KR20020086168A - The Disposable Random Password User Authentication Method & System Using Mobile Phone - Google Patents

The Disposable Random Password User Authentication Method & System Using Mobile Phone Download PDF

Info

Publication number
KR20020086168A
KR20020086168A KR1020010025948A KR20010025948A KR20020086168A KR 20020086168 A KR20020086168 A KR 20020086168A KR 1020010025948 A KR1020010025948 A KR 1020010025948A KR 20010025948 A KR20010025948 A KR 20010025948A KR 20020086168 A KR20020086168 A KR 20020086168A
Authority
KR
South Korea
Prior art keywords
user
password
mobile phone
authentication server
authentication
Prior art date
Application number
KR1020010025948A
Other languages
Korean (ko)
Inventor
허성구
Original Assignee
허성구
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 허성구 filed Critical 허성구
Priority to KR1020010025948A priority Critical patent/KR20020086168A/en
Publication of KR20020086168A publication Critical patent/KR20020086168A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication

Abstract

PURPOSE: A method and a system for authenticating a disposable random password user using a cellular phone are provided to prevent disclosure or hacking of a password by using a disposable random password method. CONSTITUTION: A user authentication server(2) is used for authenticating an user's ID, generating, storing, and transmitting a disposable random password, and identifying a password of the user. The user authentication server(2) performs an authentication process for the user(8). The user(8) inputs the user's ID into a user computer(6). The user's ID is inputted into the user authentication server(2) through the computer(6). The user authentication server(2) authenticates the user's ID, generates a variable according to the user's ID, generates a random password, and stores the random password. The user authentication server(2) stores the password and transmits the password to a user cellular phone(7) through a cellular phone communication network(5). The user(8) the password to the user authentication server(2) through user computer(6). The user authentication server(2) erases the stored disposable random password.

Description

휴대폰을 이용한 일회용 무작위패스워드 사용자 인증방법 및 시스템{The Disposable Random Password User Authentication Method & System Using Mobile Phone}Disposable Random Password User Authentication Method & System Using Mobile Phone

기존의 인증 방법은 인증 서버에 이미 저장되어 있는 사용자 아이디 및 패스워드를 사용자로부터 입력받은 아이디 및 패스워드와 비교하여 인증 여부를 결정하는 것으로, 이 방법은 아이디와 패스워드가 노출될 확률이 놓고 해킹 당할 위험이 크다.The existing authentication method compares the user ID and password already stored in the authentication server with the user ID and password received from the user to determine whether to authenticate. This method has a risk of being hacked due to the possibility of exposing the ID and password. Big.

패스워드의 노출을 방지하고 패스워드 해킹을 원천차단 하는 방법 및 장치를 제공하는데 본 발명의 목적이 있다.It is an object of the present invention to provide a method and apparatus for preventing the exposure of passwords and withholding password hacking.

이를 위하여 본 발명은 사용자 인증 서버가 사용자로부터 입력받은 사용자 아이디와 일대일 대응되는 일회용 무작위패스워드를 생성하는 단계, 생성된 패스워드를 사용자 아이디를 변수 명으로 하는 변수에 대입 상기 서버에 임시 저장하는 단계, 상기 서버가 통신망을 통하여 사용자가 소지하고 있는 휴대폰으로 상기 패스워드를 전송하는 단계, 휴대폰으로 전송된 상기 패스워드를 사용자가 읽고 이를 사용자의 컴퓨터를 통하여 상기 서버로 입력하는 단계, 상기 서버가 사용자로부터 전송 받은 패스워드와 이미 저장되어 있던 패스워드를 비교하여 인증하는 단계, 인증 후 상기 패스워드를 삭제하는 단계, 휴대폰 고유정보를 이용하여 패스워드의 도청 및 해킹을 방지하는 단계로 이루어진 것에 특징이 있다.To this end, the present invention comprises the steps of the user authentication server to generate a one-time random password corresponding to the user ID received from the user, a step of temporarily storing the generated password in the server to assign a user ID as a variable name, the temporary storage; Transmitting, by the server, the password to a mobile phone possessed by the user through a communication network; reading and inputting the password transmitted to the mobile phone to the server through a user's computer; Comparing with the previously stored password and the authentication step, deleting the password after the authentication, preventing the eavesdropping and hacking of the password using the unique information of the mobile phone.

도 1은 본 발명의 전체적인 시스템구조도 이다.1 is an overall system structure diagram of the present invention.

도 2는 본 발명에 따른 인증 서버의 인증 작업 순서도이다.2 is a flowchart illustrating an authentication operation of an authentication server according to the present invention.

도 3은 본 발명에 따른 휴대폰의 고유성 확인 및 고유성 상실 에 따른 인증작업 중단 및 경고 메시지 발송 순서도이다.3 is a flow chart illustrating a discontinuance of authentication work and a warning message according to a uniqueness check and a loss of uniqueness of a mobile phone according to the present invention.

이하 첨부된 도면에 의해 상세히 설명하면 다음과 같다.Hereinafter, described in detail by the accompanying drawings as follows.

도 1은 본 발명의 전체적인 시스템구조도이다. 응용서버(1)는 사용자(8)가 최종 이용목표로 하는 대상이다. 사용자 인증서버(2)는 사용자 아이디 인증, 일회용 무작위패스워드 생성, 저장, 발송 및 패스워드인증을 수행한다. 사용자 인증서버(2)는 도 2의 과정에 의해서 사용자(8) 인증을 한다. 도 2의 (가) 과정에서 사용자(8)가 사용자 컴퓨터(6)을 통하여 사용자 아이디를 사용자 인증서버(2)로 입력하면 사용자 인증서버(2)는 사용자 아이디의 인증 여부를 결전한다. 만일 사용자 아이디가 인증되면 사용자 인증서버(2)는 사용자 아이디를 변수명으로 하는 변수를 생성하고, 무작위 패스워드를 생성하여 상기 변수에 대입하여 사용자 인증서버(2)에 임시로 저장한다. 사용자 인증서버(2)는 패스워드를 저장한 후 상기 패스워드를휴대폰 통신망(5)을 통하여 사용자 휴대폰(7)으로 발송한다. 사용자(8)는 휴대폰의 LCD 화면으로부터 패스워드를 읽은 후 이 패스워드를 사용자 컴퓨터(6)를 통하여 사용자 인증서버(2)로 전송한다. 패스워드 인증이 끝나면 사용자 인증서버(2)는 임시로 저장하고 있던 일회용 무작위패스워드를 즉시 삭제한다.1 is an overall system structure diagram of the present invention. The application server 1 is a target that the user 8 intends for final use. The user authentication server 2 performs user ID authentication, one-time random password generation, storage, sending, and password authentication. The user authentication server 2 authenticates the user 8 by the process of FIG. In the process of FIG. 2A, when the user 8 inputs the user ID to the user authentication server 2 through the user computer 6, the user authentication server 2 determines whether the user ID is authenticated. If the user ID is authenticated, the user authentication server 2 generates a variable having the user ID as the variable name, generates a random password, substitutes the variable, and temporarily stores the variable in the user authentication server 2. The user authentication server 2 stores the password and sends the password to the user cellular phone 7 through the cellular phone communication network 5. The user 8 reads the password from the LCD screen of the cellular phone and transmits the password to the user authentication server 2 through the user computer 6. After the password authentication, the user authentication server (2) immediately deletes the one-time random password stored temporarily.

도 3은 휴대폰 인증서버(3)의 작업과정을 나타낸 순서도이다. 휴대폰 인증서버(3)는 휴대폰 통신망(5)을 통하여 일정한 시간 간격으로 사용자 휴대폰(7)의 고유성을 확인한다. 사용자 휴대폰(7)의 고유성이 확인되지 않는 경우 즉시 사용자 인증서버(2)로 사용자 인증 중단 요청신호를 보내고, 동시에 사용자 휴대폰(7)으로 도청 및 해킹 위험 메시지를 발송한다. 사용자 인증서버가(2) 휴대폰 인증서버(3)로부터 사용자 인증 중단요청 신호를 받게 되면 해당 사용자에 대한 모든 인증 작업을 중단한다. 사용자가 이미 사용자 인증을 확인 받고 응용서버(1)를 이용하고 있는 경우에 사용자 인증서버(2)는 사용자의 응용서버의 이용을 강제로 중단시킨다.3 is a flowchart showing the operation of the mobile phone authentication server (3). The mobile phone authentication server 3 checks the uniqueness of the user mobile phone 7 at regular time intervals through the mobile phone communication network 5. If the uniqueness of the user mobile phone (7) is not confirmed immediately sends a user authentication stop request signal to the user authentication server (2), and at the same time sends a eavesdropping and hacking risk message to the user mobile phone (7). When the user authentication server (2) receives a user authentication stop request signal from the mobile phone authentication server (3), all authentication work for the user is stopped. In the case where the user has already confirmed the user authentication and is using the application server 1, the user authentication server 2 forcibly stops using the application server of the user.

이상에서 상술한 바와같이 본 발명은, 일회용 무작위패스워드를 이용하여 사용자 인증을 함으로써 패스워드의 노출과 해킹위험을 원천적으로 차단할수 있는 것이다.As described above, the present invention, by authenticating the user by using a one-time random password can fundamentally block the exposure and the risk of hacking password.

Claims (3)

사용자 인증 서버가 사용자로부터 입력받은 사용자 아이디와 일대일 대응되는 일회용 무작위 패스워드를 생성, 생성된 패스워드를 사용자 아이디를 변수 명으로 하는 변수에 대입 상기 서버에 임시 저장, 상기 패스워드를 사용자 휴대폰으로 발송하는 것을 특징으로 하는 사용자 인증 방법 및 시스템.The user authentication server generates a one-time random password that corresponds one-to-one with the user ID input from the user, substitutes the generated password into a variable whose user ID is the variable name, and temporarily stores it in the server, and sends the password to the user's mobile phone. User authentication method and system. 사용자가 사용자 휴대폰으로부터 일회용 무작위 패스워드를 읽은후 이 패스워드를 사용자 컴퓨터를 통하여 사용자 인증서버로 입력하는 단계, 입력받은 패스워드와 사용자 인증서버에 임시 저장 되어있던 패스워드를 비교하여 인증하는 단계, 인증 후 사용자 인증서버에 저장 되어있던 패스워드를 삭제하는 단계를 특징으로 하는 사용자 인증방법 및 시스템.The user reads the one-time random password from the user's mobile phone and inputs the password to the user authentication server through the user's computer, and compares the received password with the password temporarily stored in the user authentication server, and authenticates the user after authentication. User authentication method and system characterized in that for deleting the password stored in the server. 사용자 휴대폰 인증서버(3)가 휴대폰 통신망(5)을 통하여 일정한 시간 간격으로 사용자 휴대폰(7)의 고유성을 확인하고. 사용자 휴대폰(7)의 고유성이 확인되지 않는 경우 즉시 사용자 인증서버(2)로 사용자 인증 중단 요청신호를 보내고, 동시에 사용자 휴대폰(7)으로 도청 및 해킹 위험 메시지를 발송하는 단계. 사용자 인증서버가(2) 휴대폰 인증서버(3)로부터 사용자 인증 중단요청 신호를 받게 되면 해당 사용자에 대한 모든 인증 작업을 중단하는 단계. 사용자가 이미 사용자 인증을 확인 받고 응용서버(1)를 이용하고 있는 중에 휴대폰 인증서버로부터 사용자 인증중단요청 신호를 받게 된 경우 사용자 인증서버(2)가 사용자의 응용서버의 이용을 강제로 중단시키는 단계를 특징으로 하는 사용자 휴대폰 인증 방법 및 시스템The user mobile phone authentication server 3 checks the uniqueness of the user mobile phone 7 at regular time intervals through the mobile phone communication network 5. If the uniqueness of the user mobile phone (7) is not confirmed immediately sends a user authentication stop request signal to the user authentication server (2), and at the same time sends a eavesdropping and hacking risk message to the user mobile phone (7). When the user authentication server (2) receives a user authentication stop request signal from the mobile phone authentication server (3), the step of stopping all authentication work for the user. If the user is already confirmed the user authentication and receives the user authentication stop request signal from the mobile phone authentication server while using the application server (1), the user authentication server (2) forcibly stops using the application server of the user User mobile phone authentication method and system characterized in that
KR1020010025948A 2001-05-11 2001-05-11 The Disposable Random Password User Authentication Method & System Using Mobile Phone KR20020086168A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020010025948A KR20020086168A (en) 2001-05-11 2001-05-11 The Disposable Random Password User Authentication Method & System Using Mobile Phone

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020010025948A KR20020086168A (en) 2001-05-11 2001-05-11 The Disposable Random Password User Authentication Method & System Using Mobile Phone

Publications (1)

Publication Number Publication Date
KR20020086168A true KR20020086168A (en) 2002-11-18

Family

ID=27704664

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020010025948A KR20020086168A (en) 2001-05-11 2001-05-11 The Disposable Random Password User Authentication Method & System Using Mobile Phone

Country Status (1)

Country Link
KR (1) KR20020086168A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030046011A (en) * 2001-12-03 2003-06-12 정은영 Auto crytograph system of communication data and method of the same
KR100650484B1 (en) * 2001-11-20 2006-11-28 고나미 가부시끼가이샤 Network system
KR100788429B1 (en) * 2006-01-16 2007-12-24 주식회사 드림시큐리티 Dealings details inspection method
KR101056112B1 (en) * 2010-04-06 2011-08-10 지현준 Computer booting control device
WO2012020885A1 (en) * 2010-08-12 2012-02-16 Se Jin Pyo An authentication method using two communication terminals
KR101124230B1 (en) * 2005-03-23 2012-03-27 주식회사 비즈모델라인 System and Method for Dual-Authentication, Server and Recording Medium

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100650484B1 (en) * 2001-11-20 2006-11-28 고나미 가부시끼가이샤 Network system
KR20030046011A (en) * 2001-12-03 2003-06-12 정은영 Auto crytograph system of communication data and method of the same
KR101124230B1 (en) * 2005-03-23 2012-03-27 주식회사 비즈모델라인 System and Method for Dual-Authentication, Server and Recording Medium
KR100788429B1 (en) * 2006-01-16 2007-12-24 주식회사 드림시큐리티 Dealings details inspection method
KR101056112B1 (en) * 2010-04-06 2011-08-10 지현준 Computer booting control device
WO2012020885A1 (en) * 2010-08-12 2012-02-16 Se Jin Pyo An authentication method using two communication terminals

Similar Documents

Publication Publication Date Title
US9451454B2 (en) Mobile device identification for secure device access
KR100506432B1 (en) Method for enabling pki functions in a smart card
CN111131242A (en) Authority control method, device and system
US20150304850A1 (en) System and method for transaction security responsive to a signed authentication
KR101028882B1 (en) System and method for providing user authentication one time password using a wireless mobile terminal
JP6609788B1 (en) Information communication device, authentication program for information communication device, and authentication method
CN110278179B (en) Single sign-on method, device and system and electronic equipment
CN109831435B (en) Database operation method, system, proxy server and storage medium
CN104702580A (en) Multi-communication-channel authentication authorization platform system and method
US20230336982A1 (en) Virtual key sharing system and method
CN110516470A (en) Access control method, device, equipment and storage medium
JP2005167412A (en) Communication system, communication terminal and server apparatus used in communication system, and connection authentication method used for communication system
CN111949959B (en) Authorization authentication method and device in Oauth protocol
CN112712372A (en) Alliance chain cross-chain system and information calling method
JP4020520B2 (en) Connected device
KR20020086168A (en) The Disposable Random Password User Authentication Method & System Using Mobile Phone
KR20210116407A (en) Cross authentication method and system between online service server and client
KR101803535B1 (en) Single Sign-On Service Authentication Method Using One-Time-Token
KR101739446B1 (en) User authentication system and user authentication method therefor
KR101386363B1 (en) One-time passwords generator for generating one-time passwords in trusted execution environment of mobile device and method thereof
CN110798836A (en) Switching method and device for eSIM (embedded subscriber identity Module) card terminal equipment
CN109460647A (en) A kind of method that more equipment safeties log in
JP2001282667A (en) Authentication server-client system
KR101718368B1 (en) System and method of a security communication using biometrics
KR20090132963A (en) System and method for processing log-in request

Legal Events

Date Code Title Description
WITN Withdrawal due to no request for examination