WO2018124857A1 - Procédé et terminal d'authentification sur la base d'une base de données de chaînes de blocs d'un utilisateur sans face-à-face au moyen d'un id mobile, et serveur utilisant le procédé et le terminal - Google Patents

Procédé et terminal d'authentification sur la base d'une base de données de chaînes de blocs d'un utilisateur sans face-à-face au moyen d'un id mobile, et serveur utilisant le procédé et le terminal Download PDF

Info

Publication number
WO2018124857A1
WO2018124857A1 PCT/KR2018/000065 KR2018000065W WO2018124857A1 WO 2018124857 A1 WO2018124857 A1 WO 2018124857A1 KR 2018000065 W KR2018000065 W KR 2018000065W WO 2018124857 A1 WO2018124857 A1 WO 2018124857A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
face
authentication
information
mobile
Prior art date
Application number
PCT/KR2018/000065
Other languages
English (en)
Korean (ko)
Inventor
박종은
현상훈
송주한
이준섭
어준선
홍재우
Original Assignee
주식회사 코인플러그
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 코인플러그 filed Critical 주식회사 코인플러그
Publication of WO2018124857A1 publication Critical patent/WO2018124857A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing

Definitions

  • the present invention relates to a method for non-face-to-face authentication of a user using a blockchain-based mobile ID, a terminal, and a server using the same. More specifically, a user certificate is registered in a blockchain database and a blockchain transaction ID corresponding thereto.
  • a blockchain transaction corresponding to the user's public key or the user identification information Check the user certificate registered in the blockchain database with reference to the ID, and if the user certificate is confirmed, by supporting or transmitting the verification means value to the user terminal, the user terminal to sign the verification means value with the user's private key
  • the user signature value is checked using the public key of the user certificate corresponding to the verification target ID, and the verification result of the specific mobile ID according to the validity is sent to the service server.
  • a method of non-face-to-face authentication of a user using a blockchain-based mobile ID that enables the service server to perform non-face-to-face authentication of a user by referring to the verification result, and to a terminal and a server using the same. It is about.
  • non-face-to-face financial transactions due to the non-face-to-face authentication characteristics of all financial transactions including funds withdrawal and transfer, non-face-to-face financial channels, browser vulnerabilities, communication network security vulnerabilities, Numerous security features such as keyboard hacking security, security card, and one time password (OTP) have been added, but the conventional security functions are exposed when security information is exposed through memory hacking or sniffing on the customer's network. In addition, it is difficult to detect even if the user requests to transfer a large amount of funds to the hacker's account by changing some of the information transmitted and received through the communication network, and the transaction request is converted into a normal transaction request by the manipulation information as described above. Contains the problem to handle.
  • the present invention aims to solve all the above-mentioned problems.
  • Another object of the present invention is to provide a method, a terminal, and a server to which copying or forgery is impossible using a blockchain-based mobile ID.
  • another object of the present invention is to provide a method, a terminal, and a server for securing a user certificate according to a mobile ID by using a hash function and an encryption technique, and for ensuring that the forgery / modulation is impossible.
  • the present invention is to provide a method, a terminal and a server that can prevent the problem due to user information theft because the user is verified and authenticated through a one-time verification means value.
  • a method for performing non-face-to-face authentication using a mobile ID comprising: (a) a public key of a user, user identification information for identifying the user, and user information of the user; In the state of registering a user certificate including a hash value of a user information hash value in a blockchain database and managing a blockchain transaction ID corresponding thereto, the user terminal corresponding to a specific mobile ID selection of the user for non-face-to-face authentication
  • the authentication server refers to the blockchain transaction ID corresponding to the user's public key or the user identification information.
  • the authentication server supports or sends the verification means value to the user terminal, thereby causing the user terminal to sign the verification means value with the private key of the user.
  • the authentication server determines that the verification of the user certificate corresponding to the verification target ID is performed.
  • a verification means value obtained by the user terminal from the authentication server-the verification means value is a public of the user
  • a user certificate including a key, user identification information for identifying the user, and a user information hash value that is a hash value for the user information of the user is registered in a blockchain database and manages a corresponding blockchain transaction ID.
  • the authentication server is the blockchain corresponding to the user's public key or the user identification information included in the mobile ID authentication request information obtained from the user terminal in response to the specific mobile ID selection of the user for non-face-to-face authentication
  • the blockchain database with reference to the transaction ID Confirming the user certificate registered to the user, and if the user certificate for the user is confirmed, to transmit to the user terminal-the user signature value signed with the user's private key, for the user who signed the verification means value
  • a method for performing non-face-to-face authentication using a mobile ID (a) generates and stores a user's public key and the user's private key, and the user's public A user certificate including a key, user identification information for identifying the user, and a user information hash value that is a hash value for the user information of the user, to be registered in a blockchain database, the user certificate corresponding to the registered user certificate
  • the user terminal requests a mobile ID authentication request including the user's public key or the user identification information.
  • Step support By sending the information to the authentication server, Step support with reference to the gold chain block transaction identifier corresponding to the public key or the user identification information of the user to determine the user certificate registered in the database, wherein the block chain; And (b) if a verification means value is obtained from the authentication server in response to the verification of the user certificate for the user, the user terminal signing the verification means value with the private key of the user, the verification
  • the service server By requesting a non-face-to-face authentication to the service server using the verification target ID, which is an ID for the user who signed the means value, and non-face-to-face authentication request information including the user information, the service server causes the user server to verify the user signature value and the verification.
  • the verification request for the specific mobile ID is requested to the authentication server using the verification request information for the specific mobile ID including a target ID, and the user is referred to the verification result for the specific mobile ID received from the authentication server.
  • Assisting to perform non-face-to-face authentication for; There is provided a method comprising a.
  • a method for performing non-face-to-face authentication using a mobile ID (a) a user's public key, user identification information for identifying the user, and user information of the user Responding to the non-face-to-face authentication information input signal of the user through the service web while registering a user certificate including a user information hash value, which is a hash value for, in a blockchain database and managing a corresponding blockchain transaction ID
  • the authentication server supports (i) transmitting or transmitting a selection request signal for the mobile ID to a user terminal corresponding to the user identification information.
  • the authentication server determines that the Supporting the service server to transmit the non-face-to-face authentication request information to the service web by supporting, or transmitting, the face-to-face authentication request information to the service server; And (c) when verification request information for the specific mobile ID including the user signature value and the verification target ID is obtained from the service server in response to the non-face-to-face authentication request signal of the user through the service web, The authentication server checks whether the user signature value is valid using the public key of the user of the user certificate corresponding to the verification target ID, and checks the specific mobile ID according to whether the verified user signature value is valid. Supporting the service server to perform non-face-to-face authentication with respect to the user by referring to the verification result by supporting or transmitting the verification result to the service server; There is provided a method comprising a.
  • the service server in a method for performing non-face-to-face authentication using a mobile ID, (a) the user's public key by the authentication server, user identification information for identifying the user, and In a state where a user certificate including a user information hash value, which is a hash value of a user's user information, is registered in the blockchain database and a corresponding blockchain transaction ID is managed, the service server may be configured to perform the user's service through the service web.
  • the authentication server By transmitting the user identification information for the non-face-to-face authentication to the authentication server in response to the non-face-to-face authentication information input signal, the authentication server (i) to the user terminal corresponding to the user identification information for the mobile ID Support to transmit a selection request signal, and (ii) from the user terminal
  • the mobile terminal is registered in the blockchain database with reference to the blockchain transaction ID corresponding to the user's public key or the user identification information.
  • the user certificate for the user is verified to support the authentication server to (i) transmit or transmit verification means values to the user terminal, and (ii) send the verification means values from the user terminal to the user.
  • the non-face-to-face authentication request information including the user signature value signed with the private key, the verification target ID which is the ID for the user who signed the verification means value, and the user information is transmitted and the non-face-to-face authentication request information is transmitted, Acquiring, by the service server, the non-face-to-face authentication request information transmitted from the authentication server, and transmitting or transmitting the obtained non-face-to-face authentication request information to a service web; (c) when the user transmits a non-face-to-face authentication request signal using the non-face-to-face authentication request information through the service web, the service server responds to the non-face-to-face authentication request signal and the user signature value and the verification.
  • the authentication server uses the public key of the user of the user certificate corresponding to the verification target ID. Confirming whether the user signature value is valid and supporting or transmitting a verification result for the specific mobile ID according to the confirmed user signature value to the service server; And (d) when the verification result for the specific mobile ID is obtained from the authentication server, performing, by the service server, non-face-to-face authentication with respect to the user with reference to the verification result;
  • a method comprising a.
  • a method for performing non-face-to-face authentication using a mobile ID (a) generates and stores a user's public key and the user's private key, and the user's public Register a user certificate including a key, user identification information for identifying the user, and a user information hash value that is a hash value for the user information of the user in a blockchain database, wherein the user certificate corresponds to the registered user certificate.
  • the user terminal In the state of managing a mobile ID, in response to the user identification information for the non-face-to-face authentication from the service server corresponding to the non-face-to-face authentication information input signal of the user through the service web for the mobile ID from the authentication server When the selection request signal is obtained, the user terminal, the user Transmitting the mobile ID authentication request information corresponding to the specific mobile ID selection by the authentication server to cause the authentication server to refer to the blockchain transaction ID corresponding to the public key of the user or the user identification information.
  • Validation request information for the specific mobile ID including the target ID is captured And, if the user signature value is valid using the public key of the user of the user certificate corresponding to the verification target ID, (iii) the identification according to whether the checked user signature value is valid. Transmitting a verification result for a mobile ID to the service server so that the service server can perform non-face-to-face authentication with respect to the user with reference to the verification result; There is provided a method comprising a.
  • an authentication server performing non-face-to-face authentication using a mobile ID, a public key of a user, user identification information for identifying the user, and user information of the user
  • the user terminal corresponding to a specific mobile ID selection of the user for non-face-to-face authentication
  • a communication unit for obtaining mobile ID authentication request information including the public key of the user or the user identification information from the communication unit; And checking the user certificate registered in the blockchain database with reference to the blockchain transaction ID corresponding to the user's public key or the user identification information, and if the user certificate for the user is verified, a verification means value.
  • the user signature value of signing the verification means value with the private key of the user By transmitting or transmitting the user terminal to the user terminal, the user signature value of signing the verification means value with the private key of the user, a verification target ID which is an ID for the user who signed the verification means value, and A process for supporting a non-face-to-face authentication request to a service server using non-face-to-face authentication request information including the user information, and for the specific mobile ID including the user signature value and the verification target ID from the service server.
  • the verification request information If so, the user signature value is checked using a public key of the user of the user certificate corresponding to the verification target ID, and for the specific mobile ID according to whether the checked user signature value is valid.
  • a processor that performs a process of supporting or transmitting a verification result to the service server, thereby enabling the service server to perform non-face-to-face authentication with respect to the user with reference to the verification result;
  • An authentication server comprising a is provided.
  • a verification means value obtained by the user terminal from the authentication server-the verification means value is a public key of the user
  • a user certificate including user identification information for identifying the user and a user information hash value that is a hash value of the user information of the user is registered in a blockchain database and a blockchain transaction ID corresponding thereto is managed.
  • the blockchain data with reference to Confirming the user certificate registered in e-mail, and transmitting the user certificate to the user terminal when the user certificate for the user is confirmed-to the user who signed the private key of the user and the verification means value.
  • a communication unit that obtains the non-face-to-face authentication request information received from the user terminal when the non-face-to-face authentication request is made using a verification target ID which is a user ID and a non-face-to-face authentication request information including the user information; And the verification request information for the specific mobile ID, wherein the verification request information includes the user signature value and the verification target ID, so that the authentication server corresponds to the verification target ID.
  • a user's public key and a user's private key are generated and stored, and the user's public key
  • the user certificate including user identification information for identifying the user, and a user information hash value that is a hash value for the user information of the user is registered in a blockchain database, and the mobile corresponding to the registered user certificate.
  • the mobile ID authentication request information including the user's public key or the user identification information is transmitted to an authentication server.
  • the authentication server causes the service server to include the user signature value and the verification target ID.
  • a user terminal comprising a.
  • the authentication server to perform a non-face-to-face authentication using a mobile ID, a public key of the user, user identification information for identifying the user, and the user information of the user
  • a user certificate including a hash value of a user information being a hash value registered in a blockchain database and managing a blockchain transaction ID corresponding thereto
  • a service corresponding to a non-face-to-face authentication information input signal of the user through a service web A communication unit for obtaining the user identification information for the non-face-to-face authentication from a server; And (i) supporting or transmitting a selection request signal for the mobile ID to a user terminal corresponding to the user identification information, and (ii) the mobile corresponding to the user selecting a specific mobile ID from the user terminal.
  • Verification vs. ID for the user who signed the When the non-face-to-face authentication request information including the ID and the user information is obtained, the non-face-to-face authentication request information is supported or transmitted to the service server so that the service server requests the non-face-to-face authentication request to the service web.
  • Verification results for the service server A processor for supporting the service server to perform non-face-to-face authentication with respect to the user by referring to the verification result; An authentication server comprising a is provided.
  • a service server performing non-face-to-face authentication using a mobile ID
  • the public server of the user the user identification information for identifying the user, and the user's by the authentication server
  • a user certificate including a user information hash value which is a hash value for user information
  • the non-face-to-face authentication request information transmitted from a server, and supporting or transmitting the obtained non-face-to-face authentication request information to a service web, wherein the user uses the non-face-to-face authentication request information through the service web.
  • the non-face-to-face authentication request signal is transmitted, the non-face-to-face authentication request signal is transmitted.
  • the verification server transmitting or transmitting verification request information for the specific mobile ID including the user signature value and the verification target ID to the authentication server, thereby causing the authentication server to perform the verification of the user certificate corresponding to the verification target ID.
  • a service server comprising a.
  • the user's public key and the user's private key are generated and stored, and the user's public key
  • the user certificate including user identification information for identifying the user and a user information hash value that is a hash value of the user information of the user is registered in a blockchain database, and the mobile ID corresponding to the registered user certificate.
  • the request for selection of the mobile ID from the authentication server in response to the user identification information for the non-face-to-face authentication from the service server corresponding to the non-face-to-face authentication information input signal of the user through the service web
  • a communication unit for obtaining a signal ; And transmitting the mobile ID authentication request information corresponding to the specific mobile ID selection by the user to the authentication server, thereby causing the authentication server to refer to the blockchain transaction ID corresponding to the user's public key or the user identification information.
  • a verification means value obtained from the authentication server in response to the verification of the user certificate registered in the blockchain database, and the verification of the user certificate for the user.
  • the non-face-to-face authentication request information including the user signature value signed with the private key, the verification target ID which is the ID for the user who signed the verification means value, and the user information, to the authentication server
  • the non-face-to-face authentication request information is transmitted to the service web through the service server, and (ii) received from the service server in response to the non-face-to-face authentication request signal of the user through the service web.
  • the verification request information for the specific mobile ID including the user signature value and the verification target ID is obtained, validity of the user signature value using the public key of the user of the user certificate corresponding to the verification target ID is obtained.
  • a computer readable recording medium for recording a computer program for executing the method of the present invention is further provided.
  • the present invention can be made impossible to copy or forgery / alteration using a blockchain-based mobile ID.
  • the present invention by using a hash function and encryption technology for the user certificate according to the mobile ID can be secured and forgery / forgery is impossible.
  • the present invention is to verify and authenticate the user through a one-time verification means value to prevent the problem of the user information theft in advance.
  • FIG. 1 schematically shows a system for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • FIG. 2 schematically illustrates a method for issuing a mobile ID in a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • FIG. 3 illustrates an example of a mobile ID issued in a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • FIG. 4 schematically illustrates a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • FIG. 5 schematically illustrates a modification of a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • FIG. 6 schematically illustrates a method for performing non-face-to-face authentication using a mobile ID according to another embodiment of the present invention.
  • FIG. 1 schematically illustrates a system for authenticating a user using a mobile ID according to an embodiment of the present invention, the system including a user terminal 100, an authentication server 200, and a service server 300. can do.
  • the user terminal 100 is a mobile device that displays a mobile ID, and may include a mobile computer, a PDA / EDA, a mobile phone, a smartphone, a tablet, and the like.
  • the user terminal 100 is not limited thereto, and may include all mobile devices such as a portable game machine having a wired / wireless communication function, a digital camera personal navigation, and the like.
  • the user terminal 100 may include a communication unit that supports the transmission and reception of information and a processor that processes the information.
  • the user terminal 100 may include a mobile ID app 110 which is a user interface provided by an authentication server and a service app 120 which is a user interface provided by a service server.
  • the authentication server 200 may include a communication unit 210 and a processor 220.
  • the same reference numerals are used for the convenience of description and are not intended to mean that these individual devices are the same.
  • the server may be configured differently to perform the corresponding method or may be performed through the same authentication server 200.
  • the authentication server 200 may be a server corresponding to each node of the blockchain database 400 or a server managing each node of the blockchain database 400.
  • authentication server 200 is typically a computing device (eg, a device that may include components of a computer processor, memory, storage, input and output devices, other conventional computing devices; electronics such as routers, switches, etc.).
  • NAS network attached storage
  • SAN storage area network
  • computer software ie, instructions that cause a computing device to function in a particular way.
  • the communication unit 210 of the computing device may transmit and receive a request and a response with another computing device to be interlocked.
  • the request and response may be made by the same TCP session, but are not limited thereto.
  • it may be transmitted and received as a UDP datagram.
  • the processor 220 of the computing device may include a hardware configuration such as a micro processing unit (MPU) or a central processing unit (CPU), a cache memory, a data bus, and the like.
  • the operating system may further include a software configuration of an application performing a specific purpose.
  • the service server 300 may include a communication unit and a processor, and may provide a corresponding service to a user through non-face-to-face authentication of the user.
  • the service server 300 may be a financial server, but is not limited thereto, and may include all servers that provide a service through non-face-to-face authentication.
  • service server 300 is typically a computing device (eg, a device that may include components of a computer processor, memory, storage, input and output devices, other conventional computing devices; electronics such as routers, switches, etc.).
  • NAS network attached storage
  • SAN storage area network
  • computer software ie, instructions that cause a computing device to function in a particular way.
  • the method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention through the system configured as described above is as follows.
  • the mobile ID may include all commonly used IDs such as a national license, a private certificate, an employee ID, a student ID, as well as a public ID such as a driver's license, a health insurance card, an alien registration card, a civil servant card, a youth card, a disability registration card, and a resident registration card.
  • the user terminal 100 transmits the mobile ID issue request transaction to the authentication server 200 (S101).
  • the mobile ID issuance request transaction includes mobile ID information input by the user, and the mobile ID information may be a picture image of the user and display information for each ID.
  • the mobile ID information may include personal information of the user.
  • the authentication server 200 obtains a mobile ID issuance request transaction including at least user information from the user terminal 100, and confirms the user using the obtained user information and the like (S102).
  • the user verification may use a public key infrastructure (PKI) certificate or user's personal information, but is not limited thereto.
  • PKI public key infrastructure
  • a specific issuer can be verified through a public key-based certificate such as an accredited certificate or an OPSign certificate, or an individual, a bank, or an organization can verify the identity of an individual such as a social security number, a passport, a corporate registration number, a business registration number, and login information.
  • User can be identified through personal information.
  • the authentication server 200 transmits a certificate registration request signal to the user terminal 100 (S103).
  • the user terminal 100 generates a public key and a private key, which are authentication keys, in response to the certificate registration request signal (S104), so that confirmation information for controlling user access to the private key is set by the user.
  • the confirmation information is pass information for accessing the private key and may include a password, biometric information, and the like.
  • setting of confirmation information for access control on the private key may be omitted.
  • the setting of the confirmation information may be performed before generating the authentication key of the user.
  • the user terminal 100 may extract the public key of the user from the authentication key, and transmit the certificate registration information including the extracted public key and user identification information to the authentication server 200 (S106).
  • the user identification information is unique information given for each user for user identification, and may include a push token, a user ID, a social security number, a user terminal ID, an IP address of a user terminal, a phone number, and the like.
  • the authentication server 200 generates a user's certificate with reference to the certificate registration information transmitted and obtained from the user terminal 100 (S107). That is, the authentication server 200 generates a user certificate including a user information hash value, which is a hash value generated by applying a hash function to the confirmed user information, in addition to the public key and user identification information obtained from the certificate registration information.
  • hash functions for generating hash values are MD4 function, MD5 function, SHA-0 function, SHA-1 function, SHA-224 function, SHA-256 function, SHA-384 function, SHA-512 function, and HAS-160 function. It may include, but is not limited to this will be appreciated by those skilled in the art. For example, Triple SHA256 would be possible.
  • the authentication server 200 registers the generated user certificate in the blockchain database 400 such that copying or forgery / modulation is impossible (S108).
  • the authentication server 200 registers a user certificate in the blockchain database 400 (S108), and the blockchain indicating location information on the blockchain database 400 of the user certificate registered in the blockchain database 400.
  • the transaction ID may be obtained (S109) and managed.
  • the blockchain database 400 may include at least some of a private blockchain database and a public blockchain database.
  • the authentication server 200 may issue a mobile ID to the user terminal 100 (S110).
  • the mobile ID may be used by the mobile device, which is the user terminal 100, and may have a mobile ID display area 10 and a mobile ID information area 20.
  • the mobile ID display area 10 relates to user information to be displayed for each ID.
  • the mobile ID display area 10 includes information such as a photo image, a name, an ID number, and the like.
  • the mobile ID display area 10 may be changed according to the display information of the ID to be implemented by the mobile ID.
  • the corresponding information may be stored in the user terminal 100 or in the authentication server 200.
  • the mobile ID information area 20 includes information for authentication of the user as a user signature value signed with the user's private key, and has a changed value every time authentication is performed, thereby preventing problems due to user information theft. Will be prevented.
  • a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention in a state where a mobile ID is issued by such a method is as follows.
  • a user certificate including a public key of a user, user identification information for identifying a user, and a user information hash value that is a hash value for the user information of the user is registered in the blockchain database 400, and If the user generates a non-face-to-face authentication information input signal through the service app 120 of the user terminal 100 for non-face-to-face authentication in a state of managing a corresponding blockchain transaction ID (S200), for example, If the user clicks the non-face-to-face authentication start button to proceed with the non-face-to-face authentication for access to the corresponding service through the service app 120, the user terminal 100 is a non-face-to-face authentication information input signal through the service app 120 In response to the mobile ID selection request signal (S201) according to the user to select a specific mobile ID through the mobile ID app (110) Can.
  • S201 mobile ID selection request signal
  • the user terminal 100 authenticates the specific mobile ID selected by the user with the authentication server 200.
  • the request transaction can be transmitted (S203).
  • the authentication request transaction may be mobile ID authentication request information including a user's public key or user identification information.
  • the user terminal 100 allows the user to input confirmation information when a specific mobile ID is selected by the user, and authentication according to user confirmation when the confirmation information input by the user matches the set confirmation information.
  • the request transaction may be transmitted to the authentication server 200.
  • the authentication server 200 registers in the blockchain database 400 with reference to the blockchain transaction ID corresponding to the user's public key or user identification information included in the mobile ID authentication request information obtained from the user terminal 100.
  • the registered user certificate is the registered user certificate.
  • a certificate verification transaction is transmitted to the blockchain blockchain database 400 using a blockchain transaction ID corresponding to the user's public key or user identification information (S204), and the blockchain blockchain database 400 correspondingly.
  • the authentication server 200 checks whether the confirmed user certificate is valid. If there is no certificate matching the user or the user certificate is invalid due to revocation, the authentication server 200 transmits an error signal corresponding to the authentication failure to the user terminal. Can be.
  • the authentication server 200 may obtain a user information hash value by referring to the confirmed user certificate.
  • the authentication server 200 may generate a verification means value (S206) and support the transmission or transmission to the user terminal 100 (S207).
  • the verification means value may include a nonce, an OTP, a timestamp, and the like.
  • the authentication server 200 may transmit the verification target ID to the user terminal 100 together with the verification means value.
  • the verification target ID indicates owner information on the generated verification means value and may be a user information hash value obtained from the user certificate.
  • the verification target ID may be a public key of the user.
  • the mobile ID app 110 of the user terminal 100 may request the user to input confirmation information, and if the confirmation information input by the user matches the set information, the access to the private key allows the authentication server ( A user signature value signed using the private key of the user is generated using the verification means value obtained from the user 200 (S208). However, if the confirmation information input by the user does not match the set information, access to the private key is denied so that the user signature value is not generated.
  • the user terminal 100 faces the service server 300 using a non-face-to-face authentication request information including a user signature value, a verification target ID which is an ID for the user who signed the verification means value, and user information. You can request certification.
  • the verification target ID may be a user information hash value obtained along with the verification means value from the authentication server 200. Otherwise, the public key of the user may be used as the verification target ID.
  • the mobile ID app 110 of the user terminal 100 generates non-face-to-face authentication request information including the user signature value, the verification target ID, and the user information, and transmits the generated information to the service app 120 (S209).
  • the app 120 may request non-face-to-face authentication to the service server 300 using the non-face-to-face authentication request information (S210 and S211).
  • the service server 300 may request verification of a specific mobile ID to the authentication server 200 using a user signature value of non-face-to-face authentication request information obtained from the user terminal 100.
  • the service server 300 extracts the user signature value and the verification target ID from the non-face-to-face authentication request information obtained from the user terminal 100 (S212), and the specific mobile ID including the user signature value and the verification target ID.
  • the verification request information is transmitted to the authentication server 200 (S213).
  • the authentication server 200 checks the validity of the verification request user signature value using the public key of the user certificate of the user certificate corresponding to the verification target ID (S214), according to the validity of the confirmed user signature value
  • the verification result for the specific mobile ID is transmitted to the service server 300 (S215).
  • the verification target ID may be a public key of the user or a hash value of the user information transmitted from the authentication server 200 to the user terminal 100
  • the authentication server 200 may be a public key of the user obtained from the service server 300.
  • the verification means value is extracted from the user signature value by using the public key of the user included in the user certificate matching the user information hash value, and the verification means value extracted from the user signature value and the verification means value transmitted to the user terminal are By checking the match, it is possible to determine whether the user signature value is valid.
  • the authentication server 200 transmits the verification means value to the user terminal or supports a specific mobile ID from the service server. If the time interval between second times at which the verification request information is obtained is greater than or equal to the set value, it may be determined that the user signature value is invalid. In addition, the authentication server 200 may transmit the verification result for the specific mobile ID to the service server 300 as the verification failure due to the invalid user signature value.
  • the service server 300 performs a non-face-to-face authentication with respect to the user by referring to the verification result received from the authentication server 200 (S216), and performs the non-face-to-face authentication result of the service app of the user terminal 100 ( 120 may be transmitted (S217).
  • FIG. 5 schematically illustrates a modified example of a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • FIG. 5 schematically illustrates a modified example of a method for performing non-face-to-face authentication using a mobile ID according to an embodiment of the present invention.
  • an embodiment of the present invention according to FIG. 5 will be described.
  • a user certificate including a public key of a user, user identification information for identifying a user, and a user information hash value that is a hash value for the user information of the user is registered in the blockchain database 400, and While managing the corresponding blockchain transaction ID, the mobile app 110 of the user terminal 100 supports the user to select a specific mobile ID for non-face-to-face authentication, the user of the user terminal 100
  • the user terminal 100 may transmit an authentication request transaction for the specific mobile ID selected by the user to the authentication server 200 (S301).
  • the authentication request transaction may be mobile ID authentication request information including a user's public key or user identification information.
  • the user terminal 100 allows the user to input confirmation information when a specific mobile ID is selected by the user, and authentication according to user confirmation when the confirmation information input by the user matches the set confirmation information.
  • the request transaction may be transmitted to the authentication server 200.
  • the authentication server 200 registers in the blockchain database 400 with reference to the blockchain transaction ID corresponding to the user's public key or user identification information included in the mobile ID authentication request information obtained from the user terminal 100.
  • the registered user certificate is the registered user certificate.
  • a certificate verification transaction is transmitted to the blockchain blockchain database 400 using a blockchain transaction ID corresponding to the user's public key or user identification information (S302), and correspondingly, the blockchain blockchain database 400 Check the certificate included in the data message received from the (S303). At this time, the authentication server 200 checks whether the confirmed user certificate is valid. If there is no certificate matching the user or the user certificate is invalid due to revocation, the authentication server 200 transmits an error signal corresponding to the authentication failure to the user terminal. Can be.
  • the authentication server 200 may obtain a user information hash value by referring to the confirmed user certificate.
  • the authentication server 200 may generate a verification means value (S304) and support the transmission or transmission to the user terminal 100 (S305).
  • the verification means value may include a nonce, an OTP, a timestamp, and the like.
  • the authentication server 200 may transmit the verification target ID to the user terminal 100 together with the verification means value.
  • the verification target ID indicates owner information on the generated verification means value and may be a user information hash value obtained from the user certificate.
  • the verification target ID may be a public key of the user.
  • the mobile ID app 110 of the user terminal 100 may request the user to input confirmation information, and if the confirmation information input by the user matches the set information, the access to the private key allows the authentication server ( A user signature value signed using the private key of the user is generated using the verification means value obtained from 200 (S306). However, if the confirmation information input by the user does not match the set information, access to the private key is denied so that the user signature value is not generated.
  • the user terminal 100 uses the user signature value, the verification target ID which is the ID for the user who signed the verification means value, and the non-face-to-face authentication request information including the user information to the service server 300.
  • In-person authentication may be requested.
  • the verification target ID may be a user information hash value obtained along with the verification means value from the authentication server 200. Otherwise, the public key of the user may be used as the verification target ID.
  • the mobile ID app 110 of the user terminal 100 generates non-face-to-face authentication request information including a user signature value, verification target ID, and user information, and then accesses a service for performing face-to-face authentication. It supports the user to select a specific service app among a plurality of service apps for (S307).
  • the mobile ID app 110 of the user terminal 100 transmits the non-face-to-face authentication request information to the specific service app 120 selected by the user.
  • the service app 120 may request non-face-to-face authentication to the service server 300 using the non-face-to-face authentication request information (S309 and S310).
  • the service server 300 may request verification of a specific mobile ID to the authentication server 200 using a user signature value of non-face-to-face authentication request information obtained from the user terminal 100.
  • the service server 300 extracts the user signature value and the verification target ID from the non-face-to-face authentication request information obtained from the user terminal 100 (S311), and to a specific mobile ID including the user signature value and the verification target ID.
  • the verification request information is transmitted to the authentication server 200 (S312).
  • the authentication server 200 checks the validity of the verification request user signature value using the public key of the user certificate of the user certificate corresponding to the verification target ID (S313), according to the validity of the confirmed user signature value
  • the verification result for the specific mobile ID is transmitted to the service server 300 (S314).
  • the verification target ID may be a public key of the user or a hash value of the user information transmitted from the authentication server 200 to the user terminal 100
  • the authentication server 200 may be a public key of the user obtained from the service server 300.
  • the verification means value is extracted from the user signature value by using the public key of the user included in the user certificate matching the user information hash value, and the verification means value extracted from the user signature value and the verification means value transmitted to the user terminal are By checking the match, it is possible to determine whether the user signature value is valid.
  • the authentication server 200 transmits the verification means value to the user terminal or supports a specific mobile ID from the service server. If the time interval between second times at which the verification request information is obtained is greater than or equal to the set value, it may be determined that the user signature value is invalid. In addition, the authentication server 200 may transmit the verification result for the specific mobile ID to the service server 300 as the verification failure due to the invalid user signature value.
  • the service server 300 performs a non-face-to-face authentication with respect to the user with reference to the verification result received from the authentication server 200 (S315), and the service app (the service app of the user terminal 100) 120 may be transmitted (S316)
  • FIG. 6 schematically illustrates a method for performing non-face-to-face authentication using a mobile ID according to another embodiment of the present invention.
  • FIG. 6 schematically illustrates a method for performing non-face-to-face authentication using a mobile ID according to another embodiment of the present invention.
  • FIG. 6 schematically illustrates a method for performing non-face-to-face authentication using a mobile ID according to another embodiment of the present invention.
  • FIG. 6 schematically illustrates a method for performing non-face-to-face authentication using a mobile ID according to another embodiment of the present invention.
  • a user certificate including a public key of a user, user identification information for identifying a user, and a user information hash value that is a hash value for the user information of the user is registered in the blockchain database 400, and In a state in which a corresponding blockchain transaction ID is being managed, when a user accesses the service server 300 through the service web and generates a non-face-to-face authentication information input signal in the service web for non-face-to-face authentication (S400), for example
  • S400 non-face-to-face authentication
  • the service server 300 face-to-face
  • the user identification information for the user for authentication is transmitted to the authentication server 200 (S401).
  • the authentication server 200 transmits the selection request signal for the mobile ID to the user terminal 100 corresponding to the user identification information (S402), the user terminal 100 is a mobile ID transmitted from the authentication server 200 The user may select a specific mobile ID in response to the selection request signal (S403).
  • the user terminal 100 may transmit an authentication request transaction for the specific mobile ID selected by the user to the authentication server 200.
  • the authentication request transaction may be mobile ID authentication request information including a user's public key or user identification information.
  • the user terminal 100 allows the user to input confirmation information when a specific mobile ID is selected by the user, and authentication according to user confirmation when the confirmation information input by the user matches the set confirmation information.
  • the request transaction may be transmitted to the authentication server 200.
  • the authentication server 200 registers in the blockchain database 400 with reference to the blockchain transaction ID corresponding to the user's public key or user identification information included in the mobile ID authentication request information obtained from the user terminal 100.
  • the registered user certificate is the registered user certificate.
  • a certificate verification transaction is transmitted to the blockchain blockchain database 400 using a blockchain transaction ID corresponding to the user's public key or user identification information (S405), and the blockchain blockchain database 400 corresponding thereto.
  • the authentication server 200 checks whether the confirmed user certificate is valid. If there is no certificate matching the user or the user certificate is invalid due to revocation, the authentication server 200 transmits an error signal corresponding to the authentication failure to the user terminal. Can be.
  • the authentication server 200 may obtain a user information hash value by referring to the confirmed user certificate.
  • the authentication server 200 may generate a verification means value (S407) and support the transmission or transmission to the user terminal 100 (S408).
  • the verification means value may include a nonce, an OTP, a timestamp, and the like.
  • the authentication server 200 may transmit the verification target ID to the user terminal 100 together with the verification means value.
  • the verification target ID indicates owner information on the generated verification means value and may be a user information hash value obtained from the user certificate.
  • the verification target ID may be a public key of the user.
  • the user terminal 100 may request the user to input the confirmation information, and when the confirmation information input by the user matches the set information, the verification means obtained from the authentication server 200 by allowing access to the private key.
  • a user signature value signed using the user's private key is generated (S409). However, if the confirmation information input by the user does not match the set information, access to the private key is denied so that the user signature value is not generated.
  • the user terminal 100 transmits the non-face-to-face authentication request information including the user signature value, the verification target ID which is the ID for the user who signed the verification means value, and the user information to the authentication server 200 (S410).
  • the verification target ID may be a user information hash value obtained along with the verification means value from the authentication server 200. Otherwise, the public key of the user may be used as the verification target ID.
  • the authentication server 200 transmits the non-face-to-face authentication request information transmitted from the user terminal 100 to the service server 300, and the service server 300 knows the non-face-to-face authentication request information through the service web. It is displayed to be able to (S411).
  • the service server 300 signs the user of the non-face-to-face authentication request information transmitted through the service web
  • the verification server 200 may request verification of a specific mobile ID using the value.
  • the service server 300 extracts the user signature value and the verification target ID from the non-face-to-face authentication request information obtained through the service web (S414), and verifies the specific mobile ID including the user signature value and the verification target ID.
  • the request information is transmitted to the authentication server 200 (S415).
  • the authentication server 200 checks the validity of the verification request user signature value using the public key of the user certificate of the user certificate corresponding to the verification target ID (S416), according to the validity of the confirmed user signature value
  • the verification result for the specific mobile ID is transmitted to the service server 300 (S417).
  • the verification target ID may be a public key of the user or a hash value of the user information transmitted from the authentication server 200 to the user terminal 100
  • the authentication server 200 may be a public key of the user obtained from the service server 300.
  • the verification means value is extracted from the user signature value by using the public key of the user included in the user certificate matching the user information hash value, and the verification means value extracted from the user signature value and the verification means value transmitted to the user terminal are By checking the match, it is possible to determine whether the user signature value is valid.
  • the authentication server 200 transmits the verification means value to the user terminal or supports a specific mobile ID from the service server. If the time interval between second times at which the verification request information is obtained is greater than or equal to the set value, it may be determined that the user signature value is invalid. In addition, the authentication server 200 may transmit the verification result for the specific mobile ID to the service server 300 as the verification failure due to the invalid user signature value.
  • the service server 300 performs a non-face-to-face authentication for the user with reference to the verification result received from the authentication server 200 (S418), and transmits the performed non-face-to-face authentication result to the user through the service web. It may be (S419).
  • the embodiments according to the present invention described above may be implemented in the form of program instructions that may be executed by various computer components, and may be recorded in a computer-readable recording medium.
  • the computer-readable recording medium may include program instructions, data files, data structures, etc. alone or in combination.
  • Program instructions recorded on the computer-readable recording medium may be those specially designed and configured for the present invention, or may be known and available to those skilled in the computer software arts.
  • Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs, DVDs, and magneto-optical media such as floptical disks. media), and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
  • Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.
  • the hardware device may be configured to operate as one or more software modules to perform the process according to the invention, and vice versa.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

La présente invention, par rapport à un procédé d'exécution d'une authentification sans face-à-face au moyen d'un ID mobile, est caractérisée en ce que, dans l'état dans lequel un certificat d'authentification d'utilisateur est enregistré dans une base de données de chaînes de blocs et qu'un ID de transaction lui correspondant est administré, un serveur d'authentification, lorsque des données de requête d'authentification d'ID mobile sont acquises, confirme le certificat d'authentification d'utilisateur, prend en charge de sorte qu'une requête d'authentification sans face-à-face est émise par un terminal d'utilisateur depuis un serveur de services, et transmet des résultats de la vérification de l'ID mobile particulier, laquelle est conforme avec la validité ou non d'une valeur de signature d'utilisateur, au serveur de services, prenant ainsi en charge de sorte que les résultats de vérification sont référencés par le serveur de services pour exécuter une authentification sans face-à-face de l'utilisateur.
PCT/KR2018/000065 2017-01-02 2018-01-02 Procédé et terminal d'authentification sur la base d'une base de données de chaînes de blocs d'un utilisateur sans face-à-face au moyen d'un id mobile, et serveur utilisant le procédé et le terminal WO2018124857A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2017-0000435 2017-01-02
KR1020170000435A KR101877333B1 (ko) 2017-01-02 2017-01-02 블록체인 기반의 모바일 아이디를 이용하여 사용자를 비대면 인증하는 방법, 단말 및 이를 이용한 서버

Publications (1)

Publication Number Publication Date
WO2018124857A1 true WO2018124857A1 (fr) 2018-07-05

Family

ID=62710300

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2018/000065 WO2018124857A1 (fr) 2017-01-02 2018-01-02 Procédé et terminal d'authentification sur la base d'une base de données de chaînes de blocs d'un utilisateur sans face-à-face au moyen d'un id mobile, et serveur utilisant le procédé et le terminal

Country Status (2)

Country Link
KR (1) KR101877333B1 (fr)
WO (1) WO2018124857A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450849A (zh) * 2018-09-26 2019-03-08 汤建男 一种基于区块链的云服务器组网方法
CN109474439A (zh) * 2019-01-02 2019-03-15 广州市中智软件开发有限公司 一种基于区块链的电子证照可信签发、调用和使用方法
CN109587154A (zh) * 2018-12-14 2019-04-05 金蝶软件(中国)有限公司 数字身份验证方法、装置、计算机设备和存储介质
CN114124418A (zh) * 2020-08-27 2022-03-01 ***通信集团河南有限公司 一种基于区块链的数据处理方法、装置、***及电子设备

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102096890B1 (ko) * 2018-08-17 2020-04-06 순천향대학교 산학협력단 블록체인 기반 개인정보 처리 시스템 및 방법
KR102220599B1 (ko) * 2018-10-11 2021-02-26 주식회사 디지털존 통합 인증을 위한 블록체인 시스템 및 그것의 제어 방법
KR102284396B1 (ko) * 2018-12-07 2021-08-03 주식회사 코인플러그 생체 정보 기반의 pki 키 생성 방법 및 이를 이용한 키 생성 장치
WO2020117020A1 (fr) * 2018-12-07 2020-06-11 주식회사 코인플러그 Procédé pour générer une clé pki sur la base d'informations biométriques et dispositif pour générer une clé au moyen de ce procédé
KR102118921B1 (ko) * 2018-12-31 2020-06-05 주식회사 코인플러그 블록체인 네트워크를 이용하여 사용자의 아이덴티티를 관리하는 방법 및 서버, 그리고, 블록체인 네트워크 기반의 사용자 아이덴티티를 이용하여 사용자를 인증하는 방법 및 단말
KR102118935B1 (ko) * 2018-12-31 2020-06-05 주식회사 코인플러그 블록체인 네트워크를 이용하여 사용자의 아이덴티티를 관리하는 방법 및 서버, 그리고, 블록체인 네트워크 기반의 사용자 아이덴티티를 이용하여 사용자를 인증하는 방법 및 단말
KR102118947B1 (ko) * 2018-12-31 2020-06-16 주식회사 코인플러그 블록체인 네트워크를 이용하여 사용자의 아이덴티티를 관리하는 방법 및 서버, 그리고, 블록체인 네트워크 기반의 사용자 아이덴티티를 이용하여 사용자를 인증하는 방법 및 단말
KR102085997B1 (ko) * 2019-01-30 2020-04-24 연대겸 블록체인 기반의 부동산 거래 서비스 방법 및 시스템
CN109948371B (zh) * 2019-03-07 2021-06-25 深圳市智税链科技有限公司 为区块链节点发放身份证书的方法及相关装置
KR102118962B1 (ko) * 2019-03-15 2020-06-05 주식회사 코인플러그 블록체인 네트워크를 이용하여 사용자의 아이덴티티를 관리하는 방법 및 서버, 그리고, 블록체인 네트워크 기반의 사용자 아이덴티티를 이용하여 사용자를 인증하는 방법 및 단말
KR102149706B1 (ko) * 2019-03-22 2020-08-31 현대페이(주) 블록체인을 이용한 전자 서명 기반의 사용자 인증 처리 장치 및 그 동작 방법
WO2020214001A1 (fr) * 2019-04-19 2020-10-22 주식회사 코인플러그 Procédé d'utilisation de service à l'aide d'un id à usage unique fondé sur icp et terminal utilisateur utilisant ce dernier
KR102250430B1 (ko) * 2019-04-19 2021-05-11 주식회사 코인플러그 Pki 기반의 일회성 아이디를 사용하여 서비스를 사용하는 방법, 및 이를 사용한 사용자 단말
KR102140462B1 (ko) * 2019-06-13 2020-08-03 주식회사 키인사이드 블록체인 서비스의 사용자 인증 처리 방법 및 컴퓨터 프로그램
KR102348232B1 (ko) * 2019-07-03 2022-01-10 주식회사 코인플러그 탈중앙화 아이디 기반의 가상 자산 서비스 제공 방법 및 이를 이용한 가상 자산 서비스 제공 서버
WO2021002692A1 (fr) * 2019-07-03 2021-01-07 Coinplug, Inc. Procédé de fourniture de service d'actifs virtuels sur la base d'un identifiant décentralisé et serveur de fourniture de service d'actifs virtuels les utilisant
KR102062919B1 (ko) * 2019-07-30 2020-01-06 주식회사 바스랩 블록체인 기반 데이터 클라우드 서비스 제공방법
KR20210022378A (ko) 2019-08-20 2021-03-03 서강대학교산학협력단 블록체인을 기반으로 한 전자 출결 관리 시스템 및 전자 출결 관리 방법
KR20210041404A (ko) 2019-10-07 2021-04-15 삼성전자주식회사 전자 장치 및 그 전자 장치를 이용한 블록체인 주소 관리 방법
KR102232963B1 (ko) * 2019-10-28 2021-03-29 주식회사 메디블록 블록체인 네트워크에서 비대면 인증을 지원하는 방법, 시스템 및 비일시성의 컴퓨터 판독 가능 기록 매체
KR20210072321A (ko) 2019-12-09 2021-06-17 삼성전자주식회사 블록체인에 기반하는 암호화 통신 시스템 및 암호화 통신 방법
WO2021117931A1 (fr) * 2019-12-11 2021-06-17 주식회사 디지털존 Système d'émission de document électronique, authentification d'utilisateur et authentification intégrée à l'aide d'une technologie de chaîne de blocs, et son procédé de commande
KR102227578B1 (ko) 2019-12-31 2021-03-15 주식회사 코인플러그 블록체인 네트워크를 이용한 영지식 증명 기반의 인증서 서비스 방법, 이를 이용한 인증 지원 서버 및 사용자 단말
KR102319006B1 (ko) * 2020-02-27 2021-10-29 (주)브레인콜라 블록체인을 이용한 최초 저작권자 인증 시스템 및 그 방법
KR102412852B1 (ko) * 2020-06-26 2022-06-27 주식회사 코인플러그 탈중앙화 아이디 기반의 가상 자산 서비스 제공 방법 및 이를 이용한 가상 자산 서비스 제공 서버
WO2022045419A1 (fr) * 2020-08-31 2022-03-03 한국조폐공사 Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire
KR102490640B1 (ko) * 2021-03-15 2023-01-25 블록체인랩스 주식회사 블록체인 기술 기반의 개인대 개인간 사적 정보 인증 방법

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080022826A (ko) * 2006-09-08 2008-03-12 주식회사 신한은행 비대면 채널을 통한 보안정보 제공방법 및 시스템과 이를위한 프로그램 기록매체
KR20130126815A (ko) * 2012-04-26 2013-11-21 주식회사 엘지씨엔에스 타임 스탬프를 이용하여 멀티미디어 데이터의 위조를 방지하는 방법 및 장치
KR101575030B1 (ko) * 2014-07-11 2015-12-07 조선대학교산학협력단 클라우드 상의 공유 데이터에 대한 다중 서명생성방법
KR101637854B1 (ko) * 2015-10-16 2016-07-08 주식회사 코인플러그 블록체인을 기반으로 하는 공인인증서 발급시스템과 이를 이용한 블록체인을 기반으로 하는 공인인증서 발급방법 및 블록체인을 기반으로 하는 공인인증서 인증시스템과 이를 이용한 블록체인을 기반으로 하는 공인인증서 인증방법

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100753285B1 (ko) 2006-03-17 2007-08-29 주식회사 팬택앤큐리텔 이동통신시스템에서의 가입자 인증 방법
KR101131929B1 (ko) 2009-08-11 2012-04-03 숭실대학교산학협력단 공개키 기반 인증장치 및 방법
JP5662507B2 (ja) 2013-03-28 2015-01-28 株式会社 ディー・エヌ・エー 認証方法、認証システム、および、サービス提供サーバ
KR101754330B1 (ko) 2013-11-08 2017-07-06 팀블라인드 인크. 인증시스템 및 인증방법
KR101661933B1 (ko) 2015-12-16 2016-10-05 주식회사 코인플러그 블록체인을 기반으로 하는 공인인증서 인증시스템 및 이를 이용한 인증방법

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080022826A (ko) * 2006-09-08 2008-03-12 주식회사 신한은행 비대면 채널을 통한 보안정보 제공방법 및 시스템과 이를위한 프로그램 기록매체
KR20130126815A (ko) * 2012-04-26 2013-11-21 주식회사 엘지씨엔에스 타임 스탬프를 이용하여 멀티미디어 데이터의 위조를 방지하는 방법 및 장치
KR101575030B1 (ko) * 2014-07-11 2015-12-07 조선대학교산학협력단 클라우드 상의 공유 데이터에 대한 다중 서명생성방법
KR101637854B1 (ko) * 2015-10-16 2016-07-08 주식회사 코인플러그 블록체인을 기반으로 하는 공인인증서 발급시스템과 이를 이용한 블록체인을 기반으로 하는 공인인증서 발급방법 및 블록체인을 기반으로 하는 공인인증서 인증시스템과 이를 이용한 블록체인을 기반으로 하는 공인인증서 인증방법

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"KB Kookmin Bank, Applying Blockchain to Non-face-to-face Identification Information Storage", ZDNET KOREA, 29 April 2016 (2016-04-29), Retrieved from the Internet <URL:http://www.zdnet.co.kr/news/news_view.asp?article_id=20160429112333&type-det&re=> *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450849A (zh) * 2018-09-26 2019-03-08 汤建男 一种基于区块链的云服务器组网方法
CN109587154A (zh) * 2018-12-14 2019-04-05 金蝶软件(中国)有限公司 数字身份验证方法、装置、计算机设备和存储介质
CN109587154B (zh) * 2018-12-14 2021-10-15 金蝶软件(中国)有限公司 数字身份验证方法、装置、计算机设备和存储介质
CN109474439A (zh) * 2019-01-02 2019-03-15 广州市中智软件开发有限公司 一种基于区块链的电子证照可信签发、调用和使用方法
CN114124418A (zh) * 2020-08-27 2022-03-01 ***通信集团河南有限公司 一种基于区块链的数据处理方法、装置、***及电子设备
CN114124418B (zh) * 2020-08-27 2023-11-21 ***通信集团河南有限公司 一种基于区块链的数据处理方法、装置、***及电子设备

Also Published As

Publication number Publication date
KR20180079805A (ko) 2018-07-11
KR101877333B1 (ko) 2018-08-09

Similar Documents

Publication Publication Date Title
WO2018124857A1 (fr) Procédé et terminal d&#39;authentification sur la base d&#39;une base de données de chaînes de blocs d&#39;un utilisateur sans face-à-face au moyen d&#39;un id mobile, et serveur utilisant le procédé et le terminal
WO2018194378A1 (fr) Procédé d&#39;approbation de l&#39;utilisation d&#39;une carte à l&#39;aide d&#39;un identifiant de jeton basé sur une chaîne de blocs et serveur l&#39;utilisant
WO2018030707A1 (fr) Système et procédé d&#39;authentification, et équipement d&#39;utilisateur, serveur d&#39;authentification, et serveur de service pour exécuter ledit procédé
WO2018124856A1 (fr) Procédé et terminal d&#39;authentification d&#39;un utilisateur au moyen d&#39;un id mobile grâce à une base de données de chaînes de blocs, et serveur utilisant le procédé et le terminal
WO2021002692A1 (fr) Procédé de fourniture de service d&#39;actifs virtuels sur la base d&#39;un identifiant décentralisé et serveur de fourniture de service d&#39;actifs virtuels les utilisant
WO2018194379A1 (fr) Procédé d&#39;approbation de l&#39;utilisation d&#39;une carte à l&#39;aide d&#39;un identificateur de jeton sur la base d&#39;une chaîne de blocs et structure en arbre de merkle associée à celui-ci, et serveur l&#39;utilisant
WO2018155822A1 (fr) Procédé pour fournir un service d&#39;enregistrement de compte simplifié et service d&#39;authentification d&#39;utilisateur, et serveur d&#39;authentification l&#39;utilisant
WO2017111383A1 (fr) Dispositif d&#39;authentification sur la base de données biométriques, serveur de commande relié à celui-ci, et procédé de d&#39;ouverture de session sur la base de données biométriques
KR101877335B1 (ko) 블록체인 및 이와 연동되는 머클 트리 구조 기반의 모바일 아이디를 이용하여 사용자를 비대면 인증하는 방법, 단말 및 이를 이용한 서버
KR101829721B1 (ko) 블록체인을 통해 모바일 아이디를 이용하여 사용자를 인증하는 방법, 단말 및 이를 이용한 서버
US10282541B2 (en) Method and system for verifying an access request
WO2021010766A1 (fr) Dispositif et procédé d&#39;authentification électronique faisant appel à une chaîne de blocs
WO2017057899A1 (fr) Système d&#39;authentification intégré pour authentification grâce à des nombres aléatoires à usage unique
WO2019074326A1 (fr) Procédé et appareil de paiement hors ligne sécurisé
WO2021150032A1 (fr) Procédé permettant de fournir un service d&#39;authentification à l&#39;aide d&#39;une identité décentralisée, et serveur utilisant ledit procédé
WO2019177298A1 (fr) Procédé et appareil pour gérer une authentification d&#39;utilisateur dans un réseau de chaîne de blocs
WO2015069018A1 (fr) Système d&#39;ouverture de session sécurisée et procédé et appareil pour celui-ci
WO2020117020A1 (fr) Procédé pour générer une clé pki sur la base d&#39;informations biométriques et dispositif pour générer une clé au moyen de ce procédé
WO2021256669A1 (fr) Procédé et système de gestion de sécurité d&#39;accès
WO2018151480A1 (fr) Procédé et système de gestion d&#39;authentification
WO2018026109A1 (fr) Procédé, serveur et support d&#39;enregistrement lisible par ordinateur pour décider d&#39;une permission d&#39;accès à un portail au moyen d&#39;un réseau
WO2020032351A1 (fr) Procédé permettant d&#39;établir une identité numérique anonyme
WO2022045419A1 (fr) Procédé de service d&#39;authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d&#39;effectuer un service d&#39;authentification de permis de conduire
WO2018169150A1 (fr) Système et procédé d&#39;authentification d&#39;utilisateur à base d&#39;écran verrouillé
WO2020190099A1 (fr) Dispositif électronique de gestion d&#39;informations personnelles et procédé de fonctionnement de celui-ci

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18734063

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC , EPO FORM 1205A DATED 09.10.19.

122 Ep: pct application non-entry in european phase

Ref document number: 18734063

Country of ref document: EP

Kind code of ref document: A1