KR20200009661A - Secure Driver Authentication and Vehicle Control System based on NFC Communication and Biometric Information - Google Patents

Abstract

The present invention relates to a system for driver authentication and vehicle control. Specifically, automobiles are widely used in daily lives as convenient transport infrastructure and proper authentication for a driver is important due to the feature that all operations of a vehicle are determined by the driver. Specifically, the introduction for a drunk start lock mounting system is actively discussed due to various accidents caused by drunk driving, and such drunk start lock mounting has disadvantages of taking a lot of time and costs. Proper user authentication for resolving user inconvenience in providing discount benefits for drivers who are disabled and of national merit is needed. To resolve the problems, the present invention provides a system for efficient vehicle control and driver authentication which prevents drunk driving and provides benefits for people with disabilities and of national merit by driver authentication based on bioinformation and NFC communication using a smartphone of a user.

Description

Secure Driver Authentication and Vehicle Control System based on NFC Communication and Biometric Information}

The description below relates to secure NFC communication and biometric information based driver authentication and vehicle control system.

Automobiles are used in everyday life as an infrastructure that transports users safely and comfortably to the desired location. However, due to the characteristics in which all movements of the vehicle are determined by the driver, proper certification is required for the motor vehicle driver. Due to the characteristics of such a car, the introduction of a drinking start lock system for eradicating this problem has been actively conducted since it may lead to a dangerous accident for both driver and pedestrian during drunk driving of the driver.

In addition, in accordance with the relevant laws on disabled persons, independence and national merit people in Korea, in the case of discounts on parking and tolls given to the subjects of the law, installation of additional exemption recognizers for driver authentication through fingerprint authentication and re-installation after 4 hours It has a structure that requires authentication and has problems such as recognizer installation cost and user inconvenience. In order to solve these problems, it is necessary to prevent social public waste of money through driver authentication considering driver convenience.

In order to compensate for this, there are existing fast IDentity Online (FIDO) authentication and NFC-based access start, but there is a high possibility of physical takeover and misuse, and there is a problem of owner-oriented key sharing. The present invention is to propose a vehicle control system through driver authentication based on NFC communication and biometrics to solve this problem.

This chapter examines drunk driving measurement and prevention research, user authentication and vehicle control research trend.

(2.1. Research trends related to drunk driving measurement and prevention) The present invention looks at research trends related to drunk driving measurement and prevention. In November 2016, the Korea Institute of Transportation Science presented the trend of drinking starter lock technology, the trend of the introduction of overseas starter lock device, and the application method and possibility of applying the related technology [1]. Currently, the detection method used for alcohol measurement can be largely divided into three, and the semiconductor method has the advantages of excellent responsiveness and low price, but has the disadvantage of large change in accuracy depending on external factors. In the case of, the precision is high, but the responsiveness has a disadvantage. Lastly, non-dispersive infrared type can make stable measurement for a long time, but it has a disadvantage in application to vehicle environment [1]. Overseas, as of July 2011, the European Parliament is required to implement mandatory locks for drunken start locks for all vehicles. In France, after 2010, Canada began with Alberta in 1990 and currently has 11 states and In the territories, the Draft Lock Program and a certain period of mandatory loading of drunken drivers are implemented. In the United States, 25 states have mandated starter locks for all drunken drivers as of 2016 [1]. (1) prevention of illegal use such as proxy start, (2) system security technology, (3) emergency drinking lock release technology, (4) prevention of illegal modification, (5) ) There were opinions on the application method of alcohol measurement technology and the possibility of introducing it in Korea, and it is recognized that the effect of reducing the recidivism rate of drunk driving through the actual drinking start lock device [1, 2]. In this regard, Samsung Electronics has filed a patent application for a built-in smartphone breathalyzer in the United States, and is planning to apply it to Samsung's smartphones in the future. Similarly, in 2012, the anti-drinking application for iPhone / iPad appeared based on the “field sobrity test” used by US police in 2012 [4].

(2.2. Research Trends Related to User Authentication and Vehicle Control) The present invention looks at the latest research trends related to user authentication and vehicle control. In relation to the user authentication technique, there are researches on user authentication techniques using smartphones and smart watches [5], and there are research results on security threats and protection techniques in the Android environment that are widely used in smartphones [6]. As such, researches on user authentication and security on smartphones and PCs have been actively conducted. Accordingly, the FIDO (Fast IDentity Online) protocol is frequently used for easy financial transactions on smartphones and PCs [7]. The FIDO protocol consists of a user authentication token, a public key registration process, and a user authentication process, which utilizes the user's biometric information and has the advantage of ease of use [7]. However, these FIDO protocols are focused on personal financial services, which makes them inconvenient to deal with and communicate with third parties. Next, from the viewpoint of security in the vehicle-to-vehicle communication-based V2X environment, the results of the research on the construction of security structure and vehicle PKI system centered on IEEE 1609.2 [8]. An entry and exit system was constructed [9]. The system enables user authentication and NFC-based vehicle entry and exit through the user's smartphone, has a web-based user registration and authentication structure, and enables third-party vehicle entry and exit based on the NFC card key. . However, in the system, physical security vulnerabilities such as theft and misuse of NFC card keys may occur, and it is difficult to authenticate users with NFC card keys, and vehicles such as preventing drunk driving and benefiting persons with disabilities / national merit Does not have application service connectivity in. There is a research result on the authentication method using multiple biometric information in FIDO environment [10]. In this paper, the main biometric information technology used in FIDO is the advantage of fingerprint recognition, which can be introduced at low cost and reliability. It has the advantage of high stability, but when the fingerprint recognition device is damp, human error rate increases and replication is possible.In case of iris recognition, it can be copied except when the iris is damaged. It has a statistically high accuracy and can be recognized even when wearing glasses. In the case of face recognition technology, two-dimensional information-based recognition technology has low accuracy but inexpensiveness, and three-dimensional image has high accuracy but high cost. Voice recognition technology has the advantage that it can not be duplicated, but it has the disadvantage that the voice feature extraction problem caused by the speech feature extraction device and the voice characteristics according to the user's health condition (due to cold or laryngitis) can be changed.

The present invention has the advantages and disadvantages in various biometric information recognition methods as a proposed technique for solving the above problems, and the driver through the user selection method based on the biometric authentication token list method for the various biometric information recognition methods. Provide registration / certification and vehicle control system.

The driver authentication and vehicle control system according to an embodiment includes a processor for performing NFC communication and biometric information based driver authentication using a user's smartphone, preventing drunk driving through driver authentication, and providing benefits for persons with disabilities and national merit. can do.

The driver registration / authentication and vehicle control system of the present invention has the advantages and disadvantages in various biometric information recognition schemes as a proposed technique for solving the above problems, and lists the biometric information authentication tokens for the various biometric information recognition schemes. A method based user selection method can be provided.

1 is a flowchart illustrating a procedure of a user registration process according to an exemplary embodiment.
2 is a flowchart illustrating a sequence of common parts of a user authentication process including a disabled / national merit certification process according to an embodiment.
3 is a flowchart illustrating a procedure for a later process including an authentication process for a surrogate driver when the authentication result is drunk driving, according to an exemplary embodiment.

Hereinafter, exemplary embodiments will be described in detail with reference to the accompanying drawings. However, various changes may be made to the embodiments so that the scope of the patent application is not limited or limited by these embodiments. It is to be understood that all changes, equivalents, and substitutes for the embodiments are included in the scope of rights.

The terminology used herein is for the purpose of description and should not be construed as limiting. Singular expressions include plural expressions unless the context clearly indicates otherwise. In this specification, terms such as "comprise" or "have" are intended to indicate that there is a feature, number, step, operation, component, part, or combination thereof described on the specification, and one or more other features. It is to be understood that the present invention does not exclude the possibility of the presence or the addition of numbers, steps, operations, components, components, or a combination thereof.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art. Terms such as those defined in the commonly used dictionaries should be construed as having meanings consistent with the meanings in the context of the related art, and shall not be construed in ideal or excessively formal meanings unless expressly defined in this application. Do not.

In addition, in the description with reference to the accompanying drawings, the same components will be given the same reference numerals regardless of the reference numerals and duplicate description thereof will be omitted. In the following description of the embodiment, if it is determined that the detailed description of the related known technology may unnecessarily obscure the gist of the embodiment, the detailed description thereof will be omitted.

1 is a flowchart illustrating a procedure of a user registration process according to an embodiment. (Fig. 1 User Registration of the Proposed Method)

This chapter introduces and evaluates the proposed techniques for solving problems in the latest research trends.

(3.1. Proposed Technique) The technique proposed in the present invention can be largely divided into (1) user registration process and (2) user authentication process. It can be divided into surrogate driver driving situation according to driving. In addition to the user registration and authentication process, a technique for preventing drunk driving is also proposed.

)를 요구한다. 인증기관의 인증토큰 목록과 공개키 요구를 받은 사용자 (운전자)는 자신의 스마트폰에서 처리가 가능한 인증 토큰을 선택하여, 해당되는 생체정보 기반 인식 및 인증을 통해, 자신의 개인키 (

)와 공개키 (

)를 생성한다. 이후, 사용자는 자신의 개인키를 기반으로 자신의 공개키, 사용한 인증토큰정보, 운전자 유형 (차량 주인, 대리기사 등의 운전자 유형을 의미), 장애인/국가유공자관련정보 (장애인/국가유공자인 경우, 관련 정보를 포함, 아닌 경우에는 NULL로 표기)를 연결한 데이터에 대한 전자 서명한 결과와 자신의 공개키를 인증기관 (CA)에 전달한다. 인증기관 (CA)은 사용자로부터 사용자의 공개키 정보와 사용자의 개인키로 전자 서명된 데이터에 대한 검증 이후, 해당 사용자의 정보를 등록한다. 이후, 사용자의 공개키 정보와 사용자의 개인키로 전자 서명된 데이터의 연결된 정보에 대해 인증기관의 개인키 (

)로 전자 서명한 데이터와 인증기관의 공개키 정보 (

)를 사용자에게 전달함으로써 사용자 등록과정이 끝나게 되며, 그림 1은 사용자 등록과정의 순서를 나타낸다.(3.1.1. User Registration Process) The user registration process of the technique to be proposed in the present invention is performed through communication between a smartphone of the user to be registered and a certification authority (CA) used in the proposed technique. First, for the registration of the user, the user sends a driver registration request to the CA. After that, the certification authority delivers a list of authentication tokens (a list of biometric authentication tokens such as fingerprints, facial recognition, and iris recognition) that the user can process, and at the same time, the public key

). The user (driver) who receives the list of the authentication tokens of the certification authority and the request for the public key selects an authentication token that can be processed on his smartphone and, through the biometric information recognition and authentication,

) And public key (

) After that, the user based on his private key, his public key, used authentication token information, driver type (means driver type such as vehicle owner, agent, etc.), and information on persons with disabilities / national merit (disabled person / national merit). It sends the publicly signed result of its associated data and its public key to the Certificate Authority (CA). The certification authority (CA) registers the user's information after verifying the user's public key information and data digitally signed with the user's private key. Then, the private key of the certification authority for the linked information of the user's public key information and the data digitally signed with the user's private key (

Data signed digitally and public key information (

The user registration process is completed by sending) to the user. Figure 1 shows the sequence of user registration process.

)로 암호화하여 자신의 공개키 정보와 함께 인증기관 (CA)에게 운전자의 공개키 인증서를 요청한다. 운전자의 공개키 인증서 요청을 받은 인증기관은 사용자의 공개키 정보를 통해, 해당 운전자의 공개키 인증서와 인증기관의 공개키를 차량의 운전자 인증을 위한 ECU에 전달한다. 이후, 차량의 운전자 인증을 위한 ECU는 인증기관으로부터 전달받은 운전자의 공개키 인증서를 기반으로 관련 정보의 인증과정을 거친 후, 인증 결과를 운전자에게 전송한다. 이때, 인증 결과는 (1) 인증 완료||시동 가능, (2) 인증 완료||시동 불가능(음주운전의 경우), (3) 인증실패로 크게 3가지로 나눌 수 있다. 인증 결과가 (2) 에 해당하면 인증을 요청한 사용자의 음주운전 시도에 해당하며, 음주 운전을 막고자 추후 과정이 필요하며, 관련 과정에 대해서는 3.1.3.절에서 설명한다.(3.1.2.User Authentication Process (Common)) The previous 3.1.1. Showed the user registration process of the proposed technique. In the present invention, after the user registration process, the common part of the user authentication process, including the disabled / national merit certification process will be described. The process consists of NFC-based communication between the user to authenticate, the ECU for the driver authentication of the vehicle to be used, and the communication between the ECU and the certification authority for driver authentication of the vehicle. For authentication of the user, the user first attempts a driver authentication request (including the driver's public key information) to the ECU for driver authentication of the vehicle to be used. The ECU for driver authentication of a vehicle that receives a driver authentication request from a user encrypts and transmits a list of Nonce and authentication tokens using the driver's public key. After that, the user selects the authentication token method used when registering the user to the certification authority from the list of authentication tokens received from the ECU for the driver authentication of the vehicle, and authenticates. After electronically signing the connected data of the authentication token information used by the user with the private key of the user, the information is transmitted along with the public key information to the ECU for driver authentication of the vehicle. At this time, there are two types of data to be digitally signed, and can be divided according to the need of measuring drunk driving. If drunk driving measurement is required, it will be explained in detail in Section 3.1.4. If drunk driving is not required, the user can share the data of the driver type and disability / national memorial information. After the electronic signature is connected to the processing result || The ECU for driver authentication of the vehicle that has received the relevant information has its own private key (

) And request the driver's public key certificate from the CA along with its public key information. The certification authority receiving the driver's public key certificate request transmits the driver's public key certificate and the certification authority's public key to the ECU for driver authentication of the vehicle through the user's public key information. Subsequently, the ECU for driver authentication of the vehicle undergoes an authentication process of relevant information based on the driver's public key certificate received from the certification authority, and then transmits the authentication result to the driver. At this time, the authentication result can be classified into three types: (1) authentication completion || startable, (2) authentication completion || startup (in the case of drunk operation), and (3) authentication failure. If the authentication result is (2), it corresponds to the drunk driving attempt of the user who requested the authentication, and further steps are required to prevent drunk driving, and the related process is described in Section 3.1.3.

2 is a flowchart illustrating a sequence of common parts of a user authentication process including a person with a disability / national merit authentication according to an embodiment of the present invention (Fig. 2 User Authentication (Common) of the Proposed Method)

(3.1.3. User Authentication Process (Agent Operation)) In the present invention, if the user authentication result in the previous section 3.1.2 corresponds to (2) Authentication completion || Explain. If the user authentication result (2) authentication is completed, the start-up can automatically call the surrogate driver call application of the user's smartphone and call the surrogate driver based on the current position. After calling, after completing the assignment of proxy article, it receives the assigned public key and public key certificate (public key certificate already issued by the certification authority) and electronically signs the user's private key to the ECU for driver authentication of the vehicle. Will be delivered. Thereafter, after the assigned substitute driver boards the vehicle, the vehicle described above is described in detail above. 3.1.2. The user authentication process in the same process as the user authentication process in Section 3 is carried out, and the public key information and public key certificate of the substitute driver received from the certification authority through the process in Section 3.1.2 and the agent received from the user (vehicle owner). The person who is currently in the driver's seat by requesting authentication (including only the location information in the authentication process in Section 3.1.2 above), including the comparison process between the driver's public key information and the public key certificate and the location information of the current substitute driver. I was able to confirm that I was a substitute driver. The result of authentication through this process was delivered to the agent so that the vehicle can be started and controlled to prevent drunk driving. However, after the driver's certification for the surrogate driver and the driver's disability / national merit certification in the previous section 3.1.2, the driver's change, such as the change of the driver to others, may occur. The countermeasures related to this are described in detail in Section 3.1.4.

3 is a flowchart illustrating a sequence of subsequent processes including an authentication process for a surrogate driver when the authentication result is a drunk driving (Fig. 3 User Authentication (Driving Under the influence of alcohol) of the Proposed Method)

(3.1.4 Driver change and drunk driving prevention technique) The present invention describes a technique for preventing driver change and drunk driving after user authentication that can occur in the above-described sections 3.1.2 and 3.1.3. First, the user authentication process in Sections 3.1.2 and 3.1.3 described above is carried out with the door of the vehicle closed after the user (vehicle owner and surrogate driver) rides the vehicle. Without starting the vehicle control by ignition, for the driver's safety, after checking whether the seat belt is worn, the vehicle can be controlled after the seat belt is worn. At this time, in order to check the occupant of the vehicle, the number of doors that are opened and closed and the vibration of the vehicle according to the increase in the occupancy of the vehicle are applied. Then, when the vehicle stops while driving, it compares the current position and destination of the vehicle and checks whether the door is opened or closed. At this time, when the owner of the vehicle is driving, when at least one vehicle door is opened, when a surrogate driver is driving, when at least two vehicle doors are opened, through the user re-authentication request to the driver, after the initial user authentication, the driver We designed related techniques to prevent drunk driving and other people's disability / national merit benefits.

(3.2. Evaluation of Proposed Technique) This chapter describes the evaluation contents and results between the proposed technique and the existing research in the present invention. In order to evaluate the characteristics of the proposed method, a comparative analysis was conducted with the existing FIDO protocol method [7] and Hyundai's smart phone NFC access starting system [9]. Comparative evaluation results are shown in Table 1. The existing FIDO protocol method [7] provides security based on the user's biometric information, and is used in the latest various fields through connection with various application services, but in terms of using the user's personal biometric information The disadvantage is that it does not provide usage associations for third parties. In the case of a smartphone NFC access starting system [9] of Hyundai Motor, it is a system for controlling vehicle access and starting by NFC card key method, not based on the user's biometric information. The system can delegate or transfer the vehicle's access and control authority to the third party by transferring the NFC card key to the third party, but in terms of security, problems such as security problems and vehicle takeover when the NFC card key is stolen The system is focused on vehicle entry and exit control and does not take into account the linkage with other application services. By evaluating the proposed technique in Table 1, the proposed technique of the present invention solves the impossibility of the third party's authentication and service interworking, which are disadvantages of the existing biometric information-based user authentication protocol. Authentication and authentication of third parties (representative driver) is possible, and the website-based user registration and authentication of the smartphone NFC access starting system of Hyundai Motor, the most recent user authentication and vehicle control system, It was able to solve the problems of physical deodorization and misuse / abuse that may occur when empowering the child, and furthermore, it has advantages in linking application services such as preventing drunk driving, benefiting vehicle for the disabled / national man, and securing user efficiency. You can see that.

Table 1 shows: Table 1. Comparison Results among the Proposed methods and previous works

Table 2 describes the strengths and weaknesses of existing research and proposed techniques. Through this, it can be seen that the proposed technique solves the problem of service provision and security vulnerabilities to third parties, which is the disadvantage of previous research. Table.2 Pros and Cons among the Proposed methods and previous works)

(Conclusion) In connection with the drinking start lock device, which has been recently discussed socially, the present invention has proposed a user biometric information-based user registration, user authentication technique, and drunk driving prevention technique using a smartphone and NFC communication. Through this, we proposed a technique to prevent driver's drunk driving, and for the disabled / national merit, to efficiently receive related benefits through certification, and through the proposed technique, it is also possible to transfer control rights to a vehicle through third party certification. Compared with the existing research, it has the advantage of convenience of user and connection with related services. In the future, it is intended to perform the application and application in the actual vehicle environment by supplementing additional modification to the proposed technique in the present invention.

The method according to the embodiment may be embodied in the form of program instructions that can be executed by various computer means and recorded on a computer readable medium. The computer readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the media may be those specially designed and constructed for the purposes of the embodiments, or they may be of the kind well-known and available to those having skill in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. The hardware device described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

The software may include a computer program, code, instructions, or a combination of one or more of the above, and may configure the processing device to operate as desired, or process independently or collectively. You can command the device. Software and / or data may be any type of machine, component, physical device, virtual equipment, computer storage medium or device in order to be interpreted by or to provide instructions or data to the processing device. Or may be permanently or temporarily embodied in a signal wave to be transmitted. The software may be distributed over networked computer systems so that they may be stored or executed in a distributed manner. Software and data may be stored on one or more computer readable recording media.

Although the embodiments have been described with reference to the accompanying drawings, those skilled in the art may apply various technical modifications and variations based on the above. For example, the described techniques may be performed in a different order than the described method, and / or components of the described systems, structures, devices, circuits, etc. may be combined or combined in a different form than the described method, or other components. Or, even if replaced or substituted by equivalents, an appropriate result can be achieved.

Therefore, other implementations, other embodiments, and equivalents to the claims are within the scope of the following claims.

Claims (1)

A processor for performing NFC communication and biometric information based driver authentication using a user's smartphone and preventing drunk driving through driver authentication and providing benefits for persons with disabilities and national merit;
Driver authentication and vehicle control system comprising a.

Images