WO2008140245A2 - Security method through internet using stand alone type application program and system there of - Google Patents

Security method through internet using stand alone type application program and system there of Download PDF

Info

Publication number
WO2008140245A2
WO2008140245A2 PCT/KR2008/002669 KR2008002669W WO2008140245A2 WO 2008140245 A2 WO2008140245 A2 WO 2008140245A2 KR 2008002669 W KR2008002669 W KR 2008002669W WO 2008140245 A2 WO2008140245 A2 WO 2008140245A2
Authority
WO
WIPO (PCT)
Prior art keywords
web page
authentication
information
personal terminal
security
Prior art date
Application number
PCT/KR2008/002669
Other languages
French (fr)
Other versions
WO2008140245A3 (en
Inventor
Han Su Han
Mi Ae Hwang
Original Assignee
Han Su Han
Mi Ae Hwang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Han Su Han, Mi Ae Hwang filed Critical Han Su Han
Publication of WO2008140245A2 publication Critical patent/WO2008140245A2/en
Publication of WO2008140245A3 publication Critical patent/WO2008140245A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Definitions

  • the present invention relates to a security method through an internet using a standalone type application program and a system thereof, and in particular to a security method through an internet using a standalone type application program and a system thereof in which a safe security and authentication are obtained when connecting to a web page by avoiding the inconveniences that an automatic installation program is continuously installed by using a standalone security program, not using an automatic installation program such as an active -X, a Java applet, a plug-in, etc.
  • an active-X controller used as an automatic installation program is a s o- called controller for connecting a common application program with a web.
  • Various common application programs and web sites are connected with one another by using a developing tool such as a visual C++, a visual basic, a Java, etc. So, an interactive web service can be possible by using various developing tools along with an active-X controller.
  • the active-X control data is inserted into a web page data in a form of an object tag syntax form and allows a security alarm message through a web page and asks a user to install an active-X control data contained in a web page or not, so a program can be installed with a consent from a user.
  • the automatic installation program such as an active-X controller, a Java applet, a plug-in, etc. is provided to each web site.
  • the web site which needs a security and an authentication like a financial service, should install a program whenever it is connected for a security and authentication for thereby causing many inconveniences.
  • an automatic installation program pops up a security alarm window before its installation, so a computer user may feel confusing and uneasy for using the program. There may be conflicts between the automatic installation programs provided in every website due to their compatibilities.
  • a web page security service method using a standalone application which comprises a step (a) in which a personal terminal having a security application installed and executed for providing a security service is connected with a web page; a step (b) in which the security application analyzes the connected web page in real time, and provides a secured information input window based on the analyzed web page, and receives an authentication information and transmits the authentication information to the web server; a step (c) in which the web server, which received the authentication information, transmits a result of the authentication to the executed security application; and a step (d) in which the personal terminal receives an authentication check window from the security application, which received a result of the authentication, and uses a web page service.
  • a web page security service system using a standalone application which comprises a personal terminal which is provided with a security application, which is installed and executed, and analyzes a corresponding web page in real time when connected to a web page, and inputs an authentication information when the secured information input window is provided, and uses a web page service when an authentication check window is provided as a result of the authentication; and a web server which receives an authentication information inputted as the security application is installed and executed in the personal terminal, and performs an authentication, and transmits a result of the authentication to the executed security application.
  • a web page security service method using a standalone application which comprises a step (a) in which when a personal terminal is connected with a web page, a web server analyzes a corresponding web page in real time, and provides a secured information input window to the connected personal terminal when a security application is set therein; a step (b) in which the personal terminal inputs an authentication information through the secured information input window and transmits the authentication information to the web server; a step (c) in which the web server, which received the authentication information, transmits an authentication result to the personal terminal through the security application; and a step (d) in which the personal terminal uses a web page service as a result of the authentication when the authentication check window is provided.
  • a web page security service system using a standalone application which comprises a personal terminal which, when a secured information input window is provided based on a web page when connecting to the web page, inputs an authentication information, and receives an authentication check window depending a result of the authentication, and uses a web page service; and a web server which analyzes a web page connected with the personal terminal in real time, and executes a security application depending on the analyzed web page, and provides a secured information input window, and receives an authentication information, and transmits a result of the authentication.
  • a reliable security service is provided through an independently installed and executed security application, so that it is possible to easily and safely use the web page services, and it is not needed to repeatedly install the program, and an inter-collision of the programs can be prevented.
  • Figure 1 is a view illustrating a construction of a web page security service system using a standalone application according to an embodiment of the present invention.
  • Figure 2 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
  • Figure 3 is a view illustrating a security control module of a personal terminal belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
  • Figure 4 is a flow chart of a web page security service method using a standalone application according to an embodiment of the present invention.
  • Figure 5 is a view illustrating a construction of a web page security service system using a standalone application according to another embodiment of the present invention.
  • Figure 6 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to another embodiment of the present invention.
  • Figure 7 is a flow chart of a web page security service method using a standalone application according to another embodiment of the present invention.
  • a web page security service method using a standalone application which comprises a step (a) in which a personal terminal having a security application installed and executed for providing a security service is connected with a web page; a step (b) in which the security application analyzes the connected web page in real time, and provides a secured information input window based on the analyzed web page, and receives an authentication information and transmits the inputted authentication information to the web server; a step (c) in which the web server, which received the inputted authentication information, transmits a result of the authentication to the executed security application; and a step (d) in which the personal terminal receives an authentication check window from the security application, which received a result of the authentication, and uses a web page service.
  • a web page security service system using a standalone application which comprises a personal terminal which is provided with a security application, which is installed and executed, and analyzes a corresponding web page in real time when connected to a web page, and inputs an authentication information when the secured information input window is provided, and uses a web page service when an authentication check window is provided as a result of the authentication; and a web server which receives an authentication information inputted as the security application is installed and executed in the personal terminal, and performs an authentication, and transmits a result of the authentication to the executed security application.
  • Figure 1 is a view illustrating a construction of a web page security service system using a standalone application according to an embodiment of the present invention.
  • the web page security system of the present invention comprises a personal terminal
  • At least one personal terminal 100 is provided, which is a terminal connected to the web server 300 and the financial server 400 through the internet 200 and may be formed of a desktop computer, a notebook computer, a ultra mobile personal computer (UMPC), and a personal portable adaptor(PDA).
  • the terminal is not limited thereto.
  • the personal terminal 100 is connected to various web pages provided from the web server 300 through the internet 200.
  • a security application is preferably installed for a security and authentication for receiving a content service, a financial service, etc. provided on the web page.
  • the security application is an application program which provided a web page security service from the web server 300 and is installed independently in the each personal terminal by means of a user while being different from an automatic installation program such as an active-X, a Java applet, a plug-in for thereby providing an independent security and authentication service.
  • the security application When the security application is installed and executed, it analyzes in real time a source of a connected web page or a URL of a web page by using a real time web page analysis (check) function, and a security application is executed in accordance with a set state of a security application set in a corresponding web page depending on an information analysis, so that a member login and a web page service can be served.
  • a real time web page analysis (check) function a security application is executed in accordance with a set state of a security application set in a corresponding web page depending on an information analysis, so that a member login and a web page service can be served.
  • a security application execution path and an input parameter should be previously coded in a web language formed in a corresponding web page source in order for a security application to be set in a specific web page.
  • the personal terminal 100 preferably comprises a security control module 110.
  • the security control module 110 is a program construction module, which is created as a security application provided from the web server 300 is installed, and analyses in real time a corresponding web page source or a URL in cooperation with the web server 300, and receives an authentication information by executing a security application depending on the analyzed web page, and transmits the authentication information to the web server 300, and performs a security and authentication from the web server 300.
  • the authentication information represents an information which needs an authentication from the web server for using various web pages and basically comprises a member information, a login information, a certification information, and a credit card information.
  • the web server 300 stores a security application installed in the personal terminal
  • the personal terminal 100 and provides the same, and receives a real time analysis information and an authentication information of the web page connected with the personal terminal 100 and performs an authentication with the help of the security application installed therein, and a result of the authentication is transmitted to the personal terminal 100 when the authentication is completed.
  • the authentication is performed as a security rule database 372 is formed in the interior of the web server 300, and a previously stored security rule is extracted, and the connection to a corresponding web page is authenticated.
  • the web server 300 is provided with an authentication information from the security application executed in the personal terminal 100, and a matching state is judged by using the previously stored information in web server 300 for thereby performing an authentication.
  • the financial server 400 represents a server of a financial company which cooperates with at least one web server 300 and provides a financial service on the internet 200 and sets the security application by the financial service web pages.
  • the set security application is preferably automatically performed.
  • the security application is preferably previously installed in the personal terminal 100 connected.
  • the member information or public certificate is received through the security application automatically executed, and is transmitted to the web server 300, and a login is performed by using the inputted member information or the public certificate as a result of the authentication from the web server 300, so that a certain financial service is provided.
  • the financial service represents all the services that a bank, a credit card company, a stock company, etc. provide financial services on the internet, so the user can use the financial services conveniently.
  • the credit card information can be received.
  • the credit card information is basically formed of a credit card number, a credit card password, a credit card valid period, a credit card inherent identification number, etc.
  • Figure 2 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
  • the web server 300 comprises an application provision module
  • a member authentication module 320 a web page authentication module 330, a certificate authentication module 340, a member information database 370, a login information database 371, a security rule database 372, and a certificate information database 373.
  • the application provision module 310 stores the security application, and provides a security application to the personal terminal 100 depending on its request.
  • the member authentication module 320 receives a member information inputted from the personal terminal 100 having the executed security application, and extracts a member information previously stored in the member information database 370 for thereby performing a member authentication by checking the matching state.
  • the web page authentication module 330 performs a corresponding web page authentication by adapting the security rule previously stored in the security rule database 372 when an authentication is requested by using a corresponding web page real time analysis information when connecting to a specific web page from the personal terminal 100.
  • the certificate authentication module 340 receives a public certificate password inputted from the personal terminal 100 having the executed security application, and extracts a corresponding public certificate information from the certificate information database 373 for thereby performing a certificate authentication by judging the matching state.
  • the member information database 370 comprehensively stores and manages the member information in accordance with the web page connected from the personal terminal 100.
  • the member information is preferably formed of a member ID, a member password, a member name, a member resident identification number, a member address, a member contact information, a member e-mail address, a member inherent identification number, etc.
  • the login information database 371 receives a login information including an information which is used during a login or logoff on the web page connected from the personal terminal 100 and comprehensively stores and manages the same.
  • the login information is formed of a member ID, a member password, a login time, a logoff time, a login authentication information, etc.
  • the security rule database 372 previously stores and manages the security rule for authenticating the web page requested from the personal terminal 100.
  • the certificate information database 373 receives a corresponding public certificate and provides a previously stored certificate information when the public certificate is used when connecting to the web page from the personal terminal 100.
  • the certificate information is basically formed of a public certificate storing path, a public certificate inherent identification number, a public certificate issuance organ, a public certificate password, etc.
  • Figure 3 is a view illustrating a security control module of a personal terminal belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
  • the security control module 110 comprises a source analysis module 111, a URL analysis module 112, a member information authentication module 114, and a certificate authentication module 113.
  • the source analysis module 111 analyzes a source of a corresponding web page when connecting to a specific web page from the personal computer 100 and creates an analysis information and transmits the analysis information to the web server 300.
  • the web page source may be formed of web languages such as HTML, XML,
  • AJAX JAVA-script or AJAX(Asynchronous Java-script and XML, hereinafter referred to AJAX).
  • the URL analysis module 112 analyzes a URL of the web page connected from the personal terminal 100 and analyzes a corresponding URL and transmits a created analysis information to the web server 300.
  • the member information authentication module 114 transmits a member information, which is inputted as a member subscribes or logins in a corresponding web page, to the web server 300, and performs a corresponding web page member subscription or login operation by using the member information when a corresponding member information is authenticated in the web server 300.
  • the certificate module 113 receives a public certificate password when logging in by using a certificate in a corresponding web page during a connection to the web page, and transmits a corresponding public certificate password to the web server 300, and performs a corresponding public certificate login when the authentication is made from the web server 300.
  • Figure 4 is a flow chart of a web page security service method using a standalone application according to an embodiment of the present invention.
  • the personal terminal 100 which does not have any security application, downloads the security application by connecting to the web server 300 and installs the same in a step S400.
  • the security application is executed from the personal terminal 100 having the security application, and a member subscription and a member login are performed through the login in steps S402 and S404.
  • a member exclusive service may be provided to the members who registers on the web site(service provider) which provides a security application.
  • the logged- in member can connect to the web page, which provides a financial service for using the financial service on the internet 200 in steps S406 and S408.
  • a public certificate can be used when logging in the financial service.
  • a public certificate password is received from the personal terminal 100 having the security application executed, and is transmitted to the web server 300, and an au- thentication(judging whether it is matched with the previously registered public certification information or not) of the transmitted certificate password is proceeded, and a login procedure is performed by using the public certificate password authenticated for thereby receiving a financial service in steps S412 and S414.
  • the member information is received when the personal terminal 100 having the executed security application subscribes a financial web page member or logs in, and the member information is transmitted to the web server 300, and an au- thentication(judging whether it is matched with a previously registered member information) of the transmitted member information is proceeded, and the member subscription procedure and login procedure are performed by using the member information authenticated in steps S416, S418 and S420.
  • Figure 5 is a view illustrating a construction of a web page security service system using a standalone application according to another embodiment of the present invention.
  • the web page security service system of the present invention comprises a personal terminal 100, an internet 200, a web server 300, and a financial server 400.
  • the personal terminal 100 does not have a security application.
  • the personal terminal 100 is formed of at least one terminal which is connectable to the web server 300 or the financial server 400 through the internet 200.
  • a secured information input window is provided to the personal terminal 100 depending on the web page set when connection to the web page provided through the internet 200.
  • the personal terminal 100 receives a result of authentication from the web server 300 which received the authentication information, and performs a web page login so that a web page service can be used.
  • the personal terminal 100 receives a result of authentication from the web server
  • the secured information input window is provided depending on a set state of the security application in a corresponding web page.
  • a security application is executed in case of a web page having a set security application by analyzing a source of a corresponding web page or a URL so as to judge a set state of the security application.
  • the secured information input window provided to the personal terminal 100 is preferably executed in real time in cooperation with the security application installed in the interior of the web server 300.
  • the internet 200 is implemented by a conventional internet system, so the detailed description of the same will be omitted.
  • the web server 300 performs an authentication by receiving an authentication information from the personal terminal 100, and transmits a result of the authentication to the personal terminal 100.
  • a secured information input window is provided to the personal terminal 100 in real time by using the security application installed in the interior of the web server.
  • the authentication information(member information, public certificate password, etc.) is received by using the secured information input window, which is provided in real time, and an authentication(matching state is judged) of a corresponding information is performed, and a member subscription or a login is performed in a corresponding web page by using a corresponding authentication information(member information and public certificate password).
  • At least one financial server 400 is connected to the internet 200, and a web page concerning the financial service is formed and provided on the internet 200.
  • the security application is provided from the web server 300, which is executed so as to serve a secured and authenticated financial service to the personal terminal 100 connected to the financial service web page.
  • a web page is formed of a security application, and the security application is automatically executed in cooperation with the web server 300 when the personal terminal 100 is connected with a corresponding web page.
  • a member information or a public certificate password is received for a member subscription and a member login by providing a secured information input window from the executed security application, and is transmitted to the web server 300.
  • the member subscription and login are performed by using a corresponding member information or a public certificate password, so that a certain financial service can be provided.
  • Figure 6 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to another embodiment of the present invention.
  • the web server 300 comprises a member authentication module
  • a web page authentication module 330 a certificate authentication module 340, a source analysis module 350, a URL analysis module 360, a member information database 370, a login information database 371, a security rule database 372, and a certificate information database 373.
  • the member authentication module 320 judges a matching state between a corresponding member information and the member information previously registered in the member information database 370 when a member information is inputted from the personal terminal 100 having the executed security application for thereby performing an authentication.
  • the web page authentication module 330 authenticates a corresponding web page by using a web page URL or a web page source real time analysis information.
  • a security rule is extracted from the security rule database 372 for authentication, and an authentication process is performed.
  • the certificate authentication module 340 extracts a corresponding previously registered public certificate password from the certificate database and performs an authentication by judging the matching state when a public certificate password is inputted from the personal terminal 100 having the executed security application.
  • the source analysis module 350 executes a security application depending on the analysis information created by means of a web page source real time analysis connected from the personal terminal 100.
  • the URL analysis module 360 creates an analysis information based on a wed page URL real time analysis connected from the personal terminal, and the security application is executed depending on the analysis information.
  • the member information database 370 stores and manages the member information provided by the web pages or the web sites.
  • the login information database 371 stores and manages the login information of the member provided by the web pages or the web sites.
  • the security rule database 372 stores and manages the security rule so as to provide a security rule for a web page authentication to the web page authentication module 330.
  • the certificate information database 373 stores and manages the certificate information needed for authentication for the certificate authentication module 340.
  • Figure 7 is a flow chart of a web page security service method using a standalone application according to another embodiment of the present invention.
  • the personal terminal 100 is connected with a web page which provides a financial service on the internet 200 in a step S700, and a corresponding web page authentication is requested from the personal terminal 100 to the web server 300.
  • the web server 300 which received the authentication request, analyzes a corresponding web page in real time, and authenticates a corresponding web page by using an analysis information in a step S704.
  • the inputted public certificate password is received by the web server 300, and a corresponding public certificate password is extracted from the certificate information database 373, and the matching state is judged, and authentication is performed in a step S712.
  • a member subscription service or a login can be performed by receiving a member information without using the public certificate in a step S714.
  • a reliable security service is provided through an independently installed and executed security application, so that it is possible to easily and safely use the web page services, and it is not needed to repeatedly install the program, and an inter-collision of the programs can be prevented.

Abstract

A web page security service method using a standalone application is disclosed, which comprises a step (a) in which a personal terminal having a security application installed and executed for providing a security service is connected with a web page; a step (b) in which the security application analyzes the connected web page in real time, and provides a secured information input window based on the analyzed web page, and receives an authentication information and transmits to the web server; a step (c) in which the web server, which received the inputted authentication information, transmits a result of the authentication to the executed security application; and a step (d) in which the personal terminal receives an authentication check window from the security application, which received a result of the authentication, and uses a web page service.

Description

Description
SECURITY METHOD THROUGH INTERNET USING STAND ALONE TYPE APPLICATION PROGRAM AND SYSTEM
THERE OF
Technical Field
[1] The present invention relates to a security method through an internet using a standalone type application program and a system thereof, and in particular to a security method through an internet using a standalone type application program and a system thereof in which a safe security and authentication are obtained when connecting to a web page by avoiding the inconveniences that an automatic installation program is continuously installed by using a standalone security program, not using an automatic installation program such as an active -X, a Java applet, a plug-in, etc.
[2]
Background Art
[3] Generally, an active-X controller used as an automatic installation program is a s o- called controller for connecting a common application program with a web. Various common application programs and web sites are connected with one another by using a developing tool such as a visual C++, a visual basic, a Java, etc. So, an interactive web service can be possible by using various developing tools along with an active-X controller.
[4] The active-X control data is inserted into a web page data in a form of an object tag syntax form and allows a security alarm message through a web page and asks a user to install an active-X control data contained in a web page or not, so a program can be installed with a consent from a user.
[5] However, the automatic installation program such as an active-X controller, a Java applet, a plug-in, etc. is provided to each web site. The web site, which needs a security and an authentication like a financial service, should install a program whenever it is connected for a security and authentication for thereby causing many inconveniences.
[6] In addition, an automatic installation program pops up a security alarm window before its installation, so a computer user may feel confusing and uneasy for using the program. There may be conflicts between the automatic installation programs provided in every website due to their compatibilities.
[7] In case of an active-X controller, it cannot be installed in a specific program such as a fire fox of Mozilla as well as in a Netscape of a Netscape company except in an explorer of Microsoft company. [8]
Disclosure of Invention
Technical Problem
[9] Accordingly, it is an object of the present invention to provide a security method through an internet using a standalone type application program and a system thereof which overcome the problems encountered in the conventional art.
[10] It is another object of the present invention to provide a security method through an internet using a standalone type application program and a system thereof in which it is possible to safely and easily use a web page which needs a security and authentication like a financial service, etc. without using an automatic installation program like an active controller.
[H]
Technical Solution
[12] To achieve the above objects, in a web page security service method through the internet, there is provided a web page security service method using a standalone application which comprises a step (a) in which a personal terminal having a security application installed and executed for providing a security service is connected with a web page; a step (b) in which the security application analyzes the connected web page in real time, and provides a secured information input window based on the analyzed web page, and receives an authentication information and transmits the authentication information to the web server; a step (c) in which the web server, which received the authentication information, transmits a result of the authentication to the executed security application; and a step (d) in which the personal terminal receives an authentication check window from the security application, which received a result of the authentication, and uses a web page service.
[13] In a web page security provision system through the internet, there is provided a web page security service system using a standalone application which comprises a personal terminal which is provided with a security application, which is installed and executed, and analyzes a corresponding web page in real time when connected to a web page, and inputs an authentication information when the secured information input window is provided, and uses a web page service when an authentication check window is provided as a result of the authentication; and a web server which receives an authentication information inputted as the security application is installed and executed in the personal terminal, and performs an authentication, and transmits a result of the authentication to the executed security application.
[14]
[15] To achieve the above objects, in a web page security service method through the internet, there is provided a web page security service method using a standalone application which comprises a step (a) in which when a personal terminal is connected with a web page, a web server analyzes a corresponding web page in real time, and provides a secured information input window to the connected personal terminal when a security application is set therein; a step (b) in which the personal terminal inputs an authentication information through the secured information input window and transmits the authentication information to the web server; a step (c) in which the web server, which received the authentication information, transmits an authentication result to the personal terminal through the security application; and a step (d) in which the personal terminal uses a web page service as a result of the authentication when the authentication check window is provided.
[16] In a system for providing a web page security service through the internet, there is provided a web page security service system using a standalone application which comprises a personal terminal which, when a secured information input window is provided based on a web page when connecting to the web page, inputs an authentication information, and receives an authentication check window depending a result of the authentication, and uses a web page service; and a web server which analyzes a web page connected with the personal terminal in real time, and executes a security application depending on the analyzed web page, and provides a secured information input window, and receives an authentication information, and transmits a result of the authentication.
[17]
Advantageous Effects
[18] In the present invention, in the web page security service system using a standalone application and the method thereof according to the present invention, a reliable security service is provided through an independently installed and executed security application, so that it is possible to easily and safely use the web page services, and it is not needed to repeatedly install the program, and an inter-collision of the programs can be prevented.
[19]
Brief Description of the Drawings
[20] Figure 1 is a view illustrating a construction of a web page security service system using a standalone application according to an embodiment of the present invention.
[21] Figure 2 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
[22] Figure 3 is a view illustrating a security control module of a personal terminal belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
[23] Figure 4 is a flow chart of a web page security service method using a standalone application according to an embodiment of the present invention.
[24] Figure 5 is a view illustrating a construction of a web page security service system using a standalone application according to another embodiment of the present invention.
[25] Figure 6 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to another embodiment of the present invention.
[26] Figure 7 is a flow chart of a web page security service method using a standalone application according to another embodiment of the present invention.
[27]
Best Mode for Carrying Out the Invention
[28] In a web page security service method through the internet, there is provided a web page security service method using a standalone application which comprises a step (a) in which a personal terminal having a security application installed and executed for providing a security service is connected with a web page; a step (b) in which the security application analyzes the connected web page in real time, and provides a secured information input window based on the analyzed web page, and receives an authentication information and transmits the inputted authentication information to the web server; a step (c) in which the web server, which received the inputted authentication information, transmits a result of the authentication to the executed security application; and a step (d) in which the personal terminal receives an authentication check window from the security application, which received a result of the authentication, and uses a web page service.
[29] In a web page security provision system through the internet, there is provided a web page security service system using a standalone application which comprises a personal terminal which is provided with a security application, which is installed and executed, and analyzes a corresponding web page in real time when connected to a web page, and inputs an authentication information when the secured information input window is provided, and uses a web page service when an authentication check window is provided as a result of the authentication; and a web server which receives an authentication information inputted as the security application is installed and executed in the personal terminal, and performs an authentication, and transmits a result of the authentication to the executed security application.
[30] Mode for the Invention
[31] The preferred embodiments of the present invention will be described with reference to the accompanying drawings.
[32] Figure 1 is a view illustrating a construction of a web page security service system using a standalone application according to an embodiment of the present invention.
[33] The web page security system of the present invention comprises a personal terminal
100, an internet 200, a web server 300, and a financial server 400.
[34] At least one personal terminal 100 is provided, which is a terminal connected to the web server 300 and the financial server 400 through the internet 200 and may be formed of a desktop computer, a notebook computer, a ultra mobile personal computer (UMPC), and a personal portable adaptor(PDA). The terminal is not limited thereto.
[35] The personal terminal 100 is connected to various web pages provided from the web server 300 through the internet 200. A security application is preferably installed for a security and authentication for receiving a content service, a financial service, etc. provided on the web page.
[36] At this time, the security application is an application program which provided a web page security service from the web server 300 and is installed independently in the each personal terminal by means of a user while being different from an automatic installation program such as an active-X, a Java applet, a plug-in for thereby providing an independent security and authentication service.
[37] When the security application is installed and executed, it analyzes in real time a source of a connected web page or a URL of a web page by using a real time web page analysis (check) function, and a security application is executed in accordance with a set state of a security application set in a corresponding web page depending on an information analysis, so that a member login and a web page service can be served.
[38] A security application execution path and an input parameter should be previously coded in a web language formed in a corresponding web page source in order for a security application to be set in a specific web page.
[39] As shown in Figure 1, the personal terminal 100 preferably comprises a security control module 110.
[40] The security control module 110 is a program construction module, which is created as a security application provided from the web server 300 is installed, and analyses in real time a corresponding web page source or a URL in cooperation with the web server 300, and receives an authentication information by executing a security application depending on the analyzed web page, and transmits the authentication information to the web server 300, and performs a security and authentication from the web server 300.
[41] The authentication information represents an information which needs an authentication from the web server for using various web pages and basically comprises a member information, a login information, a certification information, and a credit card information.
[42] Since the internet 200 uses a conventional internet system 200, it does not match with the objects of the present invention. So, the detailed descriptions of the same will be described.
[43] The web server 300 stores a security application installed in the personal terminal
100 and provides the same, and receives a real time analysis information and an authentication information of the web page connected with the personal terminal 100 and performs an authentication with the help of the security application installed therein, and a result of the authentication is transmitted to the personal terminal 100 when the authentication is completed.
[44] Here, the authentication is performed as a security rule database 372 is formed in the interior of the web server 300, and a previously stored security rule is extracted, and the connection to a corresponding web page is authenticated.
[45] The web server 300 is provided with an authentication information from the security application executed in the personal terminal 100, and a matching state is judged by using the previously stored information in web server 300 for thereby performing an authentication.
[46] The financial server 400 represents a server of a financial company which cooperates with at least one web server 300 and provides a financial service on the internet 200 and sets the security application by the financial service web pages. When the personal terminal 100 is connected to a corresponding financial service web page, the set security application is preferably automatically performed.
[47] At this time, the security application is preferably previously installed in the personal terminal 100 connected.
[48] The member information or public certificate is received through the security application automatically executed, and is transmitted to the web server 300, and a login is performed by using the inputted member information or the public certificate as a result of the authentication from the web server 300, so that a certain financial service is provided.
[49] Here, the financial service represents all the services that a bank, a credit card company, a stock company, etc. provide financial services on the internet, so the user can use the financial services conveniently.
[50] For example, in order to use the financial services from the credit card company, the credit card information can be received. The credit card information is basically formed of a credit card number, a credit card password, a credit card valid period, a credit card inherent identification number, etc.
[51]
[52] Figure 2 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
[53] As shown therein, the web server 300 comprises an application provision module
310, a member authentication module 320, a web page authentication module 330, a certificate authentication module 340, a member information database 370, a login information database 371, a security rule database 372, and a certificate information database 373.
[54] The application provision module 310 stores the security application, and provides a security application to the personal terminal 100 depending on its request.
[55] The member authentication module 320 receives a member information inputted from the personal terminal 100 having the executed security application, and extracts a member information previously stored in the member information database 370 for thereby performing a member authentication by checking the matching state.
[56] The web page authentication module 330 performs a corresponding web page authentication by adapting the security rule previously stored in the security rule database 372 when an authentication is requested by using a corresponding web page real time analysis information when connecting to a specific web page from the personal terminal 100.
[57] The certificate authentication module 340 receives a public certificate password inputted from the personal terminal 100 having the executed security application, and extracts a corresponding public certificate information from the certificate information database 373 for thereby performing a certificate authentication by judging the matching state.
[58] The member information database 370 comprehensively stores and manages the member information in accordance with the web page connected from the personal terminal 100.
[59] Namely, the information of the members subscribed by the web pages(or web sites) is received and classified and preferably stored.
[60] The member information is preferably formed of a member ID, a member password, a member name, a member resident identification number, a member address, a member contact information, a member e-mail address, a member inherent identification number, etc.
[61] The login information database 371 receives a login information including an information which is used during a login or logoff on the web page connected from the personal terminal 100 and comprehensively stores and manages the same.
[62] Namely, the login information is formed of a member ID, a member password, a login time, a logoff time, a login authentication information, etc.
[63] The security rule database 372 previously stores and manages the security rule for authenticating the web page requested from the personal terminal 100.
[64] The certificate information database 373 receives a corresponding public certificate and provides a previously stored certificate information when the public certificate is used when connecting to the web page from the personal terminal 100.
[65] The certificate information is basically formed of a public certificate storing path, a public certificate inherent identification number, a public certificate issuance organ, a public certificate password, etc.
[66]
[67] Figure 3 is a view illustrating a security control module of a personal terminal belonging to a web page security service system using a standalone application according to an embodiment of the present invention.
[68] As shown in Figure 3, the security control module 110 comprises a source analysis module 111, a URL analysis module 112, a member information authentication module 114, and a certificate authentication module 113.
[69] Here, the source analysis module 111 analyzes a source of a corresponding web page when connecting to a specific web page from the personal computer 100 and creates an analysis information and transmits the analysis information to the web server 300.
[70] The web page source may be formed of web languages such as HTML, XML,
JAVA-script or AJAX(Asynchronous Java-script and XML, hereinafter referred to AJAX).
[71] The URL analysis module 112 analyzes a URL of the web page connected from the personal terminal 100 and analyzes a corresponding URL and transmits a created analysis information to the web server 300.
[72] The member information authentication module 114 transmits a member information, which is inputted as a member subscribes or logins in a corresponding web page, to the web server 300, and performs a corresponding web page member subscription or login operation by using the member information when a corresponding member information is authenticated in the web server 300.
[73] The certificate module 113 receives a public certificate password when logging in by using a certificate in a corresponding web page during a connection to the web page, and transmits a corresponding public certificate password to the web server 300, and performs a corresponding public certificate login when the authentication is made from the web server 300.
[74] [75] Figure 4 is a flow chart of a web page security service method using a standalone application according to an embodiment of the present invention.
[76] As shown in Figure 4, the personal terminal 100, which does not have any security application, downloads the security application by connecting to the web server 300 and installs the same in a step S400.
[77] The security application is executed from the personal terminal 100 having the security application, and a member subscription and a member login are performed through the login in steps S402 and S404.
[78] In the member subscription procedure, a member exclusive service may be provided to the members who registers on the web site(service provider) which provides a security application.
[79] The logged- in member can connect to the web page, which provides a financial service for using the financial service on the internet 200 in steps S406 and S408.
[80] When connecting to the web page, a corresponding web page or a URL is analyzed so as to judge whether the security application is set or not in a corresponding web page.
[81] As a result of the analysis of the information, when a security application is set, a corresponding web page connection is made, and the security application can be automatically performed in a step S410.
[82] At this time, it should be appreciated that some figurations such as an automatic execution window, a program execution window or something can be programmed depending on the setting of the security application.
[83] A public certificate can be used when logging in the financial service. A public certificate password is received from the personal terminal 100 having the security application executed, and is transmitted to the web server 300, and an au- thentication(judging whether it is matched with the previously registered public certification information or not) of the transmitted certificate password is proceeded, and a login procedure is performed by using the public certificate password authenticated for thereby receiving a financial service in steps S412 and S414.
[84] The member information is received when the personal terminal 100 having the executed security application subscribes a financial web page member or logs in, and the member information is transmitted to the web server 300, and an au- thentication(judging whether it is matched with a previously registered member information) of the transmitted member information is proceeded, and the member subscription procedure and login procedure are performed by using the member information authenticated in steps S416, S418 and S420.
[85]
[86] Figure 5 is a view illustrating a construction of a web page security service system using a standalone application according to another embodiment of the present invention.
[87] As shown in Figure 5, the web page security service system of the present invention comprises a personal terminal 100, an internet 200, a web server 300, and a financial server 400.
[88] Here, it is preferred that the personal terminal 100 does not have a security application.
[89] The personal terminal 100 is formed of at least one terminal which is connectable to the web server 300 or the financial server 400 through the internet 200. A secured information input window is provided to the personal terminal 100 depending on the web page set when connection to the web page provided through the internet 200.
[90] When an authentication information is inputted through the secured information input window, it is preferred that the inputted authentication information is transmitted to the web server and is authenticated.
[91] The personal terminal 100 receives a result of authentication from the web server 300 which received the authentication information, and performs a web page login so that a web page service can be used.
[92] The personal terminal 100 receives a result of authentication from the web server
300, which received the authentication result, and performs a web page login by using an authentication information, so that a web page service can be used.
[93] At this time, when a specific web page is connected, it is preferred that the secured information input window is provided depending on a set state of the security application in a corresponding web page.
[94] It is preferred that a security application is executed in case of a web page having a set security application by analyzing a source of a corresponding web page or a URL so as to judge a set state of the security application.
[95] The secured information input window provided to the personal terminal 100 is preferably executed in real time in cooperation with the security application installed in the interior of the web server 300.
[96] The internet 200 is implemented by a conventional internet system, so the detailed description of the same will be omitted.
[97] The web server 300 performs an authentication by receiving an authentication information from the personal terminal 100, and transmits a result of the authentication to the personal terminal 100.
[98] Here, when a security application is set in the web page connected from the personal terminal 100, it is preferred that a secured information input window is provided to the personal terminal 100 in real time by using the security application installed in the interior of the web server. [99] The authentication information(member information, public certificate password, etc.) is received by using the secured information input window, which is provided in real time, and an authentication(matching state is judged) of a corresponding information is performed, and a member subscription or a login is performed in a corresponding web page by using a corresponding authentication information(member information and public certificate password).
[100] At least one financial server 400 is connected to the internet 200, and a web page concerning the financial service is formed and provided on the internet 200.
[101] The security application is provided from the web server 300, which is executed so as to serve a secured and authenticated financial service to the personal terminal 100 connected to the financial service web page.
[102] Namely, a web page is formed of a security application, and the security application is automatically executed in cooperation with the web server 300 when the personal terminal 100 is connected with a corresponding web page.
[103] A member information or a public certificate password is received for a member subscription and a member login by providing a secured information input window from the executed security application, and is transmitted to the web server 300. When an authentication check window is received upon authentication from the web server 300, the member subscription and login are performed by using a corresponding member information or a public certificate password, so that a certain financial service can be provided.
[104]
[105] Figure 6 is a view illustrating an inner construction of a web server belonging to a web page security service system using a standalone application according to another embodiment of the present invention.
[106] As shown therein, the web server 300 comprises a member authentication module
320, a web page authentication module 330, a certificate authentication module 340, a source analysis module 350, a URL analysis module 360, a member information database 370, a login information database 371, a security rule database 372, and a certificate information database 373.
[107] The member authentication module 320 judges a matching state between a corresponding member information and the member information previously registered in the member information database 370 when a member information is inputted from the personal terminal 100 having the executed security application for thereby performing an authentication.
[108] The web page authentication module 330 authenticates a corresponding web page by using a web page URL or a web page source real time analysis information.
[109] At this time, it is preferred that a security rule is extracted from the security rule database 372 for authentication, and an authentication process is performed.
[110] The certificate authentication module 340 extracts a corresponding previously registered public certificate password from the certificate database and performs an authentication by judging the matching state when a public certificate password is inputted from the personal terminal 100 having the executed security application.
[I l l] The source analysis module 350 executes a security application depending on the analysis information created by means of a web page source real time analysis connected from the personal terminal 100.
[112] As a result of the analysis of the web page connected from the personal terminal 100, when the security application is set, the security application is executed, and the secured information input window is provided to the personal terminal 100.
[113] The URL analysis module 360 creates an analysis information based on a wed page URL real time analysis connected from the personal terminal, and the security application is executed depending on the analysis information.
[114] The member information database 370 stores and manages the member information provided by the web pages or the web sites.
[115] The login information database 371 stores and manages the login information of the member provided by the web pages or the web sites.
[116] The security rule database 372 stores and manages the security rule so as to provide a security rule for a web page authentication to the web page authentication module 330.
[117] The certificate information database 373 stores and manages the certificate information needed for authentication for the certificate authentication module 340.
[118]
[119] Figure 7 is a flow chart of a web page security service method using a standalone application according to another embodiment of the present invention.
[120] As shown therein, the personal terminal 100 is connected with a web page which provides a financial service on the internet 200 in a step S700, and a corresponding web page authentication is requested from the personal terminal 100 to the web server 300.
[121] The web server 300, which received the authentication request, analyzes a corresponding web page in real time, and authenticates a corresponding web page by using an analysis information in a step S704.
[122] It is judged whether a security application is set or not in accordance with a corresponding web page analysis in a step S706.
[123] As a result of the judgment, when the security application is set, the security application is executed when connecting to a corresponding web page in a step S708, and the secured information input window is displayed and provided to the user terminal 100. [124] It is judged whether a public certificate password is inputted or not for performing a financial service member subscription or a login through the secured information input window in a step S710.
[125] The inputted public certificate password is received by the web server 300, and a corresponding public certificate password is extracted from the certificate information database 373, and the matching state is judged, and authentication is performed in a step S712.
[126] In the step S710, a member subscription service or a login can be performed by receiving a member information without using the public certificate in a step S714.
[127] As the member information is inputted, when the web server 300 receives the member information, a corresponding member information is extracted from the member information database 370, and the matching state is judged, and a corresponding member authentication is performed in a step S716.
[128] As a result of the authentication, a login or a member subscription procedure is performed in the financial service by using a corresponding information, so that it is possible to use the financial service in a step S718.
[129] As the present invention may be embodied in several forms without departing from the spirit or essential characteristics thereof, it should also be understood that the above-described examples are not limited by any of the details of the foregoing description, unless otherwise specified, but rather should be construed broadly within its spirit and scope as defined in the appended claims, and therefore all changes and modifications that fall within the meets and bounds of the claims, or equivalences of such meets and bounds are therefore intended to be embraced by the appended claims.
[130]
Industrial Applicability
[131] As described above, in the web page security service system using a standalone application and the method thereof according to the present invention, a reliable security service is provided through an independently installed and executed security application, so that it is possible to easily and safely use the web page services, and it is not needed to repeatedly install the program, and an inter-collision of the programs can be prevented.
[132]
[133]
Sequence Listing
[134] internet, web page, information input window, application
[135] [137] [138] [139]

Claims

Claims
[1] In a web page security service method through the internet, a web page security service method using a standalone application, comprising: a step (a) in which a personal terminal having a security application installed and executed for providing a security service is connected with a web page; a step (b) in which the security application analyzes the connected web page in real time, and provides a secured information input window based on the analyzed web page, and receives an authentication information and transmits the authentication information to the web server; a step (c) in which the web server, which received the inputted authentication information, transmits a result of the authentication to the executed security application; and a step (d) in which the personal terminal receives an authentication check window from the security application, which received a result of the authentication, and uses a web page service.
[2] The method of claim 1, wherein said step (a) includes: a step (a-1) in which the personal terminal is connected to a web page in a state that the security application is not executed, the web server analyzes a corresponding web page and judges whether a security application is set or not; a step (a-2) in which when the security application is set in a corresponding web page, the security application is automatically executed in the connected personal terminal; a step (a-3) in which when an authentication information is inputted by using the automatically executed security application, the authentication information is transmitted to the web server; a step (a-4) in which the web server, which received the authentication information, transmits a result of the authentication to the security application; and a step (a-5) in which a web page service is used for the personal terminal which received a result of the authentication.
[3] In a web page security service method through the internet, a web page security service method using a standalone application, comprising: a step (a) in which when a personal terminal is connected with a web page, a web server analyzes a corresponding web page in real time, and provides a secured information input window to the connected personal terminal when a security application is set therein; a step (b) in which the personal terminal inputs an authentication information through the secured information input window and transmits the authentication information to the web server; a step (c) in which the web server, which received the authentication information, transmits an authentication result to the personal terminal through the security application; and a step (d) in which the personal terminal uses a web page service as a result of the authentication when the authentication check window is provided.
[4] The method of either claim 1 or claim 3, wherein said authentication information includes at least one selected from the group comprising a member information, a login information, a certificate information, and a credit card information.
[5] In a web page security provision system through the internet, a web page security service system using a standalone application, comprising: a personal terminal which is provided with a security application, which is installed and executed, and analyzes a corresponding web page in real time when connected to a web page, and inputs an authentication information when the secured information input window is provided, and uses a web page service when an authentication check window is provided as a result of the authentication; and a web server which receives an authentication information inputted as the security application is installed and executed in the personal terminal, and performs an authentication, and transmits a result of the authentication to the executed security application.
[6] The system of claim 5, wherein said web server comprises: an application provision module which creates an analysis information through a web page real time analysis, and provides a security application which is automatically executed in accordance with a setting of the security application in the analyzed web page; a member authentication module which, when a member information is transmitted from the personal terminal in which the security application is automatically executed, compares a corresponding member information with a previously stored member information of a corresponding web page, and authenticates a member depending a result of the matching; and a certificate authentication module which, when a password of a public certificate is inputted by using a public certificate from the personal terminal in which the security application is automatically executed, judges whether the inputted password matches with a previously stored public certificate password, and authenticates the certificate.
[7] The system of claim 5, wherein said security application comprised: a source analysis module which analyzes a corresponding web page source in real time when the personal terminal is connected with the web page and transmits an analysis information to the web server; a URL(Uniform Resource Locator) which analyzes in real time a corresponding web page URL when the personal terminal is connected with the web page, and transmits an analysis information to the web server; a member information authentication module which, transmits a member information, which is inputted when the personal terminal is connected with the web page, to the web server, and performs a corresponding web page login operation by using the member information when a corresponding member information is authenticated in the web server; and a certificate module which, receives a public certificate password when logging in by using a certificate in a corresponding web page when the personal terminal is connected with the web page, transmits a corresponding public certificate password to the web server, and performs a corresponding public certificate login when the authentication is made from the web server.
[8] The system of claim 5, further comprising: a financial server which receives an authentication from the web server when a member information, a login information, and a certificate information or a credit card information is inputted as a secured information input window is provided in the personal terminal based on a setting of the security application in a financial service web page, and provides a financial service to the personal terminal.
[9] In a system for providing a web page security service through the internet, a web page security service system using a standalone application, comprising: a personal terminal which, when a secured information input window is provided based on a web page when connecting to the web page, inputs an authentication information, and receives an authentication check window depending a result of the authentication, and uses a web page service; and a web server which analyzes a web page connected with the personal terminal in real time, and executes a security application depending on the analyzed web page, and provides a secured information input window, and receives an authentication information, and transmits a result of the authentication.
[10] The system of claim 9, wherein said web server comprises: a source analysis module which analyzes a web page source connected with the personal terminal and creates an analysis information; a URL analysis module which analyzes a web page URL connected with the personal terminal and creates an analysis information; a member authentication module which, when a member information is transmitted from the personal terminal having an executed security application, compares a corresponding member information with a previously stored member information of a corresponding web page, and authenticates a member depending on a result of the matching; and a certificate authentication module which, when a password of a public certificate is inputted by using a public certificate from the personal terminal having a security application, which is automatically executed, judges whether the inputted password is matched with a previously stored password of the public certificate, and performs a certificate authentication. [11] The system of claim 9, further comprising: a financial server which receives an authentication from the web server when a member information, a login information, and a certificate information or a credit card information is inputted as a secured information input window is provided in the personal terminal based on a setting of the security application in a financial service web page, and provides a financial service to the personal terminal.
PCT/KR2008/002669 2007-05-14 2008-05-14 Security method through internet using stand alone type application program and system there of WO2008140245A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020070046589A KR100752729B1 (en) 2007-05-14 2007-05-14 Security method through internet using stand alone type application program and system there of
KR10-2007-0046589 2007-05-14

Publications (2)

Publication Number Publication Date
WO2008140245A2 true WO2008140245A2 (en) 2008-11-20
WO2008140245A3 WO2008140245A3 (en) 2008-12-31

Family

ID=38615590

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2008/002669 WO2008140245A2 (en) 2007-05-14 2008-05-14 Security method through internet using stand alone type application program and system there of

Country Status (3)

Country Link
KR (1) KR100752729B1 (en)
TW (1) TW200845681A (en)
WO (1) WO2008140245A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011059363A1 (en) * 2009-11-16 2011-05-19 Pilkin Vitaly Evgenievich Method for identifying infected electronic files

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101473430B1 (en) * 2013-03-19 2014-12-19 주식회사 안랩 Service security function increasing method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010005883A1 (en) * 1999-12-08 2001-06-28 Michael Wray Security protocol
JP2003108523A (en) * 2001-09-27 2003-04-11 Ufj Bank Ltd Integral authenticating system, method and program
KR20030036788A (en) * 2000-09-14 2003-05-09 프로빅스, 인크. System for protecting objects distributed over a network
KR20060029047A (en) * 2004-09-30 2006-04-04 삼성전자주식회사 Apparatus and method for authenticating user for network access in communication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010005883A1 (en) * 1999-12-08 2001-06-28 Michael Wray Security protocol
KR20030036788A (en) * 2000-09-14 2003-05-09 프로빅스, 인크. System for protecting objects distributed over a network
JP2003108523A (en) * 2001-09-27 2003-04-11 Ufj Bank Ltd Integral authenticating system, method and program
KR20060029047A (en) * 2004-09-30 2006-04-04 삼성전자주식회사 Apparatus and method for authenticating user for network access in communication

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011059363A1 (en) * 2009-11-16 2011-05-19 Pilkin Vitaly Evgenievich Method for identifying infected electronic files

Also Published As

Publication number Publication date
WO2008140245A3 (en) 2008-12-31
TW200845681A (en) 2008-11-16
KR100752729B1 (en) 2007-08-28

Similar Documents

Publication Publication Date Title
JP5345585B2 (en) Authentication system, authentication method and program
US9229844B2 (en) System and method for monitoring web service
KR102157712B1 (en) Information leakage detection method and device
US20050149854A1 (en) Method and apparatus for automatic form filling
US20050109835A1 (en) User self-authentication system and method for remote credit card verification
CN110460612B (en) Security test method, device, storage medium and apparatus
CN109361660B (en) Abnormal behavior analysis method, system, server and storage medium
US20070100863A1 (en) Newsmaker verification and commenting method and system
US20080015986A1 (en) Systems, methods and computer program products for controlling online access to an account
US20140282975A1 (en) Systems and methods for automated detection of login sequence for web form-based authentication
CN102347929A (en) Verification method of user identity and apparatus thereof
CN101268468A (en) Method and apparatus to authenticate source of a scripted code
CN105162775A (en) Logging method and device of virtual machine
WO2019173140A1 (en) Integrated access control system
WO2006090974A1 (en) Method for installing activex control
KR20170101905A (en) Phishing page detection method and device
CN111259355A (en) Single sign-on method, portal system and service platform
CN1319001C (en) Resolving method of internet keyword and system thereof
CN112540924A (en) Interface automation test method, device, equipment and storage medium
KR20000058580A (en) Un idb
WO2010033633A2 (en) Method and system for enabling access to a web service provider through login based badges embedded in a third party site
CN110766409A (en) SSL certificate verification method, device, equipment and computer storage medium
WO2008140245A2 (en) Security method through internet using stand alone type application program and system there of
US20090150762A1 (en) Entering data into a webpage
CN110717315B (en) System data batch modification method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08753465

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: LOSS OF RIGHTS COMMUNICATION (EPO F1205A OF 01.03.10)

122 Ep: pct application non-entry in european phase

Ref document number: 08753465

Country of ref document: EP

Kind code of ref document: A2