KR20220084533A - Access point providing wifi and method for operating thereof - Google Patents

Abstract

According to an embodiment, an access point providing Wi-Fi includes a first communication circuit for transmitting and receiving data with an electronic device, a memory for storing a Wi-Fi connection application for generating access information, and a processor, the processor comprising: , receives first connection information from the electronic device through the first communication circuit, executes the Wi-Fi connection application, generates second connection information through the Wi-Fi connection application, and the first connection information and comparing the second connection information, and determining whether to establish a Wi-Fi connection with the electronic device based on a result of the comparison.

Description

ACCESS POINT PROVIDING WIFI AND METHOD FOR OPERATING THEREOF

Various embodiments relate to an access point providing Wi-Fi and an operating method thereof, and more particularly, to an access point providing Wi-Fi capable of secure connection and an operating method thereof.

In recent years, a portable device such as a smart phone, a tablet PC, or a laptop may access an access point providing Wi-Fi in various living environments. For example, the user may operate the electronic device to access an access point providing Wi-Fi in a store environment. For example, a store employee may notify the customer of the password by attaching a piece of paper on which the password is printed, or by printing the password together on a receipt or the like.

The customer can check the recognized password and input it in the Wi-Fi password input field. Upon receiving the user input, the electronic device may transmit the password to the access point. The access point may authenticate the received password, and determine whether to allow access of the electronic device based on the authentication result.

According to the conventional method, the password of the access point may be exposed to the public, and accordingly, it is impossible to block access to the access point by a user who does not directly use the store. In addition, as the password is exposed, there is a problem in that secure access is difficult. In addition, even when the password is not exposed, the importance of secure access to Wi-Fi is emerging due to various recent secure access hacking algorithms.

The access point and its operating method according to various embodiments may provide a connection based on a method of automatically generating access information rather than a method in which a user directly inputs a password.

An access point providing Wi-Fi according to various embodiments includes a first communication circuit for transmitting and receiving data with an electronic device, a memory for storing a Wi-Fi connection application for generating access information, and a processor, the processor comprising: Receives first connection information from the electronic device through the first communication circuit, executes the Wi-Fi connection application, generates second connection information through the Wi-Fi connection application, the first connection information and It may be configured to compare the second connection information and determine whether to establish a Wi-Fi connection with the electronic device based on a result of the comparison.

According to various embodiments of the present disclosure, a method of operating an access point providing Wi-Fi includes receiving first access information from an electronic device through a first communication circuit of the access point, executing the Wi-Fi connection application, and connecting An operation of generating second connection information through a Wi-Fi connection application for generating information, an operation of comparing the first connection information and the second connection information, and a Wi-Fi connection with the electronic device based on the comparison result It may include an operation of determining whether to form a connection.

According to various embodiments, an access point capable of providing a connection and an operating method thereof may be provided based on an automatic generation method of access information rather than a method in which a user directly inputs a password. Accordingly, a Wi-Fi connection with increased security may be possible.

1 is a block diagram of an electronic device, an access point, and an authentication server according to various embodiments of the present disclosure;
2A and 2B are diagrams for explaining a comparative example for comparison with an embodiment of the present invention.
3 is a flowchart illustrating an operation of an electronic device and an access point according to various embodiments of the present disclosure;
4 is an execution screen of an application for providing a Wi-Fi connection function according to various embodiments of the present disclosure.
5 is a diagram for explaining digital signage according to various embodiments of the present disclosure;
6 is a diagram for describing digital signage according to various embodiments of the present disclosure;
7 is a block diagram of an electronic device and an access point according to various embodiments of the present disclosure;
8 is a flowchart illustrating a method of operating an electronic device and an access point according to various embodiments of the present disclosure;
9 is a screen for inquiring whether to execute an application according to various embodiments of the present disclosure.
10 is a diagram for describing management of an access point providing a Wi-Fi connection according to various embodiments of the present disclosure;
11 illustrates a screen for checking real-time access information according to various embodiments of the present disclosure.
12 is a flowchart illustrating a method of generating a unique code according to various embodiments of the present invention.
13 is a flowchart illustrating a code generation method according to various embodiments of the present invention.
14 is a flowchart illustrating a code generation method according to various embodiments of the present invention.
15 is a flowchart illustrating an offset determination process according to various embodiments of the present invention.
16 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;
17 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;

Hereinafter, exemplary embodiments according to the present invention will be described in detail with reference to the contents described in the accompanying drawings. However, the present invention is not limited or limited by the exemplary embodiments. The same reference numerals provided in the respective drawings indicate members that perform substantially the same functions.

1 is a block diagram of an electronic device, an access point, and an authentication server according to various embodiments of the present disclosure;

Referring to FIG. 1 , an electronic device 101 according to various embodiments may include a processor 120 , a memory 130 , a display 180 , and a communication circuit 190 . The access point 150 may include a communication circuit 151 , a processor 152 , and a memory 153 .

According to various embodiments, the processor 120 and/or the processor 152 stores a CPU, a ROM in which a control program for control is stored, and signals or data input from the outside, or the electronic device 101 and /or it may include at least one of RAM used as a storage area for a task performed by the access point 150 . The CPU may include single core, dual core, triple core, or quad core. The CPU, ROM and RAM may be interconnected through an internal bus.

According to various embodiments, the memory 130 and/or the memory 153 may include both the ROM and the RAM, and a program or algorithm for generating authentication information, which will be described in more detail later, a seed, a unique code, etc. information can be stored. The memory 130 and/or the memory 153 may be implemented as at least one of a volatile memory and a non-volatile memory, and there is no limitation in the implementation form.

According to various embodiments, the communication circuit 190 and/or the communication circuit 151 may transmit/receive data through Wi-Fi communication. The communication circuit 190 and/or the communication circuit 151 may be implemented as, for example, a Wi-Fi module. Wi-Fi communication is communication based on 2.4 gigahertz (12 centimeters) UHF and 5 gigahertz (6 centimeters) SHF ISM radio bands, and may refer to all communications based on IEEE 802.11 standards. The IEEE 802.11 standard is a set of medium access control (MAC) and physical layer (PHY) specifications for implementing wireless local area network (WLAN) computer communication in the 2.4, 3.6, 5, and 60 GHz frequency bands. They are created and maintained by the Institute of Electrical and Electronic Engineers (IEEE) LAN/MAN Standards Committee (IEEE 802). The electronic device 101 may transmit/receive data to and from the communication circuit 151 of the access point 150 through the communication circuit 190 . The electronic device 101 may access the Internet through the access point 150 .

The access point 150 may determine whether to allow the access of the electronic device 101 based on Wi-Fi Protected Access (WPA) (or WPA2, hereinafter referred to as WPA). WPA is an authentication program performed under the supervision of the Wi-Fi Alliance, and is a security protocol that indicates that the network equipment complies with the security protocol established by the Wi-Fi Alliance. WPA can provide a secure access function based on TKIP or AES-based CCMP. For example, the access point 150 may receive access information through the communication circuit 190 of the electronic device 101 , and transmit an authentication request therefor to the authentication server 160 . Depending on the implementation, the access point 150 may directly perform the authentication procedure. For example, an authentication program (or algorithm) for authentication may be stored in the memory 153 , and whether to allow access to the electronic device 101 may be determined based on access information received from the electronic device 101 . have.

According to various embodiments, the display 180 may display an execution screen of an application executed in the electronic device 101 or a window for controlling a system function (eg, Wi-Fi, Bluetooth, GPS, etc.). Although not shown, the electronic device 101 may further include or be connected to an input device for receiving a user input. For example, when the electronic device 101 is implemented as a mobile device such as a smart phone or a tablet, the electronic device 101 may include a touch screen panel (TSP). The display 180 and the TSP may be collectively referred to as a touch screen. For example, when the electronic device 101 is implemented as a desktop PC, the electronic device 101 may be connected to an input device such as a keyboard by wire or wirelessly.

2A and 2B are diagrams for explaining a comparative example for comparison with an embodiment of the present invention.

Referring to FIG. 2A , the electronic device 101 may display a Wi-Fi control screen on the display 180 . The Wi-Fi control screen may include information 201 on an access point currently being accessed and information 202 and 203 on access points that can be accessed. When a password is set in an accessible access point (eg, a DEF access point or a GHI access point), the electronic device 101 may display a graphic object indicating that the password has been set. Information 203 about a connectable access point may be selected. The access point 150 may set access information (eg, a password) to allow access of a service requesting device such as the electronic device 101 . When access information is set, the electronic device 101 may receive accurate access information to initially access the access point 150 and transmit it to the access point 150 . As shown in FIG. 2B , the electronic device 101 may display a window 210 associated with the selected access point (eg, a GHI access point). The window 210 may include a space 211 for entering a password, a cancel button 212 , and a connection button 213 . Although not shown, the electronic device 101 may further display a SIP (eg, keyboard or keypad) for inputting a password together with the window 210 . After the password is input, if selection of the connection button 213 is detected, the electronic device 101 may transmit access information 220 including the password to the access point 150 . The access point 150 may authenticate the electronic device 101 based on the received access information 220 , and may determine whether to allow the access of the electronic device 101 based on the authentication result.

In the comparative example, the user of the electronic device 101 must check the password set in the access point 150 and directly input the password into the space 211 where the password can be input in FIG. 2B . For example, in a home environment, the user of the electronic device 101 must check the password attached to the hardware of the access point 150 and input the password. For example, in a store environment, the user must check the password provided in the store or the password provided by the clerk and input the password. However, the password may be exposed to persons other than the user, and for example, persons who do not visit the store or purchase products from the store may use the Wi-Fi without restrictions. Secure access may not be possible due to password exposure, and for example, if a home network is provided in a home environment, a problem may occur. In a home network, when an access point operates as a gateway, an IoT device (eg, a gas valve, a microwave oven) connected to the gateway may be controlled by the access point connection. Accordingly, even if the password is not exposed, secure access may not be guaranteed. For example, WPS may have a flaw that allows an attacker to discover the router's password, and there are various hacking methods that can hack the password. As described above, a secure connection of the access point, which is not guaranteed in the comparative example, is requested.

3 is a flowchart illustrating an operation of an electronic device and an access point according to various embodiments of the present disclosure; The embodiment of FIG. 3 will be described in more detail with reference to FIG. 4 . 4 is an execution screen of an application for providing a Wi-Fi connection function according to various embodiments of the present disclosure.

In the present disclosure, when the electronic device 101 and the access point 150 perform a specific operation, it may mean that the processor 120 and the processor 152 perform the specific operation. Alternatively, when the electronic device 101 and the access point 150 perform a specific operation, it may mean that the processor 120 and the processor 152 control other hardware to perform the specific operation. Alternatively, when the electronic device 101 and the access point 150 perform a specific operation, instructions for causing the processor 120 and the processor 152 to perform the specific operation are stored in the memory 130 and the memory 153 . It may mean to be When the electronic device 101 and the access point 150 transmit/receive data to/from an external device, it may mean that the communication circuit 190 and the communication circuit 151 transmit/receive data.

According to various embodiments of the present disclosure, in operation 301 , the electronic device 101 may obtain a Wi-Fi connection function providing application execution and a Wi-Fi access command. The Wi-Fi connection function providing application may be an application capable of generating and transmitting Wi-Fi connection information. For example, an entity related to a specific store may create and distribute a Wi-Fi connection function providing application. The Wi-Fi connection function providing application may provide various information for promoting products, services, or events of a specific store in addition to the Wi-Fi connection function. The electronic device 101 may, for example, access an application store and download an application. For example, in a store environment, a user may access an application store and download an application based on application information disposed in a store or provided by a clerk. Alternatively, a beacon disposed in a store may transmit information on a URL from which an application can be downloaded to the electronic device 101 , and in this case, the user may select a URL access key included in the electronic device 101 . The electronic device 101 may download an application by accessing the selected URL. Since the application can be produced to provide various additional information in addition to the Wi-Fi connection providing function as described above, the store operator can provide free Wi-Fi and promote products and services in the store at the same time.

4 is, for example, a first execution screen 410 of an application associated with a GHI store. The first execution screen 410 may include a Wi-Fi connection button 411 , a connection button 412 in another device, and a Wi-Fi history deletion button 413 . The first execution screen 410 may be a screen for a Wi-Fi providing function, which is one of various functions within the application, and as described above, the application may provide screens for providing other various functions. Based on the selection of the Wi-Fi connection button 411, the electronic device 101 may obtain a Wi-Fi connection command. When a connection button 412 in another device is selected, the electronic device 101 may display connection information on the display 180 . When the Wi-Fi history deletion button 413 is selected, the electronic device 101 may delete the connection history to the corresponding access point. According to implementation, when the Wi-Fi connection button 411 is selected, the electronic device 101 may further display a window 420 inquiring whether to connect. The window 420 may include a message 421 indicating a connection to a specific access point (eg, a GHI access point), a cancel button 422 , and a connection button 423 . The electronic device 101 may be set to perform operation 303 when the connection button 423 is selected according to implementation. When the cancel button 422 is selected, the window 420 may be hidden.

In operation 303, the electronic device 101 may generate Wi-Fi connection information. The electronic device 101 may execute a Wi-Fi connection information generation algorithm, and thus may generate Wi-Fi connection information. The Wi-Fi connection information generating algorithm is not limited as long as it is an algorithm capable of generating a value having randomness and/or uniqueness, for example. For example, the Wi-Fi connection information generating algorithm may be an OTP generating algorithm, or may be an algorithm generating a value that guarantees both randomness and uniqueness, which will be described later in more detail, and there is no limitation in type. The Wi-Fi connection function providing application may include, for example, at least one unique value capable of generating a value having randomness and/or uniqueness. The unique value may be set differently for each Wi-Fi connection function providing application. The eigenvalue may be, for example, a seed value of an OTP generation algorithm. Alternatively, the unique value may be, for example, a unique code set in an application, which will be described later in more detail. Wi-Fi access information may have randomness and/or uniqueness, and may be valid only for a certain period of time.

According to various embodiments, the electronic device 101 may generate, for example, a user ID and a password as access information. An authentication method in which both a user ID and a password are used during Wi-Fi authentication may be IEEE 802.11X, which is an authentication method used in WPA Enterprise. The corresponding authentication method may require, for example, a client (eg, an EAP client), an authenticator, and an authentication server. The client is a device capable of requesting a Wi-Fi connection, and may be, for example, the electronic device 101 . The authenticator is a component that relays authentication information, and may be, for example, the AP 150 . In addition, the authentication server is a server that can determine access permission or access blocking by distinguishing user information, for example, may be implemented as a server according to the Radius method.

For example, the electronic device 101 may generate a user ID based on the first seed value and generate a password based on the second seed value to generate access information including the user ID and password. Alternatively, the electronic device 101 may generate a user ID and a password by performing algorithm application a plurality of times based on one seed value.

In various examples, the operation of the authentication server may be logically executed inside the AP 150 . In this case, the AP 150 may be implemented to perform both the operations of the authenticator and the authentication server. In the corresponding authentication method, when the authenticator (eg, the AP 150 ) detects a user, authentication information may be requested for authentication. In this case, the authentication information requested by the ascentrator may be a user ID and a password. The electronic device 101 may transmit the user ID and password to the authenticator (eg, the AP 150 ). In this case, the authenticator may transmit the received authentication information (ie, user ID and password) to the server according to the Radius method.

For example, the AP 150 may receive access information from the electronic device 101 as an authenticator, and may transmit it to an authentication server logically operating within the AP 150 . The authentication server logically operating within the AP 150 compares the received authentication information with the user database in the previously registered authentication server and provides information indicating the success of authentication to the ascentrator when they match. can In various examples, the authentication server may be implemented independently of the authenticator, and in this case, the AP 150 may transmit a user ID and password to an external authentication server.

In operation 305 , the electronic device 101 may transmit the generated Wi-Fi connection information to the access point 150 . As described above, the electronic device 101 may generate access information including, for example, a user ID and a password, and transmit it to the AP 150 . In this case, the electronic device 101 may also transmit information for identifying which seed is used and/or timestamp information (eg, when at least OTP is used) to the AP 150 . In operation 307, the access point 150 may authenticate the received Wi-Fi connection information. The access point 150 may generate access information based on, for example, the same access information generation algorithm, and may authenticate validity based on a comparison result between the generated information and the received information. For example, when the electronic device 101 transmits access information including a user ID and a password, the access point 150 may generate a user ID and a password, respectively, and compare them with the received information. For example, the access point 150 may provide a user ID and password based on information (eg, information for seed identification and/or timestamp information) received along with access information from the user electronic device 101 . may be created individually, but there is no limitation.

In operation 309, the access point 150 may establish a Wi-Fi connection based on the authentication result. Thereafter, the electronic device 101 may access the Internet through the access point 150 and may transmit/receive data. When access to a specific access point (eg, a GHI access point) is completed, the electronic device 101 may display a third screen 430 as shown in FIG. 4 . The third screen 430 may include a button 431 indicating access to a specific access point (eg, a GHI access point), a button 432 indicating a connection from another device, and a Wi-Fi history deletion button 413 . can If authentication fails, the access point 150 may notify the electronic device 101 that authentication has failed. The electronic device 101 may indicate through the display 180 that authentication has failed. Although not shown, in another embodiment, the access point 150 may transmit Wi-Fi connection information to an authentication server (not shown). The authentication server 160 may authenticate the received Wi-Fi connection information. For example, the authentication server (not shown) may generate access information based on the same access information generation algorithm, and may authenticate validity based on a comparison result between the generated information and the received information. The authentication server (not shown) may transmit the authentication result to the access point 150, and based on the authentication result, the access point 150 may determine whether to connect to Wi-Fi.

As described above, the user may operate the electronic device 101 to access the access point 150 without directly inputting a password into the electronic device 101 . Accordingly, the password does not need to be exposed to the user.

5 is a diagram for explaining digital signage according to various embodiments of the present disclosure;

Referring to FIG. 5 , according to various embodiments, the access point 150 and the display device 501 may communicate with each other. The display device 501 may include a display 502 . The display device 501 may be a device for providing digital signage. Digital signage may refer to the ability to display information on the display 502 and manage it remotely over a network. For example, the digital signage manager may acquire, create, edit, and/or store content to be displayed on the display device 501 using the manager device. Content to be displayed on the display device 501 may be stored in, for example, an administrator device or a cloud server. According to various embodiments, the manager device may download an authoring tool capable of creating and/or editing content, and in this case, the manager may easily create and/or edit content using the authoring tool. The content may be provided from the manager device and/or the cloud server to the display device 501 through the access point 150 . The display device 501 may support communication such as Wi-Fi, and thus may receive content through the access point 150 . Meanwhile, the display device 501 receiving the content through the access point 150 is merely exemplary, and the display device 501 may receive the content through another communication means (or another access point). .

For example, the display device 501 may be managed by a manager of the access point 150 . The manager may play content to be promoted through the display device 501 while providing secure Wi-Fi through the access point 150 . Accordingly, the promotional effect can be maximized. Alternatively, a QR code for downloading an application for Wi-Fi secure connection may be displayed on the display device 501 . A user may download an application by photographing a QR code using a user device, and thereafter, a Wi-Fi connection may be possible. Alternatively, in a state in which the application has already been downloaded to the user device, QR code shooting may be used as a trigger for Wi-Fi connection. The application may be set to generate access information when the QR code is captured, and in this case, there may be an effect of forcing the user to view the content. For example, the display device 501 may display a QR code after content is played, and in this case, the user may use Wi-Fi by photographing the QR code after completing viewing of the content.

6 is a diagram for describing digital signage according to various embodiments of the present disclosure;

Referring to FIG. 6 , according to various embodiments, an access point 150 and a kiosk device 601 may communicate with each other. The kiosk device 601 may include a touch screen 602 . The kiosk device 601 may be a device for providing a digital signage or purchase function. For example, the kiosk device 601 may display a menu screen for items to be sold in a store on the touch screen 602 . The user may proceed with a purchase by selecting an icon (eg, an item selection icon, a payment icon, etc.) in a menu screen displayed on the touch screen 602 . For example, the digital signage manager may acquire, create, edit, and/or store content to be displayed in the kiosk device 601 using the manager device. The content may be provided to the kiosk device 601 through the access point 150 from the manager device and/or the cloud server. The kiosk device 601 may support communication such as, for example, Wi-Fi, and thus may receive content through the access point 150 . Meanwhile, the kiosk device 601 receiving the content through the access point 150 is merely exemplary, and the kiosk device 601 may receive the content through another communication means (or another access point). .

For example, the kiosk device 601 may be managed by an administrator of the access point 150 . The administrator may reproduce content to be promoted or a menu screen to be sold through the kiosk device 601 while providing secure Wi-Fi through the access point 150 . Accordingly, the promotional effect can be maximized. Alternatively, a QR code for downloading an application for Wi-Fi secure connection may be displayed on the kiosk device 601 . A user may download an application by photographing a QR code using a user device, and thereafter, a Wi-Fi connection may be possible. Alternatively, in a state in which the application has already been downloaded to the user device, QR code shooting may be used as a trigger for Wi-Fi connection. The application may be set to generate access information when the QR code is captured, and in this case, there may be an effect of forcing the user to view the content. For example, the kiosk device 601 may display a QR code after the content is played back or after the purchase of the item is completed, in which case the user completes viewing the content or after purchasing the item. You can also use Wi-Fi by scanning the QR code.

7 is a block diagram of an electronic device and an access point according to various embodiments of the present disclosure;

According to various embodiments, the electronic device 101 may include at least one of a first communication circuit 701 , a second communication circuit 702 , a processor 703 , a memory 704 , and a display 705 . have. The access point 150 may include at least one of a first communication circuit 711 , a second communication circuit 712 , a processor 713 , and a memory 714 . Here, processors 703 , 713 , memories 704 , 714 , and display 705 may be substantially the same as processors 120 , 152 , memories 130 , 153 , and display 180 described in FIG. 1 , so here The explanation should be concise.

The first communication circuit 701 of the electronic device 101 may communicate with the first communication circuit 711 of the access point 150 based on a first communication method. The second communication circuit 702 of the electronic device 101 may communicate with the first communication circuit 712 of the access point 150 based on a second communication method. The second communication method may be different from the first communication method. For example, the first communication method may be a Bluetooth or ultra sonic data communication method, but is not limited thereto. The second communication method may be, for example, a communication method supporting Internet use, such as a Wi-Fi communication method.

According to various embodiments, the processor 713 of the access point 150 may control the first communication circuit 711 to transmit a beacon signal. The processor 703 of the electronic device 101 may receive a beacon signal through the first communication circuit 701 . The access point 150 may be configured to transmit a beacon signal based on, for example, periodic or event detection. The beacon signal may include, for example, at least one of information for identification of the access point 150 or information triggering a secure connection to the access point 150 , but information included in the beacon signal is not limited.

The electronic device 101 may always activate the first communication circuit 701 or may activate it based on event detection. If the first communication method is a Bluetooth communication method, the first communication circuit 701 may be a Bluetooth communication module. If the first communication method is the ultra sonic communication method, the first communication circuit 701 may be a microphone module. The processor 703 of the electronic device 101 may receive a beacon signal from the access point 150 through the first communication circuit 701 . The processor 703 may execute an application for accessing the second communication method in response to the reception of the beacon signal. The application for accessing the second communication method may be, for example, the application described with reference to FIG. 3 . According to various embodiments, the processor 703 may receive an additional user confirmation without directly executing the application, and execute the application in response thereto. The processor 703 may generate access information through an application. The processor 703 may transmit the generated connection information to the second communication circuit 712 of the access point 150 through the second communication circuit 702 . The processor 713 of the access point 150 may authenticate the received access information. For example, the processor 713 may generate access information based on, for example, the same application, and may determine whether authentication succeeds according to a result of comparing the generated access information and the received access information.

If it is confirmed that authentication is successful because the generated connection information and the received connection information are the same, a Wi-Fi connection between the second communication circuit 712 and the second communication circuit 702 may be formed. Thereafter, the electronic device 101 may use Internet communication based on the established Wi-Fi connection. If it is determined that authentication has failed because the generated access information and the received access information are different, a Wi-Fi connection may not be established.

8 is a flowchart illustrating a method of operating an electronic device and an access point according to various embodiments of the present disclosure;

According to various embodiments, the access point 150 may transmit a beacon signal in operation 801 . As described above, the access point 150 may transmit a beacon signal based on the first communication method. The access point 150 may transmit the beacon signal periodically or based on the first communication method based on detection of a specific event. For example, the user may move to the vicinity of the access point 150 while carrying the electronic device 101 . Accordingly, the electronic device 101 may receive a beacon signal based on the first communication method. For example, the electronic device 101 may execute an application based on reception of a beacon signal in operation 803 . For example, the electronic device 101 may execute an application for Wi-Fi connection without any additional command in response to the reception of the beacon signal.

In another example, the electronic device 101 may execute an application for Wi-Fi connection based on additional command acquisition. For example, the electronic device 101 may display a screen 901 inquiring whether to execute an application as shown in FIG. 9 . The screen 901 may include information indicating that Wi-Fi connection is possible, a button 911 for not running an application for Wi-Fi connection, and a button 912 for running an application for Wi-Fi connection. There are no restrictions on its composition. If the button 912 for executing the application for Wi-Fi connection is selected, the electronic device 101 may execute the application for Wi-Fi connection. For example, the electronic device 101 may display the first execution screen 410 of the application associated with the GHI store as shown in FIG. 4 . In operation 805, the electronic device 101 may obtain a Wi-Fi connection command. For example, based on selection of the Wi-Fi connection button 411 of the first execution screen 410 , the electronic device 101 may obtain a Wi-Fi connection command. Based on the acquisition of the Wi-Fi connection command, in operation 807 , the electronic device 101 may generate Wi-Fi connection information.

In operation 809 , the electronic device 101 may transmit the generated Wi-Fi connection information to the access point 150 . In operation 811 , the access point 150 may confirm authentication success for the received Wi-Fi connection information. For example, the access point 150 may generate access information based on the same application, and may confirm authentication success based on the fact that the generated access information is the same as the received access information. In operation 813 , the electronic device 101 and the access point 150 may establish a Wi-Fi connection.

10 is a diagram for describing management of an access point providing a Wi-Fi connection according to various embodiments of the present disclosure; The embodiment of FIG. 10 will be described with reference to FIG. 11 . 11 illustrates a screen for checking real-time access information according to various embodiments of the present disclosure.

Referring to FIG. 10 , the access point 150 may form a Wi-Fi connection with a plurality of electronic devices 1001 , 1002 , and 1003 . For example, each of the plurality of electronic devices 1001 , 1002 , and 1003 may generate access information based on the method described with reference to FIG. 3 and transmit it to the access point 150 . The access point 150 may generate access information, and may compare the generated access information with the received access information. Based on the comparison result, the access point 150 may perform authentication. When a Wi-Fi connection is established based on authentication, the access point 150 may transmit connection-related information to the management server 1010 .

The management server 1010 may collect and manage connection-related information from the access point 150 . In one embodiment, the management server 1010 may be set to collect and manage information related to a connection to the access point 150 , and in this case, the access point 150 may perform authentication.

In another embodiment, the management server 1010 may not only collect and manage information related to access to the access point 150 , but also perform authentication to the access point 150 . In this case, each of the plurality of electronic devices 1001 , 1002 , and 1003 may generate access information based on the method described with reference to FIG. 3 and transmit it to the access point 150 . The access point 150 may transmit access information to the management server 1010 . The management server 1010 may generate access information, and may compare the generated access information with the received access information. Based on the comparison result, the management server 1010 may perform authentication. The management server 1010 may transmit the authentication result to the access point 150 . The access point 150 may determine whether to establish a Wi-Fi connection based on information received from the management server 1010 .

Referring to FIG. 11 , the management server 1010 may configure and display the management screen 1100 or transmit it to another manager device. In the management screen 1100 , for example, information 1111 on a store in which the access point 150 is located, information 1112 on the number of electronic devices currently connected to the access point 150 , and the access point 150 . Information 1113 on the accumulated number of electronic devices that have been connected to , information 1114 on data management, and tabs on coupon sending 1115 may be included. If the information 1111 on the store where the access point 150 is located is selected, at least one of detailed information about the store and a tab for selecting another store may be provided. If another store is selected, detailed information about the other store may be provided. In this case, the text included in the information 1111 on the store in which the access point 150 is located may be replaced with information on another store. If information 1112 on the number of electronic devices currently connected to the access point 150 is selected, information 1120 on the current accessor may be provided as shown in FIG. 11 . For the currently selected tab, a selector may be displayed as shown in FIG. 11 . When information 1113 on the cumulative number of electronic devices that have been connected to the access point 150 is selected, the cumulative number (or the number of each unit) corresponding to various time units, such as by time period/daily/weekly/monthly, etc. information can be provided. When information 1114 on data management is selected, statistical information may be provided. The statistical information may include raw data for each store and/or information obtained by statistically processing raw data. Accordingly, the manager may check the current number of visitors for each store and/or statistical information of the visitors. When the tap of the coupon sending 1115 is selected, the coupon may be sent to at least one of the electronic devices 1001 , 1002 and 1003 through the access point 150 . Those skilled in the art will understand that coupon generation is merely exemplary, and if it is a data transmission function for at least one of the electronic devices 1001 , 1002 , 1003 , it may be substituted with coupon sending. Meanwhile, those skilled in the art will understand that the information configuration in FIG. 11 is merely exemplary, and does not limit the scope of the present invention, and may be substituted with other information, or other information may be added or excluded.

As described above, the manager may check information on current and/or accumulated visitors (or statistical information thereof) in the store, and may provide immediate service.

12 is a flowchart illustrating a method of generating a unique code according to various embodiments of the present invention.

In the embodiment of FIG. 12 , the electronic device 101 may be an electronic device that generates a unique code, and the server 200 is an electronic device that generates a unique code and verifies the verification-requested unique code, for example, It may be an access point 150 . The server 200 may be an electronic device that manages a service using a unique code.

In operation 1210 , the electronic device 101 may share the first unique code and the first seed with the server 200 . In one embodiment, when a first user using the electronic device 101 joins the system (or downloads an application), the server 200 sends the first unique code and The first seed may be transmitted. Alternatively, the server 200 may transmit the first unique code and information for displaying the first seed to another electronic device. For example, the first user may request a subscription to the server 200 through the electronic device 101 or another electronic device. The server 200 may assign a first unique code to the first user (or application) in response to the subscription request. The server 200 may transmit the first unique code to the electronic device 101 or another electronic device. The server 200 may also grant the first seed to the first user. The first seed may be assigned to the first user for time-based one-time password generation. The server 200 may transmit the first seed to the electronic device 101 or another electronic device. In one embodiment, the server 200 may transmit the QR code image including the first unique code and the first seed to the electronic device 101 or another electronic device. The first user may photograph the QR code displayed on the other electronic device with the electronic device 101 , and accordingly, the electronic device 101 may obtain the first unique code and the first seed.

In operation 1220 , the electronic device 101 may generate a first one time password (OTP) using the first seed and the first time information. That is, at a first time point, the electronic device 101 may generate the first OTP using the first time information and the first seed corresponding to the first time point. In addition, at the second time point, the electronic device 101 may generate the second OTP by using the second time information corresponding to the second time point and the first seed. The electronic device 101 may dynamically change and generate the OTP according to the passage of time.

In operation 1230 , the electronic device 101 may generate a first code using the first OTP and the first unique code. A process in which the electronic device 101 generates a random and unique first code using the first OTP and the first unique code will be described later in more detail. Since the first code is generated using both the first OTP and the first unique code, the randomness and dynamic changeability of the first OTP and the uniqueness of the first unique code can be guaranteed, so it can be both random and unique . The randomness and uniqueness of the first code will also be described later in more detail.

In operation 1240 , the server 200 may generate the first OTP using the first seed and the first time information. The server 200 may generate the same first OTP as that generated by the electronic device 101 by using the first time information and the first seed corresponding to the first time at the first time point. The server 200 may also generate the same second OTP as that generated at the second time point by the electronic device 101 using the second time information and the first seed corresponding to the second time point at the second time point. That is, the server 200 may also generate the OTP while dynamically changing it.

In operation 1250 , the server 200 may generate a first code using the first OTP and the first unique code. The method in which the server 200 generates the first code using the first OTP and the first unique code is the same as the method in which the electronic device 101 generates the first code using the first OTP and the first unique code. can do. Accordingly, the first code generated by the server 200 and the first code generated by the electronic device 101 may be the same.

In operation 1260 , the server 200 may receive a code confirmation request. The server 200 may receive a code confirmation request from an electronic device operated by the first user, for example, the electronic device 101 or another electronic device.

In operation 1270 , the server 200 may determine whether the code in the code verification request is the same as the first code generated by the server 200 . If the code in the code verification request is the same as the first code generated by the server 200 , in operation 1280 , the server 200 may determine that the code is appropriate. If the code in the code verification request is different from the first code generated by the server 200 , in operation 1290 , the server 200 may determine that the code is inappropriate. The server 200 may or may not perform additional services such as user login or e-commerce payment, depending on whether the code is suitable or not.

13 is a flowchart illustrating a code generation method according to various embodiments of the present invention.

In operation 1310 , the electronic device 101 may obtain a first unique code and a different first seed for each user. The first seed may be assigned to the first user by the server 200 . Meanwhile, the first unique code is a character string based on an ASCII code, and may be a combination of alphabets, numbers, and special characters. The first unique code may be a code selected from elements of a preset character set. For example, the server 200 may generate a first unique code for the first user using an algorithm for generating a unique code from a character set, and transmit it to the electronic device 101 . The server 200 may generate a unique code for different users, and the unique code assigned to each of the users may be different.

In operation 1320 , the electronic device 101 may generate a first OTP using the first seed and first time information. The first OTP may consist of numbers, for example.

In operation 1330 , the electronic device 101 may generate a numeric code corresponding to the first unique code by mapping the first unique code to a preset character set.

For example, the electronic device 101 uses a preset character set as { '0', '1', '2', ... , '9', ,'A', 'B', … , 'Z' } is assumed. In addition, it is assumed that the electronic device 101 obtains “AX83Z0” as the first unique code. In one embodiment, the electronic device 101 may convert each digit of the first unique code into a numeric code by checking an index of each digit of the first unique code in the character set. For example, the electronic device 101 may convert the unique code of "A" into the numeric code of "10" by confirming that "A", which is the first digit of the first code, is the 11th index in the character set. . This may result from the starting point of the numeric code being zero. In the same manner, the electronic device 101 may convert the unique code of “X” to “33” by confirming that “X” is the 34th index in the character set. The electronic device 101 may convert the first unique code “AX83Z0” into a numeric code of {10,33,8,3,35,0}.

In operation 1340 , the electronic device 101 may sum the first OTP and the numeric code. For example, when the first OTP is “382901”, each digit of the first OTP may be summed with each digit of the converted numeric code. That is, the electronic device 100 may sum the numeric code of {10,33,8,3,35,0} with the first OTP of {3,8,2,9,0,1}, {13 ,41,10,12,35,1} can be obtained. On the other hand, when the total number of elements of the character set among the summing results, for example, exceeds 36, the electronic device 101 performs a mod operation on the total number of elements of the character set for the result of the summation. can be replaced with In this case, the electronic device 101 may replace "41" with "5", which is a result of performing the mode operation of 36 on "41". Accordingly, the electronic device 101 will be described later. The sum of {13,5,10,12,35,1} can be obtained. In another embodiment of the present invention, an offset may be applied when generating the summation result.

In operation 1350, the electronic device 101 may generate a first sub-code by mapping the summation result to a character set. For example, the electronic device 101 may interpret each number of {13,5,10,12,35,1} as an index and obtain a corresponding character from the character set. That is, the electronic device 101 may obtain "D" corresponding to the index of '13' as the first character of the first subcode. The electronic device 100 may obtain "5" corresponding to the index of '5' as the second character of the first subcode. According to the above-described method, the electronic device 101 may obtain the first sub-code of “D5ACY1”.

In operation 1360, the electronic device 101 may generate the second sub-code by mapping the first OTP to the character set. For example, the electronic device 101 interprets each digit of the first OTP of {3,8,2,9,0,1} as an index, and the character of the second subcode corresponding to each digit Each digit of can be created. For example, the electronic device 101 may obtain the character of '3' corresponding to the number of '3', and may obtain the character of '8' corresponding to the number of '8'. Accordingly, the electronic device 101 may acquire the second sub-code of “382901”. In another embodiment of the present invention, the second sub-code may be obtained by mapping the result of applying the offset to each digit of the number to the character set, which will be described later in more detail.

In operation 1370, the electronic device 101 may generate a first code including the first sub-code and the second sub-code. The electronic device 101 may generate a first code of, for example, “D5ACY1382901” by concatenating the first sub-code and the second sub-code. As described above, “D5ACY1”, which is the first sub-code of the first code, is set by the summation of dynamically and randomly generated OTP and unique code, and guarantees dynamic and randomness while ensuring uniqueness by unique code can be However, since codes having the same summing result may occur with low probability, the electronic device 101 according to various embodiments of the present disclosure may generate the first code, which is a unique code, by concatenating the second sub-code.

14 is a flowchart illustrating a code generation method according to various embodiments of the present invention.

In operation 1410 , the electronic device 101 may obtain a first unique code and a different first seed for each user. As described above, the electronic device 101 receives the first unique code and the first seed from the authentication server 160 or receives the first unique code and the first seed by photographing a QR code displayed on another electronic device. can do. The first seed may be a seed for OTP generation granted by the server to the first user.

In operation 1420 , the electronic device 101 may generate a first OTP using the first seed and first time information. In operation 1430 , the electronic device 101 may generate a numeric code corresponding to the first unique code by mapping the first unique code to a character set. For example, similar to the embodiment of FIG. 3 , the electronic device 101 may acquire the first unique code of “AX83Z0”, and at a first time point, first time information corresponding to the first time point and the first time information A first OTP of “382901” may be generated using 1 seed. The electronic device 101 has preset { '0', '1', '2', ... , '9', ,'A', 'B', … , 'Z' } may be mapped to the first unique code to convert the first unique code "AX83Z0" into a numeric code of {10,33,8,3,35,0}.

In operation 1440, the electronic device 101 may sum the first OTP and the numeric code. For example, when the first OTP is “382901”, each digit of the first OTP may be summed with each digit of the converted numeric code. That is, the electronic device 100 may sum the numeric code of {10,33,8,3,35,0} with the first OTP of {3,8,2,9,0,1}, {13 ,41,10,12,35,1} can be obtained. In operation 1250 , the electronic device 101 may apply an offset to the summing result. The electronic device 101 may set the offset to, for example, 18. The electronic device 101 may add an offset of 18 to every digit of the summing result. In addition, the electronic device may obtain a result of calculating the size of the character set on the summation result to which the offset is applied. Accordingly, the electronic device 101 may obtain {31,23,28,30,17,19}, which is the summing result to which the offset is applied.

In operation 1460, the electronic device 101 may generate the first sub-code by mapping the offset-applied summing result to the character set. The electronic device 101 may interpret '31', which is the offset applied summation result, as an index in the character set, to obtain 'V', which is the 31st character. The electronic device 101 may sequentially convert '23', '28', '30', '17', and '19' into characters, thereby generating a first subcode of "VNSUHJ". have.

In operation 1470 , the electronic device 101 may apply an offset to the first OTP. Accordingly, by adding the offset 18 to each number of the first OTP of {3,8,2,9,0,1}, the first OTP to which the offset of {21,26,20,27,18} is applied is generated. can

In operation 1480, the electronic device 101 may generate a second sub-code by mapping the offset-applied first OTP to a character set. That is, the electronic device 101 may interpret each number of {21,26,20,27,18} of the first OTP to which the offset is applied as an index in the character set to generate the second subcode. For example, the electronic device 101 may obtain 'L', which is the 21st character in the character set, based on '21', which is the first number of the first OTP to which the offset is applied. In the above-described manner, the electronic device 101 may generate the second sub-code of “LQKRIJ” from {21,26,20,27,18} of the first OTP to which the offset is applied.

In operation 1490, the electronic device 101 may generate a first code including the first sub-code and the second sub-code. The electronic device 101 may generate a first code of, for example, “D5ACY1LQKRIJ” by concatenating the first sub-code and the second sub-code. As described above, “D5ACY1”, which is the first sub-code of the first code, is set by the summation of dynamically and randomly generated OTP and unique code, and guarantees dynamic and randomness while ensuring uniqueness by unique code can be However, since codes having the same summing result may occur with low probability, the electronic device 101 according to various embodiments of the present disclosure may generate the first code, which is a unique code, by concatenating the second sub-code.

Hereinafter, the above-described code generation process will be described through an algorithm.

- Justice

-C : A character set whose elements are different characters expressed in ASCII codes.

The given character set is called C, and C is composed of different characters (uppercase and lowercase letters, special characters, and numbers) expressed in ASCII codes. For example, if C consists only of numbers, then C = { '0', '1', '2', '3', '4', '5', '6', '7', '8', ' 9' }, and the same number does not overlap. Also, if it consists of numbers and uppercase letters, C = { ‘0’, … ,’9’, ‘A’, … 'Z' }. The character set C given in the same way can be composed of various forms. Also, elements of C may be shuffled within the same set. For example, a character set consisting of only numbers C = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9 If ' } is shuffled, then C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' } can be together

-S : the number of elements in the given character set C

-C(n) : nth element of C (0 <= n < number of C characters)

The nth element of C is defined as C(n), where n is an integer such that 0 <= n < S. That is, n means an index of an element included in C. If we have a digit-only character set C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' } , 0 <= n < 10, C(0) = '8', C(9) = '5'.

-IndexOf(c) : the index in C of the given character c

Given character set C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' }, IndexOf( '8') = 0, IndexOf('5') = 9.

-U : A string representing a randomly generated unique user ID composed of the characters contained in C

Given a character set C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' } then U is It is expressed as '0382', '7192'.

-U(n) : nth character of U (0 <= n < number of characters in U)

Given U = ‘0382’, n is an integer such that 0 <= n < 4, U(2) = ‘8’, U(3) = ‘2’.

-T : TOTP code

For example, the random 6-digit TOTP code becomes '839023' and '659921'.

-T(n) : nth position number in TOTP code (0 <= n < TOTP digits)

For example, when the generated TOTP code is ‘839023’, T(0) = 8, T(5) = 3.

-N : length of random code ( N >= 1 )

-R : random code

-algorithm

It is described in a form similar to that of the programming language C++.

String generate_random_id ( C, U, N, T )

{

string preId;

string postId;

int offset = 18; // arbitrarily

for (n = 0; n < N; n++)

{

int d = numOf(T(n)); // Convert T(n) ASCII code to number, ‘3’ -> 3, ‘9’ -> 9

int x = IndexOf(U(n));

preId += C ( (d + x + offset) % S ); // Append to the character created in the previous step.

postId += C ( T(n) + offset);

}

return (preId + postId); // Append the created two characters to make the final R.

}

-simulation

what if,

N = 6,

C = { ‘0’, … , ‘9’, ‘A’, … , ‘Z’} ,

S = 10 + 26 = 36

U = ‘AX83Z0’ and

If T = ‘382901’,

0 <= n < 36, (0 ... 35)

IndexOf(U) = { 10, 33, 8, 3, 35, 0 } becomes,

numOf(T) = { 3, 8, 2, 9, 0, 1 } becomes,

If you perform an operation on each digit,

preId[0] = C ( ( 3 + 10 + 18 ) % 36 ) = C ( 31 % 36 ) = C ( 31 ) = 'V'

preId[1] = C ( ( 8 + 33 + 18 ) % 36 ) = C ( 59 % 36 ) = C ( 23 ) = 'N'

preId[2] = C ( ( 2 + 8 + 18 ) % 36 ) = C ( 28 % 36 ) = C ( 28 ) = 'S'

preId[3] = C ( ( 9 + 3 + 18 ) % 36 ) = C ( 30 % 36 ) = C ( 30 ) = 'U'

preId[4] = C ( ( 0 + 35 + 18 ) % 36 ) = C ( 53 % 36 ) = C ( 17 ) = 'H'

preId[5] = C ( 1 + 0 + 18 ) % 36 ) = C ( 19 % 36 ) = C ( 19 ) = 'J'

ego,

postId[0] = C ( ( 3 + 18 ) % 36 ) = C ( 21 ) = 'L'

postId[1] = C ( ( 8 + 18 ) % 36 ) = C ( 26 ) = 'Q'

postId[2] = C ( ( 2 + 18 ) % 36 ) = C ( 20 ) = 'K'

postId[3] = C ( ( 9 + 18 ) % 36 ) = C ( 27 ) = 'R'

postId[4] = C ( ( 0 + 18 ) % 36 ) = C ( 18 ) = 'I'

postId[5] = C ( ( 1 + 18 ) % 36 ) = C ( 19 ) = 'J'

become this,

R = generate_random_id(C, U, N, T) and R = ‘VNSUHJ LQKRIJ’.

-Simulation 2 - In case of a different ID at the same time

Same as above, N = 6, C = { ‘0’, … , ‘9’, ‘A’, … , ‘Z’}, set S = 10 + 26 = 36 .

Instead, U = ‘B05EFA’,

If T = ‘382901’ as above,

0 <= n < 36, (0 ... 35)

IndexOf(U) = { 11, 0, 6, 14, 15, 10 } becomes,

numOf(T) = { 3, 8, 2, 9, 0, 1 } becomes,

If you perform an operation on each digit,

preId[0] = C ( ( 3 + 11 + 18 ) % 36 ) = C ( 32 % 36 ) = C ( 31 ) = 'W'

preId[1] = C ( ( 8 + 0 + 18 ) % 36 ) = C ( 26 % 36 ) = C ( 26 ) = 'Q'

preId[2] = C ( ( 2 + 6 + 18 ) % 36 ) = C ( 26 % 36 ) = C ( 26 ) = 'Q'

preId[3] = C ( ( 9 + 14 + 18 ) % 36 ) = C ( 41 % 36 ) = C ( 5 ) = '5'

preId[4] = C ( ( 0 + 15 + 18 ) % 36 ) = C ( 33 % 36 ) = C ( 33 ) = 'X'

preId[5] = C ( 1 + 10 + 18 ) % 36 ) = C ( 29 % 36 ) = C ( 29 ) = 'T'

ego,

postId[0] = C ( ( 3 + 18 ) % 36 ) = C ( 21 ) = 'L'

postId[1] = C ( ( 8 + 18 ) % 36 ) = C ( 26 ) = 'Q'

postId[2] = C ( ( 2 + 18 ) % 36 ) = C ( 20 ) = 'K'

postId[3] = C ( ( 9 + 18 ) % 36 ) = C ( 27 ) = 'R'

postId[4] = C ( ( 0 + 18 ) % 36 ) = C ( 18 ) = 'I'

postId[5] = C ( ( 1 + 18 ) % 36 ) = C ( 19 ) = 'J'

become this,

R = generate_random_id(C, U, N, T) and R = ‘WQQ5XT LQKRIJ’.

Therefore, even if the same OTP occurs at the same time, different random codes have different results.

15 is a flowchart illustrating an offset determination process according to various embodiments of the present disclosure.

In operation 1510 , the electronic device 101 may obtain the same second seed for all users. Here, the second seed may be, for example, a seed value for generating a time-based one-time password, and may be different from the first seed. In operation 1520 , the electronic device 101 may generate a second OTP based on the second seed and first time information, and in operation 1530 may determine an offset to be used in FIG. 4 using the second OTP. For example, the electronic device 101 may set the offset as a result value of a mode operation on the number of elements in the character set to the offset generated using the second seed. The second seed may be the same not only for the first user but also for all users subscribed to the system, and accordingly, the offset generated at the first time point may be the same for all users, so that the uniqueness of the generated code can be continuously guaranteed. have.

16 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;

In operation 1610 , the electronic device 101 may obtain the same second seed for all users. Here, the second seed may be, for example, a seed value for generating a time-based one-time password, and may be different from the first seed.

In operation 1620 , the electronic device 101 may generate a second OTP using the second seed and the first time information. In operation 1630 , the electronic device 101 may determine a character set using the second OTP. For example, the electronic device 101 may initially acquire a basic character set, and may determine a character set to be used for code generation by transforming the basic character set based on the second OTP.

17 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;

In operation 1710, the electronic device 101 may obtain a basic character set. For example, the electronic device 101 is { '0', '1', '2', ... , you can get the default character set of '9' }. The number of elements in the basic character set may be 10.

In operation 1720, the electronic device 101 may generate a second OTP using the second seed and the first time information. According to various embodiments of the present disclosure, the electronic device 101 may generate the second OTP using the hOTP algorithm. For example, it is assumed that the electronic device 101 generates the second OTP of 123456.

In operation 1730 , the electronic device 101 may perform a mod operation on the size of the second OTP and the character set to obtain an operation result value. In operation 1740, the electronic device 101 may swap positions of two characters of the basic character set using the operation result. For example, the electronic device 101 may obtain 6, which is a mode operation result for 123456. The electronic device 101 may interpret the operation result of 6 as an index of the character set, and may swap the 6th character of the character set with the 0th character.

In operation 1750, the electronic device 101 sequentially performs swapping on all characters to obtain a character set obtained by shuffling a basic character set. For example, the electronic device 101 interprets the OPT generation, mode operation, and operation result value as an index with respect to the first character of the character set, and performs swapping with the first character and the character corresponding to the index, and The process may be performed for all of the second to ninth characters.

In operation 1760, the electronic device 101 may generate the first code using the shuffled character set.

As described above, the character set can be dynamically changed, and if only the seed is shared, the same character set can be generated for all users, so that the uniqueness of the generated code can be continuously guaranteed as described above.

Hereinafter, the algorithm of the above-described character set shuffling method will be described.

1. Let the basic character set C = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9'} .

2. Set the Global Key and use it as the seed of OTP.

3. Repeat the following as much as the size of the character set S to create a random character set.

1) To change the position of C(n), create one HOTP and calculate Mod with the set size.

2) If HOTP is 123456, 6 is obtained by calculating Mod with the character set size of 10.

3) The obtained 6 means the index of C, and the number corresponding to C[6] is replaced with the C[0]th character that is currently being replaced. That is, swapping.

4) Repeat steps 1, 2, 3 9 more times until C[9].

5) When the above calculation is completed, a shuffled character set is displayed, and a random ID can be generated using this set.

Simulation - Shuffling Character Sets

The character set C = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}, the size of C is S = 10, 0 <= n < 10.

Let O be the modular value of HOTP generated in each step by S,

O(0) = 1111 2222 % 10,

O(1) = 3333 4444 % 10,

O(2) = 5555 6666 % 10,

O(3) = 7777 8888 % 10,

O(4) = 9999 0000 % 10,

O(5) = 1111 2222 % 10,

O(6) = 3333 4444 % 10,

O(7) = 5555 6666 % 10,

O(8) = 7777 8888 % 10,

Assume that O(9) = 9999 0000 % 10.

One) C[0] = 0 shuffle

Since O[0] = 11112222 % 10 = 2, we swap by sending C[2] to C[0] and C[0] to C[2]. So the character set is C = {2, 1, 0, 3, 4, 5, 6, 7, 8, 9}.

2) C[1] = 1 shuffle

Since O[1] = 33334444 % 10 = 4, we swap by sending C[4] to C[1] and sending C[1] to C[4]. So the character set is C = {2, 4, 0, 3, 1, 5, 6, 7, 8, 9}.

3) C[2] = 0 shuffle

Since O[2] = 55556666 % 10 = 6, we swap by sending C[6] to C[2] and C[2] to C[6]. So the character set is C = {2, 4, 6, 3, 1, 5, 0, 7, 8, 9}.

4) C[3] = 1 shuffle

Since O[3] = 77778888 % 10 = 8, we swap by sending C[8] to C[3] and C[3] to C[8]. So the character set is C = {2, 4, 6, 8, 1, 5, 0, 7, 3, 9}.

5) C[4] = 4 shuffle

Since O[4] = 99990000 % 10 = 0, we swap by sending C[0] to C[4] and C[4] to C[0]. So the character set is C = {1, 4, 6, 8, 2, 5, 0, 7, 3, 9}.

6) C[5] = 5 shuffle

Since O[5] = 1111 2222 % 10 = 2, swap C[2] by sending C[5] to C[5] and C[5] to C[2]. So the character set is C = {1, 4, 5, 8, 2, 6, 0, 7, 3, 9}.

7) C[6] = 0 shuffle

Since O[6] = 3333 4444 % 10 = 4, we swap by sending C[4] to C[6] and C[6] to C[4]. So the character set is C = {1, 4, 5, 8, 0, 6, 2, 7, 3, 9}.

8) C[7] = 7 shuffle

O[7] = 5555 6666% 10 = 6, so we swap by sending C[6] to C[7] and sending C[7] to C[6]. So the character set is C = {1, 4, 5, 8, 0, 6, 7, 2, 3, 9}.

9) C[8] = 3 shuffle

O[8] = 7777 8888% 10 = 8, so we swap by sending C[8] to C[8] and C[8] to C[8]. So the character set is C = {1, 4, 5, 8, 0, 6, 7, 2, 3, 9}.

10) C[9] = 9 shuffle

Since O[9] = 9999 0000 % 10 = 0, we swap by sending C[0] to C[9] and C[9] to C[0]. So the character set is C = {9, 4, 5, 8, 0, 6, 7, 2, 3, 1}.

So the shuffled character set is C = {'9', '4', '5', '8', '0', '6', '7', '2', '3', '1'} , and a random code is generated once using this shuffling character set.

It will be appreciated that the embodiments of the present invention can be realized in the form of hardware, software, or a combination of hardware and software. Any such software, for example, whether erasable or rewritable, may be stored in a volatile or non-volatile storage device such as a ROM, or a memory such as, for example, RAM, a memory chip, device or integrated circuit. , or an optically or magnetically recordable storage medium such as a CD, DVD, magnetic disk, or magnetic tape, for example, and a machine (eg, computer) readable storage medium. The graphic screen updating method of the present invention may be implemented by a computer or portable terminal including a control unit and a memory, wherein the memory is a machine suitable for storing a program or programs including instructions for implementing embodiments of the present invention. It will be appreciated that this is an example of a readable storage medium. Accordingly, the present invention includes a program including code for implementing the apparatus or method described in any claim of the present specification, and a machine (computer, etc.) readable storage medium storing such a program. Also, such a program may be transmitted electronically through any medium such as a communication signal transmitted through a wired or wireless connection, and the present invention suitably includes the equivalent thereof.

Also, the device may receive and store the program from a program providing device connected by wire or wirelessly. The program providing device includes a program including instructions for the graphic processing device to perform a preset content protection method, a memory for storing information necessary for the content protection method, and wired or wireless communication with the graphic processing device. It may include a communication unit for performing, and a control unit for automatically transmitting a corresponding program to the transceiver at the request of the graphic processing device or the transceiver.

Claims (20)

An access point providing Wi-Fi, comprising:
a first communication circuit for transmitting and receiving data to and from the electronic device;
a memory for storing a Wi-Fi connection application for generating connection information; and
A processor comprising:
receiving first connection information from the electronic device through the first communication circuit;
Run the Wi-Fi connection application,
generating second connection information through the Wi-Fi connection application;
an access point configured to compare the first access information and the second access information, and to determine whether to establish a Wi-Fi connection with the electronic device based on a result of the comparison. The method of claim 1,
The processor is
Forming the Wi-Fi connection based on the fact that the first access information and the second access information are the same,
The access point is further configured to reject the establishment of the Wi-Fi connection based on the difference between the first access information and the second access information. The method of claim 1,
and a second communication circuit that provides a different communication scheme than the first communication circuit. 4. The method of claim 3,
The processor is
an access point configured to transmit a beacon signal via the second communication circuit. 5. The method of claim 4,
The processor, through the first communication circuit, as at least part of the operation of receiving the first connection information from the electronic device,
The access point is configured to receive the first access information generated based on the reception of the beacon signal by the electronic device through the first communication circuit. The method of claim 1,
The first access information and the second access information, an access point, characterized in that the one-time password (one time password: OTP). The method of claim 1,
The processor is
obtaining a first seed for generating a one-time password, a first unique code and character set assigned to the first user;
generating a first one time password (OTP) using the first seed;
mapping the operation result of the first OTP and the first unique code to the character set to generate a first sub-code;
mapping the first OTP to the character set to generate a second subcode;
an access point configured to generate a code corresponding to the second access information by using the first sub-code and the second sub-code. 8. The method of claim 7,
The processor, as at least part of an operation of generating a first OTP using the first seed, inputs first time information corresponding to the first seed and a first time point into a time-based one-time encryption algorithm, An access point set up to generate OTPs. 9. The method of claim 8,
The processor compares the first unique code with the character set as at least part of an operation of generating a first sub-code by mapping an operation result of the first OTP and the first unique code to the character set, thereby converting the first unique code to a numeric code an access point configured to generate the first sub-code by converting the numeric code to the first OTP, and mapping the summing result to the character set. The method of claim 1,
The processor is
At least one access point including the electronic device configured to provide information on an electronic device currently being connected to the access point. A method of operating an access point providing Wi-Fi, comprising:
receiving first access information from an electronic device through a first communication circuit of the access point;
executing the Wi-Fi connection application;
generating second connection information through a Wi-Fi connection application for generating connection information;
comparing the first access information and the second access information; and
and determining whether to establish a Wi-Fi connection with the electronic device based on the comparison result.
How the access point works. 12. The method of claim 11,
The operation of determining whether to establish a Wi-Fi connection with the electronic device based on the comparison result includes:
forming the Wi-Fi connection based on the fact that the first access information and the second access information are the same; or
Refusing to establish the Wi-Fi connection based on the difference between the first access information and the second access information
A method of operating an access point comprising a. 12. The method of claim 11,
The method of operating an access point further comprising a second communication circuit that provides a different communication method than the first communication circuit. 14. The method of claim 13,
Transmitting a beacon signal through the second communication circuit
The method of operation of the access point further comprising a. 15. The method of claim 14,
Receiving the first connection information from the electronic device through the first communication circuit includes:
The method of operating an access point for receiving the first access information generated based on the reception of the beacon signal by the electronic device through the first communication circuit. 12. The method of claim 11,
The operating method of the access point, characterized in that the first access information and the second access information, one time password (one time password: OTP). 12. The method of claim 11,
obtaining a first seed for generating a one-time password, a first unique code and character set assigned to the first user;
generating a first one time password (OTP) using the first seed;
generating a first sub-code by mapping an operation result of the first OTP and the first unique code to the character set;
mapping the first OTP to the character set to generate a second sub-code; and
generating a code corresponding to the second access information by using the first sub-code and the second sub-code
The method of operation of the access point further comprising a. 18. The method of claim 17,
The operation of generating a first OTP using the first seed includes:
An operating method of an access point for generating the first OTP by inputting the first time information corresponding to the first seed and the first time point into a time-based one-time encryption algorithm. 19. The method of claim 18,
The operation of generating a first sub-code by mapping the operation result of the first OTP and the first unique code to the character set includes:
converting the first unique code to a numeric code by comparing with the character set, summing the numeric code with the first OTP, and mapping the summing result to the character set to generate the first sub-code How points work. 12. The method of claim 11,
Providing information on at least one electronic device currently connected to the access point including the electronic device
The method of operation of the access point further comprising a.

Images