KR20120063178A - System and method for service security based on location - Google Patents

Abstract

PURPOSE: A location based service security system and method thereof are provided to increase security states based on real facts and recognized information by determining right users based on a location. CONSTITUTION: A terminal location determination module(120) confirms a location of a service terminal corresponding to an IP(Internet Protocol) address and the IP address of the service terminal. A user location determination module(130) determines the location of a right user corresponding to a service request. A control module(110) controls the usage of a service corresponding to the service request by comparing a first location determined by the terminal location determination module with a second location determined by the user location determination module.

Description

Location based service security system and its method {System and method for service security based on location}

The present invention relates to a location-based service security system and a method thereof. More specifically, when a user wants to use an important function or service in a web service, the user requesting the use is determined based on the location, and the user is a legitimate user. It relates to a system and a method for allowing only such a function or service to be used.

With the development of the Internet, many people have been provided with various services by accessing a web site or a predetermined application for a specific web service. Websites, web services, or web applications often use a procedure called log-in to identify users. In order to log in, a user must input identification information (eg, ID, password, or public certificate) that corresponds to an account assigned to each user. In addition, when a user wants to use an important function or service even after logging in, there may be a case where a user needs to pass through a certain security protocol (eg, an accredited certificate or one time password (OTP)). Of course, the same authentication procedure (eg, accredited certificate) can be used not only during the login procedure, but also when providing some security protocol after login.

However, the conventional security protocol is inconvenient to have a separate physical security device, such as a public certificate or OTP generator in order to use the security protocol. Therefore, a technical idea that can provide a separate security protocol by using a mobile terminal that is always (or likely to be) the user may be required.

In addition, a method using ID / PWD among conventional security protocols has a problem in that when the ID / PWD is accidentally leaked or leaked by a malicious attack, it can no longer function as a security protocol. A security protocol using an accredited certificate or OTP can also cause serious problems if the storage medium or OTP generator that stores the accredited certificate is lost, or if it is stolen by a legitimate user's acquaintance or coworker.

Therefore, there is a problem that security may be low only by knowing specific information or having a specific device (eg, a certificate, an OTP generator, etc.) as in the conventional security protocol. Therefore, a method of providing a security function based on the location of the service requester and the party user regardless of whether the user knows specific information or has a specific device may be required.

In addition, in the case of providing a security function only through location comparison, a party user may not use the service even though he is a party user such as leaving the mobile terminal in another place. In addition, there may be a case where a service request is made by a fraudulent user even when the location comparison is passed.

Therefore, while providing security services through location comparison, it is possible to guarantee that users can use the service or provide a method that does not allow unauthorized users to use the service even if the location comparison is passed. What is needed is a way to ensure practical utility.

Accordingly, the technical problem to be achieved by the present invention is to provide a security protocol that can authenticate a user on a location basis in order not to allow unauthorized users to use the service.

In addition, in the case of providing a security protocol based on location, a problem of location comparison, that is, a party user (or a user authorized to use a party user) does not use the service, or is accidentally or located in the vicinity of a party user. It is to provide a system and method that can prevent the unauthorized use that may occur by the user.

Location-based service security system according to an embodiment of the present invention for solving the technical problem, when the service terminal makes a predetermined service request to the web server providing a web service, and checks the IP address of the service terminal, A terminal location determining module for identifying a location of the service terminal corresponding to the identified IP address based on location information for each IP address, a user location determining module for determining a location of a party user corresponding to the service request, and the terminal And a control module for comparing the first position determined by the position determination module with the second position determined by the user position determination module and controlling whether to use a service corresponding to the requested service request based on the comparison result.

The control module allows the use of the service even if the predetermined condition is not satisfied, and transmits the notification information to the mobile terminal of the political party user to know that the service request has been received. When a denial of service request signal is received from the mobile terminal based on the notification information or a denial of service request signal is received from a predetermined ARS system requested by the mobile terminal, the use of the service may be blocked.

The control module may limit at least one of the functions that the service terminal can use in the web server when the service is permitted even when the predetermined condition is not satisfied.

If the denial of service request signal is not received within a predetermined time, the control module may allow the use of at least one limited function again.

When the control module does not meet a predetermined condition as a result of the comparison, the identification information is received from the service terminal or the mobile terminal, a confirmation operation is performed from the mobile terminal, or is generated by the control module and is sent to the mobile terminal. When the transmitted authentication information is received from the service terminal or the mobile terminal or the authentication information transmitted to the service terminal is received from the mobile terminal, the use of the service may be allowed.

The control module performs a predetermined additional authentication even if the comparison result satisfies a predetermined condition, and permits the use of the service when the additional authentication succeeds, and when the additional authentication succeeds, the control module Authentication information generated by and transmitted to the mobile terminal is received from the service terminal or the mobile terminal, or the authentication information transmitted to the service terminal is received from the mobile terminal, or identity verification from the mobile terminal or the service terminal. It may be the case that information is received or a confirmation is performed from the mobile terminal.

The identity verification information includes at least one of predetermined identification information, public certificate information, or OTP (One Time Password) information to confirm that the user of the political party, wherein the verification is a predetermined key provided in the mobile terminal, It may include at least one action of selecting a button or a UI.

The predetermined condition may include at least one of a case where a distance difference between the first position and the second position is within a predetermined range or when an area where the first position and the second position overlap with each other is present.

The user location determination module may receive information on the location of the mobile terminal of the party user from a communication company system or an LBS system.

The service security method for solving the technical problem is a step of confirming the IP address of the service terminal requesting the service by the service security system, when the service terminal makes a predetermined service request to the web server providing the web service, Identifying the location of the service terminal corresponding to the IP address, determining the location of the party user corresponding to the service request, comparing the determined location of the service terminal with the location of the party user, and comparing And controlling the use of the requested service by the service security system based on a result.

The controlling of the use of the service requested by the service security system includes allowing the use of the service even when the service security system does not satisfy a predetermined condition as a result of the comparison. Transmitting notification information to inform the mobile terminal of the political party user that a request for using the service has been received, receiving a service denial request signal from the mobile terminal based on the transmitted notification information, or from the mobile terminal; The method may further include receiving a denial of service request signal from a predetermined ARS system, and blocking use of the service in response to the received denial of service request signal.

The controlling of the use of the requested service by the service security system may include receiving identification information from the service terminal or confirming whether a verification operation is performed from the mobile terminal when the comparison result does not satisfy a predetermined condition; Receiving the authentication information transmitted to the mobile terminal from the service terminal, or receiving the authentication information transmitted to the service terminal from the mobile terminal, and permitting the use of the service. Can be.

The controlling of the use of the requested service by the service security system includes: performing a predetermined additional authentication process when a predetermined condition is satisfied and allowing the use of the service according to the result of the additional authentication process. It may include the step.

The performing of the additional authentication process may include receiving authentication information generated by the service security system and transmitted to the service terminal or the mobile terminal from the mobile terminal or the service terminal, from the mobile terminal or the service terminal. It may include at least one of the step of receiving the identity verification information, or confirming that the verification is performed from the mobile terminal.

The service security method may be stored in a computer-readable recording medium recording a program.

Location-based service security system and method according to the present invention can determine whether the user to use the service is a legitimate user based on the location of the legitimate user and the location of the current login request, the existing specific information ( For example, ID / PWD or public authentication information, etc.) or whether the specific device (for example, public certificate or OTP, etc.) whether or not based on the fact that completely different from the fact that the security can be improved. Therefore, even if the specific information or a specific device is leaked or lost, there is an effect that it is possible to limit the use of a predetermined important service or function.

In addition, it is possible to prevent unauthorized use by a fraudulent user who may exist even if the authentication condition through location comparison is satisfied, and a user authorized by a valid user or a valid user even when the authentication condition through location comparison is not satisfied. There is an effect that can guarantee the use of the service by. In addition, this has the effect of enabling the security service through location-based to act as a practical security function.

BRIEF DESCRIPTION OF THE DRAWINGS In order to better understand the drawings cited in the detailed description of the invention, a brief description of each drawing is provided.
1 shows a schematic configuration for explaining the function of a location-based service security system according to an embodiment of the present invention.
2 shows a schematic configuration of a location-based service security system according to another embodiment of the present invention.
FIG. 3 is a diagram illustrating a method of determining whether a service request from a party user is performed by performing a location comparison by a location-based service security system according to an exemplary embodiment of the present invention.
4 is a diagram illustrating a concept of ensuring that a legitimate user can use a service even when the location comparison is not authenticated according to a location-based service security method according to an embodiment of the present invention.
FIG. 5 is a diagram for describing a concept of preventing an unauthorized user from using a service even when a location comparison is authenticated according to a location-based service security method according to an embodiment of the present invention.
6 illustrates an example of a screen displayed on a service terminal or a mobile terminal by a location-based service security method according to an embodiment of the present invention.
7 illustrates an example of a screen displayed on a service terminal by a location-based service security method according to an embodiment of the present invention.

In order to fully understand the present invention, the operational advantages of the present invention, and the objects achieved by the practice of the present invention, reference should be made to the accompanying drawings which illustrate preferred embodiments of the present invention and the contents described in the accompanying drawings.

Also, in this specification, when any one element 'transmits' data to another element, the element may transmit the data directly to the other element, or may be transmitted through at least one other element And may transmit the data to the other component.

Conversely, when one element 'directly transmits' data to another element, it means that the data is transmitted to the other element without passing through another element in the element.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. Like reference numerals in the drawings denote like elements.

1 shows a schematic configuration for explaining the function of a location-based service security system according to an embodiment of the present invention.

1, a location-based service security system (hereinafter, 'service security system') 100 according to an embodiment of the present invention may include a control module 110, a terminal location determination module 120, and a user location determination. Module 130.

The service security system 100 is a predetermined information through the wired / wireless network and the service terminal (200, 210, etc.) requesting a specific service while logged in to a predetermined web service (for example, a website or a web application). Can transmit and receive. The service terminals 200 and 210 may log in to the web service using an ID and / or password, or may log in to the web service using a predetermined security or authentication protocol such as a public certificate. The service terminals 200 and 210 logged in to the web service may select a predetermined UI provided by the web service to use a specific service. By selecting the predetermined UI, the specific service may be requested to a system (eg, a web server) that provides the web service. Then, the service security system 100 may receive the specific service request. Alternatively, the service terminals 200 and 210 may be terminals requesting to log in to the web service. Then, the service security system 100 may determine whether to allow login of the service security system 100.

To this end, the service security system 100 may be included in a system (for example, a web server) for providing the web service or installed as a separate system.

In addition, the service security system 100 may be connected to the mobile terminal 300 and / or the carrier system 400 of the party user through a wired / wireless network, if necessary, to transmit and receive predetermined information. Alternatively, the service security system 100 may be connected to the ARS system 600 through a wired / wireless network to transmit and receive predetermined information.

The service security system 100 may include hardware resources and / or software necessary to implement the technical idea of the present invention, and necessarily means one physical component or one device. no. That is, the service security system 100 may mean a logical combination of hardware and / or software provided to implement the technical idea of the present invention. If necessary, the service security system 100 may be installed in devices spaced apart from each other. It may be implemented as a set of logical configurations for implementing the technical idea of the present invention by performing. In addition, the service security system 100 may refer to a set of components separately implemented for each function or role for implementing the technical idea of the present invention.

In addition, the term "module" in the present specification may mean a functional and structural combination of hardware for performing the technical idea of the present invention and software for driving the hardware. For example, the module may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and does not necessarily mean a physically connected code or a kind of hardware. Can be easily deduced to the average expert in the field of the present invention.

The control module 110 may control other components (eg, the terminal position determining module 120 and / or the user position determining module 130, etc.) to implement the technical idea of the present invention.

The control module 110 receives a request for a specific service (eg, login, transfer, payment, item exchange, etc.) received from the service terminal 200 or 210, and the service terminal 200 or 210 receives the specific request. You can control whether the service is available. That is, the control module 110 may determine whether the service terminals 200 and 210 are to use or not to use the specific service.

The specific service may mean a predetermined service or function set in advance according to the type of the web service. For example, when the web service means a web site of a financial institution or services provided by the web site, the specific service may be a predetermined service set in advance by determining that security or authentication is further required at the financial institution. For example, the specific service may be a service or function related to the disposal of financial assets (cash or stocks, futures, etc.) such as transfers, settlements, and currency exchange.

Alternatively, the specific service may be a predetermined service (eg, message delivery, etc.) provided by a web application (eg, instant messenger). Alternatively, the specific service may be a login request for making a request to the web service (eg, a web site or a web application).

The control module 110 stores information about the location of the service terminals 200 and 210 determined by the terminal location determining module 120 and positions of political parties determined by the user location determining module 130. On the basis of the information on whether or not to use the specific service can be determined and controlled.

The terminal location determining module 120 may determine the location of the service terminals 200 and 210 based on the IP addresses of the service terminals 200 and 210. For example, when the service terminal 200 or 210 is a fixed data processing apparatus 200 or a portable terminal 210 such as a desktop computer, the terminal location determining module 120 may request a login request. 200 or an IP (Internet Protocol) address of the portable terminal 210, and the location of the data processing apparatus 200 may be known based on the obtained IP address.

An IP address may be matched with actual address information. In general, an IP address may be assigned, registered, and / or managed by an Internet service provider (ISP). Accordingly, the terminal location determining module 120 obtains an IP address corresponding to the service terminals 200 and 210 and stores a predetermined location information for each IP address (for example, an ISP system (not shown)). From the real address information corresponding to the IP address can be obtained. The service security system 100 previously stores information on an actual address corresponding to the IP address in a predetermined DB (not shown), or receives information on the actual address corresponding to the IP address periodically or in real time. You may. The real address may be information having only up to a specific administrative region (eg, east or west) unit, or may be a full address.

When the service terminals 200 and 210 are portable terminals 210, the portable terminals 210 may access the wireless Internet through a wireless internet network. In this case, a communication company providing the wireless Internet service may be connected to the portable terminal. The IP address assigned to 210 and / or the location of the access point AP connected to the portable terminal 210 may be known. In this case, the terminal location determination module 120 may receive information on the location of the access point from a communication company system 400 that provides a wireless Internet service. In addition, the location of the portable terminal 210 may be grasped by various conventional location tracking methods (eg, triangulation, GPS, etc.), and the terminal location determining module 120 may transmit such information to the communication company system 400. Can also be received from. Of course, when the portable terminal 210 is using a predetermined location based service (LBS), it receives information about the location of the portable terminal 210 from an LBS system (not shown) that provides the LBS service. You may. Alternatively, according to an embodiment, when the portable terminal 210 is equipped with a GPS module, the terminal position determining module 120 receives GPS information from the portable terminal 210 to determine the position of the portable terminal 210. You can also judge. In addition, the terminal location determining module 120 may determine the location of the service terminals 200 and 210 in various ways.

The user location determining module 130 may determine a location of a party user corresponding to the service request. A party user corresponding to the service request may mean an owner of a logged-in account when the requested service is requested while logged in. Alternatively, if the requested service is a login request, this may mean an owner of an account for which login is requested. To this end, the user location determination module 130 may determine the location of the mobile terminal 300 of the party user. That is, the user location determining module 130 may determine the location of the party user based on the location of the mobile terminal 300 of the party user. The method of determining the location of the mobile terminal 300 of the political party user is similar to the method of determining the location information of the mobile terminal 210 requesting a specific service by the terminal location determination module 120, and thus, a detailed description thereof is omitted. do. The mobile phone number of the party user may be stored in advance in the service security system 100 or a predetermined system connected to the service security system 100, and may correspond to the mobile phone number based on the stored mobile phone number. The mobile terminal 300 can be identified.

The control module 110 compares the positions of the service terminals 200 and 210 determined by the terminal position determining module 120 with the positions of the party users determined by the user position determining module 130, thereby providing the service terminal. It is possible to control whether to use a specific service from (200, 210).

If the first position determined by the terminal position determining module 120 and the second position determined by the user position determining module 130 satisfy certain conditions, the control module 110 requests the specific service. It can be judged as a legitimate request requested by the political party user and allowed to use the specific service. In this case, a method of determining that the control module 110 satisfies a predetermined condition is illustrated in FIG. 3.

3 is a view for explaining a method of determining whether a service security system is a service request from a party user by performing a location comparison according to an embodiment of the present invention.

3A to 3C, the control module 110 determines a distance between a first position determined by the terminal position determining module 120 and a second position determined by the user position determining module 130. It can be determined that the case where the specific service is requested by the party user is within a predetermined range. Even if the determined position is the same, it can be determined that the predetermined condition is satisfied. The location determination method performed by the terminal location determination module 120 and / or the user location determination module 130 may be different from each other, and thus the location information and / or the determined location information of the service terminals 200 and 210 may be different. This is because the position of the user may have a certain error.

That is, the first location and the second location may be represented by information indicating a specific location (eg, an actual address or coordinate information corresponding to an IP address). Alternatively, at least one of the first position or the second position may be expressed as information indicating a specific range, not information indicating a specific position. For example, the position of the portable terminal 210 or the mobile terminal 300 may be represented as a predetermined region as shown in FIG. 3B or 3C according to the estimated position according to the triangulation and the error range from the estimated position. Alternatively, the portable terminal 210 or the mobile terminal 300 may be represented by an area range of a specific access point.

Therefore, when the first position and the second position can be designated as a specific position as shown in FIG. 3A, the control module 110 provides the service terminal when the difference between the first position and the second position is within a predetermined range. It may be determined that the specific service request of 200 and 210 satisfies the predetermined condition. Then, the use of the specific service can be allowed. Of course, the range may include a case in which the same location, that is, the same address or coordinates.

In addition, as shown in FIG. 3B, when one of the first position and the second position is designated as a specific position, and the other is determined as a predetermined range, the control module (if the specific position is included in the predetermined range) 110 may determine that the specific service request satisfies a predetermined condition.

In addition, when both the first position and the second position are represented by a predetermined range as shown in FIG. 3C, when at least some regions of the range overlap, the control module 110 satisfies a certain condition of the specific service request. You might decide that.

Of course, in addition to the method illustrated in FIG. 3, the control module 110 may determine that a specific service request of the service terminal 200 or 210 satisfies a predetermined condition and is a legitimate request. In any case, the control module 110 may determine whether the request for the specific service is a legitimate request by comparing the first location with the second location.

As such, the control module 110 compares only the first position and the second position to determine whether a specific service request of the service terminal 200 or 210 is a legitimate request and controls whether to use the service accordingly. You may.

For example, when an unauthorized user who is not a political party user requests the specific service by logging in from a far distance from the political party user, the user cannot control the specific service by comparing the first location and the second location as described above. can do. For example, when the login information such as the ID and / or password (PWD) through the hacking in the other country to log in to the web service, the location of the service terminal (200, 210) and the party user located in the other country is shown in FIG. It may be determined that the service request is not a legitimate service because it does not satisfy the described condition. Therefore, there is an effect to prevent the use of a specific service by a fraudulent user. That is, according to the service security system 100 and the method according to an embodiment of the present invention, even if login information is leaked through hacking or invading a web service without a legitimate login procedure, each time a specific service is requested, By judging whether the request is a political party, it is possible not only to leak the login information but also to use the service through hacking. This is because the fraudster cannot know the location of the political user.

As such, when the location of the illegal user (or the service terminals 200 and 210) and the party user is relatively far, the specific service request of the illegal user may be rejected by the location comparison.

However, the service security system 100 and the method according to an embodiment of the present invention may not provide a sufficient security function only by the authentication process of whether the request is legitimate through the location comparison as described above. For example, when a party user does not carry his or her mobile terminal 300, the position of the party user and the mobile terminal 300 is different, or even when the party user carries the mobile terminal 300. If the user is allowed to use the service, authentication through location comparison may not be satisfactory. In this case, however, it may be desirable to be able to guarantee the use of the service. Alternatively, even when the authentication through the location comparison is successful, the location of the fraudulent user, that is, the service requester, may be similar to the location of the party user by chance and may satisfy a predetermined condition as described in FIG. 3. Alternatively, a user located near a party user (company colleagues, acquaintances, etc.) may wish to use the service without the party user's knowledge. Indeed, fraud may be more likely to occur in the vicinity of party users. For example, if a party user is acquainted with a party user, such as a co-worker, friend, or lover, they may have certain information (eg, ID, PWD, password of a public certificate, and / or) used in conventional security / authentication protocols. The location of the OTP generator, etc.) may be obtained easily or in a variety of ways and then attempt to use the particular service against the will of the party user. If a co-worker, for example, a co-worker located right next to a party user's position intends to use the device illegally, the use of the location comparison as described above may not prevent the illegal use. In other words, an illegal service request that is made in the vicinity of a location where a party user is actually located may not prevent the illegal use only by the location comparison as described above. In this case, it may be desirable to prevent the use of the service even if authentication through location comparison is successful.

As such, the service security system 100 and the method according to an exemplary embodiment of the present invention provide a technical idea for compensating an insufficient security function only by authentication through location comparison. In the case where such a technical concept is provided, the security function through position comparison may have sufficient degree of completeness. This technical idea will be described with reference to FIGS. 4 and 5.

4 is a diagram illustrating a concept of ensuring that a legitimate user can use a service even when a location comparison is not authenticated according to a service security method according to an exemplary embodiment of the present invention.

First, referring to FIG. 4A, it may be the case that the authentication result through the position comparison, that is, the position comparison result by the control module 110 does not satisfy the predetermined condition as described above. In this case, as shown in FIG. 4A, even when the party user requests the service, the location of the party user and the mobile terminal 300 is different (for example, when the party user does not carry the mobile terminal 300). 'case 1'), when a political party user allows others to use the service using his account (hereinafter 'case 2', or when a fraudulent user requests the use of the service (hereinafter 'case 3'). May be ').

Therefore, even if authentication through location comparison is not satisfactory, a service request made by a party user or a service request made by a user allowed by a party user may be made available to the service, and it may be desirable to block only service use by unauthorized users. Can be.

To this end, the location-based service security method (hereinafter, 'service security method') according to an embodiment of the present invention performs a predetermined additional authentication process in addition to the authentication process through location comparison, and blocks only the use of the service by unauthorized users. In other cases, the technical idea of using the service may be provided.

The additional authentication process may be at least one of using authentication information, performing verification, or using identity verification information.

The authentication information may be predetermined information generated to confirm whether the service security system 100 is a legitimate user. Additional authentication using the authentication information may be as follows.

For example, predetermined authentication information may be generated by the control module 100, and the generated authentication information may be transmitted to the mobile terminal 300. The transmitted authentication information may be received from the service terminal 200 or 210 or the mobile terminal 300. In this case, the service security system 100 may allow the use of the service. In this case, in case 1, even if the party user cannot guarantee the use of the service, in case 2, the party user directly transmits the authentication information to the control module 110 using the mobile terminal 300, or By providing the authentication information to the permitted user, the permitted user may transmit the authentication information to the control module 110 through the service terminals 200 and 210. Thus, the use of case 2 can be guaranteed. In case 3, if the party user has a mobile terminal 300, the authentication information will not be transmitted to the control module 110. If the user does not have it, the authentication information cannot be checked. You won't be able to.

In addition, even when the authentication information transmitted to the service terminals 200 and 210 is received from the mobile terminal 300, the control module 110 may say that additional authentication is successful. In this case, in case 1, the party user cannot be guaranteed to use the service, but in case 2, the user who uses the service by requesting the party user to transmit authentication information can use the service. In case 3, since there is no method of transmitting authentication information to the mobile terminal 300, service use may be blocked.

The authentication information may be composed of numbers, letters, and / or symbols. In addition, when the authentication information is transmitted from the mobile terminal 300 to the control module 110, the mobile terminal 300 transmits the authentication information to the control module using a wireless application protocol (WAP) or a MO service. And transmit to 110. For example, the control module 100 and / or the service security system 100 may be set to correspond to a specific mobile number. For example, the control module 100 and / or the service security system 100 may use a predetermined Mobile Oriented (MO) service, and the party user uses the mobile terminal 300 to control the control module 110. And / or transmit the authentication information to the MO number set in the service security system 100. Alternatively, the mobile terminal 300 may be connected to the control module 110 and / or the service security system 100 through a wireless network such as a WAP protocol, or may transmit the authentication information through the wireless network.

In addition, the additional authentication may be performed using identity verification information. Identity verification information may be information that only the party user himself knows.

The identity verification information may refer to predetermined information that can identify the identity. For example, information unique to each user in advance (eg, social security number or unique information automatically assigned to each user) to the service security system 100 or predetermined information input by the user in advance (for example, a song of his / her favorite) Na city, etc.) may be stored. Such information may be stored in advance encrypted in the service security system 100 or a predetermined web service system connected to the service security system 100. In addition, the service security system 100 may request the mobile terminal 300 or the service terminals 200 and 210 for at least some of the predetermined information in an additional authentication process. Then, the control module 110 may go through an additional authentication process by checking whether the information transmitted from the mobile terminal 300 or the service terminals 200 and 210 matches the previously stored information.

The identity verification information may include predetermined authentication information that has been used for identity verification in addition to the predetermined information. For example, official authentication information (certified certificate and password) or OTP may be included in the identity verification information. Therefore, through such identity verification information, even if the primary authentication through the position comparison can be performed more reliable authentication. That is, even if the user near the party user who knows the login information by any means, the user may not know the information previously set by the political party user, the authentication information, or the OTP information, so that the secondary authentication can be performed through the identity verification information. . In this case, if additional authentication is performed using the identity information, the service can be used in case 1 and case 2, respectively, but in case 3, the service cannot be used.

In addition, the additional authentication process may be implemented by requesting the mobile terminal 300 to perform a predetermined verification. For example, the control module 110 may inform the mobile terminal 300 or the service terminals 200 and 210 that the specific service is requested by the political user through the mobile terminal 300. By transmitting information or a message for performing, it can be confirmed that the request of the specific service was a request by a party user. For example, the control module 110 when the political user presses a predetermined button (eg, 'confirmation') through the call back URL (call back URL) to the mobile terminal 300, the pressed information is returned to the service security system. 100 or the system that provides the web service. Then, the control module 110 may allow the use of the specific service. The checking may include an operation of selecting a specific button, key, or UI using the mobile terminal 300, inputting specific information, or transmitting a specific message.

In other words, the confirmation may include not only selecting a specific button but also various actions that may be performed by a party user. In this case, the mobile terminal 300 transmits information indicating that the verification is performed by using a wireless application protocol (WAP), or the service security system indicates that the verification is performed by using a callback UL as described above. 100).

Under the premise that the mobile terminal 300 has a party user, if such confirmation is received, even if the requester who requested the specific service using the service terminal 200 or 210 is not the party user, the user can allow the use of the specific service. This is because the party user confirmed the use of the specific service requested through the mobile terminal 300. In other words, when a party user allows a user to use a specific service, the user may allow the use of the specific service through this confirmation. In this way, the use of the above check can guarantee the use of the service in case 2.

Meanwhile, another embodiment of the present invention is illustrated in FIG. 4B. Referring to FIG. 4B, when the authentication through the position comparison is not satisfied, there may be a case of case 1, case 2, and case 3 as described above. In this case, the control module 110 may allow the use of the requested service even if authentication through location comparison is not satisfied. In addition, when a service denial request signal is received by the control module 110 in a predetermined manner, the control module 110 may block the service. To this end, the control module 110 may transmit predetermined notification information to the mobile terminal 300. The notification information may be information for notifying that the service request has been made. Then, the political party user may check the notification information using the mobile terminal 300. In addition, if it is determined that the fraudulent user, that is, case 3, the service denial request signal may be transmitted to the control module 110 using the mobile terminal 300. Then, the control module 110 may block the use of the service. In this case, the mobile terminal 300 may be connected to the service security system 100 or a web server providing the service through a wireless network such as a WAP protocol to transmit the service rejection request signal. For example, the notification information may include a predetermined callback UE, and a party user blocks access to the service security system 100 or the web server through the callback UE, and then blocks the use of the service according to the service request. You can ask.

According to an embodiment, the notification information may include information (phone number) for a predetermined ARS system 600. Then, the party user can make a call to the ARS system 600 by pressing a specific button using the mobile terminal 300 or by directly looking at a phone number included in the notification information and directly inputting a phone number. And according to the guidance of the ARS system 600 may request to block the use of the service according to the service request, the service use can be blocked accordingly. As such, when using the ARS system, there is an effect that the user can block the use of the service by simply making a call.

As a result, in case 1, since the party user does not carry the mobile terminal 300, the denial of service request signal cannot be transmitted, and in case 2, the service denial request signal is not transmitted. Therefore, it is possible to block only the use of the service by unauthorized users.

On the other hand, in the case of the implementation as shown in Figure 4b, because the service security system 100 temporarily allows the use even if the authentication through the location comparison is unsatisfactory, the security scheme for a one-time service (for example, transfer, etc.) Rather, it may be more suitable as a security scheme for continuous services (eg, login requests, etc.).

For example, when a security scheme as shown in FIG. 4B is applied to a login request, the service security system 100 may allow login once even if authentication through location comparison is unsatisfactory. In this case, the control module 110 may limit (eg, transfer, etc.) at least one of functions or services that can be performed when the service terminals 200 and 210 are logged in. That is, even if a temporary login is allowed, a predetermined function or service may not be used. The function or service for which use is restricted may be a predetermined important function or service, may be predetermined by a party user, or may be designated as a default in the web service. If the denial of service request signal is not received within a predetermined time, the user may allow the use of a limited function or service. That is, if a denial of service request signal is not received within a predetermined time, the control module 110 may determine that it is a case 1 or case 2, and use all functions or services.

On the other hand, as described above, even if authentication through location comparison is satisfactory, there may be an illegal user. In this case, the use of the service may be prevented through the technical concept as shown in FIG. 5.

FIG. 5 is a diagram for describing a concept of preventing unauthorized users from using a service even when location comparison is authenticated according to a service security method according to an exemplary embodiment of the present invention.

Referring to FIG. 5, when the location comparison is authenticated, the party user is a legitimate service request in the state of carrying the mobile terminal 300 (case 4), and is a fraudulent service request by a fraudulent user, but in the vicinity of the party user. There may be a case where a service request is performed (case 5).

In this case, in order to block the service request by the fraudulent user, a predetermined additional authentication process as described above may be performed.

The additional authentication process may be performed by the authentication information, identity verification information, and / or confirmation as described above.

In case 4, the party user may transmit the authentication information transmitted to the mobile terminal 300 to the control module 110 using the service terminals 200 and 210 or the mobile terminal 300. Then, the control module 110 may allow the use of the service. Alternatively, the party user may transmit the authentication information transmitted to the service terminals 200 and 210 to the control module 110 using the mobile terminal 300. Therefore, in case 4, the party user can use the requested service. However, in case 5, the authentication information transmitted to the mobile terminal 300 cannot be confirmed or the service cannot be used because the authentication information cannot be transmitted to the mobile terminal 300.

On the other hand, the control module 110 may transmit to the mobile terminal 300 together with the authentication information, predetermined notification information to know that the specific service is requested. Alternatively, the control module 110 may transmit only predetermined notification information to the mobile terminal 300 to know that the specific service is requested.

That is, in case 4, if a party user's mobile terminal 300 assumes that the party user possesses and the authentication information is transmitted to the mobile terminal 300, an illegal service request in the vicinity of the party user is generated. If present, the party user may know that there is an invalid service request.

In addition, if the authentication information is transmitted to the mobile terminal 300, and the notification information that there was a request for the use of the specific service is transmitted to the mobile terminal 300 along with the authentication information, the political party user can When notifying the service security system 100 or the system providing the web service that the request has not been made, there is an effect of identifying the location of the fraudulent user. This is because the unauthorized user has passed the authentication process through the location comparison as described above, at least confirm that the illegal user requested the service using the service terminals 200 and 210 within a predetermined condition used for the location comparison Because you can give.

As described above, in the case where an additional authentication process is performed along with the location comparison according to the technical idea of the present invention, it is possible to reject an unjust service request occurring in the vicinity of a party user, thereby preventing damage due to unfair service use, and also unfairly nearby. When attempting to use it, it is possible to specify the location where an attempt to use an illegal service exists, thereby preventing the use of an illegal service.

The additional authentication process may be performed through identity verification information. In case 4, the party user may transmit identity verification information from the mobile terminal 300 or the service terminals 200 and 210, thereby providing a service. It is available. However, in case 5, the fraudulent user cannot know the identification information, so the service cannot be used.

In addition, the additional authentication process may be performed through a predetermined verification action. In case 4, the party user may perform the verification action with the mobile terminal 300, but in case 5, the illegal user may use the mobile terminal 300. ), The verification can not be performed.

6 illustrates an example of a screen displayed on a service terminal or a mobile terminal by a service security method according to an exemplary embodiment of the present invention.

First, referring to FIG. 6A, the service terminals 200 and 210 may request a service from a predetermined web service (eg, a web site of a financial institution). Some of the services provided by the web service may require a relatively low security level, and other services may require a relatively high security level. In this case, the service security method according to an embodiment of the present invention may be applied to a specific service requiring a high security level (eg, a transfer service). Of course, depending on the implementation, the service security method according to an embodiment of the present invention may be applied to a specific service requiring a low security level.

For example, when the service terminals 200 and 210 want to search for a specific financial account, the predetermined UI 10 may be selected. At this time, the service security method according to an embodiment of the present invention may not be applied and the service may be immediately available. If the service terminals 200 and 210 want to transfer financial assets existing in a specific financial account, the predetermined UI 20 may be selected. In this case, a service security method according to an embodiment of the present invention may be applied. When the service security method according to an embodiment of the present invention is applied and authentication is performed through location comparison, and as a result, the authentication is not successful, as shown in FIG. 6A, the transfer service is not used with the information that the authentication failed. Information indicating the inability to do so may be displayed on the service terminals 200 and 210.

In some embodiments, if authentication through location comparison fails, the method described with reference to FIG. 4A or 4B may be further used.

That is, even a party user may not necessarily have his mobile terminal 300 (case 1). In this case, the control module 110 may input predetermined identification information to confirm that the user who requested the transfer service is a legitimate user, and then control to use the transfer service. As described above, the identification information may be information that can be known only by the political party user (for example, the digit after the social security number, information on the taste of the political party user, etc.). Such identity verification information may be stored in the service security system 100 or the system providing the web service encrypted in a predetermined manner. In addition, as described above, the identification information may include predetermined identification information provided by a conventional security protocol (for example, a public certificate and a password of the public certificate, or an OTP) to be used for recovering an authentication failure through location comparison. It may be. Such identity verification information can be used to recover authentication failure through location comparison, assuming that only the party user knows.

Alternatively, as described above, the authentication failure may be recovered using the authentication information. This may indicate that a specific service requester and a party user are located at a location apart from each other when the party user is carrying the mobile terminal 300. This may be the case where a fraudulent user requested a specific service (case 3) or a user authorized by a political party user requested a specific service (case 2). In the latter case, the authentication failure may be recovered through such authentication information. .

In addition, notification information on the request of the specific service to the mobile terminal 300 of the political party user (for example, a site for which a specific service is requested, information about a specific service or application, information about a time when a specific service is requested, and specific information) Information about a service requested location (or an IP address), etc. may be transmitted. Notification information for the specific service request may be transmitted to the mobile terminal 300 through a messaging service such as SMS or MMS, but is not limited thereto.

6B illustrates a process of undergoing an additional authentication process through authentication information when authentication is successful through location comparison. When a predetermined UI 20 is selected by the service terminals 200 and 210, the control module 110 is shown. Performs authentication process through location comparison. Even if the result of the authentication is successful, the control module 110 generates predetermined authentication information to prevent the unauthorized use case 5 that may occur in the vicinity of the party user as described above. 210 or to the mobile terminal 300. FIG. 6B illustrates a case in which authentication information is transmitted to the mobile terminal 300, but vice versa may be easily deduced by an average expert in the art. Then, the political party user may input the transmitted authentication information into the predetermined input UI 30 using the corresponding terminal (eg, the service terminals 200 and 210), and select the UI 40. Then, the information input to the input UI 30 may be transmitted to the control module 110, and the additional authentication process may be performed by comparing the transmitted information with the generated authentication information. If the additional authentication process is successful, the control module 110 may allow the service terminals 200 and 210 to use the transfer service.

FIG. 6C illustrates a case in which an additional authentication process is performed through a verification through the mobile terminal 300. The control module 110 is requested to the mobile terminal 300 even when authentication is successful through location comparison. Information about a specific service may be transmitted as shown in FIG. 6C. In addition, in order to confirm whether the request of the specific service is a request by a party user, the party user may be requested to perform a predetermined verification. The control module 110 may request the confirmation action to the mobile terminal 300, but as described above, the confirmation action transmitted by transmitting the confirmation action to the service terminals 200 and 210 is determined by the mobile terminal ( 300 may be required to be performed. In FIG. 6C, the control module 110 shows a case in which the request for confirmation is made to the mobile terminal 300. The control module 110 confirms that a user of a political party selects a predetermined confirmation UI 50. In the case of acting, it can be judged that the additional authentication process is successful. If the party user selects the cancellation UI 60, the specific user (eg, transfer service) may be controlled to prevent the user from using the specific service. In addition, as described above, the confirming action may be used as a meaning including not only the selection of a specific UI, but also all kinds of actions that can confirm that the user is a party user through the mobile terminal 300.

In FIG. 6, the service security method according to an embodiment of the present invention is applied to a specific service (eg, a transfer service) of a financial institution as an example. However, all web services (eg, public institutions, The service security method may be applied to at least some of the various services provided in the electronic commerce, game service, web application, etc. (eg, application for certificate, payment, disposal of game money or items, message transmission, etc.).

7 illustrates an example of a screen displayed on a service terminal by a service security method according to an exemplary embodiment of the present invention.

7 illustrates a case where a service request from the service terminals 200 and 210 is a login request. Referring to FIG. 7, a user may wish to log in to a specific website or web application through the service terminals 200 and 210. have. The user can then enter a predetermined ID and password, and perform the login request by selecting the login button 1. Alternatively, you can try logging in by selecting a certificate and choosing a password for the certificate.

If the ID and password match the pre-registered information, or if the official certificate and password are correct, the control module 110 may determine whether the login request is a political login request through location comparison as described above. . That is, a security method according to the technical spirit of the present invention may be used in addition to a security method for determining whether to allow a conventional login. In addition, the security scheme itself according to the technical concept of the present invention may use only an authentication process through location comparison, and the technical idea described with reference to FIGS. 4 to 5 may be further applied.

For example, even if authentication is successful through location comparison, after transmitting predetermined authentication information to the mobile terminal 300, when the authentication information transmitted from the service terminals 200 and 210 is input, the mobile terminal ( 300 or when the authentication information is transmitted to the service terminals 200 and 210 and the authentication information is input from the mobile terminal 300, the control module 110 may determine that the login request is a political login request. have. Or, even if authentication is successful through the location comparison, after the request for a predetermined confirmation to the mobile terminal 300 or the service terminal (200, 210), if the confirmation is performed by the mobile terminal 300 The control module 110 may determine that the login request is a political login request. Alternatively, when the identification information is input from the service terminal 200 or 210 or the mobile terminal 300, the login request may be determined as a political login request.

In addition, even when the authentication fails through the position comparison, the control module 110 may be to recover the authentication failure through the position comparison by going through a separate process. This is because even as a party user, even if the party does not have the mobile terminal 300, or a person who is allowed to use the party user may request a login. In this case, even if the authentication fails through the location comparison, if the predetermined additional authentication process is again performed, the login request may be determined as a political login request again. To this end, the control module 110 may request the service terminal 200 or 210 to input predetermined identification information. Alternatively, when a predetermined confirmation action is input through the mobile terminal 300, it may be determined as a political login request again. Alternatively, the authentication information may be transmitted, and if the authentication information is received by the service security system 100 again, the authentication information may be determined as a political login request.

For example, as illustrated in FIG. 7A, the control module 110 may request the service terminals 200 and 210 to input information that only a political party user can know, such as a digit of a party user's social security number.

The service terminals 200 and 210 that have been requested to input the identification information may input the requested information through a predetermined UI 2. Thereafter, when the user selects a predetermined button 3, the information input through the UI 2 may be transmitted to the control module 110. The control module 110 may check whether the received information is correct information by comparing it with previously stored information. If the previously stored information is encrypted, a separate decryption process may be performed. If the inputted information matches the requested identity information, the control module 110 may allow a login.

The identity verification information may be information used in a conventional security protocol, such as a public certificate and a password of the public certificate. For example, if authentication fails as a result of the location comparison, the user may select the UI 70 and attempt to log in with an authorized certificate. That is, the service security system 100 may allow a login by going through a predetermined additional authentication process even when authentication through location comparison fails.

Meanwhile, referring to FIG. 7B, as described above, the control module 110 may temporarily allow the login even when it is determined that the request is not a political login request. In this case, the currently logged-in user may be restricted from using at least one of services (or functions) that can be used at login. In this case, the type of the service whose use is restricted may be determined in advance or in real time, and the type of the service whose use is limited may be displayed on the service terminals 200 and 210 as illustrated in FIG. 7B. If the additional authentication process succeeds or if the denial of service request signal is not received within a predetermined time, the limited function or service may be set to be used again.

Meanwhile, as shown in FIG. 1, the service security system 100 may be installed and implemented in a web service system (for example, a web server) to use a service security method according to an exemplary embodiment of the present invention. Alternatively, the service security system 100 may be implemented as a system separate from a system (eg, a web server) for providing a web service, which is illustrated in FIG. 2.

2 shows a schematic configuration of a service security system according to another embodiment of the present invention.

Referring to FIG. 2, the service security system 100 may be connected to a predetermined web system 500 through a wired / wireless network to transmit and receive predetermined information for implementing the technical idea of the present invention. The web system 500 may be a system for providing a specific web service.

The web system 500 may receive a specific service request from the service terminals 200 and 210. Then, the web system 500 may transmit predetermined information (for example, an IP address) to determine the location of the service terminals 200 and 210 to the service security system 100. In addition, predetermined information (eg, identification information and / or a mobile phone number of a party user) for identifying a party user's location may be transmitted to the service security system 100. Then, the service security system 100 may determine the location of the service terminals 200 and 210 and the location of the party user based on the transmitted information, and control whether to use the specific service according to a comparison result. have. In addition, it may be determined that the service request is legitimate only if all of the additional authentication process is successful together with the location comparison result. Then, the service security system 100 may transmit the determination result to the web system 500.

In addition, predetermined information as shown in FIG. 7 is transmitted from the service security system 100 directly to the service terminals 200 and 210 or to the service terminals 200 and 210 through the web system 500. Can be sent. Therefore, in the present specification, that the service security system 100 requests specific information to the service terminals 200 and 210 means that the web system 500 requests the specific information to the service terminals 200 and 210. The service security system 100 may be used to mean that the service system 100 controls the web system 500.

In addition, the fact that the service security system 100 receives specific information from the service terminals 200 and 210 is not only when receiving the specific information directly from the service terminals 200 and 210, but also by the web system ( 500 may be used as a meaning including the case of receiving the specific information.

The service security method according to an embodiment of the present invention is particularly useful for web services that can be seriously damaged when the ID and password are leaked or the authentication information and password of the authentication method that can prove the identity such as a public certificate or OTP are leaked. Can be applied. In addition, the conventional security / authentication protocol is a pure information based authentication protocol (e.g., ID / PWD, etc.) or a hardware dependent authentication protocol (e.g., public certificate or OTP generator, etc.) Since the service security method according to the embodiment is a location-based authentication method, it may be used or replaced with a conventional protocol. For example, even if a public certificate (or a medium storing the public certificate) or an OTP generator is lost or stolen, a security mechanism may be provided using a service security method according to an embodiment of the present invention.

The service security method according to an embodiment of the present invention may be applied to a web site of a financial institution, a public institution, or various service companies, or a web service provided by them.

The service security method according to an embodiment of the present invention can be embodied as computer readable codes on a computer readable recording medium. Computer-readable recording media include all kinds of recording devices that store data that can be read by a computer system. Examples of computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, hard disk, floppy disk, optical data storage, and the like, and also in the form of carrier waves (e.g., transmission over the Internet). It also includes implementations. The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion. And functional programs, codes, and code segments for implementing the present invention can be easily inferred by programmers skilled in the art to which the present invention pertains.

Although the present invention has been described with reference to one embodiment shown in the drawings, this is merely exemplary, and those skilled in the art will understand that various modifications and equivalent other embodiments are possible therefrom. Therefore, the true technical protection scope of the present invention will be defined by the technical spirit of the appended claims.

Claims (15)

When the service terminal makes a predetermined service request to the web server providing the web service, the service terminal checks the IP address of the service terminal and locates the service terminal corresponding to the identified IP address based on the location information for each IP address. Confirming terminal position determination module;
A user location determining module for determining a location of a party user corresponding to the service request; And
And a control module for comparing a first position determined by the terminal position determining module with a second position determined by the user position determining module, and controlling whether to use a service corresponding to the requested service request based on a comparison result. Service security system.
The method of claim 1, wherein the control module,
Even if the comparison does not satisfy the predetermined condition, the use of the service is allowed,
Send notification information to the mobile terminal of the political party user to know that there was a request for using the service,
When a denial of service request signal is received from the mobile terminal based on the transmitted notification information or a denial of service request signal is received from a predetermined ARS system requested by the mobile terminal,
Service security system that blocks the use of the service.
The method of claim 2, wherein the control module,
When the use of the service is allowed even if the predetermined condition is not satisfied,
And at least one of the functions that the service terminal can use in the web server.
The method of claim 3, wherein the control module,
If the denial of service request signal is not received within a certain time,
A service security system that allows the use of at least one limited feature again.
The method of claim 1, wherein the control module,
If the comparison does not meet certain conditions,
Identity verification information is received from the service terminal or the mobile terminal,
A verification is performed from the mobile terminal,
Authentication information generated by the control module and transmitted to the mobile terminal is received from the service terminal or the mobile terminal,
When the authentication information sent to the service terminal is received from the mobile terminal,
Service security system, characterized in that to allow the use of the service.
The method of claim 1, wherein the control module,
Even if the comparison result satisfies a predetermined condition, a predetermined additional authentication is performed and the use of the service is allowed when the additional authentication is successful.
If the additional authentication is successful,
Authentication information generated by the control module and transmitted to the mobile terminal is received from the service terminal or the mobile terminal,
The authentication information transmitted to the service terminal is received from the mobile terminal,
Identity verification information is received from the mobile terminal or the service terminal,
Service security system when the verification is performed from the mobile terminal.
The method of claim 6, wherein the identity verification information,
At least one of predetermined identification information, public certificate information, or OTP (One Time Password) information that can confirm that the user of the political party,
The confirming action includes at least one of selecting a predetermined key, a button, or a UI provided in the mobile terminal.
The method of claim 2, wherein the predetermined condition,
And at least one of a case where a distance difference between the first position and the second position is within a predetermined range or when there is an area where the first position and the second position overlap.
The method of claim 1, wherein the user location determination module,
And a service security system for receiving information on the location of the mobile terminal of the party user from a communication company system or an LBS system.
When the service terminal makes a predetermined service request to a web server providing a web service, confirming, by the service security system, an IP address of the service terminal requesting the service;
Identifying the location of the service terminal corresponding to the identified IP address;
Determining a location of a political party user corresponding to the service request;
Comparing the determined location of the service terminal with the location of the party user; And
And controlling the use of the requested service by the service security system based on a comparison result.
The method of claim 10, wherein the controlling of the use of the requested service by the service security system comprises:
Comprising the step of allowing the use of the service even if the service security system does not meet a predetermined condition as a result of the comparison,
The service security method,
Transmitting notification information to inform the mobile terminal of the political party user that a request for using the service has been received;
Receiving a denial of service request signal from the mobile terminal based on the transmitted notification information, or receiving a denial of service request signal from a predetermined ARS system received from the mobile terminal; And
Blocking the use of the service in response to the received denial of service request signal.
The method of claim 10, wherein the controlling of the use of the requested service by the service security system comprises:
If the comparison does not meet certain conditions,
Receiving identity verification information from the service terminal, confirming whether or not a verification operation is performed from the mobile terminal, receiving authentication information sent to the mobile terminal from the service terminal, or receiving the authentication information sent to the service terminal Receiving from a mobile terminal; And
And authorizing use of the service.
The method of claim 10, wherein the controlling of the use of the requested service by the service security system comprises:
Performing a predetermined additional authentication process when the comparison result satisfies a predetermined condition; And
Authorizing use of the service according to a result of the additional authentication process.
The method of claim 13, wherein performing the additional authentication process,
Receiving authentication information generated by the service security system and transmitted to the service terminal or the mobile terminal from the mobile terminal or the service terminal;
Receiving identification information from the mobile terminal or the service terminal; or
And at least one of the steps of confirming that the confirming action is performed from the mobile terminal.
A computer-readable recording medium having recorded thereon a program for performing the method according to claim 10.

Images