KR20000072433A - Anti-hacking Technique using mobile data terminal and temporary password - Google Patents

Anti-hacking Technique using mobile data terminal and temporary password Download PDF

Info

Publication number
KR20000072433A
KR20000072433A KR1020000052035A KR20000052035A KR20000072433A KR 20000072433 A KR20000072433 A KR 20000072433A KR 1020000052035 A KR1020000052035 A KR 1020000052035A KR 20000052035 A KR20000052035 A KR 20000052035A KR 20000072433 A KR20000072433 A KR 20000072433A
Authority
KR
South Korea
Prior art keywords
user
password
registered
asp
time
Prior art date
Application number
KR1020000052035A
Other languages
Korean (ko)
Inventor
정성욱
Original Assignee
오재연
엠클릭플러스 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 오재연, 엠클릭플러스 주식회사 filed Critical 오재연
Priority to KR1020000052035A priority Critical patent/KR20000072433A/en
Publication of KR20000072433A publication Critical patent/KR20000072433A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Abstract

PURPOSE: A method for preventing hacking is provided to report a throwaway password generated by a server program in real time to a mobile communication terminal of a service user through a short message service(SMS) when the service user requests a user authentication, so as to prevent a hacker from stealing a password. CONSTITUTION: If a user registered in an intranet forgets a password, the user inputs a previously-registered self cellular phone number in a log-in terminal or a computer. The user clicks a password confirming button. A user authentication server retrieves a user database(DB) by using the cellular phone number. If the user exists in the DB, the registered password is transmitted to the log-in terminal through a short message service(SMS). The user confirms the SMS through a liquid crystal display(LCD) of a cellular phone or a voice mail system.

Description

이동통신단말기와 일회용 비밀번호를 이용한 해킹 방지 기술{Anti-hacking Technique using mobile data terminal and temporary password}Anti-hacking technique using mobile data terminal and temporary password}

종래에는 보안이 취약한 공공장소에서 사용자 인증이 필요한 인터넷 ASP (Application Service Provider) 및 소프트웨어등의 컴퓨터를 이용한 인증 처리가 필요한 컨텐트(이를 인트라넷이라 정의함. PC뱅킹, E-MAIL 서비스, 인터넷 쇼핑몰 등)에 접속할때 키보드 입력 기록 장치 등의 해킹툴이 설치된 컴퓨터가 이용자의 키보드 입력 내용을 기록하는 등의 패스워드 노출의 가능성을 우려할 수 있었고, 또 개인이 패스워드를 분실하였을 경우 재인증 절차를 밟아야 하는 등의 불편함이 있었다.Conventionally, content requiring authentication processing using a computer such as Internet ASP (Application Service Provider) and software that requires user authentication in a weak public place (this is defined as an intranet. PC banking, E-MAIL service, Internet shopping mall, etc.) Computers with hacking tools, such as keyboard input recording devices, may be concerned about the possibility of password exposure, such as recording the user's keyboard input when accessing the system, and re-authentication procedures should be performed if an individual loses the password. There was discomfort.

공공장소의 컴퓨터 및 해킹이 우려되는 컴퓨터 사용시, 이동통신단말기와 일회용When using computers in public places and computers that may be hacked, use mobile communication terminals and disposable

비밀번호 생성 프로그램을 이용하여 해커가 비밀번호를 도용하는 경우를 방지하고자 함.Using a password generation program to prevent hackers from stealing passwords.

(1) 사용자가 원격지 컴퓨터에서 해당 인트라넷 서버에 핸드폰(단말기) 번호를 입력, 1-Time 암호 생성 요청(1) The user enters the mobile phone (terminal) number from the remote computer to the corresponding intranet server and requests to create a 1-Time password.

(2) 서버에서 사용자 IP address를 확인하고, 1-Time Password 부여(2) Check user IP address in server and assign 1-Time Password

(3) 해킹이나 키보드 입력 기록 장치 등의 해킹툴이 설치된 컴퓨터에 이용자의 키보드 입력 내용이 기록되어 Password 노출(3) Password exposure is recorded by user's keyboard input recorded on computer with hacking tool such as hacking or keyboard input recording device.

(4) 제3자가 알아낸 Password로 로그인을 시도함(4) Attempt to log in with password that 3rd party found

(5) 서버에서는 사용자 컴퓨터의 IP를 확인하여 1-Time 암호 생성 요청시의 컴퓨터 IP address와 다를 경우 로그인을 거부함(5) The server checks the user's IP and denies login if it is different from the computer's IP address when requesting 1-Time password generation.

위 발명은 기존의 이동통신 단말기가 단순히 해당 단말기에 대한 정보만을 제공하는 개념을 넘어 기존의 인트라넷 서비스에서의 이용자 인증에 까지 활용될수 있음을 보여주고 있다. 또한 보안이 취약한 공공장소의 컴퓨터 및 해킹이 우려되는 컴퓨터 사용시 해커가 비밀번호를 도용하는 경우를 미연에 방지하여 안전한 인터넷의 이용을 확산시킬 수 있다.The present invention shows that the existing mobile communication terminal can be utilized for user authentication in the existing intranet service beyond the concept of merely providing information on the corresponding terminal. In addition, it is possible to spread the use of the secure Internet by preventing hackers from stealing passwords when using computers in vulnerable public places and computers that are hacked.

Claims (4)

인트라넷을 이용하려는 등록된 이용자가 패스워드를 잊었을 경우 이용자가 미리 등록된 자신의 핸드폰 번호를 컴퓨터 및 기타 로그인 하려는 단말기에 입력후 암호 확인 버튼을 클릭하는 단계(1)와;If the registered user who wants to use the intranet has forgotten his / her password, the user inputs his / her own registered mobile phone number to the computer and other terminal to log in and clicks the password confirmation button; 사용자 인증 서버에서 해당 번호를 이용하여 이용자 DB를 검색하는 단계(2)와;Searching (2) the user DB using the corresponding number at the user authentication server; 이용자가 존재할 경우 서버에 등록된 패스워드를 단말기로 SMS 전송하는 단계(3)와;(3) transmitting an SMS registered to the server to the terminal when the user exists; 이용자가 SMS 메시지를 이동통신 액정 패널이나 음성 사서함을 통해 확인하는 단계(4)로 구성되는, 이동통신 단말기를 이용해 인트라넷의 이용자 아이디 및 패스워드를 부여하는 방법;A step (4) of a user confirming an SMS message through a mobile communication liquid crystal panel or a voice mailbox, wherein the user is given a user ID and password of an intranet using a mobile communication terminal; 제1항에 있어서 공공장소 등 해킹의 위험이 있어 보안이 취약한 곳에서의 인트라넷 로그인의 경우,In the case of intranet login according to claim 1, where there is a risk of hacking such as a public place and the security is weak, 이용자가 미리 등록된 자신의 핸드폰 번호를 컴퓨터에 입력후 1-Time 암호 생성 버튼을 클릭하는 단계(1)와;Step (1) of the user inputting his / her own mobile phone number registered in the computer and clicking the 1-Time password generation button; 사용자 인증 서버에서 해당 번호를 이용하여 이용자의 DB를 검색하는 단계(2)와;Searching (2) the user's DB using the corresponding number in the user authentication server; 이용자가 존재할 경우에 서버가 이용자의 컴퓨터 IP address를 기록한 후 1-Time Random 패스워드를 생성하여 이용자의 등록된 핸드폰(단말기)로 SMS를 전송하는 단계(3)와;If the user is present, the server records the user's computer IP address and generates a 1-Time Random password to transmit the SMS to the user's registered mobile phone (terminal); 이용자가 SMS 메시지를 이동통신 액정 패널이나 음성 사서함을 통해 확인하여 인트라넷에 로그인 하는 단계(4)로 구성되는, 이동통신 단말기를 통해 인트라넷에 등록된 고객의 1-Time Password를 부여하는 방법A method for granting a 1-Time Password of a customer registered in an intranet through a mobile terminal, comprising the step (4) of a user checking an SMS message through a mobile communication liquid crystal panel or a voice mailbox and logging in to the intranet. 제2항에 있어서 1-Time Password는,The method of claim 2 wherein the 1-Time Password, 1-Time 암호 생성을 요구한 컴퓨터의 IP address와 로그인한 컴퓨터의 IP address가 같을 경우에만 로그인이 되도록 설정하는 단계(1)와;Setting (1) to log in only when the IP address of the computer requesting the 1-Time password generation and the IP address of the logged-in computer are the same; 1-Time Password의 인증완료시각부터 Password가 활성화되는 시간을 설정(예를들어 15분)하는 단계(2)와;Setting a time (eg, 15 minutes) for activating the password from the authentication completion time of the 1-Time Password (2); 설정시간동안 인트라넷을 이용하지 않을 시 자동으로 1-Time Password를 폐기하는 단계(3)로 이루어진 1-Time Password 부여 방법Method of granting 1-time password consisting of the step (3) of automatically discarding the 1-time password when the intranet is not used for the set time 위 1, 2, 3항의 청구내용을 이용하여 외부 인트라넷 제품이나 기타 이용자 인증이 필요한 서비스에 대하여 Function Link를 통한 인증 대행 서비스 (ASP:Application Service Provider)에 있어서By using the claims in paragraphs 1, 2, and 3 above, in the case of an application service provider (ASP), (1) 일반 소프트웨어 패키지의 경우(1) For general software packages - 해당 소프트웨어 패키지에 대한 Password Bank ASP 서비스를 등록하는 단계와;Registering a Password Bank ASP service for the software package; - 소프트웨어 패키지 인증 화면에 위 Password Bank ASP에 대한 인터넷 접속 링크를 생성하는 단계와;Creating an internet access link to the Password Bank ASP above on the software package authentication screen; - 이용자가 Password Bank ASP 링크를 클릭하는 단계와;The user clicking the Password Bank ASP link; - 등록된 패키지에서 접속 요청을 확인하는 단계와;Confirming a connection request in the registered package; - 해당 사용자 정보 DB 접속을 통해 위 1, 2, 3항의 내용을 처리하는 단계로 이루어진 인증 대행 서비스 방법-Authentication agency service method consisting of processing the above 1, 2, 3 through the user information DB access (2) ASP 서비스 업체의 경우(2) ASP Service Provider - 해당 ASP 서비스에 대한 Password Bank ASP 서비스를 등록하는 단계와;Registering a Password Bank ASP service for the corresponding ASP service; - ASP 서비스 인증 화면에 위 Password Bank ASP에 대한 인터넷 접속 링크를 생성하는 단계와;Creating an internet access link for the Password Bank ASP on the ASP service authentication screen; - 이용자가 Password Bank ASP 링크를 클릭하는 단계와;The user clicking the Password Bank ASP link; - 등록된 패키지에서 접속 요청을 확인하는 단계와;Confirming a connection request in the registered package; - 해당 사용자 정보 DB 접속을 통해 위1, 2, 3항의 내용을 처리하는 단계로 이루어진 인증 대행 서비스 방법-Authentication agency service method consisting of processing the above 1, 2, 3 through the user information DB access
KR1020000052035A 2000-09-04 2000-09-04 Anti-hacking Technique using mobile data terminal and temporary password KR20000072433A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020000052035A KR20000072433A (en) 2000-09-04 2000-09-04 Anti-hacking Technique using mobile data terminal and temporary password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020000052035A KR20000072433A (en) 2000-09-04 2000-09-04 Anti-hacking Technique using mobile data terminal and temporary password

Publications (1)

Publication Number Publication Date
KR20000072433A true KR20000072433A (en) 2000-12-05

Family

ID=19687140

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020000052035A KR20000072433A (en) 2000-09-04 2000-09-04 Anti-hacking Technique using mobile data terminal and temporary password

Country Status (1)

Country Link
KR (1) KR20000072433A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020046552A (en) * 2000-12-15 2002-06-21 김유승 method and apparatus for registration and use of voice password using personal information provided in mobile communication service system
KR20020092047A (en) * 2001-06-01 2002-12-11 주식회사 어니언소프트웨어 User evidence method for providing one-time password and apparatus for one-time password using that method
KR20030039033A (en) * 2001-11-09 2003-05-17 엘지전자 주식회사 Wireless internet fee service billing method
KR20040019704A (en) * 2002-08-29 2004-03-06 다림기술 주식회사 A method to prevent e-mail address from being stolew and communized on a metwork
KR100495472B1 (en) * 2001-07-09 2005-06-16 와이더댄 주식회사 System and Method for Wireless Internet Service, and Method for Accessing Wireless Internet Using the Same
KR100899928B1 (en) * 2002-11-12 2009-05-28 엘지전자 주식회사 Password Setting Function Of Digital Television Receiver Set

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5434918A (en) * 1993-12-14 1995-07-18 Hughes Aircraft Company Method for providing mutual authentication of a user and a server on a network
US5592553A (en) * 1993-07-30 1997-01-07 International Business Machines Corporation Authentication system using one-time passwords
KR19990078937A (en) * 1999-08-21 1999-11-05 최동호 User authenticate system using a second channel
KR20000012607A (en) * 1999-12-14 2000-03-06 심성식 certification system using radio communication device
WO2000029965A1 (en) * 1998-11-16 2000-05-25 Saison Information Systems Co., Ltd. Method and apparatus for network authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5592553A (en) * 1993-07-30 1997-01-07 International Business Machines Corporation Authentication system using one-time passwords
US5434918A (en) * 1993-12-14 1995-07-18 Hughes Aircraft Company Method for providing mutual authentication of a user and a server on a network
WO2000029965A1 (en) * 1998-11-16 2000-05-25 Saison Information Systems Co., Ltd. Method and apparatus for network authentication
KR19990078937A (en) * 1999-08-21 1999-11-05 최동호 User authenticate system using a second channel
KR20000012607A (en) * 1999-12-14 2000-03-06 심성식 certification system using radio communication device

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020046552A (en) * 2000-12-15 2002-06-21 김유승 method and apparatus for registration and use of voice password using personal information provided in mobile communication service system
KR20020092047A (en) * 2001-06-01 2002-12-11 주식회사 어니언소프트웨어 User evidence method for providing one-time password and apparatus for one-time password using that method
KR100495472B1 (en) * 2001-07-09 2005-06-16 와이더댄 주식회사 System and Method for Wireless Internet Service, and Method for Accessing Wireless Internet Using the Same
KR20030039033A (en) * 2001-11-09 2003-05-17 엘지전자 주식회사 Wireless internet fee service billing method
KR20040019704A (en) * 2002-08-29 2004-03-06 다림기술 주식회사 A method to prevent e-mail address from being stolew and communized on a metwork
KR100899928B1 (en) * 2002-11-12 2009-05-28 엘지전자 주식회사 Password Setting Function Of Digital Television Receiver Set

Similar Documents

Publication Publication Date Title
US7085840B2 (en) Enhanced quality of identification in a data communications network
US7496751B2 (en) Privacy and identification in a data communications network
US7275260B2 (en) Enhanced privacy protection in identification in a data communications network
Josang et al. Usability and privacy in identity management architectures
Chadwick Federated identity management
US6880079B2 (en) Methods and systems for secure transmission of information using a mobile device
CA2570045C (en) Network security and fraud detection system and method
JP5619007B2 (en) Apparatus, system and computer program for authorizing server operation
US20030084302A1 (en) Portability and privacy with data communications network browsing
CA2629776C (en) Authentication for service server in wireless internet and settlement using the same
EP1102157B1 (en) Method and arrangement for secure login in a telecommunications system
US20030084171A1 (en) User access control to distributed resources on a data communications network
US20070077916A1 (en) User authentication system and user authentication method
KR20100021818A (en) Method for authentication using one-time identification information and system
AU2007303059B2 (en) Secure multi-channel authentication
CA2346709A1 (en) Remote physician authentication service
WO2011083867A1 (en) Authentication device, authentication method, and program
CA2555465A1 (en) Method and apparatus for authentication of users and communications received from computer systems
KR20000072433A (en) Anti-hacking Technique using mobile data terminal and temporary password
JP2002091917A (en) Network security system and connection managing method utilizing the same
EP1513313A1 (en) A method of accessing a network service or resource, a network terminal and a personal user device therefore
Baker et al. PCASSO: applying and extending state-of-the-art security in the healthcare domain
JPWO2019234801A1 (en) Service provision system and service provision method
JP2007179214A (en) Network service anonymous billing system
KR101405832B1 (en) Login system and method through an authentication of user's mobile telecommunication

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E601 Decision to refuse application