WO2007066994A1 - Dispositif et procede de fourniture de service de partage d'information personnelle utilisant un message a url de rappel signe - Google Patents

Dispositif et procede de fourniture de service de partage d'information personnelle utilisant un message a url de rappel signe Download PDF

Info

Publication number
WO2007066994A1
WO2007066994A1 PCT/KR2006/005296 KR2006005296W WO2007066994A1 WO 2007066994 A1 WO2007066994 A1 WO 2007066994A1 KR 2006005296 W KR2006005296 W KR 2006005296W WO 2007066994 A1 WO2007066994 A1 WO 2007066994A1
Authority
WO
WIPO (PCT)
Prior art keywords
personal information
user
message
callback url
server
Prior art date
Application number
PCT/KR2006/005296
Other languages
English (en)
Inventor
Seung-Hyun Kim
Dae-Seon Choi
Jong-Hyouk Noh
Sang-Rae Cho
Yeong-Sub Cho
Seung-Hun Jin
Original Assignee
Electronics And Telecommunications Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020060082932A external-priority patent/KR20070108315A/ko
Priority claimed from KR1020060122641A external-priority patent/KR100875919B1/ko
Application filed by Electronics And Telecommunications Research Institute filed Critical Electronics And Telecommunications Research Institute
Priority to US12/096,415 priority Critical patent/US20080301444A1/en
Publication of WO2007066994A1 publication Critical patent/WO2007066994A1/fr
Priority to US13/588,132 priority patent/US20120311326A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/30Managing network names, e.g. use of aliases or nicknames
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the present invention relates to the providing of a personal information sharing service in a mobile terminal environment, and more particularly, to an apparatus and method for providing a service that securely and easily shares personal information using a signed callback uniform resource locator (URL) message in a mobile terminal environment.
  • URL uniform resource locator
  • mobile terminals using wireless Internet require more complex processes than a fixed terminal such as a PC.
  • mobile terminal users are not informed of the uniform resource locator (URL) of a web page that they view.
  • URL uniform resource locator
  • SMS message service
  • MMS multimedia message service
  • the callback URL does not include a signature, which causes a security problem.
  • 10-2005-0036512; Publication Date: 20 April 2005 discloses an electronic payment approval method and system using an SMS including a callback URL.
  • the callback URL is used to easily move users to a payment account operation server. Users write important information such as an authentication code after moving to a URL of the payment account operation server. Therefore, a sender cannot be identified through the SMS including the callback URL that does not include a signature, which causes a security problem.
  • 10-2004-0101950; Publication Date: 3 December 2004 discloses a wired/wireless unification authentication and payment method using an SMS and a mobile terminal storing authentication information.
  • the method transmits the SMS for the authentication and/or payment including a callback URL to the mobile terminal.
  • the SMS includes payment information and is used to confirm payment information and/or authentication via a user's input. However, the payment information and/or authentication can be confirmed only via the user's input.
  • the present invention provides an apparatus and method for producing a signed callback uniform resource locator (URL) in a message between a user and a server in a mobile terminal environment and ensuring security between a sender and a receiver .
  • URL uniform resource locator
  • the present invention provides an apparatus and method for managing a user's personal information via interaction between a server and a user anywhere and anytime by supporting a request to use the user's personal information in a mobile terminal environment.
  • a mobile terminal providing a personal information sharing service using a signed callback uniform resource locator (URL) message, comprising; a personal information sharing service module receiving a message that includes a first callback URL and a personal information sharing request and is signed using a private key of a server, and creating a second callback URL by adding a user response result in response to the personal information sharing request to the first callback URL; and an authentication module verifying a signature of the message using a public key of the server, and signing the second callback URL using a user private key.
  • URL uniform resource locator
  • a method of providing a personal information sharing service using a signed callback URL message in a mobile terminal comprising: if a message that includes a first callback URL and a personal information sharing request and is signed using a private key of a server is received, verifying a signature of the message using a public key of the server; creating a second callback URL by adding a user response result in response to the personal information sharing request to the first callback URL; and signing the second callback URL using a user private key.
  • a server providing a personal information sharing service using a signed callback URL message comprising; a personal information request service module creating a message that includes a first callback URL and a personal information sharing request, transmitting a message that is signed using a private key of a server to a user's mobile terminal, receiving a second callback URL -signed using a user private key- creased by adding a user response result in response to the personal information sharing request to the first callback URL, and providing a sharing service of personal information approved by a user; an authentication module signing the message using the private key of the server and verifying a signature of the message using a user public key; and a personal information storage module storing personal information of the user of the mobile terminal.
  • a method of providing a personal information sharing service using a signed callback URL message in a server comprising: creating a message that includes a first callback URL and a personal information sharing request, signing the message using a private key of the server, and transmitting the message to a user's mobile terminal; if the user's mobile terminal accesses the server through a second callback URL obtained by adding a user response result in response to the personal information sharing request to the first callback URL, verifying a signature of the second callback URL signed using a user private key using a user public key; and providing a sharing service of personal information that the user approves to share according to the user's response result in response to the personal information sharing request.
  • a method of providing a personal information sharing service using a signed callback URL message in a mobile terminal comprising: if a message that includes a first callback URL and summarized information relating to personal information sharing is received, accessing a server through the first callback URL; receiving details relating to the personal information sharing and a signature of the server from the server and verifying the signature using a public key of the server; adding a user response result in response to the details relating to the personal information sharing to the first callback URL and creating a second callback URL; and signing the second callback URL using a user private key.
  • a method of providing a personal information sharing service using a signed callback URL message in a server comprising: creating a message that includes a first callback URL and summarized information relating to personal information sharing, and transmitting the message to a user's mobile terminal; if the user's mobile terminal accesses the server through the first callback URL, transmitting details relating to the personal information sharing and a signature obtained by signing the details using a private key of the server to the user's mobile terminal; if the user's mobile terminal accesses the server through a second callback URL obtained by adding a user response result in response to the details relating to the personal information sharing, verifying a signature of the second callback URL signed using a user private key using a user public key; and providing a sharing service of personal information that the user approves to share according to the user's response result in response to the details relating to the personal information sharing.
  • a signed callback URL is used to verify a signature, identify a server and a user, and prevent a message from being forged.
  • a mobile terminal is used to request approval to use user personal information, thereby providing the user with a real-time service customized to the user according to a user's response.
  • FlG. 1 is a block diagram of a mobile terminal and a server according to an
  • FlG. 2 is a schematic flowchart illustrating a method of providing a personal information sharing service in the mobile terminal and the server illustrated in FlG. 1 ;
  • FlG. 3 is a flowchart illustrating a method of creating a personal information
  • FlG. 4 is a flowchart illustrating a method of receiving a message and processing the message in the mobile terminal illustrated in FlG. 1 ;
  • FlG. 5 is a flowchart illustrating a method of receiving a response through a callback URL and processing the response in the server illustrated in FlG. 1 ;
  • FlG. 6 is a diagram of a message received from the mobile terminal illustrated in
  • FIG. l
  • FlG. 7 is a schematic flowchart illustrating a method of providing a personal information sharing service in the mobile terminal and the server illustrated in FlG. 1 according to another embodiment of the present invention .
  • a mobile terminal providing a personal information sharing service using a signed callback uniform resource locator (URL) message, comprising; a personal information sharing service module receiving a message that includes a first callback URL and a personal information sharing request and is signed using a private key of a server, and creating a second callback URL by adding a user response result in response to the personal information sharing request to the first callback URL; and an authentication module verifying a signature of the message using a public key of the server, and signing the second callback URL using a user private key.
  • URL uniform resource locator
  • a method of providing a personal information sharing service using a signed callback URL message in a mobile terminal comprising: if a message that includes a first callback URL and a personal information sharing request and is signed using a private key of a server is received, verifying a signature of the message using a public key of the server; creating a second callback URL by adding a user response result in response to the personal information sharing request to the first callback URL; and signing the second callback URL using a user private key.
  • a server providing a personal information sharing service using a signed callback URL message comprising; a personal information request service module creating a message that includes a first callback URL and a personal information sharing request, transmitting a message that is signed using a private key of a server to a user's mobile terminal, receiving a second callback URL -signed using a user private key- creased by adding a user response result in response to the personal information sharing request to the first callback URL, and providing a sharing service of personal information approved by a user; an authentication module signing the message using the private key of the server and verifying a signature of the message using a user public key; and a personal information storage module storing personal information of the user of the mobile terminal.
  • a method of providing a personal information sharing service using a signed callback URL message in a server comprising: creating a message that includes a first callback URL and a personal information sharing request, signing the message using a private key of the server, and transmitting the message to a user's mobile terminal; if the user's mobile terminal accesses the server through a second callback URL obtained by adding a user response result in response to the personal information sharing request to the first callback URL, verifying a signature of the second callback URL signed using a user private key using a user public key; and providing a sharing service of personal information that the user approves to share according to the user's response result in response to the personal information sharing request.
  • a method of providing a personal information sharing service using a signed callback URL message in a mobile terminal comprising: if a message that includes a first callback URL and summarized information relating to personal information sharing is received, accessing a server through the first callback URL; receiving details relating to the personal information sharing and a signature of the server from the server and verifying the signature using a public key of the server; adding a user response result in response to the details relating to the personal information sharing to the first callback URL and creating a second callback URL; and signing the second callback URL using a user private key.
  • a method of providing a personal information sharing service using a signed callback URL message in a server comprising: creating a message that includes a first callback URL and summarized information relating to personal information sharing, and transmitting the message to a user's mobile terminal; if the user's mobile terminal accesses the server through the first callback URL, transmitting details relating to the personal information sharing and a signature obtained by signing the details using a private key of the server to the user's mobile terminal; if the user's mobile terminal accesses the server through a second callback URL obtained by adding a user response result in response to the details relating to the personal information sharing, verifying a signature of the second callback URL signed using a user private key using a user public key; and providing a sharing service of personal information that the user approves to share according to the user's response result in response to the details relating to the personal information sharing.
  • FlG. 1 is a block diagram of a mobile terminal 110 and a server 120 according to an embodiment of the present invention.
  • the mobile terminal 110 comprises a user personal information sharing service module 113, an authentication module 115, and a user information storage module 117 in addition to a conventional module 111.
  • the user personal information sharing service module 113 receives a message including a first callback uniform resource locator (URL) and a personal information sharing request the message signed with a private key of the server 120, and produces a 2 nd callback URL by adding a user's result in response to the personal information sharing request to 1st callback URL.
  • URL uniform resource locator
  • the user personal information sharing service module 113 receives a short message service (SMS) or multimedia message service (MMS) message including the signed first callback URL.
  • SMS short message service
  • MMS multimedia message service
  • the user personal information sharing service module 113 determines whether to share personal information particulars included in the message.
  • the received message includes a signature obtained by signing the message and the first callback URL using the private key of the server 120 in the authentication module 125 of the server 120.
  • the message including the signature is received to secure integrity of the message and callback URL.
  • the message may include an image of the person or institution that requests to share user personal information, in order to easily identify the person or institution. If so, the mobile terminal 110 needs to display the image.
  • the user personal information sharing service module 113 transfers the message to the authentication module 115 to verify the signature of the message.
  • the 113 receives a user's response to the request to share the user personal information.
  • the decision of whether to share the user personal information is made automatically according to rules defined by the user, or is input by the user after the user reads the personal information particulars.
  • the user's response is to allow or deny, but can provide other information.
  • the user may write his/her personal information through the mobile terminal 110 or may use personal information that has been stored in the user information storage module 117 included in the mobile terminal 110.
  • the user personal information sharing service module 113 adds the user's response result to the first callback URL to produce the second callback URL.
  • the second callback URL includes information on the server 120 designated by the first callback URL. Therefore, the mobile terminal 110 accesses the server 120 through the second callback URL and simultaneously transmits the user's response result to the server 120.
  • the user's response result may be added to the first callback URL as a parameter, in the form of plain text, a signed string, or a cipher text.
  • the authentication module 115 performs a signature and verification operation using the user's private key and public keys of reliable servers. Key information needs to be stored in a secure location.
  • the user's private key and public keys used by the authentication module 115 may be stored in a separate device that may or may not be attached to the mobile terminal 110.
  • the user's private key and public keys can be stored in a device separate from the mobile terminal 110.
  • the device can be attached to the mobile terminal 110 as occasion demands, to use the key information through the authentication module 115.
  • the authentication module 113 is transferred to the authentication module 115, the authentication module 115 loads a public key of the server 120 to verify whether the signature of the message is valid.
  • the authentication module 115 loads the user's private key and signs the second callback URL with the key. That is, the authentication module 115 signs the second callback URL to add the signature to the second callback URL as a parameter.
  • the user information storage module 117 stores the user personal information and a personal information sharing policy, and automatically performs a user's response to the request to share the user personal information using the user personal information and the personal information sharing policy.
  • the user information storage module 117 can be stored in equipment other than the mobile terminal 110, and can be attached to the mobile terminal 110 as occasion demands, to be used through the user personal information sharing service module 113.
  • personal information sharing service module 113 can include personal information corresponding to sharing request particulars.
  • a personal information request service module 123 included in the server 120 receives the personal information to use them.
  • callback URL message in the mobile terminal 110 will be described in detail with reference to FlG. 4.
  • the server 120 of the current embodiment of the present invention includes a
  • the personal information request service module 123 produces a message including a first callback URL and a personal information sharing request, and transmits the message (signed using a private key of the server 120) to the user's mobile terminal 110.
  • the personal information request service module 123 receives a s econd callback URL and provides the personal information sharing service approved by the user.
  • the mobile terminal 110 adds a user response result to the personal information sharing request to the first callback URL to be signed using a user's private key, which is referred to as the second callback URL.
  • the personal information request service module 123 produces an
  • SMS or MMS to request the user to share personal information particulars, and receives a response from the user.
  • the personal information particulars are transferred to the personal information request service module 123.
  • the personal information request service module 123 downloads user information and prepares a message using a user's mobile terminal number.
  • the message includes the personal information particulars requested to be shared to the user and the first callback URL to receive a response of the message.
  • the first callback URL is signed using the private key of the server 120 so that a message receiving side verifies the signature of the message to determine whether the message is transmitted from an authentic server.
  • the message to be transmitted to the mobile terminal 110 may include an image of the person or logo institution that requests to share user personal information, in order to easily identify the person or institution.
  • the personal information request service module 123 When the personal information request service module 123 receives a response result to the transmitted message from the mobile terminal 110, the personal information request service module 123 transfers the response result to the authentication module 125 to verify the second callback URL. After completely verifying the second callback URL, the personal information request service module 123 compares the response result included in the second callback URL with the personal information particulars to determine whether to provide the personal information sharing service.
  • the authentication module 125 performs a signature and authentication operation using the private key of the server 120 and users' public keys. Key information is located in a secure location to be utilized through the authentication module 125.
  • the authentication module 125 loads the private key of the server 120, signs the message and a first callback URL included in the message, and adds a signature to the first callback URL as a parameter.
  • the authentication module 125 loads a user's public key to verify whether a signature included in a second callback URL is valid.
  • the personal information storage module 127 stores the user's personal information in a secure location of the server 120.
  • the personal information storage module 127 may be stored in a location other than the server 120, and can be interlocked with the server 120 as occasion demands, to be used through the personal information request service module 123. If users are approved to share the personal information particulars requested by the server 120 in response to the user of callback URLs, the user personal information sharing service module 113 of the mobile terminal 110 requests the personal information storage module 127 to use the personal information.
  • FlG. 2 is a schematic flowchart illustrating a method of providing a personal information sharing service in the mobile terminal and the server illustrated in FlG. 1. Referring to FlG. 2, the mobile terminal 110 and the server 120 communicate a message and a response to provide the personal information sharing service.
  • the server 120 prepares a message including personal information approval
  • the server 120 transmits the message to the mobile terminal 110 (Operation 220).
  • the mobile terminal 110 receives the message (Operation 230), and verifies the signature of the message using a public key of the server 120 (Operation 240). If the signature is verified, the mobile terminal 110 adds the user's response result to a personal information approval request to the callback URL, signs the callback URL using the user's private key (Operation 250), and transmits the message to the server 120 through the signed callback URL (Operation 260).
  • the server 120 receives a response to the transmitted message via information attached to the callback URL as a parameter (Operation 270).
  • the server 120 verifies the signature of the callback URL using the user's public key (Operation 280). If the signature is verified, the server 120 transfers personal information that the user approves to share, to the personal information sharing service.
  • FlG. 3 is a flowchart illustrating a method of creating a personal information
  • the process starts by a service requesting the server 120 for user personal information (Operation 310).
  • the server 120 loads information including a number or address of a user's mobile terminal and a personal information value established by the user (Operation 320).
  • the server 120 creates a message including personal information particulars to request the user to share (Operation 330). At this time, the server 120 establishes a callback URL so that the user can easily make a response.
  • the server 120 adds information on the user, and an image of the person or a logo institution that requests to share the personal information, t o the message so that the user can easily identify the person or institution.
  • the image or logo is important material for the decision of whether to share the personal information.
  • the authentication module 125 of the server 120 signs the message including the callback URL using a private key of the server 120 (Operation 340).
  • the server 120 stores the personal information particulars and other information in a temporary storage (Operation 350).
  • the personal information particulars and other information are used when the user responds to the callback URL.
  • the server 120 transmits the message to the number or address of the user's mobile terminal (Operation 360).
  • FlG. 4 is a flowchart illustrating a method of receiving a message and processing the message in the mobile terminal 110 illustrated in FlG. 1.
  • the process starts when the mobile terminal 110 receives a message including a user personal information sharing request from a server (Operation 410).
  • the authentication module 115 of the mobile terminal 110 loads a server public key (Operation 420), and verifies a signature included in the message (Operation 430).
  • the mobile terminal 110 creates an error message to prevent user personal information from being shared, and returns the error message (Operation 440).
  • the mobile terminal 110 displays user personal information particulars specified in the message and content on whether to share the user personal information, to receive a response from a user (Operation 450).
  • the user may identify the person or institution that requests to share his/her
  • the response to the personal information sharing request may be created by the user or may be automatically created according to rules provided by the user. For example, if the user establishes to share his/her ID number with a bank site, when the bank site requests the user's ID number, a share approval response is automatically provided to the bank site without a response from the user.
  • the user's response is to allow or deny, but can provide other information.
  • Information of the user information storage module 117 illustrated in FlG. 1 of the mobile terminal 110 may be used, or the user may input information in person using the mobile terminal 110.
  • the mobile terminal 110 adds the user's response result to a callback URL included in the message (Operation 460). If an error occurs during the verification of a signature of the server, the mobile terminal 110 adds the content of the error message to the callback URL instead of the user's response result.
  • the authentication module 115 of the mobile terminal 110 loads a user's private key, signs the whole callback URL, and adds the signature to the callback URL (Operation 470).
  • a variety of information may be added to the callback URL as parameters, in the form of plain text, a signed string, or a cipher text.
  • the mobile terminal accesses a server through the signed callback URL (Operation
  • FlG. 5 is a flowchart illustrating a method of receiving a response through a
  • the process starts when a user's response result to a personal information sharing request is transferred to a server, i.e. a user's mobile terminal accesses the server through a callback URL (Operation 510).
  • the authentication module 115 of the server 120 verifies a signature made by the user's private key attached to the callback URL using the user's public key (Operation 530) in order to determine whether the signature of the callback URL is authentic, using the user's public key stored in the server 120.
  • the server 120 returns an error message and terminates a service (Operation 540).
  • the server 120 determines whether the verified callback URL includes the error message (Operation 550), if it is determined that the verified callback URL includes the error message, and the server 120 returns the error message and terminates the service (Operation 560).
  • the server 120 transfers user personal information that the user approves to share to the service (Operation 580).
  • the server 120 can request the approved user personal information from the personal information storage module 127 illustrated in FlG. 1. If the user specifies the personal information in person, the specified personal information is transferred to the service.
  • FlG. 6 is a diagram of a message received from the mobile terminal 110 illustrated in FlG. 1.
  • the mobile terminal 110 displays an image 601 of the person or an institution that requests to share user personal information, lists of the personal information 603 that is requested to be shared, and a subject 605 that sends a message.
  • the user confirms the person or institution that requests his/her personal information through the image 601.
  • the subject 605 that sends the message uses a name specified in a certificate that has authorized information, so that the reliability of the certificate can be improved. Therefore, when a server that transmits a message through a signed callback URL included in the message is accessed, and a personal information sharing service is provided, security is maintained.
  • FlG. 7 is a schematic flowchart illustrating a method of providing a personal information sharing service in the mobile terminal and the server illustrated in FlG. 1 according to another embodiment of the present invention.
  • the mobile terminal 110 and the server 120 communicate a message and a response to provide the personal information sharing service in the same manner as illustrated in FIG. 2.
  • the method of providing the personal information sharing service of the present embodiment which does not transmit personal information approval particulars and a signature of a callback URL at an initial access to the server 120 but transmits summarized information of the personal information approval particulars and receives a response via the summarized information, is different from the method described with reference to FlG. 2. Therefore, the present invention can be applied to a message transmission environment where a limited amount of information is transmitted at the initial access to the server 120. It will be understood by those of ordinary skill in the art that the details of each operation described with reference to FIGS. 2 through 5 can be applied to operations that are to be described with reference to FlG. 7.
  • the server 120 prepares a message including personal information approval
  • the personal information approval particulars include summarized information and may not be signed.
  • the server 120 transmits the message to the mobile terminal 110 (Operation 720). [92]
  • the mobile terminal 110 receives the message (Operation 730), and accesses the server 120 through the first callback URL in order to obtain details of the personal information approval particulars and a signature of the server 120 (Operation 740). If the server 120 transfers details relating to the personal information approval and a signature obtained by signing the details using a private key of the server 120
  • the mobile terminal 110 verifies a signature of the message using a public key of the server 120 (Operation 760). If the signature is verified, the mobile terminal 110 adds a user's response result to the details relating to the personal information approval to the first callback URL so as to create a second callback URL, signs the second callback URL using a user's private key (Operation 770), and accesses the server 120 that transmitted the message through the signed second callback URL (Operation 780).
  • the server 120 receives a response to the transmitted message via information attached to the second callback URL as a parameter (Operation 790).
  • the server 120 verifies the signature of the second callback URL using a user's public key (Operation 791). If the signature is verified, the server 120 transfers personal information that the user approves to share, to the personal information sharing service (Operation 792).
  • the present invention can also be embodied as computer readable code on a
  • the computer readable recording medium is any data storage device that can store data which can be thereafter read by a computer system. Examples of the computer readable recording medium include read-only memory (ROM), random-access memory (RAM), CD-ROMs, magnetic tapes, floppy disks, optical data storage devices, and carrier waves.
  • ROM read-only memory
  • RAM random-access memory
  • CD-ROMs compact disc-read only memory
  • magnetic tapes magnetic tapes
  • floppy disks magnetic tapes
  • optical data storage devices and carrier waves.
  • carrier waves carrier waves.
  • the computer readable recording medium can also be distributed network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.
  • a signed callback URL is used to verify a signature, identify a server and a user, and prevent a message from being forged.
  • a mobile terminal is used to request approval to use user personal information, thereby providing the user with a real-time service customized to the user according to a user's response.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Dispositif et procédé assurant un service de partage sécurisé et convivial d'information personnelle utilisant un message à URL de rappel signé, dans un environnement de terminal mobile. Le terminal mobile assurant ledit service par message à URL signé comprend : module de service de partage d'information personnelle recevant un message à premier URL de rappel et une demande de partage d'information personnelle, avec signature par clé privée de serveur, et créant un second URL de rappel par adjonction, au premier URL de rappel, d'un résultat de réponse d'utilisateur en réponse à la demande considérée ; et module d'authentification vérifiant une signature du message par clé privée de serveur, puis signant le second URL de rappel par clé privée de serveur.
PCT/KR2006/005296 2005-12-07 2006-12-07 Dispositif et procede de fourniture de service de partage d'information personnelle utilisant un message a url de rappel signe WO2007066994A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US12/096,415 US20080301444A1 (en) 2005-12-07 2006-12-07 Apparatus and Method for Providing Personal Information Sharing Service Using Signed Callback Url Message
US13/588,132 US20120311326A1 (en) 2005-12-07 2012-08-17 Apparatus and method for providing personal information sharing service using signed callback url message

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
KR10-2005-0119069 2005-12-07
KR20050119069 2005-12-07
KR1020060082932A KR20070108315A (ko) 2005-12-07 2006-08-30 서명된 콜백 유알엘 메시지를 이용한 개인정보 공유 서비스제공 장치 및 방법
KR10-2006-0082932 2006-08-30
KR1020060122641A KR100875919B1 (ko) 2005-12-07 2006-12-05 서명된 콜백 유알엘 메시지를 이용한 개인정보 공유 서비스제공 장치 및 방법
KR10-2006-0122641 2006-12-05

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/588,132 Continuation US20120311326A1 (en) 2005-12-07 2012-08-17 Apparatus and method for providing personal information sharing service using signed callback url message

Publications (1)

Publication Number Publication Date
WO2007066994A1 true WO2007066994A1 (fr) 2007-06-14

Family

ID=38123087

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2006/005296 WO2007066994A1 (fr) 2005-12-07 2006-12-07 Dispositif et procede de fourniture de service de partage d'information personnelle utilisant un message a url de rappel signe

Country Status (1)

Country Link
WO (1) WO2007066994A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7526797B2 (en) * 2002-07-24 2009-04-28 Sun Microsystems, Inc. System and method for processing callback requests included in web-based procedure calls through a firewall
CN103297963A (zh) * 2013-05-10 2013-09-11 无锡北邮感知技术产业研究院有限公司 基于无证书的m2m隐私保护和密钥管理的方法和系统
WO2021109998A1 (fr) * 2019-12-05 2021-06-10 中兴通讯股份有限公司 Procédé et appareil de transmission de contenu multimédia, et support de stockage

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003027931A1 (fr) * 2001-09-28 2003-04-03 Eznego Co. Ltd. Procede de marketing reposant sur la fourniture de contenus
US20040078486A1 (en) * 2002-10-16 2004-04-22 International Business Machines Corporation Mechanism to provide callback capabilities for unreachable network clients

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003027931A1 (fr) * 2001-09-28 2003-04-03 Eznego Co. Ltd. Procede de marketing reposant sur la fourniture de contenus
US20040078486A1 (en) * 2002-10-16 2004-04-22 International Business Machines Corporation Mechanism to provide callback capabilities for unreachable network clients

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7526797B2 (en) * 2002-07-24 2009-04-28 Sun Microsystems, Inc. System and method for processing callback requests included in web-based procedure calls through a firewall
CN103297963A (zh) * 2013-05-10 2013-09-11 无锡北邮感知技术产业研究院有限公司 基于无证书的m2m隐私保护和密钥管理的方法和系统
WO2021109998A1 (fr) * 2019-12-05 2021-06-10 中兴通讯股份有限公司 Procédé et appareil de transmission de contenu multimédia, et support de stockage

Similar Documents

Publication Publication Date Title
US20080301444A1 (en) Apparatus and Method for Providing Personal Information Sharing Service Using Signed Callback Url Message
CN101589361B (zh) 控制数字身份表示的分发和使用的方法
US7979054B2 (en) System and method for authenticating remote server access
RU2427893C2 (ru) Способ аутентификации служебного сервера (варианты) и способ оплаты услуг (варианты) в беспроводном интернете
KR101019458B1 (ko) 확장된 일회용 암호 방법 및 장치
US8752125B2 (en) Authentication method
JPWO2007110951A1 (ja) ユーザ確認装置、方法及びプログラム
EP3579595B1 (fr) Système et procédé améliorés de vérification d'âge d'accès à internet
JP2011100489A (ja) ユーザ確認装置、方法及びプログラム
US8032753B2 (en) Server and system for transmitting certificate stored in fixed terminal to mobile terminal and method using the same
KR20100029102A (ko) 아이덴티티 어써션
US20100287180A1 (en) Apparatus and Method for Issuing Certificate with User's Consent
WO2007066994A1 (fr) Dispositif et procede de fourniture de service de partage d'information personnelle utilisant un message a url de rappel signe
US20080022004A1 (en) Method And System For Providing Resources By Using Virtual Path
JP4630187B2 (ja) 認証方法
KR100875919B1 (ko) 서명된 콜백 유알엘 메시지를 이용한 개인정보 공유 서비스제공 장치 및 방법
KR102491110B1 (ko) 메세지에 포함된 링크를 이용하여 사용자 단말기를 인증하는 시스템
JP7223196B1 (ja) 情報処理装置、情報処理方法、およびプログラム
KR20070076575A (ko) 고객 인증처리 방법
KR20070076576A (ko) 결제승인처리방법
KR20070077481A (ko) 고객 인증 중계처리 서버
KR20090006815A (ko) 고객 인증처리 방법
KR20060112167A (ko) 고객 인증중계 방법 및 시스템과 이를 위한 서버와기록매체
KR20070077482A (ko) 고객 인증정보 중계 서버
KR20070077480A (ko) 고객 인증처리 서버

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 12096415

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06824003

Country of ref document: EP

Kind code of ref document: A1