KR20000072433A - Anti-hacking Technique using mobile data terminal and temporary password - Google Patents
Anti-hacking Technique using mobile data terminal and temporary password Download PDFInfo
- Publication number
- KR20000072433A KR20000072433A KR1020000052035A KR20000052035A KR20000072433A KR 20000072433 A KR20000072433 A KR 20000072433A KR 1020000052035 A KR1020000052035 A KR 1020000052035A KR 20000052035 A KR20000052035 A KR 20000052035A KR 20000072433 A KR20000072433 A KR 20000072433A
- Authority
- KR
- South Korea
- Prior art keywords
- user
- password
- registered
- asp
- time
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
Abstract
Description
종래에는 보안이 취약한 공공장소에서 사용자 인증이 필요한 인터넷 ASP (Application Service Provider) 및 소프트웨어등의 컴퓨터를 이용한 인증 처리가 필요한 컨텐트(이를 인트라넷이라 정의함. PC뱅킹, E-MAIL 서비스, 인터넷 쇼핑몰 등)에 접속할때 키보드 입력 기록 장치 등의 해킹툴이 설치된 컴퓨터가 이용자의 키보드 입력 내용을 기록하는 등의 패스워드 노출의 가능성을 우려할 수 있었고, 또 개인이 패스워드를 분실하였을 경우 재인증 절차를 밟아야 하는 등의 불편함이 있었다.Conventionally, content requiring authentication processing using a computer such as Internet ASP (Application Service Provider) and software that requires user authentication in a weak public place (this is defined as an intranet. PC banking, E-MAIL service, Internet shopping mall, etc.) Computers with hacking tools, such as keyboard input recording devices, may be concerned about the possibility of password exposure, such as recording the user's keyboard input when accessing the system, and re-authentication procedures should be performed if an individual loses the password. There was discomfort.
공공장소의 컴퓨터 및 해킹이 우려되는 컴퓨터 사용시, 이동통신단말기와 일회용When using computers in public places and computers that may be hacked, use mobile communication terminals and disposable
비밀번호 생성 프로그램을 이용하여 해커가 비밀번호를 도용하는 경우를 방지하고자 함.Using a password generation program to prevent hackers from stealing passwords.
(1) 사용자가 원격지 컴퓨터에서 해당 인트라넷 서버에 핸드폰(단말기) 번호를 입력, 1-Time 암호 생성 요청(1) The user enters the mobile phone (terminal) number from the remote computer to the corresponding intranet server and requests to create a 1-Time password.
(2) 서버에서 사용자 IP address를 확인하고, 1-Time Password 부여(2) Check user IP address in server and assign 1-Time Password
(3) 해킹이나 키보드 입력 기록 장치 등의 해킹툴이 설치된 컴퓨터에 이용자의 키보드 입력 내용이 기록되어 Password 노출(3) Password exposure is recorded by user's keyboard input recorded on computer with hacking tool such as hacking or keyboard input recording device.
(4) 제3자가 알아낸 Password로 로그인을 시도함(4) Attempt to log in with password that 3rd party found
(5) 서버에서는 사용자 컴퓨터의 IP를 확인하여 1-Time 암호 생성 요청시의 컴퓨터 IP address와 다를 경우 로그인을 거부함(5) The server checks the user's IP and denies login if it is different from the computer's IP address when requesting 1-Time password generation.
위 발명은 기존의 이동통신 단말기가 단순히 해당 단말기에 대한 정보만을 제공하는 개념을 넘어 기존의 인트라넷 서비스에서의 이용자 인증에 까지 활용될수 있음을 보여주고 있다. 또한 보안이 취약한 공공장소의 컴퓨터 및 해킹이 우려되는 컴퓨터 사용시 해커가 비밀번호를 도용하는 경우를 미연에 방지하여 안전한 인터넷의 이용을 확산시킬 수 있다.The present invention shows that the existing mobile communication terminal can be utilized for user authentication in the existing intranet service beyond the concept of merely providing information on the corresponding terminal. In addition, it is possible to spread the use of the secure Internet by preventing hackers from stealing passwords when using computers in vulnerable public places and computers that are hacked.
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020000052035A KR20000072433A (en) | 2000-09-04 | 2000-09-04 | Anti-hacking Technique using mobile data terminal and temporary password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020000052035A KR20000072433A (en) | 2000-09-04 | 2000-09-04 | Anti-hacking Technique using mobile data terminal and temporary password |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20000072433A true KR20000072433A (en) | 2000-12-05 |
Family
ID=19687140
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020000052035A KR20000072433A (en) | 2000-09-04 | 2000-09-04 | Anti-hacking Technique using mobile data terminal and temporary password |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20000072433A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20020046552A (en) * | 2000-12-15 | 2002-06-21 | 김유승 | method and apparatus for registration and use of voice password using personal information provided in mobile communication service system |
KR20020092047A (en) * | 2001-06-01 | 2002-12-11 | 주식회사 어니언소프트웨어 | User evidence method for providing one-time password and apparatus for one-time password using that method |
KR20030039033A (en) * | 2001-11-09 | 2003-05-17 | 엘지전자 주식회사 | Wireless internet fee service billing method |
KR20040019704A (en) * | 2002-08-29 | 2004-03-06 | 다림기술 주식회사 | A method to prevent e-mail address from being stolew and communized on a metwork |
KR100495472B1 (en) * | 2001-07-09 | 2005-06-16 | 와이더댄 주식회사 | System and Method for Wireless Internet Service, and Method for Accessing Wireless Internet Using the Same |
KR100899928B1 (en) * | 2002-11-12 | 2009-05-28 | 엘지전자 주식회사 | Password Setting Function Of Digital Television Receiver Set |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5434918A (en) * | 1993-12-14 | 1995-07-18 | Hughes Aircraft Company | Method for providing mutual authentication of a user and a server on a network |
US5592553A (en) * | 1993-07-30 | 1997-01-07 | International Business Machines Corporation | Authentication system using one-time passwords |
KR19990078937A (en) * | 1999-08-21 | 1999-11-05 | 최동호 | User authenticate system using a second channel |
KR20000012607A (en) * | 1999-12-14 | 2000-03-06 | 심성식 | certification system using radio communication device |
WO2000029965A1 (en) * | 1998-11-16 | 2000-05-25 | Saison Information Systems Co., Ltd. | Method and apparatus for network authentication |
-
2000
- 2000-09-04 KR KR1020000052035A patent/KR20000072433A/en not_active Application Discontinuation
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5592553A (en) * | 1993-07-30 | 1997-01-07 | International Business Machines Corporation | Authentication system using one-time passwords |
US5434918A (en) * | 1993-12-14 | 1995-07-18 | Hughes Aircraft Company | Method for providing mutual authentication of a user and a server on a network |
WO2000029965A1 (en) * | 1998-11-16 | 2000-05-25 | Saison Information Systems Co., Ltd. | Method and apparatus for network authentication |
KR19990078937A (en) * | 1999-08-21 | 1999-11-05 | 최동호 | User authenticate system using a second channel |
KR20000012607A (en) * | 1999-12-14 | 2000-03-06 | 심성식 | certification system using radio communication device |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20020046552A (en) * | 2000-12-15 | 2002-06-21 | 김유승 | method and apparatus for registration and use of voice password using personal information provided in mobile communication service system |
KR20020092047A (en) * | 2001-06-01 | 2002-12-11 | 주식회사 어니언소프트웨어 | User evidence method for providing one-time password and apparatus for one-time password using that method |
KR100495472B1 (en) * | 2001-07-09 | 2005-06-16 | 와이더댄 주식회사 | System and Method for Wireless Internet Service, and Method for Accessing Wireless Internet Using the Same |
KR20030039033A (en) * | 2001-11-09 | 2003-05-17 | 엘지전자 주식회사 | Wireless internet fee service billing method |
KR20040019704A (en) * | 2002-08-29 | 2004-03-06 | 다림기술 주식회사 | A method to prevent e-mail address from being stolew and communized on a metwork |
KR100899928B1 (en) * | 2002-11-12 | 2009-05-28 | 엘지전자 주식회사 | Password Setting Function Of Digital Television Receiver Set |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7085840B2 (en) | Enhanced quality of identification in a data communications network | |
US7496751B2 (en) | Privacy and identification in a data communications network | |
US7275260B2 (en) | Enhanced privacy protection in identification in a data communications network | |
Josang et al. | Usability and privacy in identity management architectures | |
Chadwick | Federated identity management | |
US6880079B2 (en) | Methods and systems for secure transmission of information using a mobile device | |
CA2570045C (en) | Network security and fraud detection system and method | |
JP5619007B2 (en) | Apparatus, system and computer program for authorizing server operation | |
US20030084302A1 (en) | Portability and privacy with data communications network browsing | |
CA2629776C (en) | Authentication for service server in wireless internet and settlement using the same | |
EP1102157B1 (en) | Method and arrangement for secure login in a telecommunications system | |
US20030084171A1 (en) | User access control to distributed resources on a data communications network | |
US20070077916A1 (en) | User authentication system and user authentication method | |
KR20100021818A (en) | Method for authentication using one-time identification information and system | |
AU2007303059B2 (en) | Secure multi-channel authentication | |
CA2346709A1 (en) | Remote physician authentication service | |
WO2011083867A1 (en) | Authentication device, authentication method, and program | |
CA2555465A1 (en) | Method and apparatus for authentication of users and communications received from computer systems | |
KR20000072433A (en) | Anti-hacking Technique using mobile data terminal and temporary password | |
JP2002091917A (en) | Network security system and connection managing method utilizing the same | |
EP1513313A1 (en) | A method of accessing a network service or resource, a network terminal and a personal user device therefore | |
Baker et al. | PCASSO: applying and extending state-of-the-art security in the healthcare domain | |
JPWO2019234801A1 (en) | Service provision system and service provision method | |
JP2007179214A (en) | Network service anonymous billing system | |
KR101405832B1 (en) | Login system and method through an authentication of user's mobile telecommunication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |