[go: up one dir, main page]

WO2012108661A2 - Système et procédé d'authentification de sécurité d'un abonné bidirectionnel sur un réseau de communication, et support d'enregistrement sur lequel le procédé est enregistré - Google Patents

Système et procédé d'authentification de sécurité d'un abonné bidirectionnel sur un réseau de communication, et support d'enregistrement sur lequel le procédé est enregistré Download PDF

Info

Publication number
WO2012108661A2
WO2012108661A2 PCT/KR2012/000879 KR2012000879W WO2012108661A2 WO 2012108661 A2 WO2012108661 A2 WO 2012108661A2 KR 2012000879 W KR2012000879 W KR 2012000879W WO 2012108661 A2 WO2012108661 A2 WO 2012108661A2
Authority
WO
WIPO (PCT)
Prior art keywords
information
user
subscriber
code
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2012/000879
Other languages
English (en)
Korean (ko)
Other versions
WO2012108661A3 (fr
Inventor
홍승의
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of WO2012108661A2 publication Critical patent/WO2012108661A2/fr
Publication of WO2012108661A3 publication Critical patent/WO2012108661A3/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Definitions

  • the present invention relates to a method for authenticating an access subscriber of a network page provided by a network communication network such as the Internet, and more particularly, to provide a security authentication process for a subscriber that is allowed to access.
  • the present invention relates to a two-way subscriber security authentication system and method in a network communication network that enables a secure connection in a personal terminal device (PC) that a user uses for connection using a smartphone, and a recording medium recording the method.
  • PC personal terminal device
  • the website of the Internet performs the subscriber authentication process to check whether the accessor is a legitimate user and allow access.
  • subscriber ID and password it is common to set subscriber ID and password in advance, and perform subscriber authentication by inputting a predetermined ID and password to a user to access.
  • an authentication method using a certificate that allows access through a password set therein as well as a certificate verifying the subscriber's identity is used.
  • One-Time Password A security authentication method is used to identify and authenticate secondary subscribers using a one-time password generated by the generator.
  • the authentication information input by the user can be leaked to the outside at any time by phishing the keyboard value or the mouse coordinate input value on the screen through the computer terminal device used by the user. Performing visitor authentication is no longer a secure access authentication method, and a new subscriber authentication method is required.
  • the anti-phishing program belongs to an expensive program, it is not easy to provide an anti-phishing program on all websites to the user terminal.
  • a predetermined graphic seal is set in advance to indicate that the website is legitimate, not a fake website, and a predetermined graphic seal is displayed upon login or authentication by input of a keyboard or mouse.
  • So-called 'security seal' technology (Yahoo, Auction, etc.) has been proposed to indicate that it is a legitimate website.
  • a method of using one means of the user's computer such as a keyboard and a mouse may be a target of phishing and thus may not be recognized as a secure security authentication method.
  • the present invention is to propose a subscriber authentication method of a network access page that does not use a means in a user computer terminal such as a keyboard and a mouse, by using a smartphone operated by a predetermined operating system.
  • a subscriber authentication method of a network access page that does not use a means in a user computer terminal such as a keyboard and a mouse, by using a smartphone operated by a predetermined operating system.
  • the present invention in performing the subscriber authentication in the network communication network, by authenticating the network page that the user attempts to access, it is possible for the user to recognize that the network page (site) to which he connected is a legitimate network page to provide a two-way subscriber security authentication system and a method in a network communication network.
  • the service site system includes a web server for managing access to a service site, and a security certificate management server for performing subscriber security authentication for a login request using 2D code.
  • the security authentication management server includes a password information generation unit for generating service site password information, a 2D code generation unit for generating a 2D code including password information to be displayed on the service site, and generation and management of information to be transmitted to a smartphone.
  • Security authentication control unit that controls and controls the login of the page of the subscriber who requested the subscriber security authentication by checking the information replied from the smart phone by providing the edited information on the registered token information and the token information registration management and user management information (USER AGENT).
  • Subscriber identification information management unit for registering and managing the code, and a database in which token information and user management information (USER AGENT CODE) are registered and managed,
  • the token information registration process for controlling the token information registration process for subscriber authentication by accessing the service site, and determines that the subscriber security authentication mode of the user is selected to drive the camera means provided by the service site system
  • a login approval information providing process for providing the user with login approval information in the service site system and providing the user's login selection information to the service site system according to the user's selection. Should be .
  • the security authentication control unit of the present invention selects any one of the token information of the registered user to configure the partial information of the token information as the subscriber confirmation edit information, the subscriber confirmation edit included in the response information from the smartphone And a process for authenticating the subscriber with token information to fill the information.
  • Token information registration process in the smartphone to register the token information for subscriber authentication by accessing the service site through the application installed on the smartphone,
  • the first 2D code generation and display process of the service site from the response information for the received 2D code
  • Check the password information transmitted to the service site load the token information matching the user management information (USER AGENT CODE), edit the loaded token information, and edit the user password information and the edited token information included in the response information for the 2D code.
  • the user After checking the user's scan selection input, the user checks the user's password information sent from the information contained in the second 2D code by checking the second 2D code and judges the corresponding token information from the edited token information. Create response information for the edited token information and create new replacement user management information (NEW_USER AGENT CODE) to respond to the 2D code for user password information, generated response token information and user management information to be replaced Generating and transmitting second 2D code response information from the user's smartphone to transmit the information;
  • NSW_USER AGENT CODE new replacement user management information
  • the token information is checked from the received second 2D code response information to determine whether the response token information is the correct token information transmitted.
  • the service site system that registers and replaces user management information (USER AGENT CODE) registered with the corresponding user with newly received user management information (NEW_USER AGENT CODE) and transmits login approval information to the application of the user's smartphone. Access authorization and certification process,
  • the access completion process in the service site system for completing the access authentication by allowing the login of the web page of the service site system is characterized in that it is made.
  • the present invention it is possible to simply access the page of the service site by using a smartphone without using the device of the user's computer terminal, it is possible to further increase the convenience, and also to reduce the anxiety about authentication on the network Security authentication can be performed.
  • FIG. 1 is a view showing a schematic configuration of a two-way subscriber security authentication system in a network communication network of the present invention.
  • Figure 2 is a block diagram showing the configuration of a two-way subscriber security authentication system in the network communication network of the present invention.
  • FIG. 3 is a chart showing a subscriber security authentication process in the present invention.
  • FIG. 4 is a flowchart illustrating a token registration process performed in a smartphone in the present invention.
  • FIG. 5 is a flowchart illustrating a token registration process performed in a service site system according to the present invention.
  • FIG. 6 is a view showing an example of a user computer login screen displaying a 2D code in the present invention.
  • FIG. 7 is a view showing a state of scanning a 2D code displayed on a user computer using a user smartphone in the present invention.
  • FIG. 8 is a view showing an example of the login permission displayed on the user's smartphone with respect to the login permission of the service site system in the present invention.
  • FIG. 9 is a view showing an example of a user computer logged in by performing a login service using a smart phone according to the present invention.
  • FIG. 10 is a block diagram showing another embodiment of a two-way subscriber security authentication system in a network communication network of the present invention.
  • the subscriber security authentication service application for logging in to the user computer 100 for accessing the web page of the service site system 300 and the user computer 100 using the 2D code provided by the service site system 300 is provided.
  • the service site system 300 includes a web server 310 for managing access to a service site, and a security authentication management server 320 for performing and managing subscriber security authentication for a login request using a 2D code. ,
  • the security certification management server 320 includes an OTP generator 321 for generating service site OTP information (OTP_S), a 2D code generator 322 for generating 2D codes to be displayed on the service site, and generated OTP information. And a security authentication control unit 323 for transmitting and managing 2D codes and checking information received from the smartphone 200 to manage and control webpage logins of subscribers who have requested subscriber security authentication, token information registration management and user management information (USER).
  • the subscriber identification information management unit 324 for registering and managing AGENT CODE, and a database 325 for registering and managing token information and user management information (USER AGENT CODE).
  • the user computer 100 is a user terminal means for accessing a service site through a network, and may include a desktop, a notebook, a tablet PC, etc. including a network access means and a web page display means.
  • the smartphone 200 is a personal portable communication terminal means operating by a predetermined operating system, and comprises a wireless Internet access means, a camera means for scanning and obtaining an external image, subscriber security authentication that is operated by the operating system
  • the service application is installed.
  • the subscriber security authentication service application may be installed by a user provided by an application for a corresponding operating system or a system operated by the service site system 300, which is called an 'application'.
  • the subscriber security authentication service application is connected to the service site, the token information registration process for controlling the token information registration process for subscriber authentication, and determines that the subscriber security authentication mode of the user is selected to drive the camera means service site system 300 Scan management process for scanning 2D code provided by the CRT), OTP information generation process for generating user OTP information for security authentication, and decrypted scanned 2D code information to generate response information and generate the generated information.
  • Scan management process for scanning 2D code provided by the CRT Scan management process for scanning 2D code provided by the CRT
  • OTP information generation process for generating user OTP information for security authentication
  • decrypted scanned 2D code information decrypted scanned 2D code information
  • Web server 310 is a server means for access management of a general web page
  • the security authentication management server 320 is a server for performing and managing subscriber security authentication using the smart phone 200 for the login request using the 2D code Means.
  • Shown authentication management server 320 may be configured to integrate into the security authentication management means in the web server (310).
  • the OTP generation unit 321 is a means for generating one-time password information for performing security authentication.
  • the OTP generation unit 321 is configured as an OTP generation process as a password information generation means. It can be implemented using the password generation process.
  • the OTP generating unit 321 is a means for generating service site OTP information OTP_S when generating 2D code.
  • the generation of the OTP information can be implemented by various conventional techniques based on a random number generation technique.
  • the 2D code generation unit 322 generates a primary 2D code and a secondary 2D code in performing a subscriber authentication service under the control of the security authentication controller 323 as a means for generating a 2D code to be displayed on a service site. do.
  • the 2D code is a generic term for graphic tags displayed on the screen, and information is represented by graphic tags.
  • Such a 2D code may include a conventional barcode, QR code, MS_Tag, as well as any code or tag to be implemented in the future, and represents information represented by graphic elements on the screen.
  • the security authentication controller 323 is a control means for controlling the overall execution of the subscriber security authentication service, and controls the 2D code generator 322 and the OTP generator 321 to generate and generate OTP information OTP_S. It provides a process of managing the generation and transmission management of the 2D code including the information (OTP_S), and checks the information received from the smart phone 200 to manage the web page login of the subscriber requesting security authentication.
  • the subscriber identification information management unit 324 is a means for registering and managing token information registered by a subscriber using the subscriber security authentication service app of the smartphone 200 and user management information (USER AGENT CODE) assigned to the app.
  • the database 325 registers and manages token information and user management information (USER AGENT CODE).
  • the present invention having the configuration as described above performs the two-way subscriber security authentication through the following process.
  • Token information registration process in the smartphone 200 to register the token information for subscriber authentication by accessing the service site through the application installed on the smartphone 200 in order to use the subscriber security authentication service using the smartphone 200 and,
  • OTP_S service site OTP information
  • the service site OTP information (OTP_U) is generated by checking the service site OTP information (OTP_S) by scanning the primary 2D code that is driven and checked by the scan input. ) And the process of generating and transmitting the primary 2D code response information in the user smartphone 200 which transmits the generated user OTP information (OTP_U) and user management information (USER AGENT CODE) to preset location information (URL). and,
  • the primary 2D code of the service site from the response information for the received 2D code.
  • the service site OTP information OTP_S
  • load token information matching the user management code USR AGENT CODE
  • URL location information
  • the user By checking the user's scan selection input, the user checks the user's OTP information (OTP_U) transmitted from the information included in the second 2D code by scanning the second 2D code, and the corresponding token information from a part of the received token information. To generate the remaining token information transmitted, and to generate a new replacement user management information (NEW_USER AGENT CODE) to generate the user OTP information (OTP_U), the remaining token information and the new user management information to be replaced 2nd 2D code A second 2D code response information generation and transmission process in the user's smart phone 200 to transmit as response information for,
  • the remaining token information is checked from the received second 2D code response information to determine whether the remaining token information is information that can fill the transmitted token information. If it is determined that the information can be found, the user management information (USER AGENT CODE) registered in the user corresponding to the token information is replaced with the newly replaced user management information (NEW_USER AGENT CODE) to be registered and approved to log in with the application of the user's smartphone. Determination and authentication process of the access permission in the service site system 300 for transmitting information,
  • a connection completion process is performed in the service site system 300 which permits login of a web page of the corresponding service site system 300 and completes the access authentication.
  • the token information registration process in the smartphone 200 is a process for registering the token information as the identification information of the subscriber in the service site system 300 and the smartphone 200.
  • Token information is information that is registered to identify the subscriber, consisting of information such as number combinations, sentences (text), images (image), the user registers through the smartphone 200 as necessary.
  • FIG. 4 is a flowchart illustrating a token registration information registration process performed in a smartphone.
  • a login request process for requesting a subscriber ID and password of the service site system 300 to request access to the service site system;
  • the user token information input process for providing a token information selection menu that can be registered with the token information to allow the user to select and enter the token information to register,
  • Token information transmission process for transmitting the generated token information to the location information (URL) of the specified service site system 300,
  • the new user management information (USER AGENT CODE) is replaced with the new user management information (USER AGENT CODE). It consists of a user management information management process.
  • the method may further include a user setting registration mode setting process of checking whether the initial driving state is performed and performing a subscriber setting registration mode required for driving an application in the first driving state.
  • the process of configuring the subscriber setting registration mode may be performed when the subscriber security authentication service application is initially driven.
  • the user setting registration mode includes a password setting for driving and deleting a subscriber security authentication service application and location information use consent information that enables the application to use location information of a smartphone. It can be performed by running the subscriber security authentication service application regardless of the connection with the service site system 300.
  • the user setting registration mode may be configured by further setting various user option items in using the application.
  • FIG. 5 illustrates a token information registration process performed in a service site system.
  • token information registration process of matching and registering token information according to the ID and password of the connected smartphone 200,
  • new user management information (USER AGENT CODE) of the subscriber security authentication service application of the access smartphone 200 matched the token information.
  • the process of generating and displaying the primary 2D code of the service site system 300 is performed on the user computer 100 so as to be scanned by the smartphone 200 in order to perform a login through the secondary code for the user's access attempt. This is the process of providing the displayed access page.
  • the primary 2D code displayed in the login web page login window on the user computer 100 is the OTP information of the service site system 300.
  • OTP_S only.
  • the process of generating and transmitting primary 2D code response information in the user smartphone 200 is a process of transmitting response information for the primary 2D code provided by the service site system 300.
  • the smartphone 200 checks the OTP information (OTP_S) of the service site system 300 from the scan input for the primary 2D code displayed on the web page, and according to the URL information set in the subscriber authentication service application. Send response information about 2D code.
  • OTP_S OTP information
  • the transmitted response information includes the generated user OTP information (OTP_U), service site OTP information (OTP_S) included in the primary 2D code, and user management information (USER AGENT CODE) of the subscriber security authentication service application.
  • the user management information (USER AGENT CODE) is information for the security of the subscriber as registered in the recognition of the access application and token information in the exchange of information between the service site system 300 and the smartphone 200. This information is replaced after one login or authentication procedure.
  • Second 2D code generation and display process in the service site system 300 by using the response information from the smartphone 200 to confirm whether the response information for the primary 2D code information transmitted by the subscriber, This is a process of generating a 2D 2D code including user OTP information (OTP_U), part of token information, and location information (URL) to receive end user information and displaying it on a user's access page.
  • OTP_U user OTP information
  • URL location information
  • NW_USER AGENT CODE Generate new user management information (NEW_USER AGENT CODE) to be replaced and send user OTP information (OTP_U), remaining token information and newly created user management information (NEW_USER AGENT CODE) as response information for secondary 2D code. .
  • the access permission determination and authentication process in the service site system 300 is a process for performing subscriber security authentication by determining whether the user is a legitimate user by checking the remaining token information in the response information received by the user smartphone 200.
  • the user management information (USER AGENT CODE) registered to the user corresponding to the token information To replace with new received user management information (NEW_USER AGENT CODE).
  • the login process in the user smartphone 200 is a process of allowing the user to log in by displaying a login selection means (login button) selected by the user from the login approval information transmitted from the service site system 300.
  • the connection completion process in the service site system 300 is a process of determining whether the user selects a login from the user smartphone 200 in the service site system 300 and approves the login of the corresponding service site.
  • a subscriber security authentication service application (hereinafter referred to as 'application') on the smartphone 200 is used. Should be installed).
  • the user may request a login using the 2D code of the service site system 300 by using the application such as to receive subscriber authentication.
  • the user must first register the token information in the service site system 300 in order to use the subscriber security authentication service for logging in the web page using the smart phone 200.
  • the registration process of the token information is as shown in the flowcharts shown in Figs.
  • the application for accessing the service site system 300 for the token registration requests the ID and the password.
  • the application is installed and initially run, the application is executed first, and the user setting registration mode for setting whether to make the password setting and current location information available for the application execution and deletion prevention is performed first. .
  • the user can set a password in the user setting registration mode.
  • the application can automatically perform the token information registration mode even when it is first started.
  • Token information can be registered and managed in the service site system 30 and the application by performing the token information registration mode in the app as needed.
  • the application When the token information registration mode is executed, the application requests the user with an ID and password for accessing the service site system 300.
  • the user inputs an ID and password registered in the service site system 300 to the smartphone 200 to request a login.
  • the service site system 300 confirms whether the user is a legitimate user by checking the input ID and password to approve the connection of the smartphone 200.
  • the application provides a token information selection menu so that the user can select and input the token information to register.
  • the user takes a picture of himself or herself by using a desired number combination or smart phone 200, or selects pre-recorded image or text information and inputs it as token information.
  • the application stores the token information entered by the user and generates transmission data for registering in the service site system 300 based on the token information.
  • the generated token information is transmitted to the location information (URL) of the predetermined service site system 300.
  • the service site system 300 When the service site system 300 receives the token information to be registered from the subscriber security authentication service application of the connected smartphone 200, by checking the ID of the connected smartphone 200 to match the token information according to the corresponding ID Register.
  • the new user management information (USER AGENT CODE) of the subscriber security authentication service application of the smartphone 200 registered the token information is generated and transmitted.
  • the received user management information (USER AGENT CODE) is replaced and stored instead of the existing user management information (USER AGENT CODE).
  • Token information is registered in such an operation process.
  • the token information registration mode includes a deletion mode of registered token information, and allows a user to manage deletion of previously registered token information and registration of new token information.
  • the subscriber security authentication service process consists of the following operations.
  • the OTP generation unit 321 of the service site system 300 in the service site OTP information (OTP_S) is generated, and the 2D code generation unit 322 generates a primary 2D code including the service site OTP information OTP_S generated as described above.
  • the security authentication controller 323 transmits the first 2D to the web server 310 to display the web page on the web page and provide the same to the user computer 100.
  • FIG. 6 shows a 2D code on a web page displayed on the user computer 100.
  • the primary 2D code is generated and displayed on the service site web page at a predetermined time unit, and the corresponding primary 2D code is used when the user wants to log in.
  • the user runs the application installed in the smartphone 200 to run the subscriber security authentication mode.
  • the camera of the smartphone 200 is driven to wait to scan the primary 2D code of the web page displayed on the user computer 100.
  • response information is generated and transmitted to the URL information predetermined in the application.
  • the user OTP information OTP_U
  • the service site OTP information included in the primary 2D code is generated.
  • the response information is generated by including (OTP_S), the generated OTP information (OTP_U), and the user management code (USER AGENT CODE) of the application.
  • the service site OTP information (OTP_S) transmitted from the service site system 300 is correct, the token information matching the user management information (USER AGENT CODE) received through the response information is loaded and processed into information for subscriber verification. .
  • the 2D code generation unit 322 generates a second 2D code including the user OTP information (OTP_U) received as the response information, a part of the processed token information, and URL information to receive the end user information. Displayed on the web page you are connected to.
  • OTP_U user OTP information
  • the user scans the secondary 2D code with the smartphone 100 to read the information included in the secondary 2D code.
  • the application checks the user OTP information (OTP_U) sent by him and prepares the response information for the second 2D code.
  • the corresponding token information is determined from a part of the scanned input token information, and the remaining token information is generated from the stored token information.
  • the user management information (NEW_USER AGENT CODE) to be replaced is generated and transmitted as a response information for the secondary 2D code together with the user OTP information OTP_U and the remaining token information.
  • the remaining token information may be checked from the received second 2D code response information and filled with the token information transmitted by the remaining token information. Determine if the information is present.
  • the user management information (USER AGENT CODE) registered in the user corresponding to the token information is replaced with newly received user management information (NEW_USER AGENT CODE).
  • the login approval information for allowing the login to the application of the user smartphone 200 is transmitted.
  • a login button is displayed to allow the user to select a login, and when the user selects the login button, the login selection indicating that the user has selected the login button is selected.
  • the information is sent to the service site system 300.
  • the service site system 300 allows the user to log in by authenticating the subscriber to the web page to which the user computer 100 is connected.
  • the user can log in as shown in FIG. 9 requested by the user computer 100 only by selecting the login of the smartphone 200.
  • the service site system 300 may not only transmit the login approval information to the smartphone 200 but also transmit the login approval information to the corresponding web page so that the user may select and log in.
  • the login selection button is displayed on the login screen of the web page so that the user can log in even when the login selection button of the web page is selected.
  • the smart phone 200 may be configured to provide customized advertisement information and guidance information to the authentication subscriber when the login is permitted.
  • FIG. 10 is a block diagram showing another embodiment of a two-way subscriber security authentication system in a network communication network of the present invention.
  • the security authentication management server 320 of the service site system 300 when the login authentication of the security authentication control unit 323 is confirmed, the subscriber information and the smartphone 200 provided by the web server 310 .
  • the advertisement control unit 326a provides a process for generating customized information according to the subscriber according to the location information obtained from the subscriber, and the notification data of the service site for providing the authenticated subscriber from the web server 310 is received.
  • the database 327 may be further included.
  • the smartphone 200 is always a means that the user possesses and can be easily found and confirmed, so that providing the information to the smartphone 200 is expected to be an effective information transfer and increase its valid period. .
  • the access permission determination and authentication process in the service site system 300 checks the ID of the subscriber when the access permission is determined, requesting the subscription information and notification information of the service site to the web server 310, Generates guide information including advertisement information and notification information to be provided to the subscriber by checking whether or not the location information provided from the subscriber is added to the login approval information, and generates guide information to be transmitted to the application of the user's smartphone 200. And further comprising the transmission process,
  • the login process in the user's smart phone 200 may be generated when the login selection means is created so that the user can log in from the login approval information transmitted from the service site system 300, or the user may input the login selection means.
  • the method further includes a guide information display process for displaying the guide information.
  • the guide information control means 326 is added to the login approval information to send to the smartphone 200 guide Will generate information.
  • the advertisement control unit 326a makes a request to the web server 310 to check whether the member registration information of the corresponding subscriber registered on the service site and the location information are provided from the smartphone 200, and the advertisement information database 327 ) To generate advertising information.
  • the registration information of the member to generate advertising information to provide advertisement information about the current location of the subscriber according to the advertisement information according to gender, age, occupation and location information of the smart phone 200, To provide personalized advertising.
  • the notification control unit 326b receives and provides a request to the web server 310 to determine whether there is notification information registered in the service site system 300 and provides the guide information.
  • Such guide information may be prepared by including various information such as useful life information to be provided to the subscriber, answer information for questions requested by the subscriber, and news.
  • the guide information generated as described above is added to the login approval information to be provided as an application of the user smartphone 200 and transmitted to the user smartphone 200.
  • the login approval information is received from the service site system 300 as described above, as described above, while displaying the login button so that the user can select the login, the guide information is displayed or only a part (title) of the guide information is displayed. .
  • the guide information may be displayed when the user selects the login button.
  • the application of the user's smartphone 200 provides the user with the ability to check, edit or delete these guide information as needed.
  • the user can check the stored advertisement information and notification information by executing the application of the smartphone 200, and can be edited and deleted as necessary.
  • trusted banking system In addition to providing a user can also be provided with a convenient and secure way to secure authentication.
  • the invention can be usefully applied.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

La présente invention porte sur un procédé d'authentification pour un abonné accédant à une page de réseau fournie sur un réseau de communication tel que l'internet. D'une manière générale, un procédé est utilisé dans lequel un utilisateur introduit des informations par l'intermédiaire d'un clavier sur un ordinateur personnel de l'utilisateur de manière à accéder à un site Web et ouvrir une session dans le site Web. Toutefois, ce procédé comporte toujours un risque que les informations confidentielles puissent être divulguées par un outil d'hameçonnage qui remplit une fonction d'interception de frappe effectuée sur un clavier. De manière à résoudre le problème susmentionné, la présente invention porte sur un procédé d'authentification de sécurité d'un abonné dans une page faisant l'objet d'un accès sur un réseau sans utiliser d'outils dans un ordinateur d'utilisateur tels qu'un clavier et une souris, et en particulier un système et un procédé d'authentification de sécurité d'un abonné sur un réseau de communication qui éliminent fondamentalement le risque d'hameçonnage par la possibilité d'authentifier un abonné pour accéder à une page de réseau par utilisation d'un téléphone intelligent commandé par un système d'exploitation prédéterminé. La présente invention porte également sur un système et un procédé d'authentification de sécurité d'un abonné bidirectionnel sur un réseau de communication, dans lesquels, pour effectuer une authentification d'un abonné sur un réseau de communication, un utilisateur est autorisé à reconnaître si une page de réseau (site Web) à laquelle l'utilisateur a accédé est une page de réseau correcte ou non, par réalisation d'une authentification pour la page de réseau à laquelle l'utilisateur tente d'accéder.
PCT/KR2012/000879 2011-02-08 2012-02-07 Système et procédé d'authentification de sécurité d'un abonné bidirectionnel sur un réseau de communication, et support d'enregistrement sur lequel le procédé est enregistré Ceased WO2012108661A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020110011190A KR101051407B1 (ko) 2011-02-08 2011-02-08 네트워크 통신망에서의 쌍방향 가입자 보안 인증 시스템과 방법 및 이 방법을 기록한 기록매체
KR10-2011-0011190 2011-02-08

Publications (2)

Publication Number Publication Date
WO2012108661A2 true WO2012108661A2 (fr) 2012-08-16
WO2012108661A3 WO2012108661A3 (fr) 2012-12-13

Family

ID=44924002

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2012/000879 Ceased WO2012108661A2 (fr) 2011-02-08 2012-02-07 Système et procédé d'authentification de sécurité d'un abonné bidirectionnel sur un réseau de communication, et support d'enregistrement sur lequel le procédé est enregistré

Country Status (2)

Country Link
KR (1) KR101051407B1 (fr)
WO (1) WO2012108661A2 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016501412A (ja) * 2012-12-07 2016-01-18 株式会社カカオ パーソナルコンピュータを活用するモバイルインスタントメッセージングサービス方法
GB2615612A (en) * 2022-03-16 2023-08-16 Ecomar Propulsion Ltd Belt driven inboard marine propulsion system

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8485438B2 (en) 2011-09-19 2013-07-16 Google Inc. Mobile computing device authentication using scannable images
KR101380616B1 (ko) 2011-10-24 2014-04-18 (주)모바코리아 스마트폰을 이용한 실시간 상품구매 예약관리 방법
KR101383761B1 (ko) 2011-12-22 2014-04-18 주식회사 스마트시스템즈 사용자 인증 시스템 및 그 방법
KR101358346B1 (ko) 2012-01-26 2014-02-07 정성권 자동 로그인 방법 및 자동 로그인 시스템
KR101595099B1 (ko) * 2015-04-20 2016-02-17 주식회사 기가코리아 보안코드 서비스 제공 방법
KR101705598B1 (ko) * 2016-05-25 2017-02-10 주식회사 동운인터내셔널 스마트폰의 사용설명 영상 컨텐츠와 광고의 제공 방법 및 시스템
US10771971B2 (en) * 2017-10-18 2020-09-08 Samuel Salloum Secured multi-factor authentication
JP6592573B1 (ja) * 2018-09-10 2019-10-16 Line株式会社 情報処理方法、情報表示方法、プログラム、端末、サーバ

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100409270B1 (ko) * 2000-06-14 2003-12-11 주식회사 칼라짚미디어 물리적으로 표현된 코드이미지를 이용한 인증 서비스 방법및 그 장치
JP4660398B2 (ja) 2005-12-23 2011-03-30 株式会社東芝 ユーザー認証システムと、このユーザー認証システムで使用される提供用サーバ装置、携帯通信装置、利用者用携帯通信装置、承認者用携帯通信装置および認証用サーバ装置と、これらの装置のためのプログラム
KR100858144B1 (ko) * 2006-12-29 2008-09-10 주식회사 케이티프리텔 이동통신 단말기를 이용한 인터넷 사이트에서의 사용자인증 방법 및 장치
KR20090013616A (ko) * 2007-08-02 2009-02-05 (주)솔메이즈 서버 인증 코드를 이용한 서버 인증 시스템 및 방법
ES2373489T3 (es) * 2008-09-17 2012-02-06 Gmv Soluciones Globales Internet S.A. Procedimiento y sistema para autenticar a un usuario mediante un dispositivo móvil.

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016501412A (ja) * 2012-12-07 2016-01-18 株式会社カカオ パーソナルコンピュータを活用するモバイルインスタントメッセージングサービス方法
GB2615612A (en) * 2022-03-16 2023-08-16 Ecomar Propulsion Ltd Belt driven inboard marine propulsion system
GB2615612B (en) * 2022-03-16 2024-05-15 Ecomar Propulsion Ltd Belt driven inboard marine propulsion system

Also Published As

Publication number Publication date
WO2012108661A3 (fr) 2012-12-13
KR101051407B1 (ko) 2011-07-22

Similar Documents

Publication Publication Date Title
WO2012108661A2 (fr) Système et procédé d'authentification de sécurité d'un abonné bidirectionnel sur un réseau de communication, et support d'enregistrement sur lequel le procédé est enregistré
WO2022102930A1 (fr) Système did utilisant une authentification par pin de sécurité basée sur un navigateur, et procédé de commande associé
WO2014104507A1 (fr) Système et procédé d'ouverture de session sécurisée et appareil correspondant
WO2014007516A1 (fr) Système de service à certificat unique et son procédé de fonctionnement
WO2022050652A1 (fr) Procédé, appareil et support d'enregistrement lisible par ordinateur pour la commande d'un compte
WO2017171167A1 (fr) Dispositif pour fournir des informations de recrutement et de recherche d'emploi, et procédé associé
WO2020091278A1 (fr) Système et procédé de fourniture d'informations personnelles utilisant une clé privée à usage unique basée sur une chaîne de blocs de preuve d'utilisation
WO2017188610A1 (fr) Procédé et système d'authentification
WO2020189926A1 (fr) Procédé et serveur permettant de gérer une identité d'utilisateur en utilisant un réseau à chaîne de blocs, et procédé et terminal d'authentification d'utilisateur utilisant l'identité d'utilisateur basée sur un réseau à chaîne de blocs
WO2015093734A1 (fr) Système et procédé d'authentification utilisant un code qr
WO2016129929A1 (fr) Système d'authentification de sécurité pour la connexion d'un membre d'un site web en ligne, et procédé associé
EP2888711A1 (fr) Procédé et appareil de partage de contenu
WO2017094998A1 (fr) Système d'authentification d'identité personnelle d'informations biométriques et procédé utilisant des informations de carte financière stockées dans un terminal de communication mobile
WO2018166099A1 (fr) Procédé et dispositif de détection de fuite d'informations, serveur et support d'informations lisible par ordinateur
WO2013141602A1 (fr) Procédé d'authentification et système pour ce procédé
WO2020189927A1 (fr) Procédé et serveur de gestion de l'identité d'un utilisateur à l'aide d'un réseau de chaîne de blocs, et procédé et terminal d'authentification d'utilisateur à l'aide d'une identité d'utilisateur sur la base d'un réseau de chaîne de blocs
WO2013191325A1 (fr) Procédé pour authentifier un identifiant d'ouverture par plate-forme de confiance, et appareil et système associés
WO2015126037A1 (fr) Système et procédé d'identification personnelle et antivol utilisant une clé aléatoire jetable
US20190173877A1 (en) System and control method therefor
WO2020022700A1 (fr) Élément de sécurité de traitement et d'authentification de clé numérique et procédé de fonctionnement associé
WO2020017767A1 (fr) Procédé et dispositif de commande d'accès d'application
WO2012141514A2 (fr) Système pour relayer des informations médicales, appareil pour fournir des informations médicales et procédé pour relayer des informations médicales
WO2017171168A1 (fr) Support d'enregistrement lisible par ordinateur permettant d'enregistrer un procédé destiné à fournir des informations de recrutement et de recherche d'emploi
WO2023136874A1 (fr) Session utilisateur personnalisée au niveau d'un dispositif partagé
WO2013039304A1 (fr) Procédé d'enregistrement d'une adhésion pour un paiement électronique, système associé, et appareil et terminal associés

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12744433

Country of ref document: EP

Kind code of ref document: A2

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12744433

Country of ref document: EP

Kind code of ref document: A2