KR20020086168A - The Disposable Random Password User Authentication Method & System Using Mobile Phone - Google Patents
The Disposable Random Password User Authentication Method & System Using Mobile Phone Download PDFInfo
- Publication number
- KR20020086168A KR20020086168A KR1020010025948A KR20010025948A KR20020086168A KR 20020086168 A KR20020086168 A KR 20020086168A KR 1020010025948 A KR1020010025948 A KR 1020010025948A KR 20010025948 A KR20010025948 A KR 20010025948A KR 20020086168 A KR20020086168 A KR 20020086168A
- Authority
- KR
- South Korea
- Prior art keywords
- user
- password
- mobile phone
- authentication server
- authentication
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
Abstract
Description
기존의 인증 방법은 인증 서버에 이미 저장되어 있는 사용자 아이디 및 패스워드를 사용자로부터 입력받은 아이디 및 패스워드와 비교하여 인증 여부를 결정하는 것으로, 이 방법은 아이디와 패스워드가 노출될 확률이 놓고 해킹 당할 위험이 크다.The existing authentication method compares the user ID and password already stored in the authentication server with the user ID and password received from the user to determine whether to authenticate. This method has a risk of being hacked due to the possibility of exposing the ID and password. Big.
패스워드의 노출을 방지하고 패스워드 해킹을 원천차단 하는 방법 및 장치를 제공하는데 본 발명의 목적이 있다.It is an object of the present invention to provide a method and apparatus for preventing the exposure of passwords and withholding password hacking.
이를 위하여 본 발명은 사용자 인증 서버가 사용자로부터 입력받은 사용자 아이디와 일대일 대응되는 일회용 무작위패스워드를 생성하는 단계, 생성된 패스워드를 사용자 아이디를 변수 명으로 하는 변수에 대입 상기 서버에 임시 저장하는 단계, 상기 서버가 통신망을 통하여 사용자가 소지하고 있는 휴대폰으로 상기 패스워드를 전송하는 단계, 휴대폰으로 전송된 상기 패스워드를 사용자가 읽고 이를 사용자의 컴퓨터를 통하여 상기 서버로 입력하는 단계, 상기 서버가 사용자로부터 전송 받은 패스워드와 이미 저장되어 있던 패스워드를 비교하여 인증하는 단계, 인증 후 상기 패스워드를 삭제하는 단계, 휴대폰 고유정보를 이용하여 패스워드의 도청 및 해킹을 방지하는 단계로 이루어진 것에 특징이 있다.To this end, the present invention comprises the steps of the user authentication server to generate a one-time random password corresponding to the user ID received from the user, a step of temporarily storing the generated password in the server to assign a user ID as a variable name, the temporary storage; Transmitting, by the server, the password to a mobile phone possessed by the user through a communication network; reading and inputting the password transmitted to the mobile phone to the server through a user's computer; Comparing with the previously stored password and the authentication step, deleting the password after the authentication, preventing the eavesdropping and hacking of the password using the unique information of the mobile phone.
도 1은 본 발명의 전체적인 시스템구조도 이다.1 is an overall system structure diagram of the present invention.
도 2는 본 발명에 따른 인증 서버의 인증 작업 순서도이다.2 is a flowchart illustrating an authentication operation of an authentication server according to the present invention.
도 3은 본 발명에 따른 휴대폰의 고유성 확인 및 고유성 상실 에 따른 인증작업 중단 및 경고 메시지 발송 순서도이다.3 is a flow chart illustrating a discontinuance of authentication work and a warning message according to a uniqueness check and a loss of uniqueness of a mobile phone according to the present invention.
이하 첨부된 도면에 의해 상세히 설명하면 다음과 같다.Hereinafter, described in detail by the accompanying drawings as follows.
도 1은 본 발명의 전체적인 시스템구조도이다. 응용서버(1)는 사용자(8)가 최종 이용목표로 하는 대상이다. 사용자 인증서버(2)는 사용자 아이디 인증, 일회용 무작위패스워드 생성, 저장, 발송 및 패스워드인증을 수행한다. 사용자 인증서버(2)는 도 2의 과정에 의해서 사용자(8) 인증을 한다. 도 2의 (가) 과정에서 사용자(8)가 사용자 컴퓨터(6)을 통하여 사용자 아이디를 사용자 인증서버(2)로 입력하면 사용자 인증서버(2)는 사용자 아이디의 인증 여부를 결전한다. 만일 사용자 아이디가 인증되면 사용자 인증서버(2)는 사용자 아이디를 변수명으로 하는 변수를 생성하고, 무작위 패스워드를 생성하여 상기 변수에 대입하여 사용자 인증서버(2)에 임시로 저장한다. 사용자 인증서버(2)는 패스워드를 저장한 후 상기 패스워드를휴대폰 통신망(5)을 통하여 사용자 휴대폰(7)으로 발송한다. 사용자(8)는 휴대폰의 LCD 화면으로부터 패스워드를 읽은 후 이 패스워드를 사용자 컴퓨터(6)를 통하여 사용자 인증서버(2)로 전송한다. 패스워드 인증이 끝나면 사용자 인증서버(2)는 임시로 저장하고 있던 일회용 무작위패스워드를 즉시 삭제한다.1 is an overall system structure diagram of the present invention. The application server 1 is a target that the user 8 intends for final use. The user authentication server 2 performs user ID authentication, one-time random password generation, storage, sending, and password authentication. The user authentication server 2 authenticates the user 8 by the process of FIG. In the process of FIG. 2A, when the user 8 inputs the user ID to the user authentication server 2 through the user computer 6, the user authentication server 2 determines whether the user ID is authenticated. If the user ID is authenticated, the user authentication server 2 generates a variable having the user ID as the variable name, generates a random password, substitutes the variable, and temporarily stores the variable in the user authentication server 2. The user authentication server 2 stores the password and sends the password to the user cellular phone 7 through the cellular phone communication network 5. The user 8 reads the password from the LCD screen of the cellular phone and transmits the password to the user authentication server 2 through the user computer 6. After the password authentication, the user authentication server (2) immediately deletes the one-time random password stored temporarily.
도 3은 휴대폰 인증서버(3)의 작업과정을 나타낸 순서도이다. 휴대폰 인증서버(3)는 휴대폰 통신망(5)을 통하여 일정한 시간 간격으로 사용자 휴대폰(7)의 고유성을 확인한다. 사용자 휴대폰(7)의 고유성이 확인되지 않는 경우 즉시 사용자 인증서버(2)로 사용자 인증 중단 요청신호를 보내고, 동시에 사용자 휴대폰(7)으로 도청 및 해킹 위험 메시지를 발송한다. 사용자 인증서버가(2) 휴대폰 인증서버(3)로부터 사용자 인증 중단요청 신호를 받게 되면 해당 사용자에 대한 모든 인증 작업을 중단한다. 사용자가 이미 사용자 인증을 확인 받고 응용서버(1)를 이용하고 있는 경우에 사용자 인증서버(2)는 사용자의 응용서버의 이용을 강제로 중단시킨다.3 is a flowchart showing the operation of the mobile phone authentication server (3). The mobile phone authentication server 3 checks the uniqueness of the user mobile phone 7 at regular time intervals through the mobile phone communication network 5. If the uniqueness of the user mobile phone (7) is not confirmed immediately sends a user authentication stop request signal to the user authentication server (2), and at the same time sends a eavesdropping and hacking risk message to the user mobile phone (7). When the user authentication server (2) receives a user authentication stop request signal from the mobile phone authentication server (3), all authentication work for the user is stopped. In the case where the user has already confirmed the user authentication and is using the application server 1, the user authentication server 2 forcibly stops using the application server of the user.
이상에서 상술한 바와같이 본 발명은, 일회용 무작위패스워드를 이용하여 사용자 인증을 함으로써 패스워드의 노출과 해킹위험을 원천적으로 차단할수 있는 것이다.As described above, the present invention, by authenticating the user by using a one-time random password can fundamentally block the exposure and the risk of hacking password.
Claims (3)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020010025948A KR20020086168A (en) | 2001-05-11 | 2001-05-11 | The Disposable Random Password User Authentication Method & System Using Mobile Phone |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020010025948A KR20020086168A (en) | 2001-05-11 | 2001-05-11 | The Disposable Random Password User Authentication Method & System Using Mobile Phone |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20020086168A true KR20020086168A (en) | 2002-11-18 |
Family
ID=27704664
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020010025948A KR20020086168A (en) | 2001-05-11 | 2001-05-11 | The Disposable Random Password User Authentication Method & System Using Mobile Phone |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20020086168A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20030046011A (en) * | 2001-12-03 | 2003-06-12 | 정은영 | Auto crytograph system of communication data and method of the same |
KR100650484B1 (en) * | 2001-11-20 | 2006-11-28 | 고나미 가부시끼가이샤 | Network system |
KR100788429B1 (en) * | 2006-01-16 | 2007-12-24 | 주식회사 드림시큐리티 | Dealings details inspection method |
KR101056112B1 (en) * | 2010-04-06 | 2011-08-10 | 지현준 | Computer booting control device |
WO2012020885A1 (en) * | 2010-08-12 | 2012-02-16 | Se Jin Pyo | An authentication method using two communication terminals |
KR101124230B1 (en) * | 2005-03-23 | 2012-03-27 | 주식회사 비즈모델라인 | System and Method for Dual-Authentication, Server and Recording Medium |
-
2001
- 2001-05-11 KR KR1020010025948A patent/KR20020086168A/en not_active Application Discontinuation
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100650484B1 (en) * | 2001-11-20 | 2006-11-28 | 고나미 가부시끼가이샤 | Network system |
KR20030046011A (en) * | 2001-12-03 | 2003-06-12 | 정은영 | Auto crytograph system of communication data and method of the same |
KR101124230B1 (en) * | 2005-03-23 | 2012-03-27 | 주식회사 비즈모델라인 | System and Method for Dual-Authentication, Server and Recording Medium |
KR100788429B1 (en) * | 2006-01-16 | 2007-12-24 | 주식회사 드림시큐리티 | Dealings details inspection method |
KR101056112B1 (en) * | 2010-04-06 | 2011-08-10 | 지현준 | Computer booting control device |
WO2012020885A1 (en) * | 2010-08-12 | 2012-02-16 | Se Jin Pyo | An authentication method using two communication terminals |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9451454B2 (en) | Mobile device identification for secure device access | |
KR100506432B1 (en) | Method for enabling pki functions in a smart card | |
CN111131242A (en) | Authority control method, device and system | |
US20150304850A1 (en) | System and method for transaction security responsive to a signed authentication | |
KR101028882B1 (en) | System and method for providing user authentication one time password using a wireless mobile terminal | |
JP6609788B1 (en) | Information communication device, authentication program for information communication device, and authentication method | |
CN110278179B (en) | Single sign-on method, device and system and electronic equipment | |
CN109831435B (en) | Database operation method, system, proxy server and storage medium | |
CN104702580A (en) | Multi-communication-channel authentication authorization platform system and method | |
US20230336982A1 (en) | Virtual key sharing system and method | |
CN110516470A (en) | Access control method, device, equipment and storage medium | |
JP2005167412A (en) | Communication system, communication terminal and server apparatus used in communication system, and connection authentication method used for communication system | |
CN111949959B (en) | Authorization authentication method and device in Oauth protocol | |
CN112712372A (en) | Alliance chain cross-chain system and information calling method | |
JP4020520B2 (en) | Connected device | |
KR20020086168A (en) | The Disposable Random Password User Authentication Method & System Using Mobile Phone | |
KR20210116407A (en) | Cross authentication method and system between online service server and client | |
KR101803535B1 (en) | Single Sign-On Service Authentication Method Using One-Time-Token | |
KR101739446B1 (en) | User authentication system and user authentication method therefor | |
KR101386363B1 (en) | One-time passwords generator for generating one-time passwords in trusted execution environment of mobile device and method thereof | |
CN110798836A (en) | Switching method and device for eSIM (embedded subscriber identity Module) card terminal equipment | |
CN109460647A (en) | A kind of method that more equipment safeties log in | |
JP2001282667A (en) | Authentication server-client system | |
KR101718368B1 (en) | System and method of a security communication using biometrics | |
KR20090132963A (en) | System and method for processing log-in request |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WITN | Withdrawal due to no request for examination |