KR101780406B1 - Apparatus and method for generating social network feature-based authentication key - Google Patents
Apparatus and method for generating social network feature-based authentication key Download PDFInfo
- Publication number
- KR101780406B1 KR101780406B1 KR1020160028829A KR20160028829A KR101780406B1 KR 101780406 B1 KR101780406 B1 KR 101780406B1 KR 1020160028829 A KR1020160028829 A KR 1020160028829A KR 20160028829 A KR20160028829 A KR 20160028829A KR 101780406 B1 KR101780406 B1 KR 101780406B1
- Authority
- KR
- South Korea
- Prior art keywords
- social network
- authentication key
- user
- authentication
- characteristic information
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/01—Social networking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Abstract
The present invention relates to an authentication key using a social network characteristic, and utilizes that social network information of a social network member is unique. As time passes, social relations information becomes dynamic and natural, and accumulates continuously in the system. By using the characteristics of the social relation information, it is possible to generate a secure and personalized authentication key that does not depend on the user's memory but continuously changes.
Description
The present invention relates to an authentication key for extracting and using a social network characteristic from members in a social network and graph data constituting the social network characteristic. And more particularly, to a technology for configuring and using a social network characteristic authentication key.
The authentication key, which is mainly used in the existing authentication system, is a user password. Passwords are very easy to use if you remember them, and most systems now use password authentication keys as the primary authentication method. However, recently, a large amount of user's password information leaked due to hacking of a large portal site and a bank system. Therefore, a password is an authentication method that is very vulnerable to security unless the user specifies a different password for each system or periodically changes it for security. Also, if you specify a complex password for security reasons, this will give you the burden of having to remember the password at all times. As a result of the security breach and the information distortion problem of the password authentication method, there has been a need for an authentication method that substitutes the socially.
As an authentication method replacing a password, a biometric system using iris, voice, fingerprint, or the like as an authentication key has recently attracted attention. A biometric system is a biometric technology that identifies an individual by fingerprint, face, voice, or iris of the eye. It is a system that starts from recognition to substitute the password of the person who has reached the limit by drawing attention to the characteristics of each individual according to the gene, and has attracted attention as a system to be used where high security is required due to high risk of loss and high accuracy. However, since the authentication key is unique and unchanged like the password, the biometric information is hacked and it is not free from the security breach problem forever.
Social authentication methods have recently emerged as the number of people using social network services such as Twitter and Facebook skyrocket. Since most e-commerce systems also provide social media, there is a tremendous amount of online social information in addition to existing social network services. For example, an online community on a portal site, a review site like Yelp, and a question and answer format like Stack Overflow can all be treated as social network services. Information from such explosively grown social network services can be used for social authentication methods. Existing social authentication methods are largely divided into Trustee-based authentication methods and knowledge-based authentication methods.
First, the Trustee-based authentication method is a method by which users of social network services request authentication codes to trusted trustees who have relationships within the system. Typically, Facebook and Microsoft Live ID adopt the Trustee-based authentication method as one of the secondary authentication methods. However, the process is not efficient because it is easy for users to forget who they have assigned to the Trustee, and to get the authentication code directly from the Trustees. Decisively, the trustee is information that can be easily exposed to an external attacker, so spoofing attacks using it are actually taking place. The success rate of spoofing attacks is as high as 5% according to Microsoft statistics.
Second, the knowledge-based authentication method is a method of creating and authenticating a question that only the individual can know from the pool where the user's social network activity information is collected. Facebook has adopted the second authentication method to authenticate users when they display photos from their neighbors and enter their names correctly. However, this method can not be equally applied to everyone in a way that depends on the user's memory. Also, since it is known that the person who is close to the user is more likely to answer the question correctly, this authentication method also shows weakness.
It is an object of the present invention to provide a method for automatically generating an authentication key using a user's social network characteristic and an authentication method using the authentication key, Authentication system.
According to an aspect of the present invention, there is provided an apparatus for generating a social network characteristic-based authentication key, the apparatus comprising: means for collecting a social network graph of a user and extracting social network characteristic information based on the collected social network graph; An authentication key generation unit for generating an authentication key for the user using the social network characteristic information, and an authentication key transfer unit for transferring the generated authentication key to an authentication system that performs authentication of the user 130).
The social network characteristic information includes at least one of whether or not the user is connected to a neighbor, intimacy, connection frequency, bi-directionality, and community affiliation of the user.
The social network characteristic information includes a cluster coefficient, which is a measure indicating the connectivity of the neighbor expressed by the user and a node represented by an arbitrary node, or a cluster node, And Betweenness, which is a scale that indicates the scale of the user.
The social network characteristic extraction unit determines whether or not it is possible to classify the members constituting the social network with the extracted social network characteristic information, and extracts new social network characteristic information from the social network graph if the division of the members is impossible do.
The authentication key generating unit generates an authentication key using the social network characteristic information when it is determined that the social network characteristic information extracted by the social network characteristic extracting unit plays a role as a scale for distinguishing members.
The authentication key generation unit generates an authentication key including at least one of connection information between the node of the user and other nodes, and familiarity information between the user's node and the other nodes.
The authentication
The authentication
According to another aspect of the present invention, there is provided a method for generating an authentication key based on a social network, comprising: collecting a user's social network graph and extracting social network characteristic information based on the collected social network graph; Generating an authentication key for the user using the social network characteristic information, and transmitting the generated authentication key to an authentication system that performs authentication of the user.
The social network characteristic information includes at least one of whether or not the user is connected to a neighbor, intimacy, connection frequency, bi-directionality, and community affiliation of the user.
The social network characteristic information includes a cluster coefficient, which is a measure indicating the connectivity of the neighbor expressed by the user and a node represented by an arbitrary node, or a cluster node, And Betweenness, which is a scale that indicates the scale of the user.
The extracting step may determine whether or not the members constituting the social network can be classified based on the extracted social network characteristic information, and extract the new social network characteristic information from the social network graph if the division of the members is impossible .
The generating step generates the authentication key using the social network characteristic information when it is determined that the extracted social network characteristic information serves as a scale for distinguishing the members.
The generating step generates an authentication key including at least one of connection information between the user's node and other nodes, and familiarity information between the user's node and the other nodes.
The delivering step transmits the authentication key to the authentication system of the site to which the user intends to log in.
The transmitting step transmits only a predetermined part of the authentication keys to the authentication system.
Advantages of the present invention are as follows. First, since the social network information of social network members is unique, the authentication key using this is a completely personalized security measure. Second, social network features are more secure than traditional password schemes because they can be represented by billions of bits long authentication keys. Third, a plurality of authentication keys can be generated according to how the social network characteristic information is expressed. Finally, since the authentication key is automatically generated if there is a social network graph, the user need not know the authentication key.
BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a diagram illustrating an authentication key generation method based on a social network characteristic according to an embodiment of the present invention; FIG.
2 is a diagram illustrating a process of generating a social network-based authentication key according to an embodiment of the present invention and transmitting the same to an authentication system.
3 is a flowchart illustrating a method for generating a social network characteristic based authentication key according to an embodiment of the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS The advantages and features of the present invention and the manner of achieving them will become apparent with reference to the embodiments described in detail below with reference to the accompanying drawings. The present invention may, however, be embodied in many different forms and should not be construed as being limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. And is provided to fully convey the scope of the invention to those skilled in the art, and the present invention is defined by the claims. It is to be understood that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. In the present specification, the singular form includes plural forms unless otherwise specified in the specification. It is noted that " comprises, " or "comprising," as used herein, means the presence or absence of one or more other components, steps, operations, and / Do not exclude the addition.
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the drawings, the same reference numerals are given to the same or similar components, and in the following description of the present invention, Detailed explanations of the detailed description will be omitted when the gist of the present invention can be obscured.
1 is a block diagram of a social network property based authentication key generation device according to an embodiment of the present invention.
A main object of the present invention is to enable the user to create a user-specific authentication key using the characteristics of the user's social network. 2, the social network characteristic authentication
The social network
Specifically, the social network
Then, the social network
For example, the social network characteristic information can be expressed by a clustering coefficient in a social network graph, and the social network characteristic information can be expressed by a Betweenness. Here, the cluster coefficient is a measure indicating how much the neighbor represented by the node and the neighbor represented by the node are connected, and the mediation factor is a measure indicating how much the particular node secures the connection of the other nodes.
The average user has a high cluster coefficient and the spammers have a low cluster coefficient. If the authentication system aims to distinguish whether the SMS sender is an ordinary user or a spammer, it is effective to actively use the membership coefficient of the member as the social network characteristic information.
The social network
If it is determined that the extracted social network characteristic information serves as a measure for distinguishing the members, the authentication
FIG. 2 shows two examples of generating a social network characteristic authentication key. Here, it is assumed that a user A's authentication key is created. Here, all sorts of social networks can be expressed in a graph form using an edge representing a relationship between nodes and members, which means each member. In this example, the authentication key is represented as an array.
First, it is a case of generating an authentication key composed of connection information between the user node A and other nodes. In the social network graph, the nodes connected with A are connected by a directional edge. At this time, the component corresponding to each index of the array is expressed as 1 when there is a connection between node A and a node denoted by index, and 0 when there is no connection. In FIG. 2, since the node A is connected to
Second, it is a case of generating an authentication key composed of affinity information between the user node A and other nodes. At this time, the component corresponding to each index of the array is represented by a number indicating the intimacy between the node A and the node indicated by the index. In this case, the edge represented by the bold line on the social network graph means a higher intimacy, and it is assumed that the edge has a high weight. In FIG. 2, it can be expressed that the node A is 1, the node N is 1, the
In the present invention, a plurality of authentication keys based on the user's social network characteristic can be used.
If you apply the above examples to a mobile messenger called 'Kakao Talk': Users who are friends with user A in KakaoTalk are represented by individual nodes with index in the above social network. In the case of a node that has spoken with user A even once, an edge exists between them. And the higher the frequency of conversation, the greater is represented by a thick edge, which is represented by a high weight edge on the graph.
Therefore, if the authentication key based on the social network characteristic of the user A uses the property of relationship and the relation frequency, two authentication keys as shown in FIG. 2 can be obtained. However, this does not mean the number of characteristics used by the number of authentication keys generated by the present invention. The number and length of authentication keys may vary depending on how the social network characteristic information is interpreted and expressed.
The present invention encompasses not only the above two examples of characteristics but also the characteristics of the social network to be used and how to express it as an authentication key. In addition, the social network of the present invention includes not only on-line but also social relationships occurring in off-line.
The authentication
As described above, the social network characteristic information used by the authentication key based on the social network characteristic of the present invention means all activities related to the social network members on-line and off-line. Therefore, it can be applied to the characteristics of social network members, such as whether there is a relation among social network members or frequency of occurrence, graph characteristics of members, members' reputation or status (contribution to system) The subject is vast.
Hereinafter, an example of how the authentication key based on the social network characteristic is used in the 'SMS spam filtering' in the
There is a big difference in social network characteristics between general users who send SMS and SMS spammers. For example, in the case of general users, there is a high probability that there is a relationship between the recipients of SMS according to actual social network characteristic information. On the other hand, in the case of spammers, since the recipients are randomly selected, there is a low probability that there is a relationship among the recipients.
This characteristic can be expressed by the clustering coefficient in the social network graph, the higher the population coefficient is for the general user, and the lower the population coefficient is for the spammers. If the authentication system aims to distinguish whether the SMS sender is an ordinary user or a spammer, it is effective to actively use the 'community factor' as a social network characteristic information.
For example, the social network property authentication
All or a part of the generated authentication key is transmitted to the
In the above example, the social network-based authentication key was used as a means of detecting whether the SMS sender was a regular user or a spammer. If we have to distinguish each social network member, the characteristics needed to distinguish them can be used more. For example, when generating an authentication key, the social network property-based authentication
3 is a flowchart illustrating a method for generating a social network characteristic based authentication key according to an embodiment of the present invention.
Referring to FIG. 3, the
Here, the social network graph of the user includes social network characteristic information such as whether or not the users are connected, affinity, connection frequency, interactivity, and community affiliation. This social network characteristic information means all activity information generated in the system to which the user belongs.
Next, the social network characteristic authentication
For example, the social network characteristic information can be expressed by a clustering coefficient in a social network graph, and the social network characteristic information can be expressed by a Betweenness.
Clustering Coefficient is a measure of the connectivity of a user represented by a node and neighbors represented by other nodes. Betweenness is a measure of how much a particular node secures the connection of other nodes.
The average user has a high cluster coefficient and the spammers have a low cluster coefficient. If the system aims to distinguish whether the SMS sender is an ordinary user or a spammer, it is effective to actively use the membership coefficient of the member as the social network characteristic information.
Meanwhile, the social network property-based authentication
If it is determined that the extracted social network characteristic information serves as a scale for distinguishing the members, the authentication key is generated using the extracted social network characteristic information (S304).
The embodiment in which the social network property-based authentication key generating apparatus generates the authentication key using the extracted social network characteristic information is as described above with reference to FIG. 1 and FIG. 2, and a detailed description thereof will be omitted.
Then, the social network property-based authentication key generation device delivers the generated authentication key to the target security system (e.g., the portal site to log in) (S305).
As described above, since the social network information of the social network member is unique, the authentication key using the authentication key can completely realize personalized security means, and the social network features can be expressed by the authentication key of several billion bits length Therefore, it is possible to generate a plurality of authentication keys according to how the social network characteristic information is expressed, and the authentication key is automatically generated if there is a social network graph. Therefore, the user needs to know the authentication key There is no.
While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, It is to be understood that the invention may be embodied in other specific forms. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. The scope of the present invention is defined by the appended claims rather than the detailed description, and all changes or modifications derived from the scope of the claims and their equivalents should be construed as being included within the scope of the present invention.
100: Authentication key generating device
110: Social network characteristic extracting unit 120: Authentication key generating unit
130: Authentication key transfer unit
200: Authentication system
Claims (16)
An authentication key generation unit for generating an authentication key for the user using the social network characteristic information; And
And an authentication key delivery unit for delivering the generated authentication key to an authentication system that performs authentication of the user,
Wherein the social network characteristic information comprises:
Wherein the network is a cluster coefficient that is a measure of connectivity of a neighbor represented by an arbitrary node and a neighbor represented by another node.
And information on at least one of whether or not the user is connected to the neighbor, the intimacy, the frequency of connection, the bi-directionality, and the community belonging to the user
Based authentication key generation device.
Extracting the social network characteristic information from the social network graph if it is impossible to distinguish the members constituting the social network from the extracted social network characteristic information;
Based authentication key generation device.
And generating the authentication key using the social network characteristic information when the social network characteristic information extracted by the social network characteristic extracting unit is judged to serve as a scale for distinguishing the members
Based authentication key generation device.
Generating an authentication key including at least one of connection information between the node of the user and other nodes, and affinity information between the node of the user and the other nodes;
Based authentication key generation device.
And transmitting the authentication key to the authentication system of the site to which the user intends to log in
Based authentication key generation device.
Transmitting only a predetermined part of the authentication keys to the authentication system
Based authentication key generation device.
Generating an authentication key for the user using the social network characteristic information; And
And transmitting the generated authentication key to an authentication system that performs authentication of the user,
Wherein the social network characteristic information is a cluster coefficient, which is a measure representing a connectivity of a neighbor expressed by an arbitrary node and a neighbor represented by another node.
And information on at least one of whether or not the user is connected to the neighbor, the intimacy, the frequency of connection, the bi-directionality, and the community belonging to the user
A method for generating an authentication key based on a social network.
Extracting the social network characteristic information from the social network graph if it is impossible to distinguish the members constituting the social network from the extracted social network characteristic information;
A method for generating an authentication key based on a social network.
And generating the authentication key using the social network characteristic information when it is determined that the extracted social network characteristic information serves as a scale for distinguishing the members
A method for generating an authentication key based on a social network.
Generating an authentication key including at least one of connection information between the node of the user and other nodes, and affinity information between the node of the user and the other nodes;
A method for generating an authentication key based on a social network.
And transmitting the authentication key to the authentication system of the site to which the user intends to log in
A method for generating an authentication key based on a social network.
Transmitting only a predetermined part of the authentication keys to the authentication system
A method for generating an authentication key based on a social network.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20150067429 | 2015-05-14 | ||
KR1020150067429 | 2015-05-14 |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20160135093A KR20160135093A (en) | 2016-11-24 |
KR101780406B1 true KR101780406B1 (en) | 2017-09-21 |
Family
ID=57705633
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160028829A KR101780406B1 (en) | 2015-05-14 | 2016-03-10 | Apparatus and method for generating social network feature-based authentication key |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101780406B1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101975603B1 (en) | 2018-09-14 | 2019-08-28 | 이영문 | Sea power generator |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014085335A1 (en) * | 2012-11-30 | 2014-06-05 | Facebook, Inc. | Social authentication |
-
2016
- 2016-03-10 KR KR1020160028829A patent/KR101780406B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014085335A1 (en) * | 2012-11-30 | 2014-06-05 | Facebook, Inc. | Social authentication |
Also Published As
Publication number | Publication date |
---|---|
KR20160135093A (en) | 2016-11-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2708508C1 (en) | Method and a computing device for detecting suspicious users in messaging systems | |
US8707407B2 (en) | Account hijacking counter-measures | |
CN106797371B (en) | Method and system for user authentication | |
JP4430666B2 (en) | Extensive user-centric network security realized by dynamic datagram switch over mobile intelligent data carrier and on-demand authentication and encryption scheme | |
US20050262343A1 (en) | Pervasive, user-centric network security enabled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers | |
WO2015165423A1 (en) | Account login method, apparatus, and system | |
Albrecht et al. | Collective Information Security in {Large-Scale} Urban Protests: the Case of Hong Kong | |
KR20110020921A (en) | Improved biometric authentication and identification | |
WO2010046985A1 (en) | Authentication system, authentication program, authentication server, and sub authentication server | |
CN105681154A (en) | Method and device for sending message in instant messaging software | |
KR101762615B1 (en) | Identification system and user terminal using usage pattern analysis | |
CN104899499A (en) | Internet image search based Web verification code generation method | |
US10855679B2 (en) | Automated scalable identity-proofing and authentication process | |
CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
CN106506443A (en) | A kind of information inspection method and device | |
KR101780406B1 (en) | Apparatus and method for generating social network feature-based authentication key | |
CN106559317A (en) | A kind of method and apparatus that account information is sent based on instant messaging | |
CN106254226A (en) | A kind of information synchronization method and device | |
CN100477581C (en) | Method and server for providing remote help | |
Zhan et al. | Authentication using multi-level social networks | |
EP4030687A1 (en) | Authenticating anonymous information | |
Zhu et al. | A Novel Biometrics-based One-Time Commitment Authenticated Key Agreement Scheme with Privacy Protection for Mobile Network. | |
CN106603547B (en) | Unified login method | |
WO2017016027A1 (en) | Method for establishing connection, apparatus for establishing connection, and communication system | |
CN105915696B (en) | A kind of communication connection method for building up and terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right |