KR20130030320A - Recording medium, method and system for log-in or certification of web site or browser - Google Patents

Recording medium, method and system for log-in or certification of web site or browser Download PDF

Info

Publication number
KR20130030320A
KR20130030320A KR1020110093441A KR20110093441A KR20130030320A KR 20130030320 A KR20130030320 A KR 20130030320A KR 1020110093441 A KR1020110093441 A KR 1020110093441A KR 20110093441 A KR20110093441 A KR 20110093441A KR 20130030320 A KR20130030320 A KR 20130030320A
Authority
KR
South Korea
Prior art keywords
user
information
browser
wireless terminal
terminal
Prior art date
Application number
KR1020110093441A
Other languages
Korean (ko)
Inventor
홍성렬
Original Assignee
(주)에이티솔루션즈
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)에이티솔루션즈 filed Critical (주)에이티솔루션즈
Priority to KR1020110093441A priority Critical patent/KR20130030320A/en
Publication of KR20130030320A publication Critical patent/KR20130030320A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention relates to an authentication processing method and system and a recording medium therefor, wherein the authentication processing system according to the present invention includes synchronization processing means for synchronizing a website (or a browser) of a user's wireless terminal and a second terminal connected to the user. And an information receiving means for receiving a predetermined OTP through the user wireless terminal, and an authentication result using the OTP corresponding to the OTP transmitted through the user wireless terminal as a search word to the browser of the second terminal connected to the user. Information processing means for processing to be outputted.

Description

Recording Medium, Method and System for Log-in or Certification of Web Site or Browser}

The present invention is to process the login or authentication of the website (or browser) connected through the second terminal using the One Time Password (OTP) provided in the wireless terminal.

Recently, due to the leakage of the user's website (or browser) login information, the damage is gradually increasing, PC security technology is being strengthened.

However, with the development of PC security technology, the hacking technology has also evolved, and the user's login information leakage problem still continues.

On the other hand, the mobile OTP (One Time Password) technology has been widely used as a user login information or authentication means. Mobile One Time Password (OTP) is known to be more secure according to the use of one-time passwords compared to fixed login information (ID / password, etc.).

However, this mobile OTP has the inconvenience that the user has to enter the OTP directly into the PC after creating the OTP on the smartphone, and the OTP leakage problem due to PC hacking is prevented at the moment of inputting the OTP output through the smartphone to the PC. There is no problem.

In fact, the user is hacking into the PC screen or keyboard connected to the computer, and when the OTP outputted through the smartphone is input into the PC, the OTP is checked through hacking, and then the user is checked on another website (or browser). There have been cases of using as a login or authentication method.

An object of the present invention for solving the above problems, when processing the login or authentication of the website (or browser) connected through the second terminal using the OTP (One Time Password) provided in the wireless terminal, Instead of directly entering the OTP on the browser displayed on the screen of the second terminal, the OTP authentication result is transmitted to the operation server of the web site to which the user is connected through the server on the communication network, thereby processing the user login or authentication. The present invention provides a method, a system and a recording medium to solve the OTP leakage problem caused by PC hacking at the moment of inputting the OTP output to the second terminal such as a PC, and at the same time, to solve user inconvenience caused by the OTP direct input.

The authentication processing system according to the present invention includes synchronization processing means for synchronizing a website (or browser) of a user wireless terminal and a second terminal connected to the user, and information receiving means for receiving a predetermined OTP through the user wireless terminal. And information processing means for processing an authentication result using the OTP corresponding to the OTP transmitted through the user wireless terminal as a search word to be output to the browser of the second terminal connected to the user.

In accordance with still another aspect of the present invention, there is provided an authentication processing system comprising: synchronization processing means for synchronizing a website (or a browser) of a user wireless terminal and a second terminal accessed by the user, and a user input through the user wireless terminal; Information receiving means for receiving OTP information corresponding to voice, and information processing means for processing an authentication result using the OTP information received through the user wireless terminal as a search word to be output to a browser of a second terminal connected to the user. Equipped.

According to one side, the synchronization processing means, so that the specific random number is output on the website (or browser) to which the user is connected, if the specific random number is received through the user wireless terminal, and outputs the specific random number Synchronize the user connection website (or browser) information with the user wireless terminal information that has transmitted the specific random number, or output the specific image code on the website (or browser) to which the user is connected; When the specific image code is received through the user wireless terminal, the user connection website (or browser) information outputting the specific image code and the user wireless terminal information transmitting the specific image code are interconnected and synchronized. Or through the website (or browser) the user has accessed When one or more identification information about the user wireless terminal is received, the user wireless terminal information corresponding to the user wireless terminal identification information and the user website (or browser) information which transmits the one or more identification information about the user wireless terminal are mutually exchanged. The user connection website (or browser) information when the connection is synchronized or the same user is identified using the login information through the website (or browser) accessed by the user and the login information through the user wireless terminal. And the user wireless terminal information can be interconnected and synchronized.

According to another aspect, the information processing means, the information processing means, the website (or browser) account login information or authentication information for the user previously stored in connection with the user identification information or OTP information on the storage medium; A confirmation unit for confirming and a transmission unit for transmitting the website (or browser) account login information or authentication information for the user identified through the confirmation unit to a website operation server connected to the second user terminal. have.

According to another aspect, the information processing means may further include a transmission unit for transmitting the authentication result through the OTP authentication means to the website operation server connected to the user second terminal.

The authentication processing method according to the present invention includes a synchronization processing step of synchronizing a website (or a browser) to which a user wireless terminal and a user second terminal are connected in a server, and an OTP (one) through the synchronized user wireless terminal in a server. an OTP receiving step of receiving a time password), an OTP authentication step of authenticating an OTP transmitted through the synchronized user wireless terminal at a server, and a synchronization process in response to an authentication result through the OTP authentication means at a server. And an authentication processing step of processing user authentication for the website (or browser) to which the second user terminal is connected.

According to one side, the synchronization processing step, the step of outputting a specific random number on the browser connected to the user second terminal, and when the specific random number is received through the user wireless terminal, outputting the specific random number The method may further include interconnecting and synchronizing user access website (or browser) information with user wireless terminal information that transmits the specific random number.

According to another aspect, the authentication processing method, the synchronization processing step, the step of outputting a specific image code on the browser connected to the user second terminal, the specific image code through the user wireless terminal If is received, the method may further include the step of interconnecting and synchronizing the user access website (or browser) information outputting the specific image code and the user wireless terminal information transmitting the specific image code.

According to another aspect, the synchronizing processing may include receiving one or more identification information of the user wireless terminal through a website (or a browser) to which the second user terminal connects, and receiving the received user wireless terminal. The method may further include interconnecting and synchronizing user wireless terminal information corresponding to the identification information with user website (or browser) information that transmits one or more identification information of the user wireless terminal.

The present invention also provides a recording medium, which records a program for executing the authentication processing method.

In addition, the second user terminal according to the present invention may include one or more PC, IP-TV, home appliances.

According to the present invention, the OTP output through the wireless terminal to the second terminal, such as a PC at the moment to solve the problem of OTP leakage due to PC hacking has the effect of maximizing security.

In addition, to solve the inconvenience of the user directly input the OTP output through the wireless terminal and at the same time to solve the input error problem when direct input.

BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are incorporated in and form a part of the specification, illustrate preferred embodiments of the invention and, together with the description of the invention given above, serve to further the understanding of the technical idea of the invention. And should not be construed as interpretation.
1 is a diagram showing a configuration of an authentication processing system according to an embodiment of the present invention.
2 is a diagram showing a detailed configuration of an authentication processing server according to an embodiment of the present invention.
3 is a diagram illustrating an embodiment of a storage medium according to an embodiment of the present invention.
4 is a diagram illustrating a detailed configuration of a user wireless terminal according to another embodiment of the present invention.
5 is a diagram illustrating a synchronization processing process between a user wireless terminal and a second terminal using a specific random number according to an embodiment of the present invention.
6 is a diagram illustrating a synchronization processing process between a user wireless terminal and a second terminal using an image code according to an embodiment of the present invention.
7 is a diagram illustrating a synchronization process between a user wireless terminal and a second terminal using user wireless terminal identification information according to an embodiment of the present invention.
8 is a diagram illustrating a synchronization process between a user wireless terminal and a second terminal using user login information.
9 is a diagram illustrating a process of processing login or authentication of a website (or browser) connected through a second terminal using an OTP (One Time Password) provided in a wireless terminal according to an embodiment of the present invention. .

Hereinafter, with reference to the accompanying drawings and description will be described in detail the operating principle of the preferred embodiment of the present invention. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical spirit of the present invention is determined by the claims, and the following examples are one means for efficiently explaining the technical spirit of the present invention to those skilled in the art to which the present invention pertains. It is only.

1 is a diagram showing a configuration of an authentication processing system according to an embodiment of the present invention.

In more detail, in FIG. 1, an authentication processing system including an authentication processing server 100 and a storage medium 105 is connected to a website operating server 125, a user wireless terminal 110, and a second terminal 120 via a communication network. A web site (or browser) connected through the second terminal 120 by using a synchronization process between the user wireless terminal 110 and the second terminal 120 and an OTP transmitted from the wireless terminal 110. It shows a configuration for handling login or authentication for.

Authentication processing system according to an embodiment of the present invention, various configurations can be made according to the implementation method and the communication network connection method.

First, a configuration in which the authentication processing server 100, the storage medium 105, and the website operation server 125 are directly connected and indirectly connected through a communication network or a communication network is possible, and although not separately illustrated in the drawings, those skilled in the art In accordance with the intention of the connection between the authentication processing server 100, the storage medium 105 and the website management server 125 may be configured in various ways.

The authentication processing server 100, which is a core component of the authentication processing system according to the present invention, synchronizes the website and / or the browser of the user terminal 120 and the second terminal 120 that the user is using and connects. It performs a role of processing website (or browser) login or user authentication in the second terminal 120 using the OTP generated and transmitted through the wireless terminal 110.

In addition, the authentication processing server 100, the wireless terminal 110 identification information in order to synchronize the website (or browser) of the user terminal and the second terminal 120 that the user is using and connected. And second terminal 120 (or browser) identification information is interconnected and temporarily stored on the storage medium 105, and virtual communication between the wireless terminal 110 and the second terminal 120 (or browser) Connect the channel.

The authentication processing system according to an embodiment of the present invention may include an authentication processing server 100, a storage medium 105, and a website operating server 125, but the storage medium 105 and a website operating server. If 125 is located on the external communication network, it may include only the authentication processing server 100.

The storage medium 105, the wireless terminal 110 identification information and the second terminal for synchronizing the website (or browser) of the user terminal and the second terminal 120 that is being used by the user wireless terminal (110) 120 (or browser) identification information, synchronization information such as random number, image code, login information, wireless terminal 110 identification information for the synchronization processing and OTP information for authenticating the OTP transmitted from the wireless terminal 110 And login information (ID and password, etc.) for processing the user's login in response to the OTP authentication result.

The identification information of the wireless terminal 110 may include one or more wireless terminal 110 telephone numbers, user information, a unique serial number, login information, and the like. The second terminal 120 (or browser) identification information may include: And one or more IP address information, terminal unique information, user information, login information, etc., to which the second terminal 120 is connected, and the synchronization information is included in the user wireless terminal 110 and the second terminal 120. Random number information and image code information output to the second terminal 120 browser to synchronize a website (or a browser), and user wireless terminal 110 identification information received through the second terminal 120 browser; And one or more user login information.

In addition, the OTP information is provided in the wireless terminal 110 and the Seed value for generating an authentication OTP corresponding to the OTP for OTP authentication transmitted from the authentication processing server 100 through the wireless terminal 110. The identification information of the generated OTP generator.

Meanwhile, the storage medium 105 may be provided in the authentication processing system or in a server on a communication network.

The website operation server 125 according to the present invention operates the website (or browser) of the second terminal 120 to which the user is connected, and receives the OTP authentication result through the authentication processing server 100. In addition, the second terminal 120 checks login or authentication of the website (or browser) of the second terminal 120 accessed by the user.

On the other hand, the website operation server 125 may be provided in the authentication processing system, or may be provided in a server on a communication network.

Application download server 115 according to the present invention serves to distribute to the user wireless terminal 110 after receiving the application for the user wireless terminal 110 through the authentication processing server 100, such as App Store or T store. Do this.

Although not specifically disclosed in the drawings in the embodiment of the present invention, when providing the application to the user wireless terminal 110, in addition to providing a relay through the application download server 115 directly from the authentication processing server 100 It is specified that the user can download to the wireless terminal 110.

Here, the application is a kind of program installed in the user wireless terminal 110, it is noted that the application term and the program term can be used in the same meaning as described interchangeably.

The application is installed in the user wireless terminal 110, a function of receiving a specific random number or a specific image code output to the website (or browser) to which the user second terminal 120 is connected, OTP (one time password) And a request for synchronization with the website (or browser) on the second terminal 120 connected by the user by transmitting the input specific random number or specific image code to the authentication processing server 100 on the communication network. In addition, the generated OTP is transmitted to the authentication processing server 100 on the communication network to execute a function of requesting authentication of a website (or browser) to which the second user terminal 120 accesses.

User wireless terminal 110 according to the present invention, and transmits a variety of information or data for the synchronization processing with the second terminal 120 (or a browser) connected to the user to the authentication processing server 100, After generating the OTP for login or authentication of the website (or browser) of the second terminal 120, it transmits the generated OTP to the authentication processing server 100 on the communication network.

Here, the user wireless terminal 110 includes all the terminals capable of mobile communication, such as a mobile phone, a smart phone, a tablet PC.

2 is a diagram illustrating a detailed configuration of an authentication processing server 100 according to an embodiment of the present invention.

In more detail, Figure 2 shows a detailed configuration of the authentication processing server 100 on the authentication processing system shown in Figure 1, each of which is only a configuration for explaining an embodiment of the present invention, The invention is not limited to the technical features only by the implementation method shown in FIG.

Referring to Fig. 2, the authentication processing server 100 according to the embodiment of the present invention includes a wireless terminal side transceiver unit 205, a second terminal side transceiver unit 215, a storage unit 210, and confirmation. And a controller 220, an authentication unit 225, a synchronization processor 230, an information processor 235, an application manager 240, and a controller 200 for controlling the respective components. do.

Here, the authentication processing server 100 is shown as a single server in the drawings for the purpose of embodiment description, each of the means or components may be configured to be separated into one or more servers, respectively.

The wireless terminal side transceiver unit 205 according to the embodiment of the present invention performs a role of transmitting and receiving various data or information with the user wireless terminal 110.

According to the present invention, the wireless terminal side transceiver unit 205, at least one random number, image code, login information for the synchronization process from the user wireless terminal 110 to the second terminal 120 (or a browser) And, after the synchronization process, serves to receive the OTP from the wireless terminal 110.

The second terminal side transceiver 215 according to the embodiment of the present invention transmits and receives various data or information with the second terminal 120 through an interface of a website (or a browser) of the second terminal 120. Play a role.

According to the present invention, the second terminal side transceiver 215 receives one or more identification information and login information of the user wireless terminal 110 through the browser, and outputs a random number or an image code to the browser. Do this.

In addition, when the second terminal side transmitting and receiving unit 215 does not directly output the authentication result to the browser from the website operation server 125, the wireless terminal 110 to the browser in conjunction with the following information processing unit 235 ) Transmits an OTP or outputs an OTP authentication result or a login result to the browser.

Storage unit 210 according to an embodiment of the present invention, the wireless terminal 110 for synchronizing the website (or browser) of the user terminal and the second terminal 120 in use by the user wireless terminal 110 Identification information and second terminal 120 (or browser) identification information, synchronization information such as random number, image code, login information, wireless terminal 110 identification information for the synchronization processing and OTP transmitted from the wireless terminal 110 It stores the OTP information for authenticating the authentication information and the login information (ID and password, etc.) for processing the user's login in response to the OTP authentication result on the storage medium 105.

The synchronization processor 230 according to an exemplary embodiment of the present invention performs a role of synchronizing a website (or a browser) of the second terminal 120 that the user wireless terminal 110 accesses and uses.

According to the present invention, the synchronization processor 230 may output a specific random number on the website (or browser) of the second terminal 120 connected by the user through the second terminal side transceiver unit 215. After the processing, the storage unit 210 connects the second terminal 120 (or browser) identification information and the specific random number information to be stored on the storage medium 105, and transmits and receives the radio terminal side. When the specific random number is received through the user wireless terminal 110 through the unit 205, the random number matching the specific random number is first confirmed through the storage medium 105, and the user wireless terminal 110 is checked. Secondly confirming the second terminal 120 (or browser) identification information connected to the random number matched with a specific random number transmitted through the second, and according to the verification result, the second terminal 120 (or browser) confirmed second Wireless terminal 110 that transmits the identification information and the specific random number ) Is stored in the storage medium 105 by connecting the identification information.

According to another embodiment of the present invention, the synchronization processor 230 generates an image code including the identification information of the second terminal 120 (or a browser), and the second terminal side transceiver unit 215 After processing to output a specific image code on the website (or browser) of the second terminal 120 connected to the user through the (2), the second terminal 120 (or through the storage unit 210) Browser) the identification information and the specific image code information are connected and processed to be stored on the storage medium 105, and the specific image code is transmitted through the user wireless terminal 110 through the wireless terminal side transceiver unit 205. When received, the first confirmation of the image code matching the specific image code through the storage medium 105, and the second terminal connected to the image code matching the specific image code transmitted through the user wireless terminal 110 (120) ( The second identification of the browser) identification information, and the identification information of the second terminal 120 (or the browser) identification information and the wireless terminal 110 that transmitted the specific image code according to the second confirmation result Connected to the storage medium 105 for temporary storage.

Here, the image code includes a one-dimensional barcode, a two-dimensional barcode, a three-dimensional barcode, a color code, and one or more two-dimensional barcodes, and the second terminal 120 by a direct encoding method. URL (Uniform Resource Location) on the wired / wireless Internet where the identification information of the second terminal 120 (or the browser) is stored by directly encoding the identification information of the second terminal 120 (or the browser) by a method of directly encoding the identification information of the second terminal 120 (or the browser). The information is encoded and included, or some of the identification information of the second terminal 120 (or the browser) is directly encoded by the hybrid encoding method, and the second terminal 120 (or the browser) is included. The remaining part of the identification information may be encoded by including URL (Uniform Resource Location) information stored on the wired or wireless Internet.

The method of generating an image code in the synchronization processor 230 includes a direct encoding method of directly encoding and including identification information of the second terminal 120 (or a browser) and a second terminal. Reference encoding method of encoding and including URL (Uniform Resource Location) information on the wired / wireless Internet in which the identification information of the 120 (or browser) is stored, and using an appropriate combination of direct encoding and reference encoding. A hybrid encoding method can be used.

Direct encoding is an image code generation method in which the identification information of the second terminal 120 (or browser) is directly encoded and included in an image code, and the identification information of the second terminal 120 (or browser) includes one image code. If the condition that can be included in the satisfies, the image code generation method to include the identification information of the second terminal 120 (or browser) directly in the image code according to the policy for generating the image code.

Accordingly, the authentication processing server 100 or the wireless terminal 110 that recognizes the directly encoded image code may directly extract and use identification information of the second terminal 120 (or browser) included in the corresponding image code.

Reference encoding is an image code generation method of storing identification information of the second terminal 120 (or a browser) at a specific location on a wired / wireless internet, processing the location information into a URL, and encoding the location information into an image code. The authentication processing server 100 or the wireless terminal 110 recognizing the encoded image code accesses a URL on the wired / wireless internet included in the corresponding image code and checks and utilizes identification information of the second terminal 120 (or a browser). Can be.

Mixed encoding is a method of generating an image code by encoding some of the identification information of the second terminal 120 (or a browser) directly to an image code, and encoding some information by referring to URL information where the information is stored. The authentication processing server 100 or the wireless terminal 110 that recognizes the image code extracted, extracts the direct information and the reference information included in the image code, and then checks the identification information of the second terminal 120 (or browser) It can be utilized.

According to another embodiment of the present invention, the synchronization processing unit 230, at least one to the user wireless terminal 110 from the interface of the browser connected to the user via the second terminal side transceiver 215. When the identification information is received, the storage medium 105 by interconnecting the received user wireless terminal 110 identification information and the second terminal 120 (or browser) identification information that transmitted the wireless terminal 110 identification information. Save it temporarily).

According to another embodiment of the present invention, the synchronization processor 230, after receiving the user login information through the second terminal side transceiver 215 and the wireless terminal side transceiver 205, respectively, the same Identifying the second terminal 120 and the wireless terminal 110 that transmitted the login information, and in response to the verification result, the identification information and the wireless terminal (or browser) of the second terminal 120 (or browser) that transmitted the same login information ( 110, the identification information is interconnected and temporarily stored in the storage medium 105.

Thereafter, the synchronization processor 230 uses the identification information of the wireless terminal 110 temporarily stored in the storage medium 105 and the second terminal 120 (or browser) identification information, so that the second terminal 120 may be used. Virtual communication channel between a website (or a browser) and the wireless terminal 110.

Confirmation unit 220 according to an embodiment of the present invention, after the synchronization processing through the synchronization processing unit 230, serves to confirm the OTP transmitted through the user wireless terminal 110.

Authentication unit 225 according to the embodiment of the present invention, serves to process the authentication for the OTP confirmed through the confirmation unit 220.

According to the present invention, the authentication unit 225 generates an authentication OTP using the OTP information connected to the identification information of the wireless terminal 110 on the storage medium 105, and generates the authentication OTP and wireless. The OTP is authenticated by comparing and matching the OTP transmitted by the terminal 110. The OTP generation technology for authentication is well known to those skilled in the art, and thus a detailed description thereof will be omitted.

The information processing unit 235 according to the embodiment of the present invention, in response to the OTP authentication result through the authentication unit 225, to the website (or browser) connected to the synchronized second user terminal 120 It handles user authentication or login authentication.

The information processing unit 235 according to the present invention, in response to the OTP authentication result through the authentication unit 225, the identification information or OTP of the wireless terminal 110 on the storage medium 105 via the confirmation unit 220 After confirming the website (or browser) account login information or authentication information for the user previously stored in connection with the information, the website (or browser) account login information or authentication information for the confirmed user is displayed. The server 120 transmits the authentication result, the login result, or the login information itself to the operation server of the terminal 120 connected (or the browser) or directly to the website (or the browser) accessed by the second user terminal 120. Let's do it.

Application management unit 240 according to the embodiment of the present invention, is installed in the user wireless terminal 110, the function to receive a specific random number or a specific image code output to the browser on the second terminal 120 connected to the user; A function of receiving a specific voice from the user, and transmitting the input specific random number or specific image code to the authentication processing server 100 on the communication network to request synchronization with the browser on the second terminal 120 connected to the user. It performs a role of processing the distribution and management of an application that executes a function of processing the OTP generated by the OTP generation unit 430 to be transmitted to the authentication processing server 100 on the communication network.

The control unit 200 according to the embodiment of the present invention serves to control the function of each component in the authentication processing server 100.

According to the present invention, one or more components of each component provided in the authentication processing server 100 may be configured in a single program or program set form.

3 is a diagram illustrating an embodiment of a storage medium 105 according to an embodiment of the present invention.

Referring to FIG. 3, the identification information of the wireless terminal 110 and the identification information of the second terminal 120 (or a browser) on the storage medium 105, and a random number, image code, login information, and wireless terminal 110 for synchronization processing are provided. Synchronization information such as identification information and OTP information for authenticating OTP transmitted from the wireless terminal 110 and login information (ID and password, etc.) for processing the user's login in response to the OTP authentication result are interconnected. Shows one embodiment that is stored.

That is, the storage medium 105, wireless terminal 110 identification information including one or more of the wireless terminal 110, the phone number, user information, a unique serial number, login information, and the like, and the second terminal 120 Identification information of the second terminal 120 (or a browser) including one or more connected IP address information, terminal unique information, user information, login information, and the like, of the user wireless terminal 110 and the second terminal 120. Random number information and image code information output to the second terminal 120 browser to synchronize a website (or a browser), and user wireless terminal 110 identification information received through the second terminal 120 browser; By connecting and storing synchronization information including one or more user login information, the second terminal 120 (or a browser) and the synchronization processing between the wireless terminal 110, and the authentication processing server 100 Via wireless terminal 110 User login for each website (or browser) includes OTP information including a Seed value for generating an OTP for authentication corresponding to the OTP and identification information of the OTP generator provided in the wireless terminal 110 for OTP authentication. Information (ID / password, etc.) to the authentication information is interconnected and stored.

4 is a diagram illustrating a detailed configuration of a user wireless terminal 110 according to another embodiment of the present invention.

4 is a diagram of a wireless terminal 110 operating on a mobile communication system, which is applied to information processing according to the present invention. Although not shown in the drawing, the wireless terminal 110 has an external appearance in terms of hardware. It may include a body, a speaker, a microphone, a keypad, a liquid crystal display (LCD), an antenna, a battery, and the like, and may include all the functions and configurations of the wireless terminal 110 that can communicate with the present or future. .

Preferably, the main functional configuration of the wireless terminal 110 according to the present invention referring to the above-described hardware characteristics, the control unit 400, the interface unit 410, the camera unit 420 and , An OTP generation unit 430, a key input unit 450, an output unit 450, and a memory 460. Each of the components may be configured according to the type and characteristics of the wireless terminal 110. May be added or excluded.

Referring to FIG. 4, the memory 460 stores an application installed in the wireless terminal 110 to perform an object according to the present invention. When the application does not generate an OTP, a separate OTP generator may be used. Save more.

Here, the memory 460 is a predetermined program routine (or code) for controlling the overall operation of the wireless terminal 110 and / or program data (for example, when the operation by the program routine (or code) is performed). A general term for a memory device that stores input and output information and / or data, and includes a read only memory (ROM) corresponding to a read-only memory, a flash memory (FM) capable of reading / writing, and an EEPROM (Electrically). Erasable and Programmable Read Only Memory).

The key input unit 440 according to the embodiment of the present invention performs a role of receiving various commands or information from the user. According to the present invention, the user may receive a random number output from the user on the second terminal 120 browser. , Or serves to receive login information from a user, and receives a password or a personal identification number (PIN) for generating an OTP.

The camera unit 420 according to the embodiment of the present invention performs a role of photographing the image code output on the browser of the second terminal 120.

The output unit 450 according to an exemplary embodiment of the present invention performs a role of outputting various kinds of information or data on the screen, and optionally outputs the OTP.

The interface unit 410 according to the embodiment of the present invention serves as an input interface for various data or information transmitted to the authentication processing server 100.

According to the present invention, the interface unit 410 may include specific random number information or login information output on the website (or browser) of the second terminal 120 input through the key input unit 440, and After receiving one or more image codes photographed through the camera unit 420, it serves as an interface for transmitting to the control unit 400.

The OTP generation unit 430 according to the embodiment of the present invention plays a role of generating one time password (OTP), and in some cases, generates an OTP by driving an OTP generator provided on the memory 460. .

The control unit 400 according to an embodiment of the present invention transmits a specific random number or a specific image code, login information, and wireless terminal 110 identification information input through the interface unit 410 to a server on a communication network. Request for synchronization with the browser on the second terminal 120 is connected, and serves to process the OTP generated through the OTP generation unit 430 to be transmitted to the authentication processing server 100 on the communication network.

In addition, the control unit 400 according to an embodiment of the present invention serves to control the function of each component in the wireless terminal 110, it may be configured in the form of a program or application.

Meanwhile, all or some of the functions of the control unit 400, the interface unit 410, and the OTP generating unit 430 of the illustrated components of the wireless terminal 110 may be included in the program of the wireless terminal 110. It can be implemented in the form of an application, in this case, the application performs a function of an application managed and distributed by the application manager of the authentication processing server 100 previously.

Hereinafter, the above-described authentication processing system is connected to the user wireless terminal 110 and the second terminal 120 through a communication network, and the second terminal 120 using the one time password (OTP) provided in the wireless terminal 110. Will be described in more detail the process of processing the login or authentication of the website (or browser) accessed through the ().

Here, the application performs the function and role of the component in the wireless terminal 110 of FIG. 4 described above, or may be described as a component name in a separate wireless terminal 110, or the name of the component is omitted, and the application It will be described as a process through.

5 is a diagram illustrating a synchronization process between a user wireless terminal 110 and a second terminal 120 using a specific random number according to an embodiment of the present invention.

First, the authentication processing server 100 generates a random number through the synchronization processor 230, and then requests a specific random number to be output on the website (or browser) of the second terminal 120 to which the user is connected (S510). ).

Thereafter, the authentication processing server 100 connects the random number information and the identification information of the second terminal 120 (or a browser) through which the random number is output through the storage unit 210 to temporarily store on the storage medium 105. Save (S515).

The second terminal 120 outputs the random number transmitted through the authentication processing server 100 on the browser connected to the user (S520).

Thereafter, the user wireless terminal 110 receives the random number output on the second terminal 120 browser (S525), and then inputs the received random number information and the wireless terminal 110 identification information to the authentication processing server 100. (S530).

Thereafter, the synchronization processing unit 230 of the authentication processing server 100 compares the random number information previously stored on the storage medium 105 with the random number information received from the wireless terminal 110 through step S515. In operation S535, matching random number information is checked.

When the random number information matching the random number information received from the wireless terminal 110 is present on the storage medium 105, the synchronization processing unit 230 of the authentication processing server 100 (S540), The second terminal 120 (or browser) identification information pre-stored in the storage medium 105 is connected to the random number, and the identified second terminal 120 (or browser) identification information and the random number information are transmitted. The identification information of one wireless terminal 110 is interconnected and stored on the storage medium 105, thereby synchronizing the second terminal 120 (or a browser) and the wireless terminal 110 with each other (S545). ).

If the random number information matching the random number information received from the wireless terminal 110 does not exist on the storage medium 105 (S550), the authentication processing server 100 generates an error message and the like. It transmits to the wireless terminal 110 (S555).

6 is a diagram illustrating a synchronization process between a user wireless terminal 110 and a second terminal 120 using an image code according to an embodiment of the present invention.

First, the authentication processing server 100 generates an image code including identification information of the second terminal 120 (or a browser) through the synchronization processing unit 230, and then the second terminal 120 to which the user is connected. The image code is requested to be output on a website (or a browser) at step S610.

Thereafter, the authentication processing server 100 connects the image code information and the identification information of the second terminal 120 (or a browser) through which the image code is output through the storage unit 210 to the storage medium 105. Temporary storage in (S615).

The second terminal 120 outputs the image code transmitted through the authentication processing server 100 on a browser accessed by the user (S620).

Thereafter, the user wireless terminal 110 receives the image code output on the browser of the second terminal 120 through the camera unit 420 and receives the image code through the interface unit 410 (S625). The image code information and the wireless terminal 110 identification information are transmitted to the authentication processing server 100 (S630).

Then, the synchronization processing unit 230 of the authentication processing server 100, the image code information previously stored on the storage medium 105 and the image code information received from the wireless terminal 110 through the step (S615) In operation S635, the matching image code information is checked.

Of course, the matching operation of the image code information may include a matching operation of a specific code included in the image code or the identification information of the second terminal 120 (or browser).

The synchronization processing unit 230 of the authentication processing server 100, if the image code information matching the image code information received from the wireless terminal 110 is present on the storage medium 105 (S640), The second terminal 120 (or browser) identification information pre-stored in the storage medium 105 is connected to a matching image code, and the identified second terminal 120 (or browser) identification information and the image are identified. The identification information of the wireless terminal 110 that transmits the code information is interconnected and stored on the storage medium 105, thereby synchronizing the second terminal 120 (or a browser) with the wireless terminal 110. Process (S645).

If image code information matching the image code information received from the wireless terminal 110 does not exist on the storage medium 105 (S650), the authentication processing server 100 generates an error message or the like. The mobile station 110 transmits the data to the wireless terminal 110 (S655).

7 is a diagram illustrating a synchronization processing process between a user wireless terminal 110 and a second terminal 120 using identification information of the user wireless terminal 110 according to an embodiment of the present invention.

First, the website (or browser) of the second terminal 120 receives the user's wireless terminal 110 identification information from the user, and then transmits the wireless terminal 110 identification information to the authentication processing server 100. (S710).

Then, the synchronization processing unit 230 of the authentication processing server 100, the wireless terminal 110 identification information received from the second terminal 120 browser via the second terminal side transceiver unit 215, the wireless terminal. In operation S720, the second terminal 120 (or the browser) that transmits the identification information is interconnected with the identification information and temporarily stored in the storage medium 105 (S720).

Then, the synchronization processing unit 230 of the authentication processing server 100, the wireless terminal corresponding to the identification information of the wireless terminal 110 and the second terminal 120 (or browser) stored on the storage medium 105, respectively. The 110 and the second terminal 120 (or the browser) are mutually synchronized with each other (S730).

8 is a diagram illustrating a synchronization process between a user wireless terminal 110 and a second terminal 120 using user login information.

First, after receiving the login information from the user, the second terminal 120 browser transmits the input login information to the authentication processing server 100 (S810), and the wireless terminal 110 also receives the login information from the user. After receiving the input, the input login information is transmitted to the authentication processing server 100 (S820).

Thereafter, the synchronization processing unit 230 of the authentication processing server 100 compares the user login information received through the second terminal transmission / reception unit 215 and the wireless terminal transmission / reception unit 205, respectively, and performs the same login. The second terminal 120 and the wireless terminal 110 which have transmitted the information are checked (S840).

As a result of the comparison of the user login information, if there is matching login information (S850), the identification information of the second terminal 120 (or the browser) and the wireless terminal 110 which transmit the same login information are interconnected. Temporarily stored in the storage medium 105, and the second terminal 120 (or browser) and the wireless terminal 110 is synchronized with each other (S860).

If, as a result of comparing the user login information, there is no login information that matches each other (S870), the authentication processing server 100 generates an error message and the like and transmits it to the wireless terminal 110 (S880).

Subsequently, after the synchronization process through FIGS. 5 to 8, authentication or login at the website (or browser) of the second terminal 120 accessed by the user using OTP transmitted through the user wireless terminal 110 is performed. A process of processing will be described with reference to FIG. 9.

FIG. 9 illustrates a process of logging in or authenticating a website (or a browser) accessed through the second terminal 120 using an OTP (One Time Password) generated by the wireless terminal 110 according to an embodiment of the present invention. A diagram illustrating the process.

First, the wireless terminal side transceiver unit 205 of the authentication processing server 100 receives the OTP and the wireless terminal 110 identification information from the user wireless terminal 110 (S910).

Thereafter, the authentication processing server 100 checks the OTP information connected to the identification information of the wireless terminal 110 on the storage medium 105 through the verification unit 220, and the confirmed through the authentication unit 225. An OTP for authentication is generated using the OTP information, and the OTP is authenticated by comparing and matching the generated OTP for authentication with the OTP transmitted by the wireless terminal 110 (S920).

Thereafter, the information processing unit 235 of the authentication processing server 100 checks the identification information of the wireless terminal 110 transmitting the OTP and / or the identification information of the second terminal 120 (or browser) connected with the OTP information. (S930).

In the case of transmitting the OTP authentication result instead of the login information corresponding to the OTP authentication result according to the embodiment of the present invention (S940), the information processing unit 235 of the authentication processing server 100 is the authentication result for the OTP. It is transmitted to the website operation server 125, or output to the browser connected to the user (S950).

Meanwhile, when the transmission of the login authentication result or the login information corresponding to the OTP authentication result is determined according to an exemplary embodiment of the present invention (S960), the information processing unit 235 of the authentication processing server 100 may store the storage medium 105. Extract login information corresponding to the website (or browser) to which the user is connected from among the user login information connected to the identification information and / or OTP information of the wireless terminal 110 (S970), and extracts the login information. To send the login authentication result to the website operation server 125 corresponding to the identification information of the confirmed second terminal 120 (or browser), output to the browser connected to the user, or autofill processing (S980).

100: information processing server 110: user wireless terminal
120: second terminal 125: website operation server
200: control unit 205: wireless terminal side transmission / reception unit
210: storage unit 215: second terminal side transmission / reception unit
220: verification unit 225: authentication unit
230: synchronization processing unit 235: information processing unit
240: application management unit

Claims (12)

A storage medium for storing user identification information, one or more user website (or browser) account login information, and one time password (OTP) information provided in a user wireless terminal;
Synchronization processing means for synchronizing a website (or a browser) to which the user wireless terminal and the user second terminal are connected;
Information receiving means for receiving an OTP through the user wireless terminal;
OTP authentication means for authenticating the OTP transmitted through the user wireless terminal by using the OTP information previously stored in the storage medium; And
And information processing means for processing a user login authentication for a website (or a browser) to which the second user terminal is connected, in response to an authentication result through the OTP authentication means.
Synchronization processing means for synchronizing a website (or a browser) to which the user wireless terminal and the user second terminal are connected;
Information receiving means for receiving an OTP (one time password) through the synchronized user wireless terminal;
OTP authentication means for authenticating the OTP transmitted through the synchronized user wireless terminal; And
And information processing means for processing user authentication for a website (or browser) to which the synchronized second user terminal is connected, in response to an authentication result through the OTP authentication means.
The method according to claim 1 or 2, wherein the synchronization processing means,
Process to output a specific random number on a website (or browser) to which the user is connected, and when the specific random number is received through the user wireless terminal, the user access website (or browser) information outputting the specific random number; Synchronize and interconnect the user wireless terminal information transmitting the specific random number, or
A user accessing website (or a browser) that outputs a specific image code on a website (or a browser) to which the user is connected, and outputs the specific image code when the specific image code is received through the user wireless terminal. ) Information and the user's wireless terminal information transmitting the specific image code is interconnected and synchronized, or
When one or more identification information of the user wireless terminal is received through a website (or a browser) to which the user is connected, the user wireless terminal information corresponding to the user wireless terminal identification information and one or more identification of the user wireless terminal To interconnect and synchronize the information (or browser) of the user who sent the information, or
If it is determined whether the same user is using the login information through the website (or browser) accessed by the user and the login information through the user wireless terminal, the user access website (or browser) information and the user wireless terminal information are determined. Authentication processing system, characterized in that the interconnection and synchronization.
The method of claim 1, wherein the information processing means,
A confirmation unit for confirming website (or browser) account login information or authentication information for the user previously stored in connection with wireless terminal identification information or OTP information on a storage medium;
And a transmission unit for transmitting the website (or browser) account login information or authentication information for the user identified through the confirmation unit to a website operation server connected to the second user terminal.
The method of claim 2, wherein the information processing means,
And a transmitting unit for transmitting the authentication result through the OTP authentication means to an online website operating server connected to the second user terminal.
The method of claim 1 or 2, wherein the user second terminal,
Authentication processing system comprising at least one PC, IP-TV, home appliances.
A synchronization processing step of synchronizing a website (or a browser) accessed by the user wireless terminal and the user second terminal in the server;
An OTP receiving step of receiving an OTP (one time password) through the synchronized user wireless terminal in a server;
An OTP authentication step of authenticating an OTP transmitted through the synchronized user wireless terminal in a server; And
And an authentication processing step of processing a user authentication for a website (or a browser) to which the synchronized second user terminal is connected in response to an authentication result through the OTP authentication means at a server.
The method of claim 7, wherein the synchronization processing step,
Processing a specific random number to be output on a website (or a browser) to which the second user terminal is connected;
And when the specific random number is received through the user wireless terminal, interconnecting and synchronizing the user access website (or browser) information outputting the specific random number with the user wireless terminal information transmitting the specific random number. Characterized in that the authentication processing method.
The method of claim 7, wherein the synchronization processing step,
Processing a specific image code to be output on a website (or a browser) to which the second user terminal is connected;
When the specific image code is received through the user wireless terminal, connecting and synchronizing the user access website (or browser) information outputting the specific image code with the user wireless terminal information transmitting the specific image code. Authentication processing method comprising a.
The method of claim 7, wherein the synchronization processing step,
Receiving one or more identification information of the user wireless terminal through a website (or a browser) accessed by the second user terminal;
And interconnecting and synchronizing user radio terminal information corresponding to the received user radio terminal identification information with user website (or browser) information transmitting one or more identification information of the user radio terminal. Authentication processing method.
The method of claim 7, wherein the user second terminal,
Authentication processing method comprising at least one PC, IP-TV, home appliances.
A computer-readable recording medium having recorded thereon a program for executing the method of any one of claims 7 to 10.
KR1020110093441A 2011-09-16 2011-09-16 Recording medium, method and system for log-in or certification of web site or browser KR20130030320A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020110093441A KR20130030320A (en) 2011-09-16 2011-09-16 Recording medium, method and system for log-in or certification of web site or browser

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020110093441A KR20130030320A (en) 2011-09-16 2011-09-16 Recording medium, method and system for log-in or certification of web site or browser

Publications (1)

Publication Number Publication Date
KR20130030320A true KR20130030320A (en) 2013-03-26

Family

ID=48179883

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020110093441A KR20130030320A (en) 2011-09-16 2011-09-16 Recording medium, method and system for log-in or certification of web site or browser

Country Status (1)

Country Link
KR (1) KR20130030320A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017086556A1 (en) * 2015-11-20 2017-05-26 (주)엔에스비욘드 Secure tunnel-based authentication method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017086556A1 (en) * 2015-11-20 2017-05-26 (주)엔에스비욘드 Secure tunnel-based authentication method and device

Similar Documents

Publication Publication Date Title
US20160373428A1 (en) Smart phone login using qr code
US10693854B2 (en) Method for authenticating a user, corresponding server, communications terminal and programs
US20090174525A1 (en) Communication system and communication method
CN106161475B (en) Method and device for realizing user authentication
JP2010033193A (en) Authentication system and authentication server device
CN104702562B (en) Terminal fused business cut-in method, system and terminal
EP3376421A1 (en) Method for authenticating a user and corresponding device, first and second servers and system
JP2009151568A (en) Security management system, security management method, information processing terminal device and authentication device
KR20130029983A (en) Recording medium, method and device for log-in or certification use of near field communication
CN108282768A (en) Bluetooth equipment shares control and requesting method and electronic equipment
JP2017102842A (en) Personal identification system, personal identification information output system, authentication server, personal identification method, personal identification information output method, and program
KR100858146B1 (en) Method for personal authentication using mobile and subscriber identify module and device thereof
KR20130078842A (en) Recording medium, server for 2-factor authentication use of image code and one time password
KR101853970B1 (en) Method for Relaying Authentication Number
KR20120089388A (en) Method for Requesting Caller Authentication of Voice Network using Data Network, Caller Device and Program
KR20130030320A (en) Recording medium, method and system for log-in or certification of web site or browser
KR20130093794A (en) Recording medium, method and system for registration and operating of 2-factor authentication information
KR101828684B1 (en) Method for Automating Login Coupled with Medium
KR20130030321A (en) Recording medium, wireless terminal and method for log-in or certification of web site or browser
KR20130029986A (en) Recording medium, wireless terminal and method for log-in or certification use of near field communication
KR20130029988A (en) Recording medium, method and system for financial transactions processing
KR20130029994A (en) Recording medium, wireless terminal and method for inancial transactions processing
KR20100136269A (en) System and method for managing otp with biometrics and recording medium
KR20130029998A (en) Recording medium, method and device for financial transactions processing use of near field communication
KR20130038086A (en) Recording medium, method and system for financial transactions use of automated teller machine

Legal Events

Date Code Title Description
WITN Withdrawal due to no request for examination