WO2015147409A1 - Système et procédé d'authentification d'utilisateur lors de l'utilisation d'un service web - Google Patents

Système et procédé d'authentification d'utilisateur lors de l'utilisation d'un service web Download PDF

Info

Publication number
WO2015147409A1
WO2015147409A1 PCT/KR2014/011659 KR2014011659W WO2015147409A1 WO 2015147409 A1 WO2015147409 A1 WO 2015147409A1 KR 2014011659 W KR2014011659 W KR 2014011659W WO 2015147409 A1 WO2015147409 A1 WO 2015147409A1
Authority
WO
WIPO (PCT)
Prior art keywords
web service
authentication
information
terminal
user
Prior art date
Application number
PCT/KR2014/011659
Other languages
English (en)
Korean (ko)
Inventor
소경숙
정은수
나승원
Original Assignee
에스케이플래닛 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020140035558A external-priority patent/KR102244523B1/ko
Priority claimed from KR1020140077408A external-priority patent/KR20160000251A/ko
Application filed by 에스케이플래닛 주식회사 filed Critical 에스케이플래닛 주식회사
Publication of WO2015147409A1 publication Critical patent/WO2015147409A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to a system and a method for authenticating a user when using a web service. More particularly, when the web service is executed through a browser, an authentication token is issued from an integrated management device, and the user is authenticated to the web service device using the issued authentication token.
  • the present invention relates to a system and a method for authenticating a user when using a web service for requesting and receiving an AccessID and requesting and receiving the user authentication information or additional information using the AccessID as a key value when the user authentication information or additional information is needed during the execution of the web service. .
  • a user downloads and installs a desired application to a user terminal from a server that provides various applications such as an application store, and uses the installed application.
  • the installed application is configured to be used only by the authenticated user after authenticating whether the user can use the corresponding application.
  • the object of the present invention is that if you are using any one of the web services that go through the authentication process from among the web services, if you download and run another additional web service immediately without the user authentication information and user additional information input procedure required for using the service
  • the present invention provides a system and method for authenticating a user when using a web service to enable a service.
  • Another object of the present invention is to additionally required to provide user authentication and service by directly accessing the integrated management device for storing and managing user authentication information and additional information in individual web services without installing a separate authentication application for the user authentication function.
  • the present invention provides a system and method for authenticating a user when using a web service that can receive information.
  • Still another object of the present invention is to provide a user authentication method when using a web service in which a user of a terminal inputs personal information by interlocking personal information stored in a cloud-based server when the user inputs personal information in an online system such as a web server.
  • a system and method are provided.
  • Another object of the present invention is to provide a system and method for user authentication when using a web service that reflects the personal information stored in advance in the cloud-based server after the authentication of the terminal to the personal information required for input.
  • An integrated management apparatus includes a user information database storing user information including user authentication information and additional information of individual services;
  • an authentication token issuing unit issuing an authentication token having a validity period and transmitting the authentication token to the terminal;
  • the user authentication information request signal including the authentication token is received from the web service device, performs user authentication using the authentication token, and in the case of the authenticated user, the user authentication information including the AccessID and the CI to the web service device. It may include an authentication unit for transmitting.
  • an authentication information providing unit configured to search a user information database to obtain user authentication information mapped to an AccessID, and transmit the obtained user authentication information. It may further include.
  • the authentication token issuance request signal may include at least one of terminal identification information, web service identification information, client authentication key, and app guard installation.
  • the user authentication information request signal may include an authentication token and a web service device authentication key.
  • the authentication unit may determine whether the authentication period is within the validity period set in the authentication token, and if it is within the validity period, issue the AccessID and transmit user authentication information including the issued AccessID and CI to the web service device. .
  • Terminal for communicating through a communication network; And a web service processing unit that receives an authentication token from the integrated management device through a communication unit, requests a user authentication to the web service device using the issued authentication token, and receives an AccessID when a web service execution command is input through a browser. Can be.
  • the web service processor may include: a browser module configured to transmit web service identification information to the authentication module and store the AccessID transmitted from the authentication module in a cache; And transmitting an authentication token issuance request signal including at least one of web service identification information, terminal identification information, client authentication key, and app guard installation transmitted from the browser module to the integrated management device, and the validity period is set from the integrated management device. It may include an authentication module that receives the authentication token, transmits a user authentication request signal including the authentication token to the web service device, receives the AccessID from the web service device and transmits the AccessID to the browser module.
  • the web service processing unit when the web service processing unit requires user authentication information or additional information during execution of a web service, the web service processing unit sends the user authentication information or additional information to the integrated management device via the web service device using the AccessID cached in the browser module as a key value. Can be received upon request.
  • Web service apparatus includes an authentication information database that stores user authentication information including the AccessID and CI of the user; And when the user authentication request signal including the authentication token is received from the terminal, transmits the user authentication information request signal including the authentication token to the integrated management device, and receives user authentication information including AccessID and CI from the integrated management device. If so, it may include an authentication request processing unit for storing the user authentication information in the authentication information database, and transmits the AccessID to the terminal.
  • the system is provided with a user information database storing user authentication information and additional information, when issuing an authentication token for a web service from a terminal, issues an authentication token having a validity period set, and provides a web service.
  • the user authentication information request signal including the authentication token is received from the device, the authentication is performed using the authentication token, and when the user is authenticated, the user authentication information including the AccessID and CI is transmitted to the web service device.
  • a terminal receiving an authentication token from the integrated management device, requesting user authentication to the web service device with the issued authentication token, and receiving an AccessID when a web service execution command is input through a browser; And when the user authentication request signal including the authentication token is received from the terminal, transmits the user authentication information request signal including the authentication token to the integrated management device, and receives user authentication information including AccessID and CI from the integrated management device. If so, it may include a web service device that stores the user authentication information and transmits the AccessID to the terminal.
  • the method for authenticating a user when using a web service in the method for authenticating a user when the integrated management device uses a web service, when an authentication token issuance request signal for a web service is received from a terminal, Issuing an authentication token having a validity period and transmitting the authentication token to a terminal; And when the user authentication information request signal including the authentication token is received from the web service apparatus that receives the user authentication request signal from the terminal, performs user authentication using the authentication token, and if the user is an authenticated user, includes an AccessID and a CI. And transmitting the user authentication information to the web service device.
  • a computer-readable recording medium containing a program for executing a method for authenticating a user when using a web service when executed by the integrated management device, requests for issuing an authentication token from the terminal to the web service.
  • the signal is received, issuing an authentication token having a validity period and transmitting the authentication token to the terminal;
  • the user authentication information request signal including the authentication token is received from the web service apparatus that receives the user authentication request signal from the terminal, performs user authentication using the authentication token, and if the user is an authenticated user, includes an AccessID and a CI.
  • a program for executing a method for authenticating a user when using a web service, including transmitting user authentication information to a web service device may be stored.
  • a method for authenticating a user when using a web service is provided in the method for authenticating a user when the terminal uses a web service.
  • a web service execution command is input through a browser
  • an authentication token for the corresponding web service is provided.
  • Transmitting an issue request signal to the integrated management device When an authentication token having a validity period is issued from the integrated management device, transmitting a user authentication request signal including an authentication token to a web service device, and receiving and storing an AccessID from the web service device;
  • the user authentication information or additional information is needed during execution of the web service, requesting and receiving the user authentication information or additional information from the integrated management device via the web service device using the stored AccessID as a key value.
  • the corresponding web service Transmitting an authentication token issuance request signal for the integrated management device;
  • an authentication token having a validity period is issued from the integrated management device, transmitting a user authentication request signal including an authentication token to a web service device, and receiving and storing an AccessID from the web service device;
  • a program for executing the method may be stored.
  • Method for authenticating a user when using a web service when a web service execution command is input through a browser in a terminal, at least one of web service identification information, terminal identification information, client authentication key, and appguard installation Transmitting an authentication token issuing request signal including a to the integrated management device;
  • the integrated management device issuing an authentication token having a validity period and transmitting the authentication token to the terminal;
  • the terminal transmits a user authentication request signal including an authentication token to a web service device;
  • the web service device transmits a user authentication information request signal including an authentication token to the integrated management device;
  • the integrated management device performs user authentication using an authentication token, and in the case of an authenticated user, transmitting user authentication information including an AccessID and a CI to a web service device;
  • the web service apparatus stores the user authentication information and transmits the AccessID to the terminal; And the terminal may store the AccessID.
  • the terminal transmits and registers the personal identification information to the cloud-based server, the communication unit for communicating with the service providing device;
  • a user authentication process for a terminal including a communication unit is performed by interworking between the service providing device and the authentication server, and when the user authentication process is successful
  • Receive one or more input items necessary for inputting personal information transmitted from the providing apparatus through the communication unit and include a plurality of personal identification information for a terminal registered in advance in the cloud-based server and a synonym group database registered in advance in the cloud-based server.
  • a display unit displaying a matching result.
  • any one web service undergoes an identity authentication procedure among web services, and additionally downloads and executes another web service, the service can be directly installed without the user authentication procedure and user additional information input procedure required for use of the service. There is an effect that can be used.
  • the present invention does not install a separate authentication application for the user authentication function, and directly connected to the integrated management device for storing and managing user authentication information and additional information in a separate web service additional information required for user authentication and service provision There is an effect that can be provided.
  • the present invention can immediately provide the user additional information required for reducing the authentication cost and service provision on the web service provider side, and immediately executes the service without input of the inconvenient authentication information and additional information required for providing the service on the web service user side. It can be used to provide cost savings and convenience.
  • the user of the terminal inputs personal information in an online system such as a web server
  • the user inputs the corresponding personal information by interlocking the personal information stored in the cloud-based server in advance, so that the user inputs the personal information every time. It is effective to improve user convenience by simplifying without performing and to improve service accessibility through easy registration process.
  • the present invention by reflecting the personal information stored in advance in the cloud-based server after the authentication of the terminal to the personal information required for input, eliminating the inconvenience during input according to the small touch screen provided in the terminal and customer optional matters As a result, it is effective to strengthen information security compared to applying personally identifiable information uniformly.
  • FIG. 1 is a diagram illustrating a system for user authentication when using a web service according to an embodiment of the present invention.
  • FIG. 2 is a block diagram schematically showing the configuration of a terminal according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating in detail the configuration of the web service processor illustrated in FIG. 2.
  • FIG. 4 is a block diagram schematically illustrating a configuration of a web service apparatus according to an exemplary embodiment of the present invention.
  • FIG. 5 is a block diagram schematically illustrating a configuration of an integrated management apparatus according to an embodiment of the present invention.
  • FIG. 6 illustrates a method for user authentication when using a web service according to an embodiment of the present invention.
  • FIG. 7 is a block diagram showing the configuration of a personal information management system according to an embodiment of the present invention.
  • FIG. 8 is a block diagram showing the configuration of a cloud-based server according to an embodiment of the present invention.
  • FIG. 9 is a block diagram showing the configuration of a terminal according to an embodiment of the present invention.
  • FIG. 10 is a block diagram showing the configuration of a service providing apparatus according to an embodiment of the present invention.
  • FIG. 11 is a signal flow diagram illustrating a communication process according to an embodiment of a personal information management system of the present invention.
  • FIG. 12 is a diagram illustrating a screen of a terminal according to an embodiment of the present invention.
  • first and second used in the present invention may be used to describe components, but the components should not be limited by the terms. The terms are used only to distinguish one component from another.
  • first component may be referred to as the second component, and similarly, the second component may also be referred to as the first component.
  • FIG. 1 is a diagram illustrating a system for user authentication when using a web service according to an embodiment of the present invention.
  • a system for user authentication when using a web service includes a terminal 100, a web service apparatus 200, and an integrated management apparatus 300.
  • the terminal 100 receives an authentication token (AuthToken) from the integrated management device 300 and requests user authentication from the web service device 200 using the issued authentication token. Receive the AccessID.
  • AuthToken authentication token
  • the terminal 100 is a client terminal capable of communicating with the web service apparatus 200 or the integrated management apparatus 300, for example, a smart phone, a notepad, a laptop computer, a tablet computer. Terminals, and the like, and need not be limited to any particular terminal if communication through a communication network is possible.
  • terminal 100 Detailed description of the terminal 100 will be described with reference to FIG. 2.
  • the web service device (or service providing device) 200 When the web service device (or service providing device) 200 receives the user authentication request signal including the authentication token from the terminal 100, the web service device (or service providing device) 200 sends the user authentication information request signal including the authentication token to the integrated management device 300. send.
  • the web service apparatus 200 stores the user authentication information and transmits the AccessID to the terminal 100.
  • AccessID means a user authentication ID
  • CI Connecting Information
  • the web service device 200 may communicate with other electronic devices through various communication standards, and may be implemented through an electronic device capable of performing various data processing operations.
  • the web service apparatus 200 may be implemented in the form of a server device, and may be implemented in the form of various electronic devices in addition to the form of the server device.
  • the web service device 200 may be implemented in the form of a single electronic device or in the form of a combination of two or more electronic devices.
  • the integrated management device (or cloud-based server) 300 has a user information database in which user information including user authentication information and additional information is stored, and when issuance of an authentication token for a web service is requested from the terminal 100, Issue an authentication token with a validity period.
  • the integrated management device 300 performs user authentication using the authentication token when a user authentication information request signal including an authentication token is received from the web service device 200, and includes an AccessID and a CI when the user is an authenticated user.
  • the user authentication information is transmitted to the web service apparatus 200.
  • the integrated management device 300 may communicate with other electronic devices through various communication standards, and may be implemented through an electronic device capable of performing various data processing operations.
  • the integrated management device 300 may be implemented in the form of a server device, and may be implemented in the form of various electronic devices in addition to the form of the server device.
  • the integrated management device 300 may be implemented in the form of a single electronic device or in a form in which two or more electronic devices are combined.
  • a user authentication ID (AcessID) may be exposed in a URL in the form of a POST (Power On Self Test)
  • a user authentication ID (AcessID) may be exposed in a URL in the form of a POST (Power On Self Test)
  • AuthToken an authentication token having a validity period (for example, 10 sec)
  • a user authentication is requested from the web service device 200 to the web service device 200 using the authentication token as a key value
  • the web service device 200 To request the user authentication to the integrated management device 300 to receive a user authentication ID9AcessID) securely between the web service device 200 and the integrated management device (300).
  • FIG. 2 is a block diagram schematically showing the configuration of a terminal according to an embodiment of the present invention.
  • FIG. 3 is a diagram showing the configuration of a web service processing unit shown in FIG. 2 in detail.
  • the terminal 100 includes a communication unit 110, an input unit 120, a display unit 130, a storage unit 140, a web service processing unit 150, and a control unit 160.
  • the communication unit 110 is a communication means for connecting the terminal 100 and the web service device or the integrated management device through a communication network.
  • a wireless communication module such as mobile communication or satellite communication, a wired communication module such as the Internet, and Wi-Fi It may include a short-range wireless communication module such as.
  • the input unit 120 is a means for receiving a user request for controlling the operation of the terminal 100, and converts the user's request into an electric signal according to a user's manipulation.
  • the input unit 120 is an input means for receiving letters, numbers, text, voice, movement, tactile sense, time, etc. from the user.
  • the input means is a keyboard, a keypad, a touch screen, a visual sensing means, a tactile sensing means, a movement detecting means. It may be implemented in various forms such as a voice input means.
  • the input unit 120 may be implemented in the form of a touch screen integral with the display unit 130.
  • the input unit 120 may be used to receive a web service execution command.
  • the display unit 130 displays various information related to the operation of the terminal 100.
  • the display unit 130 may be in the form of a visually identifiable display.
  • the storage 140 stores a program necessary for controlling the operation of the terminal 100 and data generated while executing the program.
  • the storage 140 may be implemented in a form including various kinds of memory devices.
  • the web service processor 150 receives an authentication token from the integrated management device through the communication unit 110, requests a user authentication to the web service device with the issued authentication token, and accessID.
  • the web service processor 150 may manage a connection with the integrated management device to a web service to receive user authentication information and additional information through the integrated management device, and perform authentication information management function in the web service.
  • the web service processor 150 includes a browser module 152 and an authentication module 154.
  • the browser module 152 transmits the corresponding web service identification information to the authentication module 154 and stores the AccessID transmitted from the authentication module 154 in a cache.
  • the authentication module 154 transmits an authentication token issuing request signal including at least one of web service identification information, terminal identification information, client authentication key, and app guard installation from the browser module 152 to the integrated management device. Receive an authentication token with a valid period set from the integrated management device.
  • the authentication module 154 transmits a user authentication request signal including an authentication token to the web service device, receives an AccessID from the web service device, and transmits the AccessID to the browser module 152.
  • the browser module 152 then stores the AccessID.
  • the web service processing unit 150 requests user authentication information or additional information to the integrated management device via the web service device using the AccessID cached in the browser module 154 as a key value when user authentication information or additional information is needed while the web service is executed. And receive.
  • the controller 160 controls the overall function of the terminal 100 by executing a driving program stored in the storage 140 according to a terminal user input through the input unit 120.
  • the controller 160 controls operations of each unit, such as the communication unit 110, the input unit 120, the display unit 130, the storage unit 140, and the web service processing unit 150.
  • the controller 160 may include at least one arithmetic unit, wherein the arithmetic unit is a general purpose central arithmetic unit (CPU), programmable device elements (CPLD, FPGA) implemented for a specific purpose, and custom semiconductor arithmetic. It may be an apparatus (ASIC) or a microcontroller chip.
  • the arithmetic unit is a general purpose central arithmetic unit (CPU), programmable device elements (CPLD, FPGA) implemented for a specific purpose, and custom semiconductor arithmetic. It may be an apparatus (ASIC) or a microcontroller chip.
  • FIG. 4 is a block diagram schematically illustrating a configuration of a web service apparatus according to an exemplary embodiment of the present invention.
  • the web service apparatus 200 includes an authentication information database 210 and an authentication request processor 220.
  • the authentication information database 210 stores user authentication information including AccessIDs, CIs, and the like of users.
  • the authentication request processor 220 transmits the user authentication information request signal including the authentication token to the integrated management device, and includes the AccessID and the CI from the integrated management device.
  • the user authentication information is stored in the authentication information database 210 and the AccessID is transmitted to the terminal. That is, when the user authentication request signal is received, the authentication request processor 220 requests user authentication to the integrated management device using the authentication token as a key value. Then, the integrated management device performs user authentication based on the authentication token, and transmits user authentication information to the authentication request processor 220 when the user is an authenticated user.
  • FIG. 5 is a block diagram schematically illustrating a configuration of an integrated management apparatus according to an embodiment of the present invention.
  • the integrated management apparatus 300 includes a user information database 310, an authentication token issuer 320, an authentication unit 330, an authentication information provider 340, and a controller 350.
  • the user information database 310 stores user information including user authentication information and additional information of individual services.
  • the user authentication information may include name, gender, date of birth, domestic / foreign status, carrier, mobile phone number, CI value, and the like, and additional information may include membership and coupon issuance, push dispatch information, and the like.
  • the user information database 310 integrates and stores user information of individual services having user authentication information and additional information.
  • the user authentication information or additional information stored in the user information database 310 may be updated in real time according to a web service state change (eg, deletion, reinstallation, MDN change, etc.) of the terminal.
  • a web service state change eg, deletion, reinstallation, MDN change, etc.
  • the authentication information issued by the authentication token issuing unit 320 is stored in the user information database 310.
  • the authentication token issuing unit 320 When the authentication token issuing unit 320 receives an authentication token issuing request signal for the web service from the terminal, the authentication token issuing unit 320 issues an authentication token having a valid period and transmits it to the terminal.
  • the authentication token issuance request signal may include terminal identification information, web service identification information, a client authentication key, whether or not an app guard is installed.
  • the authentication token is information used to authenticate a user.
  • the authentication token is a challenge response method or a time-based code sequence method.
  • the authentication token can be a combination of one or more of encrypted numbers and letters, or can be a seed or serial number for generating an OTP.
  • the authentication token issuing unit 320 Since the validity period is set in the authentication token issued by the authentication token issuing unit 320, it is maintained for a certain period of time and automatically discarded after a certain period of time. Therefore, the authentication token issuing unit 320 checks the valid period information of the authentication token stored in the user information database 310 periodically (or in real time), and manages the authentication token information.
  • the authentication unit 330 When the authentication unit 330 receives a user authentication information request signal including an authentication token from the web service device, the authentication unit 330 performs user authentication using the authentication token, and in the case of an authenticated user, user authentication information including an AccessID and a CI. To the web service device.
  • the user authentication information request signal may include an authentication token, a web service device authentication key, and the like.
  • the authentication unit 330 determines whether it is within the valid period set in the authentication token, and if it is within the valid period, the authentication unit 330 performs authentication by comparing with the authentication token stored in the user information database 310.
  • the authentication unit 330 issues an AccessID and stores the issued AccessID in the user information database 310. Thereafter, the authentication unit 330 obtains user authentication information including the issued AccessID and CI from the user information database 310 and transmits it to the web service device.
  • the authentication information providing unit 340 acquires user authentication information mapped to the AccessID by searching the user information database 310 and transmits the obtained user authentication information. .
  • the controller 350 controls the operations of each unit, such as the user information database 310, the authentication token issuing unit 320, the authentication unit 330, the authentication information providing unit 340.
  • Such components that may be included in the integrated management apparatus 200 may be implemented in hardware, software, or a combination thereof, and two or more components may be simultaneously implemented by one hardware or software.
  • FIG. 6 illustrates a method for user authentication when using a web service according to an embodiment of the present invention.
  • a terminal executes a web service execution command through a browser (S602)
  • the terminal integrates an authentication token issuance request signal including web service identification information, terminal identification information, a client authentication key, and whether the app guard is installed. Transmission to the management device (S604).
  • the integrated management device issues an authentication token having a validity period and transmits it to the terminal (S606).
  • the terminal transmits a user authentication request signal including an authentication token received from the integrated management device to the web service device (S608), and the web service device transmits a user authentication information request signal including the authentication token to the integrated management device ( S610).
  • the integrated management device performs user authentication using an authentication token (S612), and in the case of an authenticated user, transmits user authentication information including an AccessID and a CI to the web service device (S614).
  • the web service apparatus stores user authentication information transmitted from the integrated management apparatus (S616), and transmits an AccessID to the terminal (S618). Then, the terminal stores the AccessID (S618).
  • the terminal executes and uses the web service and needs user authentication information or additional information
  • the terminal may request and receive user authentication information or additional information from the integrated management device via the web service device using the AccessID cached in the browser module as a key value. . If you are using any one of the web services that go through the authentication process, you can download the other web services and run them directly without any additional authentication process and input of user additional information required to use the service. Can be used.
  • an authentication token issuance request signal for a web service is received from the terminal when executed by the integrated management device, issuing an authentication token having a validity period and transmitting the same to the terminal.
  • a user authentication information request signal including an authentication token is received from the web service apparatus that receives the user authentication request signal from the terminal, performs user authentication using the authentication token, and if the user is an authenticated user, accessID and CI.
  • a computer-readable recording medium containing a program for executing a method for user authentication when using a web service, the method comprising transmitting user authentication information to a web service device.
  • a web service execution command when executed by the terminal, when a web service execution command is input through a browser, transmitting an authentication token issuance request signal for the corresponding web service to the integrated management device, integrated management device
  • transmitting a user authentication request signal including an authentication token to the web service device receiving and storing an AccessID from the web service device, user authentication information or If additional information is needed
  • a program for executing a method for user authentication when using a web service including requesting and receiving user authentication information or additional information from the integrated management device via a web service device using the stored AccessID as a key value is included.
  • a computer readable recording medium is provided.
  • a method for authenticating a user when using such a web service can be written as a program, and codes and code segments constituting the program can be easily inferred by a programmer in the art.
  • a program relating to a method for authenticating a user when using a web service may be stored in a readable media that can be read by the electronic device, and read and executed by the electronic device.
  • FIG. 7 is a block diagram showing the configuration of a personal information management system 700 according to an embodiment of the present invention.
  • the personal information management system 700 includes a cloud-based server 710, a terminal 720, and a service providing device 730. Not all components of the personal information management system 700 shown in FIG. 7 are essential components, and the personal information management system 700 may be implemented by more components than those shown in FIG. The personal information management system 710 may be implemented by fewer components.
  • the service providing apparatus 730 receives shipping information.
  • the personal information of the terminal 720 should be transmitted to another terminal (not shown) in the form of a push message (or MMS message)
  • the terminal 720 performs user authentication. Thereafter, after the user authentication is normally performed, the terminal 720 confirms one or more input items included in the necessary personal information in response to the corresponding event, and is confirmed from the personal identification information previously registered in the cloud-based server 710. Match one or more input items, respectively. Thereafter, the terminal 720 performs a function corresponding to the corresponding event based on the matched one or more input items.
  • the cloud-based server 710 includes a communication unit 711, a storage unit (DB) 712, and a control unit 713. Not all components of the cloud-based server 710 shown in FIG. 8 are required components, and the cloud-based server 710 may be implemented by more components than those shown in FIG. 8, and fewer of them. The cloud-based server 710 may also be implemented by the component.
  • DB storage unit
  • the communication unit 711 communicates with an internal component or at least one external terminal through an wired / wireless communication network.
  • the external terminal may include a terminal 720, a service providing device 730, and the like.
  • the communication unit 711 receives personal identification information transmitted from the terminal 720 and identification information of the corresponding terminal 720.
  • personally identifiable information may include basic information (e.g., name, social security number, mobile phone number, home address, home phone number, work name, work address, work phone number, e-mail address, etc.), related person information (e.g. family Name, friend's name, etc.), personal SNS information (including personal blog information, personal website address information, personal Facebook information, etc.), payment information (including card information, bank account information, etc.), additional Information such as hobbies, photos, avatars, self-introduction, etc.
  • basic information e.g., name, social security number, mobile phone number, home address, home phone number, work name, work address, work phone number, e-mail address, etc.
  • related person information e.g. family Name, friend's name, etc.
  • personal SNS information including personal blog information, personal website address information, personal Facebook information, etc.
  • payment information including card information, bank account information, etc.
  • the storage unit 712 stores a user interface (UI), a graphic user interface (GUI), and the like.
  • UI user interface
  • GUI graphic user interface
  • the storage unit (or database) 712 stores data and programs necessary for the cloud-based server 710 to operate.
  • the storage unit 712 stores personal image information, identification information, etc. of the terminal 720 transmitted from the terminal 720 under the control of the controller 713.
  • the storage unit 712 also forms (or configures) a synonym group database (or related keyword database) that stores a plurality of synonyms (or a plurality of related keywords) under the control of the control unit 713.
  • a synonym group database or related keyword database
  • the controller 713 executes the overall control function of the cloud-based server 710.
  • the controller 713 stores personal image information about the terminal 720 transmitted from the terminal 720 in the storage unit 712. In this case, the controller 713 may match (or link with) the personal identification information of the terminal 720 with the identification information of the terminal 720 and store it in the storage unit 712.
  • controller 713 defines (or sets) a plurality of synonyms (or a plurality of related keywords) and stores the defined plurality of synonyms in the storage unit 712 configured with a synonym group database.
  • the control unit 713 stores the storage unit 712 by interworking with the terminal 720 and the service providing apparatus 730.
  • the preset event is a new subscription to the corresponding service providing device 730
  • the delivery information should be described (or input / transmitted) by the corresponding service providing device 730 the personal information of the terminal 720 may be changed. It may include a case that should be transmitted in the form of a push message (or MMS message) to the terminal (not shown).
  • the terminal 720 includes a first communication unit 721, a first storage unit 722, a first display unit 723, and a first control unit 724. Not all components of the terminal 720 illustrated in FIG. 9 are essential components, and the terminal 720 may be implemented by more components than those illustrated in FIG. 9, or by fewer components. The terminal 720 may be implemented.
  • the first communication unit 721 communicates with an internal component or at least one external terminal through an wired / wireless communication network.
  • the external terminal may include a cloud-based server 710, a service providing device 730, and the like.
  • the first communication unit 721 transmits the personal identification information of the terminal 720 to the cloud-based server 710 under the control of the first control unit 724.
  • the first storage unit 722 stores a user interface (UI), a graphical user interface (GUI), and the like.
  • UI user interface
  • GUI graphical user interface
  • the first storage unit 722 stores data and programs necessary for the terminal 720 to operate.
  • the first storage unit 722 stores the identification information of the terminal 720 under the control of the first control unit 724.
  • the identification information of the terminal 720 includes a mobile directory number (MDN), a mobile IP, a mobile MAC, a subscriber identity module (SIM) card unique information, a serial number, and the like.
  • the identification information of the terminal 720 is the International Mobile Subscriber Identity (IMSI) of the USIM provided in the terminal 720, the International Mobile Equipment Identity (IMEI) unique to the terminal 720 ) May be further included.
  • IMSI International Mobile Subscriber Identity
  • IMEI International Mobile Equipment Identity
  • the first display unit 723 may display content such as a menu screen using a user interface or a graphic user interface stored in the first storage unit 722 under the control of the first control unit 724.
  • the content displayed on the first display unit 723 includes text or image data (including various information data) and a menu screen including data such as an icon, a list menu, a combo box, and the like.
  • the first display unit 723 may be a touch screen.
  • the first display unit 723 displays personal image information generated by the control of the first control unit 724.
  • the first controller 724 executes the overall control function of the terminal 720.
  • personally identifiable information includes basic information (e.g., name, social security number, mobile phone number, home address, home phone number, work name, work address, work phone number, e-mail address, etc.) Information (e.g., including family names, friend names, etc.), personal SNS information (e.g., personal blog information, personal website address information, personal Facebook information, etc.), payment information (e.g. card information, bank accounts, etc.) Information, etc.), additional information (eg, hobbies, pictures, avatars, self-introduction, etc.), and the like.
  • basic information e.g., name, social security number, mobile phone number, home address, home phone number, work name, work address, work phone number, e-mail address, etc.
  • Information e.g., including family names, friend names, etc.
  • personal SNS information e.g., personal blog information, personal website address information, personal Facebook information, etc.
  • payment information e.g. card information, bank accounts, etc.
  • additional information e.g
  • the first controller 724 registers (or stores) the generated personal image information of the corresponding terminal 720 with the cloud-based server 710 through the first communication unit 721.
  • the first controller 724 may register identification information of the terminal 720 together with the personal identification information of the corresponding terminal 720 to the cloud-based server 710 through the first communication unit 721.
  • the identification information of the terminal 720 includes MDN, Mobile IP, Mobile MAC, Sim (Subscriber Identification Module) card unique information, serial number and the like.
  • the identification information of the terminal 720 may further include the IMSI (International Mobile Station Identification Number) of the USIM provided in the terminal 720, the IMEI (International Mobile Terminal Identification Number) unique to the terminal 720, and the like.
  • the first control unit 724 communicates with the service providing apparatus 730 including a web server, a web site, and the like through the first communication unit 721.
  • the controller 724 performs a user authentication process for the corresponding terminal 720 (or a user of the terminal 720) by interworking with the service providing device 730 and an authentication server (not shown).
  • the preset event is a new subscription to the corresponding service providing device 730
  • the delivery information should be described (or input / transmitted) by the corresponding service providing device 730 the personal information of the terminal 720 may be changed. It may include a case in which a terminal (not shown) to be transmitted in the form of a push message (or MMS (Multimedia Message Service) message).
  • the user authentication method includes a name / resident registration number / date of birth authentication method, a PIN authentication method, a card authentication method, and the like.
  • the first control unit 724 displays information indicating the user authentication failure on the first display unit 723.
  • the first controller 724 checks one or more input items (or input fields) included in the corresponding personal information.
  • the first control unit 724 receives one or more input items included in the corresponding personal information transmitted from the service providing device 730 through the first communication unit 721 and based on the received one or more input items. You can also check the entries included in your personal information.
  • the first controller 724 matches one or more input items among personal image information of the terminal 720 registered in advance in the cloud-based server 710.
  • the matching result corresponds to any one of a success state, a hold state, and a fail state.
  • the success state indicates a case where the input item (or input field) matches any one item (or field) of personal identification information registered in advance in the cloud-based server 710.
  • the pending state is a synonym group database (or related keyword database) that the entry does not exactly match any one of the personal identification information registered in advance in the cloud-based server 710, but is registered in advance in the cloud-based server 710.
  • the failure state indicates a case where an input item does not match in both personal information registered in advance in the cloud-based server 710 and in a plurality of synonyms included in the synonym group database registered in advance in the cloud-based server 710.
  • the first controller 724 matches one or more input items to be input corresponding to the occurrence event among the personal identification information of the corresponding terminal 720 registered in advance in the cloud-based server 710.
  • the first control unit 724 One or more input items to be input corresponding to an event occurring among a plurality of synonyms included in a synonym group database registered in advance in the cloud-based server 710 are matched.
  • the first control unit 724 may have a unique value (or a single value) among personal information about the terminal 720 registered in advance in the cloud-based server 710 and information (or fields) included in the synonym group database. Value) is set (or entered) as the primary key value.
  • the first controller 724 displays one or more input items matched with each other in the success state, the held state, and the failed state on the first display unit 723.
  • the first controller 724 edits the corresponding input item according to a user input (or selection) of the terminal 720 with respect to the matched one or more input items displayed on the first display unit 723 in a suspended state or a failed state. (Or modify / select / set) to finally match one or more input items identified when a preset event occurs.
  • the first control unit 724 is a pending state for the first input item displayed on the first display unit 723 to the synonym group database corresponding to the pending state by the user confirmation (or selection) of the terminal 720.
  • the included information is matched with the corresponding first input item.
  • the first controller 724 may be a synonym matched to the user of the terminal 720. Inquire whether to use, and when the use is selected, the matched synonym information is automatically matched (or selected / set) with the value of the specific input item.
  • a character mapping system may be constructed in case the field value of the personal identification information registered in advance in the cloud-based server 710 and the field value requested by the service providing device 730 are different from each other.
  • the first control unit 724 receives (or selects) a specific value for the second input item displayed on the first display unit 723 in a failed state by user editing (or selection) of the terminal 720. Match the received (or selected) specific value to the corresponding second input item.
  • the first controller 724 may generate a preset event generated by interworking with the service providing apparatus 730 based on the last matched information. Perform the function corresponding to
  • the first control unit 724 performs the corresponding event by interworking with the service providing device 730 based on one or more input items checked when the last matched preset event occurs. Perform the function corresponding to In this case, the function corresponding to the corresponding event is to perform a new subscription function for the corresponding service providing device 730 when newly subscribed to the corresponding service providing device 730, and delivers the delivery information to the corresponding service providing device 730. If you need to fill in (or input / transmit) is to perform the corresponding shipping information entry function, if the personal information of the terminal 720 to send a push message (or MMS message) to another terminal (not shown) It may be to perform a function of sending a push message.
  • the first controller 724 transmits the last matched one or more input items (or information on the input items) to the service providing apparatus 730 through the first communication unit 721.
  • the reflection of the previously generated cloud-based personal identification information may be determined by the user's selection of the corresponding terminal 720, thereby minimizing the post-security breach.
  • the first controller 724 receives an event function execution result transmitted from the service providing apparatus 730 in response to the transmitted last matched one or more input items through the first communication unit 721.
  • the first control unit 724 displays the result of performing the function (including normal termination of the event, an event execution error, etc.) on the first display unit 723.
  • the service providing apparatus 730 includes a second communication unit 731, a second storage unit 732, a second display unit 733, and a second control unit 734. Not all components of the service providing apparatus 730 shown in FIG. 10 are essential components, and the service providing apparatus 730 may be implemented by more components than those shown in FIG.
  • the service providing device 730 may also be implemented by a component.
  • the service providing apparatus 730 includes a web server, a web site, and the like.
  • the second communication unit 731 communicates with an internal component or at least one external terminal through an wired / wireless communication network.
  • the external terminal may include a cloud-based server 710, a terminal 720, and the like.
  • the second communication unit 731 is connected to the service providing apparatus 730 transmitted from the cloud-based server 710 under the control of the second control unit 734, personal identification information for the terminal 720, the terminal Receive identification information 720 and the like.
  • the second storage unit 732 stores a user interface (UI), a graphical user interface (GUI), and the like.
  • UI user interface
  • GUI graphical user interface
  • the second storage unit 732 stores data and programs necessary for the service providing device 730 to operate.
  • the second storage unit 732 is personal image information about the terminal 720 connected to the service providing apparatus 730 received through the second communication unit 731 under the control of the second control unit 734, The identification information of the terminal 720 is stored.
  • the second display unit 733 may display content such as a menu screen using a user interface and a graphic user interface stored in the second storage unit 732 under the control of the second control unit 734.
  • the content displayed on the second display unit 733 includes a menu screen including text or image data (including various information data) and data such as an icon, a list menu, a combo box, and the like.
  • the second display unit 733 may be a touch screen.
  • the second display unit 733 may include personally identifiable information about the terminal 720 connected to the service providing device 730 received under the control of the second control unit 734, identification information of the terminal 720, and the like. Is displayed.
  • the second control unit 734 executes the overall control function of the service providing device 730.
  • a preset event that requires input of personal information occurs in a state in which the terminal 720 communicates with the service providing apparatus 730 through the second communication unit 731 (or connected to the corresponding service providing apparatus 730).
  • the second controller 734 performs a user authentication process for the corresponding terminal 720 (or a user of the terminal 720) by interworking with the terminal 720 and the authentication server.
  • the preset event is a new subscription to the corresponding service providing device 730
  • the delivery information should be described (or input / transmitted) by the corresponding service providing device 730 the personal information of the terminal 720 may be changed. It may include a case that should be transmitted in the form of a push message (or MMS message) to the terminal (not shown).
  • the user authentication method includes a name / resident registration number / date of birth authentication method, a PIN authentication method, a card authentication method, and the like.
  • the second controller 734 removes one or more input items (or information on one or more input items) included in the personal information corresponding to the corresponding event that occurred. 2 is transmitted to the terminal 720 through the communication unit 731.
  • the second button is selected.
  • the controller 734 performs a function corresponding to the corresponding event based on one or more input items identified when a preset event, which is finally matched in the corresponding terminal 720, is generated by interworking with the terminal 720.
  • the function corresponding to the corresponding event is to perform a new subscription function for the corresponding service providing device 730 when newly subscribed to the corresponding service providing device 730, and delivers the delivery information to the corresponding service providing device 730.
  • the second button is selected.
  • the controller 734 receives one or more finally matched input items (or information on the input items) transmitted from the terminal 720 through the second communication unit 731.
  • the second controller 734 performs a function corresponding to the corresponding event based on the received last matched one or more input items.
  • the second controller 734 transmits the result of performing the event function to the corresponding terminal 720 through the second communication unit 731.
  • the personal information may be input by interlocking personal identification information previously stored in the cloud-based server.
  • FIG. 11 is a signal flow diagram illustrating a communication process according to an embodiment of a personal information management system of the present invention.
  • personally identifiable information includes basic information (e.g., name, social security number, mobile phone number, home address, home phone number, work name, work address, work phone number, e-mail address, etc.) Information (e.g., including family names, friend names, etc.), personal SNS information (e.g., personal blog information, personal website address information, personal Facebook information, etc.), payment information (e.g. card information, bank accounts, etc.) Information, etc.), additional information (eg, hobbies, pictures, avatars, self-introduction, etc.), and the like.
  • basic information e.g., name, social security number, mobile phone number, home address, home phone number, work name, work address, work phone number, e-mail address, etc.
  • Information e.g., including family names, friend names, etc.
  • personal SNS information e.g., personal blog information, personal website address information, personal Facebook information, etc.
  • payment information e.g. card information, bank accounts, etc.
  • additional information e.g
  • the terminal 720 generates personal identification information according to a user input (or user touch) of the terminal 720 and registers the generated personal identification information with the cloud-based server 710.
  • the terminal 720 may register identification information of the terminal 720 together with the personal image information to the cloud-based server 710.
  • the identification information of the terminal 720 includes MDN, Mobile IP, Mobile MAC, Sim (Subscriber Identification Module) card unique information, serial number and the like.
  • the identification information of the terminal 720 may further include the IMSI (International Mobile Station Identification Number) of the USIM provided in the terminal 720, the IMEI (International Mobile Terminal Identification Number) unique to the terminal 720, and the like.
  • the terminal 720 includes a name (Hong Gil-dong), a resident registration number (123456-*******), a mobile phone number (010- ⁇ - ⁇ ), home address ( ⁇ Gangnam-gu, Seoul ⁇ ) Boulevard ⁇ ), home phone number (02-512- ⁇ ), work name ( ⁇ Bank), work address ( ⁇ ⁇ ⁇ Gangnam-gu, Seoul), e-mail address ( ⁇ @ ⁇ Personal identification information including . ⁇ ⁇ ) is generated, and the generated personal identification information and identification information of the terminal 720 are registered in the cloud-based server 710 (S1110).
  • the preset event is a new subscription to the corresponding service providing device 730
  • the delivery information should be described (or input / transmitted) by the corresponding service providing device 730 the personal information of the terminal 720 may be changed.
  • the user authentication method includes a name / resident registration number / date of birth authentication method, a PIN authentication method, a card authentication method, and the like.
  • the terminal 720 when the terminal 720 (or a user of the terminal 720) newly subscribes to a corresponding web site requiring personal information input from the ⁇ ⁇ web site, the terminal 720 is connected to the ⁇ ⁇ web site and the authentication server. In operation S1120, a user authentication process for the terminal 720 is performed by interworking with the terminal.
  • the terminal 720 outputs information indicating the user authentication failure.
  • the terminal 720 when the user authentication for the corresponding terminal 720 by the interworking between the terminal 720 and the authentication server fails, the terminal 720 outputs information indicating the user authentication failure (S1130).
  • the terminal 720 checks one or more input items (or input fields) included in the corresponding personal information. In this case, the terminal 720 may receive one or more input items included in the corresponding personal information transmitted from the service providing apparatus 730 and check the input items included in the corresponding personal information.
  • the terminal 720 is included in the personal information necessary in the corresponding ⁇ web site transmitted from the ⁇ web site.
  • the user receives an input item such as a name, a mobile phone number, an address (home), an e-mail, and a marriage (S1140).
  • the terminal 720 matches each of one or more input items among personal image information about the terminal 720 registered in advance in the cloud-based server 710.
  • the matching result corresponds to any one of a success state, a pending state, and a failure state.
  • the success status indicates a case where the input item matches any one item (or field) of personal identification information registered in advance in the cloud-based server 710.
  • the pending state is a synonym group database (or related keyword database) that the entry does not exactly match any one of the personal identification information registered in advance in the cloud-based server 710, but is registered in advance in the cloud-based server 710.
  • the failure state indicates a case where an input item does not match in both personal information registered in advance in the cloud-based server 710 and in a plurality of synonyms included in the synonym group database registered in advance in the cloud-based server 710.
  • the terminal 720 matches one or more input items to be input in response to an event occurring among personal image information about the terminal 720 registered in advance in the cloud-based server 710.
  • the terminal 720 is cloud-based.
  • One or more input items to be input corresponding to an event occurring among a plurality of synonyms included in a synonym group database registered in advance in the server 710 are matched.
  • the terminal 720 is a name (Hong Gil-dong), a social security number (123456-*******), a mobile phone number (010- ⁇ ) for the corresponding terminal 720 registered in advance in the cloud-based server 710.
  • ⁇ - ⁇ home address
  • ⁇ -daero ⁇ , Gangnam-gu, Seoul home phone number
  • work name ⁇ bank
  • work address
  • e-mail address ⁇ @ ⁇ . ⁇
  • the name, mobile phone number, Match entries such as address (home), email, and marital status.
  • the matching result is the name included in the personal information required on the website (for example, Hong Gil-dong), the mobile phone number included in the personal information required on the website (for example, 010- ⁇ - ⁇ ) Each of the backs to a success state.
  • the terminal 720 is a plurality of synonyms included in the synonym group database registered in advance in the cloud-based server 710, such as residence, location, address, home, address, address (home), (home) address, place of residence, etc.
  • the terminal 720 matches the personal information information and the information in the corresponding synonym group with respect to the terminal 720 registered in advance in the cloud-based server 710 in a pending state ( For example, the address (home), which is information in the synonym group, is pre-registered to the cloud-based server 710.
  • the terminal 720 Matching the home address ( ⁇ -daero ⁇ , Gangnam-gu, Seoul, Korea) for the corresponding terminal 720, and the electronic address for the corresponding terminal 720 which is registered in advance in the cloud-based server 710 with the email address which is information in the synonym group. Matches a postal address ( ⁇ @ ⁇ . ⁇ ).
  • the terminal 720 matches (or sets) the marital status included in the necessary personal information on the ⁇ web site to a failed state.
  • the terminal 720 sets (or inputs) a unique value as a primary key value to a corresponding input item among personal information and information (or fields) included in the synonym group database (S1150).
  • the terminal 720 displays one or more input items each matched with a success state, a held state, and a failed state.
  • the terminal 720 edits (or modifies / selects / sets) the corresponding input item according to a user input (or selection) of the terminal 720 with respect to the matched one or more input items that are displayed in the held state or the failed state. At least one input item identified when a preset event occurs is finally matched.
  • the terminal 720 includes a name 1211, a mobile phone number 1212, an address (home) 1213, and an e-mail 1214 included in necessary personal information on a web site. And matched information 1210 is displayed for an input item such as marital status 1215.
  • the terminal 720 displays a success state (for example, green) 1221 for the name 1211 and the mobile number 1212, respectively, and an address (home) 1213.
  • e-mail 1214 are each marked as pending (eg yellow) 1222, and a status of failure (eg red) 1223 for marital status 1215.
  • the terminal 720 according to a user input has an address (home) having a pending state 1222 or a failed state 1223 (for example, ⁇ -daero ⁇ -daero, Gangnam-gu, Seoul) 1213 and an email (for example, ⁇ Edit the fields for ⁇ @ ⁇ . ⁇ ) 1214 and marital status (for example, no marriage) 1215, and the name 1211, mobile phone included in the personal information required on the website.
  • Input items such as a number 1212, an address (home) 1213, an e-mail 1214, and a marital status 1215 are finally matched.
  • the terminal 720 may use a synonym matched to a user of the terminal 720. Inquiring whether the user is selected or not, automatically matches (or selects / sets) the matched synonym information with a value of the corresponding specific input item (S1160).
  • the terminal 720 performs a function corresponding to a previously generated event by interworking with the service providing apparatus 730 based on the final matched information.
  • the terminal 720 when a preset button is selected, the terminal 720 performs a function corresponding to the corresponding event by interworking with the service providing apparatus 730 based on one or more input items checked when the last matched preset event occurs. do.
  • the function corresponding to the corresponding event is to perform a new subscription function for the corresponding service providing device 730 when newly subscribed to the corresponding service providing device 730, and delivers the delivery information to the corresponding service providing device 730. If you need to fill in (or input / transmit) is to perform the corresponding shipping information entry function, if the personal information of the terminal 720 to send a push message (or MMS message) to another terminal (not shown) It may be to perform a function of sending a push message.
  • the terminal 720 outputs a result of performing a function on the corresponding event.
  • the terminal 720 may be linked to the service providing device 730.
  • the name for example, Hong Gil-dong
  • mobile phone number for example, 010- ⁇ - ⁇
  • address home
  • a new web site can be found on the web site of ⁇ , including ⁇ -daero ⁇ , Gangnam-gu, Seoul, e-mail (e.g. ⁇ @ ⁇ . ⁇ ), marital status (e.g. no marriage), etc.
  • the terminal 720 outputs information indicating that the new subscription function for the ⁇ web site is normally performed (S1170).
  • the present invention provides a system and method for authenticating a user when using a web service, and if a single web service undergoes an identity authentication process among web services, additionally downloads another web service and executes a separate identity authentication process. And the service can be used immediately without the user additional information input procedure required to use the service.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

La présente invention concerne un système et un procédé d'authentification d'utilisateur lors de l'utilisation d'un service Web et, plus particulièrement, comprend : une base de données d'informations d'utilisateur destinée à stocker en son sein des informations d'utilisateur comprenant des informations d'authentification d'utilisateur et des informations supplémentaires de services individuels ; une unité d'émission de jeton d'authentification destinée à, si un signal de demande d'émission de jeton d'authentification pour le service Web est reçu en provenance d'un terminal, émettre un jeton d'authentification pour lequel un délai d'expiration est défini et à transmettre le jeton d'authentification au terminal ; et une unité d'authentification destinée à, si un signal de demande d'informations d'authentification d'utilisateur comprenant le jeton d'authentification est reçu en provenance d'un dispositif de service Web, effectuer l'authentification d'utilisateur à l'aide du jeton d'authentification et dans le cas d'un utilisateur autorisé, à transmettre, au dispositif de service Web, les informations d'authentification d'utilisateur comprenant une identification d'accès et une CI.
PCT/KR2014/011659 2014-03-26 2014-12-02 Système et procédé d'authentification d'utilisateur lors de l'utilisation d'un service web WO2015147409A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR1020140035558A KR102244523B1 (ko) 2014-03-26 2014-03-26 웹 서비스 이용시 사용자 인증을 위한 시스템 및 방법
KR10-2014-0035558 2014-03-26
KR1020140077408A KR20160000251A (ko) 2014-06-24 2014-06-24 단말과 서비스 제공 장치, 그를 포함하는 신상 정보 관리 시스템, 그 제어 방법 및 컴퓨터 프로그램이 기록된 기록매체
KR10-2014-0077408 2014-06-24

Publications (1)

Publication Number Publication Date
WO2015147409A1 true WO2015147409A1 (fr) 2015-10-01

Family

ID=54195883

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2014/011659 WO2015147409A1 (fr) 2014-03-26 2014-12-02 Système et procédé d'authentification d'utilisateur lors de l'utilisation d'un service web

Country Status (1)

Country Link
WO (1) WO2015147409A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111526201A (zh) * 2020-04-28 2020-08-11 济南浪潮高新科技投资发展有限公司 一种机器人管理方法、***及边缘服务器

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090017962A (ko) * 2007-08-16 2009-02-19 삼성전자주식회사 통신 수행 방법 및 그 장치와, 통신 수행 제어 방법 및 그장치
JP2011238083A (ja) * 2010-05-12 2011-11-24 Nippon Hoso Kyokai <Nhk> 認証連携装置およびそのプログラム、機器認証装置およびそのプログラム、ならびに、認証連携システム
KR20130065912A (ko) * 2011-12-12 2013-06-20 에스케이플래닛 주식회사 개인화된 정보 제공 시스템, 방법 및 그에 대한 기록매체
US20130283362A1 (en) * 2012-04-19 2013-10-24 Microsoft Corporation Authenticating user through web extension using token based authentication scheme
KR20140011031A (ko) * 2012-07-02 2014-01-28 에스케이플래닛 주식회사 웹 브라우저 기반의 단일 인증 서비스 시스템 및 이의 운용 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090017962A (ko) * 2007-08-16 2009-02-19 삼성전자주식회사 통신 수행 방법 및 그 장치와, 통신 수행 제어 방법 및 그장치
JP2011238083A (ja) * 2010-05-12 2011-11-24 Nippon Hoso Kyokai <Nhk> 認証連携装置およびそのプログラム、機器認証装置およびそのプログラム、ならびに、認証連携システム
KR20130065912A (ko) * 2011-12-12 2013-06-20 에스케이플래닛 주식회사 개인화된 정보 제공 시스템, 방법 및 그에 대한 기록매체
US20130283362A1 (en) * 2012-04-19 2013-10-24 Microsoft Corporation Authenticating user through web extension using token based authentication scheme
KR20140011031A (ko) * 2012-07-02 2014-01-28 에스케이플래닛 주식회사 웹 브라우저 기반의 단일 인증 서비스 시스템 및 이의 운용 방법

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111526201A (zh) * 2020-04-28 2020-08-11 济南浪潮高新科技投资发展有限公司 一种机器人管理方法、***及边缘服务器
CN111526201B (zh) * 2020-04-28 2023-01-06 山东浪潮科学研究院有限公司 一种机器人管理方法、***及边缘服务器

Similar Documents

Publication Publication Date Title
WO2016199994A1 (fr) Dispositif et procédé de fourniture de service de livraison préalable d&#39;un produit d&#39;intérêt au moyen d&#39;une boîte de courrier sans opérateur, et support d&#39;enregistrement sur lequel est enregistré un programme informatique
WO2017119548A1 (fr) Procédé d&#39;authentification d&#39;utilisateur à sécurité renforcée
WO2014007516A1 (fr) Système de service à certificat unique et son procédé de fonctionnement
WO2016129838A1 (fr) Dispositif électronique et son procédé de traitement d&#39;informations sécurisées
WO2022050652A1 (fr) Procédé, appareil et support d&#39;enregistrement lisible par ordinateur pour la commande d&#39;un compte
WO2017171167A1 (fr) Dispositif pour fournir des informations de recrutement et de recherche d&#39;emploi, et procédé associé
WO2018166099A1 (fr) Procédé et dispositif de détection de fuite d&#39;informations, serveur et support d&#39;informations lisible par ordinateur
WO2012108661A2 (fr) Système et procédé d&#39;authentification de sécurité d&#39;un abonné bidirectionnel sur un réseau de communication, et support d&#39;enregistrement sur lequel le procédé est enregistré
WO2022102930A1 (fr) Système did utilisant une authentification par pin de sécurité basée sur un navigateur, et procédé de commande associé
WO2015111950A1 (fr) Procédé d&#39;intermédiation de messages, procédé de traitement de messages, procédé de gestion de service et dispositif de mise en œuvre ceux-ci
WO2015041401A1 (fr) Procédé et système d&#39;authentification sans fil pour mot de passe à usage unique de terminal de communication mobile ayant une fonction de communication en champ proche
WO2014107067A1 (fr) Système d&#39;auto-paiement par carte de crédit utilisant un terminal de communication mobile, et procédé associé
WO2015126037A1 (fr) Système et procédé d&#39;identification personnelle et antivol utilisant une clé aléatoire jetable
WO2019019245A1 (fr) Procédé et système d&#39;achat de portefeuille de fonds, et support d&#39;informations
WO2020091525A1 (fr) Procédé de paiement à l&#39;aide d&#39;une authentification biométrique et dispositif électronique associé
WO2020091194A1 (fr) Système de téléphone intelligent virtuel en nuage
WO2017171168A1 (fr) Support d&#39;enregistrement lisible par ordinateur permettant d&#39;enregistrer un procédé destiné à fournir des informations de recrutement et de recherche d&#39;emploi
WO2022163893A1 (fr) Procédé de fourniture de service de paiement et dispositif électronique l&#39;exécutant
WO2013039304A1 (fr) Procédé d&#39;enregistrement d&#39;une adhésion pour un paiement électronique, système associé, et appareil et terminal associés
WO2015147409A1 (fr) Système et procédé d&#39;authentification d&#39;utilisateur lors de l&#39;utilisation d&#39;un service web
WO2015026083A1 (fr) Système et procédé de sécurisation de message texte permettant d&#39;empêcher l&#39;utilisation illégale d&#39;une authentification utilisateur par un téléphone mobile et d&#39;empêcher le hameçonnage par sms
WO2018048036A1 (fr) Dispositif de commande dédié permettant de commander un produit, procédé et système de commande d&#39;un produit au moyen dudit dispositif et support d&#39;enregistrement dans lequel est enregistré un programme informatique
WO2018062636A1 (fr) Dispositif de commande dédié pourvu d&#39;une fonction de notification de promotion, système et procédé de commande de produit à l&#39;aide de ce dernier et support d&#39;enregistrement enregistré avec un programme d&#39;ordinateur
WO2017073870A1 (fr) Dispositif d&#39;utilisateur, procédé de recherche de carte mobile en fonction d&#39;une reconnaissance de motif et support d&#39;enregistrement ayant un programme d&#39;ordinateur enregistré sur celui-ci
WO2021096205A1 (fr) Système ou procédé permettant d&#39;installer ou d&#39;exécuter une application serveur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14887325

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14887325

Country of ref document: EP

Kind code of ref document: A1