Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2014196708) AUTHENTICATION METHOD USING SECURITY TOKEN, AND SYSTEM AND APPARATUS FOR SAME
Latest bibliographic data on file with the International Bureau   

Pub. No.: WO/2014/196708 International Application No.: PCT/KR2013/012157
Publication Date: 11.12.2014 International Filing Date: 26.12.2013
IPC:
G06F 21/34 (2013.01) ,H04L 9/32 (2006.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30
Authentication, i.e. establishing the identity or authorisation of security principals
31
User authentication
34
involving the use of external additional devices, e.g. dongles or smart cards
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9
Arrangements for secret or secure communication
32
including means for verifying the identity or authority of a user of the system
Applicants:
에스케이플래닛 주식회사 SK PLANET CO., LTD. [KR/KR]; 경기도 성남시 분당구 판교로 264 (삼평동) (Sampyeong-dong), 264, Pangyo-ro, Bundang-gu, Seongnam-si Gyeonggi-do 463-400, KR
Inventors:
고경완 KO, Kyungwan; KR
엄봉수 UM, Bongsu; KR
Agent:
박종한 PARK, Chonghan; 서울시 구로구 디지털로 26길 5, 319 (구로동, 에이스하이엔드타워) Suite 319, Ace High-end Tower, 5, Digitalro-26-gil, Guro-dong, Guro-gu Seoul 152-740, KR
Priority Data:
10-2013-006449505.06.2013KR
10-2013-006536407.06.2013KR
Title (EN) AUTHENTICATION METHOD USING SECURITY TOKEN, AND SYSTEM AND APPARATUS FOR SAME
(FR) PROCÉDÉ D'AUTHENTIFICATION UTILISANT UN JETON DE SÉCURITÉ, ET SYSTÈME ET APPAREIL ASSOCIÉS
(KO) 보안토큰을 이용한 인증 방법, 이를 위한 시스템 및 장치
Abstract:
(EN) The present invention relates to an authentication method using a security token, and a system and an apparatus for the same. In particular, in the present invention, at the time of authentication using a security token, a disposable security token is used in verification, and at the time of re-login for use of a service on a web, authentication is performed through verification of a security token to which bidirectional encryption is applied, so that it is possible to improve security against hacking (cookie hijacking) from the outside. Further, since an authentication value constituting a security token can be changed by applying various calculation schemes, a stability of an authentication procedure is ensured. Furthermore, using a disposable security token instead of security or authentication information exposed in an authentication process of a cookie scheme, a token length, data loss, and data use amount can be reduced, and data transmission and movement speed can be improved.
(FR) L'invention concerne un procédé d'authentification utilisant un jeton de sécurité, ainsi qu'un système et un appareil associés. En particulier, selon l'invention, lors de l'authentification au moyen d'un jeton de sécurité, un jeton de sécurité jetable est utilisé pour la vérification, et lors de la reconnexion pour l'utilisation d'un service sur le Web, l'authentification est effectuée en vérifiant un jeton de sécurité auquel est appliqué un chiffrage bidirectionnel, ce qui permet d'améliorer la protection contre le piratage (détournement de cookies) provenant de l'extérieur. De plus, comme une valeur d'authentification constituant un jeton de sécurité peut être modifiée en appliquant différents systèmes de calcul, la stabilité d'une procédure d'authentification est garantie. De plus, en utilisant un jeton de sécurité jetable au lieu d'informations de sécurité ou d'authentification exposées dans un processus d'authentification d'un schéma de cookie, il est possible de réduire la durée d'un jeton, la perte de données et le volume d'utilisation de données, ainsi que d'améliorer la transmission de données et la vitesse de mouvement.
(KO) 본 발명은 보안토큰을 이용한 인증 방법, 이를 위한 시스템 및 장치에 관한 것으로서, 특히, 보안토큰을 이용한 인증 시 일회용 보안토큰을 이용하여 검증을 수행하고, 웹 상에서 서비스 이용을 위한 재 로그인 시 양방향 암호화가 적용된 보안토큰의 검증을 통해 인증을 수행함으로써, 외부의 해킹(cookie hijacking)으로부터 보안성을 높일 수 있다. 또한, 보안토큰을 구성하는 인증 값을 다양한 연산 방식을 적용하여 변경할 수 있기 때문에, 인증 절차 상의 안정성이 보장된다. 또한, 쿠키 방식의 인증 과정에서 노출되는 보안 또는 인증 정보를 일회용 보안토큰을 활용하여 토큰 길이, 데이터 손실 및 사용량을 줄일 수 있고, 데이터 전송 및 이동 속도를 향상시킬 수 있다.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JP, KE, KG, KN, KP, KZ, LA, LC, LK, LR, LS, LT, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: Korean (KO)
Filing Language: Korean (KO)