 can use the electronic devices 100 and 300 only in the security area SA that can be connected to the authentication server 200 through use authentication, The security areas SA are out of order when the electronic devices 100 and 300 are stolen or lost, and the electronic devices 100 and 300 can not be used, thereby enhancing security.

Referring to FIG. 4, an example shown on the screen while the electronic device 100, 300 performs authentication for use is indicated as "secure" and the electronic device 100, 300 is substantially powered So that it is prevented from being used as another function.

The electronic device 100 or 300 notifies the access authorization authenticating unit 135 of the completion of the use authentication and notifies the access authorization authenticating unit 135 The unit 135 monitors the use of the electronic devices 100 and 300 to authenticate the access right to the security object.

The electronic device use authentication unit 131 notifies the control unit 150 of the failure to authenticate use of the electronic devices 100 and 300 as a primary. The control unit 150, which is informed of the failure of the primary access authentication, locks the electronic devices 100 and 300 and blocks the use thereof. Various ways in which the use of the electronic device 100, 300 can be blocked can be used.

For example, a method of not allowing logins of the electronic device 100, 300, a method of powering off the electronic device 100, 300, a method of forcibly logging out the electronic device 100, A method of turning off the screen of the electronic devices 100 and 300 and a method of restricting the operation of the input devices of the electronic devices 100 and 300 such as a keyboard and a mouse.

The control unit 150 which is informed of the success of the use authentication of the electronic devices 100 and 300 as a primary is notified that the security target .

The security object may include a file stored in the electronic device 100, 300, a program in the electronic device 100, 300 and a storage medium coupled to the electronic device 100, 300, Peripheral devices 500, 600, 700, and the like.

If the access right of the electronic device (100, 300) is authorized for the security target, the control unit (150) releases the encryption set to the security target to permit use of the security target, . ≪ / RTI > The control unit 150 can confirm whether the electronic device 100 or 300 has the right to access the security object through the power line communication with the authentication server 200 when the encryption of the security object is released.

A security object such as a file, a program, or the like stored in the electronic device 100 or 300 may be encrypted by communicating with the security server 200 when the electronic device 100 or 300 is stored or connected. To this end, the security device 10 may further include an encryption unit for encrypting the security object file.

For example, when the security object is a file stored in the electronic device 100 or 300, the control unit 150 performs authentication of access rights to all files stored in the electronic device 100 or 300 , It is possible to perform authentication of access authority only for a specific file.

The specific file may be designated by the user in advance. In one embodiment, each file may be set as a security target, or files may be designated as a group or category to be set as a security target. Alternatively, the folder in which the file is stored may be set as a security target. As another embodiment, a specific program may be set as a security target.

As another embodiment, all of the document files (e.g., doc, hwp, and txt) may be designated as security targets, or the image files (e.g., jpg, tif, pdf)

In one embodiment, when a user sets a security target to a folder or a group, and the access right to one of the files included in the folder or group is recognized, the use of the file included in the folder or group And may be allowed to omit additional authentication procedures.

On the other hand, when the electronic devices 100 and 300 that fail to use the authentication with the authentication server 200 attempt to use the security object with other routes, that is, when the access right of the electronic device 100 or 300 is recognized The control unit 150 does not release the encryption of the security object, thereby preventing the security object from being used.

When the primary use authentication with the authentication server 200 is successful, the security device 10 can proceed to authenticate access rights to be secured secondarily, but may additionally require a user authentication procedure.

Referring to FIG. 3, the security unit 130 of the security device 10 according to an embodiment of the present invention further includes a user authentication unit 133. The security device 10 of FIG. 3 is substantially the same as the security device 10 of FIG. 1, except that it includes a user authentication portion 133, so that the same components are given the same reference numerals, It is omitted.

The user authentication unit 133 communicates with the security server 200 to perform user authentication when the use authentication of the electronic device 100 or 300 is completed in the electronic device use authentication unit 131. [

The user authentication unit 133 may input an ID and a password to the user for user authentication. When the user inputs an ID and a password, the user authentication unit 133 transmits the MAC address and the unique ID to the authentication server 200, and the authentication server 200 transmits data stored therein Make sure that you are a legitimate user. In addition, various authentication methods such as face recognition or fingerprint recognition may be applied.

Each user can be assigned an access right according to the security subject, and the control unit 150 cancels the encryption of the security subject according to the user individual access right to the security objective.

The control unit 150 may be directly controlled by the authentication server 200. If the control unit 150 prohibits the use of the device for unauthorized use or other reasons, And block or restrict the use of the user.

The security device 10 may further include a recorder for storing an access record to the security object in the authentication server 200 to record whether or not the security object is a security violation. The stored access record can then be used as data to block the use of subsequent accesses.

According to the security method of the electronic device using the power line communication, the security is further enhanced because the use of the electronic device is performed first and the authentication of the access right of the security object is performed secondarily.

In addition, since the electronic device can be used only in the security area that can be connected to the authentication server, the electronic device can not be used because it is out of security area when the electronic device is stolen or lost. In addition, even if the electronic device is physically decomposed, it is encrypted and can perform a strong security function. Furthermore, it is economical to use the existing infrastructure without the need for a separate device or equipment.

5 is a macro flowchart of a security method of an electronic device using power line communication according to the present invention. 6 and 7 are detailed flowcharts of a security method of an electronic device using power line communication according to embodiments of the present invention.

The security method of the electronic device using the power line communication according to the present embodiment can be performed in substantially the same configuration as the security device 10 of FIG. 1 and the security device 10 of FIG. Therefore, the same components as those of the security device 10 of FIG. 1 and the security device 10 of FIG. 3 are denoted by the same reference numerals, and repeated descriptions are omitted. Further, the security method of the electronic device using the power line communication according to the present embodiment can be executed by software (application) for performing security of the electronic device using the power line communication.

Referring to FIG. 5, the security method of an electronic device using power line communication according to the present invention includes: performing authentication of use of an electronic device macroscopically (step S10), performing user authentication (step S30) (Step S50). ≪ / RTI >

The step of performing the user authentication (step S30) may be omitted as an optional step. For example, if the electronic device does not require input of a user ID such as a print, a projector, or a facsimile, the user authentication step may be omitted (step S30).

Referring to FIG. 6, in order to explain a security method of an electronic device using power line communication according to an embodiment of the present invention, power is supplied to the electronic devices 100 and 300 through the power supply 400 (Step S001), the use authentication of the electronic device is performed through the power line communication (PLC: Power Line Communication) with the authentication server 200 (step S110).

Typically, the electronic devices 100 and 300 are PCs, notebooks, and the like, but may be all electronic devices that receive power through power lines and store files. For example, it is possible to use a printer, a projector, a fax machine, a tablet computer, a netbook, a PDA, a PMP, a PSP, an MP3 player, an e-book reader, Electronic devices such as a desktop computer, a smart TV, a printer, and a facsimile, as well as various types of mobile devices such as an electronic dictionary, an electronic clock, and a game machine.

The power line communication may be performed using a PLC module formed inside the electronic devices 100 and 300 or by interfacing with an external device.

The step of performing the use authentication of the electronic device (step S110) is a first authentication through a physical connection with the authentication server 200. The electronic device 100, 300 is powered on (for example, Plugging the plug into the outlet) is performed automatically and does not require any other authentication behavior of the user.

The electronic device 100 or 300 transmits a MAC address and a unique ID of the electronic device 100 or 300 itself and a default key used for generating a temporary key to the authentication server 200 To the authentication server (200). The default key is a key for encryption, which is basically provided in ordinary power line communication.

Upon receiving the data, the authentication server 200 checks an internal database, compares the MAC address and unique ID of devices registered in the database, verifies whether there is a matching MAC address and unique ID, and generates an authentication value To the electronic device (100, 300).

The electronic devices 100 and 300 and the authentication server 200 may communicate with each other through a server or a device acting as an intermediary or intermediary and transmit and receive encrypted signals to each other.

During the use authentication with the authentication server 200, the electronic devices 100 and 300 perform functions for use authentication only, and the user can not perform other functions of the electronic devices 100 and 300.

The physical devices 100 and 300 can use the electronic devices 100 and 300 only in the security area SA that can be connected to the authentication server 200 through use authentication, The security areas SA and the electronic devices 100 and 300 can not be used when the electronic devices 100 and 300 are stolen or lost, thereby further enhancing security.

If the connection authentication with the authentication server 200 fails (step S130), the electronic devices 100 and 300 are locked to block the use of the electronic devices 100 and 300 (step S150).

Various ways in which the use of the electronic device 100, 300 can be blocked can be used. For example, a method of not allowing logins of the electronic device 100, 300, a method of powering off the electronic device 100, 300, a method of forcibly logging out the electronic device 100, A method of turning off the screen of the electronic devices 100 and 300 and a method of restricting the operation of the input devices of the electronic devices 100 and 300 such as a keyboard and a mouse.

When the use authentication of the electronic device 100 or 300 is completed (step S130), the access authority authentication of the electronic device 100 or 300 is performed for the security object (step S310).

The security object may include a file stored in the electronic device 100, 300, a program in the electronic device 100, 300 and a storage medium coupled to the electronic device 100, 300, Peripheral devices 500, 600, 700, and the like.

The peripheral devices 500, 600, and 700 are connected to the electronic devices 100 and 300 such as a printer, a projector, a facsimile, a storage device, an external hard disk, Device.

If the access right of the electronic device 100 or 300 is authorized for the security object (step S330), in order to allow the use of the security object, (Step S370). In this case, a file or a program to be used can be opened, and a peripheral device such as a printer or the like can be used.

When the use of the security object is allowed (step S370), the electronic device 100 or 300 can confirm whether the electronic device 100 or 300 has the right to access the security object through the power line communication with the authentication server 200. [

A security object such as a file, a program, or a peripheral device stored in the electronic device 100 or 300 can be encrypted by communicating with the security server 200 when the electronic device 100 or 300 is stored or connected. To this end, the security device 10 may further include a step of encrypting the security object file, according to the security method of the electronic device using the power line communication according to the present embodiment.

For example, when the security object is a file stored in the electronic device 100 or 300, performing authentication of access authorization of the electronic device 100 or 300 to the security object (step S310) You can perform authentication for all stored files, or you can authenticate access rights only to specific files.

The specific file may be designated by the user in advance. In one embodiment, each file may be set as a security target, or files may be designated as a group or category to be set as a security target. Alternatively, the folder in which the file is stored may be set as a security target. As another embodiment, a specific program may be set as a security target.

As another embodiment, all the document files (e.g., doc, hwp, and txt) may be designated as security targets, or the image files (e.g., jpg, tif, and pdf)

In one embodiment, when a user sets a security target to a folder or a group, and the access right to one of the files included in the folder or group is recognized, the use of the file included in the folder or group And may be allowed to omit additional authentication procedures.

On the other hand, if the access right of the electronic device 100 or 300 is not recognized, the encryption of the security object is not canceled, and the access of the electronic device 100 or 300 is blocked so that the security object can not be used Step S350).

If the use authentication of the electronic device 100 or 300 is successful, the access right authentication of the security target can be performed secondarily, but the user authentication process may be further required.

Referring to FIG. 7, when the authentication of use of the electronic device 100 or 300 is completed, the security server 200 communicates with the security server 200, Further authentication can be performed (step S210).

For user authentication, the user may be prompted to enter an ID and password. When the user inputs the ID and the password, the electronic device 100 or 300 transmits the MAC address and the unique ID to the authentication server 200, and the authentication server 200 transmits the data And confirms that the user is a legitimate user. In addition, various authentication methods such as face recognition or fingerprint recognition may be applied.

Each user can designate the access right according to the security target and can release the encryption of the security target according to the user individual access right to the security target.

The electronic device security method using the power line communication according to the present invention can be directly controlled by the authentication server 200. When the electronic device 100 or 300 is not allowed to use for unauthorized use or other reasons, Or the use of the < / RTI >

 In addition, an access record to the security object may be stored in the authentication server 200 to record security violation. The stored access record can then be used as data to block the use of subsequent accesses.

According to the security method of the electronic device using the power line communication, since the use of the electronic device is performed first and the authentication of the access right of the security object is performed secondarily, security is further enhanced.

In addition, since the electronic device can be used only in the security area that can be connected to the authentication server, the electronic device can not be used because it is out of security area when the electronic device is stolen or lost. In addition, even if the electronic device is physically decomposed, it is encrypted and can perform a strong security function. Furthermore, it is economical to use the existing infrastructure without the need for a separate device or equipment.

Such a security method of an electronic device using power line communication can be implemented in an application or can be implemented in the form of program instructions that can be executed through various computer components and recorded in a computer-readable recording medium. The computer-readable recording medium may include program commands, data files, data structures, and the like, alone or in combination.

The program instructions recorded on the computer-readable recording medium may be ones that are specially designed and configured for the present invention and are known and available to those skilled in the art of computer software.

Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floptical disks, media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like.

Examples of program instructions include machine language code such as those generated by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules for performing the processing according to the present invention, and vice versa.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the present invention as defined by the following claims. You will understand.

The present invention is a security device related to the use of a PC, a notebook or the like and access control of a file, a program, and a peripheral device. The security protocol is applied through a power source supplied to a PC or a notebook, thereby granting access only to authorized persons. Therefore, it is expected that the cost will be reduced and the power will be increased because the existing power line is used without a separate device or equipment. Furthermore, it can be applied to all electronic appliances and household appliances that are powered.

1: Security system
10: Security device
100, 300: Electronic device
400: Power supply
200: authentication server
500, 600, 700: Peripherals
110: Power line communication section
130:
131: Electronic device use authentication unit
133: User authentication unit
135: Access authority authentication unit
150:

Claims (20)

When power is supplied to the electronic device by a power supply formed in a security area in which only an electronic device registered in advance in the security server is available, the electronic device is physically connected to the security server through power line communication (PLC) Performing authentication of use of the electronic device with respect to whether or not the electronic device is usable;
Blocking use of the electronic device if authentication of use of the electronic device fails;
Wherein when the use authentication of the electronic device is completed, the use of the electronic device is allowed, and a security target of at least one of a file, a program, and a storage medium connected to the electronic device, Performing access authority authentication of the electronic device with respect to whether or not the electronic device has access right; And
And controlling the access right to the security object in the electronic device according to the electronic device access right authentication result.
The method according to claim 1,
Further comprising communicating with the security server to perform user authentication when authentication of use of the electronic device is completed.
3. The method according to claim 2, wherein the step of controlling the access right to the secured object comprises:
And releasing encryption of a security object for which the access right authentication of the electronic device has been completed among the at least one security object to allow the electronic device to access the security object. Way.
3. The method according to claim 2, wherein the step of controlling the access right to the secured object comprises:
And prohibiting access to the security object from the electronic device by not releasing encryption for the security object for which the access right authentication of the electronic device failed among the at least one security object Security method.
The method of claim 1, wherein performing authentication of use of the electronic device through power line communication with the security server comprises:
Further comprising the step of, when the electronic device includes a display unit, displaying on the display unit of the electronic device that the use authentication with the security server is proceeding.
The method of claim 1, wherein blocking the use of the electronic device comprises:
A method for disabling the login of the electronic device, a method for disconnecting the power source, a method for forcibly logging out an electronic device, a method for turning off the screen of the electronic device, and an operation of the input device of the electronic device Wherein the locking means locks the electronic device in an unusable manner in at least one of the following ways.
The method according to claim 1,
Further comprising encrypting the security object when the file or program is stored in the electronic device when the security object is a file or a program.
The method according to claim 1,
Further comprising the step of storing an access record of the security object in the security server to record security breach.
delete A computer-readable recording medium on which a computer program is recorded, for performing a security method of an electronic device using power line communication according to any one of claims 1 to 8.
A power line communication unit that performs power line communication (PLC: Power Line Communication) with the security server when power is supplied to the electronic device by a power supply formed in a security area that can be used only in an electronic device previously registered in the security server;
Through the power line communication, Wherein the information about the electronic devices usable in the security area stored in advance in the security server is matched with the information of the electronic device connected to the power supply to determine whether the electronic device connected to the power supply is usable in the security area An electronic device use authentication unit that performs primary authentication, which is a use authentication of the electronic device with respect to whether or not the electronic device is authenticated;
Monitoring the use of the electronic device to determine whether the electronic device is accessible for a security object of at least one of a file stored in the electronic device, a program, and a storage medium connected to the electronic device, An access right authentication unit for performing secondary authentication, which is an access right authentication of the electronic device, with respect to whether or not the right is authorized; And
And a control unit for blocking use of the electronic device or controlling access to the security object in accordance with the usage authentication of the electronic device and the authentication result of the access right.
delete 12. The method of claim 11,
Further comprising an encryption unit for encrypting the security object when the file or the program is stored in the electronic device when the security target is a file or a program.
12. The method of claim 11,
Further comprising a user authentication unit that communicates with the security server to perform user authentication when the use authentication of the electronic device is completed.
The apparatus as claimed in any one of claims 11 and 14,
And permits access by releasing encryption when accessing the electronic device or the user having access to the security target.
The apparatus as claimed in any one of claims 11 and 14,
And the access is blocked by not releasing the encryption when accessing the electronic device or the user who does not have the access right to the security target.
12. The electronic device according to claim 11,
And displays, on the display unit of the electronic device, that the use authentication with the security server is proceeding when the electronic device includes the display unit.
12. The apparatus according to claim 11,
A method for disabling the login of the electronic device, a method for disconnecting the power source, a method for forcibly logging out an electronic device, a method for turning off the screen of the electronic device, and an operation of the input device of the electronic device Wherein the locking means locks the electronic device in an unusable manner in at least one of the following ways.
12. The method of claim 11,
And a recorder for storing a record of access to the security object in the security server to record security violation.
delete
KR1020150154013A 2015-11-03 2015-11-03 Security method for electronic device using power line communication, recording medium and device for performing the method KR101679665B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150154013A KR101679665B1 (en) 2015-11-03 2015-11-03 Security method for electronic device using power line communication, recording medium and device for performing the method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150154013A KR101679665B1 (en) 2015-11-03 2015-11-03 Security method for electronic device using power line communication, recording medium and device for performing the method

Publications (1)

Publication Number Publication Date
KR101679665B1 true KR101679665B1 (en) 2016-11-25

Family

ID=57682561

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150154013A KR101679665B1 (en) 2015-11-03 2015-11-03 Security method for electronic device using power line communication, recording medium and device for performing the method

Country Status (1)

Country Link
KR (1) KR101679665B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101873564B1 (en) * 2017-03-02 2018-08-02 (주)오투원스 Storage device capable of physical access control using wireless network

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100437225B1 (en) 2000-04-14 2004-06-23 주식회사 시큐브 Method and apparatus for protecting file system based on digital signature certificate

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100437225B1 (en) 2000-04-14 2004-06-23 주식회사 시큐브 Method and apparatus for protecting file system based on digital signature certificate

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101873564B1 (en) * 2017-03-02 2018-08-02 (주)오투원스 Storage device capable of physical access control using wireless network

Similar Documents

Publication Publication Date Title
CN109787988B (en) Identity strengthening authentication and authorization method and device
US10547604B2 (en) Information recording apparatus with shadow boot program for authentication with a server
JP5094365B2 (en) Hard disk drive
US20090158033A1 (en) Method and apparatus for performing secure communication using one time password
US20110035604A1 (en) Dual-Interface Key Management
US8695085B2 (en) Self-protecting storage
CN111868726A (en) Electronic device and digital key supply method for electronic device
TW201608408A (en) Wireless authentication system and method for USB storage device
WO2022227648A1 (en) Control method and apparatus for intelligent vending cabinet, electronic device, and storage medium
WO2018187960A1 (en) Method and system for managing and controlling root permission
JP5380063B2 (en) DRM system
US11838282B2 (en) Information recording apparatus with server-based user authentication for accessing a locked operating system storage
CN104753886B (en) It is a kind of to the locking method of remote user, unlocking method and device
JP2006236051A (en) Execution limiting device and use limiting device
CN112257074B (en) USB interface chip circuit, docking station and firmware authentication method and device
KR101679665B1 (en) Security method for electronic device using power line communication, recording medium and device for performing the method
WO2021142584A1 (en) Embedded device, legitimacy identification method, controller, and encryption chip
CN112347440A (en) User access authority separate-setting system of industrial control equipment and use method thereof
WO2010048350A1 (en) Card credential method and system
KR20110128371A (en) Mobile authentication system and central control system, and the method of operating them for mobile clients
CN109584421A (en) A kind of intelligent door lock authentication administrative system based on domestic safety chip
KR102055888B1 (en) Encryption and decryption method for protecting information
KR101349698B1 (en) System and method for certification using portable storage medium, and terminal and authentication server and portable storage medium thereof
WO2007099717A1 (en) Data processing system, and portable memory
CN104239810B (en) A kind of encrypting and decrypting method and device based on remote control

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20190930

Year of fee payment: 4