KR102027259B1 - A relay system for certification data of objects using the verification URL - Google Patents

Abstract

Verification that the authentication information about the authentication object authenticated by the issuer is relayed to the verification URL and verified, but the authentication information key is generated and registered with the issuer, and the issuer checks the authentication information only by the authentication information key. An authentication object relay system for a URL-based authentication object, the authentication object registering unit receiving an authentication object of a target from the issuing server and registering a verification address together; An authentication information key generator for generating and issuing an authentication information key for the authentication object according to a request of the target terminal; An authentication information registration unit connected to the verification address, verified using the authentication information key, and receiving and managing authentication information of the authentication object; And a title management unit for transmitting the authentication information title capable of displaying the authentication information on the online page to the target terminal.
According to the authentication information relay system of the verification URL-based authentication object as described above, a simple key is not provided without providing internal data from an issuer having a large amount of authentication information, various authentication objects, and a large number of authentication information managers. Based on this, authentication information can be easily distributed on the outside online.

Description

A relay system for certification data of objects using the verification URL}

In the present invention, the authentication information for the authentication object authenticated by the issuing authority is relayed to the verification URL and confirmed, but the authentication information key is generated and registered with the issuing authority, and the issuing authority checks the authentication information only by the authentication information key. The authentication information relay system of the verification URL-based authentication object.

Generally, a company, agency, government, or specific organization (hereinafter referred to as an issuing organization) registers as a member, recommends or ranks an individual or a group as a member, recommends, ranks, and at the same time proves membership, letter of recommendation, award. To issue. At this time, certificates such as membership, recommendation letter and certificate of recommendation are usually issued in writing. Therefore, when an individual or a group notifies a third party of the status of membership registration, the fact that a referral has been made, and the ranking given, it is proved by a certificate issued in writing.

Individuals or organizations use their certificates from the issuer to prove their history or experience. However, as all the information is posted online, such as homepage, blog, and SNS, the certificate contents issued by the issuer are also posted online. For example, a user posts online that a user has received a good citizenship award from a public agency. And in order to prove this, the citizen's award is taken and photographed. However, because there is personal information such as social security number in the civic award listing, it is impossible to cover them and confirm whether the civic award is real.

As described above, the technology for presenting the contents given by the issuer online has not been presented. In a similar fashion, a technology for proving a certification mark online has been proposed. For example, an electronic certification mark technology for attaching an electronic tag to an authentication mark has been proposed on off line [Patent Document 1]. In addition, since the certification mark can be imitated, a technique for protecting the certification mark distributed for this with a protective medium has also been proposed [Patent Document 2]. In addition, a third party who sells a user's product on the Internet, such as an online open market, uses a promotional material made by the user including a certificate or a certification mark image or promotes the product using a certificate or a certification mark image [Patent Document 3].

However, membership, recommendation, awards, diplomas, etc. are usually confirmed by the issuing organization. Therefore, unlike the certification mark, it is necessary to confirm whether the certificate is issued and the certification through the issuer. To this end, the issuing authority server may provide a certificate verification service through the external server through the linkage of information and the interworking of the system with the external server. In other words, you will be able to receive the certificate verification service of the issuer through your Facebook account.

To this end, separate protocols promised between the Personalization agent and the external server must be used. Because some popular SNS service servers provide interlocking services in the form of plug-ins (including APIs), the issuing agency server can interoperate with external servers using these features. However, it is not easy for general users to directly use the information of the plug-in. For example, KNU can create a Facebook account and install and apply the Facebook plug-in to their server. However, students from Korea University with completely different accounts cannot use the plug-in as a student from Korea University.

In addition, the issuing authority may directly provide authentication information (or confirmation information) to the outside. However, in the case of an institution or a university, there is a problem in that the issuing organization has not only a large number of certification subjects, but also cannot provide unilaterally without the consent of the parties.

In addition, the issuing organization may provide a service in a manner of providing simple information by directly connecting with a service such as a current graduation certificate printing service or issuing an API key. A relay agency or a third party agency can receive this simple information and provide the authentication information service. However, a relay agency that provides authentication information in real time should access the issuer to verify or update the authentication information. At this time, there is a problem that the relay is excessively connected to the issuing organization, the overload may occur in the issuing organization.

In addition, the relay station periodically connects to the issuing organization to update the latest information, and the access timing may be later than that of the information update. Therefore, there may be a problem in trust in the freshness of the information. The user should also consider the possibility of conflicts with keys issued from other issuers.

In addition, a person may specify a mutual account without exposing personal information between the issuer and the relay agency through an external real name authentication service (or public authentication), but there is no way to specify the authentication information.

In addition, the user may be displayed to the outside in a variety of expressions about the authentication information he has. However, there is no way to verify this from the issuing agency. For example, let's say you are certified with the title of "Atlantic Yacht Crossing Award". The issuing agency will only offer the title 'Atlantic Yacht Crossing Award'. However, the third-ranked user wants to post certification information to the outside using phrases such as 'Top 3 of the 2017 Atlantic Yacht Crossing Competition', 'Atlantic Ocean Yacht, Only One in Asia'. However, in the case of posting only the authentication information, it is not possible to confirm the fact.

In addition, large issuers can operate multiple host servers in one domain, and different operators can manage websites / mobiles and databases according to services. That is, in the case of an institution that performs certification, that is, an institution, a university, or a government agency that has a lot of issuers and has various data, the issuer cannot easily disclose or provide data owned by the organization to the outside. This is because unintended accidents or unnecessary personal information leakage are concerned. In addition, there are a wide variety of certifications, each person in charge can be different, it is difficult to flexibly apply the concept of certification.

[Patent Document 1] Korean Patent Publication No. 10-2009-0122852 (published Dec. 1, 2009) [Patent Document 2] Korea Patent Publication No. 10-2009-0058473 (2009.06.09. Publication) [Patent Document 3] Korean Patent Publication No. 10-2011-0012687 (published Feb. 9, 2011)

An object of the present invention is to solve the problems as described above, by verifying the authentication information for the authentication object authenticated by the issuing authority to the verification URL, to generate the authentication information key to register with the issuer, It provides an authentication information relay system of a verification URL-based authentication object, which allows the issuer to confirm the authentication information only by the authentication information key.

In order to achieve the above object, the present invention relates to an authentication information relay system of a verification URL-based authentication object connected to a network of a target terminal and an issuing server, and is registered with a verification address of the subject from the issuing server. Receiving authentication object register; An authentication information key generator for generating and issuing an authentication information key for the authentication object according to a request of the target terminal; An authentication information registration unit connected to the verification address, verified using the authentication information key, and receiving and managing authentication information of the authentication object; And a title manager which transmits the authentication information title capable of displaying the authentication information on the online page to the target terminal.

In addition, the present invention in the authentication information relay system of the verification URL-based authentication object, the verification address is represented by a URL (Uniform Resource Locator), the issuing server, or to the server that can confirm the authentication information of the issuing server It is characterized in that the address.

In addition, the present invention is characterized in that in the authentication information relay system of the verification URL-based authentication object, the authentication information key is registered in the issuing server by the target terminal.

In addition, the present invention is characterized in that in the authentication information relay system of the verification URL-based authentication object, the authentication information key includes the authentication object or identification data for identifying the authentication information.

In addition, the present invention, in the authentication information relay system of the verification URL-based authentication object, the authentication information registration unit updates the authentication information according to the request of the issuing server, and authenticates the connection of the issuing server by the authentication information key, The authentication information to be updated is identified by the authentication information key.

In addition, the present invention, in the authentication information relay system of the verification URL-based authentication object, the authentication information module is inserted into the online page, and displays the certificate title on the inserted online page, the authentication information module is displayed on the online page When an event by the input device occurs on the display object, a screen for displaying a description of the authentication information or a screen for displaying the description of the authentication information may be displayed.

In addition, the present invention, in the authentication information relay system of the verification URL-based authentication object, when the system receives a request for detailed information of the authentication information from the authentication information module inserted in the online page, the details of the posted authentication information The module may further include a module request processing unit which transmits the information or the address of the online page where the detailed information of the authentication information is posted in response.

In another aspect, the present invention, the authentication information relay system of the verification URL-based authentication object, the system further comprises an authentication information guide for providing an online page for explaining the authentication information, the authentication information module is online A page may be linked to an online page provided by the authentication information guide.

In addition, the present invention is characterized in that in the authentication information relay system of the verification URL-based authentication object, the online page is any one or more of a page on the web page, SNS, blog, messenger, mail, mobile app.

As described above, according to the authentication information relay system of the verification URL-based authentication object according to the present invention, without providing internal data from an issuing agency having a large amount of authentication information, various authentication objects, and a large number of authentication information managers, The effect of easily distributing authentication information on the outside online based on a simple key is obtained.

According to the authentication information relay system of the verification URL-based authentication object according to the present invention, by assigning the verification URL to the authentication object, the owner / user of the authentication object directly verifies the authentication information, so that internal data may not be leaked to the outside. In addition, the effect of confirming the latest authentication information in real time is obtained.

1 is a block diagram of a configuration of an entire system for implementing the present invention.
2 is a block diagram of a configuration of an authentication information title according to an embodiment of the present invention.
Figure 3 is a block diagram of the configuration of the authentication information relay system of the verification URL-based authentication object according to an embodiment of the present invention.
4 is a flowchart illustrating a method for relaying authentication information of a verification URL-based authentication object according to an embodiment of the present invention.

DETAILED DESCRIPTION Hereinafter, specific contents for carrying out the present invention will be described with reference to the drawings.

In addition, in describing this invention, the same code | symbol is attached | subjected and the repeated description is abbreviate | omitted.

First, an example of the whole system configuration for implementing this invention is demonstrated with reference to FIG.

As shown in FIG. 1, the entire system for implementing the present invention includes a target terminal 11 used by a target who is the subject of a certificate (or an authentication object), and a user terminal 12 that reads authentication information that the target's authentication object has been authenticated. , A publishing server 50 for providing online pages 60, such as an issuing server 80 of an issuing authority that generates a certificate or an authentication object that proves the facts to a target person, a web page online, and an issuing server. It is composed of a relay server 30 that registers the authentication object and is authenticated to provide the authentication information of the authentication object online. In addition, the relay server 30 may further include a database 40 for storing data required.

The target terminal 11 is a conventional computing terminal such as a PC, a notebook, a netbook, a smartphone, a tablet PC, a mobile, etc. used by the target. Hereinafter, the description that the subject performs certain tasks means that the task is performed through the target terminal 11. In addition, 11 is attached to the target person other than the target terminal.

The subject refers to the subject of the certificate or authentication object issued (or generated) from the issuing server 80.

The certificate or authentication object is a document, object, or object that proves that the object is granted from the issuing server 80, and includes a document such as a membership, a recommendation letter, a certificate of honor, a diploma, or an electronic information functioning as a document. Say. In other words, an authentication object is a certificate or a concept of authentication that proves a fact and refers to information that proves a fact such as a member, recommendation, or ranking of a specific group. In addition, the authentication object refers to information composed of data given to the subject, that is, the name of the fact given, the personal information of the subject, the details of the fact given, and the granting authority (issuing agency). When such an authentication object is expressed in the form of a paper document or an electronic document, it can be called a certificate in a narrow sense. Hereinafter, for convenience of explanation, it will be referred to as an authentication object.

The authentication object is issued or generated by the issuing server 80 and managed by the relay server 30. That is, the issuing server 80 connects to the relay server 30 to generate an authentication object and manages the authentication object issued or generated by the relay server 30.

In addition, the target terminal 11 may obtain the authentication information or the authentication information title of the authentication object from the relay server 30, and may post it on the online page 60 of the publication server 50.

Next, the user terminal 12 is a terminal used by a user who browses the authentication information or the title of the authentication information, and is a normal computing terminal such as a PC, a notebook computer, a netbook, a smartphone, a tablet PC, and a mobile. Hereinafter, the description of the user performing a certain job means that the user performs the job through the user terminal 12. It is to be noted that reference numeral 12 is also applied to the user in addition to the user terminal.

The authentication information is electronic information indicating that the authentication object is authenticated. The authentication information includes information on whether the authentication object has been authenticated, the authentication status of the authentication object, and other information about the authentication object.

In addition, the authentication information title is information that appears when the authentication information is displayed to the outside, and basically indicates a phrase specified when creating (or issuing) an authentication object or an additionally designated phrase or image.

The user terminal 12 accesses the posting server 50 to view authentication information (or authentication information title) of the subject's authentication object, and confirms that the subject's authentication object is authenticated through the authentication information. Specifically, the user accesses the publishing server 50 through the user terminal 12, browses the online page 60 posted on the publishing server 50, and checks the authentication object displayed on the online page 60. View the authentication information or authentication information title. Through the authentication information or the authentication information title, it can be seen that the subject's authentication object is verified (or verified).

Next, the issuing server 80 is a normal server operated by the issuing authority, and generates and issues the authentication object of the target person or the authentication information (or authentication information title) of the authentication object. In particular, the Personalization agent is an authority, or a group, or a person having an authentication authority, and has authority to create an authentication object in a relay agency (or a service operated by a relay authority) so that a target person belongs to the object.

Specifically, the issuing server 80 issues or generates an authentication object to the target relay server 30, and authenticates the authentication object according to the request of the relay server 30 to generate and transmit the authentication information or the authentication information title. .

At this time, the issuing server 80 shares the authentication information key for authentication of the authentication object with the relay server (30). Preferably, the issuing server 80 receives the authentication information key from the subject. The authentication information key is a key (or a secret key) in which the authentication information of the authentication object managed by the relay server 30 is linked to and specified with one authentication information authenticated by the issuing server 80.

In addition, the issuing server 80 generates and issues a verification URL when issuing an authentication object to the relay server 30, and is connected by the verification URL by the relay server 30 and authenticated by the authentication information key. Issue or create authentication information about the authentication object.

In addition, the issuing server 80 may access the relay server 30 to access the relay server 30 and update the authentication information corresponding to the authentication information key by using the authentication information key.

Next, the relay server 30 is a server that is operated by the relay agency, and issues or generates and manages an authentication object and authentication information for authenticating the authentication object.

In detail, the relay server 30 receives and manages an authentication object from the issuing server 80. At this time, the verification server for authentication is received from the issuing server 80 together.

In addition, the relay server 30 generates an authentication information key for the issued authentication object according to the request of the target person. The generated authentication information key is shared with the issuing server 80. Preferably, the authentication information key is transmitted to the target terminal 11 and registered by the target terminal 11 with the issuing server 80.

In addition, the relay server 30 is authenticated through the verification URL and the authentication information key for the authentication information for the authentication object from the issuing server 80, and receives and manages the authentication information or the authentication information title of the corresponding authentication object.

In addition, the relay server 30 provides the issued authentication information or authentication information title as a module, so that the target person or the target terminal 11 can use the online page 60. That is, the target person or the target terminal 11 may insert the corresponding authentication information or the authentication information title (or its module) into the online page 60 of the publishing server 50 and publish it.

Next, the publishing server 50 is a server that publishes an online page, and refers to a server that provides a service for displaying content online such as a web server, an SNS server, a blog server, and a mail server. In addition, the publishing server 50 may be a server that provides an online page published in the mobile app in conjunction with the mobile app.

Therefore, the online page 60 is an online page displayed by the publishing server 50, and means that it can be displayed and displayed on the Internet or mobile.

The online page 60 may insert and display a module of authentication information or authentication information title.

The authentication information title 70 is a module capable of inserting and displaying authentication information in the online page 60. The authentication information title 70 may display the authentication information as text or an image. In addition, the authentication information title 70 is a module including a link, a script, and the like, and is a module capable of providing detailed information of authentication information. In particular, the authentication information title 70 displays or provides necessary information in response to a user's touch or click, and also requests and receives necessary data from the relay server 30. In addition, the authentication information title 70 may move to the authentication object of the relay server 30 or the online authentication object description page describing the authentication information in response to a user's touch or click.

The authentication information title 70 is a page format module composed of links, scripts, and the like for easy insertion into the online page 60. Accordingly, the target terminal 11 can download the authentication information title 70 and insert the downloaded authentication information title 70 into the online page 60 so that it can be displayed on the online page 60. That is, the relay server 30 downloads the authentication information title 70 of the registered authentication object, so that the target person can insert the authentication information title into the online page 60.

Next, the database 40 is a general storage medium for storing data required by the relay server 30, and stores member (or subject) information, an authentication object, and authentication information or authentication information title thereof.

Specifically, the database 40 manages the subject as a member, subject DB 41 for storing data about the subject, authentication object DB 42 for storing details of the authentication object, and authentication for the authentication object. And an authentication information DB 43 for storing information or authentication information titles. However, such a configuration of the database 40 is only a preferred embodiment, and in developing a specific device, in consideration of the ease and efficiency of access and retrieval, it may be configured in a different structure by the database construction theory.

Next, the configuration of the authentication information title (or its module) 70 according to an embodiment of the present invention will be described in more detail.

The authentication information title or its module 70 is a module written in a language for display on the online page 60. In other words, it is a module written by a language constituting an online page such as a web page, social network system (SNS), blog, messenger, or mail. That is, a web format module or a mobile application module.

Preferably, the authentication information title 70 is a page format module composed of HTML format or HTML 5.0 or the like, and is a page format module composed of text, link, script, and the like. Alternatively, the authentication information title 70 may be implemented as a program module that runs in a mobile app.

In particular, the authentication information title 70 displays the authentication information as a display object. The authentication information display object displays authentication information, and is displayed in the form of a symbol, a character, a figure, a three-dimensional shape, or a combination thereof and colors. In other words, the authentication information display object is displayed using symbols, characters, and shapes that can intuitively convey the contents of the authentication information to the user. More preferably, the display object basically includes characters that can be displayed.

In addition, the authentication information title 70 may display the authentication information on the online page 60, and may provide purified data through a separate link or through a separate API request for external use. That is, the authentication information title 70 is inserted into the online page 60, and is allocated a display space on the online page 60, and displays the text or the shape of the authentication information contents in the display space.

Preferably, in a commonly used web page, the credential information title 70 may be recognized as a certificate theme using a scripting language such as HTML or XML, for example, <a link = 'cert-info: // Insert specific types of tags on the online page, such as <? xml> <cert-info> <name> Eco-Furniture </ name> </ cert-info> </ xml>, such as //ecolove.funiture '> Then, a page driving program such as a web browser can recognize this as an authentication information title.

When the user directly inserts the authentication information in the form of text or the like by referring to the title of the authentication information, if a tag indicating authentication information is associated with the display object, a link to an online page displaying the authentication information can be inserted. . Therefore, the web browser can import the authentication information and display the received authentication information, and anyone can confirm the correct information of the authentication information through the link.

In addition, in a service such as a social network service (SNS), a specific tag format such as a hash tag may be used to recognize authentication information on a server, a website, or software of a person providing the corresponding SNS. When the user clicks the title of the authentication information, anyone can check the correct information of the authentication information through the corresponding tag.

In addition, the authentication information title 70 may be written to perform a specific function in a programming language such as a script. The functions described below are functions configured and operated in a page writing language such as a script. In particular, when a specific event occurs in the display object inserted and displayed on the online page, the authentication information title 70 may display the authentication object or a comment describing the authentication object. For example, when the mouse is placed on the online page 60, a description popup screen for the online theme may appear. An event refers to an event by an input device such as a click, double click, gesture, mouse over a display object on a display object on an online page, or a click or double click on a predetermined predetermined space on the display object. Alternatively, an event such as an opening or closing of an online page or a specific gesture on the online page may be applicable. That is, all events that may occur in the online page or the display object may be applicable.

In addition, the authentication information title or its module 70 receives and displays information related to the authentication information transmitted from the relay server 30. The authentication information title 70 may allow the subject to communicate with the relay server 30 using an API key and the like owned by the subject.

In addition, when a specific event occurs, the authentication information title 70 may move to the online page describing the authentication information or the authentication object. In this case, an online page (or a detailed description page) describing the authentication information is provided by the relay server 30 or a server linked with the relay server 30.

Next, a detailed configuration of the authentication information title 70 according to an embodiment of the present invention will be described in more detail with reference to FIG. 2.

As shown in Fig. 2, the authentication information title 70 according to the present invention is a storage unit 71 for recording the address and authentication information of the relay server 30, contents to be displayed for authentication information from the relay server 30. Or a request unit 72 for requesting and receiving the detailed information, a display unit 73 for displaying authentication information and the detailed information, and a control unit for performing a predetermined function such as display or link according to an input command or event ( 74).

The storage unit 71 stores in the text form of the authentication information title 70 or records the address of the management server, the display form of the authentication information, the detailed description thereof, and the like, in the storage space.

In addition, the request unit 72 connects to the relay server 30 with reference to the recorded address of the relay server 30, transmits the corresponding authentication information to the relay server 30, and transmits the authentication information from the relay server 30 to the authentication information. Receive related information or detailed information about the device.

The display unit 73 displays the contents of the authentication information on the online page 60. In this case, the detailed information may be displayed on a tip or a popup screen. In the case of a dynamic image, the display unit 73 may configure a dynamic image, or may receive the dynamic image directly from the relay server 30.

When the user generates a certain event by touching or clicking on the online page 60, the controller 74 executes a predetermined function for the corresponding event. For example, if a user clicks on the display space of the authentication information, the user can navigate to a web page provided by the relay server 30 and link to a detailed description page of the corresponding authentication information. Or if the mouse cursor does not click, but enters the display space, the description screen of the authentication information is displayed as a pop-up window.

Next, the authentication information relay system of the verification URL-based authentication object according to the first embodiment of the present invention will be described with reference to FIG. The authentication information relay system is the relay server 30 described above or a system by this server.

As shown in FIG. 3, the authentication information relay system of the verification URL-based authentication object according to the present invention includes a member management unit 31 for registering and managing a member for registering an authentication object, and an authentication object registration unit for receiving and registering an authentication object ( 32), an authentication information key generation unit 33 for generating an authentication information key for the authentication object, an authentication information registration unit 34 for generating and registering authentication information from the issuing server 80, and generating a module of the authentication information title. And a title manager 35 for downloading. In addition, the module may further include a module request processing unit 36 for processing a request for the authentication information title module or an authentication information guide unit 37 for providing an online page displaying the details of the authentication information or the authentication object.

First, the member manager 31 registers a target person as a member, receives member information, or performs user authentication for login.

Next, the authentication object registration unit 32 receives the authentication object from the issuing server 80.

The issuing server 80 connects to the relay server or the relay system 30 or the authentication object registration unit 32 to register the authentication object of the subject. To this end, preferably, the issuing server 80 may be registered as a member as an issuing authority. Alternatively, in another embodiment, the issuing server 80 and the relay server 30 (or the authentication object registration unit) may interwork with each other, and the issuing server 80 may register the subject's authentication object.

As described above, the authentication object is a document, object, or object that proves the facts granted to the subject from the issuing server 80, such as a membership, a recommendation letter, a certificate of honor, a diploma, or an electronic function of such a document. Speak information. In particular, the authentication object is composed of data that is assigned to the subject, that is, the name of the fact given, the personal details of the subject, the details of the facts given, and the granting authority (issuing authority).

On the other hand, when the authentication object is registered, the authentication object register 32 specifies a verification address (or verification URL) for receiving authentication information about the authentication object and registers it together. The verification address or verification URL (Uniform Resource Locator) is an Internet address (or URL address) for receiving authentication information of the authentication object or an address for verification for receiving authentication information.

As an example, the verification address or verification URL may be specified as follows.

* m.verify-example.com/key?

* 10.203.456.7/

Preferably, the verification address or verification URL is set as an access address for processing authentication information of the issuing server 80 or the issuing server 80.

Next, the authentication information key generation unit 33 generates and issues an authentication information key for the authentication object of the target person.

That is, the target person or target terminal 11 selects an authentication object that the user intends to use externally, and requests for issuance of an authentication information key for the corresponding authentication object. The authentication information key generation unit 33 generates an authentication information key for the authentication object (or authentication information to be generated for the authentication object) in response to a request from the target person or the target terminal 11. The generated authentication information key is transmitted or downloaded to the target terminal 11.

The authentication information key is a key (or secret key) that can be linked to and specified with one piece of authentication information (or authentication information of the authentication object) authenticated by the issuing server 80. In addition, preferably, the authentication information key includes identification data for identifying the corresponding authentication object. That is, the issuing server 80 uses the authentication information key received together with the verification address (or verification URL) to identify the authentication object and generates and returns the authentication information of the corresponding authentication object.

In addition, the issued authentication information key is registered in the issuing server 80 by the target person or the target terminal 11. That is, preferably, the target person or target terminal 11 directly registers the issued authentication information key with the issuing server 80.

Next, the authentication information registration unit 34 is connected to the issuing server 80 to receive and manage the authentication information. At this time, the authentication information registration unit 34 accesses the verification address (or verification URL) using the authentication information key, and receives (or receives) the authentication information or the authentication information title from the counterpart (or issuing server).

That is, the authentication information registration unit 34 accesses the issuing server 80 at the verification address (or verification URL) and receives verification (or authentication) using the authentication information key. The issuing server 80 returns the authentication information or the authentication information title of the corresponding authentication object only when it is verified by the authentication information key.

The authentication information is electronic information indicating that the authentication object is authenticated. The authentication information includes information on whether the authentication object has been authenticated, the authentication status of the authentication object, and other information about the authentication object.

The authentication information title is information that is displayed when the authentication information is displayed externally, and basically indicates a phrase specified when creating (or issuing) an authentication object or an additionally designated phrase or image.

In addition, the authentication information registration unit 34 may update the authentication information at the request of the issuing server 80. That is, the authentication information registration unit 34 is connected from the issuing server 80, in which case, the authentication information key is connected using the authentication information key. The issuing server 80 may update the contents of the authentication information corresponding to the authentication information key.

Next, the title manager 35 generates a module capable of inserting and displaying the authentication information title into the online page 60.

As described above, the authentication information title 70 is a module written in a language for display on the online page 60. In other words, it is a module written by a language constituting an online page such as a web page, social network system (SNS), blog, messenger, or mail.

Accordingly, the target terminal 11 can download the authentication information title 70 from the title management unit 35 and insert the downloaded authentication information title 70 into the online page 60 so that it can be displayed on the online page 60. .

In one embodiment, when the issuing server 80 transmits the data in xml or .json format, the relay server 30 or the title management unit 35 stores the corresponding data, and the subject can immediately utilize the various formats. Provides the ability to display as (theme). As another embodiment, when the issuing server 80 generates the certificate image and transmits it to the relay server 30 or the title manager 35, it can be stored and used in the image.

Next, the module request processing unit 36 receives a request from the authentication information title 70 inserted into the online page 60 and transmits data about the request. At this time, the identifier of the object is received to determine which authentication information object the request is for.

In particular, the module request processing unit 36 transmits the detailed information of the authentication information to the authentication information title 70 in response to the request for explanation (or content) of the authentication information. Preferably, the module request processing unit 36 transmits the name, main content, and the like of the authentication information to the authentication information title 70.

Next, the authentication information guide unit 37 provides an online page 60 for describing the authentication information or the authentication object in detail. Preferably, the online page 60 is configured in the relay server 30 or a content server such as a web server interworking with the relay server 30.

The online page 60 for guiding details of the authentication information refers to a page providing text-oriented content in a web page, social network system (SNS), blog, mobile app, and the like. The online page 60 for the guidance of the authentication information is posted by the administrator of the relay server 30.

Therefore, when the user visits the information page of the authentication information through the user terminal 12, the user can directly check the certificate or the issuer, which is a requirement of the authentication information. Trust or authority of the issuer can be easily identified.

Next, the authentication information relay method of the verification URL-based authentication object according to the first embodiment of the present invention will be described in more detail with reference to FIG. 4.

As shown in FIG. 4, first, the issuing server 80 communicates with the relay server 30 to register an authentication object with the relay server 30 (S11). Preferably, the issuing server 80 is connected to the relay server 30 to register the authentication object with the relay server 30. Preferably, the issuing server 80 and the relay server 30 interoperate with each other, referring to information related to the authentication object of the target person stored in the issuing server 80, and generating and registering the authentication object in the relay server 30. do.

Through this, the relay server 30 registers the authentication object and the verification address (or verification URL) together (S12). That is, when registering the authentication object to the relay server 30 by the issuing server 80, the verification address or verification URL is also registered.

Next, when the target terminal 11 accesses the relay server 30 and requests the authentication information key (S21), the relay server 30 generates an authentication information key for issuing authentication information for the authentication object. (S22), the generated authentication information key is transmitted to the target terminal 11 (S23). At this time, the authentication information key is a unique secret key for verifying the authentication information of the authentication object.

Next, when the target terminal 11 requests to register the authentication information key by accessing the issuing server 80 (S31), the issuing server 80 registers the authentication information key (S32). The authentication information key is a key for authenticating (or verifying) the act of requesting authentication information of the corresponding authentication object of the target person. That is, only when the authentication information key is verified, the corresponding authentication information is transmitted. In addition, the authentication information key includes identification information for identifying the authentication information or the authentication object of the subject.

In addition, when the content of the authentication information and the like is updated, the issuing server 80 may notify the relay server 30 and request an update (S41).

Next, the relay server 30 requests the authentication information by accessing the issuing server 80 with the verification address or verification URL (S51). At this time, the relay server 30 combines and transmits the authentication information key together with the verification address. When the issuing server 80 receives the request to be connected to the verification address, the issuing server 80 verifies the received authentication information key together with the verification address (S52).

If the verification of the authentication information key is confirmed, the issuing server 80 transmits the authentication information to the relay server 30 (S53). The authentication information is electronic information indicating that the authentication object has been verified (or authenticated). The authentication information is data or information including the content, name, issuer, and authentication details of the authentication fact.

At this time, the issuing server 80 transmits the authentication information title. The authentication information title is information that is displayed when the authentication information is displayed externally, and basically indicates a phrase specified when creating (or issuing) an authentication object or an additionally designated phrase or image.

Next, when the target terminal 11 requests the authentication information title or authentication information title module from the relay server 30 (S61), the relay server 30 generates the authentication information title or authentication information title module (S62). In operation S63, the target terminal 11 is transmitted to the target terminal 11.

At this time, the authentication information title module 70 is a module written in a language for display on the online page 60. In other words, it is a module written by a language constituting an online page such as a web page, social network system (SNS), blog, messenger, or mail. That is, a web format module or a mobile application module.

Next, the target terminal 11 inserts the received authentication information title or authentication information title module into the online page 60 of the publication server 50 (S70).

The authentication information title published on the online page 60 is browsed and touched by the user terminal 12 connected to the posting server 50.

Next, the authentication information relay system of the verification URL-based authentication object according to the second embodiment of the present invention will be described.

The second embodiment of the present invention is an embodiment in which the authentication information key is extended to designate the authentication information title in addition to one authentication information. If the second embodiment of the present invention has the same configuration as the first embodiment, only the points to be added will be described below. Portions not described below refer to the description of the first embodiment.

First, the authentication information key generation unit 33 generates an extended authentication information key expanded by using the already generated and registered authentication information key as the basic authentication information key, at the request of the target terminal 11.

That is, when the target person configures the extended authentication information key according to the method registered in the issuing server 80, the relay server 30 uses the extended authentication information key as one independent authentication information key. That is, the subject receiving the authentication information from the issuing server 80 expands the authentication information key to add a separate authentication information title in the authentication information.

The extended authentication information key is formed by adding a separator and additional information to the basic authentication information key. The extended authentication information key also acts as the only authentication information key whose configured key value points to a specific authentication information title.

The issuing server 80 configures a database that can be utilized as authentication information by the target person, and may store additional information such as year and rank.

That is, the relay server 30 or the authentication information key generation unit 33 generates the extended authentication information key when the target person requests to generate the extended authentication information key. At this time, the extended authentication key is generated using additional information.

As described below, the relay server 30 or the authentication information registration unit 34 accesses the issuing server using the extended authentication information key, and brings the extended authentication information title corresponding to the extended authentication information key. At this time, the issuing server 80 automatically generates extended authentication information by extracting additional information from the extended authentication information key.

Next, the authentication information registration unit 34 connects to the verification address or verification URL by using the extended authentication information key, and receives the extended authentication information or the extended authentication information title from the issuing server 80.

At this time, the issuing server 80 extracts and verifies additional information from the extended authentication information key. Upon verification, the authentication information title (or extended authentication information title) is generated and the result value is transmitted. That is, the issuing server 80 notifies the subject of the configuration of the extended authentication information key that can verify the separate authentication information title.

The authentication information register 34 designates and manages the authentication information title of the successful result value received from the issuing server 80 as separate related authentication information.

And the authentication information register 34 checks and updates all the relevant authentication information (basic authentication information and extended authentication information) when the update request for the corresponding authentication information key from the issuing server 80.

On the other hand, the issuing server 80 may configure a database that can be utilized by the subject as authentication information (or extended authentication information). In other words, the database can be configured to be useful to the target audience. In this case, additional information such as year and rank may be stored.

As mentioned above, although the invention made by this inventor was demonstrated concretely according to the Example, this invention is not limited to an Example and can be variously changed in the range which does not deviate from the summary.

11: target terminal 12: user terminal
20: network 30: relay server
31: Membership Management Department 32: Certified Object Register
33: authentication information key generation unit 34: authentication information registration unit
35: Title management unit 36: Module request processing unit
37: Certification Information Guide
40: Database 41: Target DB
42: authentication object DB 43: authentication information DB
50: issuing server 60: online page
70: authentication information module 71: storage unit
72: request unit 73: display unit
74: processing unit

Claims (9)

In the authentication information relay system of the verification URL-based authentication object connected to the network of the target terminal and the issuing server,
An authentication object registration unit that registers a subject's authentication object from the issuing server and registers a verification address together;
An authentication information key generator for generating and issuing an authentication information key for the authentication object according to a request of the target terminal;
An authentication information registration unit connected to the verification address, verified using the authentication information key, and receiving and managing authentication information of the authentication object; And,
A title manager which transmits an authentication information title capable of displaying the authentication information on an online page to the target terminal,
The authentication information is electronic information indicating that the authentication object is authenticated,
And the authentication information key is registered in the issuing server by the target terminal.
The method of claim 1,
The verification address is represented by a URL (Uniform Resource Locator), and the authentication information relay system of the verification URL-based authentication object, characterized in that the address that can be connected to the server that can confirm the authentication information of the issuing server or the issuing server. .
delete The method of claim 1,
And the authentication information key includes identification data for identifying the authentication object or the authentication information.
The method of claim 1,
Wherein the authentication information registration unit updates the authentication information according to the request of the issuing server, authenticates the connection of the issuing server with the authentication information key, and identifies the authentication information to be updated with the authentication information key. Authentication information relay system for URL-based authentication objects.
The method of claim 1,
The authentication information title is inserted into an online page and displayed on the inserted online page.
The title of the authentication information is characterized in that, when an event by the input device occurs on the display object displayed on the online page, go to the online page for displaying the description of the authentication information or display a screen for displaying the description of the authentication information Authentication information relay system of a verification URL-based authentication object.
The system of claim 1, wherein the system is
When receiving the request for the detailed information of the authentication information from the authentication information title inserted in the online page, the detailed information of the published authentication information or the address of the online page where the detailed information of the authentication information is posted and sent back, Authentication information relay system of the verification URL-based authentication object, characterized in that it further comprises a module request processing unit.
The method of claim 1,
The system further includes an authentication information guide that provides an online page for explaining the authentication information,
The authentication information title system, the authentication information relay system of the verification URL-based authentication object, characterized in that the link can be linked to the online page provided by the authentication information guide from the online page on which it is published.
The method according to any one of claims 1 to 2, 4 to 8,
The online page is a web page, SNS, blog, messenger, mail, authentication information relay system of the verification URL-based authentication object, characterized in that any one of the pages on the mobile app.

Images