KR20150081387A - Certification System and Method For User - Google Patents

Certification System and Method For User Download PDF

Info

Publication number
KR20150081387A
KR20150081387A KR1020140000673A KR20140000673A KR20150081387A KR 20150081387 A KR20150081387 A KR 20150081387A KR 1020140000673 A KR1020140000673 A KR 1020140000673A KR 20140000673 A KR20140000673 A KR 20140000673A KR 20150081387 A KR20150081387 A KR 20150081387A
Authority
KR
South Korea
Prior art keywords
portable terminal
authentication
application
electronic key
identifier
Prior art date
Application number
KR1020140000673A
Other languages
Korean (ko)
Inventor
정상욱
이우규
Original Assignee
(주)시솔
정상욱
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)시솔, 정상욱 filed Critical (주)시솔
Priority to KR1020140000673A priority Critical patent/KR20150081387A/en
Publication of KR20150081387A publication Critical patent/KR20150081387A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention discloses a system and method for performing authentication only for a registered user.
For example, a portable terminal that is assigned a unique identifier; An authentication device for communicating with the portable terminal and requesting the electronic key from the portable terminal; And a server for receiving the request for the electronic key from the portable terminal and for generating the electronic key and transmitting the generated electronic key to the portable terminal when the identifier is a registered user identity by checking the identifier, A user authentication system for transmitting to a device and performing an authentication procedure is disclosed.

Description

[0001] The present invention relates to a user authentication system and method,

The present invention relates to a system and method for performing authentication only for registered users.

As society develops, security plays an important role. This also requires limiting access to or access to the system for authorized users who are registered.

For this function, user authentication is required, and it is an essential requirement to prevent the problem that the authentication is falsified or stolen at the time of authentication.

For this purpose, a method of issuing an existing ID card or using a biosignal has been developed. However, the ID card is vulnerable to theft, and in the case of using a biosignal, there is a side effect in that it stores and utilizes the information of an individual.

The present invention provides a system and method for performing authentication only for registered users.

A user authentication system according to the present invention includes a portable terminal to which a unique identifier is assigned; An authentication device for communicating with the portable terminal and requesting the electronic key from the portable terminal; And a server for receiving the request for the electronic key from the portable terminal and for generating the electronic key and transmitting the generated electronic key to the portable terminal when the identifier is a registered user identity by checking the identifier, It is possible to transmit authentication information to the device and perform an authentication procedure.

Here, the authentication device may store an identifier of the portable terminal in advance, and may request an electronic key to the portable terminal when the portable terminal has a stored identifier.

An application for requesting an electronic key to the server is installed in advance in the portable terminal, or the application can be transferred and installed from the server to the portable terminal under the control of the authentication device.

In addition, the authentication device may store an identifier of the portable terminal in advance, and may perform an electronic key request by executing the application when the portable terminal has a stored identifier.

In addition, if the application is not installed in the portable terminal, the authentication device may request an application installation to the portable terminal, and may request the electronic key by driving the application after completing application installation.

When the application installed in the mobile terminal is disclosed to the outside, the authentication device requests authentication and activation of the application through the server to the mobile terminal, and activates the application after the application authentication and activation, You can request an electronic key.

Also, the portable terminal and the authentication apparatus can perform NFC (near field communication) communication.

In addition, the portable terminal and the server can perform communication through at least one method selected from a mobile communication network, WiFi, and Bluetooth.

In addition, the identifier of the portable terminal may be at least one selected from an NFC (Near Field Communication) ID, IMEI, and ICCID.

According to another aspect of the present invention, there is provided a method of authenticating a user, the method comprising: transmitting a unique identifier to an authentication device to attempt authentication; Requesting an electronic key from the authentication device to the portable terminal; The portable terminal performing the identifier and electronic key request to the server; Determining whether the server is an identifier of a registered user by checking the identifier, and authenticating the server; Generating an electronic key and transmitting the generated electronic key to the portable terminal when the portable terminal is an identifier of the registered user; And transmitting the electronic key received by the portable terminal to the authentication device.

Here, the step of requesting the electronic key may be performed by driving the application installed in the portable terminal.

If the application is not installed in the portable terminal, the portable terminal can transmit the identifier and application installation request to the server.

In addition, when the identifier is an identifier of a registered user, the server may transmit the application to the portable terminal, and may be installed in the portable terminal.

When the application installed in the portable terminal is disclosed to the outside, the authentication device performs an application authentication and activation request to the portable terminal, and the portable terminal transmits the identifier and the application authentication request to the server .

In addition, if the identifier is an identifier of a registered user, the server can perform authentication and activation of the application.

The apparatus and method for authenticating a user according to the present invention perform a primary authentication by allowing an authentication device to identify an NFC ID through a mobile terminal, perform a secondary authentication when requesting an electronic key to a server through an application of the mobile terminal, The terminal performs the tertiary authentication by transmitting the electronic key to the authentication device, and performs authentication of various stages to the user of the wireless terminal, thereby securing the stability and reliability of the authentication system.

1 is a configuration diagram of a user authentication system according to an embodiment of the present invention.
2 is a flowchart illustrating an operation of an authentication apparatus in a user authentication system according to an embodiment of the present invention.
3 is a flowchart illustrating an operation of a mobile terminal in a user authentication system according to an exemplary embodiment of the present invention.
4 is a flowchart illustrating an operation of a server in a user authentication system according to an embodiment of the present invention.
5 is a signal flow diagram illustrating the overall operation of the user authentication system according to an embodiment of the present invention.
6 is a signal flow diagram illustrating the overall operation of the user authentication system according to another embodiment of the present invention.
7 is a signal flow diagram illustrating the overall operation of the user authentication system according to another embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.

1 is a configuration diagram of a user authentication system according to an embodiment of the present invention.

Referring to FIG. 1, a user authentication system 1 according to an embodiment of the present invention includes a configuration of an authentication device 10, a mobile terminal 20, and a server 30.

The authentication device 10 may be provided at a door or the like, and is configured to perform non-contact communication with the portable terminal 20. To this end, the authentication device 10 includes an NFC chip therein to implement a near field communication (NFC) function. The authentication device 10 stores the NFC ID information or the identifier unique to the portable terminal to the portable terminal 20. Meanwhile, the identifier of the portable terminal may be at least one selected from a near field communication (NFC) ID, an IMEI, and an ICCID. However, for convenience, an operation of performing authentication through an NFC ID will be described hereinafter.

Therefore, when the authentication device 10 determines the user's ID as a user having a legitimate authority, the authentication device 10 can recognize the user's information at the time of the authentication request of the mobile terminal 20, Authentication is performed only after receiving the electronic key input through the authentication key. Accordingly, the authentication device 10 can determine whether the user of the mobile terminal 20 is a registered user through the NFC function, and perform authentication only for the registered users.

The portable terminal 20 is provided to be carried by a user and performs contactless communication with the authentication device 10 when the user needs to be authenticated. The portable terminal 20 may be implemented through a device such as a smart phone, and may be implemented as an independent device as needed. The portable terminal 20 is assigned a unique NFC ID, and an application for requesting and receiving an electronic key from the server 30 is installed therein.

The portable terminal 20 accesses the authentication device 10 to perform an authentication request by transmitting an NFC ID to the authentication device 10 through the NFC function, An application installed inside the terminal 20 is executed. The portable terminal 20 accesses the server 30 as a result of execution of the application and receives the electronic key from the server 30 and transmits the electronic key to the authentication device 10, . Accordingly, since the user of the mobile terminal 20 is authenticated in association with the authentication device 10 and the server 30, a more reliable authentication system can be realized.

The server 30 communicates with the portable terminal 20 through a wireless communication method such as a mobile communication network, a WiFi, and a bluetooth. The server 30 stores the NFC ID of the mobile terminal 20. Accordingly, when an electronic key request is received from the portable terminal 20, the server 30 checks the NFC ID of the portable terminal 20 and generates an electronic key only when the ID is an authorized user ID . In addition, the server 30 may transmit the electronic key to the portable terminal 20 so that the authentication can be performed through the authentication device 10.

Hereinafter, operations of the user authentication system according to an embodiment of the present invention will be described in detail for each configuration.

2 is a flowchart illustrating an operation of an authentication apparatus in a user authentication system according to an embodiment of the present invention.

Referring to FIG. 2, when the authentication device 10 receives an authentication request from the portable terminal 20 (S11), the authentication device 10 performs a primary authentication through the NFC ID of the portable terminal 20 (S12).

If the NFC ID of the portable terminal 20 is a user having a legitimate authority, the authentication apparatus 10 drives an application in the portable terminal 20 and transmits an electronic Key is requested (S13).

When the authentication device 10 receives the electronic key from the portable terminal 20 in step S14 and finally authenticates the portable terminal 20 in step S15, As shown in FIG.

3 is a flowchart illustrating an operation of a mobile terminal in a user authentication system according to an exemplary embodiment of the present invention.

Referring to FIG. 3, the portable terminal 20 accesses the authentication device 10 to transmit an NFC ID (S21), and receives the primary authentication from the authentication device 10 (S22).

The portable terminal 20 executes the internal application under the control of the authentication device 10 at step S23 and transmits the NFC ID and the electronic key request to the server 30 at step S24.

After the mobile terminal 20 receives the electronic key from the server 30 (S25) after the secondary authentication for the NFC ID from the server 30, the mobile terminal 20 authenticates the received electronic key To the device 10 (S26), and receives the third authentication according to the electronic key from the authentication device 10 (S27).

Therefore, since the portable terminal 20 can be authenticated to the authentication device 10 only after having been authenticated three times in total, it is possible to implement a secure system.

4 is a flowchart illustrating an operation of a server in a user authentication system according to an embodiment of the present invention.

Referring to FIG. 4, if an electronic key request is received from the portable terminal 20 (S31), the server 30 performs authentication through the NFC ID of the portable terminal 20 (S32).

When the portable terminal 20 is determined to be a device of a user having a valid authority, the server 30 generates an electronic key (S33) and transmits the electronic key to the portable terminal 20 (S34 ) So that the authentication procedure described later can be performed.

5 is a signal flow diagram illustrating the overall operation of the user authentication system according to an embodiment of the present invention.

Referring to FIG. 5, the portable terminal 20 transmits an NFC ID to the authentication device 10 through an NFC function, and an authentication procedure is started.

The authentication device 10 confirms the NFC ID and applies an application execution signal to the portable terminal 20 in the case of an ID of a user having a registered authorized member (primary authentication) Request a key.

The portable terminal 20 transmits an NFC ID and requests an electronic key to the server 30 by an application being driven.

Then, the server 30 re-authenticates the NFC ID (secondary authentication), and generates an electronic key and transmits it to the portable terminal 20 when the ID is the ID of the user having the registered party authority.

Finally, the portable terminal 20 transmits the received electronic key to the authentication device 10, and the authentication device 10 performs final authentication on the portable terminal 20 and the user through the electronic key (Tertiary certification).

Therefore, since three authentication is performed for one portable terminal 20, stability and reliability can be ensured in the authentication system.

Hereinafter, a user authentication system according to another embodiment of the present invention will be described.

6 is a signal flow diagram illustrating the overall operation of the user authentication system according to another embodiment of the present invention. 6 is different from the above-described embodiment, but the configuration of the authentication apparatus, the portable terminal and the server constituting the system are the same, and the description will be made with reference to FIG. 1 together.

When the application is not installed in the portable terminal 20 in advance, when the portable terminal 20 attempts authentication with the authentication device 10 by way of transmitting the NFC ID or the like, And requests the terminal 20 to install the application. However, the NFC ID does not have to be registered in advance in the authentication apparatus 10.

The mobile terminal 20 accesses the server 30 and requests the server 30 to install the NFC ID and the application again. After the primary authentication through the NFC ID, And transmits the application to the mobile terminal (20).

The portable terminal 20 receives the application and completes the installation, and transmits an application installation confirmation signal to the authentication device 10 again.

The authentication device 10 confirms this, executes an application in the portable terminal 20, and performs an electronic key request.

The portable terminal 20 performs an electronic key request to the server 30 as a result of the application execution and the server 30 generates an electronic key and transmits the electronic key to the portable terminal 20.

The portable terminal 20 transmits the received electronic key to the authentication device 10 again, and the authentication device 10 performs secondary authentication through the electronic key, thereby completing the final authentication process.

Accordingly, when the application is not installed in the portable terminal 20, or when a one-time connection is performed, the user authentication system according to another embodiment of the present invention can be used. In addition, since the NFC ID of the mobile terminal 20 does not need to be registered in advance in the authentication device 10, the system implementation can be simplified.

Hereinafter, a configuration of a user authentication system according to another embodiment of the present invention will be described.

7 is a signal flow diagram illustrating the overall operation of the user authentication system according to another embodiment of the present invention. Although some operations of FIG. 7 are different from those of the above-described embodiment, the configuration of the authentication apparatus, the portable terminal, and the server constituting the system are the same, and therefore, the description will be made with reference to FIG.

If the application installed inside the portable terminal 20 is an application in a public form to anybody and the portable terminal 20 attempts authentication to the authentication device 10 by way of transmitting an NFC ID or the like, (10) requests application authentication and activation to the portable terminal (20). That is, the NFC ID of the mobile terminal 20 need not necessarily be registered in advance in the authentication device 10.

The mobile terminal 20 accesses the server 30 and performs an NFC ID, an application authentication and an activation request to the server 30 again, and the server 30 again transmits the NFC ID, , And transmits an authentication and activation signal for the application to the mobile terminal (20).

Accordingly, the portable terminal 20 activates the application and transmits an application authentication confirmation signal to the authentication device 10 again.

The authentication device 10 confirms this, executes an application in the portable terminal 20, and performs an electronic key request.

The portable terminal 20 performs an electronic key request to the server 30 as a result of the application execution. After the secondary authentication through the NFC ID authentication, the server 30 generates an electronic key, To the terminal (20).

The portable terminal 20 transmits the received electronic key to the authentication device 10 again, and the authentication device 10 performs the third authentication through the electronic key, thereby finalizing the final authentication process.

Accordingly, by setting the application installed in the portable terminal 20 to be open to any one, a large number of users can be registered without inconvenience. In addition, when the application of the portable terminal 20 is activated and authenticated by the server 30 at the time of the actual authentication request, stability and reliability of the authentication system can be ensured.

As described above, the present invention is not limited to the above-described embodiment, but can be applied to a system and method for authenticating a user according to the present invention. It will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention.

One; A user authentication system 10; Authentication device
20; A portable terminal 30; server

Claims (15)

A portable terminal to which a unique identifier is assigned;
An authentication device for communicating with the portable terminal and requesting the electronic key from the portable terminal; And
And a server for generating an electronic key and transmitting the generated electronic key to the portable terminal when the electronic key is requested by the portable terminal,
Wherein the portable terminal transmits the electronic key to the authentication device to perform an authentication procedure. The method according to claim 1,
Wherein the authentication device stores an identifier of the portable terminal in advance and requests an electronic key to the portable terminal when the portable terminal has a stored identifier. The method according to claim 1,
Wherein an application for requesting an electronic key to the server is installed in advance in the portable terminal or the application is transmitted and installed from the server to the portable terminal under the control of the authentication device. The method of claim 3,
Wherein the authentication device stores the identifier of the portable terminal in advance, and when the portable terminal has the stored identifier, executes the application to request the electronic key. The method of claim 3,
Wherein the authentication device performs an application installation request to the portable terminal when the application is not installed in the portable terminal, and requests the electronic key by driving the application after completing the installation of the application. The method of claim 3,
Wherein the authentication device requests authentication and activation of the application via the server to the portable terminal when the application installed in the portable terminal is disclosed to the outside and activates the application after the authentication and activation of the application, The user authentication system. The method according to claim 1,
Wherein the portable terminal and the authentication device perform near field communication (NFC) communication. The method according to claim 1,
Wherein the portable terminal and the server perform communication through at least one method selected from a mobile communication network, WiFi, and Bluetooth. The method according to claim 1,
Wherein the identifier of the portable terminal is at least one selected from an NFC (Near Field Communication) ID, IMEI, and ICCID. The mobile terminal transmits an identifier unique to the authentication device to attempt authentication;
Requesting an electronic key from the authentication device to the portable terminal;
The portable terminal performing the identifier and electronic key request to the server;
Determining whether the server is an identifier of a registered user by checking the identifier, and authenticating the server;
Generating an electronic key and transmitting the generated electronic key to the portable terminal when the portable terminal is an identifier of the registered user; And
And transmitting the electronic key received by the portable terminal to the authentication device. 11. The method of claim 10,
Wherein the step of requesting the electronic key is performed by the authentication device driving an application installed in the mobile terminal. 12. The method of claim 11,
Wherein the portable terminal transmits the identifier and the application installation request to the server when the application is not installed in the portable terminal in advance. 13. The method of claim 12,
Wherein the server transmits the application to the portable terminal and installs the application in the portable terminal when the identifier is an identifier of the registered user. 12. The method of claim 11,
If the application installed in the portable terminal is disclosed to the outside, the authentication device performs an application authentication and activation request to the portable terminal, and the portable terminal sends a request to the server Authentication method. 15. The method of claim 14,
Wherein the server performs authentication and activation of the application when the identifier is an identifier of a registered user.
KR1020140000673A 2014-01-03 2014-01-03 Certification System and Method For User KR20150081387A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020140000673A KR20150081387A (en) 2014-01-03 2014-01-03 Certification System and Method For User

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020140000673A KR20150081387A (en) 2014-01-03 2014-01-03 Certification System and Method For User

Related Child Applications (1)

Application Number Title Priority Date Filing Date
KR1020150145867A Division KR102090818B1 (en) 2015-10-20 2015-10-20 Certification Method For User

Publications (1)

Publication Number Publication Date
KR20150081387A true KR20150081387A (en) 2015-07-14

Family

ID=53793128

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020140000673A KR20150081387A (en) 2014-01-03 2014-01-03 Certification System and Method For User

Country Status (1)

Country Link
KR (1) KR20150081387A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101603201B1 (en) 2015-09-18 2016-03-15 민운기 Image key certification method and system using color histogram and texture information of image
KR20200082241A (en) * 2018-12-28 2020-07-08 주식회사 엘에스에이치 Door opening and closing system of the entrance of the facilities and opening and closing method
KR102249034B1 (en) * 2020-01-28 2021-05-07 휴먼플러스(주) Door Lock System and Door Lock Control Method Using Speaker Recognition
KR20210142325A (en) * 2020-05-18 2021-11-25 한국전력공사 Apparatus for locking meter, Method for controlling operation of the same, and Computer readable storage medium having the same method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101603201B1 (en) 2015-09-18 2016-03-15 민운기 Image key certification method and system using color histogram and texture information of image
KR20200082241A (en) * 2018-12-28 2020-07-08 주식회사 엘에스에이치 Door opening and closing system of the entrance of the facilities and opening and closing method
KR102249034B1 (en) * 2020-01-28 2021-05-07 휴먼플러스(주) Door Lock System and Door Lock Control Method Using Speaker Recognition
KR20210142325A (en) * 2020-05-18 2021-11-25 한국전력공사 Apparatus for locking meter, Method for controlling operation of the same, and Computer readable storage medium having the same method

Similar Documents

Publication Publication Date Title
US11968525B2 (en) Vehicle digital key sharing service method and system
US9718440B2 (en) Electronic key device capable of wirelessly controlling lock system and transmitting control authentication of lock system, system therefor, and method therefor
US20170195322A1 (en) Entry and exit control method and apparatus, and user terminal and server for the same
CN111868726B (en) Electronic device and digital key supply method for electronic device
KR102626319B1 (en) Electronic device and method for storing digital key
WO2015122235A1 (en) Terminal device, authentication information management method, and authentication information management system
KR102553145B1 (en) A secure element for processing and authenticating a digital key and operation metho thereof
US10412084B2 (en) Information processing system, peripheral device, wireless communication chip, computer-readable non-transitory storage medium having application program stored therein, and information processing method
GB2573394A (en) Crypto SIM and method therefor
KR101617707B1 (en) Electronic key system with function for transffering control right for electronic lock system
KR20150081387A (en) Certification System and Method For User
CN112514323B (en) Electronic device for processing digital keys and method of operating the same
JP2018178461A (en) User authentication system and user authentication method
KR20150050280A (en) Authentication method using fingerprint information and certification number, user terminal and financial institution server
KR20150131436A (en) System and method for verifying certification of user, and nfc tag
JP2020170993A (en) Communication system and communication method
KR101628615B1 (en) Method for Providing Safety Electronic Signature by using Secure Operating System
US20140359703A1 (en) Method for securing an action that an actuating device must carry out at the request of a user
US10984080B2 (en) Method for authenticating a user and a secure module, associated electronic apparatus and system
KR102090818B1 (en) Certification Method For User
US11003744B2 (en) Method and system for securing bank account access
KR101375306B1 (en) Veghicle control apparatus and method thereof
KR20190121687A (en) Crypto sim and method therefor
KR101628614B1 (en) Method for Processing Electronic Signature by using Secure Operating System
KR20160037854A (en) System For Certification

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
A107 Divisional application of patent
E601 Decision to refuse application