WO2024112016A1 - System and method for generating passport information-based authentication key - Google Patents

System and method for generating passport information-based authentication key Download PDF

Info

Publication number
WO2024112016A1
WO2024112016A1 PCT/KR2023/018580 KR2023018580W WO2024112016A1 WO 2024112016 A1 WO2024112016 A1 WO 2024112016A1 KR 2023018580 W KR2023018580 W KR 2023018580W WO 2024112016 A1 WO2024112016 A1 WO 2024112016A1
Authority
WO
WIPO (PCT)
Prior art keywords
passport
information
key
biometric information
management server
Prior art date
Application number
PCT/KR2023/018580
Other languages
French (fr)
Korean (ko)
Inventor
장양호
Original Assignee
주식회사 로드시스템
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 로드시스템 filed Critical 주식회사 로드시스템
Publication of WO2024112016A1 publication Critical patent/WO2024112016A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to a system and method for generating an authentication key based on passport information, and more specifically, to a system and method for generating a unique permanent authentication key (PI key) based on passport information by combining passport information and biometric information.
  • PI key unique permanent authentication key
  • Korean citizens use the resident registration number system to authenticate themselves for online membership registration.
  • Connect Information is provided to replace personal information including resident registration number through an identity verification agency permitted by law to collect resident registration number.
  • a CI key matched 1:1 with the resident registration number is issued, and then the CI key information is provided instead of the resident registration number, which is sensitive information, to identify the individual.
  • the present invention was created in response to the above-mentioned need, and generates a unique authentication key (PI key) based on passport information that combines passport information and biometric information, so that the unique identity of the person can be confirmed (authenticated) even if the passport number is changed.
  • the purpose is to provide an information-based permanent authentication key (PI key) generation system and method.
  • the passport information-based authentication key generation system recognizes the passport information and the biometric information of the passport holder, transmits this to the passport/biometric information management server, and creates an authentication key based on the passport information.
  • a PI key passport terminal that requests the creation of a (PI key) and receives the generated PI key; Check whether the passport information and biometric information sent from the PI key passport terminal are registered in its own DB. If not, send the passport information and biometric information to the PI key issuance and management server to request PI key creation, and generate the PI key.
  • Passport/biometric information management server that receives the PI key and delivers it to the PI key passport terminal; and a PI key issuance and management server that generates a PI key based on the passport information and biometric information transmitted from the passport/biometric information management server and transmits it to the passport/biometric information management server.
  • the passport information includes passport country, date of birth, gender, and name (surname), and the biometric information includes facial recognition information.
  • biometric information further includes palm (intestinal) vein information.
  • the passport information-based authentication key generation system is characterized by being implemented with blockchain-based DID technology.
  • a method of generating an authentication key based on passport information includes the steps of: (A) recognizing passport information and biometric information of the passport holder in a PI key passport terminal and transmitting the information to the passport/biometric information management server; (B) Checking whether the passport/biometric information management server passport information and biometric information are registered in its own DB; (C) If the passport information and biometric information are not registered in the self-DB, transmitting the passport information and biometric information to the PI key issuance and management server; and (D) generating a PI key based on passport information and biometric information in the PI key issuing and management server.
  • OCR optical character recognition
  • step (B) if the passport information and biometric information (facial recognition information) are registered in the self-DB, the long vein information is requested from the PI key passport terminal, and (E) the information provided by the PI key passport terminal is requested. It is characterized by performing a step of checking whether the intestinal vein information is registered in its own DB and, if not, registering the intestinal vein information in its own DB, and then performing step (C) above.
  • step (E) if the intestinal vein information is registered in the self-DB, the pre-registered PI key information is transmitted to the PI key passport terminal.
  • a unique permanent PI key is generated based on passport information that combines passport information and biometric information, so that the unique identity can be confirmed (authenticated) even if the passport number is changed.
  • FIG. 1 is a block diagram of a passport information-based authentication key (PI key) generation system according to an embodiment of the present invention.
  • FIG. 2 is a flowchart showing a method of generating and issuing a passport information-based authentication key (PI key) according to an embodiment of the present invention.
  • PI key passport information-based authentication key
  • FIG. 3 is a flowchart showing a method for generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
  • Figure 4 is a conceptual diagram of generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
  • FIG. 1 is a block diagram of a passport information-based permanent authentication key generation system according to an embodiment of the present invention.
  • the passport information-based permanent authentication key generation system includes a PI key passport terminal 100, a passport/biometric information management server 200, and a PI key issuance and management server ( 300), are connected and communicate with each other through a wired and wireless network 400, and are implemented as a blockchain-based DID (Decentralized Identity) system.
  • PI key passport terminal 100 a passport/biometric information management server 200
  • PI key issuance and management server 300 a PI key issuance and management server
  • the communication method is not limited, and not only a communication method utilizing communication networks that the wired and wireless network 400 may include (e.g., mobile communication network, wired Internet, wireless Internet, broadcasting network, satellite network, etc.), but also short-range wireless communication between devices. May also be included.
  • the wired and wireless network 400 may include (e.g., mobile communication network, wired Internet, wireless Internet, broadcasting network, satellite network, etc.), but also short-range wireless communication between devices. May also be included.
  • the wired and wireless network 400 includes a personal area network (PAN), a local area network (LAN), a campus area network (CAN), a metropolitan area network (MAN), a wide area network (WAN), and a broadband network (BBN). network), the Internet, etc. may include one or more arbitrary networks.
  • PAN personal area network
  • LAN local area network
  • CAN campus area network
  • MAN metropolitan area network
  • WAN wide area network
  • BBN broadband network
  • network the Internet, etc. may include one or more arbitrary networks.
  • wired and wireless network 400 may include any one or more of network topologies including a bus network, star network, ring network, mesh network, star-bus network, tree, or hierarchical network, etc. It is not limited to this.
  • the PI key passport terminal (100) recognizes the information contained in the passport and the biometric information of the passport information holder and transmits the passport information and biometric information to the passport/biometric information management server (200) through the wired or wireless network (400) to register the passport.
  • PI key a unique permanent authentication key
  • the PI key passport terminal 100 is equipped with a passport information recognition unit 110 and a biometric information recognition unit 120.
  • the passport information recognition unit 110 uses, for example, OCR (Optical character recognition) technology, acquires a photographed image of a passport, and recognizes readable characters in the photographed image in word units.
  • OCR Optical character recognition
  • the passport information includes passport number, passport country, date of birth, gender, passport name, issuance date, and expiration date.
  • the passport information required to create a PI key is passport country, date of birth, gender, and name (surname).
  • the biometric information recognition unit 120 recognizes the passport holder's biometric information, such as face, iris, finger print, palm vein (hereinafter referred to as long vein), voice, etc., and transmits a recognition key corresponding to that information.
  • biometric information such as face, iris, finger print, palm vein (hereinafter referred to as long vein), voice, etc.
  • the facial recognition detects and stores specific necessary information among various face recognition information.
  • face recognition is one of the fields of biometrics, where machines automatically identify and authenticate people using the unique characteristic information contained in each person's face.
  • Face images which can be input relatively easily and naturally from various video media, separate the face from the complex background, find the positions of the eyes, nose, mouth, etc., align and size normalize, extract the feature information necessary for recognition, and perform mathematical calculations. Templates are created using statistical methods and stored in a database, and are used for face registration, recognition, and authentication.
  • vein recognition information is used to prevent this.
  • Vein matching is biometric identification through analysis of the distribution pattern of blood vessels visible on the surface of the skin.
  • fingerprint recognition requires direct contact with the scanner, which has the disadvantage of lowering identification accuracy depending on the condition of the skin and requiring frequent cleaning of the scanner.
  • Vein recognition is a method of identifying one's identity based on the shape of the veins on the back of the hand or wrist. It is known that human vein patterns are different even for twins and do not change with age.
  • vein recognition can be done in a non-contact manner, and the recognition rate is not affected by the condition of the skin surface.
  • vein recognition technology is used among biometric information, and the palm vein, which is the palm vein, is used.
  • the passport/biometric information management server 200 stores and manages passport/biometric information in the passport/biometric information DB 210, and collects the passport information and biometric information (facial recognition information) sent from the PI key passport terminal 100. Based on this, check whether it is a previously registered passport, and if it is a registered contribution right, check whether there is intestinal vein information in the passport/biometric information DB (210).
  • the PI key information is requested while transmitting the passport information and biometric information (facial recognition information + intestinal vein information) to the PI key issuance and management server (300), PI key information is received from the PI key issuing and management server 300 and delivered to the PI key passport terminal 100.
  • the PI key information is already registered information.
  • the PI key issuance and management server (300) Receives the PI key information generated from and transmits the already registered passport to the PI key passport terminal (100).
  • the PI key information is new registration information.
  • the PI key issuance and management server 300 stores and manages PI key information matching passport/biometric information in the PI key information DB 310, and retrieves the passport/biometric information from the passport/biometric information management server 200.
  • the PI key information DB (310) is checked to see if there is PI key information matching the passport/biometric information, and if so, the PI key information is transmitted to the passport/biometric information management server (200). .
  • the passport/biometric information management server 200 requests PI key creation while transmitting passport/biometric information
  • a PI key matching the passport/biometric information is generated and the passport/biometric information is stored in the PI key information DB 310. It is stored to match the information, and the generated PI key information is transmitted to the passport/biometric information management server (200).
  • FIG. 2 is a flowchart showing a method for generating and issuing a passport information-based authentication key (PI key) according to an embodiment of the present invention.
  • PI key passport information-based authentication key
  • the PI key passport terminal (100) recognizes the passport information and biometric information and transmits them to the passport/biometric information management server (200) (S202), requesting passport registration confirmation (S204), and in case of new passport registration, the PI key Request creation and issuance (S204).
  • the passport/biometric information management server (200) checks whether it is a registered passport based on the passport information and biometric information sent from the PI key passport terminal (100) (S206), and in case of registration of contribution rights, checks the passport/biometric information DB (210). Check if there is intestinal vein information (S208).
  • the PI key information is requested while transmitting the passport information and biometric information to the PI key issuance and management server 300 (S210).
  • the PI key issuance and management server 300 checks whether there is PI key information matching the passport/biometric information in the PI key information DB 310 and transmits the PI key information to the passport/biometric information management server 200 ( S212).
  • the passport/biometric information management server 200 receives PI key information from the PI key issuance and management server 300 and delivers it to the PI key passport terminal 100 (S214).
  • the transmitted PI key information is pre-registered information (502).
  • step S206 the passport/biometric information management server 200 registers and manages a new passport if contribution rights are not registered (S222).
  • the passport/biometric information management server 200 transmits the passport information and biometric information to the PI key issuance and management server 300 and requests PI key creation (S226).
  • the PI key issuance and management server 300 generates and stores a PI key matching the passport/biometric information, and transmits the generated PI key information to the passport/biometric information management server 200 (S228).
  • the passport/biometric information management server 200 transmits the already registered passport to the PI key passport terminal 100 (S230).
  • the received PI key information is new information (504).
  • step S208 If there is no visceral vein information in the passport/biometric information DB 210 in step S208, the visceral vein information is registered (S224), and then steps S226 and beyond are performed.
  • step S204 if the passport is out of use, the passport/biometric information management server 200 transmits the PI key to the passport terminal 100 (S242).
  • the information received at this time is use rejection information (506).
  • FIG. 3 is a flowchart showing a method for generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
  • the passport information recognition unit 110 of the PI key passport terminal 100 performs optical character recognition (OCR) on the passport (S302) to determine whether the passport is an electronic passport (S304).
  • OCR optical character recognition
  • the electronic passport is recognized (S306), and then the biometric information recognition unit 120 recognizes the face among the biometric information of the passport holder (S308).
  • the PI key passport terminal 100 transmits passport information and biometric information (facial recognition information) to the passport/biometric information management server 200, and transmits the passport information and biometric information (face recognition information) to the biometric information management server 200.
  • Recognition information is in the passport/biometric information DB (S310).
  • the transmitted passport information and biometric information are registered in the passport/biometric information DB 210, the long vein information is requested from the PI key passport terminal 100, and the PI key passport terminal 100
  • the biometric information recognition unit 120 recognizes the passport holder's intestinal veins and provides the intestinal vein information to the passport/biometric information management server 200 (S312).
  • the passport/biometric information management server 200 checks whether the intestinal vein information is in the passport/biometric information DB 310 (S314) and, if not, registers the intestinal vein information in the passport/biometric information DB 310 (S316) ).
  • the passport/biometric information management server 200 transmits the passport information and biometric information (facial recognition information, intestinal vein information) to the PI key issuance and management server 300, requests PI key generation, and issues the PI key. And the management server 300 creates a new PI key accordingly (S318).
  • the passport information and biometric information (facial recognition information) transmitted in step S310 are not in the passport/biometric information DB 210, the passport information and biometric information (facial recognition information) are transmitted to the PI key issuance and management server 300. While requesting the creation of a PI key, the PI key issuing and management server 300 creates a new PI key accordingly (S318).
  • step S314 if the intestinal vein information is in the passport/biometric information DB (210), this is already registered information (502).
  • Figure 4 is a conceptual diagram of generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
  • the passport number, passport country, date of birth, gender, passport name, issuance date, and expiration date are the passport country.
  • Passport information including date of birth, gender, and name (surname) is combined with biometric information including facial recognition key and intestinal vein recognition key to generate a single worldwide passport authentication PI key (600).
  • the allocation size for each information of the single passport authentication PI key (600) is, for example, 3 bytes for passport country (602), 8 bytes for date of birth (604), 1 byte for gender (606), and 24 bytes for name (last name (608)).
  • the facial recognition key (610) is 36 bytes
  • the intestinal vein recognition key (612) is 14 bytes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Tourism & Hospitality (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • Development Economics (AREA)
  • Educational Administration (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The present invention relates to a system and method for generating a passport information-based authentication key and, more specifically, to a system and method for generating a passport information-based unique permanent authentication key (PI key) by combining passport information with biometric information. The system for generating a passport information-based authentication key, according to an embodiment of the present invention, comprises: a PI key passport terminal that recognizes passport information and biometric information of a passport holder, transmits same to a passport/biometric information management server, requests generation of a passport information-based authentication key (PI key), and receives a transmission of a generated PI key; the passport/biometric information management server that identifies whether or not the passport information and biometric information transmitted by the PI key passport terminal have been registered in a DB thereof, if not registered, transmits the passport information and the biometric information to a PI key issuance and management server to request PI key generation, receives a transmission of a generated PI key, and transmits the PI key to the PI key passport terminal; and the PI key issuance and management server that generates the PI key on the basis of the passport information and biometric information transmitted by the passport/biometric information management server and transmits the generated PI key to the passport/biometric information management server.

Description

여권정보 기반 인증키 생성시스템 및 방법Passport information-based authentication key generation system and method
본 발명은 여권정보 기반 인증키 생성시스템 및 방법에 관한 것으로서, 더욱 상세하게는 여권정보와 생체정보를 결합하여 여권정보 기반 고유의 영구 인증키(PI키)를 생성하는 시스템 및 방법에 관한 것이다.The present invention relates to a system and method for generating an authentication key based on passport information, and more specifically, to a system and method for generating a unique permanent authentication key (PI key) based on passport information by combining passport information and biometric information.
현재 대한민국 국민(내/외국인)은 온라인 회원가입을 위해 주민번호 체계를 이용해 본인인증을 하고 있다.Currently, Korean citizens (domestic/foreigners) use the resident registration number system to authenticate themselves for online membership registration.
온라인 본인인증을 위해서는 주민번호가 있어야 하는 데, 온라인으로 본인인증을 위한 주민등록번호 등의 개인정보 수집을 금지시키고 있다.For online self-verification, you must have a resident registration number, but the collection of personal information such as resident registration number for online self-verification is prohibited.
이에 따라 사용자가 본인인지를 확인하는 본인확인을 필요로 하는 서비스의 요청시 법으로 주민등록번호의 수집이 허용된 본인확인기관을 통해 주민등록번호 등을 포함하는 개인정보를 대체하는 연계정보(Connect Information: CI)를 받아서 가입자에 대한 본인확인 및 본인인증을 실시하고 있다.Accordingly, when a user requests a service that requires identity verification to confirm the user's identity, Connect Information (CI) is provided to replace personal information including resident registration number through an identity verification agency permitted by law to collect resident registration number. We are conducting identity verification and authentication for subscribers.
상기 주민번호 기반 본인인증이 완료되면 주민번호와 1:1 매칭된 CI키가 발급되고, 이후 민감정보인 주민번호 대신에 CI키 정보를 제공하여 개인 식별을 하고 있다.Once the identity verification based on the resident registration number is completed, a CI key matched 1:1 with the resident registration number is issued, and then the CI key information is provided instead of the resident registration number, which is sensitive information, to identify the individual.
이와 같이 주민번호와 연계된 CI키를 이용한 본인인증 체계는 있었지만, 지금까지 여권번호를 이용한 본인인증 체계는 없었다.Although there has been an identity authentication system using a CI key linked to a resident registration number, there has been no identity authentication system using a passport number until now.
왜냐하면, 여권이 신규 발급되면 여권번호가 변경되어 본인인증을 하기가 불가능하기 때문이다.This is because when a new passport is issued, the passport number changes, making identity verification impossible.
따라서 여권번호가 변경되더라도 본인 고유 인증키는 변경되지 않은 시스템이 필요하다.Therefore, a system is needed in which the unique authentication key does not change even if the passport number changes.
본 발명은 상술한 필요성에 의해 안출된 것으로서, 여권정보와 생체정보를 결합한 여권정보 기반 고유의 인증키(PI키)를 생성하여, 여권번호가 변경되더라도 고유 본인임을 확인(인증)할 수 있는 여권정보 기반 영구인증키(PI키) 생성시스템 및 방법을 제공하는 데 그 목적이 있다.The present invention was created in response to the above-mentioned need, and generates a unique authentication key (PI key) based on passport information that combines passport information and biometric information, so that the unique identity of the person can be confirmed (authenticated) even if the passport number is changed. The purpose is to provide an information-based permanent authentication key (PI key) generation system and method.
상술한 목적을 달성하기 위한 본 발명의 실시예에 따른 여권정보 기반 인증키 생성시스템은, 여권정보와 여권소지자의 생체정보를 인식하고, 이를 여권/생체정보 관리서버에 전송하면서 여권정보 기반 인증키(PI키) 생성을 요청하여 생성된 PI키를 전달받는 PI키 여권 단말; 상기 PI키 여권 단말에서 전송한 여권정보와 생체정보가 자체 DB에 등록되었는지 확인하여 등록되어 있지 않은 경우 PI키 발급 및 관리서버에 여권정보와 생체정보를 전송하여 PI키 생성을 요청하고, 생성한 PI키를 전송받아 PI키 여권 단말에 전달하는 여권/생체정보 관리서버; 및 상기 여권/생체정보 관리서버에서 전송한 여권정보와 생체정보를 토대로 PI키를 생성하여 여권/생체정보 관리서버에 전송하는 PI키 발급 및 관리서버;를 포함하여 구성된다.The passport information-based authentication key generation system according to an embodiment of the present invention to achieve the above-mentioned purpose recognizes the passport information and the biometric information of the passport holder, transmits this to the passport/biometric information management server, and creates an authentication key based on the passport information. A PI key passport terminal that requests the creation of a (PI key) and receives the generated PI key; Check whether the passport information and biometric information sent from the PI key passport terminal are registered in its own DB. If not, send the passport information and biometric information to the PI key issuance and management server to request PI key creation, and generate the PI key. Passport/biometric information management server that receives the PI key and delivers it to the PI key passport terminal; and a PI key issuance and management server that generates a PI key based on the passport information and biometric information transmitted from the passport/biometric information management server and transmits it to the passport/biometric information management server.
또한, 상기 여권정보는 여권국가, 생년월일, 성별, 이름(성(Surname))을 포함하고, 생체정보는 안면인식정보를 포함하는 것을 특징으로 한다.In addition, the passport information includes passport country, date of birth, gender, and name (surname), and the biometric information includes facial recognition information.
그리고 상기 생체정보에 손바닥(장)정맥정보가 더 포함하는 것을 특징으로 한다.Additionally, the biometric information further includes palm (intestinal) vein information.
더불어 상기 여권정보 기반 인증키 생성시스템은 블록체인 기반 DID 기술로 구현되는 것을 특징으로 한다.In addition, the passport information-based authentication key generation system is characterized by being implemented with blockchain-based DID technology.
본 발명의 실시예에 따른 여권정보 기반 인증키 생성방법은, (A) PI키 여권 단말에서 여권정보와 여권소지자의 생체정보를 인식하여 여권/생체정보 관리서버에 전송하는 단계; (B) 상기 여권/생체정보 관리서버 여권정보와 생체정보가 자체 DB에 등록되어 있는지 확인하는 단계; (C) 상기 여권정보와 생체정보가 자체 DB에 등록되어 있지 않은 경우 여권정보와 생체정보를 PI키 발급 및 관리서버에 전송하는 단계; 및 (D) 상기 PI키 발급 및 관리서버에서 여권정보와 생체정보를 토대로 PI키를 생성하는 단계;를 포함하여 구성된다.A method of generating an authentication key based on passport information according to an embodiment of the present invention includes the steps of: (A) recognizing passport information and biometric information of the passport holder in a PI key passport terminal and transmitting the information to the passport/biometric information management server; (B) Checking whether the passport/biometric information management server passport information and biometric information are registered in its own DB; (C) If the passport information and biometric information are not registered in the self-DB, transmitting the passport information and biometric information to the PI key issuance and management server; and (D) generating a PI key based on passport information and biometric information in the PI key issuing and management server.
또한, 상기 (A) 단계에서 여권에 대해 광학문자인식(OCR)을 수행하여 해당 여권이 전자여권인지 아닌지 판단하고, 전자여권인 경우 전자여권을 인식하며, 여권소지자의 생체정보 중 안면을 인식하는 것을 특징으로 한다.In addition, in step (A) above, optical character recognition (OCR) is performed on the passport to determine whether the passport is an electronic passport or not, and if it is an electronic passport, the electronic passport is recognized, and facial recognition is performed on the passport holder's biometric information. It is characterized by
또한, 상기 (B) 단계에서 여권정보와 생체정보(안면인식정보)가 자체 DB에 등록되어 있는 경우 상기 PI키 여권 단말에 장정맥정보를 요청하고, (E) 상기 PI키 여권 단말에서 제공한 장정맥정보가 자체 DB에 등록되어 있는지 확인하여 등록되어 있지 않은 경우 장정맥정보를 자체 DB에 등록하는 단계를 수행하고, 이후 상기 (C) 단계를 수행하는 것을 특징으로 한다.In addition, in step (B), if the passport information and biometric information (facial recognition information) are registered in the self-DB, the long vein information is requested from the PI key passport terminal, and (E) the information provided by the PI key passport terminal is requested. It is characterized by performing a step of checking whether the intestinal vein information is registered in its own DB and, if not, registering the intestinal vein information in its own DB, and then performing step (C) above.
그리고 상기 (E) 단계에서 장정맥정보가 자체 DB에 등록되어 있는 경우 기등록 PI키 정보를 PI키 여권 단말에 전송하는 것을 특징으로 한다.And in step (E), if the intestinal vein information is registered in the self-DB, the pre-registered PI key information is transmitted to the PI key passport terminal.
상술한 과제의 해결 수단에 의하면, 여권정보와 생체정보를 결합한 여권정보 기반 고유의 영구 PI키를 생성하여, 여권번호가 변경되더라도 고유 본인임을 확인(인증)할 수 있다.According to the solution to the above-mentioned problem, a unique permanent PI key is generated based on passport information that combines passport information and biometric information, so that the unique identity can be confirmed (authenticated) even if the passport number is changed.
도 1은 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성시스템의 블록 구성도이다.Figure 1 is a block diagram of a passport information-based authentication key (PI key) generation system according to an embodiment of the present invention.
도 2는 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성 및 발급방법을 나타내는 순서도이다.Figure 2 is a flowchart showing a method of generating and issuing a passport information-based authentication key (PI key) according to an embodiment of the present invention.
도 3은 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성방법을 나타내는 순서도이다.Figure 3 is a flowchart showing a method for generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
도 4는 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성 개념도이다.Figure 4 is a conceptual diagram of generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
본 명세서 및 청구범위에서 사용하는 용어나 단어는, 통상적이거나 사전적인 의미로 한정하여 해석될 것이 아니라, '발명자는 그 자신의 발명을 가장 최선의 방법으로 설명하기 위해 용어의 개념을 적절하게 정의할 수 있다'는 원칙에 입각하여 본 발명의 기술적 사상에 부합하는 의미와 개념으로 해석되어야만 한다.The terms and words used in this specification and claims should not be construed as limited to their usual or dictionary meanings, but rather, 'the inventor shall appropriately define the concept of the term in order to explain his or her invention in the best way. It must be interpreted with meaning and concept consistent with the technical idea of the present invention based on the principle of 'can be done.'
또한, 본 명세서에 기재된 실시 예와 도면에 도시한 구성은, 본 발명의 바람직한 실시 예에 불과한 것일 뿐이고, 본 발명의 기술적 사상을 모두 대변하는 것은 아니므로, 본 출원시점에 있어, 이들을 대체할 수 있는 다양한 균등물에 해당하는 변형 예들이 있을 수 있음을 이해해야 하며, 이는 본 발명의 권리범위에 속할 수 있음을 인지해야 한다.In addition, the embodiments described in this specification and the configurations shown in the drawings are only preferred embodiments of the present invention and do not represent the entire technical idea of the present invention, so they cannot be replaced at the time of filing the present application. It should be understood that there may be various equivalent modifications, and that these may fall within the scope of the present invention.
도면들 중 동일한 구성요소들에 대해서는 비록 다른 도면상에 표시되더라도 가능한 한 동일한 참조번호 및 부호들로 나타내고 있음에 유의해야 한다.It should be noted that the same components among the drawings are indicated with the same reference numbers and symbols as much as possible, even if they are shown in different drawings.
하기에서 본 발명을 설명함에 있어, 관련된 공지 기능 또는 구성에 대한 구체적인 설명이 본 발명의 요지를 불필요하게 흐릴 수 있다고 판단되는 경우에는 그 상세한 설명을 생략할 것이다.In describing the present invention below, if a detailed description of a related known function or configuration is judged to unnecessarily obscure the gist of the present invention, the detailed description will be omitted.
또한, 어떤 부분이 어떤 구성요소를 "포함"한다고 할 때, 이는 특별히 반대되는 기재가 없는 한 다른 구성요소를 제외하는 것이 아니라 다른 구성요소를 더 포함할 수 있는 것을 의미한다.Additionally, when a part is said to “include” a certain component, this means that it may further include other components, rather than excluding other components, unless specifically stated to the contrary.
이하, 본 발명의 실시 예에 대하여 첨부된 도면을 참고로 그 구성 및 작용을 설명하기로 한다.Hereinafter, the configuration and operation of an embodiment of the present invention will be described with reference to the attached drawings.
도 1은 본 발명의 실시예에 따른 여권정보 기반 영구인증키 생성시스템의 블록 구성도이다.Figure 1 is a block diagram of a passport information-based permanent authentication key generation system according to an embodiment of the present invention.
도 1에 도시된 바와 같이 은 본 발명의 실시예에 따른 여권정보 기반 영구인증키 생성시스템은, PI키 여권 단말(100), 여권/생체정보 관리서버(200), PI키 발급 및 관리서버(300)를 포함하여 구성되고, 서로 유무선 네트워크(400)를 통해 연결되어 서로 통신하되, 블록체인 기반 DID(Decentralized Identity) 시스템으로 구현된다.As shown in Figure 1, the passport information-based permanent authentication key generation system according to an embodiment of the present invention includes a PI key passport terminal 100, a passport/biometric information management server 200, and a PI key issuance and management server ( 300), are connected and communicate with each other through a wired and wireless network 400, and are implemented as a blockchain-based DID (Decentralized Identity) system.
여기서 통신 방식은 제한되지 않으며, 유무선 네트워크(400)가 포함할 수 있는 통신망(일례로, 이동통신망, 유선 인터넷, 무선인터넷, 방송망, 위성망 등)을 활용하는 통신 방식뿐만 아니라 기기들 간의 근거리 무선 통신 역시 포함될 수 있다.Here, the communication method is not limited, and not only a communication method utilizing communication networks that the wired and wireless network 400 may include (e.g., mobile communication network, wired Internet, wireless Internet, broadcasting network, satellite network, etc.), but also short-range wireless communication between devices. May also be included.
예를 들어, 상기 유무선 네트워크(400)는, PAN(personal area network), LAN(local area network), CAN(campus area network), MAN(metropolitan area network), WAN(wide area network), BBN(broadband network), 인터넷 등의 네트워크 중 하나 이상의 임의의 네트워크를 포함할 수 있다.For example, the wired and wireless network 400 includes a personal area network (PAN), a local area network (LAN), a campus area network (CAN), a metropolitan area network (MAN), a wide area network (WAN), and a broadband network (BBN). network), the Internet, etc. may include one or more arbitrary networks.
또한, 유무선 네트워크(400)는 버스 네트워크, 스타 네트워크, 링 네트워크, 메쉬 네트워크, 스타-버스 네트워크, 트리 또는 계층적(hierarchical) 네트워크 등을 포함하는 네트워크 토폴로지 중 임의의 하나 이상을 포함할 수 있으나, 이에 제한되지 않는다.In addition, the wired and wireless network 400 may include any one or more of network topologies including a bus network, star network, ring network, mesh network, star-bus network, tree, or hierarchical network, etc. It is not limited to this.
PI키 여권 단말(100)은 여권에 포함된 정보와 여권정보 소지자의 생체정보를 인식하여 유무선 네트워크(400)를 통해 여권/생체정보 관리서버(200)에 여권정보와 생체정보를 전송하면서 여권등록확인을 요청하고 신규 여권등록인 경우 여권정보 기반 고유의 영구인증키(이하 PI키) 생성과 여권 발급을 요청한다.The PI key passport terminal (100) recognizes the information contained in the passport and the biometric information of the passport information holder and transmits the passport information and biometric information to the passport/biometric information management server (200) through the wired or wireless network (400) to register the passport. Request confirmation and, in case of new passport registration, request creation of a unique permanent authentication key (hereinafter referred to as PI key) based on passport information and issuance of passport.
이를 위해 상기 PI키 여권 단말(100)은 여권정보 인식부(110)와 생체정보 인식부(120)를 구비한다.For this purpose, the PI key passport terminal 100 is equipped with a passport information recognition unit 110 and a biometric information recognition unit 120.
상기 여권정보 인식부(110)는 예를 들어 OCR(Optical character recognition) 기술을 이용한 것으로, 여권을 촬영한 이미지를 취득하여 촬영된 이미지에서 판독할 수 있는 문자를 단어 단위로 인식한다.The passport information recognition unit 110 uses, for example, OCR (Optical character recognition) technology, acquires a photographed image of a passport, and recognizes readable characters in the photographed image in word units.
상기 여권정보에는 여권번호, 여권국가, 생년월일, 성별, 여권이름, 발급일자, 만료일자가 포함되며, 이중 PI키 생성에 필요한 여권정보는 여권국가, 생년월일, 성별, 이름(성(Surname))이다. The passport information includes passport number, passport country, date of birth, gender, passport name, issuance date, and expiration date. Among these, the passport information required to create a PI key is passport country, date of birth, gender, and name (surname).
한편, 상기 생체정보 인식부(120)는 여권소지자의 생체정보 예를 들어 안면, 홍채, 손가락 지문, 손바닥정맥(이하 장정맥), 목소리 등을 인식하여 그 정보인 인식키를 전송한다.Meanwhile, the biometric information recognition unit 120 recognizes the passport holder's biometric information, such as face, iris, finger print, palm vein (hereinafter referred to as long vein), voice, etc., and transmits a recognition key corresponding to that information.
상기 안면인식은 안면인식의 여러 정보 중에서 특정한 필요정보를 검출하고 이를 저장하게 된다.The facial recognition detects and stores specific necessary information among various face recognition information.
예를 들어 얼굴인식(Face Recognition)은 생체인식(Boimetrics) 분야 중의 하나로 사람마다 얼굴에 담겨있는 고유한 특징 정보를 이용하여 기계가 자동으로 사람을 식별하고 인증한다.For example, face recognition is one of the fields of biometrics, where machines automatically identify and authenticate people using the unique characteristic information contained in each person's face.
각종 영상매체로부터 비교적 쉽고 자연스럽게 입력받을 수 있는 얼굴이미지는 복잡한 배경으로부터 얼굴을 분리한 다음 눈, 코, 입 등의 위치들을 찾아서 정렬 및 사이즈 정규화를 하고, 인식에 필요한 특징 정보를 추출하여 수학적 계산과 통계적인 방법 등으로 템플릿을 만들어 데이터베이스로 저장함으로써, 얼굴의 등록, 인식 및 인증에 사용한다. Face images, which can be input relatively easily and naturally from various video media, separate the face from the complex background, find the positions of the eyes, nose, mouth, etc., align and size normalize, extract the feature information necessary for recognition, and perform mathematical calculations. Templates are created using statistical methods and stored in a database, and are used for face registration, recognition, and authentication.
상기 안면인식 생체정보 확인시 쌍둥이인 경우 안면인식에 동일값이 나오는데, 본 발명에서는 이를 방지하기 위해 정맥인식 정보를 이용한다.When checking the facial recognition biometric information, if the twins are twins, the same value is displayed for facial recognition. In the present invention, vein recognition information is used to prevent this.
정맥인식(Vein matching)은 피부의 표면에서 볼 수 있는 혈관의 분포 패턴의 분석을 통한 생체 인식이다.Vein matching is biometric identification through analysis of the distribution pattern of blood vessels visible on the surface of the skin.
기존의 생체인식 중 지문인식의 경우 스캐너에 손가락을 직접 접촉해야 하므로, 피부의 상태에 따라 식별 정확도가 떨어지고, 스캐너를 자주 청소해줘야 하는 단점이 있다.Among existing biometrics, fingerprint recognition requires direct contact with the scanner, which has the disadvantage of lowering identification accuracy depending on the condition of the skin and requiring frequent cleaning of the scanner.
또한, 홍채인식의 경우 인증 단말기에 눈을 가까이해야 하므로 인증 단말기의 설치 위치를 선정하기도 까다롭고, 단말기에 눈을 갖다 대 인증하기도 번거롭다는 문제점이 있다.In addition, in the case of iris recognition, there is a problem that it is difficult to select an installation location for the authentication terminal because the eye must be close to the authentication terminal, and it is cumbersome to authenticate by putting the eye to the terminal.
정맥인식은 손등이나 손목의 정맥 모양으로 신원을 식별하는 방법으로, 인간의 정맥 패턴은 쌍둥이라도 다르며, 나이를 먹어도 변화하지 않는 것으로 알려졌다.Vein recognition is a method of identifying one's identity based on the shape of the veins on the back of the hand or wrist. It is known that human vein patterns are different even for twins and do not change with age.
또한, 정맥인식은 비접촉 방식으로 인식할 수 있으며, 피부 표면 상태에 따라 인식률에 영향을 받지 않는다.Additionally, vein recognition can be done in a non-contact manner, and the recognition rate is not affected by the condition of the skin surface.
따라서 본 발명에서는 생체정보 중 정맥인식 기술을 이용하되, 손바닥정맥인 장정맥을 이용한다.Therefore, in the present invention, vein recognition technology is used among biometric information, and the palm vein, which is the palm vein, is used.
상기 여권/생체정보 관리서버(200)는 여권/생체정보 DB(210)에 여권/생체정보를 저장하고 관리하여, PI키 여권 단말(100)에서 보내온 여권정보와 생체정보(안면인식정보)를 토대로 기등록여권인지 확인하고, 기여권등록인 경우 여권/생체정보 DB(210)에 장정맥정보가 있는지 확인한다.The passport/biometric information management server 200 stores and manages passport/biometric information in the passport/biometric information DB 210, and collects the passport information and biometric information (facial recognition information) sent from the PI key passport terminal 100. Based on this, check whether it is a previously registered passport, and if it is a registered contribution right, check whether there is intestinal vein information in the passport/biometric information DB (210).
상기 여권/생체정보 DB(210)에 장정맥정보가 있는 경우 PI키 발급 및 관리서버(300)에 여권정보와 생체정보(안면인식정보+장정맥정보)를 전송하면서 PI키 정보를 요청하고, 상기 PI키 발급 및 관리서버(300)로부터 PI키 정보를 전송받아 PI키 여권 단말(100)에 전달한다.If there is intestinal vein information in the passport/biometric information DB (210), the PI key information is requested while transmitting the passport information and biometric information (facial recognition information + intestinal vein information) to the PI key issuance and management server (300), PI key information is received from the PI key issuing and management server 300 and delivered to the PI key passport terminal 100.
이때 PI키 정보는 기등록 정보이다.At this time, the PI key information is already registered information.
상기 기여권등록이되, 여권/생체정보 DB(210)에 장정맥정보가 있는 없는 경우 장정맥정보를 등록한다.When registering the contribution rights above, if there is no visceral vein information in the passport/biometric information DB (210), the visceral vein information is registered.
상기 기등록여권이 아닌 경우 신규여권으로 등록(발급)하며 PI키 발급 및 관리서버(300)에 여권정보와 생체정보를 전송하면 PI키 생성을 요청하고, 상기 PI키 발급 및 관리서버(300)에서 생성한 PI키 정보를 전송받아 PI키 여권 단말(100)에 기등록완료된 여권을 전송한다.If it is not the previously registered passport, it is registered (issued) as a new passport, and when passport information and biometric information are transmitted to the PI key issuance and management server (300), PI key generation is requested, and the PI key issuance and management server (300) Receives the PI key information generated from and transmits the already registered passport to the PI key passport terminal (100).
이때 PI키 정보는 신규등록 정보이다.At this time, the PI key information is new registration information.
상기 PI키 발급 및 관리서버(300)는 PI키정보 DB(310)에 여권/생체정보에 매칭되는 PI키 정보를 저장하고 관리하여, 여권/생체정보 관리서버(200)에서 여권/생체정보를 전송하면서 PI키 정보를 요청하는 경우 상기 PI키정보 DB(310)에 여권/생체정보에 매칭되는 PI키 정보가 있는지 확인하여 있는 경우 PI키 정보를 여권/생체정보 관리서버(200)에 전송한다.The PI key issuance and management server 300 stores and manages PI key information matching passport/biometric information in the PI key information DB 310, and retrieves the passport/biometric information from the passport/biometric information management server 200. When requesting PI key information during transmission, the PI key information DB (310) is checked to see if there is PI key information matching the passport/biometric information, and if so, the PI key information is transmitted to the passport/biometric information management server (200). .
또한, 상기 여권/생체정보 관리서버(200)에서 여권/생체정보를 전송하면서 PI키 생성을 요청하는 경우 여권/생체정보에 매칭되는 PI키를 생성하여 PI키정보 DB(310)에 여권/생체정보에 매칭되게 저장하고, 생성한 PI키 정보를 여권/생체정보 관리서버(200)에 전송한다.In addition, when the passport/biometric information management server 200 requests PI key creation while transmitting passport/biometric information, a PI key matching the passport/biometric information is generated and the passport/biometric information is stored in the PI key information DB 310. It is stored to match the information, and the generated PI key information is transmitted to the passport/biometric information management server (200).
도 2는 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성 및 발급 방법을 나타내는 순서도이다.Figure 2 is a flowchart showing a method for generating and issuing a passport information-based authentication key (PI key) according to an embodiment of the present invention.
먼저, PI키 여권 단말(100)에서 여권정보와 생체정보를 인식하고 여권/생체정보 관리서버(200)에 전송하면서(S202) 여권등록확인을 요청하며(S204), 신규 여권등록인 경우 PI키 생성 및 발급을 요청한다(S204).First, the PI key passport terminal (100) recognizes the passport information and biometric information and transmits them to the passport/biometric information management server (200) (S202), requesting passport registration confirmation (S204), and in case of new passport registration, the PI key Request creation and issuance (S204).
상기 여권/생체정보 관리서버(200)는 PI키 여권 단말(100)에서 보내온 여권정보와 생체정보를 토대로 기등록여권인지 확인하고(S206), 기여권등록인 경우 여권/생체정보 DB(210)에 장정맥정보가 있는지 확인한다(S208).The passport/biometric information management server (200) checks whether it is a registered passport based on the passport information and biometric information sent from the PI key passport terminal (100) (S206), and in case of registration of contribution rights, checks the passport/biometric information DB (210). Check if there is intestinal vein information (S208).
상기 여권/생체정보 DB(210)에 장정맥정보가 있는 경우 PI키 발급 및 관리서버(300)에 여권정보와 생체정보를 전송하면서 PI키 정보를 요청한다(S210).If there is intestinal vein information in the passport/biometric information DB 210, the PI key information is requested while transmitting the passport information and biometric information to the PI key issuance and management server 300 (S210).
상기 PI키 발급 및 관리서버(300)는 PI키정보 DB(310)에 여권/생체정보에 매칭되는 PI키 정보가 있는지 확인하여 PI키 정보를 여권/생체정보 관리서버(200)에 전송한다(S212).The PI key issuance and management server 300 checks whether there is PI key information matching the passport/biometric information in the PI key information DB 310 and transmits the PI key information to the passport/biometric information management server 200 ( S212).
상기 여권/생체정보 관리서버(200)는 상기 PI키 발급 및 관리서버(300)로부터 PI키 정보를 전송받아 PI키 여권 단말(100)에 전달한다(S214).The passport/biometric information management server 200 receives PI key information from the PI key issuance and management server 300 and delivers it to the PI key passport terminal 100 (S214).
이때 전송받은 PI키 정보는 기등록 정보(502)이다.At this time, the transmitted PI key information is pre-registered information (502).
한편, 상기 S206 단계에서 여권/생체정보 관리서버(200)는 기여권등록이 아닌 경우 신규여권으로 등록하여 관리한다(S222).Meanwhile, in step S206, the passport/biometric information management server 200 registers and manages a new passport if contribution rights are not registered (S222).
또한, 여권/생체정보 관리서버(200)는 여권정보와 생체정보를 PI키 발급 및 관리서버(300)에 전송하면서 PI키 생성을 요청한다(S226). Additionally, the passport/biometric information management server 200 transmits the passport information and biometric information to the PI key issuance and management server 300 and requests PI key creation (S226).
상기 PI키 발급 및 관리서버(300)는 여권/생체정보에 매칭되는 PI키를 생성하여 저장하고, 생성한 PI키 정보를 여권/생체정보 관리서버(200)에 전송한다(S228). The PI key issuance and management server 300 generates and stores a PI key matching the passport/biometric information, and transmits the generated PI key information to the passport/biometric information management server 200 (S228).
상기 여권/생체정보 관리서버(200)는 PI키 여권 단말(100)에 기등록완료된 여권을 전송한다(S230).The passport/biometric information management server 200 transmits the already registered passport to the PI key passport terminal 100 (S230).
이때 전송받은 PI키 정보는 신규 정보(504)이다.At this time, the received PI key information is new information (504).
상기 S208 단계에서 여권/생체정보 DB(210)에 장정맥정보가 없는 경우 장정맥정보를 등록한(S224) 후, 상기 S226 단계 이후를 수행한다.If there is no visceral vein information in the passport/biometric information DB 210 in step S208, the visceral vein information is registered (S224), and then steps S226 and beyond are performed.
상기 S204 단계에서 여권/생체정보 관리서버(200)는 사용정지 여권인 경우 이를 PI키 여권 단말(100)에 전송한다(S242).In step S204, if the passport is out of use, the passport/biometric information management server 200 transmits the PI key to the passport terminal 100 (S242).
이때 받은 정보는 사용거부 정보(506)이다.The information received at this time is use rejection information (506).
도 3은 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성방법을 나타내는 순서도이다.Figure 3 is a flowchart showing a method for generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
먼저, PI키 여권 단말(100)의 여권정보 인식부(110)에서 여권에 대해 광학문자인식(OCR)을 수행하여(S302) 해당 여권이 전자여권인지 아닌지 판단한다(S304).First, the passport information recognition unit 110 of the PI key passport terminal 100 performs optical character recognition (OCR) on the passport (S302) to determine whether the passport is an electronic passport (S304).
상기 전자여권인 경우 전자여권을 인식하고(S306) 이후 생체정보 인식부(120)에서 여권소지자의 생체정보 중 안면을 인식한다(S308).In the case of the electronic passport, the electronic passport is recognized (S306), and then the biometric information recognition unit 120 recognizes the face among the biometric information of the passport holder (S308).
상기 PI키 여권 단말(100)에서 여권정보와 생체정보(안면인식정보)를 여권/생체정보 관리서버(200)에 전송하고, 상기 생체정보 관리서버(200)에 전송 여권정보와 생체정보(안면인식정보)가 여권/생체정보 DB에 있는지 확인한다(S310).The PI key passport terminal 100 transmits passport information and biometric information (facial recognition information) to the passport/biometric information management server 200, and transmits the passport information and biometric information (face recognition information) to the biometric information management server 200. Recognition information) is in the passport/biometric information DB (S310).
상기 전송 여권정보와 생체정보(안면인식정보)가 여권/생체정보 DB(210)에 있어 등록된 경우 PI키 여권 단말(100)에 장정맥정보를 요청하고, 상기 PI키 여권 단말(100)의 생체정보 인식부(120)는 여권소지자의 장정맥을 인식하고 장정맥정보를 여권/생체정보 관리서버(200)에 제공한다(S312).If the transmitted passport information and biometric information (facial recognition information) are registered in the passport/biometric information DB 210, the long vein information is requested from the PI key passport terminal 100, and the PI key passport terminal 100 The biometric information recognition unit 120 recognizes the passport holder's intestinal veins and provides the intestinal vein information to the passport/biometric information management server 200 (S312).
상기 여권/생체정보 관리서버(200)는 장정맥정보가 여권/생체정보 DB(310)에 있는지 확인하여(S314) 없는 경우 이 장정맥정보를 여권/생체정보 DB(310)에 등록한다(S316).The passport/biometric information management server 200 checks whether the intestinal vein information is in the passport/biometric information DB 310 (S314) and, if not, registers the intestinal vein information in the passport/biometric information DB 310 (S316) ).
다음 여권/생체정보 관리서버(200)는 상기 여권정보와 생체정보(안면인식정보, 장정맥정보)를 PI키 발급 및 관리서버(300)에 전송하면서 PI키 생성을 요청하고, 상기 PI키 발급 및 관리서버(300)는 이에 맞추어 PI키를 신규로 생성한다(S318).Next, the passport/biometric information management server 200 transmits the passport information and biometric information (facial recognition information, intestinal vein information) to the PI key issuance and management server 300, requests PI key generation, and issues the PI key. And the management server 300 creates a new PI key accordingly (S318).
상기 S310 단계에서 전송 여권정보와 생체정보(안면인식정보)가 여권/생체정보 DB(210)에 없는 경우 상기 여권정보와 생체정보(안면인식정보)를 PI키 발급 및 관리서버(300)에 전송하면서 PI키 생성을 요청하고, 상기 PI키 발급 및 관리서버(300)는 이에 맞추어 PI키를 신규로 생성한다(S318).If the passport information and biometric information (facial recognition information) transmitted in step S310 are not in the passport/biometric information DB 210, the passport information and biometric information (facial recognition information) are transmitted to the PI key issuance and management server 300. While requesting the creation of a PI key, the PI key issuing and management server 300 creates a new PI key accordingly (S318).
이는 신규 정보(504)이다.This is new information (504).
상기 S314 단계에서 장정맥정보가 여권/생체정보 DB(210)에 있는 경우 이는 기등록 정보(502)이다.In step S314, if the intestinal vein information is in the passport/biometric information DB (210), this is already registered information (502).
도 4는 본 발명의 실시예에 따른 여권정보 기반 인증키(PI키) 생성 개념도이다.Figure 4 is a conceptual diagram of generating an authentication key (PI key) based on passport information according to an embodiment of the present invention.
도 4에 도시된 바와 같이 여권번호, 여권국가, 생년월일, 성별, 여권이름, 발급일자, 만료일자를 포함하는 여권정보 중 여권번호, 여권국가, 생년월일, 성별, 여권이름, 발급일자, 만료일자가 여권국가, 생년월일, 성별, 이름(성(Surname))을 포함하는 여권정보와, 안면인식키와 장정맥인식키를 포함하는 생체정보를 결합하여 전세계 단일여권 인증 PI키(600)를 생성한다.As shown in Figure 4, among the passport information including passport number, passport country, date of birth, gender, passport name, issuance date, and expiration date, the passport number, passport country, date of birth, gender, passport name, issuance date, and expiration date are the passport country. , Passport information including date of birth, gender, and name (surname) is combined with biometric information including facial recognition key and intestinal vein recognition key to generate a single worldwide passport authentication PI key (600).
이때 단일여권 인증 PI키(600)의 각 정보에 대한 할당크기는 예를 들어 여권국가(602) 3바이트, 생년월일(604) 8바이트, 성별(606) 1바이트, 이름(성(608)) 24바이트, 안면인식키(610) 36바이트, 장정맥인식키(612) 14바이트이다. At this time, the allocation size for each information of the single passport authentication PI key (600) is, for example, 3 bytes for passport country (602), 8 bytes for date of birth (604), 1 byte for gender (606), and 24 bytes for name (last name (608)). byte, the facial recognition key (610) is 36 bytes, and the intestinal vein recognition key (612) is 14 bytes.
이상에서 본 발명에 대한 기술 사상을 첨부 도면과 함께 서술하였지만, 이는 본 발명의 바람직한 실시 예를 예시적으로 설명한 것이지 본 발명을 한정하는 것은 아니다.Although the technical idea of the present invention has been described above along with the accompanying drawings, this is an exemplary description of a preferred embodiment of the present invention and does not limit the present invention.
또한, 이 기술 분야의 통상의 지식을 가진 자라면 누구나 본 발명의 기술 사상의 범주를 이탈하지 않는 범위 내에서 다양한 변형 및 모방이 가능함은 명백한 사실이다.In addition, it is clear that anyone skilled in the art can make various modifications and imitations without departing from the scope of the technical idea of the present invention.

Claims (8)

  1. 여권정보와 여권소지자의 생체정보를 인식하고, 이를 여권/생체정보 관리서버에 전송하면서 여권정보 기반 인증키(PI키) 생성을 요청하여 생성된 PI키를 전달받는 PI키 여권 단말;A PI key passport terminal that recognizes passport information and the passport holder's biometric information, transmits this to the passport/biometric information management server, and requests the generation of a passport information-based authentication key (PI key) to receive the generated PI key;
    상기 PI키 여권 단말에서 전송한 여권정보와 생체정보가 자체 DB에 등록되었는지 확인하여 등록되어 있지 않은 경우 PI키 발급 및 관리서버에 여권정보와 생체정보를 전송하여 PI키 생성을 요청하고, 생성한 PI키를 전송받아 PI키 여권 단말에 전달하는 여권/생체정보 관리서버; 및Check whether the passport information and biometric information sent from the PI key passport terminal are registered in its own DB. If not, send the passport information and biometric information to the PI key issuance and management server to request PI key creation, and generate the PI key. Passport/biometric information management server that receives the PI key and delivers it to the PI key passport terminal; and
    상기 여권/생체정보 관리서버에서 전송한 여권정보와 생체정보를 토대로 PI키를 생성하여 여권/생체정보 관리서버에 전송하는 PI키 발급 및 관리서버;A PI key issuance and management server that generates a PI key based on the passport information and biometric information transmitted from the passport/biometric information management server and transmits it to the passport/biometric information management server;
    를 포함하는 여권정보 기반 인증키 생성시스템.Passport information-based authentication key generation system including.
  2. 제1항에 있어서,According to paragraph 1,
    상기 여권정보는 여권국가, 생년월일, 성별, 이름(성(Surname))을 포함하고, 생체정보는 안면인식정보를 포함하는 것을 특징으로 하는 여권정보 기반 인증키 생성시스템.The passport information includes passport country, date of birth, gender, and name (surname), and the biometric information includes facial recognition information. A passport information-based authentication key generation system.
  3. 제2항에 있어서,According to paragraph 2,
    상기 생체정보에 손바닥(장)정맥정보가 더 포함하는 것을 특징으로 하는 여권정보 기반 인증키 생성시스템.A passport information-based authentication key generation system characterized in that palm (intestinal) vein information is further included in the biometric information.
  4. 제1항에 있어서,According to paragraph 1,
    상기 여권정보 기반 인증키 생성시스템은 블록체인 기반 DID 기술로 구현되는 것을 특징으로 하는 여권정보 기반 인증키 생성시스템.The passport information-based authentication key generation system is a passport information-based authentication key generation system characterized in that it is implemented with blockchain-based DID technology.
  5. (A) PI키 여권 단말에서 여권정보와 여권소지자의 생체정보를 인식하여 여권/생체정보 관리서버에 전송하는 단계;(A) Recognizing the passport information and biometric information of the passport holder at the PI key passport terminal and transmitting it to the passport/biometric information management server;
    (B) 상기 여권/생체정보 관리서버 여권정보와 생체정보가 자체 DB에 등록되어 있는지 확인하는 단계;(B) Checking whether the passport/biometric information management server passport information and biometric information are registered in its own DB;
    (C) 상기 여권정보와 생체정보가 자체 DB에 등록되어 있지 않은 경우 여권정보와 생체정보를 PI키 발급 및 관리서버에 전송하는 단계; 및(C) If the passport information and biometric information are not registered in the self-DB, transmitting the passport information and biometric information to the PI key issuance and management server; and
    (D) 상기 PI키 발급 및 관리서버에서 여권정보와 생체정보를 토대로 PI키를 생성하는 단계;(D) generating a PI key based on passport information and biometric information at the PI key issuing and management server;
    를 포함하는 여권정보 기반 인증키 생성방법.A method of generating an authentication key based on passport information including.
  6. 제5항에 있어서,According to clause 5,
    상기 (A) 단계에서 여권에 대해 광학문자인식(OCR)을 수행하여 해당 여권이 전자여권인지 아닌지 판단하고, 전자여권인 경우 전자여권을 인식하며, 여권소지자의 생체정보 중 안면을 인식하는 것을 특징으로 하는 여권정보 기반 인증키 생성방법.In step (A), optical character recognition (OCR) is performed on the passport to determine whether the passport is an electronic passport or not, and if it is an electronic passport, the electronic passport is recognized, and the face is recognized among the biometric information of the passport holder. How to generate an authentication key based on passport information.
  7. 제6항에 있어서,According to clause 6,
    상기 (B) 단계에서 여권정보와 생체정보(안면인식정보)가 자체 DB에 등록되어 있는 경우 상기 PI키 여권 단말에 장정맥정보를 요청하고,In step (B) above, if passport information and biometric information (facial recognition information) are registered in the self-DB, request intestinal vein information from the PI key passport terminal,
    (E) 상기 PI키 여권 단말에서 제공한 장정맥정보가 자체 DB에 등록되어 있는지 확인하여 등록되어 있지 않은 경우 장정맥정보를 자체 DB에 등록하는 단계를 수행하고,(E) Check whether the intestinal vein information provided by the PI key passport terminal is registered in its own DB, and if not, perform the step of registering the intestinal vein information in its own DB,
    상기 (C) 단계를 수행하는 것을 특징으로 하는 여권정보 기반 인증키 생성방법.A method of generating an authentication key based on passport information, characterized in that step (C) is performed.
  8. 제7항에 있어서,In clause 7,
    상기 (E) 단계에서 장정맥정보가 자체 DB에 등록되어 있는 경우 기등록 PI키 정보를 PI키 여권 단말에 전송하는 것을 특징으로 하는 여권정보 기반 인증키 생성방법.A method of generating an authentication key based on passport information, characterized by transmitting the pre-registered PI key information to the PI key passport terminal when the intestinal vein information is registered in the self-DB in step (E) above.
PCT/KR2023/018580 2022-11-21 2023-11-17 System and method for generating passport information-based authentication key WO2024112016A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020220156560A KR102691415B1 (en) 2022-11-21 2022-11-21 Passport Information-Based Authentication Key Generation System and Method
KR10-2022-0156560 2022-11-21

Publications (1)

Publication Number Publication Date
WO2024112016A1 true WO2024112016A1 (en) 2024-05-30

Family

ID=91196082

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2023/018580 WO2024112016A1 (en) 2022-11-21 2023-11-17 System and method for generating passport information-based authentication key

Country Status (2)

Country Link
KR (1) KR102691415B1 (en)
WO (1) WO2024112016A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008541633A (en) * 2005-05-20 2008-11-20 サーティコム コーポレーション Electronic passport authentication protocol with enhanced privacy
KR20200139641A (en) * 2019-06-03 2020-12-14 콴홍 테크놀로지 컴퍼니 리미티드 Method of Registration And Access Control of Identity For Third-Party Certification
KR20220006234A (en) * 2020-07-08 2022-01-17 비트레스 주식회사 Method for creating decentralized identity able to manage user authority and system for managing user authority using the same
KR20220028874A (en) * 2020-08-31 2022-03-08 한국조폐공사 Method for electronic passport authentication service using decentralized identifier based on blockchain networks and user device executing electronic passport authentication service
JP2022082548A (en) * 2020-09-11 2022-06-02 日本電気株式会社 Server device, system, control method of server device, and computer program

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102391085B1 (en) 2020-09-24 2022-04-27 박성기 Identity verification system using user-based personal information replacement connect information and method thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008541633A (en) * 2005-05-20 2008-11-20 サーティコム コーポレーション Electronic passport authentication protocol with enhanced privacy
KR20200139641A (en) * 2019-06-03 2020-12-14 콴홍 테크놀로지 컴퍼니 리미티드 Method of Registration And Access Control of Identity For Third-Party Certification
KR20220006234A (en) * 2020-07-08 2022-01-17 비트레스 주식회사 Method for creating decentralized identity able to manage user authority and system for managing user authority using the same
KR20220028874A (en) * 2020-08-31 2022-03-08 한국조폐공사 Method for electronic passport authentication service using decentralized identifier based on blockchain networks and user device executing electronic passport authentication service
JP2022082548A (en) * 2020-09-11 2022-06-02 日本電気株式会社 Server device, system, control method of server device, and computer program

Also Published As

Publication number Publication date
KR20240094060A (en) 2024-06-25
KR102691415B1 (en) 2024-08-05

Similar Documents

Publication Publication Date Title
WO2018194378A1 (en) Method for approving use of card by using blockchain-based token id and server using method
WO2013165227A1 (en) Icon password setting apparatus and icon password setting method using keyword of icon
WO2018117288A1 (en) Method for opening non-face-to-face financial account by using mobile terminal, and system therefor
WO2018169159A1 (en) Authentication system based on variable biometric information, and authentication method using same
JP7298733B2 (en) SERVER DEVICE, SYSTEM, CONTROL METHOD FOR SERVER DEVICE, AND COMPUTER PROGRAM
WO2024112016A1 (en) System and method for generating passport information-based authentication key
WO2012026793A2 (en) System and method for verifying user identity for non-repudiation using bio-information
WO2021172700A1 (en) System for blocking texts extracted from image, and method therefor
US20230325955A1 (en) Server device, system, method for controlling server device, and storage medium
WO2012018173A2 (en) Method for processing automatic loan
JP2023126272A (en) Processing device, control method for processing device, and program
WO2018169160A1 (en) Complex authentication system based on variable biometric information, and complex authentication method using same
JP2023138550A (en) Gate device, immigration examination system, method for controlling gate device, and program
WO2024111947A1 (en) System and method for authenticating authenticity of passport and providing information
WO2023167481A1 (en) Authentication method and system
WO2018074701A1 (en) Smart electronic health insurance card management system
JP7279772B2 (en) SERVER DEVICE, SYSTEM, CONTROL METHOD FOR SERVER DEVICE, AND COMPUTER PROGRAM
WO2022114413A1 (en) Virtual currency withdrawal-processing method and exchange system
WO2015186965A2 (en) Pos system using input of multiple sequential fingerprint sets and driving method therefor
WO2021071295A1 (en) Identity authentication system and method therefor
WO2017065577A1 (en) User authentication method and system using variable key pad and face recognition
WO2017018861A1 (en) Financial device using biometric information, and operation method therefor
WO2015076522A1 (en) Internet security method and system using otid
WO2015080337A1 (en) Online business card management system and method
WO2018218551A1 (en) Fare payment method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23894944

Country of ref document: EP

Kind code of ref document: A1