WO2021132914A2 - 시설물 사용자 인증 시스템 및 그 제어방법 - Google Patents
시설물 사용자 인증 시스템 및 그 제어방법 Download PDFInfo
- Publication number
- WO2021132914A2 WO2021132914A2 PCT/KR2020/017255 KR2020017255W WO2021132914A2 WO 2021132914 A2 WO2021132914 A2 WO 2021132914A2 KR 2020017255 W KR2020017255 W KR 2020017255W WO 2021132914 A2 WO2021132914 A2 WO 2021132914A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- authentication
- information
- user
- facility
- user terminal
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
- G07C2009/00412—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
- G07C2009/00507—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks keyless data carrier having more than one function
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- the present invention relates to a facility user authentication system and a control method thereof, and more particularly, using a security key such as OTP (One Time Password)/PKI (Public Key Infrastructure) through short-distance communication between a residential facility and a user terminal. It relates to a facility user authentication system and a control method therefor so that the right to use the facility can be granted.
- a security key such as OTP (One Time Password)/PKI (Public Key Infrastructure)
- Multi-unit houses such as apartments, villas, and officetels are equipped with various facilities such as facilities, public entrance doors, fire doors, parking breakers, elevators, bicycle storage units installed in the complex, and garbage meter.
- These facilities are public facilities that can be used in common by members of the household, and can be freely used by members of the household.
- the technical problem to be solved by the present invention in order to solve the above problems is that it is possible to easily build a system for managing the right to use public facilities used in an apartment house, and users can easily use it with a high security level It is to provide a facility user authentication system and a control method thereof that can ensure
- the facility user authentication method of the present invention in the user authentication method of a facility provided in an apartment house and used in common by household members, security authentication to the user terminal through short-distance communication in the facility transmitting information; transmitting the security authentication information from the user terminal through a network to request an authentication key; transmitting an authentication key corresponding to the security authentication information to the user terminal in response to the authentication key request from the user terminal in the authentication server; receiving the authentication key from the user terminal through the network and transmitting the authentication key to the facility through the short-distance communication to request authentication; and receiving the authentication key from the facility, comparing the received authentication key with a pre-stored authentication key for authentication, and performing a preset function upon successful authentication.
- the step of requesting an authentication key by transmitting the security authentication information through the network from the user terminal may include transmitting user information for identifying the user.
- the user information may include at least one of the household member information and visitor information.
- the step of transmitting the authentication key corresponding to the security authentication information to the user terminal in response to the authentication key request of the user terminal may include, if the user information includes the household member information, the household member information is pre-stored. and determining whether the household member information is valid, generating the authentication key and transmitting the authentication key to the user terminal.
- the step of transmitting, from the authentication server, the authentication key corresponding to the security authentication information to the user terminal in response to the authentication key request from the user terminal may include storing the visitor information if the user information includes the visitor information. It may include generating the authentication key and transmitting it to the user terminal.
- the step of transmitting the authentication key corresponding to the security authentication information to the user terminal in response to the authentication key request from the user terminal may include, if the user information includes the household member information and the visitor information, the authentication server transmitting a visitor confirmation request to the terminal of the household member on the basis of the household member information; and generating and transmitting the authentication key to the user terminal when the visitor confirmation request is received from the terminal of the household member.
- the step of receiving the authentication key from the facility, comparing the received authentication key with a pre-stored authentication key and performing authentication, and performing a preset function upon successful authentication includes: Bluetooth between the facility and the user terminal when the authentication key is valid performing pairing; performing the function of the facility; and releasing the right to use the facility when Bluetooth communication with the user terminal is cut off.
- the security authentication information may include unique information assigned to the facility.
- the authentication key may include at least one of a One Time Password (OTP) and a Public Key Infrastructure (PKI).
- OTP One Time Password
- PKI Public Key Infrastructure
- the facility may include at least one of an entrance door of a common entrance, a fire door, a circuit breaker of a parking lot, an elevator, a bicycle storage rack installed in the complex, and a garbage meter, which are provided in the apartment house.
- the facility user authentication system of the present invention transmits security authentication information through short-distance communication, and compares the received authentication key with a pre-stored authentication key through the short-distance communication to authenticate
- a facility including a wireless authentication device that grants permission to use if successful; an authentication server storing the security authentication information and providing an authentication key corresponding to the security authentication information; and a user terminal that transmits the security authentication information received from the wireless authentication device to the authentication server through a network to receive the authentication key, and transmits the authentication key to the wireless authentication device through the short-distance communication to request authentication includes ;
- the authentication server stores at least one or more household member information having the right to use the facility, receives user information from the user terminal, and when the user information matches the household member information, an authentication key corresponding to the security authentication information can provide
- the authentication server may provide an authentication key corresponding to the security authentication information after storing the user information as visitor information when the user information received from the user terminal does not match the household member information.
- the authentication server when the user information received from the user terminal is visitor information, transmits a visitor confirmation request to the terminal of the corresponding household member based on the household member information included in the visitor information, and the visitor from the household member's terminal
- the authentication key may be generated and transmitted to the user terminal.
- an authentication key such as OTP (One Time Password)/PKI (Public Key Infrastructure) through short-distance communication between a facility used in an apartment house and a user terminal, the right to use the facility is authenticated, It is possible to easily build a facility management system with a high security level and provide convenience in use.
- OTP One Time Password
- PKI Public Key Infrastructure
- FIG. 1 is a network configuration diagram of a facility user authentication system according to the present invention.
- Figure 2 is a control block diagram of the wireless authentication device of Figure 1;
- FIG. 3 is a control block diagram of the user terminal of FIG. 1;
- FIG. 4 is a flowchart of a facility user authentication method according to an embodiment of the present invention.
- FIG. 5 is a system configuration diagram for explaining a facility user authentication process according to a first embodiment of the present invention
- FIG. 6 is a system configuration diagram for explaining a facility user authentication process according to a second embodiment of the present invention.
- FIG. 7 is a system configuration diagram for explaining a facility user authentication process according to a third embodiment of the present invention.
- FIG. 8 is a system configuration diagram for explaining a facility user authentication process according to a fourth embodiment of the present invention.
- FIG. 9 is a system configuration diagram for explaining a facility user authentication process according to a fifth embodiment of the present invention.
- any element, component, device, or system includes a component consisting of a program or software, even if not explicitly stated, that element, component, device, or system means that the program or software executes or operates It should be understood to include hardware (eg, memory, CPU, etc.) or other programs or software (eg, drivers necessary to run an operating system or hardware) necessary for the operation.
- hardware eg, memory, CPU, etc.
- other programs or software eg, drivers necessary to run an operating system or hardware
- the element may be implemented in software, hardware, or any form of software and hardware.
- FIG. 1 is a network configuration diagram of a facility user authentication system according to the present invention.
- the facility user authentication system includes a facility 400 including a wireless authentication device 100 for household member authentication, an authentication server 300 and a user terminal 200 . do.
- the facility 400 is provided in apartment houses, such as apartments, villas, and officetels, and various facilities such as facilities used by household members in common, the entrance door of the common entrance, a fire door, a circuit breaker in the parking lot, an elevator, a bicycle storage rack installed in the complex, and a garbage meter may include
- the facility 400 may perform an authentication function using short-range wireless communication using the wireless authentication device 100 .
- the facility 400 may permit or block use according to an authentication result through the wireless authentication device 100 .
- the door locking and unlocking function of the public entrance door, the fire door, the parking blocker, and the elevator can be controlled, the locking and unlocking function of the bicycle storage unit can be controlled, and the garbage meter approves the weight of the garbage Or it can be disapproved.
- the wireless authentication device 100 transmits security authentication information to the user terminal 200 through short-distance communication, and then, when an authentication key is received from the user terminal 200 through short-distance communication, a pre-stored authentication key and the received authentication By checking the key, the use of the facility 400 is permitted or blocked.
- the security authentication information may include serial information given to the facility or unique information given for security.
- short-distance wireless communication various communication methods for wirelessly transmitting and receiving data between terminals in relatively close distance such as NFC (Near field communication), Wi-Fi, Zigbee communication and ISA100, WirelessHART, Bluetooth, and Wave are applied. can In the following description, a case of using the Bluetooth method among the short-range wireless communication methods will be described as an example.
- the authentication server 300 generates and provides an authentication key used when the wireless authentication device 100 of the facility 400 and the user terminal 200 authenticate each other.
- the authentication server 300 stores the security authentication information of the facility 400 to generate an authentication key corresponding to the security authentication information requested to generate the authentication key.
- various authentication key methods such as One Time Password (OTP)/Public Key Infrastructure (PKI) may be applied.
- OTP One Time Password
- PKI Public Key Infrastructure
- the authentication server 300 may store at least one or more household member information having the right to use the facility 400 .
- the authentication server 300 may receive user information requesting generation of an authentication key together with the security authentication information of the facility 400 , and may provide an authentication key when the user information matches pre-stored household member information. If the user information does not match the household member information, the authentication server 300 transmits a message to the user terminal 200 indicating that the authentication key cannot be provided, or stores the received user information as visitor information and then receives the authentication key.
- the authentication server 300 transmits a visitor confirmation request to the terminal of the corresponding household member based on the household member information included in the visitor information, and confirms the visitor in the household member's terminal
- an authentication key may be generated and transmitted to the user terminal 200 requesting the authentication key.
- the user terminal 200 may include a portable communication terminal device such as a smart phone or tablet capable of both short-range communication and mobile communication network communication.
- a dedicated application may be installed in the user terminal 200 .
- the user terminal 200 transmits the security authentication information received from the wireless authentication device 100 of the facility 400 to the authentication server 300 through a mobile communication network to request an authentication key.
- the user terminal 200 may transmit user information together.
- the user information may be information for user identification, such as a phone number, user ID, and the like.
- it is also possible to obtain the authentication key by transmitting the user's own information and the information of the household member who wants to meet, and receiving approval from the household member to visit.
- the user terminal 200 transmits the authentication key received from the authentication server 300 to the wireless authentication device 100 of the facility 400 in a short-distance communication method to request authentication. If authentication is successful, the facility 400 can be used.
- Bluetooth pairing may be established between the wireless authentication device 100 of the facility 400 and the user terminal 200 .
- the Bluetooth pairing between the wireless authentication device 100 of the facility 400 and the user terminal 200 is released.
- the facility 400 is converted to a state before being used, and the right to use the user terminal 200 may be released.
- the wireless authentication device 100 of the facility 400 normally maintains a sleep state for power saving, and an external event, for example, a wake-up signal of the user terminal 200 is received or a user input is received. Then, it may wake up to a standby state to perform authentication functions.
- the facility user authentication system receives the security authentication information from the wireless authentication device 100 of the facility 400 in the user terminal 200 in a short-range communication method and receives the security authentication Information may be transmitted to the authentication server 300 through a mobile communication network to request an authentication key.
- the user terminal 200 may be authorized to use the facility 400 by transmitting the authentication key received from the authentication server 300 to the wireless authentication device 100 of the facility 400 in a short-distance communication method.
- FIG. 2 is a control block diagram of the wireless authentication device 100 of the facility 400 of FIG. 1 .
- the wireless authentication device 100 may include a power supply unit 110 , a facility driving unit 112 , a memory unit 114 , a communication unit 118 , a user interface 120 , and an authentication control unit 116 . have.
- the power supply unit 110 supplies power for the operation of the wireless authentication device 100 .
- the wireless authentication device 100 may receive power through a battery to configure wirelessly.
- the facility driving unit 112 may transmit a control signal so that the facility 400 performs a preset function by granting or releasing the right to use the facility 400 according to the control of the authentication control unit 116 .
- the facility 400 is a door of a public entrance, a fire door, a circuit breaker of a parking lot, and an elevator, it can be ordered to lock or unlock the door, and in the case of a bicycle storage rack, the locking and unlocking function of the lock can be controlled.
- a control signal can be transmitted to approve or disapprove the weight of the garbage.
- the memory unit 114 stores all information necessary for the operation of the wireless authentication apparatus 100 .
- the memory unit 114 may store serial information given to the wireless authentication apparatus 100 and an authentication key.
- the communication unit 118 supports the wireless authentication device 100 to perform short-range wireless communication with the user terminal 200 , and may be Bluetooth.
- the user interface 120 may include an output device for visually or audibly displaying the operating state of the wireless authentication device 100 and an input device for user input.
- the output device may include an LED, a display device, a speaker, etc. provided for each color.
- the input device may include a keypad or a touch pad, and may include a touch panel capable of both input and output.
- the authentication control unit 116 controls the overall operation of the wireless authentication apparatus 100 . That is, the controller 270 controls signal input/output between the power supply unit 110 , the facility driving unit 112 , the memory unit 114 , the communication unit 118 , and the user interface 120 .
- the authentication control unit 116 normally maintains a sleep state using only the minimum power for receiving an external input, and when a wakeup signal is received from the user terminal 200 or an input through the user interface 120 is detected It can be switched to an active state.
- the above configurations of the wireless authentication device 100 are merely exemplified to explain the authentication function for the use of facilities of the present invention, and are not limited to the above-described configuration.
- Each function performed by the components of the wireless authentication device 100 may be implemented to be performed by the components included in the system of the facility 400 , or may be implemented in a form that is additionally installed separately from the facility 400 .
- FIG. 3 is a control block diagram of the user terminal 200 of FIG. 1 .
- the user terminal 200 includes an app driving unit 210 , a short-range communication unit 212 , a user interface unit 216 , a network interface unit 218 , a storage unit 220 , and a terminal control unit 214 .
- the app driving unit 210 drives a dedicated app, and all operations for the user terminal 200 to perform a corresponding operation in the present facility user authentication system may be processed through the dedicated app.
- the short-range communication unit 212 supports short-range wireless communication, and enables the user terminal 200 and the wireless authentication device 100 to perform short-range wireless communication.
- the short-range communication unit 212 may perform communication only when the user terminal 200 and the wireless authentication device 100 exist within a short-range communication range.
- various communication methods for wirelessly transmitting and receiving data between terminals in relatively close distance such as NFC (Near field communication), Wi-Fi, Zigbee communication and ISA100, WirelessHART, Bluetooth, and Wave are applied. can
- the user interface unit 216 may provide various menus supported by the dedicated app provided by the app driving unit 310 , including a touch screen for input/output of the user.
- the network interface unit 218 supports a wired/wireless network, and allows the user terminal 200 to exchange information with the authentication server 300 .
- the storage unit 220 stores all information necessary for the operation of the user terminal 200 .
- a dedicated app executed by the app driving unit 210 may be stored.
- the terminal controller 214 controls the overall operation of the user terminal 200 . That is, the terminal control unit 214 controls signal input/output between the app driving unit 210 , the short-range communication unit 320 , the user interface unit 216 , the network interface unit 218 , and the storage unit 220 .
- FIG. 4 is a flowchart of a facility user authentication method according to an embodiment of the present invention.
- the wireless authentication device 100 of the facility 400 transmits security authentication information to the user terminal 200 through short-range communication (S110).
- the security authentication information may include serial information given to the facility 400 or unique information given for security.
- the user terminal 200 transmits the security authentication information received from the wireless authentication device 100 of the facility 400 to the authentication server 300 through the mobile communication network to request an authentication key (S120).
- the user terminal 200 may transmit user information requesting the authentication key together.
- the user information may be information for user identification, such as a phone number, user ID, and the like.
- the user requesting the authentication key is not a member of the household, it is also possible to obtain the authentication key by transmitting the user's own information and the information of the household member who wants to meet, and receiving approval from the household member to visit.
- the authentication server 300 generates an authentication key corresponding to the security authentication information and transmits the authentication key to the user terminal 200 (S130).
- the authentication server 300 may store the security authentication information of the facility 400 to generate an authentication key corresponding to the security authentication information requested to generate the authentication key.
- the authentication server 300 may receive user information requesting generation of an authentication key together with the security authentication information of the facility 400 , and may provide an authentication key when the user information matches pre-stored household member information. If the user information does not match the household member information, the authentication server 300 transmits a message to the user terminal 200 indicating that the authentication key cannot be provided, or stores the received user information as visitor information and then receives the authentication key.
- the authentication server 300 transmits a visitor confirmation request to the terminal of the corresponding household member based on the household member information included in the visitor information, and confirms the visitor in the household member's terminal
- an authentication key may be generated and transmitted to the user terminal 200 requesting the authentication key.
- the user terminal 200 transmits the authentication key received from the authentication server 300 to the wireless authentication device 100 of the facility 400 in a short-distance communication method to request authentication (S140).
- the wireless authentication device 100 of the facility 400 compares the authentication key received from the user terminal 200 with a pre-stored authentication key to authenticate, and if authentication is successful, grants the right to use the facility 400 (S150). ).
- FIG. 5 is a system configuration diagram for explaining a facility user authentication process according to the first embodiment of the present invention.
- the facility 400 is a fire door 420 is exemplified.
- the wireless authentication device 100 installed in the door lock of the fire door 420 transmits security authentication information to the user terminal 200 through short-range communication (S210).
- the user terminal 200 transmits the security authentication information and user information received from the wireless authentication device 100 of the fire door 420 to the authentication server 300 through the mobile communication network to request an authentication key (S220).
- the user information may be information for user identification, such as a phone number, user ID, and the like.
- the user requesting the authentication key is not a household member, the user's own information and the household member's information to be met may be transmitted together.
- the authentication server 300 generates an authentication key corresponding to the security authentication information and transmits the authentication key to the user terminal 200 (S230).
- the authentication server 300 may receive the user information requesting generation of the authentication key together with the security authentication information of the fire door 420 , and may provide the authentication key when the user information matches the pre-stored household member information. When the user information does not match the household member information, the authentication server 300 may transmit a message indicating that the authentication key cannot be provided to the user terminal 200 .
- the authentication server 300 transmits a visitor confirmation request to the terminal of the corresponding household member based on the household member information included in the visitor information, and confirms the visitor in the household member's terminal
- an authentication key may be generated and transmitted to the user terminal 200 requesting the authentication key.
- the user terminal 200 transmits the authentication key received from the authentication server 300 to the wireless authentication device 100 of the fire door 420 in a short-distance communication method to request authentication (S240).
- the wireless authentication device 100 of the fire door 420 compares the authentication key received from the user terminal 200 with a pre-stored authentication key for authentication, and opens the door when authentication is successful.
- FIG. 6 is a system configuration diagram for explaining a facility user authentication process according to a second embodiment of the present invention.
- the facility 400 is the entrance door 430 of the common entrance is exemplified.
- the wireless authentication device 100 installed at the entrance door 430 of the common entrance transmits security authentication information to the user terminal 200 through short-range communication (S310).
- the user terminal 200 transmits the security authentication information and user information received from the wireless authentication device 100 to the authentication server 300 through the mobile communication network to request an authentication key (S320).
- the authentication server 300 generates an authentication key corresponding to the security authentication information and transmits the authentication key to the user terminal 200 (S330).
- the authentication server 300 may provide an authentication key when user information matches pre-stored household member information. When the user information does not match the household member information, the authentication server 300 may provide the authentication key after storing the received user information as visitor information.
- the authentication server 300 transmits a visitor confirmation request to the terminal of the corresponding household member based on the household member information included in the visitor information, and confirms the visitor in the household member's terminal
- an authentication key may be generated and transmitted to the user terminal 200 requesting the authentication key.
- the user terminal 200 transmits the authentication key received from the authentication server 300 to the wireless authentication device 100 of the door 430 of the common entrance in a short-distance communication method to request authentication (S340).
- the wireless authentication device 100 of the entrance door 430 of the common entrance compares the authentication key received from the user terminal 200 with a pre-stored authentication key to authenticate, and if authentication is successful, the door is opened.
- FIG. 7 is a system configuration diagram for explaining a facility user authentication process according to a third embodiment of the present invention.
- the third embodiment exemplifies the case where the facility 400 is an elevator 440 .
- the wireless authentication device 100 installed in the elevator 440 transmits security authentication information to the user terminal 200 through short-range communication (S410).
- the user terminal 200 transmits the security authentication information and user information received from the wireless authentication device 100 to the authentication server 300 through the mobile communication network to request an authentication key (S420).
- the authentication server 300 generates an authentication key corresponding to the security authentication information and transmits the authentication key to the user terminal 200 (S430).
- the authentication server 300 may provide an authentication key when user information matches pre-stored household member information. When the user information does not match the household member information, the authentication server 300 may provide the authentication key after storing the received user information as visitor information.
- the authentication server 300 transmits a visitor confirmation request to the terminal of the corresponding household member based on the household member information included in the visitor information, and confirms the visitor in the household member's terminal
- an authentication key may be generated and transmitted to the user terminal 200 requesting the authentication key.
- the user terminal 200 transmits the authentication key received from the authentication server 300 to the wireless authentication device 100 of the elevator 440 in a short-distance communication method to request authentication (S440).
- the wireless authentication device 100 of the elevator 440 compares the authentication key received from the user terminal 200 with a pre-stored authentication key to authenticate, and if authentication is successful, an input button selected by the user, for example, a floor selection button or Controls the operation of the elevator 440 according to the elevator call button.
- FIG. 8 is a system configuration diagram for explaining a facility user authentication process according to a fourth embodiment of the present invention.
- the facility 400 is a garbage meter 450 and the authentication server 300 is a garbage management server 320 that manages the weight of garbage by household.
- the wireless authentication device 100 installed in the garbage meter 450 transmits security authentication information and garbage weight information to the user terminal 200 through short-distance communication (S510).
- the user terminal 200 transmits the security authentication information, garbage weight information, and user information received from the wireless authentication device 100 to the garbage management server 320 through the mobile communication network to request authentication (S420).
- the garbage management server 320 stores the garbage weight information of the corresponding household when the user information matches the previously stored household member information (S530). When the user information does not match the household member information, the garbage management server 320 may transmit a message indicating that household member authentication has failed to the user terminal 200 without storing the garbage weight information.
- the garbage management server 320 notifies the user terminal 200 that the storage of the garbage weight information is completed (S540).
- FIG. 9 is a system configuration diagram for explaining a facility user authentication process according to a fifth embodiment of the present invention.
- the facility 400 is a breaker 460 for controlling access to the parking lot, and the authentication server 300 and the parking management server 350 operate in conjunction with each other.
- the breaker 460 in which the wireless authentication device 100 is installed transmits security authentication information to the visitor terminal 250 through short-distance communication (S605).
- the visitor terminal 250 transmits the security authentication information and user information received from the blocker 460 to the authentication server 300 through the mobile communication network to request an authentication key (S320).
- the user information may include information of the visitor himself and information of a household member of a household to be visited.
- the authentication server 300 may transmit a visitor confirmation request to the terminal 200 of the corresponding household member based on the household member information included in the visitor information ( 620 ), and receive the visitor confirmation request from the household member's terminal 200 ( S630).
- the authentication server 300 When the authentication server 300 receives the visitor confirmation request from the terminal 200 of the household member, it notifies the parking management server 350 that the visitor has been approved, so that the parking management server 350 can request to count the parking time of the vehicle. There is (S640).
- the breaker 460 may transmit a control signal to open the breaker 460 (S650), and the breaker 460 may be opened (S660). Thereafter, the parking management server 350 may count the parking time by obtaining the vehicle number of the visitor who has passed the breaker 460 .
- the facility user authentication system receives security authentication information from the facility in a short-distance communication method from the user terminal and transmits the received security authentication information to the authentication server through the mobile communication network to request an authentication key.
- receives security authentication information from the facility in a short-distance communication method from the user terminal and transmits the received security authentication information to the authentication server through the mobile communication network to request an authentication key.
- an authentication key through short-distance communication between the facility and the household member terminal to authenticate the use right, it is possible to easily build a security management system for public facilities used in an apartment house.
- even if household members do not set a separate password or have a physical key they can use the dedicated app installed in the terminal to be authenticated for the use of the facility, thus improving convenience in use.
- the visitor by allowing the household member to approve the authentication of the visitor, the visitor can use the facility even when the household member is absent, thereby providing convenience in use and increasing the security level.
- wireless authentication device 110 power unit
- facility driving unit 114 memory unit
- app driving unit 212 short-distance communication unit
- terminal control unit 216 user interface unit
- network interface unit 220 storage unit
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Lock And Its Accessories (AREA)
- Telephonic Communication Services (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (15)
- 공동주택에 마련되어 세대원들이 공용으로 사용하는 시설물의 사용자 인증 방법에 있어서,상기 시설물에서 근거리 통신을 통해 사용자 단말에 보안인증 정보를 전송하는 단계;상기 사용자 단말에서 네트워크를 통해 상기 보안인증 정보를 전송하여 인증키를 요청하는 단계;상기 인증서버에서 상기 사용자 단말의 인증키 요청에 응답하여 상기 보안인증 정보에 대응되는 인증키를 상기 사용자 단말로 전송하는 단계;상기 사용자 단말에서 상기 네트워크를 통해 상기 인증키를 수신하고 상기 근거리 통신을 통해 상기 시설물에 상기 인증키를 전송하여 인증을 요청하는 단계; 및상기 시설물에서 상기 인증키를 수신하여 수신된 인증키를 기저장된 인증키와 비교하여 인증하고, 인증 성공 시 미리 설정된 기능을 수행하는 단계;를 포함하는 시설물 사용자 인증 방법.
- 제1항에 있어서,상기 사용자 단말에서 네트워크를 통해 상기 보안인증 정보를 전송하여 인증키를 요청하는 단계는,상기 사용자를 식별하기 위한 사용자 정보를 전송하는 단계를 포함하는 시설물 사용자 인증 방법.
- 제2항에 있어서,상기 사용자 정보는,상기 세대원 정보와 방문객 정보 중 적어도 어느 하나를 포함하는 시설물 사용자 인증 방법.
- 제3항에 있어서,상기 인증서버에서 상기 사용자 단말의 인증키 요청에 응답하여 상기 보안인증 정보에 대응되는 인증키를 상기 사용자 단말로 전송하는 단계는,상기 사용자 정보가 상기 세대원 정보를 포함하면 상기 세대원 정보가 기저장된 정보와 일치하는지 판단하고, 상기 세대원 정보가 유효한 경우 상기 인증키를 생성하여 상기 사용자 단말로 전송하는 단계를 포함하는 시설물 사용자 인증 방법.
- 제3항에 있어서,상기 인증서버에서 상기 사용자 단말의 인증키 요청에 응답하여 상기 보안인증 정보에 대응되는 인증키를 상기 사용자 단말로 전송하는 단계는,상기 사용자 정보가 상기 방문객 정보를 포함하면 상기 방문객 정보를 저장한 후 상기 인증키를 생성하여 상기 사용자 단말로 전송하는 단계를 포함하는 시설물 사용자 인증 방법.
- 제3항에 있어서,상기 인증서버에서 상기 사용자 단말의 인증키 요청에 응답하여 상기 보안인증 정보에 대응되는 인증키를 상기 사용자 단말로 전송하는 단계는,상기 사용자 정보가 상기 세대원 정보와 상기 방문객 정보를 포함하면 상기 인증서버에서 상기 세대원 정보에 기초하여 상기 세대원의 단말에 방문자 확인 요청을 전송하는 단계;상기 세대원의 단말에서 상기 방문자 확인 요청이 수신된 경우 상기 인증키를 생성하여 상기 사용자 단말로 전송하는 단계를 포함하는 시설물 사용자 인증 방법.
- 제1항에 있어서,상기 시설물에서 상기 인증키를 수신하여 수신된 인증키를 기저장된 인증키와 비교하여 인증하고, 인증 성공 시 미리 설정된 기능을 수행하는 단계는,상기 인증키가 유효한 경우 상기 시설물과 상기 사용자 단말 간 블루투스 페어링을 수행하는 단계;상기 시설물의 기능을 수행하는 단계; 및상기 사용자 단말과 블루투스 통신이 단절되면 상기 시설물에 대한 사용 권한을 해제하는 단계;를 포함하는 시설물 사용자 인증 방법.
- 제1항에 있어서,상기 사용자 단말이 상기 시설물에 웨이크업 신호를 송신하는 단계; 및상기 웨이크업 신호에 응답하여 상기 시설물이 활성화 상태로 전환되는 단계;를 더 포함하는 시설물 사용자 인증 방법.
- 제1항에 있어서,상기 보안인증 정보는,상기 시설물에 부여된 고유 정보를 포함하는 시설물 사용자 인증 방법.
- 제1항에 있어서,상기 인증키는,OTP(One Time Password), PKI(Public Key Infrastructure) 중 적어도 어느 하나를 포함하는 시설물 사용자 인증 방법.
- 제1항에 있어서,상기 시설물은,상기 공동주택에 마련되는, 공용 현관의 출입문, 방화문, 주차장의 차단기, 엘리베이터, 단지 내에 설치된 자전거 보관대, 쓰레기 종량기 중 적어도 어느 하나를 포함하는 시설물 사용자 인증 방법.
- 근거리 통신을 통해 보안인증 정보를 전송하고, 상기 근거리 통신을 통해 상기 수신된 인증키를 기저장된 인증키와 비교하여 인증에 성공한 경우 사용 권한을 부여하는 무선 인증장치를 포함하는 시설물;상기 보안인증 정보가 저장되고 상기 보안인증 정보에 대응되는 인증키를 제공하는 인증서버; 및상기 무선 인증장치로부터 수신된 상기 보안인증 정보를 네트워크를 통해 상기 인증서버로 전송하여 상기 인증키를 수신하고 상기 인증키를 상기 근거리 통신을 통해 상기 무선 인증장치에 전송하여 인증을 요청하는 사용자 단말;을 포함하는 시설물 사용자 인증 시스템.
- 제12항에 있어서,상기 인증서버는,상기 시설물의 사용 권한을 갖는 적어도 하나 이상의 세대원 정보를 저장하고,상기 사용자 단말로부터 사용자 정보를 수신하여 상기 사용자 정보가 상기 세대원 정보가 일치하는 경우 상기 보안인증 정보에 대응되는 인증키를 제공하는 시설물 사용자 인증 시스템.
- 제13항에 있어서,상기 인증서버는,상기 사용자 단말로부터 수신된 상기 사용자 정보가 상기 세대원 정보와 일치하지 않는 경우 상기 사용자 정보를 방문객 정보로 저장한 후 상기 보안인증 정보에 대응되는 인증키를 제공하는 시설물 사용자 인증 시스템.
- 제13항에 있어서,상기 인증서버는,상기 사용자 단말로부터 수신된 상기 사용자 정보가 방문객 정보인 경우, 상기 방문객 정보에 포함된 세대원 정보에 기초하여 해당 세대원의 단말에 방문자 확인 요청을 전송하고, 상기 세대원의 단말에서 상기 방문자 확인 요청이 수신된 경우 상기 인증키를 생성하여 상기 사용자 단말로 전송하는 시설물 사용자 인증 시스템.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020190174706A KR102344137B1 (ko) | 2019-12-26 | 2019-12-26 | 시설물 사용자 인증 시스템 및 그 제어방법 |
KR10-2019-0174706 | 2019-12-26 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2021132914A2 true WO2021132914A2 (ko) | 2021-07-01 |
WO2021132914A3 WO2021132914A3 (ko) | 2021-08-19 |
Family
ID=76574392
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2020/017255 WO2021132914A2 (ko) | 2019-12-26 | 2020-11-30 | 시설물 사용자 인증 시스템 및 그 제어방법 |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR102344137B1 (ko) |
WO (1) | WO2021132914A2 (ko) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102381665B1 (ko) * | 2021-08-27 | 2022-04-04 | 주식회사 한줌 | 스마트 스쿨 보안 시스템 및 방법 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100794764B1 (ko) * | 2006-07-19 | 2008-02-04 | 양재우 | 패시브 엔트리 시스템과 그의 웨이크 업 및 트리거 방법 |
KR101174700B1 (ko) * | 2010-12-13 | 2012-08-17 | (주)데이타비전 | 출입관리 방법 |
KR101470747B1 (ko) * | 2013-07-23 | 2014-12-08 | 주식회사 에스원 | 휴대용 단말기를 이용한 도어락 시스템 구현 방법 및 장치 |
KR20160141646A (ko) * | 2015-06-01 | 2016-12-09 | 박영석 | 태그를 이용한 메시지 제공 방법, 서버 및 시스템 |
KR101689121B1 (ko) * | 2015-12-14 | 2017-01-02 | 김준영 | 출입권한 관리시스템 및 그 출입 인증방법 |
KR102027326B1 (ko) * | 2018-11-13 | 2019-11-14 | 주식회사 한줌 | 스마트 단말장치 보안 시스템 및 방법 |
-
2019
- 2019-12-26 KR KR1020190174706A patent/KR102344137B1/ko active IP Right Grant
-
2020
- 2020-11-30 WO PCT/KR2020/017255 patent/WO2021132914A2/ko active Application Filing
Also Published As
Publication number | Publication date |
---|---|
KR20210082608A (ko) | 2021-07-06 |
KR102344137B1 (ko) | 2021-12-29 |
WO2021132914A3 (ko) | 2021-08-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017222169A1 (ko) | 스마트 카드를 이용한 결제 승인 방법, 이를 수행하는 카드사 서버 및 스마트 카드 | |
WO2019098413A1 (ko) | 디지털 도어락 시스템 및 그 제어 방법 | |
WO2017023019A1 (en) | Method and apparatus for controlling visitor call in home network system | |
WO2015119417A1 (ko) | 자물쇠 시스템의 무선 제어 및 제어 권한 전송이 가능한 전자키 장치, 시스템 및 그 방법 | |
CN105894627A (zh) | 一种蓝牙门禁设备、蓝牙门禁管理系统及方法 | |
WO2016148483A1 (ko) | 홈에너지 관리 시스템에서 비콘을 이용한 홈에너지 관리 장치 및 방법 | |
WO2021132914A2 (ko) | 시설물 사용자 인증 시스템 및 그 제어방법 | |
WO2016093676A9 (ko) | 무선통신을 이용한 홈네트워크 시스템 및 이를 이용한 알람방법과 제어방법 | |
WO2017164494A1 (ko) | 출입관리기에 접속한 사용자 단말기의 사용자 인증방법, 그 방법을 위한 어플리케이션 및 그 어플리케이션이 저장된 어플리케이션 분배 서버 | |
WO2022203328A1 (ko) | 스마트 시건 장치, 그 장치를 포함한 시건 관리 시스템 및 그 시스템을 이용한 시건 관리 방법 | |
WO2012026793A2 (ko) | 바이오 정보를 이용한 부인방지 본인확인 검증 시스템 및 방법 | |
WO2012077792A1 (ja) | 集合住宅システム | |
WO2022039387A1 (ko) | 사용자 고유 식별키 등록 및 인증을 통한 공유서비스 관리 시스템 | |
JPH09154167A (ja) | コードレス電話システム | |
WO2022145966A1 (ko) | 공개키 기반 구조를 이용한 출입 통제 시스템 | |
KR100894421B1 (ko) | 지문 인증 단말기와 이를 포함하는 출입 통제 시스템 및사용자 인증 방법 | |
WO2021125618A1 (ko) | 우편/택배 서비스 방법 및 시스템 | |
WO2022050726A1 (ko) | 출입문 개폐 제어 장치 및 시스템 | |
WO2022050727A1 (ko) | 출입문 개폐 제어 장치 및 시스템 | |
JP5106264B2 (ja) | エレベータセキュリティ制御システム及びエレベータセキュリティ制御方法 | |
JP4125983B2 (ja) | 認証システム及び集合住宅管理システム | |
WO2021086161A1 (ko) | 전자 키 관리 시스템 및 서버 | |
WO2020197160A1 (ko) | 전자 디바이스의 인증을 이용하여 서비스에 엑세스 하기 위한 장치 및 방법 | |
JP2001003615A (ja) | 移動携帯端末を利用した開錠可能なインターホン装置 | |
WO2012102471A2 (ko) | 디바이스 관리 시스템에서 디바이스 관리 장치 및 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20906015 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20906015 Country of ref document: EP Kind code of ref document: A2 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 17/08/2022) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20906015 Country of ref document: EP Kind code of ref document: A2 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 14/12/2022) |