KR101795451B1 - Method and apparatus for controling security of target device using security tunnel - Google Patents
Method and apparatus for controling security of target device using security tunnel Download PDFInfo
- Publication number
- KR101795451B1 KR101795451B1 KR1020160155150A KR20160155150A KR101795451B1 KR 101795451 B1 KR101795451 B1 KR 101795451B1 KR 1020160155150 A KR1020160155150 A KR 1020160155150A KR 20160155150 A KR20160155150 A KR 20160155150A KR 101795451 B1 KR101795451 B1 KR 101795451B1
- Authority
- KR
- South Korea
- Prior art keywords
- target device
- user terminal
- security
- secure
- identifier
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Telephonic Communication Services (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
A method and apparatus for controlling security of a target device using a secure tunnel is disclosed. A method of operating a user terminal according to an exemplary embodiment includes receiving an identifier of the target device via local communication with a target device, establishing a secure tunnel between the target device and an authentication server, Receiving the first OTP information generated by the authentication server through the secure tunnel based on the identifier of the target device, transmitting the first OTP information to the authentication server through the secure tunnel, Wherein the security of the target device is released based on the first OTP information and the second OTP information generated based on the identifier of the target device in the target device, do.
Description
The following embodiments relate to a method and apparatus for controlling security of a target device using a secure tunnel.
Due to the development of online services, various authentication methods exist for authenticating users in Internet banking, card payment, and public service. Existing authentication methods are vulnerable to deception and forgery of authentication information and remote deception of authentication terminal. And a new authentication method is required to improve this. Data can be passed through circuit switching or packet switching. Circuit switching refers to a method of creating a network path between two devices and transferring data between the two devices only through that path. Packet switching refers to a method in which data is divided into packets and transmitted without a predetermined path. Circuit networks have low transmission efficiency but strong data security. Packet communication has high transmission efficiency, but data security is weak. When the circuit switching method is appropriately applied to the packet switching method, data security can be improved while maintaining a high transmission efficiency.
A related prior art is disclosed in Patent Publication No. 10-2013-0008504.
The embodiments described below are intended to provide a technique for securely controlling security of a target device using a user terminal.
According to one embodiment, a method of operating a user terminal includes receiving an identifier of the target device via close range communication with the target device; Establishing a secure tunnel with the authentication server; Transmitting an identifier of the target device to the authentication server through the secure tunnel; Receiving, via the secure tunnel, first OTP information generated by the authentication server based on an identifier of the target device; And transmitting the first OTP information to the target device via the short distance communication, wherein the security of the target device is determined based on the first OTP information and the
Each of the first OTP information and the second OTP information may be generated based on the identifier of the target device and the current time. The identifier of the target device may be transmitted by the target device if the user terminal is registered with the target device. The first OTP information may be transmitted by the authentication server if a user terminal is registered with the target device.
The first OTP information and the second OTP information are the same and can be released when the distance between the user terminal and the target apparatus is closer to a predetermined threshold value. The method of operation of the user terminal may further include receiving internal information of the target apparatus through the short distance communication as the security of the target apparatus is released. As the security of the target device is released, a user of the user terminal may be logged into the target device.
While the secure tunnel is present, traffic transmission through the remaining routes except for the short distance communication and the secure tunnel may be blocked. The secure tunnel may connect a user terminal, a first gateway connected to the user terminal, and a second gateway connected to the first gateway. The target device may be any one of a door lock, a vehicle, a measuring device, and a computer.
According to one embodiment, a method of operating a target device comprises: transmitting an identifier of the target device via short-range communication with the user terminal; Generating second OTP information based on the identifier of the target device; Receiving first OTP information generated by the authentication server based on an identifier of the target device from the user terminal via the short distance communication; And releasing the security of the target device based on the first OTP information and the second OTP information, wherein the identifier of the target device is transmitted to the user terminal through the secure tunnel between the user terminal and the authentication server, To the authentication server, and the first OTP information is transmitted from the authentication server to the user terminal through the secure tunnel.
Each of the first OTP information and the second OTP information may be generated based on the identifier of the target device and the current time. Wherein the transmitting the identifier of the target device comprises: determining whether the user terminal is registered with the target device; And transmitting an identifier of the target device to the user terminal when the target device is registered in the target device.
The step of releasing the security of the target device may include releasing the security of the target device if the first OTP information and the second OTP information are the same and the distance between the user terminal and the target device is less than a predetermined threshold. . The method of operation of the target device may further include transmitting the internal information of the target device to the user terminal via the local area communication as the security of the target device is released. As the security of the target device is released, a user of the user terminal may be logged into the target device.
According to one embodiment, a method of operating an authentication server includes establishing a secure tunnel with a user terminal; Receiving an identifier of the target device from the user terminal via the secure tunnel; Generating first OTP information based on the identifier of the target device; And transmitting the first OTP information to the user terminal via the secure tunnel, wherein the identifier of the target device is transmitted from the target device to the user terminal via short-range communication between the user terminal and the target device Wherein the first OTP information is transmitted from the user terminal to the target device via the short distance communication and security of the target device is generated based on the first OTP information and the identifier of the target device at the target device And is released based on the second OTP information.
According to the embodiments described below, the security of the target device can be securely controlled using the terminal.
1 illustrates a security system in accordance with one embodiment.
2 is a diagram for explaining a process of creating a secure tunnel according to an exemplary embodiment;
3 is a diagram illustrating a security process of a door lock according to an embodiment;
4 is a diagram illustrating a security process of a computer according to an embodiment;
5 is a diagram illustrating a security process of a measurement apparatus according to an embodiment;
6 is a diagram illustrating a traffic blocking operation according to an embodiment;
7 is an operational flow diagram illustrating a method of operating a user terminal according to an embodiment.
8 is an operational flow diagram illustrating a method of operating a target device in accordance with one embodiment.
9 is a flowchart illustrating an operation method of an authentication server according to an embodiment.
It is to be understood that the specific structural or functional descriptions of embodiments of the present invention disclosed herein are presented for the purpose of describing embodiments only in accordance with the concepts of the present invention, May be embodied in various forms and are not limited to the embodiments described herein.
Embodiments in accordance with the concepts of the present invention are capable of various modifications and may take various forms, so that the embodiments are illustrated in the drawings and described in detail herein. However, it is not intended to limit the embodiments according to the concepts of the present invention to the specific disclosure forms, but includes changes, equivalents, or alternatives falling within the spirit and scope of the present invention.
The terms first, second, or the like may be used to describe various elements, but the elements should not be limited by the terms. The terms may be named for the purpose of distinguishing one element from another, for example without departing from the scope of the right according to the concept of the present invention, the first element being referred to as the second element, Similarly, the second component may also be referred to as the first component.
It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between. Expressions that describe the relationship between components, for example, "between" and "immediately" or "directly adjacent to" should be interpreted as well.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, the terms " comprises ", or " having ", and the like, are used to specify one or more of the features, numbers, steps, operations, elements, But do not preclude the presence or addition of steps, operations, elements, parts, or combinations thereof.
Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the meaning of the context in the relevant art and, unless explicitly defined herein, are to be interpreted as ideal or overly formal Do not.
Hereinafter, embodiments will be described in detail with reference to the accompanying drawings. However, the scope of the patent application is not limited or limited by these embodiments. Like reference symbols in the drawings denote like elements.
1 illustrates a security system in accordance with one embodiment. Referring to FIG. 1, a security system includes a
The user may use the
The
According to the embodiment, the user can be released from memorizing the password for unlocking the
The
An
The
For example, the
If the
The
When the
The
The
The user may provide information about the
The
The security level can be improved by using the OTP information while being blocked from the outside through the
The
The
The
In the case where the establishment of the
FIG. 2 is a diagram for explaining a process of creating a secure tunnel according to an embodiment. Referring to FIG. 2, the
The
The
The
The
If the type of the received packet is not the tunnel type but the
The
The
The
3 is a view for explaining a security process of a door lock according to an embodiment. Referring to FIG. 3, the
The
The second OTP information may be transmitted to the
4 is a diagram illustrating a security process of a computer according to an embodiment. Referring to FIG. 4, the
The
5 is a view for explaining a security process of a measuring apparatus according to an embodiment. Referring to FIG. 5, the
The security of the measuring
The
The
The second OTP information may be transmitted to the
When the
According to the embodiment, the user can easily obtain the measurement information from the
6 is a view for explaining a traffic blocking operation according to an embodiment. 6, a
Output packets transmitted from the
The
7 is a flowchart illustrating an operation method of a user terminal according to an exemplary embodiment of the present invention. Referring to FIG. 7, in
8 is a flowchart illustrating an operation method of a target apparatus according to an embodiment. Referring to FIG. 8, in step 810, the target device transmits an identifier of the target device through short-distance communication with the terminal. In step 820, the target device generates second OTP information based on the identifier of the target device. In step 830, the target device receives the first OTP information generated by the authentication server based on the identifier of the target device from the terminal via close range communication. At
9 is a flowchart illustrating an operation method of an authentication server according to an exemplary embodiment of the present invention. Referring to FIG. 9, in
The apparatus described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components. For example, the apparatus and components described in the embodiments may be implemented as a computer-readable recording medium, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable gate array (FPGA) , A programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to execution of the software. For ease of understanding, the processing apparatus may be described as being used singly, but those skilled in the art will recognize that the processing apparatus may have a plurality of processing elements and / As shown in FIG. For example, the processing unit may comprise a plurality of processors or one processor and one controller. Other processing configurations are also possible, such as a parallel processor.
The software may include a computer program, code, instructions, or a combination of one or more of the foregoing, and may be configured to configure the processing device to operate as desired or to process it collectively or collectively Device can be commanded. The software and / or data may be in the form of any type of machine, component, physical device, virtual equipment, computer storage media, or device , Or may be permanently or temporarily embodied in a transmitted signal wave. The software may be distributed over a networked computer system and stored or executed in a distributed manner. The software and data may be stored on one or more computer readable recording media.
The method according to an embodiment may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions to be recorded on the medium may be those specially designed and configured for the embodiments or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. For example, it is to be understood that the techniques described may be performed in a different order than the described methods, and / or that components of the described systems, structures, devices, circuits, Lt; / RTI > or equivalents, even if it is replaced or replaced.
Therefore, other implementations, other embodiments, and equivalents to the claims are also within the scope of the following claims.
Claims (18)
Receiving an identifier of the target device through short-range communication with the target device;
Establishing a secure tunnel with the authentication server;
Receiving information about the secure tunnel from the authentication server;
Transmitting an identifier of the target device to the authentication server through the secure tunnel;
Receiving, via the secure tunnel, first OTP information generated by the authentication server based on an identifier of the target device; And
Transmitting the first OTP information to the target device via the short distance communication
Lt; / RTI >
Wherein the secure tunnel comprises:
Generating a control path between a first control point provided by a first gateway connected to the user terminal and a second control point provided by a second gateway connected to an authentication device generating the first OTP information;
Selecting any one of a plurality of first security points provided by the first gateway and a plurality of second security points provided by the second gateway;
Forming a secure path between the selected first secure point and the second secure point; And
Establishing the secure tunnel to include the secure path
Lt; / RTI >
The step of receiving information about the secure tunnel
And receiving information about the selected first security point from the authentication server via the control path,
Wherein the packet transmitted to the authentication server is transmitted by the authentication server
Confirming that the type of the packet received by the first gateway is a tunnel type;
Dropping the received packet if the type of the received packet is not a tunnel type; And
And forwarding the received packet to the authentication device via the secure path if the type of the received packet is a tunnel type
Lt; / RTI >
Wherein the identifier of the target device is transmitted by the target device when the user terminal is registered with the target device,
Wherein the security of the target device is released based on the first OTP information and the second OTP information generated based on the identifier of the target device in the target device.
Wherein each of the first OTP information and the second OTP information is generated based on an identifier of the target device and a current time.
Wherein the first OTP information is transmitted by the authentication server when the user terminal is registered with the target device.
The security of the target device
Wherein the first OTP information and the second OTP information are released when the distance between the user terminal and the target device is less than a predetermined threshold.
Further comprising receiving internal information of the target device over the short-range communication as the security of the target device is released.
The user of the user terminal is logged into the target device as the security of the target device is released.
Wherein during the existence of the secure tunnel, traffic transmission over the remaining routes except for the short-range communication and the secure tunnel is blocked.
Wherein the target device is one of a door lock, a vehicle, a metering device, and a computer.
Generating second OTP information based on the identifier of the target device;
Receiving first OTP information generated by an authentication server based on an identifier of the target device from the user terminal via the short distance communication; And
Releasing the security of the target device based on the first OTP information and the second OTP information
Lt; / RTI >
Wherein the identifier of the target device is transmitted from the user terminal to the authentication server via a secure tunnel,
Wherein the secure tunnel comprises:
Generating a control path between a first control point provided by a first gateway connected to the user terminal and a second control point provided by a second gateway connected to an authentication device generating the first OTP information;
Selecting any one of a plurality of first security points provided by the first gateway and a plurality of second security points provided by the second gateway;
Forming a secure path between the selected first secure point and the second secure point; And
Establishing the secure tunnel to include the secure path
Lt; / RTI >
Wherein the user terminal receives information about the selected first security point from the authentication server via the control path and accesses the secure tunnel,
Wherein the packet transmitted to the authentication server is transmitted by the authentication server
Confirming that the type of the packet received by the first gateway is a tunnel type;
Dropping the received packet if the type of the received packet is not a tunnel type; And
And forwarding the received packet to the authentication device via the secure path if the type of the received packet is a tunnel type
Lt; / RTI >
Wherein the identifier of the target device is transmitted to the user terminal when the user terminal is registered with the target device,
Wherein the identifier of the target device is transmitted from the user terminal to the authentication server through a secure tunnel between the user terminal and the authentication server,
Wherein the first OTP information is transmitted from the authentication server to the user terminal via the secure tunnel.
Wherein each of the first OTP information and the second OTP information is generated based on an identifier of the target device and a current time.
The step of unlocking the target device
And releasing security of the target device if the first OTP information and the second OTP information are the same and the distance between the user terminal and the target device is less than a predetermined threshold. Way.
Further comprising transmitting the internal information of the target device to the user terminal via the near field communication as the security of the target device is released.
The user of the user terminal is logged into the target device as the security of the target device is released.
Transmitting information about the secure tunnel to the user terminal so that the user terminal can access the secure tunnel;
Receiving an identifier of the target device from the user terminal via the secure tunnel;
Generating first OTP information based on the identifier of the target device; And
Transmitting the first OTP information to the user terminal through the secure tunnel
Lt; / RTI >
The step of establishing the secure tunnel
Generating a control path between a first control point provided by a first gateway connected to the user terminal and a second control point provided by a second gateway connected to an authentication device generating the first OTP information;
Selecting any one of a plurality of first security points provided by the first gateway and a plurality of second security points provided by the second gateway;
Forming a secure path between the selected first secure point and the second secure point; And
Establishing the secure tunnel to include the secure path
Lt; / RTI >
Wherein the step of transmitting information regarding the secure tunnel comprises:
And transmitting information on the selected first security point to the user terminal via the control path,
The step of receiving an identifier of the target device
Confirming that the type of the packet received by the first gateway is a tunnel type;
Dropping the received packet if the type of the received packet is not a tunnel type; And
And forwarding the received packet to the authentication device via the secure path if the type of the received packet is a tunnel type
Lt; / RTI >
Wherein the identifier of the target device is transmitted from the target device to the user terminal through short-range communication between the user terminal and the target device when the user terminal is registered with the target device,
Wherein the first OTP information is transmitted from the user terminal to the target device via the short-
Wherein the security of the target device is released based on the first OTP information and the second OTP information generated based on the identifier of the target device in the target device.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150163551 | 2015-11-20 | ||
KR20150163551 | 2015-11-20 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020170143917A Division KR101969752B1 (en) | 2015-11-20 | 2017-10-31 | Method and apparatus for controling security of target device using security tunnel |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170059426A KR20170059426A (en) | 2017-05-30 |
KR101795451B1 true KR101795451B1 (en) | 2017-11-09 |
Family
ID=58717537
Family Applications (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160022042A KR101795450B1 (en) | 2015-11-20 | 2016-02-24 | Verification mehod and appratus based on security tunnel |
KR1020160155150A KR101795451B1 (en) | 2015-11-20 | 2016-11-21 | Method and apparatus for controling security of target device using security tunnel |
KR1020170143662A KR102011763B1 (en) | 2015-11-20 | 2017-10-31 | Verification mehod and appratus based on security tunnel |
KR1020170143917A KR101969752B1 (en) | 2015-11-20 | 2017-10-31 | Method and apparatus for controling security of target device using security tunnel |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160022042A KR101795450B1 (en) | 2015-11-20 | 2016-02-24 | Verification mehod and appratus based on security tunnel |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020170143662A KR102011763B1 (en) | 2015-11-20 | 2017-10-31 | Verification mehod and appratus based on security tunnel |
KR1020170143917A KR101969752B1 (en) | 2015-11-20 | 2017-10-31 | Method and apparatus for controling security of target device using security tunnel |
Country Status (2)
Country | Link |
---|---|
KR (4) | KR101795450B1 (en) |
WO (1) | WO2017086757A1 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101976168B1 (en) * | 2017-06-19 | 2019-05-10 | (주)엔에스비욘드 | Method for performing login or service use based on two channel and apparatus for performing the same |
KR102027326B1 (en) * | 2018-11-13 | 2019-11-14 | 주식회사 한줌 | Security system and method for smart terminal device |
KR102150484B1 (en) | 2019-11-28 | 2020-09-01 | 주식회사 넷앤드 | An access authentication system using onetime password for enhancing security |
JPWO2021240755A1 (en) * | 2020-05-28 | 2021-12-02 | ||
KR102236656B1 (en) * | 2020-06-23 | 2021-04-07 | 주식회사 이노스코리아 | Secured communication device providing secured connection having multiple functions and method for operating thereof |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20090013618A (en) * | 2007-08-02 | 2009-02-05 | 주식회사 제이디씨텍 | Door lock opening and shutting system using one time password |
KR20110038563A (en) * | 2009-10-08 | 2011-04-14 | 최운호 | Method, vehicle terminal, biometrics card and system for controlling vehicle through authenticating driver, and method for providing passenger protecting/tracking function using biometrics card and terminal |
KR101926020B1 (en) * | 2011-07-11 | 2018-12-06 | 주식회사 비즈모델라인 | System for Operating a Payment by using Dynamic Determined Authentication Number |
KR101211477B1 (en) * | 2011-08-31 | 2012-12-12 | 주식회사 아이레보 | Method for mobile-key service |
KR101259546B1 (en) * | 2011-11-04 | 2013-04-30 | 주식회사 아이레보 | Method for smart-key service |
WO2014157770A1 (en) * | 2013-03-26 | 2014-10-02 | 주식회사 은광시스템 | Method for authenticating entrance and exit by using digital door lock and wireless communication terminal, and apparatus therefor |
KR20150034147A (en) * | 2015-02-16 | 2015-04-02 | (주)엔텔스 | NETWORK SYSTEM FOR PROVIDING SERVICE INFORMATION USING IPSec PROTOCOL AND TRANSMITTING METHOD OF SERVICE INFORMATION USING IPSec PROTOCOL |
-
2016
- 2016-02-24 KR KR1020160022042A patent/KR101795450B1/en active IP Right Grant
- 2016-11-21 WO PCT/KR2016/013406 patent/WO2017086757A1/en active Application Filing
- 2016-11-21 KR KR1020160155150A patent/KR101795451B1/en active IP Right Grant
-
2017
- 2017-10-31 KR KR1020170143662A patent/KR102011763B1/en active IP Right Grant
- 2017-10-31 KR KR1020170143917A patent/KR101969752B1/en active IP Right Grant
Also Published As
Publication number | Publication date |
---|---|
KR20170124510A (en) | 2017-11-10 |
KR20170059359A (en) | 2017-05-30 |
KR101795450B1 (en) | 2017-11-09 |
KR20170124511A (en) | 2017-11-10 |
KR20170059426A (en) | 2017-05-30 |
WO2017086757A1 (en) | 2017-05-26 |
KR101969752B1 (en) | 2019-04-17 |
KR102011763B1 (en) | 2019-08-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101969752B1 (en) | Method and apparatus for controling security of target device using security tunnel | |
US11637746B2 (en) | Object identification for groups of IoT devices | |
US11386420B2 (en) | Contextual authentication of an electronic wallet | |
EP3332532B1 (en) | Access control for internet of things devices | |
JP6821609B2 (en) | Resource-driven dynamic approval framework | |
CN111049660B (en) | Certificate distribution method, system, device and equipment, and storage medium | |
TWI607334B (en) | Secure wireless charging | |
US11991527B2 (en) | Communication method and communication device | |
US11050763B1 (en) | Distributed ledger for network security management | |
US20200120469A1 (en) | Systems and methods for updating a mobile device | |
US10530586B2 (en) | Method, hardware and digital certificate for authentication of connected devices | |
CN107438230A (en) | Safe wireless ranging | |
WO2014074721A1 (en) | Policy-based resource access via nfc | |
US9549322B2 (en) | Methods and systems for authentication of a communication device | |
CN105471815A (en) | Internet-of-things data security method and Internet-of-things data security device based on security authentication | |
CN109995719A (en) | A kind of unmanned plane authentication method, system, unmanned plane supervising platform and the first equipment | |
CN104468825B (en) | Remote-authorization method and system | |
KR20200088901A (en) | Self-authentication of devices for secure transactions | |
JP2018010449A (en) | Smart lock authentication system and method in smart lock | |
WO2019173620A1 (en) | Method and apparatus for facilitating frictionless two-factor authentication | |
KR102377045B1 (en) | SYSTEMS AND METHODS FOR AUTHENTICATING IoT DEVICE THROUGH CLOUD USING HARDWARE SECURITY MODULE | |
Bolhuis | Using an NFC-equipped mobile phone as a token in physical access control | |
US10536453B2 (en) | Method and arrangement for authorizing an action on a self-service system | |
KR101757692B1 (en) | Remote control system of home network device using token server authentication and method thereof | |
RU2709281C1 (en) | Digital key carrier authorization method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
A302 | Request for accelerated examination | ||
E902 | Notification of reason for refusal | ||
AMND | Amendment | ||
N231 | Notification of change of applicant | ||
E601 | Decision to refuse application | ||
AMND | Amendment | ||
X701 | Decision to grant (after re-examination) | ||
GRNT | Written decision to grant |