KR20110087178A - Usb security device with way for secure user-authentication and method of authentication - Google Patents

Usb security device with way for secure user-authentication and method of authentication Download PDF

Info

Publication number
KR20110087178A
KR20110087178A KR1020100006706A KR20100006706A KR20110087178A KR 20110087178 A KR20110087178 A KR 20110087178A KR 1020100006706 A KR1020100006706 A KR 1020100006706A KR 20100006706 A KR20100006706 A KR 20100006706A KR 20110087178 A KR20110087178 A KR 20110087178A
Authority
KR
South Korea
Prior art keywords
input
button switch
password
usb
security device
Prior art date
Application number
KR1020100006706A
Other languages
Korean (ko)
Inventor
서정훈
이정엽
Original Assignee
서정훈
이정엽
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 서정훈, 이정엽 filed Critical 서정훈
Priority to KR1020100006706A priority Critical patent/KR20110087178A/en
Publication of KR20110087178A publication Critical patent/KR20110087178A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a USB security device and an authentication method having a secure user authentication means. The USB security device with more secure user authentication means is composed of USB port and button switch that connects the host computer and the USB security device with USB, supplies power to the USB security device from the host computer, and enables data transmission and reception between each other. When the button switch is input, the input unit for transmitting a signal that the button switch is input to the control unit, consisting of an LED, an output unit for informing the user to input the button switch, and transmits and receives data through the host computer and the USB port, Receives the password inputted to the keyboard connected to the host computer through the USB port and transmits it to the smart card IC, transmits a signal informing the user to input the button switch to the output unit, and transmits whether the button switch is input to the smart card IC. Control unit, the registered digital signature key and the registered ratio in the internal storage space It stores the password and compares the password received from the control unit with the registered password and if the comparison result does not match, the internal encryption function, digital signature key generation function, electronic signature function, electronic financial transaction function, authorized certificate Block access to the signature key, if the comparison result is matched, wait for the user to input the button switch for a certain time, and if the button switch is not input within a certain time, the internal encryption function, digital signature key generation function, digital signature Function, e-financial transaction function, access to authorized certificate e-signature key, and if the button switch is input within a certain time, internal encryption function, e-signature key generation function, e-signature function, e-financial transaction function, Secure, characterized in that it includes a smart card IC to allow access to the public certificate digital signature key The user provides a secure USB device with authentication means.
The present invention has a button switch input process that the user can only do offline during the user authentication process, the password is exposed by the keyboard hacking program in the state that the USB security device is mounted on the PC, so that important data stored inside the USB security device is lost. This prevents damage that may occur due to leakage or misuse of the USB security device without the user's knowledge.
In addition, the device can be easily implemented by using a button switch without using separate input / output devices such as keypad and LCD for safe user authentication, and the USB security device can be manufactured to a size that can be carried in a key ring or a mobile phone. This maximizes portability and convenience compared to existing devices that use keypads and LCDs as input / output units, respectively, and provides portability, convenience, and security like security tokens, secure USB, smart card readers, and portable financial devices. It can be applied to a wide range of important industries.

Description

USB security device with way for secure user-authentication and method of authentication}

The present invention relates to a secure user authentication means for a USB security device, and a security device and an authentication method applying the same effectively.

As the Internet and Internet banking become more common, security incidents related to various Internet banking are also increasing. In particular, financial security incidents such as leaking the certificate stored in the hard disk of a PC cause serious problems. The leakage of the public certificate means the leakage of the digital signature key that technically corresponds to the public certificate.

By using the security token, it is possible to prevent the leakage of the digital signature key at the source to prevent financial security accidents caused by the leakage of the certificate.

A security token is a hardware device that can safely store and store secret information such as an electronic signature key, and is a hardware device that can not be leaked outside of the secret information.It has a process and cryptographic operation device that can generate an electronic signature key, generate and verify an electronic signature, etc. It is a hardware device.

In general, a smart token IC is used to implement a security token in the form of a USB interface. It is also possible to use the smart card reader and smart card IC together with the security token.

To prevent such financial security incidents, the Financial Supervisory Service, the Korea Internet Security Agency (former Korea Information Security Agency), and banks recommend the use of security tokens.

With the rapid development of NAND flash memory capacity and price, USB memory has become the most representative removable storage medium.

Many people all over the world store and use various kinds of data in USB memory.However, general USB memory has no security function, so anyone can access the data stored inside, and data leakage occurs frequently due to USB memory loss. have. In order to prevent data leakage caused by the loss of USB memory, the introduction of a secure USB that allows access to the data stored in the user is required.

In fact, the National Intelligence Service enacted the 'Auxiliary Storage Management Guidelines' in 2007 and mandated the use of secure USB by government departments, public corporations and local governments.

In order to use the USB security device such as the security token and the secure USB, the user authentication process must be performed. The user authentication method generally uses a password authentication method. Biometric authentication, such as fingerprint authentication or iris authentication, can be used, but password authentication is common because it incurs additional costs.

When the user installs a USB security device such as a security token and a secure USB device on the PC, a window for inputting a password appears, and the user inputs a password through the keyboard of the PC. The device can be used.

However, the password input method through the keyboard of the PC has the risk of exposing the password by the keyboard hacking program installed in the PC.

If the password is exposed by the keyboard hacking program while the USB security device is installed in the PC, the important data stored inside the USB security device may be leaked by the hacker or the USB security device may be misused without the user's knowledge.

There are various security softwares to prevent keyboard hacking, but it has not fundamentally prevented keyboard hacking.

In order to overcome this problem, the device itself has a built-in input means for inputting a password such as a keypad and an output means such as an LCD for checking the entered password. Checking the password entered through the built-in keypad and the LCD embedded in the device, not the monitor of the PC, it is possible to fundamentally prevent the leakage of password by the keyboard hacking program installed in the PC.

6 is a security device incorporating a keypad as a password input means and an LCD as an output means. 7 is a security device with only a keypad as an input means. Referring to Figures 6 and 7, the keypad is built in as an input means. For this reason, the size of the device is increased, and if the LCD is added as an output means, the device becomes larger, which is difficult to carry.

USB security devices such as the security token and the security USB described above are large enough to be placed on a key ring or a mobile phone, so that the portability is convenient and the utilization of the USB security device can be increased, thereby creating a new market. 6 and 7, therefore, it is difficult to apply a large keypad and LCD as input / output means to a USB security device such as the security token and the security USB.

In order to solve the above-mentioned problems, the present invention configures a button switch in a USB security device such as a security token and a secure USB, inputs a password through a keyboard, and then inputs a button switch configured in the USB security device for end user authentication. The password is exposed by the keyboard hacking program while the USB security device is installed in the PC to prevent the damage that may occur due to the leakage of important data stored inside the USB security device or the incorrect use of the USB security device without the user's knowledge. An object of the present invention is to provide a USB security device and an authentication method.

It also aims to provide a USB security device that is easy to implement and is portable and convenient by using easy-to-implement and inexpensive button switches without using separate input / output devices such as keypad and LCD for safe user authentication. It is done.

In addition, the password input of the user authentication process without the use of a separate device, such as a keypad, the purpose of convenient input to the keyboard of the PC.

In order to achieve the above object, the present invention comprises a USB port, a button switch that connects the host computer and the USB security device by USB, supplies power to the USB security device from the host computer, and enables data transmission and reception between each other. When the button switch is input, the input unit for transmitting a signal that the button switch is input to the control unit, consisting of an LED, an output unit for informing the user to input the button switch, and transmits and receives data through the host computer and the USB port, the host computer Receives the password input to the keyboard connected to the USB port through the smart card IC, and transmits a signal to inform the user to input the button switch to the output unit, the control unit for transmitting the input or not of the button switch to the smart card IC Stores the digital certificate key and registered password in the internal storage space, If the comparison result is not matched with the password received from the control unit and the registered password, access to the internal encryption function, digital signature key generation function, electronic signature function, electronic financial transaction function, authorized certificate digital signature key If the comparison result matches, wait for the user to input the button switch for a certain time, and if the button switch is not input within the predetermined time, the internal encryption function, the digital signature key generation function, the electronic signature function, and the electronic financial transaction function If the button switch is input within a certain time, the internal encryption function, the digital signature key generation function, the electronic signature function, the electronic financial transaction function, the official certificate electronic signature key are blocked. A secure user authentication means comprising a smart card IC to allow access to Provides a true USB security device.

In addition, when the USB security device is used for the first time, the user's password is input through the host computer's keyboard and stored in the internal storage of the smart card IC. In the step, the control unit receives the user's password entered through the USB port via the USB port to pass to the smart card IC, smart card IC comparing the input password and the registered password, if the registered password and input If the comparison result of the encrypted password does not match, the smart card IC blocks access to the internal encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, and public certificate digital signature key. Button switch to the user if the comparison result of the entered password matches the entered password Informing the input, the control unit waits for a button switch input for a certain time, if the button switch is not input for a certain time, the control unit transmits that the button switch is not input to the smart card IC, the button from the control unit The smart card IC, which has received a signal that the switch has not been input, blocks access to the internal encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, and public certificate digital signature key. When the button switch is input inside, the control unit transmits the input of the button switch to the smart card IC, and the smart card IC received the signal that the button switch is input from the control unit has an internal encryption function, an electronic signature key generation function, and an electronic signature function. , E-financial transaction functions, access to authorized certificates, digital signature keys It provides an authentication method of a USB security device having a secure user authentication means, characterized in that it comprises a step.

In addition, according to another aspect of the present invention, the host computer and the USB security device is connected to the USB, and supplies power to the USB security device from the host computer, and is composed of a USB port, a button switch to enable data transmission between each other, the button When the switch is input, the input unit for transmitting a signal that the button switch is input to the control unit, consisting of an LED, an output unit for notifying the user to input the button switch, a memory unit for storing data and registered password in the internal storage space, Data is transmitted and received through the USB port with the host computer, the password input from the keyboard connected to the host computer is received through the USB port, and the registered password read from the memory unit is compared with the input password. If this does not match, access to the memory is blocked, and if the comparison result is In this case, the user is informed to input the button switch through the output unit, and waits for the user to input the button switch for a predetermined time, and if the button switch is not input within a predetermined time, the access to the memory unit is blocked, and if the predetermined time is Provided is a USB security device with a secure user authentication means comprising a control unit for allowing access to the memory unit when the button switch is input therein.

In addition, a password registration step of receiving a user's password through the host computer's keyboard and storing it in a memory unit when the USB security device is first used, and inputting the user's password to the keyboard of the host computer when the USB security device is authenticated. Receiving the user's password entered through the keyboard through the USB port, and reading the password registered in the memory unit and comparing the input password and the registered password, if the comparison result does not match, the control unit for the memory unit Blocking access, if the comparison result is matched to inform the user to enter the button switch, the control unit waits for input of the button switch for a certain time, if the button switch is not input within a certain time, the control unit Blocking access to the memory unit, if any When the button switch in an input control unit provides the authentication method of the USB security device with a secure user authentication means, it characterized in that it comprises the step of allowing access to the memory unit.

According to the present invention, since there is a button switch input process that the user can only perform offline during the user authentication process, the password is exposed by the keyboard hacking program while the USB security device is mounted on the PC and stored in the USB security device. It is effective in preventing damage that may occur due to data leakage or misuse of the USB security device without the user's knowledge.

In addition, the device can be easily implemented by using a button switch without using separate input / output devices such as keypad and LCD for safe user authentication, and the USB security device can be manufactured to a size that can be carried in a key ring or a mobile phone. This maximizes portability and convenience compared to existing devices that use keypads and LCDs as input / output units, respectively, and provides portability, convenience, and security like security tokens, secure USB, smart card readers, and portable financial devices. It can be applied to a wide range of important industries.

In addition, the password input of the user authentication process can be conveniently entered using a PC keyboard, without using a separate device such as a keypad.

1 is a block diagram including a USB security device having a secure user authentication means of the first preferred embodiment of the present invention.
Fig. 2 is a flowchart showing a method of authenticating a USB security device with secure user authentication means in the first embodiment of the present invention.
3 is a block diagram including a USB security device with secure user authentication means in a second preferred embodiment of the present invention.
4 is a flowchart showing an authentication method of a USB security device having a secure user authentication means in the second embodiment of the present invention.
5 is a perspective view showing the USB security device.
6 is a security device incorporating a keypad as a password input means and an LCD as an output means.
7 is a security device with only a keypad as an input means.

Prior to the detailed description of the present invention will be briefly summarized the technical spirit of the present invention.

The present invention relates to a secure user authentication in a USB security device, and the USB security device illegally secured by an online hacking program installed in a PC by adding a step that can only be performed offline to the authentication process. Prevent the device from being used. In addition, if the USB security device is lost, you must enter the password on the keyboard. If the password is incorrect for more than a certain number of times (usually 5 times), the USB security device can be locked. After all, the offline authentication step, such as button switch input (pressing the button switch), is a countermeasure for an online hacking program. Implement secure user authentication offline.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

Hereinafter, a first preferred embodiment of the present invention will be described with reference to FIGS.

1 is a block diagram including a USB security device having a secure user authentication means of the first preferred embodiment of the present invention. The block diagram is largely divided into a host computer 300 and a USB security device 100. The USB security device 100 includes a USB port 110, a control unit 120, an input unit 130, an output unit 140, and a smart device. The card IC 150 is included.

The USB port 110 connects the host computer 300 and the USB security device 100 by USB, supplies power to the USB security device 100 from the host computer 300, and enables data transmission and reception between each other.

The input unit 130 includes a button switch, and when the button switch is input, transmits a signal indicating that the button switch is input to the controller 120.

The output unit 140 is composed of LED and is used as a means for informing a user to input a button switch. For example, the LED can be turned On from On, or the LED can be turned on at regular intervals from the On to notify the user of a button switch input. In addition, the output unit 140 may be implemented by opening a message window for notifying the button switch input to the buzzer or the monitor screen of the PC in addition to the LED.

The control unit 120 transmits and receives data to and from the host computer 300 through the USB port 110, and receives the password inputted from the keyboard connected to the host computer 300 through the USB port 110. The controller 150 transmits the signal to the output unit 140 informing the user to input the button switch, and transmits whether the button switch is input to the smart card IC 150.

The smart card IC 150 stores the official certificate digital signature key and the registered password in an internal storage space, and compares the password received from the controller 120 with the registered password and if the comparison result does not match. If the encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, and authorized certificate electronic signature key are blocked, and the comparison result is matched, wait for user's button switch input for a certain period of time. If the button switch is not input within the time, access to the internal encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, and public certificate electronic signature key is blocked. When inputted, internal encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, public certificate electronic signature key Allow for access.

In addition, the smart card IC 150 configures a security function of the USB security device (100). Specifically, the official certificate is safely stored in an internal storage space, and the stored official certificate is blocked from being leaked to the outside of the smart card IC 150. It also provides encryption, digital signature key generation, digital signature, and electronic financial transaction functions.

For reference, since the configuration of the security token and the combination of the smart card reader and the smart card are the same, the first embodiment of the present invention is equally applied to the smart card reader.

5 is a perspective view showing the USB security device 100. Referring to FIG. 5, the input unit 130 configured as a button switch is located on the opposite side of the USB port 110, and the output unit 140 configured as an LED is configured on the upper surface of the USB security device 100. The button switch and the LED may be configured in various forms without being limited to FIG. 5.

Fig. 2 is a flowchart showing a method of authenticating a USB security device with secure user authentication means in the first embodiment of the present invention.

When the USB security device 100 is first used, the user's password is input through the keyboard of the host computer 300 and the password is registered in the internal storage space of the smart card IC 150. (S601)

In order to use the USB security device 100, a password is input to the keyboard of the PC. (S602)

The control unit 120 receives the user's password input to the keyboard through the USB port 110 and delivers the smart card IC 150. (S603)

The smart card IC 150 compares the input password with the password registered in the internal storage space (S604).

If the comparison result between the registered password and the input password does not match, the smart card IC 150 may be configured to use the internal encryption function, the digital signature key generation function, the electronic signature function, the electronic financial transaction function, and the digital certificate key. Block access to (S605).

If the comparison result between the registered password and the input password matches, the smart card IC 150 notifies the user through the output unit 140 to input the button switch through the control unit 120 (S606).

The controller 120 waits for a button switch input for a predetermined time. (S607) In general, it is preferable to wait for a button switch input for a time of about 10 seconds to 15 seconds.

If the button switch is not input for a predetermined time, the controller 120 transmits that the button switch is not input to the smart card IC 150 (S608).

The smart card IC 150 that receives the signal that the button switch is not input from the control unit 120 has an internal encryption function, an electronic signature key generation function, an electronic signature function, an electronic financial transaction function, and an access to an authorized certificate electronic signature key. (S609)

If the button switch is input within a predetermined time, the controller 120 transmits that the button switch is input to the smart card IC 150. (S610)

The smart card IC 150 receives a signal that the button switch is input from the controller 120 to access the internal encryption function, the digital signature key generation function, the electronic signature function, the electronic financial transaction function, and the authorized certificate electronic signature key. (S611)

3 to 4, a second preferred embodiment of the present invention will be described.

3 is a block diagram including a USB security device with secure user authentication means in a second preferred embodiment of the present invention. The block diagram is largely divided into a host computer 300 and a USB security device 200. The USB security device 200 includes a USB port 210, a control unit 220, an input unit 230, an output unit 240, and a memory. The unit 250 is included.

The USB port 210 connects the host computer 300 and the USB security device 200 by USB, supplies power to the USB security device 200 from the host computer 300, and enables data transmission and reception between each other.

The input unit 230 includes a button switch, and when the button switch is input, the input unit 230 transmits a signal indicating that the button switch is input to the controller 220.

The output unit 240 is composed of LED and is used as a means for informing the user to input the button switch.

The memory unit 250 stores data and a registered password in an internal storage space. In general, the memory unit 250 is preferably configured as a NAND flash memory that is frequently used in mass storage devices.

The control unit 220 transmits and receives data to and from the host computer 300 through the USB port 210, and receives the password input from the keyboard connected to the host computer 300 through the USB port 210, the memory unit 250 Compared to the registered password read from the) and the input password, if the comparison result does not match, the access to the memory unit 250 is blocked, and if the comparison result is matched, the output unit 240 Notifies the user to input the button switch through, waits for the user to enter the button switch for a certain time, if the button switch is not input within a certain time, the access to the memory unit 250 is blocked, if within the predetermined time When the button switch is input, access to the memory unit 250 is allowed.

4 is a flowchart showing an authentication method of a USB security device having a secure user authentication means in the second embodiment of the present invention.

When the USB security device 100 is used for the first time, the user's password is input through the keyboard of the host computer 300 and the password is registered in the internal storage space of the memory unit 250 (S701).

In order to use the USB security device 100, a password is input to the keyboard of the PC. (S702)

The controller 220 receives the user's password input to the keyboard through the USB port 210, and reads the registered password from the memory unit 250 and compares the input password with the registered password (S703).

If the comparison result does not match, the controller 220 blocks the access to the memory 250 (S704).

If the comparison result is the same, the controller 220 notifies the user of inputting the button switch (S705).

The controller 220 waits for the input of the button switch for a predetermined time (S706).

If the button switch is not input within a predetermined time, the controller 220 blocks the access to the memory unit 250 (S707).

If the button switch is input within a predetermined time, the controller 220 allows access to the memory unit 250 (S708).

Although the first and second embodiments of the present invention have been described above with reference to the accompanying drawings, the present invention is not limited thereto, and various changes, modifications, and equivalents may be used. Therefore, the present invention can be applied by appropriately modifying the above embodiments, it will be obvious that such application also belongs to the scope of the present invention based on the technical idea described in the claims below.

The present invention relates to a USB security device and an authentication method having a secure user authentication means, and can be widely used in industries where portability and security are important, such as security tokens, secure USB, smart card readers, and portable financial devices.

100: USB security device
110: USB port 120: control unit
130: input unit 140: output unit
150: Smart Card IC
200: USB security device
210: USB port 220: control unit
230: input unit 240: output unit
250: memory
300: host computer

Claims (4)

In the USB security device having a secure user authentication means,
A USB port for connecting the host computer and the USB security device with USB, supplying power to the USB security device from the host computer, and allowing data transmission and reception to each other;
An input unit configured to include a button switch and transmitting a signal indicating that the button switch is input to the controller when the button switch is input;
An output unit configured of an LED and informing a user to input a button switch;
Data is transmitted and received through the USB port with the host computer, the password inputted to the keyboard connected to the host computer is transmitted through the USB port to the smart card IC, and a signal is sent to the output unit informing the user to input a button switch. A control unit for transmitting whether the button switch is input to the smart card IC;
The internal certificate stores the digital certificate key and the registered password in the internal storage space, and compares the password received from the control unit with the registered password and if the comparison result does not match, the internal encryption function, the digital signature key generation function, Blocks access to the electronic signature function, electronic financial transaction function, and public certificate electronic signature key, and if the comparison result is matched, waits for the user to input the button switch for a certain period of time. Blocks access to the encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, authorized certificate digital signature key, and if the button switch is input within a certain time, the internal encryption function, digital signature key Generating function, digital signature function, electronic financial transaction function, access to authorized certificate digital signature key Smart card IC;
USB security device having a secure user authentication means comprising a. In the authentication method of the USB security device having a secure user authentication means
Password registration step of receiving the user's password through the keyboard of the host computer when the USB security device is first used, and storing it in the internal storage of the smart card IC;
Inputting a user's password on a keyboard of a host computer when authenticating a USB security device user;
The control unit receives the user's password input to the keyboard via the USB port and delivering to the smart card IC;
Smart card IC comparing the input password and the registered password;
If the comparison result of the registered password and the entered password does not match, the smart card IC provides access to the internal encryption function, the digital signature key generation function, the electronic signature function, the electronic financial transaction function, and the digital certificate key. Blocking;
If the comparison result of the registered password and the input password match, informing the user to input the button switch;
The control unit waits for a button switch input for a predetermined time;
If the button switch is not input for a certain time, the control unit transmits that the button switch is not input to the smart card IC;
The smart card IC received a signal that the button switch is not input from the control unit is a step of blocking access to the internal encryption function, digital signature key generation function, electronic signature function, electronic financial transaction function, authorized certificate electronic signature key;
If the button switch is input within a predetermined time, the control unit transmits that the button switch is input to the smart card IC;
The smart card IC receives a signal that the button switch is input from the control unit, the smart card IC allowing access to an internal encryption function, an electronic signature key generation function, an electronic signature function, an electronic financial transaction function, and an authorized certificate electronic signature key;
Authentication method of the USB security device having a secure user authentication means comprising a; In the USB security device having a secure user authentication means,
A USB port for connecting the host computer and the USB security device with USB, supplying power to the USB security device from the host computer, and allowing data transmission and reception to each other;
An input unit configured to include a button switch and transmitting a signal indicating that the button switch is input to the controller when the button switch is input;
An output unit configured of an LED and informing a user to input a button switch;
A memory unit for storing data and a registered password in an internal storage space;
Data is transmitted and received through the USB port with the host computer, the password input from the keyboard connected to the host computer is received through the USB port, and the registered password read from the memory unit is compared with the input password. If this does not match, access to the memory unit is blocked, and if the comparison result is matched, the user is informed to input the button switch through the output unit, and the user waits for the user to input the button switch for a predetermined time. A control unit which blocks access to the memory unit if the button switch is not input and allows access to the memory unit if the button switch is input within a predetermined time;
USB security device having a secure user authentication means comprising a. In the authentication method of the USB security device having a secure user authentication means
A password registration step of receiving a user's password through a keyboard of the host computer when the USB security device is first used and storing the password in a memory unit;
Inputting a user's password on the keyboard of the host computer when authenticating the USB security device user;
The control unit receives a password of the user input on the keyboard through the USB port, and reads the registered password from the memory unit to compare the input password and the registered password;
If the comparison result does not match, the control unit blocks access to the memory unit;
Informing a user to input a button switch if the comparison result is identical;
The control unit waits for the input of the button switch for a predetermined time;
If the button switch is not input within a certain time, the control unit blocks access to the memory unit.
If the button switch is input within a predetermined time, the control unit permits access to the memory unit;
Authentication method of the USB security device having a secure user authentication means comprising a;
KR1020100006706A 2010-01-25 2010-01-25 Usb security device with way for secure user-authentication and method of authentication KR20110087178A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020100006706A KR20110087178A (en) 2010-01-25 2010-01-25 Usb security device with way for secure user-authentication and method of authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100006706A KR20110087178A (en) 2010-01-25 2010-01-25 Usb security device with way for secure user-authentication and method of authentication

Publications (1)

Publication Number Publication Date
KR20110087178A true KR20110087178A (en) 2011-08-02

Family

ID=44926057

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100006706A KR20110087178A (en) 2010-01-25 2010-01-25 Usb security device with way for secure user-authentication and method of authentication

Country Status (1)

Country Link
KR (1) KR20110087178A (en)

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013134438A1 (en) * 2012-03-06 2013-09-12 Microsoft Corporation Accessory device authentication
US8850241B2 (en) 2012-03-02 2014-09-30 Microsoft Corporation Multi-stage power adapter configured to provide low power upon initial connection of the power adapter to the host device and high power thereafter upon notification from the host device to the power adapter
US8854799B2 (en) 2012-03-02 2014-10-07 Microsoft Corporation Flux fountain
US8873227B2 (en) 2012-03-02 2014-10-28 Microsoft Corporation Flexible hinge support layer
US8949477B2 (en) 2012-05-14 2015-02-03 Microsoft Technology Licensing, Llc Accessory device architecture
US9075566B2 (en) 2012-03-02 2015-07-07 Microsoft Technoogy Licensing, LLC Flexible hinge spine
US9111703B2 (en) 2012-03-02 2015-08-18 Microsoft Technology Licensing, Llc Sensor stack venting
KR20150106140A (en) * 2014-03-11 2015-09-21 국상진 Hardware security module and operation method thereof
US9317072B2 (en) 2014-01-28 2016-04-19 Microsoft Technology Licensing, Llc Hinge mechanism with preset positions
US9354748B2 (en) 2012-02-13 2016-05-31 Microsoft Technology Licensing, Llc Optical stylus interaction
US9360893B2 (en) 2012-03-02 2016-06-07 Microsoft Technology Licensing, Llc Input device writing surface
US9426905B2 (en) 2012-03-02 2016-08-23 Microsoft Technology Licensing, Llc Connection device for computing devices
US9447620B2 (en) 2014-09-30 2016-09-20 Microsoft Technology Licensing, Llc Hinge mechanism with multiple preset positions
US9448631B2 (en) 2013-12-31 2016-09-20 Microsoft Technology Licensing, Llc Input device haptics and pressure sensing
US9459160B2 (en) 2012-06-13 2016-10-04 Microsoft Technology Licensing, Llc Input device sensor configuration
US9684382B2 (en) 2012-06-13 2017-06-20 Microsoft Technology Licensing, Llc Input device configuration having capacitive and pressure sensors
US9752361B2 (en) 2015-06-18 2017-09-05 Microsoft Technology Licensing, Llc Multistage hinge
US9759854B2 (en) 2014-02-17 2017-09-12 Microsoft Technology Licensing, Llc Input device outer layer and backlighting
US9824808B2 (en) 2012-08-20 2017-11-21 Microsoft Technology Licensing, Llc Switchable magnetic lock
US9864415B2 (en) 2015-06-30 2018-01-09 Microsoft Technology Licensing, Llc Multistage friction hinge
US9870066B2 (en) 2012-03-02 2018-01-16 Microsoft Technology Licensing, Llc Method of manufacturing an input device
US10031556B2 (en) 2012-06-08 2018-07-24 Microsoft Technology Licensing, Llc User experience adaptation
US10037057B2 (en) 2016-09-22 2018-07-31 Microsoft Technology Licensing, Llc Friction hinge
US10061385B2 (en) 2016-01-22 2018-08-28 Microsoft Technology Licensing, Llc Haptic feedback for a touch input device
US10107994B2 (en) 2012-06-12 2018-10-23 Microsoft Technology Licensing, Llc Wide field-of-view virtual image projector
US10156889B2 (en) 2014-09-15 2018-12-18 Microsoft Technology Licensing, Llc Inductive peripheral retention device
US10222889B2 (en) 2015-06-03 2019-03-05 Microsoft Technology Licensing, Llc Force inputs and cursor control
US10324733B2 (en) 2014-07-30 2019-06-18 Microsoft Technology Licensing, Llc Shutdown notifications
US10344797B2 (en) 2016-04-05 2019-07-09 Microsoft Technology Licensing, Llc Hinge with multiple preset positions
KR20190093032A (en) 2018-01-31 2019-08-08 강원대학교산학협력단 Removable storage device for executing security function using user terminal and operation method thereof
US10416799B2 (en) 2015-06-03 2019-09-17 Microsoft Technology Licensing, Llc Force sensing and inadvertent input control of an input device
US10578499B2 (en) 2013-02-17 2020-03-03 Microsoft Technology Licensing, Llc Piezo-actuated virtual buttons for touch surfaces
CN113454629A (en) * 2019-02-14 2021-09-28 惠普发展公司,有限责任合伙企业 Locking device with authentication
USRE48963E1 (en) 2012-03-02 2022-03-08 Microsoft Technology Licensing, Llc Connection device for computing devices

Cited By (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9354748B2 (en) 2012-02-13 2016-05-31 Microsoft Technology Licensing, Llc Optical stylus interaction
US9465412B2 (en) 2012-03-02 2016-10-11 Microsoft Technology Licensing, Llc Input device layers and nesting
US9852855B2 (en) 2012-03-02 2017-12-26 Microsoft Technology Licensing, Llc Pressure sensitive key normalization
US8873227B2 (en) 2012-03-02 2014-10-28 Microsoft Corporation Flexible hinge support layer
US8935774B2 (en) 2012-03-02 2015-01-13 Microsoft Corporation Accessory device authentication
US8947864B2 (en) 2012-03-02 2015-02-03 Microsoft Corporation Flexible hinge and removable attachment
USRE48963E1 (en) 2012-03-02 2022-03-08 Microsoft Technology Licensing, Llc Connection device for computing devices
US9047207B2 (en) 2012-03-02 2015-06-02 Microsoft Technology Licensing, Llc Mobile device power state
US9075566B2 (en) 2012-03-02 2015-07-07 Microsoft Technoogy Licensing, LLC Flexible hinge spine
US9111703B2 (en) 2012-03-02 2015-08-18 Microsoft Technology Licensing, Llc Sensor stack venting
US9134808B2 (en) 2012-03-02 2015-09-15 Microsoft Technology Licensing, Llc Device kickstand
US9460029B2 (en) 2012-03-02 2016-10-04 Microsoft Technology Licensing, Llc Pressure sensitive keys
US9146620B2 (en) 2012-03-02 2015-09-29 Microsoft Technology Licensing, Llc Input device assembly
US9158383B2 (en) 2012-03-02 2015-10-13 Microsoft Technology Licensing, Llc Force concentrator
US9158384B2 (en) 2012-03-02 2015-10-13 Microsoft Technology Licensing, Llc Flexible hinge protrusion attachment
US9176900B2 (en) 2012-03-02 2015-11-03 Microsoft Technology Licensing, Llc Flexible hinge and removable attachment
US9176901B2 (en) 2012-03-02 2015-11-03 Microsoft Technology Licensing, Llc Flux fountain
US9268373B2 (en) 2012-03-02 2016-02-23 Microsoft Technology Licensing, Llc Flexible hinge spine
US9298236B2 (en) 2012-03-02 2016-03-29 Microsoft Technology Licensing, Llc Multi-stage power adapter configured to provide a first power level upon initial connection of the power adapter to the host device and a second power level thereafter upon notification from the host device to the power adapter
US9304949B2 (en) 2012-03-02 2016-04-05 Microsoft Technology Licensing, Llc Sensing user input at display area edge
US9904327B2 (en) 2012-03-02 2018-02-27 Microsoft Technology Licensing, Llc Flexible hinge and removable attachment
US9870066B2 (en) 2012-03-02 2018-01-16 Microsoft Technology Licensing, Llc Method of manufacturing an input device
US8850241B2 (en) 2012-03-02 2014-09-30 Microsoft Corporation Multi-stage power adapter configured to provide low power upon initial connection of the power adapter to the host device and high power thereafter upon notification from the host device to the power adapter
US9360893B2 (en) 2012-03-02 2016-06-07 Microsoft Technology Licensing, Llc Input device writing surface
US9426905B2 (en) 2012-03-02 2016-08-23 Microsoft Technology Licensing, Llc Connection device for computing devices
US9678542B2 (en) 2012-03-02 2017-06-13 Microsoft Technology Licensing, Llc Multiple position input device cover
US8854799B2 (en) 2012-03-02 2014-10-07 Microsoft Corporation Flux fountain
US10963087B2 (en) 2012-03-02 2021-03-30 Microsoft Technology Licensing, Llc Pressure sensitive keys
WO2013134438A1 (en) * 2012-03-06 2013-09-12 Microsoft Corporation Accessory device authentication
US8949477B2 (en) 2012-05-14 2015-02-03 Microsoft Technology Licensing, Llc Accessory device architecture
US9348605B2 (en) 2012-05-14 2016-05-24 Microsoft Technology Licensing, Llc System and method for accessory device architecture that passes human interface device (HID) data via intermediate processor
US10031556B2 (en) 2012-06-08 2018-07-24 Microsoft Technology Licensing, Llc User experience adaptation
US10107994B2 (en) 2012-06-12 2018-10-23 Microsoft Technology Licensing, Llc Wide field-of-view virtual image projector
US9952106B2 (en) 2012-06-13 2018-04-24 Microsoft Technology Licensing, Llc Input device sensor configuration
US9459160B2 (en) 2012-06-13 2016-10-04 Microsoft Technology Licensing, Llc Input device sensor configuration
US10228770B2 (en) 2012-06-13 2019-03-12 Microsoft Technology Licensing, Llc Input device configuration having capacitive and pressure sensors
US9684382B2 (en) 2012-06-13 2017-06-20 Microsoft Technology Licensing, Llc Input device configuration having capacitive and pressure sensors
US9824808B2 (en) 2012-08-20 2017-11-21 Microsoft Technology Licensing, Llc Switchable magnetic lock
US10578499B2 (en) 2013-02-17 2020-03-03 Microsoft Technology Licensing, Llc Piezo-actuated virtual buttons for touch surfaces
US9448631B2 (en) 2013-12-31 2016-09-20 Microsoft Technology Licensing, Llc Input device haptics and pressure sensing
US10359848B2 (en) 2013-12-31 2019-07-23 Microsoft Technology Licensing, Llc Input device haptics and pressure sensing
US9317072B2 (en) 2014-01-28 2016-04-19 Microsoft Technology Licensing, Llc Hinge mechanism with preset positions
US9759854B2 (en) 2014-02-17 2017-09-12 Microsoft Technology Licensing, Llc Input device outer layer and backlighting
KR20150106140A (en) * 2014-03-11 2015-09-21 국상진 Hardware security module and operation method thereof
US10324733B2 (en) 2014-07-30 2019-06-18 Microsoft Technology Licensing, Llc Shutdown notifications
US10156889B2 (en) 2014-09-15 2018-12-18 Microsoft Technology Licensing, Llc Inductive peripheral retention device
US9447620B2 (en) 2014-09-30 2016-09-20 Microsoft Technology Licensing, Llc Hinge mechanism with multiple preset positions
US10222889B2 (en) 2015-06-03 2019-03-05 Microsoft Technology Licensing, Llc Force inputs and cursor control
US10416799B2 (en) 2015-06-03 2019-09-17 Microsoft Technology Licensing, Llc Force sensing and inadvertent input control of an input device
US9752361B2 (en) 2015-06-18 2017-09-05 Microsoft Technology Licensing, Llc Multistage hinge
US9864415B2 (en) 2015-06-30 2018-01-09 Microsoft Technology Licensing, Llc Multistage friction hinge
US10606322B2 (en) 2015-06-30 2020-03-31 Microsoft Technology Licensing, Llc Multistage friction hinge
US10061385B2 (en) 2016-01-22 2018-08-28 Microsoft Technology Licensing, Llc Haptic feedback for a touch input device
US10344797B2 (en) 2016-04-05 2019-07-09 Microsoft Technology Licensing, Llc Hinge with multiple preset positions
US10037057B2 (en) 2016-09-22 2018-07-31 Microsoft Technology Licensing, Llc Friction hinge
KR20190093032A (en) 2018-01-31 2019-08-08 강원대학교산학협력단 Removable storage device for executing security function using user terminal and operation method thereof
CN113454629A (en) * 2019-02-14 2021-09-28 惠普发展公司,有限责任合伙企业 Locking device with authentication

Similar Documents

Publication Publication Date Title
KR20110087178A (en) Usb security device with way for secure user-authentication and method of authentication
US9674705B2 (en) Method and system for secure peer-to-peer mobile communications
KR101270230B1 (en) Data security system
JP5050066B2 (en) Portable electronic billing / authentication device and method
US6367017B1 (en) Apparatus and method for providing and authentication system
US8700908B2 (en) System and method for managing secure information within a hybrid portable computing device
US10140439B2 (en) Security card having fingerprint authentication, processing system and processing method therefor
US20070223685A1 (en) Secure system and method of providing same
EP1736889A1 (en) Use authentication method, use authentication program, information processing device, and recording medium
CN203746071U (en) Security computer based on encrypted hard disc
KR20110078601A (en) Security usb device with secure password input&output function and method of authentication
WO2020020329A1 (en) Digital wallet allowing anonymous or real-name offline transaction and usage method
CN103886234A (en) Safety computer based on encrypted hard disk and data safety control method of safety computer
WO2003065318A2 (en) Payment system
KR101724401B1 (en) Certification System for Using Biometrics and Certification Method for Using Key Sharing and Recording medium Storing a Program to Implement the Method
CN101140605A (en) Data safety reading method and safety storage apparatus thereof
CN101841418A (en) Handheld multiple role electronic authenticator and service system thereof
WO2013123453A1 (en) Data storage devices, systems, and methods
CN105005721A (en) Computer authorization starting control system and method based on computer starting key
CN110807624A (en) Digital currency hardware cold wallet system and transaction method thereof
EP3403368B1 (en) 2-factor authentication for network connected storage device
JP2012073902A (en) Personal authentication system, personal authentication method, program and recording medium
CN1331015C (en) Computer security startup method
EP3792795A1 (en) A system and a method for user authentication and/or authorization
CN112636914A (en) Identity authentication method, identity authentication device and smart card

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application