WO2012169752A2 - Système et procédé d'authentification d'un dispositif qui tente d'établir une connexion - Google Patents

Système et procédé d'authentification d'un dispositif qui tente d'établir une connexion Download PDF

Info

Publication number
WO2012169752A2
WO2012169752A2 PCT/KR2012/004388 KR2012004388W WO2012169752A2 WO 2012169752 A2 WO2012169752 A2 WO 2012169752A2 KR 2012004388 W KR2012004388 W KR 2012004388W WO 2012169752 A2 WO2012169752 A2 WO 2012169752A2
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
unique value
registration
verification
connection attempt
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2012/004388
Other languages
English (en)
Korean (ko)
Other versions
WO2012169752A3 (fr
Inventor
김영기
원현식
정명재
유장선
김인수
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inca Internet Co Ltd
Original Assignee
Inca Internet Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inca Internet Co Ltd filed Critical Inca Internet Co Ltd
Priority to KR1020137028306A priority Critical patent/KR101583698B1/ko
Publication of WO2012169752A2 publication Critical patent/WO2012169752A2/fr
Publication of WO2012169752A3 publication Critical patent/WO2012169752A3/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Definitions

  • the present invention relates to a system and method for authenticating a device attempting to access an online service. More specifically, the present invention relates to a registered device that a user attempts to access a web server in a PC environment or a mobile environment. A connection attempt device authentication system and method for authenticating authentication.
  • the impersonator may be a person who has stolen the personal authentication information of the party user in an illegal manner against the party user's intention.
  • PC designated service technology As a complementary security countermeasure, a technology (hereinafter, referred to as a PC designated service technology) has been proposed in which an online service can be used only by a registered PC designated by a user.
  • Prior arts related to PC designation services include Korean Patent Publication No. 2010-125496 and Korean Patent Registration No. 1023793. These prior arts register a web server by associating a user's user ID with one or more pieces of computer information specified by the customer for online services (Internet banking). When any computer attempts to connect, the web server checks whether the computer attempting the connection is a computer that is pre-registered for the online service, and provides the online service to the computer only if the computer is a pre-registered computer.
  • NCsoft In the case of the online game website, NCsoft first applied PC-specific services to the online game Massively Multiplayer Online Role Playing Game (MMORPG) Lineage series in September 2006, and other online game companies (NHN Han Games, Nexon, etc.) It is known that the PC designated service is in service or under service review.
  • some bank websites provide PC-designated services for Internet banking websites. For example, in the case of a PC designated service applied to KB Kookmin Bank, a user may register up to 10 computers to use Internet banking. Financial transactions, such as transfer services, can be made through 10 registered computers that are registered in advance, but only inquiry services are possible on unregistered computers.
  • the web server calculates an authentication unique value from the hardware information of the requested PC and registers it with the user's personal authentication information (user ID) and registers it in advance. Thereafter, the web server calculates the authentication unique value of the connection attempt PC from the hardware information of the PC attempting to access the web server using the personal authentication information (user ID) of the user.
  • the method of calculating the authentication unique value of the registered PC and the method of calculating the authentication unique value of the connection attempt PC are the same.
  • the web server compares the calculated authentication unique value of the access attempted PC with the authentication unique value of the registered PC matched with the user's personal authentication information, and determines whether to grant or reject the corresponding online service to the access attempted PC. .
  • the authentication intrinsic value of the access attempted PC transmitted to the network can be easily hacked and tampered by hackers. Therefore, even if the impersonator attempts to access the web server using a non-registered PC instead of a registered user's PC, the unregistered PC
  • the authentication unique value of may be modified into the authentication unique value of the registered PC. In this case, there is a problem that the web server does not recognize this and allows the user to use the online service on a connection attempt unregistered PC used by the name impersonator.
  • the prior art calculates the authentication unique value of the PC from the same hardware information regardless of the system configuration state of the registration PC and the connection attempt PC, the authority of the user account of the CMOS setting of the PC or the operating system (OS). In some cases, some PCs may not be able to collect the information needed to calculate the unique value of authentication. However, if the authentication unique value (for example, the MAC address mainly used in the PC designated service of the website) is calculated based on the limited hardware information that all PCs have, the authentication unique value has a vulnerability that is easy to be tampered with. have. In addition, the conventional technology has a problem that the convenience of the user is reduced because the device registered by the user to access the web server is limited to the PC.
  • An object of the present invention devised to solve the above-described problems of the related art is to first authenticate whether a connection attempt device is a registered device by itself, and to determine whether the web server is a registered device only for a first attempted connection attempt device.
  • the present invention provides a system and a method for authenticating an attempted device for second authentication, and allowing a user to use an online service to an access attempted device in which both first and second authentications are successful.
  • connection attempt device authentication system for achieving the above object, in the connection attempt device authentication system installed in the device connected to the user authentication server,
  • An information collection module for collecting at least two environmental information of a hardware environment and a software environment installed in the device
  • An authentication control module that performs a device registration procedure for the device when a user requests a device registration, and performs a device verification procedure for an attempt to access the device when the user requests an online service;
  • a first authentication unique value is calculated by combining at least two or more environmental information collected by the information collecting module according to the type of the device and the type of operating system installed in the device, and providing the authentication control module with the first authentication unique value.
  • the authentication control module stores the first authentication unique value for registration input from the first authentication unique value calculation module during the device registration procedure in a storage unit of the device and transmits the stored to the user authentication server.
  • the primary authentication unique value for verification inputted from the primary authentication unique value calculation module is compared with the primary authentication unique value for registration, and then verified and transmitted to the user authentication server. do.
  • connection attempt device authentication method in the connection attempt device authentication method of the connection attempt device authentication system installed in the device connected to the user authentication server,
  • a third step of the connection attempt device authentication system combining at least two or more environmental information from the connection attempt device to calculate a primary authentication unique value for verification;
  • a fourth step of the connection attempt device authentication system comparing the primary authentication unique value for verification and the registration primary authentication unique value stored in a storage unit of the connection attempt device;
  • the connection attempting device authentication system transmits the verification first authentication unique value to the user authentication server.
  • connection attempt device authentication system compares the fourth step with the verification first authentication unique value and the registration first authentication unique value, the authentication from the user authentication server fails after the fifth step. And a seventh step of blocking an online service to the access attempt device.
  • connection attempt device authentication method may include: a first step of identifying, by the connection attempt device authentication system, a device type and an operating system of the connection attempt device when a request for verification of a connection attempt device for the device is requested;
  • a third step of the connection attempt device authentication system combining at least two or more environmental information from the connection attempt device to calculate a primary authentication unique value for verification;
  • a fourth step of the connection attempt device authentication system comparing the primary authentication unique value for verification and the registration primary authentication unique value stored in a storage unit of the connection attempt device;
  • the connection attempting device authentication system transmits the verification first authentication unique value to the user authentication server.
  • connection attempt device authentication system compares the fourth step with the verification first authentication unique value and the registration first authentication unique value, the authentication from the user authentication server fails after the fifth step. And a seventh step of blocking an online service to the access attempt device.
  • the registered device calculates the first authentication unique value and the second authentication unique value based on the software and / or hardware environment information, and performs the second authentication through the web server after the first authentication. Therefore, there is an effect that can enhance the security against network packet hacking.
  • the authentication unique value is calculated by combining the information that can be collected according to the type of the registered device and the connection attempt device (PC, mobile phone, tablet PC) and the operating system (OS) installed in the device. For example, it is difficult to tamper with the authentication intrinsic value, thereby enhancing security.
  • FIG. 1 is a block diagram showing a connection attempt device authentication system according to the present invention.
  • FIGS. 2 and 3 are flowcharts illustrating a method for authenticating a connection attempt device according to the present invention.
  • communication unit 120 communication network
  • connection attempt device authentication system 141 information collection module
  • FIG. 1 is a block diagram showing a connection attempt device authentication system according to the present invention.
  • the device 110 is connected to the user authentication server 130 through the communication network 120.
  • the user authentication server 130 may be physically used together with a typical web server that provides various online services to the device 110.
  • the user authentication server 130 is connected with the server database 131 and provides a device designation service to the device 110.
  • the server database 131 stores authentication unique values for each registered device that are matched with user identification information (user ID) and designated by the user. When a plurality of registered devices are matched and stored in one user identification information, the server database 131 may also store unique identification names for each registered device.
  • the device designation service refers to a procedure in which a user designates or cancels an arbitrary device as a registered device for using an online service on the user authentication server 130, or a device that attempts to access a web server with an arbitrary user ID. And a procedure for verifying whether the registered device is based on the user ID.
  • the device 110 includes a connection attempt device authentication system 140 according to the present invention.
  • the connection attempt device authentication system 140 is made of software, installed in the device 110, and executed using hardware equipment of the device 110. This software may be downloaded and installed on the device 110 through the user authentication server 130 or other software supply server.
  • the device 110 In order to use the online service (eg, electronic banking service, electronic bidding, online games, online sales, etc.) through the web server, the device 110 must install the access attempt device authentication system 140.
  • the online service eg, electronic banking service, electronic bidding, online games, online sales, etc.
  • the connection attempt device authentication system 140 includes an information collection module 141, a first authentication unique value calculation module 142, a second authentication unique value calculation module 143, and an authentication control module 144. do.
  • the information collection module 141 collects hardware environment and software environment information installed in the device 110, which includes a hardware serial number, a universally unique ID (UUID), a hard disk serial number (HDD serial number), and a hard disk volume.
  • Serial number HDMI volumn serial number
  • HDD model name HDD model name
  • OS operating system
  • ID OS installation ID
  • IMSI subscriber identification number
  • USIM Universal Subscriber Identity Module
  • IMEI International Mobile Equipment Identity
  • the information collection module 141 is a type of device, whether it is a mobile phone, a PC, or a tablet PC, and whether the operating system (OS) installed in the device is Windows, Windows, Linux, iOS, Android, or Windows. Collect different environmental information depending on whether it is mobile.
  • OS operating system
  • the authentication control module 144 performs a device registration procedure and a connection attempt device verification procedure according to the present invention.
  • the registration device and the connection attempt device are the same device, in the device registration procedure designated by the user as the registration device, the user attempts to connect to the web server and use the online service by naming it as the registration device.
  • the device verification procedure it is called a connection attempt device.
  • the authentication control module 144 converts the registration primary authentication unique value calculated by the primary authentication unique value calculation module 142 into a hash value and stores it as a file in the storage unit 111. Then, the storage unit 111 stores the first authentication unique value file and records the first authentication unique value file generation time. Next, the authentication control module 144 converts the second authentication unique value for registration calculated by the second authentication unique value calculation module 143 into a hash value and transmits the user authentication server through the communication unit 112 together with the user identification information. 130). In this case, the unique identification name for identifying the registered device may be transmitted together. Then, the user authentication server 130 stores the user identification information, the secondary authentication unique value for registration of the registered device, and the unique identification name in the server database 131. The second authentication unique value calculation module 143 may be omitted. In this case, the first authentication unique value for registration calculated by the first authentication unique value calculation module 142 may be used as the second authentication unique value for registration.
  • the authentication control module 144 converts the primary authentication unique value for verification calculated by the primary authentication unique value calculation module 142 into a hash value for registration stored as a file in the registration device registration procedure.
  • the primary authentication is made as to whether the connection attempting device is a registered device compared with the primary authentication unique value.
  • the authentication control module 144 converts the second authentication unique value for verification calculated by the second authentication unique value calculation module 143 into a hash value to convert the communication unit 112 together with the user identification information. Transfer to the user authentication server 130 through.
  • the user authentication server 130 compares the received second authentication unique value for verification with the registration second authentication unique value stored in the server database 131 to secondly authenticate whether or not the connection attempting device is a registered device.
  • the second authentication unique value calculation module 143 is omitted, the first authentication unique value for verification and the second authentication unique value for verification are the same.
  • the registration device and the connection attempt device are the same and the hardware and software environment has not changed, the first authentication unique value for registration and the first authentication unique value for verification are the same, the second authentication unique value for registration and second verification for verification are the same. Since the eigenvalues are the same, the connection attempting device can succeed in both the first authentication and the second authentication to use the online service. However, if the registration device and the connection attempt device are different, the primary authentication unique value (authentication unique value stored in the registered device) and the verification primary authentication unique value cannot be the same. Even if the first authentication passes, the second authentication unique value for registration (the authentication unique value stored in the user authentication server) and the second authentication unique value for verification (or the first authentication unique value for verification) are not the same. You will not be able to pass Secondary Authentication. If the attempted device does not succeed in the first or second authentication, the web server's online service cannot be used.
  • the authentication control module 144 Since the authentication control module 144 combines various hardware environment and software environment information of the registration device and the connection attempt device to generate an authentication unique value, when the hardware or software of the registration device is changed (for example, replacing a hard disk or an operating system). Reinstallation, file change), and the authentication control module 144 determines that the registration device and the connection attempt device are not the same. In this case, the authentication control module 144 recognizes the registered device whose hardware and software environment has been changed as a new device, and guides the user to proceed with the new device registration procedure.
  • the first authentication unique value calculation module 142 performs first authentication using information that can be collected according to an operating system (OS) installed in the device among hardware and software environment information of the device 110 collected by the information collection module 141. Calculate the eigenvalues, convert them to hash values, and create them as files.
  • OS operating system
  • the first authentication unique value is generated by combining different device identification information according to the type of device and the type of operating system installed in the device.
  • the primary authentication unique value calculation module 142 may identify the OS installation ID, hard disk serial number, file creation time, and user identification.
  • the first authentication unique value is generated by combining information and the like.
  • the OS installation ID means a unique installation ID generated based on the product ID and hardware identifier information when installing the Windows OS.
  • the first authentication unique value calculation module 142 generates a UUID and HDD model name (HDD model name)
  • the first authentication unique value is generated by combining time and user identification information.
  • the reason why the Linux operating system generates the first authentication unique value by combining the hard disk model names is that the Linux operating system cannot access the hard disk serial number information with general user authority.
  • the operating system installed in the device is a Mac operating system (Mac OS)
  • the first authentication unique value is generated by combining the hardware serial number, the hard disk serial number, the creation time, and the user identification information.
  • a mobile phone can be used by subscribing to a mobile carrier, and according to a communication protocol technology (W-CDMA or GSM) serviced by the mobile carrier, the mobile phone has a Universal Subscriber Identity Module (USIM) card or a Subscriber Identity Module (SIM) card. Is fitted.
  • USIM Universal Subscriber Identity Module
  • SIM Subscriber Identity Module
  • the USIM card or SIM card stores personal additional contents such as text messages, e-mails, phone books, etc. along with important information such as subscriber identification number (IMSI), network information, authentication information, and the like.
  • the first authentication unique value calculation module 142 is a subscriber identification number (IMSI), device unique number (IMEI), model number, firmware version, baseband version, kernel version, build number And the like to generate the first authentication unique value. If the device is a mobile phone and the OS is iOS, the first authentication unique value is generated by combining the subscriber identification number (IMSI), the device unique number (IMEI), the iOS version, and the integrated circuit card IDentifier (ICCID). If the device is a mobile phone and the OS is Windows Mobile, a first authentication unique value is generated by combining the subscriber identification number (IMSI), the device unique number (IMEI), and the like.
  • the second authentication unique value calculation module 143 may also generate the second authentication unique value by extracting hardware information and / or software information from the device as described above.
  • the primary authentication unique value calculation module 142 calculates the primary authentication unique value for registration based on the time (creation time) at which the primary authentication unique value file for registration is recorded in the storage and converts it into a hash value. In this case, the generation time of the primary authentication unique value file for registration is recorded. Subsequently, when verifying the access attempt device, the first authentication unique value calculation module 142 calculates a first authentication unique value for verification based on the file generation time information recorded in the storage unit and registers the first authentication unique value for registration. Compare. As a result, it is possible to prevent the primary authentication unique value file for registration from being copied and used in the access attempt device.
  • the second authentication unique value calculation module 143 calculates the second authentication unique value based on hardware-specific hardware information of the hardware environment information of the device 110 collected by the information collection module 141.
  • the second authentication unique value calculation module 143 may be omitted, and second authentication (communication between the device and the user authentication server using the first authentication unique value generated by the first authentication unique value calculation module) may be omitted. Can also be performed through authentication).
  • FIGS. 2 and 3 are flowcharts illustrating a method for authenticating a connection attempt device according to the present invention.
  • the connection attempt device authentication system 140 identifies a device type and an operating system type (S202), and collects hardware and / or software for each device type and operating system. Collect the environment (S203).
  • the hardware and / or software environment that can be collected for each operating system may be set in advance.
  • the collected first authentication unique value for registration is calculated by combining the collected hardware and / or software environment information, generation time information, and user identification information (S204), and the first authentication unique value for registration is converted into a hash value.
  • the primary authentication unique value file for registration is stored in the storage unit (S205).
  • the storage unit records the generation time of the primary authentication unique value file for registration.
  • the generation time information combined to calculate the primary authentication unique value for registration means the generation time of the primary authentication unique value file for registration, so that the file is equal to the time recorded in the storage unit.
  • connection attempt device authentication system 140 calculates a second authentication unique value for registration from preset hardware and / or software environment information (S206), and calculates the calculated second authentication unique value for the user authentication server. It transmits (S207).
  • step S206 may be omitted, and the registration primary authentication unique value calculated in step S204 may be set as the registration secondary authentication unique value in step S207 and transmitted to the user authentication server.
  • the second authentication unique value (which may be the same as or different from the first authentication unique value) of the registered device is registered in the user authentication server.
  • the access attempt device authentication system 140 determines the device type and operating system of the access attempt device. (S209), collect hardware and / or software environment that can be collected for each device type and operating system (S210). Then, the first authentication unique value for verification is calculated by combining the collected hardware and / or software environment information, the generation time information of the registration first authentication unique value file recorded in the storage unit, and the user identification information (S211). ), And compares the primary authentication unique value for verification with the primary authentication unique value for registration stored in the storage unit (S212).
  • the secondary authentication unique value for verification is calculated (S214), and the secondary authentication unique value for verification is transmitted to the user authentication server. (S215).
  • the step S214 may be omitted, and the verification first authentication unique value calculated in step S211 may be set as the verification second authentication unique value in step S215 and transmitted to the user authentication server.
  • the primary authentication unique value for verification and the primary authentication unique value for registration are not the same in step S213 (S213), the online service of the connection attempting device is blocked (S216), and the current connection attempting device is recognized as a new device. And the device registration for the new device guides (S217).
  • step S215 if the second authentication is successful from the user authentication server (S218), since the first and second authentications are successful, the access attempting device provides an online service to the access attempting device (S219). However, if the second authentication from the user authentication server fails (S218), the online service of the attempted device is blocked (S216), the current attempted device is recognized as a new device, and the device registration for the recognized new device is guided. (S217).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Power Engineering (AREA)
  • Computing Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention se rapporte à un système et un procédé adaptés pour authentifier un dispositif qui tente d'établir une connexion dans un environnement PC ou un environnement mobile. Le système et le procédé selon l'invention authentifient si le dispositif qui accomplit actuellement une tentative d'établir une connexion à un serveur Web est, ou non, un dispositif enregistré, prédéterminé par un utilisateur. Le système selon la présente invention, qui est adapté pour authentifier le dispositif qui tente d'établir une connexion, est un système qui se trouve à l'intérieur d'un système adapté pour authentifier un dispositif qui tente d'établir une connexion, tout en étant présent dans un dispositif connecté à un serveur d'authentification d'utilisateur, comprend : un module de collecte d'informations, qui collecte des informations relatives à un environnement matériel et des informations relatives à un environnement logiciel à partir du dispositif ; un module de contrôle d'authentification, qui exécute une procédure d'enregistrement relative au dispositif quand un utilisateur demande un enregistrement du dispositif, et qui exécute une procédure de vérification relative au dispositif qui tente d'établir une connexion par rapport au dispositif d'une demande de service en ligne transmise par l'utilisateur ; un module de production de valeur propre d'authentification primaire, qui produit une valeur propre pour une authentification primaire, en combinant au moins deux types d'informations environnementales collectées par le module de collecte d'informations, sur la base d'un système d'exploitation installé dans le dispositif, et qui transmet la valeur propre d'authentification primaire au module de contrôle d'authentification ; et un module de production de valeur propre d'authentification secondaire, qui produit une valeur propre pour une authentification secondaire, en combinant au moins deux types d'informations environnementales collectées par le module de collecte d'informations, sur la base d'un système d'exploitation installé dans le dispositif, et qui transmet la valeur propre d'authentification secondaire au module de contrôle d'authentification.
PCT/KR2012/004388 2011-06-07 2012-06-04 Système et procédé d'authentification d'un dispositif qui tente d'établir une connexion Ceased WO2012169752A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020137028306A KR101583698B1 (ko) 2011-06-07 2012-06-04 접속 시도 기기 인증 시스템 및 방법

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR20110054433 2011-06-07
KR10-2011-0054433 2011-06-07

Publications (2)

Publication Number Publication Date
WO2012169752A2 true WO2012169752A2 (fr) 2012-12-13
WO2012169752A3 WO2012169752A3 (fr) 2013-03-28

Family

ID=47296568

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2012/004388 Ceased WO2012169752A2 (fr) 2011-06-07 2012-06-04 Système et procédé d'authentification d'un dispositif qui tente d'établir une connexion

Country Status (2)

Country Link
KR (1) KR101583698B1 (fr)
WO (1) WO2012169752A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113839973A (zh) * 2020-06-23 2021-12-24 炬芯科技股份有限公司 通信连接方法、装置、设备及存储介质

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160114437A (ko) * 2015-03-24 2016-10-05 아주대학교산학협력단 Mac 어드레스를 이용하여 인증을 수행하기 위한 시스템 및 그 방법
KR101618692B1 (ko) * 2016-01-06 2016-05-09 주식회사 센스톤 보안성이 강화된 사용자 인증방법
KR101746102B1 (ko) * 2016-04-28 2017-06-13 주식회사 센스톤 무결성 및 보안성이 강화된 사용자 인증방법
KR20250179399A (ko) * 2024-06-21 2025-12-30 주식회사 안랩 장비간 통신 보안 강화 방법 및 장치

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7185360B1 (en) * 2000-08-01 2007-02-27 Hereuare Communications, Inc. System for distributed network authentication and access control
JP3767561B2 (ja) * 2002-09-02 2006-04-19 ソニー株式会社 機器認証装置、機器認証方法、および情報処理装置、情報処理方法、並びにコンピュータ・プログラム
JP4240297B2 (ja) * 2003-04-21 2009-03-18 ソニー株式会社 端末機器、認証端末プログラム、機器認証サーバ、機器認証プログラム
JP2006099415A (ja) * 2004-09-29 2006-04-13 Sanyo Electric Co Ltd コンテンツ配信システム、コンテンツ配信方法、機器認証サーバおよび機器認証サーバの制御方法
KR20090022493A (ko) * 2007-08-30 2009-03-04 박동국 디바이스 인증 방법, 장치 및 그 방법을 실행하는프로그램이 기록된 기록매체
KR100899638B1 (ko) 2008-12-12 2009-05-27 (주)이바이언 장치식별정보를 이용한 서비스 제공 방법, 그 장치 및 그 프로그램을 기록한 컴퓨터 판독 가능한 기록매체

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113839973A (zh) * 2020-06-23 2021-12-24 炬芯科技股份有限公司 通信连接方法、装置、设备及存储介质
CN113839973B (zh) * 2020-06-23 2024-04-12 炬芯科技股份有限公司 通信连接方法、装置、设备及存储介质

Also Published As

Publication number Publication date
WO2012169752A3 (fr) 2013-03-28
KR101583698B1 (ko) 2016-01-08
KR20140043071A (ko) 2014-04-08

Similar Documents

Publication Publication Date Title
WO2019177298A1 (fr) Procédé et appareil pour gérer une authentification d'utilisateur dans un réseau de chaîne de blocs
WO2012144849A2 (fr) Procédé d'authentification d'accès pour multiples dispositifs et plateformes
WO2018124857A1 (fr) Procédé et terminal d'authentification sur la base d'une base de données de chaînes de blocs d'un utilisateur sans face-à-face au moyen d'un id mobile, et serveur utilisant le procédé et le terminal
WO2011062364A2 (fr) Système et appareil d'authentification d'utilisateur, carte intelligente et procédé d'authentification d'utilisateur pour une gestion d'authentification universelle
WO2011118871A1 (fr) Procédé d'authentification et système utilisant un terminal mobile
CN107113613B (zh) 服务器、移动终端、网络实名认证系统及方法
WO2013176491A1 (fr) Procédé d'authentification d'utilisateur de service web
WO2021137396A1 (fr) Procédé de service de certificat basé sur une preuve à connaissance nulle utilisant un réseau de chaîne de blocs, serveur de support de certification l'utilisant et terminal utilisateur l'utilisant
WO2018216988A1 (fr) Système d'authentification de sécurité et procédé d'authentification de sécurité destinés à créer une clé de sécurité par combinaison de facteurs d'authentification de multiples utilisateurs
WO2017057899A1 (fr) Système d'authentification intégré pour authentification grâce à des nombres aléatoires à usage unique
WO2015069018A1 (fr) Système d'ouverture de session sécurisée et procédé et appareil pour celui-ci
WO2018021708A1 (fr) Procédé et système d'authentification de service basée sur une clé publique
WO2018026109A1 (fr) Procédé, serveur et support d'enregistrement lisible par ordinateur pour décider d'une permission d'accès à un portail au moyen d'un réseau
WO2018216991A1 (fr) Procédé d'authentification de sécurité permettant de créer une clé de sécurité en combinant des facteurs d'authentification de multiples utilisateurs
WO2022045419A1 (fr) Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire
WO2012169752A2 (fr) Système et procédé d'authentification d'un dispositif qui tente d'établir une connexion
WO2017217808A1 (fr) Procédé d'authentification mobile et système correspondant
WO2018128237A1 (fr) Système d'authentification d'identité et équipement d'utilisateur utilisant une analyse de motif d'utilisation d'utilisateur
WO2018169150A1 (fr) Système et procédé d'authentification d'utilisateur à base d'écran verrouillé
WO2018040760A1 (fr) Serveur, terminal et procédé de validation pour code d'autorisation associé
WO2014061897A1 (fr) Procédé pour mettre en œuvre un service de confirmation de connexion et d'autorisation au moyen d'un terminal d'utilisateur mobile
WO2017086757A1 (fr) Procédé et dispositif de maîtrise de la sécurité d'un dispositif cible à l'aide d'un tunnel sécurisé
WO2010068057A1 (fr) Appareil de gestion de données d'identité et procédé correspondant
WO2012074275A2 (fr) Appareil d'authentification d'utilisateur pour un usage sécurisé de l'internet, procédé d'authentification d'utilisateur pour un usage sécurisé de l'internet et support enregistré l'enregistrant
WO2018026108A1 (fr) Procédé, terminal autorisé et support d'enregistrement lisible par ordinateur permettant de décider d'autoriser l'accès au portail au moyen d'un réseau

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12796042

Country of ref document: EP

Kind code of ref document: A2

ENP Entry into the national phase

Ref document number: 20137028306

Country of ref document: KR

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12796042

Country of ref document: EP

Kind code of ref document: A2