KR20100137331A - Multiple authentication system for participating of tele-conference - Google Patents

Abstract

PURPOSE: A multi-stage authentication system for participating in remote telephone conference is provided to guarantee the convenience of remote telephone conference, thereby enhancing the security. CONSTITUTION: A participant authentication system connects conference and participant(S207,S208) when inputting additional password for searching the conference which conference participant oneself enters the conference(S204~S206). The participant authentication system receives password number of the participant for participation once again. The participant authentication system confirms whether the participant is a reserved participant. An authentication system enables a conference master to permit the participant by listening to the name of a participant as a prerecorded file in a system.

Description

       Multi-factor authentication system for remote conference call {MULTIPLE AUTHENTICATION SYSTEM FOR PARTICIPATING OF TELE-CONFERENCE}

The present invention relates to a multi-level authentication system for participating in a teleconference, and more particularly, to a multi-level authentication system for improving identity security and authentication security of a participant in a remote voice conference.

When a company's employees or members of the public gather to exchange opinions or negotiate, there is a need for a meeting, which can be done remotely using telephone or video function without meeting. In the case of video conferencing, it is necessary to prepare in advance such as a dedicated software, a dedicated line and high-definition line for a video, and a camera. However, in a general conference call, a high-quality conference can be promptly carried out using only a mobile phone or a telephone.

This multi-party conference call has high speed, convenience, and space, but has a problem of low security due to the problem of not being able to directly see who is attending the conference.

The present invention provides a method and a function to greatly increase the security of authentication of a multi-party teleconference within the scope of not impairing the speed and convenience of attendees so as to have the same or higher security as the level of the face-to-face conference.

The overall configuration is as follows.

1 is a flowchart illustrating a method of authenticating an attendee when participating in a conventional conference call. Conventional participant authentication technology is largely divided into two, one of which is the left part of Figure 1 is a simple password check method. A detailed authentication procedure for part A) of FIG. 1 will be described below.

The meeting master calls the center providing the conference service and notifies the operator (exchange operator or OP) of the meeting time and date to schedule a meeting (S100). After registering the reservation information in the conference system, the operator informs the conference master of the conference attendance password, which is automatically generated (S101), by telephone or e-mail together with the conference access phone number. The meeting master notifies the conference participants individually by telephone or e-mail of the conference access phone number, password for participation, and the meeting time.

Meeting participants who have been informed of the meeting information from the meeting master call the telephone number for the conference access (S102), and in the conference system, the answering machine receives the call and inputs the meeting attendance password through the telephone button (DTMF) (S103). Then, the conference system searches for the meeting corresponding to the password (S104) and connects the attendee's telephone line to the corresponding meeting to enter the meeting participant into the meeting room (S105).

When the attendee enters the meeting room, the system sends an electronic sound to the whole meeting room (S106), and the person or the meeting master who has already attended confirms with a voice who knows who the new attendee is in the meeting room. You will continue the meeting later. At the same time, the problem of authentication security is that if multiple attendees enter a password and enter a meeting, a lot of electronic tones overlap, and even if the meeting master confirms the attendee, the malicious attendee is silent without saying anything. It is difficult to know whether or not to attend the meeting, so the meeting master is always forced to proceed with the anxiety of eavesdropping. Due to these problems, teleconferences cannot be used and face-to-face meetings are required for meetings that need to be more secure about the contents and authentication of meetings.

'B) Calling Number and Conference Service Access Number Authentication Method' of FIG. 1 is also described in detail as another conventional technology.

The related art is a caller ID and access number authentication method that is mainly used by the main telecommunication service provider. When the conference master first calls the conference center to schedule a meeting (S107), the conference master stores the caller's calling number in the conference system as reservation information and receives a conference center access number separately for each conference (S108). Afterwards, the meeting master notifies the meeting participants by phone or email of the access number and time of the meeting.

Afterwards, the meeting master enters the conference room and waits for participants before the meeting begins. Unlike A) of FIG. 1), the meeting participant calls the access-informed telephone number (S109) in advance and enters the meeting without a password by checking the calling party's caller number already stored at the time of reservation by the conference system itself (S110). Done.

In this case, the conference service provider sets the billing target by the caller's calling number, so if the meeting master does not attend the meeting, the meeting is automatically blocked and all the participants who have entered the meeting are listening while listening to music. do. In other words, if the meeting master is not in the meeting, the charge is not possible, so the meeting is stopped.

If the attendee enters the meeting while the meeting master has already attended, the attendant is identified by sending an electronic sound to the conference room and asking who is in the conference room as described in FIG. In addition, when a large number of attendees enter the conference room at the same time, there is a high possibility that authentication security problems occur because it is difficult to identify who is who.

In order to solve this security problem, the present invention allows the conference master to store both the conference access telephone number of the conference center and the outgoing call telephone number for the conference attendance when making a reservation in advance in the conference server DB. Perform the initial authentication by using the calling number and access number of, and as the next step, authenticate again as the meeting password and attendance password, and then record the attendee's name using the auto answering and recording system. When the recording is notified by the method, the conference master maximizes authentication security by allowing the attendee to enter the conference.

The present invention can reduce the inconvenience of attendees because the caller ID and access number authentication is automatically performed when the attendant calls the conference center to attend the conference, and the attendant recording is also recorded through the automatic answering system. There is no great inconvenience, and when using the automatic answering system and conference control system in the future, it is easy to press '1' or '2' on the front of the phone to give the conference master admission. Has the effect of maximizing.

As mentioned above, the problem that the participant's password or conference access number leaks or accidentally falls into another conference room is recognized as a problem in the security of the remote conference, and therefore, in the case of an important conference, there is no choice but to face-to-face meetings. Over time and time-consuming problems arise. However, to increase the security by simply increasing the number of passwords, the risk of leakage is not completely solved in advance, and the inconvenience of attendees increases with the security, causing doubt about the use of teleconference. .

The present invention provides a system and method for improving security while ensuring convenience of teleconference.

The present invention is to overcome the inverse relationship between the conventional security and convenience and to provide a security level of the face-to-face meeting to be prepared for password leakage, even if the attendees press the minimum password for meeting entry, the meeting master reserves in advance Automatic authentication using the information, and after the meeting master hears the name of the meeting participants, it is finally allowed to enter the meeting.

The present invention is a means for solving the inverse relationship between security and convenience has a five-step authentication step as shown in Figure 4 using the functions of the conference system in the range that the attendees are not inconvenient, and the meeting master directly Instead, it provides a way to identify and approve participants as much as possible in advance, as a function of the conference system.

The present invention provides the weak security of non-face-to-face meetings through multi-level authentication and the final admission of the meeting master in providing a voice conference method for easily meeting the people who need the meeting in processing important tasks. It is effective to greatly improve security.

In addition, the present invention has the effect of contributing to the prevention of global warming by reducing the carbon emissions required to move the meeting participants for the meeting.

Hereinafter, with reference to the drawings will be described in detail for the practice of the present invention.

2 and 3 is a representative configuration of the present invention, when described procedurally from the beginning of the top as follows.

First, the meeting master, who must convene or host a meeting, calls the conference center before starting the meeting, reveals the meeting scheduler, and schedules the meeting (S200).

The conference center checks a few procedures to confirm that the scheduler who wants to schedule the meeting is received, enters the reservation information in the conference system by receiving the reservation contents (S201), and informs the meeting master of the automatically generated meeting master password and attendance password. At the same time, it can be implemented to notify the entrance authentication information by Email and SMS.

At the next meeting time, the meeting master enters the meeting room in advance as the meeting room's highest authority by accessing the meeting using the specially authorized meeting master password assigned to him or by calling the meeting master at the conference center. (S203). If the meeting master does not enter the meeting and the attendees try to enter the meeting, the meeting master cannot be authenticated.

After the meeting master enters the meeting, the attendees call the access number previously assigned to attend the meeting, and the system displays the caller's outgoing telephone number and access number from the DB that the meeting master has previously informed the conference center. The authentication is performed to search and confirm whether the attendee is a proper participant (S205). If the access number and the outgoing call number do not match those stored in the DB, the call is dropped.

Participants who pass the first step number authentication again hear a comment to enter a password for meeting classification through the ARS function provided by the conference system, and enter a meeting password (S206). If the meeting password is correct, it is determined that the meeting room authentication is completed, and the procedure for confirming the meeting attendance password is entered. In the same manner, the attending password is input by pressing the number buttons on the telephone (S208), and if it is correct, the participant name recording step (S209). Will be skipped).

At this time, even if it is confirmed that the attendee is the right attendee for the meeting, re-entering the meeting password is considered by the conference system regardless of the operator's number resource, considering that the access number is reused due to the limitation of the operator's number resource. By re-assigning and authenticating the conference password that can be assigned, it is possible to prevent the risk of access number leak.

The following is an explanation related to authentication, which is the most important element of the present invention, which is described in FIG. 3, which is actually connected to FIG. 2, but divided by FIG. 3 due to increased complexity. The lower part will be described in detail with reference to FIG.

As shown in FIG. 3, this means that the meeting master approves the meeting participants who have already undergone the pre-authentication stage as described in FIG. 2. The conference system uses the MMS (Multimedia Messaging Service) to the meeting master. Send to the mobile phone (S300) to listen directly to the mobile phone who wants to attend the meeting room, and sends a URL (Uniform Resource Locator) SMS (Short Message Service) to the mobile phone (S301) immediately the meeting master For the participant who wants to attend at present, the mobile phone may perform a command to permit admission (S305) to the mobile phone (S302).

If the meeting master does not have a mobile phone or does not want to allow attendees to be admitted by the mobile phone, the meeting master can enter the meeting and use the telephone connected to the meeting to control entry.

When the participant completes his or her name input (S209), the system prints a message to the conference master's phone, saying "XXX participants want to enter the conference. Press 1 on the phone to enter or press 2 to not enter." (S303) and wait. The meeting master who listens to the comment will enter the attendees as desired (S304) or deny entry to block the attendant who violates security.

Figure 4 is a description of a method and a state transition with respect to the method of performing a five-step authentication, the detailed description is as follows and Figures A) B) C) D) E) of Figure 4 made of blocks in detail after each Describe the flow and procedures as flowcharts.

Referring to FIG. 4, the step-by-step authentication of FIG. 4 is implemented in the system. FIG. 4A) shows that the conference master who convenes the conference call calls the conference center and confirms his / her reservation information. Enter and get a password from the system. The main reservation information items managed in the system are the same as in S300.

Next, FIG. 4B shows that the first and second levels of authentication are automatically performed by using the information reserved in advance regardless of the operation of the attendee or the operation of the meeting master. Even if there are no or active meetings, if the outgoing telephone number and access number of the attendees do not match those reserved for the meeting, the attendee's telephone line is pre-blocked (S401). In other words, if the access telephone number and the calling number for the conference connection previously distributed to the attendees are not correct, the call is blocked at the source, so that the first and second stages of authentication are simultaneously performed.

Next, as shown in step C) of FIG. 5, the system outputs a guidement so that a participant who passed the previous step B) can be inputted a password for distinguishing a meeting room in order to confirm exactly which meeting he / she wants to attend. If the participant completes the input of the meeting room classification password, the system finds the meeting room and requires the input of the password for the attendee to classify the attendees and authenticate the attendees (S402). If the participant enters a password assigned to the participant, after checking the grade and the attendance of the participant, the process proceeds to step D) 'recording the participant name' of FIG.

Figure 4 D) 'Attendee Name Recording' step is to record the participant name to confirm who wants to attend later to the meeting master, this also makes it easy for attendees to record using the ARS automatic comment. In order to reduce the inconvenience when the participant records, the automatic voice recognition function can be used to automate the start and end of recording without pressing a special DTMF (Dual Tone Multi Frequency) button. When the recording is completed in advance, when the reservation is automatically made in advance, the recorded voice of the attendant is transmitted to the mobile phone of the conference master stored in the reservation DB using the MMS function (S403). At this time, URL SMS message can be sent to the conference master's mobile phone, which is connected to the conference line participant line of the conference system and mobile phone internet. You can control admission. This is a method of performing four-factor authentication.

Next, FIG. 5E is a five-step authentication function that allows the conference master to hear the voice of the person who wants to participate in the conference, and to allow the attendee to finally enter the conference. It is an approval stage. There are two ways for the meeting master to grant the meeting entry, one of which may be selected from S301 and S303 of FIG. S301 is a method in which the meeting master listens to a participant's name received by the mobile phone MMS and immediately accepts or rejects by pressing '1' or '2' on the mobile phone using the command function of the URL SMS immediately following. S303 outputs the voices of the participants who have already been recorded so that they can be heard by all the participants in the conference room in progress. The meeting master wants to attend by pressing '1' or '2' on his / her conference phone. Approve or reject for the attendees (S304).

The overall configuration for the procedural description is shown in step A) B) C) D) E) step by step in Figure 4, the detailed implementation method is added to the depth of Figure 4 A) in Figure 5 and B) in Figure 6 C) is described with reference to FIG. 7 and E) is described with reference to FIG. 8.

Next, detailed procedures for the implementation will be described in detail with reference to FIGS. 5 to 8.

FIG. 5 is a detailed implementation-oriented description of how the system operates when a conference master or a person who wants to make a reservation calls the conference center to make a reservation and performs a service thereof. When the conference master (S501) calls the conference center and provides advance information to the operator (S500) for the necessary meeting afterwards, the operator inputs the corresponding information into the system (S502) to provide authentication and conference services at a later conference operation time. The system provides the password, and the system-generated password (S505) is notified to the meeting master through SMS and Email (S504) so that the meeting master can know. In this case, the reservation information may be implemented to allow the meeting master to directly input (S503) through the Internet.

Figure 6 illustrates in detail the procedure and method for performing authentication whether the person who can attend with the calling number and access number in the system through the example.

As can be seen from S502 of FIG. 5, the caller's calling number is notified in advance while the conference master makes a reservation to the conference center and is entered into the system (S603). (S601) First, the caller's call number and access number of the attendant are compared (S602), and if it does not match with the active meeting (S603) at the corresponding time, it is determined that the authentication failure (S602) (S604).

Fig. 7 shows an example of a conference room that is active at the time when the attendee who wants a conference call to the conference access number and presses the conference password using the button of the telephone. If you enter the attendance password given to the attendee, it describes in detail how it works. The actual operation procedure is as follows.

Participants will be asked to press the password for distinguishing the meeting room through the ARS (Automatic Response System) voice message.When the meeting number is pressed, the system checks whether it matches one of the meeting room passwords activated at that time (S700) and matches the meeting. If there is a room, the ARS voice message is activated to press the attendee's individual password. The meeting participant performs a participant password authentication (S701) by inputting a meeting attendance password notified by SMS or Email from the meeting master in advance on the phone.

After the attendee password authentication is completed, the process proceeds to the step of recording the attendee's name.

In FIG. 8, when the attendees who passed all the pre-certifications finally record their names to be used for admission of the meeting master before entering the meeting, the participants can speak their names according to the ARS voice message guidelines from the system. Recording control module (S800) is to produce the name of the attendees in the recording file (S801) to store on the disk. Next, the stored attendee's recording file is transmitted to the conference master's mobile phone by using the MMS transmission module, and the SMS message is sent to the attendee's calling number for reference as an auxiliary means (S803).

After sending the MMS message to the conference master's mobile phone, the message is sent in succession using the URL SMS message transmission module (S804). This message is a message receiver can send a command to the mobile phone. Press to automatically send the attendance permission message to the system through the mobile phone Internet control module (S806), and press the '2' will be sent to the system. The conference control module (S805) of the system takes an action of entering or disconnecting a participant's line into a conference using an entrance control message of a conference master transmitted through a mobile phone Internet control module.

FIG. 9 is another method in which the meeting master controls the meeting position for the participants similarly to the previous FIG. 8, and the meeting master controls the entry of the meeting using a general telephone connected to the meeting while the meeting is in progress. This function can be implemented so that everyone can know which attendees are requested to add by requesting the attendant's name recording file so that all attendees who have already entered the conference room can listen to it. Can be.

Referring to Fig. 9, the participant speaks his / her name to the telephone according to the instructions of the system's ARS statement and records the recording to make a recording file. The other part will output the recorded file recorded by the participant's name in the meeting room where the meeting master is entered without transmitting the recording file to the MMS as a voice using the meeting room output module (S900).

The comment that the conference system outputs to the meeting room is not simply to output only the attendee's name, but to facilitate the meeting master's control of the meeting's position like S901. "XXX participants are waiting for the permission of the meeting master to enter the meeting. Make a comment and output it to the conference room as sound. When the meeting master hears a request for control of the meeting position, the conference master presses a number button on the telephone connected to the current voice conference to control the attendee's entry to the meeting room. At this time, the system uses the conference room entrance control module (S902) to enter an attendee into the conference room or take an operation of disconnecting the corresponding telephone line.

Although described above with reference to the drawings and embodiments, those skilled in the art that the present invention can be variously modified and changed within the scope without departing from the spirit of the invention described in the claims below I can understand.

The present invention is a remote telephone conference (teleconference) service that is widely used not only in the country but also in the world, the biggest advantage that can proceed the meeting without direct visits and face-to-face meetings is the lack of security from the user If the service is performed based on the enhanced security proposed by the present invention, the service provider can generate profits from a premium service with a high service fee, and the company uses the security. Since the meeting can be conducted as a state, it can be expected to be industrially effective.

1 is a flow chart showing the operation of the authentication system for participating in a conventional meeting.

Figure 2 is a flow chart described as the operating center of the participants and the meeting master in the form of multi-factor authentication in accordance with the present invention.

Figure 3 is a view described as a whole to view the steps and flow from left to right from top to bottom when performing the multi-step authentication in accordance with the present invention.

Figure 4 is a diagram illustrating the automatic authentication when the participant dial-up using the corresponding information after registering in advance in the reservation DB when performing the multi-level authentication according to the present invention.

Figure 5 is a functional diagram illustrating the operation in the center of the example for performing the calling number + access number authentication in the multi-step authentication in accordance with the present invention.

6 is a multi-step authentication in accordance with the present invention after the attendees call the center as the access number after the authentication of Figure 5 after the authentication of the meeting room using the password given by the attendees themselves example and center and function The figure described in figure form.

FIG. 7 is a diagram illustrating how an attendee who has completed authentication up to FIG. 6 in the multi-factor authentication according to the present invention records his / her name in the system, transmits the name to the conference master through a mobile phone, and the conference master controls the attendee. .

8 is a diagram illustrating how the meeting master hears the name of the attendee in the meeting room and permits admission to the meeting room in the multi-factor authentication according to the present invention.

 <Description of the code | symbol about the principal part of drawings>

S301: Control of meeting location using URL SMS

S303: Participant entrance control during conference entry

S400: pre-booking information authentication S401: caller ID + access number authentication

S402: meeting room password and attendee password authentication

S403: Record attendee's name S404: Permission to enter meeting master

Claims (4)

Claims [1] A method of authenticating a promised participant in a voice conference call system, the method comprising: a system for authenticating by using an outgoing telephone number called by an attendee and an access number when a participant calls a conference system to access a conference call; When meeting attendees try to find a meeting they want to enter, they enter a separate password to associate (match) the meeting with the attendees, and then again receive the attendee's password to see if they are in advance. Attendee authentication system; An authentication system for allowing the meeting master to listen to the attendee's name as a pre-recorded file in the system and to permit permission; A multi-level authentication system that can perform high-level face-to-face security authentication while undergoing authentication as a multi-step without inconvenience for participants in the weak teleconferencing; The method according to claim 1, Attendees who want to attend meetings that have passed pre-authentication can save the names of the participants entered into the system as files and automatically send the files to the meeting master using MMS so that the meeting master can control the attendance. Attendee's name recording and meeting position control unit; The method according to claim 2, Transmitting unit for transmitting the name of the attendees to the conference master mobile phone by MMS; A URL conference entry system configured to send a URL SMS to a conference master mobile phone and then receive a conference position control command for an attendee of the conference master through the mobile phone Internet to perform conference entry control of an attendee; The method according to claim 1, Participant's name file saved as recorded file is output to the conference master's telephone line that enters the conference room, and the conference master can use the button on the phone to immediately enter or disallow attendees from the conference room. An interactive conference entry system;

Images