KR20100001404A - Onlineauthentication - Google Patents

Onlineauthentication Download PDF

Info

Publication number
KR20100001404A
KR20100001404A KR1020080061298A KR20080061298A KR20100001404A KR 20100001404 A KR20100001404 A KR 20100001404A KR 1020080061298 A KR1020080061298 A KR 1020080061298A KR 20080061298 A KR20080061298 A KR 20080061298A KR 20100001404 A KR20100001404 A KR 20100001404A
Authority
KR
South Korea
Prior art keywords
authentication
mobile phone
user
wireless
authentication code
Prior art date
Application number
KR1020080061298A
Other languages
Korean (ko)
Inventor
전령일
Original Assignee
전령일
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 전령일 filed Critical 전령일
Priority to KR1020080061298A priority Critical patent/KR20100001404A/en
Publication of KR20100001404A publication Critical patent/KR20100001404A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/08Upper layer protocols
    • H04W80/12Application layer protocols, e.g. WAP [Wireless Application Protocol]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

PURPOSE: An online-authentication is provided to secure a high level safety such as a user authentication of public certificate based, so being applied to wireless internet banking and a wireless civil affair document issuing service. CONSTITUTION: A web server](111) receives a wireless authentication related information including the authentication code identifier from a user terminal. A WAP server(112) supplies an application service to a cellular phone according to the authentication result. A wireless authentication server(114) supplies the authentication result of the cellular phone to the WAP server. An authentication database(115) stores wireless authentication related information including the authentication code.

Description

무선 인터넷 환경하에서 인증서를 이용한 핸드폰 사용자인증시스템 및 방법{onlineauthentication}Mobile phone user authentication system and method using certificate in wireless internet environment {onlineauthentication}

상기한 종래기술의 문제점을 해결하기 위하여 안출된 본 발명의 목적은 인증서를 기반으로 하는 전자서명 기술과 일회용The object of the present invention devised to solve the above problems of the prior art is a certificate-based digital signature technology and disposable

인증코드를 생성하는 원타임패스워드(One Time Password) 기술을 이용하여 무선 인터넷 환경하에서 핸드폰 사용자의Using One Time Password technology to generate a verification code

신원을 인증하는 시스템 및 방법을 제공하기 위한 것이다.It is intended to provide a system and method for authenticating identity.

본 발명은 무선 인터넷 환경하에서의 사용자 인증시스템 및 방법에 관한 것으로서, 보다 상세하게는 인증서를 이용하여 무The present invention relates to a user authentication system and method in a wireless Internet environment, and more particularly, using a certificate.

선 인터넷을 사용하는 핸드폰 사용자의 신원을 인증하는 시스템 및 방법에 관한 것이다.A system and method for authenticating the identity of a mobile phone user using the Internet.

지금까지 무선 인터넷 환경하에서 핸드폰 사용자를 인증하는 방법으로서, 다음 2 가지 방법이 있다.So far, there are two methods for authenticating a mobile phone user in a wireless Internet environment.

첫 번째 방법은 무선 인터넷용 인증서를 이용하는 방법이다. 현재 유선 인터넷망에 서 사용하는 공인인증서는 가장 안전한The first method is to use a certificate for wireless Internet. Currently, the certificate used in the wired Internet network is the most secure

사용자 인증방법이나 유선 인터넷망에서 사용되는 공인인증서를 무선 인터넷 환경에 직접 적용할 수는 없기 때문에 공인Since the user authentication method or the public certificate used in the wired Internet network cannot be directly applied to the wireless Internet environment,

인증기관들은 무선 인증서 규격을 따로 제정하고 무선 인증서를 발급하기 위한 시스템을 별도로 구축하고 있다. 그러나,Certificate Authorities are enacting separate wireless certificate standards and building separate systems for issuing wireless certificates. But,

이 무선 인증서도 핸드폰에서 실시간 처리되는 것이 현실적으로 어렵기 때문에 핸드폰에서 실 서비스가 이루어지지 못하Since this wireless certificate is practically difficult to be processed in real time on the mobile phone, the real service cannot be performed on the mobile phone.

는 문제점이 있다.Has a problem.

두 번째 방법은 핸드폰에 인터넷 뱅킹을 위한 전용 칩을 삽입하여 이 전용 칩을 이용하여 사용자 인증을 하는 방법이다. 이The second method is to insert a dedicated chip for internet banking into a mobile phone and authenticate the user using the dedicated chip. this

방법은 이동통신회사와 은행이 함께 협력하여 핸드폰에 전용 칩을 삽입하고, 이 전용 칩을 가진 사용자만이 인터넷 뱅킹을The solution is that the mobile operator and the bank work together to insert a dedicated chip into the mobile phone.

이용할 수 있도록 한다. 이 방법은 비교적 안전한 방식이기는 하나 핸드폰에 전용 칩을 내장하여야 하기 때문에 핸드폰의Make it available. This method is a relatively safe method, but since a dedicated chip must be embedded in the mobile phone,

비용이 상승하게 되며, 전용 칩에 내장된 인증 메카니즘이 제3자에게 노출될 경우 시스템의 안정성이 확보되지 못하는 위The cost will rise, and if the authentication mechanism embedded in the dedicated chip is exposed to third parties, the stability of the system will not be secured.

험이 있다. 또한, 공인인증서와 같이 국가로부터 공인받은 사용자 인증방법이 아니라 사업자들이 개발한 인증방법이기 때There is a hum. In addition, it is not a user authentication method certified by the state like an accredited certificate, but an authentication method developed by operators.

문에 국가 민원서류 발급 등과 같은 공적인 신원 확인이 필요한 서비스에는 적용할 수 없는 문제점이 있다.There is a problem that cannot be applied to services that require public identification, such as issuing national civil documents.

내용없음No content

내용없음No content

이상과 같이 본 발명에 따르면, 핸드폰을 이용한 사용자 신원확인이 공인인증서 기반의 사용자 인증과 같은 높은 수준의According to the present invention as described above, user identification using a mobile phone is a high level of authentication, such as user authentication based on the certificate

안전성이 확보되기 때문에, 무선인터넷뱅킹과 핸드폰을 이용한 민원서류발급서비스 등에 적용할 수 있는 효과가 있다.Since the security is secured, there is an effect that can be applied to the issuance of civil documents using wireless Internet banking and mobile phones.

상기한 목적을 달성하기 위한 본 발명의 한 실시예에 따른 무선 인터넷 환경하에서 인증서를 이용한 핸드폰 사용자 인증시Cell phone user authentication using a certificate in a wireless Internet environment according to an embodiment of the present invention for achieving the above object

스템은, 임의의 사용자의 사용자단말기와 유선인터넷을 통해 접속된 웹서버와, 상기 사용자의 핸드폰과 무선인터넷을 통The system includes a web server connected through a user terminal of any user and a wired internet, a mobile phone of the user and a wireless internet.

해 접속된 왑서버와, 상기 핸드폰 인증을 위한 무선인증관련정보를 관리 및 폐기하는 무선인증서버를 포함한 핸드폰 사용Mobile phone use including a wireless access server that manages and discards wireless access-related information for mobile phone authentication.

자 인증시스템에서의 핸드폰 사용자 인증방법에 있어서,In the mobile phone user authentication method in the user authentication system,

상기 사용자단말기로부터 핸드폰 인증 이용 신청이 입력되면, 상기 웹서버는 상기 사용자단말기 사용자를 인증서 기반으When a mobile phone authentication application request is inputted from the user terminal, the web server authenticates the user of the user terminal based on a certificate.

로 인증하고, 상기 사용자단말기에게 초기비밀값을 인증가능 총 횟수(n)만큼 반복적으로 해쉬한 결과값인 인증코드확인자Authentication code confirmer which is a result of repeatedly hashing the initial secret value to the user terminal by the total number of times of authentication possible (n)

를 생성하도록 요청하며, 상기 사용자단말기로부터 상기 인증코드확인자를 포함한 무선인증관련정보를 입력받는 제 1 단Requesting to generate a first terminal and receiving wireless authentication related information including the authentication code checker from the user terminal;

계와;The system;

상기 무선인증서버는 상기 인증코드확인자를 포함하는 무선인증관련정보를 저장하는 제 2 단계와;상기 핸드폰으로부터 응용서비스 이용 신청이 입력되면, 상기 왑서버는 상기 핸드폰에게 인증횟수(j)를 1 증가시킨 후 상A second step of storing the wireless authentication related information including the authentication code checker; when an application service use request is input from the mobile phone, the swap server increases the authentication number j by the mobile phone by 1; After letting go

기 초기비밀값을 n-j번 반복적으로 해쉬한 결과값인 인증코드를 생성하도록 요청하며, 상기 핸드폰으로부터 상기 인증코Request to generate an authentication code which is the result of repeatedly hashing the initial secret value n-j times, and

드를 포함한 정보를 입력받는 제 3 단계와;A third step of receiving information including the card;

상기 왑서버로부터 인증코드가 입력되면, 상기 무선인증서버는 상기 저장된 인증코드확인자를 이용하여 상기 인증코드를When the authentication code is input from the swap server, the wireless authentication server uses the stored authentication code checker to obtain the authentication code.

검증하여 상기 핸드폰을 인증하고, 상기 핸드폰의 인증결과를 상기 왑서버에게 제공하는 제 4 단계와;Verifying and authenticating the mobile phone, and providing a verification result of the mobile phone to the swap server;

상기 왑서버는 상기 핸드폰 인증결과에 따라 상기 핸드폰에게 상기 응용서비스를 제공하는 제 5 단계를 포함한 것을 특징으로 한다.The swap server may include a fifth step of providing the application service to the mobile phone according to the mobile phone authentication result.

내용없음No content

Claims (1)

사용자단말기와 유선인터넷을 통해 연결되며, 상기 사용자단말기로부터 핸드폰 인증 이용 신청이 입력되면, 상기 사용자Connected via a user terminal and a wired Internet, when a mobile phone authentication application request is input from the user terminal, the user 단말기 사용자를 인증서 기반으로 인증하고, 상기 사용자단말기에게 초기비밀값을 인증가능 총 횟수(n)만큼 반복적으로The terminal user is authenticated based on the certificate, and the user terminal is repeatedly authenticated to the user terminal by the total number (n) of authentication possible. 해쉬한 결과값인 인증코드확인자를 생성하도록 요청하며, 상기 사용자단말기로부터 상기 인증코드확인자를 포함한 무선Requesting to generate a hash code result authentication code confirmer, and wirelessly including the authentication code checker from the user terminal. 인증관련정보를 입력받는 웹서버와;A web server for receiving authentication related information; 핸드폰과 무선인터넷을 통해 연결되며, 상기 핸드폰으로부터 응용서비스 이용 신청이 입력되면, 상기 핸드폰에게 인증횟Connected via a mobile phone and the wireless Internet, when an application service application request is input from the mobile phone, the authentication number to the mobile phone 수(j)를 1 증가시킨 후 상기 초기비밀값을 n-j번 반복적으로 해쉬한 결과값인 인증코드를 생성하도록 요청하며, 상기 핸드After the number j is increased by 1, a request is made to generate an authentication code which is a result of hashing the initial secret value n-j times repeatedly. 폰으로부터 상기 인증코드를 포함한 정보를 입력받고, 상기 핸드폰의 인증결과에 따라 상기 핸드폰에게 상기 응용서비스Receives the information including the authentication code from the phone, the application service to the mobile phone according to the authentication result of the mobile phone 를 제공하는 왑서버와;Providing a swap server; 상기 웹서버로부터 상기 무선인증관련정보를 입력받아 인증데이터베이스에 저장하고, 상기 왑서버로부터 인증코드가 입Receives the wireless authentication related information from the web server, stores it in an authentication database, and enters an authentication code from the swap server. 력되면 상기 인증데이터베이스에 저장된 인증코드확인자를 이용하여 상기 인증코드를 검증하여 상기 핸드폰을 인증하고,If so, verify the authentication code using the authentication code checker stored in the authentication database to authenticate the mobile phone, 상기 핸드폰의 인증결과를 상기 왑서버에게 제공하는 무선인증서버와;A wireless authentication server for providing an authentication result of the mobile phone to the swap server; 상기 인증코드확인자를 포함하는 무선인증관련정보를 저장하는 인증데이터베이스와;An authentication database for storing wireless authentication related information including the authentication code checker; 상기 사용자에 관한 정보를 저장하는 사용자데이터베이스를 포함한 것을 특징으로 하는 무선 인터넷 환경하에서 인증서를Certificate in a wireless Internet environment, characterized in that it comprises a user database for storing information about the user 이용한 핸드폰 사용자 인증시스템.Mobile phone user authentication system.
KR1020080061298A 2008-06-27 2008-06-27 Onlineauthentication KR20100001404A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020080061298A KR20100001404A (en) 2008-06-27 2008-06-27 Onlineauthentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020080061298A KR20100001404A (en) 2008-06-27 2008-06-27 Onlineauthentication

Publications (1)

Publication Number Publication Date
KR20100001404A true KR20100001404A (en) 2010-01-06

Family

ID=41811709

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020080061298A KR20100001404A (en) 2008-06-27 2008-06-27 Onlineauthentication

Country Status (1)

Country Link
KR (1) KR20100001404A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101395325B1 (en) * 2011-07-19 2014-05-16 주식회사 비즈모델라인 Method and System for Operating One Time Signature Key
KR101475434B1 (en) * 2013-11-28 2014-12-23 주식회사 비즈모델라인 System for Operating Server type Signature Key

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101395325B1 (en) * 2011-07-19 2014-05-16 주식회사 비즈모델라인 Method and System for Operating One Time Signature Key
KR101475434B1 (en) * 2013-11-28 2014-12-23 주식회사 비즈모델라인 System for Operating Server type Signature Key

Similar Documents

Publication Publication Date Title
TWI749577B (en) Two-dimensional bar code processing method, device and system
JP5601729B2 (en) How to log into a mobile radio network
CN110149328B (en) Interface authentication method, device, equipment and computer readable storage medium
US10050791B2 (en) Method for verifying the identity of a user of a communicating terminal and associated system
TW201741922A (en) Biological feature based safety certification method and device
US20180302227A1 (en) Method for generating an electronic signature
US9350538B2 (en) Revocation status using other credentials
RU2011153984A (en) TRUSTED AUTHORITY ADMINISTRATOR (TIM)
KR100548638B1 (en) Creating and authenticating one time password using smartcard and the smartcard therefor
KR101829730B1 (en) Method for certifying a user by using mobile id through blockchain database, and terminal and server using the same
CN104994114A (en) Identity authentication system and method based on electronic identification card
JP2012530311A5 (en)
WO2017076216A1 (en) Server, mobile terminal, and internet real name authentication system and method
CN106161348B (en) Single sign-on method, system and terminal
CN101527634B (en) System and method for binding account information with certificates
CN103684797B (en) User and the association authentication method and system of subscriber terminal equipment
WO2014110877A1 (en) Mobile terminal device and user authentication method based on pki technology
CN104660417B (en) Verification method, checking device and electronic equipment
KR20070084801A (en) Creating and authenticating one time password using smartcard and the smartcard therefor
US8601270B2 (en) Method for the preparation of a chip card for electronic signature services
JP2015194879A (en) Authentication system, method, and provision device
CN108400989B (en) Security authentication equipment, method and system for shared resource identity authentication
WO2016150034A1 (en) Virtual sim card management method, device and system
KR101548933B1 (en) System for securiting mobile and method therefor
KR101635598B1 (en) Method, device, and system for authentication

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application