KR20110131654A - System and method for service control - Google Patents

Abstract

PURPOSE: A service control system and a method thereof are provided to simultaneously perform authentication of a device and authentication based on the locations of a service request person and a user, thereby providing effective and strong security. CONSTITUTION: A device checking module(130) determines whether a service terminal is proper wherein the service terminal requests a wire/wireless internet service. A location matching determining module(140) determines whether the location of a service terminal which requests the service request with the location of a user corresponding to the service request. A control module(110) determines whether to permit the service request according to either one of first and second determination results of the device checking module. A service control system includes a MAC checking module(120) for checking the MAC(Media Access Control) address of the service terminal.

Description

System and method for service control

The present invention relates to a service control system and a method thereof, and more particularly, when a specific web service or a site has a request for a specific service (eg, payment, bank transfer, login, certificate (document) issuance, etc.), the service. The present invention relates to a system for determining whether a request is made by a legitimate user so that a legitimate user can use the service, and a method of providing the same.

With the development of the Internet, many people have been provided with various services by accessing a web site or a predetermined application for a specific web service. At this time, the web site or web service performs a procedure called log-in to identify the user. In order to log in, a user must input identification information (eg, ID, password, or public certificate) that corresponds to an account assigned to each user. In addition, when a user wants to use an important function or service even after logging in, there may be a case where a user needs to pass through a certain security protocol (eg, an accredited certificate or one time password (OTP)). Of course, the same authentication procedure (eg, accredited certificate) can be used not only during the login procedure, but also when providing some security protocol after login.

However, the conventional security protocol is inconvenient to have a separate physical security device, such as a public certificate or OTP generator in order to use the security protocol. Therefore, a technical idea that can provide a separate security protocol by using a mobile terminal that is always (or likely to be) the user may be required.

In addition, a method using ID / PWD among conventional security protocols has a problem in that when the ID / PWD is accidentally leaked or leaked by a malicious attack, it can no longer function as a security protocol. A security protocol using an accredited certificate or OTP can also cause serious problems if the storage medium or OTP generator that stores the accredited certificate is lost, or if it is stolen by a legitimate user's acquaintance or coworker.

Therefore, the security protocol according to the technical concept of the present invention may be used in addition to using the conventional security protocol, or may be used in place of any one of the conventional security protocol, the device used by the legitimate user and the position of the legitimate user Two factors can be used to provide a technical idea that can provide a much stronger security protocol. In addition, the security protocol according to the technical concept of the present invention may be used as an authentication protocol for login as well as when using a specific service after login.

Therefore, the technical problem to be achieved by the present invention is that the device itself or the user who requested the service does not allow the illegal user to log in, or whether the service is a legitimate user when requesting a specific service after logging in even if the user logs in. By providing authentication to at least one of the locations, it is possible to provide a system and method that can eliminate or reduce the damage that a fraudulent user may experience using the service.

In addition, by comparing the location of the party user with the location of the service requester, even if the existing security protocol fails to function or the security information is leaked, the party user can be authenticated as long as it does not exist in the same location. It is to provide a system and method.

In particular, by identifying the location of the service terminal using an Internet Protocol (IP) address which is automatically known when a specific web server is connected for a service request, a separate positioning device (for example, To provide a system and method that may not require additional information from the service requester without requiring a GPS module.

In addition, when the IP address assigned to a specific service terminal is a dynamic IP, to provide a system and method that can use the MAC address to easily determine the location of the service terminal based on the IP address.

In addition, when a fraudulent user requests a service using a party user's device, in order to solve the problem that the device suitability cannot be filtered out by judging only device suitability, the fraudulent user is performed together with the device suitability to perform location-based authentication. It is to provide a system and method for filtering.

The service control system according to an embodiment of the present invention for solving the technical problem is a device identification module for determining the device suitability of a service terminal requesting a wired and wireless Internet service, the location of the service terminal making the service request and the service request The service according to a result of at least one of a position identity determining module for determining the identity of a user of a political party corresponding to the first position and a first determination result determined by the device identification module or a second determination result determined by the position identity determination module. It may include a control module for determining whether to allow the request.

The service control system may further include a MAC identification module for confirming a MAC (Media Access Control) address of the service terminal.

The device identification module may determine device suitability of the service terminal based on the MAC address confirmed by the MAC identification module and a pre-registered user-specific MAC address.

The user-specific MAC address may include at least one MAC address.

The location equality determination module may determine the location of the service terminal corresponding to the MAC address based on the identified MAC address and previously stored location information for each MAC address.

The location equality determination module may check the IP address of the service terminal, check the actual address information corresponding to the confirmed IP address, and determine the location of the service terminal based on the confirmed actual address information. .

The location information for each MAC address is generated by information received from at least one Dynamic Host Configuration Protocol (DHCP) server or an Internet Service Provider (ISP) system that operates the DHCP server, or is input by the political user. It may be information generated based on.

The MAC identification module may receive information on a MAC address corresponding to the service terminal through a predetermined agent installed in the service terminal, or check the MAC address through ARP (Address Resolution Protocol) communication.

The location identity determination module may determine the location of the party user based on the information on the location of the mobile terminal of the party user.

Information about the location of the mobile terminal of the party user may be received from a communication company system or an LBS system.

The control module grants the service request when either the first determination result or the second determination result is satisfied, or checks the rest if any one of the first determination result or the second determination result is not satisfied. If the remaining determination result is satisfied, the service request may be granted or the service request may be allowed if both the first determination result and the second determination result are satisfied. The service request may include at least one of a bank transfer request, a payment request, a login request, or a certificate issue request.

The service control system for solving the technical problem is a position equality determination module for determining the sameness of the position of the service terminal making a service request and the position of the party user corresponding to the service request and the determination result determined by the position identity determination module And a control module for determining whether to allow the service request, wherein the location equality determination module determines the location of the service terminal based on the MAC address of the service terminal.

The service control method for solving the technical problem is a service control system checks at least one of the device suitability of the service terminal or the identity of the location of the service terminal and the location of the party user corresponding to the service request and confirmed Determining whether to allow the service request according to a result of at least one of the device suitability or the identity of the location, and the party user corresponding to the device suitability of the service terminal or the location of the service terminal and the service request. Identifying at least one of the identity of the location of the includes: verifying a media access control (MAC) address of the service terminal to verify at least one of the device suitability or the identity of the location.

The determining of the media access control (MAC) address of the service terminal may include receiving, by the service control system, information on a MAC address corresponding to the service terminal through a predetermined agent installed in the service terminal, or ARP (Address). Resolution Protocol) may include at least one of checking the MAC address of the service terminal through communication.

Confirming at least one of device suitability of the service terminal or the identity of the location of the service terminal and the location of the party user corresponding to the service request is based on the confirmed MAC address and a pre-registered user-specific MAC address. The method may further include determining device suitability of the service terminal.

Confirming at least one of device suitability of the service terminal or the identity of the location of the service terminal and the location of the party user corresponding to the service request may be performed based on the identified MAC address and location information for each MAC address stored in advance. Determining the location of the service terminal corresponding to the MAC address or checking the IP address of the service terminal, confirming the actual address information corresponding to the confirmed IP address, and based on the confirmed actual address information. The method may further include at least one of determining the location of the service terminal.

Determining whether the service request is allowed based on a result of at least one of the device suitability or the identity of the location may include determining whether the service control system satisfies either the first determination result or the second determination result. Granting a service request, checking the remainder if one of the first decision result or the second decision result is not satisfied, and allowing the service request if the remaining decision result is satisfied, or the first decision If both a result and the second determination result is satisfied may include at least one of the step of allowing the service request. The service control method may be stored in a computer-readable recording medium recording a program.

The service control system and method thereof according to the present invention can provide effective and strong security by simultaneously performing authentication of the device itself requesting the service to authenticate a legitimate user and authentication based on the location of the service requester and the party user. It has an effect.

In addition, when the MAC address is used for the authentication of the device itself, there is an effect that the problem such as MAC spoofing can be supplemented with location-based authentication, and dynamic IP when location-based authentication is performed by the IP address. There is an effect that can complement the problem of using the MAC address. Therefore, when using the authentication of the device itself and location-based authentication at the same time there is an effect that can complement each other.

In addition, since it provides a security method separate from authentication based on conventional authentication information (for example, password, public certificate, OTP, etc.), when used in conjunction with the existing security method, even if the authentication information is leaked, it can authenticate the party user. This has the effect of providing much stronger security. In addition, there is an effect that can be used in place of the conventional security method.

In addition, when determining the location of the service terminal based on the IP address, it is not necessary to have a separate positioning device, since it uses an already known IP address when connecting to a specific web server for service request. There is no need for information, so the location can be easily checked.

BRIEF DESCRIPTION OF THE DRAWINGS In order to better understand the drawings cited in the detailed description of the invention, a brief description of each drawing is provided.
1 is a schematic diagram illustrating a function of a service control system according to an exemplary embodiment of the present invention.
2 shows a schematic configuration of a service control system according to another embodiment of the present invention.
3 illustrates an example for explaining a method for checking a MAC address of a service terminal by a service control system according to an exemplary embodiment of the present invention.
4 is a diagram for describing a method of confirming a MAC address of a service terminal by a service control system according to another exemplary embodiment of the present invention.
5 illustrates an example of a user-specific MAC address and location information for each MAC address that can be used for a service control method according to an exemplary embodiment of the present invention.
FIG. 6 is a diagram for describing a method of determining a location identity by performing a location comparison by a service control system according to an exemplary embodiment of the present invention.
7 illustrates an example of a screen displayed on a service terminal or a mobile terminal by a service control method according to an exemplary embodiment of the present invention.
8 shows an example of a screen displayed on the service terminal by the service control method according to an embodiment of the present invention.
9 illustrates an example of a screen displayed on a mobile terminal of a party user by a service control method according to an exemplary embodiment of the present invention.

In order to fully understand the present invention, the operational advantages of the present invention, and the objects achieved by the practice of the present invention, reference should be made to the accompanying drawings which illustrate preferred embodiments of the present invention and the contents described in the accompanying drawings.

Also, in this specification, when any one element 'transmits' data to another element, the element may transmit the data directly to the other element, or may be transmitted through at least one other element And may transmit the data to the other component.

Conversely, when one element 'directly transmits' data to another element, it means that the data is transmitted to the other element without passing through another element in the element.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. Like reference numerals in the drawings denote like elements.

1 is a schematic diagram illustrating a function of a service control system according to an exemplary embodiment of the present invention.

Referring to FIG. 1, the service control system 100 according to an exemplary embodiment of the present invention includes a control module 110, a device identification module 130, and a position equality determination module 140. The service control system 100 may further include a MAC identification module 120.

The service control system 100 may transmit / receive predetermined information with a service terminal (200, 210, etc.) requesting a service through a wired / wireless network. In addition, if necessary, the service control system 100 may be connected to the mobile terminal 300 and / or the communication company system 400 of a political party user through a wired / wireless network to transmit and receive predetermined information. The service control system 100 may be installed in a web server that provides a predetermined service, or may be implemented as a system independent from the web server to implement the technical idea of the present invention while transmitting and receiving necessary data with the web server. have.

The service control system 100 may include hardware resources and / or software necessary to implement the technical idea of the present invention, and means one physical component or one device. no. That is, the service control system 100 may mean a logical combination of hardware and / or software provided to implement the technical idea of the present invention. If necessary, the service control system 100 may be installed in devices spaced apart from each other. It may be implemented as a set of logical configurations for implementing the technical idea of the present invention by performing. In addition, the service control system 100 may refer to a set of components that are separately implemented for each function or role for implementing the technical idea of the present invention.

In addition, the term module in the present specification may mean a functional and structural combination of hardware for performing the technical idea of the present invention and software for driving the hardware. For example, the module may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and does not necessarily mean a physically connected code or a kind of hardware. Can be easily deduced to the average expert in the field of the present invention.

The control module 110 uses other components (eg, the MAC identification module 120, the device identification module 130, and / or the position identity determination module 140, etc.) to implement the technical idea of the present invention. Can be controlled.

The control module 110 may determine whether a service request of the service terminals 200 and 210 is a legitimate service request. The right service request may mean that the user requesting the service is a right user or a user who has permission from the right user. For example, when the service request is a login request, the user who performs the login may mean a request for login performed by the owner of the account corresponding to the login request or by a user who is permitted to use the account. For example, a user or service provider may create an account for each user to use a particular web site or specific application. The account may be identified by an ID, and the user may generate an ID to be used by the user and use the ID as identification information of the account. The user may input the ID as login information when performing login. In some cases, special authentication information may be used as login information. For example, when logging in using a public certificate, an ID may not be separately input. A legitimate user may mean a person who has authority to create an account and use a service provided by the account (eg, account transfer, payment, certificate issuance, etc.). The service may vary according to the service control system 100 or a web server to which the service control system 100 provides a function.

The control module 110 receives a request for a specific service (eg, transfer, payment, item exchange, etc.) received from the service terminal 200, 210, and the service terminal 200, 210 receives the specific service. It can be controlled whether or not it is available. That is, the control module 110 may determine whether the service terminals 200 and 210 are to use or not to use the specific service.

The specific service may mean a predetermined service or function set in advance according to the type of the web service. For example, when the web service means a web site of a financial institution or services provided by the web site, the specific service may be a predetermined service set in advance by determining that security or authentication is further required at the financial institution. For example, the specific service may be a service or function related to the disposal of financial assets (cash or stocks, futures, etc.) such as transfers, settlements, and currency exchange.

The control module 110 is based on the device suitability of the service terminal (200, 210) confirmed by the device identification module 130 and / or the position identity identified by the position identification module 140 It is possible to determine whether to use the specific service and control it.

Device suitability in this specification may mean a case where a specific device is used or recognized to be used by a party user. For example, a particular user can access a given web site with the same device. Then, device identification information for the same device may be stored in the account of the specific user. Then, the device having the same identification information as the stored device identification information may be referred to as a device suitable for the specific user. In this case, the device identification information may be a media access control (MAC) address of the device. The MAC address may be unique identification information of a network device of a device participating in a network. Therefore, if a specific service is a login request, if the user authentication information (eg, ID / PWD or certificate information) matches and the MAC address matches the MAC address of a previously stored party user, the user may be recognized as a party user. have. That is, at this time, unless a user hacks or uses illegally as a device used by a political user, there is an effect that an illegal user can be extracted even if user authentication information is leaked. The device suitability check performed by the device identification module 130 may be repeatedly performed for each specific service request. For example, the device suitability check may be performed at the login request, and the suitability check may be performed again at the time of requesting a specific service after login. Therefore, even if the user is logged in through a certain illegal path, the device suitability check can be performed whenever a specific important service is performed, thereby providing excellent security.

According to an embodiment, a plurality of device identification information, ie, MAC addresses, used by a party user may be set. For example, the party user may preset a device-specific MAC address used by the party user. In general, since the number of devices used by a political party user is not large, such as a personal computer or a mobile terminal, there may not be a large burden in registering MAC address information of a device to be used in advance. In addition, when performing a specific service through another device due to the unsatisfactory situation, it may be further subjected to a separate authentication process in a predetermined manner. Or, an important specific service can be set to receive a service only by the device set by the user.

If the device suitability is checked through the MAC address as described above, the fraudulent use may not be detected when the fraudulent user makes a fraudulent service request using a device of a just user. In general, when user authentication information (eg, ID / PWD or certificate information) is exposed by a party user's acquaintances or coworkers, such acquaintances or coworkers may have easy access to the device used by the party user. have. In addition, even if a MAC user's MAC address is exposed and becomes MAC spoofing, a fraudulent user may not be detected. In order to prevent such a case, the service control system 100 according to the technical concept of the present invention compares the current location of a party user with the location of the service terminals 200 and 210 that have made a service request, and checks whether or not there is an identity. Location identity checks may be further performed.

That is, when a fraudulent user makes a fraudulent service request using a device registered by a political party user, the requested service may be denied when there is no party user near the device even though the device suitability test passes. For example, even if the user authentication information is exposed by an acquaintance and the acquaintance requests a service such as a login through the party user's device, the service may be denied if the party user does not exist near the device. If a legitimate user is present near the device, such a fraudulent use will be difficult, and thus security can be increased when the device conformity check and the location identity check are performed together. In addition, even if the MAC address registered by the party user is exposed in some way, even if the illegal user requests an illegal service through a device other than the device registered by the party user through MAC spoofing, the location of the illegal user and the party user is the same. Service may be denied if it does not exist at the location. Therefore, when the location identity check is performed together with the device suitability check, it is possible to provide high security.

On the other hand, the control module 110 may not perform a device suitability check. That is, only location identity may be determined. That is, even a party user may perform a service request through a device other than the device registered in advance. For this case, only the location of the service terminal 200 and 210 requesting the service and the party user are checked. You can also allow service requests. The position equality check may be performed by the position equality determination module 140. The location equality determination module 140 may use an IP (Internet Protocol) address as will be described later to determine the location of the service terminals 200 and 210. The IP address may be matched with actual address information, and this information may be managed by an ISP (Internet Service Provider) company. Therefore, if the IP address is known, the actual address information for each IP address can be confirmed from a system having real address information for each IP address even if the ISP company or the ISP company that allocates the IP address is not.

Meanwhile, when the service terminals 200 and 210 are assigned an IP address by using a Dynamic Host Configuration Protocol (DHCP), even though the service terminals 200 and 210 are the same and fixed in location, the allocated IP addresses may be different. Therefore, in this case, it may be efficient to use location information (actual address information) corresponding to the MAC address.

The DHCP server can know which MAC address a particular IP address is assigned to. Therefore, the service control system 100 according to the embodiment of the present invention may receive a MAC address for each IP from DHCP for each ISP company, and actual address information for each IP may be obtained from an ISP company operating the DHCP. Of course, in this case, a predetermined code for communicating with the web server or the service control system 100 may be installed in the DHCP server. Alternatively, DHCP may have a rule for an IP address allocated to a specific MAC address. For example, a specific device corresponding to a specific MAC address existing at a specific location can be assigned an IP of "xxx.xxx.xx.000" to "xxx.xxx.xxx.100", and corresponds to another specific MAC address. IP address corresponding to "xxx.xxx.xx.101" to "xxx.xxx.xx.200" can be assigned to the device. Such an IP allocation rule may vary. As such, the service control system 100 according to an exemplary embodiment of the present invention obtains information on an IP allocation rule corresponding to a specific MAC address and actual address information corresponding thereto to a specific IP. Location information for each MAC address can be obtained.

Alternatively, by allowing the party user to input the MAC address of the device and the location of the device, the party user can obtain location information for each MAC address. Based on the location information for each MAC address, the location identification module 140 may identify location information corresponding to the MAC addresses of the service terminals 200 and 210 obtained by the MAC identification module 120. Therefore, even when the service terminals 200 and 210 use the floating IP, location information of the service terminals 200 and 210 can be effectively obtained.

If it is determined by the location equality determination module 140 that the location of the party user and the location of the service terminals 200 and 210 that request the service are identical, the service request may be allowed. If there is no identity of the location, at least the subject requesting the service is not the party user. At this time, it is necessary to determine whether the subject requesting the service is the user who has the permission of the party user. The process of determining whether the subject requesting the service is a user who has permission of the political party user will be described later. In addition, the service control system 100 may allow a request for a specific service only when there is device suitability even when there is an identicalness of location according to security importance, type, and implementation of each service.

When the service terminal 200 or 210 makes a predetermined service request to a predetermined web server (not shown), the MAC identification module 120 may check the MAC addresses of the service terminals 200 and 210. The MAC identification module 120 may check the MAC addresses of the service terminals 200 and 210 in various ways.

For example, the MAC identification module 120 checks the MAC addresses of the service terminals 200 and 210 in the session connected to the web server (not shown) and the service terminals 200 and 210. An ARP (Address Resolution Protocol) may be used to confirm IP addresses of the terminals 200 and 210 and to verify MAC addresses of the service terminals 200 and 210 having the IP address. In this case, the ARP may be applied only between network nodes (devices) existing on the same local area network (LAN). Therefore, when the MAC address can be obtained through ARP communication, when the service terminals 200 and 210 and the server exist on the same LAN or subnet (for example, an intranet, an intranet, etc. using the same gateway). May be). One such example is shown in FIG. 3.

3 illustrates an example for explaining a method for checking a MAC address of a service terminal by a service control system according to an exemplary embodiment of the present invention.

3 illustrates a case in which a service terminal and a server exist on the same LAN. Referring to FIG. 3, at least one terminal 200-1 to 200-3, that is, a service terminal exists on the same LAN, and a service is provided. A web server 500 may also be present on the LAN. Although not shown in FIG. 3, the at least one terminal 200-1 to 200-3 may access the web server 500 using the same gateway. Then, the web server 500 broadcasts an ARP request to the at least one terminal 200-1 to 200-3 to perform IP communication with any one terminal (eg, 200-1). One terminal (eg, 200-1) corresponding to the broadcasted ARP request, that is, the terminal using the corresponding IP address may unicast its MAC address to the web server 500. . Accordingly, the web server 500 may check the MAC address of the terminal (eg, 200-1) requesting the service by obtaining information about the unicasted MAC address.

In addition, the service terminals 200 and 210 and the web server requesting the service may not exist on the same LAN. In this case, the MAC addresses of the service terminals 200 and 210 cannot be confirmed using ARP. In this case, at least one of the web server 500 or the service control system 100 may install a predetermined agent in the service terminals 200 and 210.

4 is a diagram for describing a method of confirming a MAC address of a service terminal by a service control system according to another exemplary embodiment of the present invention.

Referring to FIG. 4, the service terminal 200 may not exist on the same LAN as the web server 500 that provides a service. In this case, the web server 500 may not perform ARP communication with the service terminal 200. Therefore, in order for the service control system 100 to check the MAC address of the service terminal 200, a predetermined agent 201 may be installed in the service terminal 200. Of course, in order to install the agent 201, a process of obtaining consent from the subject of the service terminal 200 may be required.

When the IP 201 is connected to the web server 500, the agent 201 may check the MAC address of the network device (eg, an Ethernet card) of the service terminal 200. The method for the agent 201 to obtain the MAC address is somewhat different depending on the OS of the service terminal 200, but since it is well known, a detailed description thereof will be omitted.

The agent 201 automatically checks the MAC address when connected to the web server 500, and transmits the confirmed MAC address to the web server 500 or requests a MAC address from the web server 500. If present, the confirmed MAC address may be transmitted to the web server 500. Then, the MAC identification module 120 installed in the web server 500 or connected to the web server 500 may check the MAC address of the service terminal 200. The confirmed MAC address may be stored in at least one of the web server 500 or the service control system 100.

In addition to the above-described method, the MAC identification module 120 may implement the technical idea of the present invention as long as it can identify the MAC address through any method.

5 illustrates an example of a user-specific MAC address and location information for each MAC address that can be used for a service control method according to an exemplary embodiment of the present invention.

Referring to FIG. 5, a user 1, which is a party user, may directly register a MAC address of a device to be used by the web server 500 or the service control system 100. In the MAC address registration process, the web server determines whether the user 1 directly checks the MAC address of the device and registers the verified MAC address, or registers the confirmed MAC address when the MAC address is confirmed by the MAC identification module 120. 500 or the service control system 100 may verify the user 1. 5 illustrates a case where user 1 registers MAC addresses (eg, “00-40-05-42-C2-1C” and “00-42-01-30-B1-A1”) of each of two devices.

In addition, as described above, the location information for each MAC address may be registered in the web server 500 or the service control system 100. According to an embodiment, the location information for each MAC address may be inquired from an ISP system or a DHCP server in real time. The location information may be a unit, a same unit, or a major unit according to an embodiment. How detailed the location information includes the actual address information may vary according to the IP allocation policy, data management policy or various implementation examples of the ISP company.

Referring back to FIG. 1, the location equality determination module 140 may determine the location of the service terminals 200 and 210 based on the IP addresses of the service terminals 200 and 210. For example, when the service terminal 200 or 210 is a fixed data processing apparatus 200 or a portable terminal 210 such as a desktop computer, the terminal location determining module 120 may request a login request. 200 or an IP (Internet Protocol) address of the portable terminal 210, and the location of the data processing apparatus 200 may be known based on the obtained IP address.

An IP address may be matched with actual address information. In general, an IP address may be assigned, registered, and / or managed by an Internet service provider (ISP). Accordingly, the location equality determination module 140 may obtain an IP address corresponding to the service terminals 200 and 210, and obtain actual address information corresponding to the IP address from the ISP system (not shown). . Alternatively, the service control system 100 may previously store information about an actual address corresponding to the IP address in a predetermined DB (not shown), or periodically or in real time, the information about the actual address corresponding to the IP address. May be received.

When the service terminals 200 and 210 are portable terminals 210, the portable terminals 210 may access the wireless Internet through a wireless internet network. In this case, a communication company providing the wireless Internet service may be connected to the portable terminal. The IP address assigned to 210 and / or the location of the access point AP connected to the portable terminal 210 may be known. In this case, the terminal location determination module 120 may receive information on the location of the access point from a communication company system 400 that provides a wireless Internet service. In addition, the location of the portable terminal 210 may be grasped by various conventional location tracking methods (eg, triangulation, GPS, etc.), and the terminal location determining module 120 may transmit such information to the communication company system 400. Can also be received from. Of course, when the portable terminal 210 uses various location based services (LBS), information about the location of the portable terminal 210 may be received from an LBS system (not shown) that provides the LBS service. It may be. Alternatively, according to an embodiment, when the portable terminal 210 is equipped with a GPS module, the position equality determination module 140 receives GPS information from the portable terminal 210 to determine the position of the portable terminal 210. You can also judge. In addition, the terminal location identification module 140 may determine the location of the service terminals 200 and 210 in various ways.

Meanwhile, the location equality determination module 140 may further determine the location of the party user in order to determine the sameness between the location of the service terminals 200 and 210 and the location of the party user. To this end, the location identification module 140 may determine the location of the mobile terminal 300 of the party user. That is, the location equality determination module 140 may determine the location of the party user based on the location of the mobile terminal 300 of the party user. The method of determining the location of the mobile terminal 300 of the political party user is similar to the method of determining the location information of the mobile terminal 210 requesting a specific service by the location equality determination module 140, and thus, a detailed description thereof will be omitted. do. The mobile phone number of the party user may be pre-stored in a web server providing a service or the service control system 100 connected to the web server, and the mobile phone number corresponds to the mobile phone number based on the stored mobile phone number. Mobile terminal 300 may be identified.

The control module 110 may allow the service request if any one of the first determination result determined by the device identification module 130 or the second determination result determined by the location equality determination module 140 is satisfied. That is, if either device suitability or location identity is satisfied, the service request can be allowed.

Alternatively, as described above, when device suitability is not satisfied, location identity may be further determined, and the service request may be allowed if location identity exists. On the contrary, if location identity is not satisfied, the device suitability may be further determined, and the service request may be allowed if the device suitability is satisfied. That is, even if the location of the service request is different from the party user's location, even if the party requesting the service is not the party user, when the party user makes a service request with a device registered in advance, the party user is regarded as a user who has the permission of the party user. You can also allow services.

Of course, if the device suitability and location identity are both satisfied as described above, a predetermined service request can be allowed, and in this case, the highest security can be provided, and as described above, it can occur when only one is satisfied. There is an effect that can compensate for the problem.

The service control system 100 may allow a service request if only one of device suitability or location identity is satisfied according to the type of service requested, and the other type of service may satisfy both device suitability and location identity. You may allow it.

Meanwhile, the location equality determination module 140 may determine that location equality exists when the location of the determined service terminals 200 and 210 and the location of the determined party user satisfy a predetermined condition. The method of determining that position identity is satisfied at this time is shown in FIG.

FIG. 6 is a diagram for describing a method of determining a location identity by performing a location comparison by a service control system according to an exemplary embodiment of the present invention.

6A to 6C, the location equality determination module 140 determines the location of the service terminals 200 and 210 determined by the location equality determination module 140, that is, the first location and the location of the party user. It can be determined that the case where the distance difference between two positions is within a predetermined range is the case where there is positional identity. Even if the determined position is the same, it can be determined that the predetermined condition is satisfied. The method of determining the location of the service terminals 200 and 210 and the method of determining the location of the political party user may be different from each other by the location equality determination module 140. This is because the location information and / or the location of the user may have a certain error. For example, when the service terminal 200 is a computer, the location of the service terminal 200 is determined by an IP address or a MAC address, and the location of the party user is determined by the method of determining the location of the mobile terminal 300. In this case, location information having different ranges may be obtained. Therefore, even when the location of the service terminals 200 and 210 and the party user are the same, the determined location information may be different.

That is, the first location and the second location may be represented by information indicating a specific location (eg, an actual address or coordinate information corresponding to an IP address). Alternatively, at least one of the first position or the second position may be expressed as information indicating a specific range, not information indicating a specific position. For example, the position of the portable terminal 210 or the mobile terminal 300 may be represented as a predetermined region as shown in FIG. 6B or 6C according to the estimated position according to the triangulation and the error range from the estimated position. Alternatively, the portable terminal 210 or the mobile terminal 300 may be represented by an area range of a specific access point.

Therefore, when the first position and the second position can be designated as a specific position as shown in FIG. 6A, the position equality determination module 140 has a position when the difference between the first position and the second position is within a predetermined range. It can be determined that the identity is satisfied. Of course, the range may include a case in which the same location, that is, the same address or coordinates.

In addition, as shown in FIG. 6B, when one of the first position and the second position is designated as a specific position, and the other one is determined as a predetermined range, the position identity is determined when the specific position is included in the predetermined range. Module 140 may determine that location identity is satisfied.

In addition, as shown in FIG. 6C, when both the first position and the second position are represented by a predetermined range, when at least some regions of the range overlap, the position equality determination module 140 determines that the position identity is satisfied. It may be.

Of course, in addition to the method illustrated in FIG. 6, the case of determining that the position identity module 140 satisfies the position identity may vary. In any case, the position equality determination module 140 may determine whether position equality is satisfied by comparing the first position with the second position.

Meanwhile, the control module 110 may determine whether a specific service request of the service terminal 200 or 210 is a legitimate request using the device suitability and / or location identity as described above. The service control system 100 and the method according to the example may further determine whether the request is more clearly legitimate by going through an additional additional authentication process.

For example, when a fraudulent user who is not a political party user requests a specific service far from the political party user, the specific service may be prevented from being used under the same condition of location as described above. For example, when a user logs in to the web service after finding login information such as an ID and / or password (PWD) through hacking in another country, the positions of service terminals 200 and 210 and political parties located in other countries are shown in FIG. It may be determined that the service request is not a legitimate service because it does not satisfy the described condition. Therefore, there is an effect to prevent the use of a specific service by a fraudulent user. That is, according to the service control system 100 and the method according to an embodiment of the present invention, even if the login information is leaked through hacking or invading the web service without a legitimate login procedure, whenever a specific service is requested, By judging whether the request is a political party, it is possible not only to leak the login information but also to use the service through hacking. This is because the fraudster cannot know the location of the political user.

As such, when the location of the illegal user (or the service terminals 200 and 210) and the party user is relatively far, the specific service request of the illegal user may be rejected by the location comparison. However, fraud may not only happen in such a long distance, but also in the vicinity of a party user. For example, when a party user is acquainted with a party user, such as a co-worker, friend, or lover, they may use certain authentication information (e.g., ID, PWD, password of a public certificate, and / or the like) used in conventional security / authentication protocols. Or the location of the OTP generator, etc.) easily or in various ways, and then attempt to use the particular service against the will of the party user. If a co-worker, for example, a co-worker located right next to a party user's position intends to use the device illegally, the use of the location comparison as described above may not prevent the illegal use. In this case, however, the device suitability condition can prevent fraudulent use.

However, if a party user and a fraudster exist in a location having the same location, and a fraudster uses a device registered by a party user without the party user's knowledge, both device suitability and location identity are satisfied, and thus, the illegal service request may not be blocked. have.

To this end, the control module 110 transmits predetermined authentication information to any one of the service terminal 200 or 210 or the mobile terminal 300 even when the authentication condition due to the location identity and / or device suitability is satisfied. In addition, it may be determined that the authentication is successful only when the authentication information is received from the terminal corresponding to the terminal that transmitted the authentication information. The authentication information may be predetermined data generated by the service control system 100 to confirm that the user is a party user.

Herein, the terminal corresponding to the terminal that transmits the authentication information means that when the authentication information is transmitted to the service terminals 200 and 210, the mobile terminal 300 becomes the corresponding terminal, and the authentication information is referred to as the terminal. In the case of transmission to the mobile terminal 300, the service terminals 200 and 210 become the corresponding terminals.

For example, the control module 110 may transmit predetermined authentication information to the mobile terminal 300. The authentication information may be composed of numbers, letters, and / or symbols. That is, the control module 110 may transmit the authentication information to the mobile terminal 300 to allow the use of the specific service only when the transmitted authentication information is received from the service terminals 200 and 210. have.

On the contrary, the control module 110 may transmit predetermined authentication information to the service terminals 200 and 210 even when the condition of device suitability and / or location identity is satisfied. Then, the control module 110 may allow the use of the specific service only when the transmitted authentication information is received from the mobile terminal 300. In this case, the control module 110 and / or the service control system 100 may be set to correspond to a specific mobile number. For example, the control module 110 and / or the service control system 100 may use a predetermined MO (Mobile Oriented) service, when the user receives the authentication information to the service terminal (200, 210), The user may transmit the authentication information to the MO number set in the control module 110 and / or the service control system 100 using the mobile terminal 300. Alternatively, the mobile terminal 300 may be connected to the control module 110 and / or the service control system 100 through a wireless network, and may transmit the authentication information through the wireless network.

Of course, the control module 110 may transmit predetermined notification information together with the authentication information to the mobile terminal 300 to know that the specific service is requested. Alternatively, the control module 110 may transmit only predetermined notification information to the mobile terminal 300 to know that the specific service is requested.

That is, if at least the party user's mobile terminal 300 assumes that the party user possesses and the authentication information is transmitted to the mobile terminal 300, if there is an illegal service request in the vicinity of the party user, The party user can know that there is an illegal service request, and can not block the illegal use since the authenticated authentication information is not inputted through the service terminal 200 or 210 that has made the illegal authentication request.

Alternatively, if the party user's mobile terminal 300 is owned by the party user and the authentication information is transmitted to the service terminals 200 and 210, the illegal user transmits the authentication information transmitted through the mobile terminal 300. Since the user cannot input the data, the illegal user who attempts to use the service through the service terminals 200 and 210 may not use the specific service.

According to the embodiment, since the mobile terminal 300 is assumed to be owned by the political party user, the control module 110 uses the mobile terminal 300 again to transmit the authentication information transmitted to the mobile terminal 300. You can also send This is because if the political party user does not request a specific service using the service terminals 200 and 210, the authentication information will not be transmitted to the mobile terminal 300 again.

In addition, if the authentication information is transmitted to the mobile terminal 300, and if the information that the request for the use of the specific service has been transmitted to the mobile terminal 300 along with the authentication information, the political party user requests the specific service In case of notifying the service control system 100 or the system providing the web service of not doing so, there is an effect of identifying the location of an unauthorized user. This is because the unauthorized user has passed the authentication process through the location comparison as described above, at least confirm that the illegal user requested the service using the service terminals 200 and 210 within a predetermined condition used for the location comparison Because you can give.

As described above, in the case where an additional authentication process is performed along with the location comparison according to the technical idea of the present invention, it is possible to reject an unjust service request occurring in the vicinity of a party user, thereby preventing damage due to unfair service use, and also unfairly nearby. When attempting to use it, it is possible to specify the location where an attempt to use an illegal service exists, thereby preventing the use of an illegal service.

The additional authentication process used together with the authentication based on the device suitability and / or location identity is used to transmit authentication information to the mobile terminal 300 as described above, as well as the mobile terminal 300 or the service terminal ( 200, 210 may be implemented by requesting a predetermined verification action. For example, the control module 110 may inform the mobile terminal 300 or the service terminals 200 and 210 that the specific service is requested by the political user through the mobile terminal 300. By transmitting information or a message for performing, it can be confirmed that the request of the specific service was a request by a party user. For example, the control module 110, when a party user presses a predetermined button (eg, 'confirmation') through the call back URL (call back URL) to the mobile terminal 300, the pressed information is returned to the service control system. 100 or the system that provides the web service. Then, the control module 110 may allow the use of the specific service. The checking may include an operation of selecting a specific button, key, or UI using the mobile terminal 300, inputting specific information, or transmitting a specific message.

In other words, the confirmation may include not only selecting a specific button but also various actions that may be performed by a party user. In this case, the mobile terminal 300 transmits information indicating that the verification is performed by using a wireless application protocol (WAP), or the service security system indicates that the verification is performed by using a callback UL as described above. 100).

Under the premise that the mobile terminal 300 has a party user, if such confirmation is received, even if the requester who requested the specific service using the service terminal 200 or 210 is not the party user, the user can allow the use of the specific service. This is because the party user confirmed the use of the specific service requested through the mobile terminal 300. In other words, when a party user allows a user to use a specific service, the user may allow the use of the specific service through this confirmation.

That is, in the additional authentication process, when predetermined authentication information required for authentication is transmitted to the mobile terminal 300 or the service terminals 200 and 210, the authentication information is input to a terminal corresponding to the terminal where the authentication information is transmitted. In this case authentication can be successful. Alternatively, authentication may be successful when the authentication information is transmitted to the mobile terminal 300 and the transmitted authentication information is transmitted again from the mobile terminal 300.

Alternatively, when at least one of the service terminal 200 or 210 or the mobile terminal 300 has a predetermined confirmation request, and the requested confirmation is performed by the mobile terminal 300, authentication may be successful. .

In addition, the additional authentication process may be possible not only when the authentication information or the verification is performed as described above, but also when inputting certain identification information.

The identity verification information may refer to predetermined information that can identify the identity. For example, information unique to each user in advance (for example, a resident number or unique information automatically assigned to each user) to the service control system 100 or predetermined information input by the user in advance (for example, a song of his / her favorite) Na city, etc.) may be stored. Such information may be preferably stored encrypted in advance in the service control system 100 or a predetermined web service system connected to the service control system 100. In addition, the service control system 100 may request the mobile terminal 300 or the service terminals 200 and 210 for at least some of the predetermined information in an additional authentication process. Then, the control module 110 may go through an additional authentication process by checking whether the information transmitted from the mobile terminal 300 or the service terminals 200 and 210 matches the previously stored information.

The identity verification information may include predetermined authentication information that has been used for identity verification in addition to the predetermined information. For example, official authentication information (certified certificate and password) or OTP may be included in the identity verification information. Therefore, through such identity verification information, even if the primary authentication through the position comparison can be performed more reliable authentication. That is, even if the user near the party user who knows the login information by any means, the user may not know the information previously set by the political party user, the authentication information, or the OTP information, so that the secondary authentication can be performed through the identity verification information. .

7 illustrates an example of a screen displayed on a service terminal or a mobile terminal by a service control method according to an exemplary embodiment of the present invention.

First, referring to FIG. 7A, the service terminals 200 and 210 may be logged in to a predetermined web service (eg, a web site of a financial institution). Some of the web services may require a relatively low security level, and other services may require a relatively high security level. In this case, the service control method according to an embodiment of the present invention may apply both device suitability and location identity conditions to a specific service requiring a high security level (for example, a transfer service, etc.). .

For example, when the service terminals 200 and 210 want to search for a specific financial account, the predetermined UI 10 may be selected. At this time, the service security method according to an embodiment of the present invention may not be applied and the service may be immediately available. If the service terminals 200 and 210 want to transfer financial assets existing in a specific financial account, the predetermined UI 20 may be selected. In this case, a service control method according to an embodiment of the present invention may be applied. When a service control method according to an embodiment of the present invention is applied and authentication is performed through device suitability and / or location identity determination, and as a result, authentication is not successful, as shown in FIG. In addition, information indicating that the transfer service cannot be used may be displayed on the service terminals 200 and 210.

According to an embodiment, when authentication through device suitability and / or location identity fails, the control module 110 inputs predetermined identification information or receives authentication again through predetermined authentication information, or the mobile terminal 300. ), It may be possible to recover from the authentication failure if the verification is performed.

Or information about a request for the specific service (for example, a site for which a specific service is requested, information about a specific service or application, information about a time when a specific service is requested, or a specific service request) to the mobile terminal 300 of the political party user. Information about a given location (or IP address), etc.). The information on the specific service request may be transmitted to the mobile terminal 300 through a messaging service such as SMS or MMS, but is not limited thereto.

In addition, even a party user may not necessarily have his mobile terminal 300. In this case, the control module 110 may input predetermined identification information to confirm that the user who requested the transfer service is a legitimate user, and then control to use the transfer service. As described above, the identification information may be information that can be known only by the political party user (for example, the digit after the social security number, information on the taste of the political party user, etc.). Such identity verification information may be preferably stored encrypted in a predetermined manner in the service control system 100 or the system providing the web service. In addition, as described above, the identification information may include predetermined identification information provided by a conventional security protocol (for example, a public certificate and a password of the public certificate, or an OTP) to be used for recovering an authentication failure through location comparison. It may be. Such identity verification information can be used to recover authentication failure through location comparison, assuming that only the party user knows.

Alternatively, the authentication information may be transmitted to any one of the mobile terminal 300 or the service terminals 200 and 210, and the authentication failure may be recovered when the transmitted authentication information is received from the corresponding terminal. This may indicate that a specific service requester and a party user are located at a location apart from each other when the party user is carrying the mobile terminal 300. This may be the case where a fraudulent user requests a specific service or a user authorized by a political user requests a specific service. In the latter case, the authentication failure may be recovered through such authentication information.

7B illustrates a process of performing an authentication process through authentication information when authentication is successful through device suitability and / or location identity. When a predetermined UI 20 is selected by the service terminals 200 and 210, The control module 110 performs an authentication process through device suitability and / or location identity. Even if the result of the authentication is successful, the control module 110 generates predetermined authentication information to prevent the unauthorized use that may occur in the vicinity of the party user as described above, so that the service terminal 200 or 210 or the It may be transmitted to the mobile terminal 300. FIG. 7B illustrates a case in which authentication information is transmitted to the mobile terminal 300, but vice versa may be easily deduced by an average expert in the art. Then, the political party user may input the transmitted authentication information into the predetermined input UI 30 using the corresponding terminal (eg, the service terminals 200 and 210), and select the UI 40. Then, the information input to the input UI 30 may be transmitted to the control module 110, and the additional authentication process may be performed by comparing the transmitted information with the generated authentication information. If the additional authentication process is successful, the control module 110 may allow the service terminals 200 and 210 to use the transfer service.

FIG. 7C illustrates a case in which an additional authentication process is performed through a mobile terminal. The control module 110 performs a specific service requested to the mobile terminal 300 even when authentication is successful through device suitability and / or location identity. Information about may be transmitted as shown in FIG. 7C. In addition, in order to confirm whether the request of the specific service is a request by a party user, the party user may be requested to perform a predetermined verification. The control module 110 may request the confirmation action to the mobile terminal 300, but as described above, the confirmation action transmitted by transmitting the confirmation action to the service terminals 200 and 210 is determined by the mobile terminal ( 300 may be required to be performed. In FIG. 7C, the control module 110 shows a case in which the request for confirmation is made to the mobile terminal 300. The control module 110 confirms that a user of a political party selects a predetermined confirmation UI 50. In the case of acting, it can be judged that the additional authentication process is successful. If the party user selects the cancellation UI 60, the specific user (eg, transfer service) may be controlled to prevent the user from using the specific service. In addition, as described above, the confirming action may be used as a meaning including not only the selection of a specific UI, but also all kinds of actions that can confirm that the user is a party user through the mobile terminal 300.

In FIG. 7, the service control method according to an exemplary embodiment of the present invention is applied to a specific service (eg, a transfer service) of a financial institution as an example. However, all web services (eg, public institutions, The service control method may be applied to at least some of the various services provided in the electronic commerce, game service, etc. (eg, certificate application, payment, disposal of game money or items, etc.).

On the other hand, the service control system 100 and the method according to an embodiment of the present invention is the same or not only when a particular service terminal 200, 210 requests to log in, not only when a specific service is selected while logged in. Similarly it can be applied.

That is, when there is a login request from the service terminals 200 and 210, the control module 110 may determine whether the login request is a legitimate login request through device suitability and / or location identity. In addition, it may be determined whether the login request is legitimate only if the additional authentication process is performed.

A login request may mean a predetermined action for a user to authenticate that he or she is a legitimate user to use a particular website or application, wherein the login request may be performed by entering an ID and / or password and selecting a login button. Can be. Alternatively, a login request may be performed by selecting specific authentication information that can identify a user, such as an authorized certificate, and inputting a password corresponding to the authentication information.

In addition, a party login request refers to a login request when there is no need to restrict access and / or use of a web site or application, such as a login request by a party user or a user's login request permitted by the party user. Can mean.

Accordingly, the control module 110 determines whether the login request performed by the service terminals 200 and 210 is a political login request. This may mean determining whether to allow login or limiting at least some of the services that can be used even if the login is allowed. According to the exemplary embodiment, when the login request is temporarily permitted to log in the service terminals 200 and 210 that have requested the login, the user is forced to log out of the service terminals 200 and 210 when it is determined that the login request is not a political login. You can also log out. If it takes some time to determine the party login request, if only the identification information of the existing user such as ID or password is corrected once, and then it is determined that it is not a party login request according to an embodiment of the present invention. The service terminals 200 and 210 may be forcibly logged out. Of course, the type of service to be restricted may be determined or the allowed services may be determined in advance.

For example, when the service terminal 200 or 210 wants to access a specific web site, the login information (eg, an ID and a password, etc.) used by the service terminal 200 or 210 in the login request is stored in the web site. It can match all of the information registered in. In this case, the service control system 100 according to an exemplary embodiment of the present invention may not determine that the login request is a political login request based on whether ID and password match. If it is determined that the request is not a political login request, the control module 110 may not allow the service terminal 200 or 210 to log in or may provide only a limited service even if the login is allowed. Alternatively, as described above, after allowing the login, it may be forcibly logged out when it is determined that it is not a political login request. For example, if the ID and password match but it is determined by the control module 110 that it is not a legitimate login request, various services provided by the web site (eg, viewing of information, generating of information, changing of information, etc.). Only some of them can be controlled. Of course, if it is determined that the login request is a political party, it is possible to use all services that match the usage rights granted to the ID and password.

8 is a diagram illustrating a process of authenticating a login request by the service control system 100 and a method thereof.

8 shows an example of a screen displayed on the service terminal by the service control method according to an embodiment of the present invention.

Referring to FIG. 8, a user may wish to log in to a specific web site or web application through the service terminals 200 and 210. The user can then enter a predetermined ID and password, and perform the login request by selecting the login button 1. Alternatively, you can try logging in by selecting a certificate and choosing a password for the certificate.

If the ID and password match the pre-registered information, or if the public certificate and password are correct, the control module 110 determines whether the login request is a party login request through device suitability and / or location identity as described above. Can be determined. In addition, it may be determined whether or not it is a party login request only through the device suitability and / or location identity. However, as described above, it may be determined that the login request is a party login request only after further authentication.

For example, even if authentication is successful through device suitability and / or location identity, after transmitting predetermined authentication information to the mobile terminal 300, the authentication information transmitted from the service terminals 200 and 210 is input. When the authentication information is transmitted to the mobile terminal 300 or the service terminals 200 and 210, and the authentication information is input from the mobile terminal 300, the control module 110 performs a political login to the login request. The request can be determined. Alternatively, even if authentication is successful through device suitability and / or location identity, the mobile terminal 300 confirms by the mobile terminal 300 after requesting a predetermined confirmation action to the mobile terminal 300 or the service terminals 200 and 210. When the action is performed, the control module 110 may determine that the login request is a political login request. Alternatively, when the identification information is input from the service terminal 200 or 210 or the mobile terminal 300, the login request may be determined as a political login request.

In addition, if it is determined that it is not a legitimate login request through device suitability and / or location identity, the control module 110 may recover an authentication failure through location comparison by going through a separate process. This is because even as a party user, even if the party does not have the mobile terminal 300, or a person who is allowed to use the party user may request a login. In this case, even if the authentication fails through the location comparison, if the predetermined authentication process is again performed, the login request may be determined as a political login request again. To this end, the control module 110 may request the service terminal 200 or 210 to input predetermined identification information. Alternatively, when a predetermined confirmation action is input through the mobile terminal 300, it may be determined as a political login request again. Alternatively, the authentication information may be transmitted, and if the authentication information is received from the corresponding terminal, the authentication information may be determined as a political login request.

For example, as illustrated in FIG. 8A, the control module 110 may request the service terminals 200 and 210 to input information that only a party user can know, such as a digit of a party user's social security number.

The service terminals 200 and 210 that have been requested to input the identification information may input the requested information through a predetermined UI 2. Thereafter, when the user selects a predetermined button 3, the information input through the UI 2 may be transmitted to the control module 110. The control module 110 may check whether the received information is correct information by comparing it with previously stored information. If the previously stored information is encrypted, a separate decryption process may be performed. When the inputted information matches the requested identity information, the control module 110 may determine the login request as a political login request again.

The identity verification information may be information used in a conventional security protocol, such as a public certificate and a password of the public certificate. For example, if authentication via device suitability and / or location identity fails, the user may select UI 70 and attempt to log in with an authorized certificate.

That is, even if the service control system 100 determines that the login request is not a party login request through device suitability and / or location identity, the service control system 100 may modify or reverse the determination by party login request again through a separate authentication process. Protocol can be provided. This is because even though the user performing the login request is a party user, it may be determined that the user is not a party login request through location comparison. For example, this may be the case when a political party user does not have his or her portable terminal. Or it may be the case that the login request is made by an authorized user who is away from the party user. Alternatively, as described above, authentication failure may be recovered through location comparison using the authentication information. Of course, if the authentication fails through the location comparison and / or additional authentication process may not be determined as a political login request.

Meanwhile, referring to FIG. 8B, as described above, the control module 110 may allow the login even when it is determined that the request is not a political login request. In this case, the currently logged-in user may be restricted from using at least one of the services available to the party user. In this case, the type of the service whose use is restricted may be determined in advance or in real time, and the type of the service whose use is limited may be displayed on the service terminals 200 and 210 as illustrated in FIG. 7B. Of course, at this time as well, as described with reference to FIG. 7A, the user may be restored to use all the services by being recognized as a login of a political party user.

9 illustrates an example of a screen displayed on a mobile terminal of a party user by a service control method according to an exemplary embodiment of the present invention.

First, referring to FIG. 9A, if the service control system 100 determines that the service request, for example, the login request is not a party login request, the service control system 100 may notify the party user that the login request has been made. To this end, when the control module 110 determines that the login request is not a political login request, the control module 110 sends the information about the login request to the mobile terminal 300 of the political party user (for example, information about a login request site or application, Information on the time required for login and information on a location (or IP address) requested for login may be transmitted.The information on the login request may be transmitted to the mobile terminal 300 through a messaging service such as SMS or MMS. But it is not limited thereto.

In addition, the party user may recover the login request back to the party login request by performing a predetermined verification using his mobile terminal 300. For example, even when a political party user determines that the user is not a party login request through location comparison, such as when a user allows login of another user, the party user permits a login request from the service terminal 200 or 210 as a party login request. There may be a case. Then, the control module 110 may transmit a method for requesting a confirmation action to allow the login request as a political login request to the mobile terminal 300. For example, as illustrated in FIG. 9A, when a specific button of the mobile terminal 300 is input, the user may inform the political party that a login permission request may be transmitted to the service security system 100. In this case, a callback URL may be used, but is not limited thereto.

When the party user performs the verification, the service control system 100 may determine the login request from the service terminals 200 and 210 as the party login request again.

Meanwhile, as shown in FIG. 9B, the control module 110 may transmit predetermined authentication information to the mobile terminal 300 of the party user. Then, the political party user may inform the authentication information to the person who logs in to the service terminal 200 or 210. The authentication information may be input through the service terminals 200 and 210, and in this case, the control module 110 may determine the login request as a political login request. In some cases, even when a political party user attempts to log in using the service terminals 200 and 210 while directly possessing his mobile terminal 300, device suitability and / or location identity may cause errors in position comparison or It may not be determined to be a legitimate login request because it is not performed correctly due to a system error. In this case, the login request may be restored to a political login request using the authentication information. The authentication information may be information consisting of numbers and / or letters.

The service control system 100 may be installed and implemented in a web service system to use the service control method according to an embodiment of the present invention as shown in FIG.

Alternatively, the service control system 100 may be implemented as a system separate from a system for providing a web service, which is illustrated in FIG. 2.

2 shows a schematic configuration of a service control system according to another embodiment of the present invention.

Referring to FIG. 2, the service control system 100 may be connected to a predetermined web system or the server 500 through a wired / wireless network to transmit and receive predetermined information for implementing the technical idea of the present invention. The web server 500 may be a system for providing a specific web service.

The web server 500 may receive a specific service request or a login request from the service terminals 200 and 210. Then, the web server 500 may transmit predetermined information (eg, an IP address, etc.) for determining the device suitability and / or location identity of the service terminals 200 and 210 to the service control system 100. have. In addition, predetermined information (eg, identification information and / or a mobile phone number of a party user) for identifying a party user's location may be transmitted to the service control system 100. Then, the service control system 100 determines the device suitability, the location of the service terminals 200 and 210 and the location of the party user based on the transmitted information, and accordingly the specific service request is a legitimate request or It may be determined whether the login request is a legitimate login request. In addition, it may be determined that the additional authentication process is successful together with the device suitability and / or location identity determination result to be a legitimate service request or a party login request. Then, the service control system 100 may transmit the determination result to the web server 500.

In addition, the information as shown in FIG. 8 may be directly transmitted from the service control system 100 to the service terminals 200 and 210 or transmitted to the service terminals 200 and 210 through the web server 500. Can be. Therefore, in the present specification, that the service control system 100 requests specific information to the service terminals 200 and 210 means that the web server 500 requests the specific information to the service terminals 200 and 210. The service security system 100 may be used to mean that the service server 100 controls the web server 500.

In addition, the service control system 100 to receive the specific information from the service terminal (200, 210) is not only when receiving the specific information directly from the service terminal (200, 210), but also the web server ( 500 may be used as a meaning including receiving the specific information.

The service control method according to an embodiment of the present invention is particularly useful for web services that can be seriously damaged if the ID and password are leaked or the authentication information and password of the authentication method that can prove the identity such as a public certificate or OTP are leaked. Can be applied. In addition, the conventional security / authentication protocol is a pure authentication information based authentication protocol (eg, ID / PWD, etc.), whereas the service control method according to an embodiment of the present invention is a location-based authentication method and a hardware dependent (dependent). Since one authentication method can be applied sequentially or simultaneously, it can be used or replaced with a conventional protocol. For example, even if a public certificate (or a medium in which the public certificate is stored) or an OTP generator is lost or stolen, a security mechanism may be provided using a service control method according to an embodiment of the present invention.

The service control method according to an exemplary embodiment of the present invention may be applied to a web site of a financial institution, a public institution, or various service companies or a web service provided by them.

The service control method according to an embodiment of the present invention can be embodied as computer readable codes on a computer readable recording medium. Computer-readable recording media include all kinds of recording devices that store data that can be read by a computer system. Examples of computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, hard disk, floppy disk, optical data storage, and the like, and also in the form of carrier waves (e.g., transmission over the Internet). It also includes implementations. The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion. And functional programs, codes and code segments for implementing the present invention can be easily inferred by programmers in the art to which the present invention belongs.

Although the present invention has been described with reference to one embodiment shown in the drawings, this is merely exemplary, and those skilled in the art will understand that various modifications and equivalent other embodiments are possible therefrom. Therefore, the true technical protection scope of the present invention will be defined by the technical spirit of the appended claims.

Claims (19)

A device identification module for determining device suitability of a service terminal for requesting a wired or wireless Internet service;
A position identity module for determining an identity between a position of a service terminal which has made the service request and a position of a party user corresponding to the service request; And
And a control module for determining whether to allow the service request according to at least one result of the first determination result determined by the device identification module or the second determination result determined by the location equality determination module. The method of claim 1, wherein the service control system,
And a MAC identification module for checking a media access control (MAC) address of the service terminal. The method of claim 2, wherein the device identification module,
And determining the device suitability of the service terminal based on the MAC address and the MAC address of each user registered in advance. The method of claim 3, wherein the user-specific MAC address,
A service control system that can include at least one MAC address. The method of claim 1, wherein the position equality determination module,
And a service control system for determining a location of the service terminal corresponding to the MAC address based on the identified MAC address and previously stored location information for each MAC address. The method of claim 1, wherein the position equality determination module,
Confirming the IP address of the service terminal, confirming actual address information corresponding to the confirmed IP address, and determining a location of the service terminal based on the confirmed actual address information. The method of claim 5, wherein the location information for each MAC address,
Generated by information received from at least one Dynamic Host Configuration Protocol (DHCP) server or an Internet Service Provider (ISP) system that operates the DHCP server,
Service control system, the information being generated based on the location information input by the political party user. The method of claim 1, wherein the MAC identification module,
Receive information on the MAC address corresponding to the service terminal through a predetermined agent installed in the service terminal,
A service control system for verifying the MAC address through Address Resolution Protocol (ARP) communication. The method of claim 1, wherein the location identity determination module,
And determining the location of the party user based on the information about the location of the mobile terminal of the party user. 10. The method of claim 9, wherein the information on the location of the mobile terminal of the party user,
A service control system that receives from a carrier company or LBS system. The method of claim 10, wherein the control module,
If either of the first decision result or the second decision result is satisfied, the service request is allowed or
If any one of the first determination result or the second determination result is not satisfied, the rest is checked, and if the remaining determination result is satisfied, the service request is allowed or
And a service control system allowing the service request when both the first determination result and the second determination result are satisfied. The method according to any one of claims 1 to 11,
The service request system includes at least one of a bank transfer request, a payment request, a login request, or a certificate issue request. A position identity determining module for determining an identity between a position of a service terminal that has made a service request and a position of a party user corresponding to the service request; And
And a control module for determining whether to allow the service request according to the determination result determined by the location equality determination module.
And the location equality determining module determines the location of the service terminal based on the MAC address of the service terminal. Confirming, by the service control system, at least one of device suitability of the service terminal or identity of the location of the service terminal and the location of the party user corresponding to the service request; And
Determining whether to allow the service request according to at least one result of the confirmed device suitability or the identity of the location;
Checking at least one of device suitability of the service terminal or the identity of the location of the service terminal and the location of the party user corresponding to the service request,
Confirming a Media Access Control (MAC) address of the service terminal to confirm at least one of the device suitability or the identity of the location. The method of claim 14, wherein the determining of the media access control (MAC) address of the service terminal comprises:
Receiving, by the service control system, information on a MAC address corresponding to the service terminal through a predetermined agent installed in the service terminal; or
And determining at least one of the MAC address of the service terminal through Address Resolution Protocol (ARP) communication. The method of claim 14, wherein checking at least one of device suitability of the service terminal or the sameness of the location of the service terminal and the location of the party user corresponding to the service request comprises:
And determining the device suitability of the service terminal based on the identified MAC address and a pre-registered user-specific MAC address. The method of claim 14, wherein checking at least one of device suitability of the service terminal or the sameness of the location of the service terminal and the location of the party user corresponding to the service request comprises:
Determining a location of the service terminal corresponding to the MAC address based on the identified MAC address and previously stored location information for each MAC address; or
Checking at least one of the IP address of the service terminal, checking actual address information corresponding to the confirmed IP address, and determining at least one of the positions of the service terminal based on the confirmed real address information. Service control method comprising. 15. The method of claim 14, wherein determining whether to allow the service request according to at least one of the device suitability or the identity of the location,
Allowing the service control system to accept the service request when either the first determination result or the second determination result is satisfied;
Checking the remainder if one of the first determination result or the second determination result is not satisfied and allowing the service request if the remaining determination result is satisfied; or
And at least one of allowing the service request when both the first determination result and the second determination result are satisfied. A computer-readable recording medium having recorded thereon a program for performing the method according to any one of claims 14 to 18.

Images