KR101066693B1 - 전자 인증서의 보안 및 확인 방법 - Google Patents
전자 인증서의 보안 및 확인 방법 Download PDFInfo
- Publication number
- KR101066693B1 KR101066693B1 KR1020067000686A KR20067000686A KR101066693B1 KR 101066693 B1 KR101066693 B1 KR 101066693B1 KR 1020067000686 A KR1020067000686 A KR 1020067000686A KR 20067000686 A KR20067000686 A KR 20067000686A KR 101066693 B1 KR101066693 B1 KR 101066693B1
- Authority
- KR
- South Korea
- Prior art keywords
- certificate
- user device
- authority
- hid
- owner
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012795 verification Methods 0.000 claims abstract description 5
- 238000004891 communication Methods 0.000 description 5
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000009849 deactivation Effects 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 238000000115 helium ionisation detection Methods 0.000 description 1
- 230000007420 reactivation Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
- Credit Cards Or The Like (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims (6)
- 서버 관리 기관(AU)에 의해 관리되는 서버가 사용자 장치의 인증서의 소유자에게 발행한 전자 인증서의 보안 및 확인 방법에 있어서,사용자 장치의 인증서(C)의 소유자에 의해 작동되는 사용자 장치(PC)의 메모리에 전자 인증서(C)가 저장되고, 상기 사용자 장치(PC)는 전자 인증서(C) 자체의 의 데이터의 전부 또는 일부를 기관(AU)에 의해 관리되는 서버에 전송하고,초기화 단계 동안,- 기관(AU)에 의해 관리되는 서버가, 사용자 장치(PC)의 하드웨어 구성 파라미터에 기초하여 네트워크 식별자(HID)를 판정하는 단계; 및- 상기 전자 인증서(C)의 자체의 데이터와 상기 네트워크 식별자(HID)를 링크함으로써 상기 기관(AU)에 의해 관리되는 서버의 데이터베이스(BD) 내에 상기 네트워크 식별자(HID)를 기록하는 단계를 포함하고,사용자 장치(PC)에 의해 서비스 공급자(SP)가 서비스에 액세스하는 동안 수행되는 확인 방법은,- 상기 서비스 공급자(SP)에게 상기 전자 인증서(C) 자체의 데이터를 전송함으로써 상기 사용자 장치의 인증서의 소유자를 상기 서비스 공급자(SP)가 식별하는 단계;- 상기 사용자 장치(PC)의 하드웨어 구성 파라미터에 기초하여 네트워크 식별자(HID)를 상기 서비스 공급자(SP)가 판정하는 단계;- 상기 서비스 공급자(SP)가 전자 인증서(C) 자체의 데이터 및 네트워크 식별자(HID)에 의해 형성되는 세트를 기관(AU)에 의해 관리되는 서버에 전송하는 단계;- 확인 센터(VE)가 상기 초기화 단계 동안 기관(AU)에 의해 관리되는 서버의 데이터베이스(BD)에 등록된 데이터와 비교함으로써 상기 세트를 확인하는 단계; 및- 비교 결과에 따라 접속된 사용자 장치(PC)에게 이전에 요구된 서비스를 허락하는 서비스 공급자(SP)에게 확인 센터(VE)가 비교 결과를 전송하는 단계;를 포함하는 것을 특징으로 하는전자 인증서의 보안 및 확인 방법.
- 제 1 항에 있어서,상기 네트워크 식별자(HID)를 상기 전자 인증서(C) 자체의 데이터와 연계해서 기록하는 단계는 상기 사용자 장치(PC)의 소유자에 의한 패스워드(PIN) 입력 단계를 포함하는 것을 특징으로 하는전자 인증서의 보안 및 확인 방법.
- 제 2 항에 있어서,상기 전자 인증서(C)와 관련된 상기 패스워드(PIN)는 상기 전자 인증서(C)를 송신하는데 사용되는 채널과 다른 채널을 통해 상기 전자 인증서(C)의 사용자 장치(PC)의 소유자에 의해 수신되는 것을 특징으로 하는전자 인증서(C)의 보안 및 확인 방법.
- 제 2 항에 있어서,상기 전자 인증서(C)와 관련된 상기 패스워드(PIN)는 상기 서버 관리 기관(AU)의 데이터베이스(BD) 내의 네트워크 식별자(HID)와 상기 전자 인증서(C) 자체의 데이터의 링킹 동작 후에 디스에이블되는 것을 특징으로 하는전자 인증서의 보안 및 확인 방법.
- 제 1 항에 있어서,상기 네트워크 식별자(HID)는 상기 네트워크에 접속된 상기 사용자 장치를 고유한 방법으로 식별하는 어드레스 또는 번호로부터 판정되는 것을 특징으로 하는전자 인증서의 보안 및 확인 방법.
- 삭제
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CH01232/03 | 2003-07-14 | ||
CH12322003 | 2003-07-14 |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20060056319A KR20060056319A (ko) | 2006-05-24 |
KR101066693B1 true KR101066693B1 (ko) | 2011-09-21 |
Family
ID=33569575
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020067000686A KR101066693B1 (ko) | 2003-07-14 | 2004-07-06 | 전자 인증서의 보안 및 확인 방법 |
Country Status (14)
Country | Link |
---|---|
US (1) | US7958348B2 (ko) |
EP (1) | EP1645070B1 (ko) |
JP (1) | JP4764339B2 (ko) |
KR (1) | KR101066693B1 (ko) |
CN (1) | CN1823494B (ko) |
AT (1) | ATE464715T1 (ko) |
BR (1) | BRPI0411625A (ko) |
CA (1) | CA2532521C (ko) |
DE (1) | DE602004026585D1 (ko) |
ES (1) | ES2344108T3 (ko) |
PL (1) | PL1645070T3 (ko) |
PT (1) | PT1645070E (ko) |
TW (1) | TWI350686B (ko) |
WO (1) | WO2005006646A1 (ko) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007249629A (ja) * | 2006-03-16 | 2007-09-27 | Dainippon Printing Co Ltd | 生体情報登録システム |
USRE47533E1 (en) * | 2006-10-04 | 2019-07-23 | Aaa Internet Publishing Inc. | Method and system of securing accounts |
US9087183B2 (en) * | 2006-10-04 | 2015-07-21 | Rob Bartlett | Method and system of securing accounts |
WO2008052310A1 (en) * | 2006-10-04 | 2008-05-08 | Pgmx Inc | Method and system of securing accounts |
KR100715359B1 (ko) * | 2006-12-19 | 2007-05-09 | 한국버추얼페이먼트 주식회사 | 모바일 결제 인증 시스템 및 방법 |
CA2741459C (en) * | 2008-10-22 | 2018-01-02 | Research In Motion Limited | Pushing certificate chains to remote devices |
AU2011350194A1 (en) * | 2010-12-30 | 2013-06-20 | Mozido Corfire - Korea, Ltd. | System and method for managing OTA provisioning applications through use of profiles and data preparation |
US8843125B2 (en) * | 2010-12-30 | 2014-09-23 | Sk C&C | System and method for managing mobile wallet and its related credentials |
US9374244B1 (en) * | 2012-02-27 | 2016-06-21 | Amazon Technologies, Inc. | Remote browsing session management |
US10917299B2 (en) | 2012-10-05 | 2021-02-09 | Aaa Internet Publishing Inc. | Method of using a proxy network to normalize online connections by executing computer-executable instructions stored on a non-transitory computer-readable medium |
US11838212B2 (en) | 2012-10-05 | 2023-12-05 | Aaa Internet Publishing Inc. | Method and system for managing, optimizing, and routing internet traffic from a local area network (LAN) to internet based servers |
USRE49392E1 (en) | 2012-10-05 | 2023-01-24 | Aaa Internet Publishing, Inc. | System and method for monitoring network connection quality by executing computer-executable instructions stored on a non-transitory computer-readable medium |
RU2018106036A (ru) * | 2015-07-20 | 2019-08-20 | Нотарайз, Инк. | Система и способ для подтверждения авторства сеанса электронной подписи |
US10298396B1 (en) * | 2015-11-10 | 2019-05-21 | Wells Fargo Bank, N.A. | Identity management service via virtual passport |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003001736A1 (en) | 2001-06-21 | 2003-01-03 | Starbridge Communications Co., Ltd. | Method for authenticating settlement terminal and settlement method using the same |
US20030084311A1 (en) | 2001-10-03 | 2003-05-01 | Lionel Merrien | System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials |
US20030084172A1 (en) | 2001-10-29 | 2003-05-01 | Sun Microsystem, Inc., A Delaware Corporation | Identification and privacy in the World Wide Web |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5982898A (en) | 1997-03-07 | 1999-11-09 | At&T Corp. | Certification process |
JP3595109B2 (ja) * | 1997-05-28 | 2004-12-02 | 日本ユニシス株式会社 | 認証装置、端末装置、および、それら装置における認証方法、並びに、記憶媒体 |
JP3587045B2 (ja) * | 1998-02-04 | 2004-11-10 | 三菱電機株式会社 | 認証管理装置及び認証管理システム |
US7111173B1 (en) * | 1998-09-01 | 2006-09-19 | Tecsec, Inc. | Encryption process including a biometric unit |
JP2000201143A (ja) * | 1999-01-05 | 2000-07-18 | Nec Corp | 端末認証装置 |
KR100620192B1 (ko) | 1999-02-25 | 2006-09-01 | 사이버소스 코포레이션 | 저장값 전자 인증서 처리 |
WO2000077974A1 (en) * | 1999-06-11 | 2000-12-21 | Liberate Technologies | Hierarchical open security information delegation and acquisition |
WO2001039143A1 (de) * | 1999-11-19 | 2001-05-31 | Swisscom Mobile Ag | Verfahren und system zum bestellen und ausliefern von digitalen zertifikaten |
FI109253B (fi) | 2000-08-22 | 2002-06-14 | Smarttrust Systems Oy | Varmennettu identiteettiketju |
US20020107804A1 (en) * | 2000-10-20 | 2002-08-08 | Kravitz David William | System and method for managing trust between clients and servers |
US6968242B1 (en) * | 2000-11-07 | 2005-11-22 | Schneider Automation Inc. | Method and apparatus for an active standby control system on a network |
KR20010008101A (ko) * | 2000-11-08 | 2001-02-05 | 제경성 | 하드웨어의 고유번호를 이용한 전자거래 시스템 및 그 방법 |
JP2003046533A (ja) * | 2001-08-02 | 2003-02-14 | Nec Commun Syst Ltd | ネットワークシステム、その認証方法及びそのプログラム |
JP4280036B2 (ja) * | 2001-08-03 | 2009-06-17 | パナソニック株式会社 | アクセス権制御システム |
JP2003046500A (ja) * | 2001-08-03 | 2003-02-14 | Nec Corp | 個人情報管理システム及び個人情報管理方法、並びに情報処理サーバ |
ITTO20010771A1 (it) * | 2001-08-03 | 2003-02-03 | T I S S Srl | Metodo di autenticazione mediante dispositivo di memorizzazione. |
US20030069915A1 (en) * | 2001-10-09 | 2003-04-10 | James Clough | Method for authenticating mobile printer users |
FR2834158B1 (fr) * | 2001-12-21 | 2005-02-11 | Radiotelephone Sfr | Procede de signature electronique |
FI114956B (fi) * | 2001-12-27 | 2005-01-31 | Nokia Corp | Menetelmä palvelun käyttämiseksi, järjestelmä ja päätelaite |
EP1383327B1 (en) * | 2002-06-11 | 2013-12-25 | Panasonic Corporation | Content distributing system and data-communication controlling device |
US7581095B2 (en) * | 2002-07-17 | 2009-08-25 | Harris Corporation | Mobile-ad-hoc network including node authentication features and related methods |
US7574738B2 (en) * | 2002-11-06 | 2009-08-11 | At&T Intellectual Property Ii, L.P. | Virtual private network crossovers based on certificates |
US7565688B2 (en) * | 2002-12-23 | 2009-07-21 | Hewlett-Packard Development Company, L.P. | Network demonstration techniques |
US7302565B2 (en) * | 2003-06-24 | 2007-11-27 | Arraycomm Llc | Terminal identity masking in a wireless network |
-
2004
- 2004-06-28 TW TW093118841A patent/TWI350686B/zh not_active IP Right Cessation
- 2004-07-06 DE DE602004026585T patent/DE602004026585D1/de not_active Expired - Lifetime
- 2004-07-06 PL PL04744497T patent/PL1645070T3/pl unknown
- 2004-07-06 AT AT04744497T patent/ATE464715T1/de not_active IP Right Cessation
- 2004-07-06 PT PT04744497T patent/PT1645070E/pt unknown
- 2004-07-06 CA CA2532521A patent/CA2532521C/en not_active Expired - Fee Related
- 2004-07-06 JP JP2006520052A patent/JP4764339B2/ja not_active Expired - Lifetime
- 2004-07-06 KR KR1020067000686A patent/KR101066693B1/ko active IP Right Grant
- 2004-07-06 WO PCT/IB2004/051129 patent/WO2005006646A1/fr active Search and Examination
- 2004-07-06 ES ES04744497T patent/ES2344108T3/es not_active Expired - Lifetime
- 2004-07-06 BR BRPI0411625-9A patent/BRPI0411625A/pt active IP Right Grant
- 2004-07-06 EP EP04744497A patent/EP1645070B1/fr not_active Expired - Lifetime
- 2004-07-06 CN CN2004800201005A patent/CN1823494B/zh not_active Expired - Lifetime
- 2004-07-14 US US10/890,266 patent/US7958348B2/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003001736A1 (en) | 2001-06-21 | 2003-01-03 | Starbridge Communications Co., Ltd. | Method for authenticating settlement terminal and settlement method using the same |
US20030084311A1 (en) | 2001-10-03 | 2003-05-01 | Lionel Merrien | System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials |
US20030084172A1 (en) | 2001-10-29 | 2003-05-01 | Sun Microsystem, Inc., A Delaware Corporation | Identification and privacy in the World Wide Web |
Also Published As
Publication number | Publication date |
---|---|
EP1645070A1 (fr) | 2006-04-12 |
PL1645070T3 (pl) | 2010-07-30 |
WO2005006646A1 (fr) | 2005-01-20 |
JP2007519062A (ja) | 2007-07-12 |
EP1645070B1 (fr) | 2010-04-14 |
JP4764339B2 (ja) | 2011-08-31 |
US7958348B2 (en) | 2011-06-07 |
ES2344108T3 (es) | 2010-08-18 |
CN1823494A (zh) | 2006-08-23 |
TW200507580A (en) | 2005-02-16 |
WO2005006646A9 (fr) | 2005-05-26 |
TWI350686B (en) | 2011-10-11 |
KR20060056319A (ko) | 2006-05-24 |
DE602004026585D1 (de) | 2010-05-27 |
PT1645070E (pt) | 2010-07-19 |
CA2532521A1 (en) | 2005-01-20 |
US20050015587A1 (en) | 2005-01-20 |
BRPI0411625A (pt) | 2006-08-08 |
ATE464715T1 (de) | 2010-04-15 |
CN1823494B (zh) | 2011-11-16 |
CA2532521C (en) | 2013-11-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ES2645289T3 (es) | Autenticación de transacciones seguras | |
US7287158B2 (en) | Person authentication system, person authentication method, information processing apparatus, and program providing medium | |
US8490168B1 (en) | Method for authenticating a user within a multiple website environment to provide secure access | |
US20040088541A1 (en) | Digital-rights management system | |
US20020027992A1 (en) | Content distribution system, content distribution method, information processing apparatus, and program providing medium | |
US20040266395A1 (en) | Process for securing a mobile terminal and applications of the process for executing applications requiring a high degree of security | |
US20040103312A1 (en) | Domain-based digital-rights management system with easy and secure device enrollment | |
US20020069361A1 (en) | Public key certificate using system, public key certificate using method, information processing apparatus, and program providing medium | |
US20020032857A1 (en) | Person identification certificate link system, information processing apparatus, information processing method, and program providing medium | |
KR101066693B1 (ko) | 전자 인증서의 보안 및 확인 방법 | |
KR100834270B1 (ko) | 이동통신 기반의 가상사설망 서비스 제공 방법 및 시스템과이를 위한 이동단말기 | |
JP2013541908A (ja) | ユーザアカウント回復 | |
US10333707B1 (en) | Systems and methods for user authentication | |
US20020027494A1 (en) | Person authentication system, person authentication method, and program providing medium | |
US20230412400A1 (en) | Method for suspending protection of an object achieved by a protection device | |
JP2003091613A (ja) | ライセンス方法及びライセンス付与システム | |
JP4510392B2 (ja) | 個人情報認証を行うサービス提供システム | |
US11258798B2 (en) | Method, entity and system for managing access to data through a late dynamic binding of its associated metadata | |
US20070204167A1 (en) | Method for serving a plurality of applications by a security token | |
US20070192606A1 (en) | Electronic terminal device protection system | |
JPH05298174A (ja) | 遠隔ファイルアクセスシステム | |
JP2004013560A (ja) | 認証システム、通信端末及びサーバ | |
JPH1166008A (ja) | Icカードを利用したゲーム装置 | |
Yee et al. | Ensuring privacy for e-health services | |
CN105743883B (zh) | 一种网络应用的身份属性获取方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20140904 Year of fee payment: 4 |
|
FPAY | Annual fee payment |
Payment date: 20150903 Year of fee payment: 5 |
|
FPAY | Annual fee payment |
Payment date: 20160901 Year of fee payment: 6 |
|
FPAY | Annual fee payment |
Payment date: 20170907 Year of fee payment: 7 |
|
FPAY | Annual fee payment |
Payment date: 20180828 Year of fee payment: 8 |
|
FPAY | Annual fee payment |
Payment date: 20190830 Year of fee payment: 9 |