KR20140118568A - System, apparatus, method and computer readable recording medium for phone call participant authentication - Google Patents
System, apparatus, method and computer readable recording medium for phone call participant authentication Download PDFInfo
- Publication number
- KR20140118568A KR20140118568A KR1020130034731A KR20130034731A KR20140118568A KR 20140118568 A KR20140118568 A KR 20140118568A KR 1020130034731 A KR1020130034731 A KR 1020130034731A KR 20130034731 A KR20130034731 A KR 20130034731A KR 20140118568 A KR20140118568 A KR 20140118568A
- Authority
- KR
- South Korea
- Prior art keywords
- party
- caller
- information
- data
- call
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/66—Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
- H04M1/667—Preventing unauthorised calls from a telephone set
- H04M1/67—Preventing unauthorised calls from a telephone set by electronic means
- H04M1/673—Preventing unauthorised calls from a telephone set by electronic means the user being required to key in a code
Abstract
Description
The present invention relates to an authentication apparatus, and more particularly, to a telephone call participant authentication system, apparatus, method and computer-readable recording medium for authenticating a telephone call participant.
It is important to verify the identity of the caller or caller in the phone call. Recently, spam calls are increasing, and phone calls to make prank calls or even to harass others are causing inconvenience to telephone callers.
Organizations that provide partial or complete access to services through telephones, such as banks, to address caller identity issues have introduced procedures for identifying caller identity based on password, password, and personal information questions " This process usually requires a human operator to verify the client's answer from the service provider's perspective.
General users must respond to the caller ID service, and users can attempt to perceive themselves through voices. Other conventional solutions for such party verification can be categorized as follows.
First, speaker recognition based on biometric information is possible. The most popular idea is to use speech samples to recognize the caller. The stored samples are compared with the samples provided by the user at the start of the call. At this time, whether or not the user is authenticated is determined according to the comparison result.
Second, reliable third party services are possible. For example, as a verification system integrated into a communications network, a network node directly connected to the caller provides additional information about itself. At this time, the receiver can confirm the call source by processing the inserted node information and the caller ID. Also, as a method of using a selective sign language service integrated into a network, a caller must first register with a service providing caller account information in order to use the service. At this time, before the call starts, the selective sign language service requests that the caller provide the registered information to prove his or her identity. In addition, the caller name is authenticated using an authentication certificate issued by the registrar. At this time, a caller who wants to be identified by the other party may request such a certificate. Accordingly, the call recipient can confirm the provided certificate to confirm the identity of the caller and set an authentication dialogue with the caller.
Third, there is a solution using a camera. For example, in a system based on the image capture unit, the photograph of the caller is taken just before the call begins. At this time, the picture is transmitted to and displayed on the receiver, and the receiver can accept or reject the call based on the received picture.
Fourth, there is a location based confirmation method. For example, as a solution based on LBS (Location Based Service) information of a caller to be collected by a server, the other party can request location information from an LBS server which is a part of a communication network structure. At this time, the caller can specify the level of privacy of his LBS data to modify the accuracy of the information provided to the recipients. Also, as a method using the caller ID information extended with location data, this method simply adds another field describing the terminal location to the caller ID message. At this point, the receiver uses available location data sources and adds them with the caller ID. Also, as a method of transmitting location information during a conversation of devices during a call request, the location data is requested by the recipient and provided according to the privacy level by the call initiator.
Fifth, there may be other methods. For example, as a solution based on an additional secure communication channel, this channel ensures that the transmitted data can not be manipulated. On the other hand, when the device starts connection from outside the network on the safety channel, a first time stamp is generated. Other timestamps occur after the connection is established. At this time, unconditional access to the service is allowed only if the difference between the timestamps is within the predefined window. On the other hand, limited access is allowed if a secure channel is not used. In addition, for example, a system for blocking spam calls based on CAPTCHA (Completely Automated Public Tutor test to tell Computers and Humans Apart), wherein user devices convert specific number information into voice information and transmit the converted information to the call terminal Lt; / RTI > At this time, the device will allow communication only when the specific number information is correctly inputted from the call terminal.
Meanwhile, the various authentication methods have the following problems.
First, the semiautomatic caller identification method is not substantially automatic. Therefore, at a certain level, a person is needed, and there is a discomfort such as re-storing the password and answering it. Also, it takes a long time and the verification process can take several minutes
The way to use caller ID is unsafe and unreliable because caller ID theft is possible. In addition, the manual speech recognition method has a high possibility of occurrence of errors, and is disadvantageous in that it is unsafe from spoofing using voice modulation software. Further, there is a problem that it is difficult or impossible to identify a caller who does not know, or the caller has to identify himself / herself because of poor voice quality.
Among the above methods, the automatic speech recognition methods are likely to cause errors because they can give false positives and true negatives, and the problem that the speech recognition software is unsafe from spoofing have.
Also, reliable third-party methods require complex network structure changes, and camera-based methods are unsafe due to fake pictures and require a lot of data to be transmitted. there is a problem. Further, if the image quality is not sufficiently good, there is a problem that identification is difficult or impossible.
On the other hand, location-based methods are complex because they require a GPS (Global Positioning System) device to provide accurate position data, and are unsafe due to fake position data. Also, there is a problem that location information is not reliable during caller verification and can not be trusted. Moreover, there is a problem that it is complicated because it requires an additional secure channel, and it is unreliable because the time difference is wide and inaccurate.
Finally, the CAPTCHA method has a disadvantage in that it is complicated because it requires speech synthesis software, and the caller has to listen to the message received and respond by pressing the appropriate keys, which is inconvenient. In addition, there is a problem that it is not reliable because it is helpful only in checking automatic spam messages, and it is not safe because it may deceive the speech recognition software.
Accordingly, there is a need for a method for solving the above problems and for effectively authenticating callers.
An embodiment of the present invention provides a telephone call participant authentication system, an apparatus, a method, and a computer-readable recording medium capable of authenticating a call participant by exchanging information between two communication devices using a predefined protocol.
Also, an embodiment of the present invention provides a telephone call participant authentication system, an apparatus, a method, and a computer readable recording medium capable of authenticating a call participant by determining whether the call participant is a reliable caller using the caller sort information stored in the apparatus to provide.
According to an aspect of the present invention, a telephone call participant authentication apparatus includes a communication processing unit for performing a process for telephone conversation between callers, and a call request receiving unit for receiving a call request from the communication partner apparatus and confirming a call request status from the communication processing unit , And transmits preset query data to the device of the other party's party, receives answer data corresponding to the inquiry data from the device of the other party's party, and determines from the received answer data whether the corresponding party is a trusted party And a control unit for processing to authenticate the user.
The apparatus may further include a storage unit for storing identification information of at least one party, and the control unit may process the inquiry data so that the inquiry data is encrypted with the identification information of the other party.
The identification information may be a public key for the caller.
The answer data received by the control unit may be data encrypted with the private key of the other party.
The control unit may exchange identification information with a device of the other party's party before performing authentication on the other party's party when a call is requested from the device of the other party and the status of the call request is confirmed from the communication processing unit.
The storage unit may include caller classification information that classifies the callers according to the reliability of the caller.
The caller classification information may include white list information including information about the trusted caller, black list information including information about the untrusted caller, And gray list information including information on the caller.
The caller classification information may be updated by receiving the caller classification information of the other party.
The query data may be data arbitrarily selected from a plurality of previously stored query data.
As a result of the authentication by the control unit, when the relative party is a trusted party from the received answer data, the corresponding party can be added to the whitelist.
As a result of the authentication by the control unit, if the relative party is an untrusted party from the received answer data, the corresponding party can be added to the black list.
If it is determined that the identification information of the other party is not included in any of the list information of the whitelist information, the blacklist information, and the gray list information, the control unit may add the relative caller to the gray list information have.
According to another aspect of the present invention, a telephone call participant authentication system includes: requesting a call to a second device, receiving encrypted query data from the second device, decrypting the received query data with its own private key A first device for encrypting reply data corresponding to the inquiry data with its own private key and transmitting the reply data to the second device; and a second device for transmitting the preset query data to the second device when the call is requested from the first device, Receiving the encrypted reply data from the first device, decrypting the encrypted answer data with a public key of the first device party, encrypting the encrypted response data with the public key of the first device party, And a second device for authenticating whether or not the device is authentic.
According to another aspect of the present invention, a method for authenticating a telephone call participant includes the steps of receiving a call from a device of a correspondent party, transmitting preset query data to the device of the correspondent party when a call request status is confirmed, Receiving an answer data corresponding to the inquiry data from the device of the other party, and authenticating whether the other party is a trusted party from the received answer data.
The method may further include a step of storing identification information of at least one party, and the method may further include the step of encrypting the inquiry data with the identification information of the other party.
The identification information may be a public key for the caller.
And decrypting the answer data using the public key of the other party after receiving the answer data.
The method may further include exchanging identification information with the device of the other party before performing the authentication on the other party.
The method may further include storing caller classification information that classifies the callers according to the reliability of the caller.
The caller classification information includes white list information including information on a trusted party, blacklist information including information on an untrusted party, and information on a party that can not be trusted And at least one list information among the gray list information including the gray list information.
The caller classification information may be updated by receiving the caller classification information of the other party.
The query data may be data arbitrarily selected from a plurality of previously stored query data.
And adding the corresponding party to the whitelist if the corresponding party is a trusted party from the received answer data.
And adding the corresponding party to the black list if the corresponding party is an untrusted party from the received answer data.
The method further includes adding the relative party to the gray list information if the identification information of the other party is not included in any of the list information of the white list information, the black list information, and the gray list information .
Meanwhile, the information on the telephone call participant authentication method may be stored in a computer-readable recording medium. Such a recording medium includes all kinds of recording media in which programs and data are stored so that they can be read by a computer system. Examples of the storage medium include a ROM, a Random Access Memory, a CD, a DVD, a magnetic tape, a floppy disk, an optical data storage device, an embedded multimedia card (eMMC) And the like, and may also be implemented in the form of a carrier wave (for example, transmission over the Internet). Such a recording medium may also be distributed over a networked computer system so that computer readable code in a distributed manner can be stored and executed.
As described above, the authentication method of the call participant according to the embodiment of the present invention does not affect the performance of the apparatus and the authentication speed is fast.
In addition, the authentication method according to the embodiment of the present invention is more secure than the conventional various authentication methods. In addition, it is convenient because the call is not disconnected for authentication, it is easy to use and there is no need for the caller to reveal the telephone number.
In addition, the authentication method according to the embodiment of the present invention can be performed even once, and it is simple to use because no additional service or third party is required for authentication. In addition, the security level can be adjusted and the single user characteristic can be used in many devices, so the application is flexible.
1 illustrates a telephone call participant authentication system in accordance with an embodiment of the present invention.
2 is a block diagram showing a detailed configuration of each communication apparatus according to an embodiment of the present invention;
3 is a block diagram illustrating a detailed configuration of a telephone call participant authentication apparatus according to an embodiment of the present invention;
4 is a signal flow diagram illustrating an authentication procedure for a phone call participant between devices in accordance with an embodiment of the present invention.
Figures 5A-5C are flow charts illustrating a procedure for approving and authenticating parties in a device in accordance with an embodiment of the present invention.
6 is a flow diagram illustrating a caller information exchange procedure during a trusted telephone call in accordance with an embodiment of the present invention.
Figures 7A and 7B are flow diagrams illustrating a party categorization procedure based on information provided by other trusted parties according to an embodiment of the present invention.
The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with one embodiment. It should also be understood that the position or arrangement of individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the present invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which the claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.
One embodiment of the present invention discloses a telephone call participant authentication system, apparatus and method that can authenticate a call participant by exchanging information between two communications devices using a predefined protocol. Also, an embodiment of the present invention can authenticate a call participant by determining whether the caller is a reliable caller using caller classification information stored in the device.
For example, most current voice communication devices such as smart phones and the like provide a method for installing software. Thus, certain software may be included as part of the device firmware. At this time, the software may change how it operates at the call level of a voice communication device (e.g., a phone including a smart phone, etc.). This particular function can be used for seamless information exchange between communication devices during a telephone conversation or just before the actual conversation is started. Accordingly, the authentication and authentication of the communication device according to the embodiment of the present invention can be realized by designing a communication protocol between the devices. However, the present invention is not limited to such an implementation method. For example, a caller authentication method according to an embodiment of the present invention may require two communication devices to exchange information using a predefined protocol during a call.
According to an embodiment of the present invention, before the caller is properly authenticated, the caller should preferably be approved in some way (e.g. voice recognition, password, personal question, etc.). Accordingly, a specific caller (hereinafter, referred to as an 'verifier' in the present invention) of a call participant can call another caller (hereinafter referred to as 'applicant' in the present invention) If determined to trust, the particular caller (i.e., authenticator) can identify another caller (i.e., the applicant) in a single operation (e.g., an operation to select an appropriate call option provided by the existing software). Therefore, according to the embodiment of the present invention, authentication of the party can be performed in the following manner.
1. Both parties send their identification information (e.g., public key) to each other at start-up.
2. At some point, the authenticator decides that he or she trusts the applicant and informs the applicant.
3. The authenticator already owns the identity of the applicant (eg public key). At this time, the callers can selectively exchange additional secret information (e.g., biometric data and passwords) needed to verify the identity.
4. The authenticator stores the public key for the applicant and related data in a white list. The applicant can now end the call and is treated as a trusted caller from then on.
On the other hand, after the information of the party of the caller (for example, the public key of the party) is stored in the whitelist as described above, immediately before the conversation at the next conversation is started, .
1. Both parties send their identification information (e.g., public key) to each other at the beginning of the call. In the following description, a public key will be described as an example of the identification information. However, the identification information corresponding to the embodiment of the present invention is not limited to the public key. At this time, if the caller does not transmit the public key, it can be determined that the protocol is not supported and can be processed as a permanent gray list member. In such a case, the authentication procedure may be skipped and the authenticator may be notified.
2. On the other hand, if there is a party's public key, the authenticator examines it. If the caller's public key is present in a black list, the applicant is an untrusted caller. Thus, the authenticator can recognize this fact and refuse the call. If the public key of the talker does not exist in any list (i.e., it does not exist anywhere in the whitelist and the blacklist), the public key of the talker may be added to the gray list. At this time, the callers of the greylist are not authenticated, and the authenticator notifies that the caller is an untrusted person.
3. The authenticator sends it to the applicant using a public key to encrypt any questions (for example, a simple formula).
4. If the applicant is an untrusted party, the applicant does not have the true applicant's private key and will not understand the question sent by the authenticator. Otherwise, the applicant decrypts the question with his or her private key and sends the signed response to the authenticator.
5. The authenticator can verify the above-mentioned response by selectively using the previously stored personal information of the applicant.
6. If the answer is incorrect or unintelligible, the applicant is an unreliable caller. Thus, the authenticator can recognize this fact and reject the call by, for example, moving the applicant from the whitelist to the blacklist in a single operation. Otherwise, the applicant is normally authenticated and conversation can be started.
7. During a conversation, each device may exchange their whitelist and blacklist to update the caller record.
On the other hand, it is possible to randomly extract questions and perform authentication according to an embodiment of the present invention, so that a potential sniffer can not collect all possible encoded questions and related correct answers.
As described above, devices in which the caller authentication software is installed can exchange black lists and whitelists during a call. This information can be used not only to generate a list of new parties but also to record the party's trustworthiness. The data from the other party helps to determine whether one party should trust another party. Meanwhile, the following exemplary scenario may be applied according to the embodiment of the present invention.
1. The speaker C1 of the first device calls the speaker C2 of the second device
2. During the exchange of information, it is revealed that the untrusted party U (e.g., the party of the second device) has moved from his whitelist to the blacklist. The other common and trusted three callers were also moved.
3. The speaker C1 of the first device can recognize this fact. At this time, if the speaker C1 of the first device wants to delete the speaker U whose authenticity has not been confirmed before the conversation from the whitelist, You can ask.
By doing so, information about an untrusted cheater can be gradually spread over the network. This can prevent abuse when an untrusted party wishes to obtain the victim's private key.
As another example, the following exemplary scenario may be applied in accordance with an embodiment of the present invention.
1. Caller C calls a caller U that is not stored in a category (e.g., a classified list)
2. During a call or prior to a call, the caller C can confirm the determination of the trusted callers regarding the unstored caller (U).
3. If the unsaved caller U is trusted and most of the other trusted callers also trust him, the caller C may decide to add him to the whitelist. On the other hand, if other callers do not generally trust the unstored caller U, this will cause the caller C to be more cautious and suspicious about the caller U that is not stored, Quot ;. < / RTI >
Meanwhile, according to the embodiment of the present invention, the entire process of authentication, the categorization of callers, and the exchange of caller information can be performed seamlessly. All of these processes can be performed simultaneously by two devices (e.g., two callers trust each other) or by one of them and do not rely on a call initiator.
As mentioned above, the authentication process can be extended to other security levels based on biometric or other secret data verification. Preferably, the data is not available on the phone itself for security reasons. It is desirable that the data exist to provide the actual owner with the necessary information (e.g., a secret password or biometric scanner output), which can be particularly useful when the risk of phone stolen is large.
On the other hand, if the user wants to use more than one phone or wants to change his old phone to a new one, his identity along with all the lists can be extracted and used in another device.
In addition, if the caller identification information (e.g., public key) is lost or changed for any reason (lost / stolen / broken / formatted phone, identity theft), the user must dial the previous trusted numbers, We have to convince them to believe him again. You can use another public key at this time.
Meanwhile, according to an embodiment of the present invention, for the basic implementation of the present invention, the same key can be used to sign outgoing messages and decrypt received messages. Thus, under certain circumstances, a hostile party may be at risk of using an authentication dialogue to decrypt data previously encrypted by a victim. Therefore, if such a risk occurs, it is desirable to proceed with the following procedure.
1. The authentication protocol requires a question that corresponds to the actual answer.
2. Authentication Dialogue While the devices are not transmitting data encrypted with their public key, the attacker gets the data encrypted with the victim's public key and provides it as a question.
3. The victim signs the question with his / her private key in response and sends it to the attacker.
On the other hand, if the attacker does not own the original private key, the authentication fails. However, he can still decode the data. Therefore, the problem can be solved by the following method.
1. Generally, it is not desirable to create an authentication answer equivalent to a question. Therefore, the problem can be solved simply by forbidding such question-and-answer in the authentication dialogue.
2. Another way to solve the problem is to limit the applicant from providing encrypted data as an authentication challenge. This can be accomplished by introducing a specific question format and performing question identification.
3. You can use a different key for encryption and signing.
Meanwhile, the terms used in the present invention can be defined as follows.
- caller: a typical phone call participant
- initiator: the initiator of the call initiated the call
- receipient: the telephone call participant who received the call
- verifier: a person who performs authentication by marking another party as a trusted party
- Applicant: A person who is identified as a trusted person and who identifies himself / herself and requests authentication.
Caller record: a record indicating a single caller, the caller record including a public key, optional personal information required to perform the authentication, and optional caller information from other contacts (e.g., And the like).
- white list: list of trusted callers
- black list: list of untrusted callers
- gray list: list of known but not categorized callers
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.
First, a system and an apparatus according to an embodiment of the present invention will be described with reference to FIGS. 1 to 3, and a method according to an embodiment of the present invention will be described in detail with reference to FIGS.
1 is a diagram illustrating a telephone call participant authentication system according to an embodiment of the present invention. Referring to FIG. 1, the
Meanwhile, according to the embodiment of the present invention, a
The
Therefore, when the
2 is a block diagram illustrating a detailed configuration of each communication apparatus according to an embodiment of the present invention. Referring to FIG. 2, an apparatus according to an embodiment of the present invention basically includes components capable of providing a call function, and further includes configurations capable of authenticating a caller according to an embodiment of the present invention .
The
The
The
The
In addition, when the
The
The
3 is a block diagram illustrating a detailed configuration of a telephone call participant authentication apparatus according to an embodiment of the present invention. 3, when the
First, when a call is made from the
That is, according to the embodiment of the present invention, the
Meanwhile, the
The
In the meantime, the respective components of the apparatus are separately shown in the drawings to show that they can be functionally and logically separated, and do not necessarily mean physically separate components or separate codes.
In this specification, each functional unit (or module) may mean a functional and structural combination of hardware for carrying out the technical idea of the present invention and software for driving the hardware. For example, each functional unit may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and may be a code physically connected to the functional unit, But can be easily deduced to the average expert in the field of the invention.
Hereinafter, a telephone call participant authentication procedure according to various embodiments of the present invention will be described in detail with reference to FIGS.
4 is a signal flow diagram illustrating an authentication procedure for a telephone call participant between devices in accordance with an embodiment of the present invention. Referring to FIG. 4, when a call request (S401) is transmitted from the
The
The
Figures 5A-5C are flow diagrams illustrating a procedure for granting and authenticating parties in a device in accordance with an embodiment of the present invention.
Referring to FIG. 5A, when a telephone call between the devices is started (S501), it is checked whether the devices support the protocol for caller authentication according to the embodiment of the present invention (S502). If it is determined that at least one device does not support the protocol, a standard conversation S503 is performed.
On the other hand, if both devices support the protocol, exchange public keys with each other (S504). At this time, if the exchanged public key exists in the whitelist (S505), the authentication procedure is performed according to the method described above with reference to FIG. 4 by using the public key. That is, the query data selected at random using the speaker's public key is encrypted (S506), and then transmitted to the partner device. On the other hand, if the callee holds the private key (S507), the authentication process proceeds according to the step A of FIG. 5B.
Referring to FIG. 5B, the encrypted query data is decrypted through the private key held by the user (S512), and the answer data corresponding to the decrypted query data is again encrypted with the private key (S513). At this time, if additional security matters are not needed, proceed to step E of FIG. 5C. On the other hand, if additional security concerns are required, the randomly selected question data for the private data is encrypted (S515) using the public key of the caller. At this time, if the callee does not hold the private key, the process proceeds to step B of FIG. 5C. If the callee has the private key, it is confirmed whether the callee knows the answer (S517). If the caller does not know the answer, the process proceeds to step F of FIG. 5C. If the caller knows the answer, the process proceeds to step E of FIG. 5C.
On the other hand, if the callee does not hold the private key in step S507 of FIG. 5A, the process proceeds to step B of FIG. 5C.
Referring to FIG. 5C, if the caller does not have a private key, the caller can not provide a correct answer (S518). Accordingly, the corresponding caller is recorded in the black list (S519), and a user warning (S520) is performed. Accordingly, the calling party recognizes that the calling party is an untrusted user. If the user does not accept the conversation and rejects the conversation (S521), the conversation ends (S522).
On the other hand, if the user accepts the conversation (S521) despite the user warning, the conversation with the unreliable user (S523) proceeds. At this time, when the user is trusted again during the call with the user (S524), the caller is moved to the whitelist and the additional information is exchanged (S525). Accordingly, a reliable call (S526) with the corresponding party proceeds thereafter.
At this time, if it is determined not to trust the communication partner again in the communication with the user (S527), the corresponding caller is recorded in the black list (S528), and the process may proceed to the step D again or the communication may be terminated .
Returning to step S505 of FIG. 5A, if the public key does not exist in the whitelist and exists in the gray list (S508), the unreliable call is in progress (S509) because the caller is an untrusted party, Step C of FIG.
On the other hand, if the public key is present in the black list (S510), the process can proceed to step D of FIG. 5C. Finally, when the public key does not exist in any list, the public key is added to the gray list (S511), and the unreliable communication (S509) with the corresponding calling party can be performed.
FIG. 6 is a flow diagram illustrating a caller information exchange procedure during a trusted telephone call in accordance with an embodiment of the present invention. Referring to FIG. 6, first, the information of the callers is obtained from the caller (S601). At this time, the information of the callers can be provided from the information stored in the device of the caller. That is, the information stored in the storage unit of the calling party, and stores the information in its own storage unit.
If it is determined that the caller is a common trusted caller who has been transferred to the black list (S602), the user can be notified of a suspicious caller (S603) . At this time, if the user ignores the notification (S604), the conversation may be resumed (S606). On the other hand, if the notification is not ignored, the suspicious caller is moved to the black list or the gray list (S605), and the conversation may be resumed (S606).
Meanwhile, if the corresponding party is a new trusted party (S607), or if the party is a whitelist, the user can be notified of a trusted call (S608). At this time, if the user ignores the notification (S609), the conversation may be resumed (S606). On the other hand, if the notification is not ignored, the reliable caller may be added to the whitelist or moved to the whitelist (S610), and the conversation may be resumed (S606).
7A and 7B are flowcharts illustrating a party categorization procedure based on information provided by other trusted parties according to an embodiment of the present invention. Referring to FIG. 7A, if the caller exists in the whitelist (S701), it is determined whether another trusted party trusts the corresponding party (S702). As a result of the confirmation, if another trusted party trusts the corresponding party, the call may be continued (S709).
On the other hand, if it is determined in step S704 that the other trusted party does not trust the caller, the call is notified to the user (S703). On the other hand, if the warning is not ignored, the caller can be moved to a black list or a gray list (S705). Then, if the call is rejected (S706), the call ends (S707), and if the call is not rejected, the call continues (S709).
On the other hand, in step S701, the speaker does not exist in the whitelist, but if the speaker is present in the gray list (S708), the process proceeds to step A of FIG. 7B. However, if the caller does not exist in the gray list, the call can be continued (S709).
Referring to FIG. 7B, if the caller exists in the gray list in step S708 of FIG. 7A, the process proceeds to step A to determine whether another trusted party trusts the corresponding party (S710). If it is determined that the caller is not trusted, the call is continued (S711).
On the other hand, if it is determined as a result of the determination in step S712 that the corresponding party is trusted, the user is notified in step S712. At this time, if the user disregards this (S713), the call can be continued. On the other hand, if the warning is not ignored, the caller is moved to the whitelist (S714), and conversation (S715) can be continued as a reliable conversation.
Meanwhile, the telephone call participant authentication method according to an exemplary embodiment of the present invention may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Includes hardware devices that are specially configured to store and execute program instructions such as magneto-optical media and ROM, RAM, flash memory, embedded multimedia cards (eMMC), and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
As described above, the present invention has been described with reference to particular embodiments, such as specific elements, and specific embodiments and drawings. However, it should be understood that the present invention is not limited to the above- And various modifications and changes may be made thereto by those skilled in the art to which the present invention pertains.
Accordingly, the spirit of the present invention should not be construed as being limited to the embodiments described, and all of the equivalents or equivalents of the claims, as well as the following claims, belong to the scope of the present invention .
110:
112, 122:
120: second device 210: audio processor
220: input unit 230: display unit
240: control unit 250: communication processing unit
260: storage unit 261: public key information
262: Private key information 263: Authentication program information
264: caller record information 265: caller classification information
265a:
265c: gray list 311: query receiver
312: query decryption unit 313:
314: Answer transmission unit 321: Call status confirmation unit
322: Query generation unit 323: Query encryption unit
324: query transmission unit 325:
326: Answers decryption unit 327:
Claims (26)
When a call is requested from a device of the other party and the status of the call request is confirmed from the communication processing unit, preset query data is transmitted to the device of the other party, and answer data corresponding to the inquiry data is received And a control unit for processing from the received answer data to verify whether the other party is a trusted party.
And a storage unit for storing identification information for at least one party,
Wherein,
And the inquiry data is encrypted with the identification information of the other party.
And a public key for the caller.
Wherein the data is encrypted with a private key for the other party.
Wherein when a call is requested from the device of the other party and the status of the call request is confirmed from the communication processing unit, the device of the other party exchanges the identification information with the device of the other party before performing the authentication on the other party.
Wherein the caller identification information includes caller classifying information that classifies the callers according to whether the caller is trusted or not.
At least one of gray list information including white list information including information on a trusted party, black list information including information on an untrusted party, and information on a party that can not be trusted Wherein the list information includes one list information.
Wherein the communication party identification information is updated by receiving the party classification information of the other party.
And the data is arbitrarily selected from a plurality of pre-stored query data.
And adds, from the received answer data, the caller to the whitelist if the caller is a trusted caller.
And adds, from the received answer data, the caller to the blacklist if the other party is an untrusted party.
And adds the relative party to the gray list information when the identification information of the other party is not included in any of the white list information, the black list information, and the gray list information.
Wherein when the call is requested from the first device, preset query data is encrypted with the public key of the first device conversation and transmitted to the first device, the encrypted response data is received from the first device, And a second device for decrypting the data with a public key of the first device party to authenticate whether the first device party is a trusted party.
Transmitting preset query data to the device of the other party when the state of the call request is confirmed;
Receiving response data corresponding to the inquiry data from the apparatus of the other party;
And authenticating whether the relative party is a trusted party from the received answer data.
Further comprising the step of storing identification information for at least one party,
And encrypting the query data with the identification information of the other party.
And a public key for the caller.
Further comprising the step of decrypting the answer data with a public key of the other party.
Further comprising the step of exchanging identification information with the device of the other party before performing the authentication on the other party.
Further comprising the step of storing the caller classification information in which the callers are classified according to the reliability of the caller.
At least one of gray list information including white list information including information on a trusted party, black list information including information on an untrusted party, and information on a party that can not be trusted Wherein the list information includes one list information.
Wherein the caller identification information is updated by receiving caller classification information of the other party.
And the data is arbitrarily selected from a plurality of previously stored query data.
Further comprising the step of adding, from the received answer data, the caller to the whitelist if the caller is a trusted caller.
Further comprising the step of adding, from the received answer data, the caller to the blacklist if the caller is an untrusted caller.
Further comprising the step of adding the relative party to the gray list information when the identification information of the other party is not included in any of the list information of the white list information, the black list information, and the gray list information. How to authenticate call participants.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130034731A KR20140118568A (en) | 2013-03-29 | 2013-03-29 | System, apparatus, method and computer readable recording medium for phone call participant authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130034731A KR20140118568A (en) | 2013-03-29 | 2013-03-29 | System, apparatus, method and computer readable recording medium for phone call participant authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20140118568A true KR20140118568A (en) | 2014-10-08 |
Family
ID=51991389
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020130034731A KR20140118568A (en) | 2013-03-29 | 2013-03-29 | System, apparatus, method and computer readable recording medium for phone call participant authentication |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20140118568A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102445251B1 (en) * | 2021-09-07 | 2022-09-20 | 주식회사 흥지연 | Method for detecting illegal goods and sellers and apparatus and system therefor |
-
2013
- 2013-03-29 KR KR1020130034731A patent/KR20140118568A/en not_active Application Discontinuation
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102445251B1 (en) * | 2021-09-07 | 2022-09-20 | 주식회사 흥지연 | Method for detecting illegal goods and sellers and apparatus and system therefor |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10958645B2 (en) | Ad hoc one-time pairing of remote devices using online audio fingerprinting | |
US9444816B2 (en) | Continuous voice authentication for a mobile device | |
US10074374B2 (en) | Ad hoc one-time pairing of remote devices using online audio fingerprinting | |
KR101658501B1 (en) | Digital signature service system based on hash function and method thereof | |
US8099761B2 (en) | Protocol for device to station association | |
US7552322B2 (en) | Using a portable security token to facilitate public key certification for devices in a network | |
JP5968367B2 (en) | Confirming the authenticity of voice mail participants in the telephone network | |
US9313031B2 (en) | Telephone caller authentication | |
CN104852911B (en) | Safe verification method, apparatus and system | |
JP2002026899A (en) | Verification system for ad hoc wireless communication | |
CA2813855A1 (en) | Methods and systems for conducting smart card transactions | |
US20070211867A1 (en) | Method and apparatus for token distribution in session for future polling or subscription | |
CN105577619B (en) | Client login method, client and system | |
JP2009075688A (en) | Program and method for managing information related with location of mobile device and cryptographic key for file | |
CN112020716A (en) | Remote biometric identification | |
CN108696361A (en) | Configuration method, generation method and the device of smart card | |
KR20100029102A (en) | Identity assertion | |
KR20140118568A (en) | System, apparatus, method and computer readable recording medium for phone call participant authentication | |
US11323263B2 (en) | Sharing of secret information for accessing a wireless computing network | |
CN109257177B (en) | Key generation method, system, mobile terminal, server and storage medium | |
WO2016030832A1 (en) | Method and system for mobile data and communication security | |
JP2008177928A (en) | Communication system and sender information display method | |
KR101587156B1 (en) | Message processing apparatus and user terminal capable of deferentiating between normal message and abnormal message and method thereof | |
CN113595740A (en) | Data transmission method and device, electronic equipment and storage medium | |
CN108985039A (en) | Identity identifying method, device, terminal device and server-side |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WITN | Withdrawal due to no request for examination |