JP2020115386A - Authentication in ubiquitous environment - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a more enhanced service authentication function. SOLUTION: In a user authentication management system, biometric information encrypted based on a public key certificate is stored in advance in a device (smart card 120, communication terminal 150, etc.) possessed or possessed by the user. User authentication (primary user authentication) is performed within the biometric matching. Further, for user authentication (secondary user authentication) for transaction approval performed on the service providing server 130, a public key certificate matching with encrypted biometric information is used. As additional authentication elements for strengthening the security of primary and secondary user authentication, One Time Password, Keystroke, Dynamic Signature, location information, etc. are adopted. [Selection diagram] FIG. 1a

Description

The present invention relates to user authentication and IoT device authentication in a ubiquitous environment including online/offline authentication.

The contents described in this portion merely provide background information according to the embodiment of the present invention, and do not constitute the prior art.

Utilization of the Internet of Things (IoT) is being discussed throughout the industry. For example, in addition to various remote services provided by smart TVs, robot vacuum cleaners, car navigation systems, and cloud services, which are devices used by individuals, remote management of facilities that are difficult for humans to directly access, such as dams and nuclear power plants, etc. Utilization of IoT is also being attempted for control and traffic control systems. However, an IoT device and an IoT system equipped with a communication function and a function of securing and processing data by themselves may be a target of cyber attack because the relationship between the IoT device and the owner of the device is not clear.

In particular, IoT devices that currently make up the IoT network are often vulnerable to external attacks because their computing functions are often simple and their security is weak in many cases. Due to the characteristics of the IoT network, a side effect that a security vulnerability in a specific field and a cyber attack aiming at this may adversely affect other industrial fields may occur.

In the case of an IoT device equipped with only a simple communication function, it is not possible to install and operate the security software (SW) individually, so whether the IoT device has a built-in security hardware (HW) module, Alternatively, additional measures such as applying a security solution to the entire system are required. As an example where IoT security becomes a problem, malicious code is put into IoT devices and networks, important information can be leaked, or it can be forged or altered to damage the system, and attackers can freely manipulate it remotely. There is a situation in which they are killed. In particular, as a typical example, when a terminal infected with a malicious code connects to a network, it can cause serious damage. For example, a situation may occur in which an unmanned vehicle, an electric vehicle, or a smart vehicle is remotely controlled to cause an accident, a medical device in a hospital malfunctions, and a patient's life is jeopardized.

In the IoT network, the integrity of the IoT device should be guaranteed, it should be transparent whether or not a reliable IoT device connects to the network, and whether a legitimate user is using the terminal or the network. Must be able to confirm.

In a conventional information protection related system, an illegal user has acquired personal information, password (PW), biometric information, etc. of a valid user and used it for hacking. Another example of vulnerabilities is that the public key certificate issued by the certificate authority does not contain de facto personal authentication information. There was a vulnerability that could be used in. Furthermore, if you access a business system such as a company or a government agency remotely using a legitimate terminal while knowing the stolen authentication information such as ID/PW or biometric information about the user, the business will be performed without any problems. There was a problem that the system could be used freely. The problem is that if you have an electronic ID card made of the employee's IC chip that you picked up on the road, you can use it like a licensed user at a normal company entrance/exit gate by stealing photos etc. This is a typical example of the problem. In addition, ID, PW, biometric information, token, OTP, and PKI certificate are not integrated and used as Multi-Factor authentication, but each is used individually and hackers can change or forge in the middle. Examples of hacks to use have been reported in the media.

Embodiments of the present invention provide a method related to user authentication and IoT device authentication in a ubiquitous environment including online/offline authentication, an apparatus using the method, and an authentication system.

In at least one embodiment of the present invention, the biometric information encrypted based on the public key certificate is stored in advance in a device (for example, a smart card, a communication terminal, etc.) owned or owned by the user. , User authentication (primary user authentication) is performed through biometric matching in the device. Furthermore, a public key certificate that matches encrypted biometric information is used for user authentication (secondary user authentication) for transaction approval and the like performed at the service providing server. In addition, in at least one embodiment of the present invention, One Time Password (OTP), Keystroke, and dynamic signature are used as additional authentication factors (Authentication Factor) for strengthening the security of the primary/secondary user authentication. (Dynamic Signature), position information, etc. are adopted. Furthermore, in at least one embodiment of the present invention, when controlling access to an IoT device, an authentication mechanism composed of primary user authentication and secondary user authentication is applied.

In at least one embodiment of the present invention, in a user registration method performed by a portable device owned by a user in an authentication management system based on a public key certificate, an encryption algorithm specified in the public key certificate is used. There is provided a user registration method including a step of encrypting biometric information of a user or a combination of biometric information and storing the encrypted biometric information in a portable device. This method includes the steps of tokenizing encrypted biometric information or a combination of biometric information to generate a biometric code, and inserting a verification code including at least a biometric code into an extension field of a public key certificate to create a key pair ( Further including the step of generating a private key and a public key). The method further includes transferring the public key to the remote object to request registration of the user.

In at least one embodiment of the present invention, the area of the public key certificate represents an additional code obtained from the unique identification information given to the portable device in addition to the biometric code, and a position requesting user authentication. From the additional code obtained from the position information, the additional code obtained from the unique identification information given to the user, and the additional code obtained from the characteristic information indicating the behavioral characteristics of the user, from the device identification information given to the IoT device It may further include at least one of the obtained additional codes.

In at least one embodiment of the present invention, in a user authentication method performed by a portable device owned by a user in an authentication management system based on a public key certificate, the portable device has a verification code including a biometric code. The inserted personal key and the biometric code from which the biometric code is obtained are stored, and the user authentication method includes a step of acquiring the biometric information of the user or a combination of the biometric information and the user. Comparing the biometric information or the biometric information combination with at least one of the encrypted biometric information and the biometric code previously stored in the portable device. This method transfers authentication information including a verification code inserted in a private key to a remote object when a user's biometric information or a combination of biometric information matches at least one of encrypted biometric information and biometric code. And further requesting user authentication.

According to at least one embodiment of the present invention, in an authentication management system based on a public key certificate, an authentication management method performed by a remote object connected to a portable device owned by a user by a network is: , Receiving a public key corresponding to the private key into which the verification code including the biometric code is inserted from the portable device, and performing user registration based on the received public key. Here, the biometric code is obtained from biometric information of the user or a combination of biometric information. This authentication management method is a step of receiving authentication information including a verification code inserted in a personal key from a portable device, verifying the received authentication information using a public key, and authenticating a user based on the verification result. Further includes.

In at least one embodiment of the present invention, in an authentication management system based on a public key certificate, in an authentication management method performed by a public terminal that provides a service and a service providing server that manages the public terminal, the authentication management method is The service providing server receives the public key corresponding to the private key in which the verification code including the biometric code is inserted from the portable device, and performs user registration based on the received public key. Here, the biometric code is obtained from biometric information of the user or a combination of biometric information. In this authentication management method, the public terminal receives the authentication information including the verification code inserted in the private key from the portable device, requests the service providing server to perform verification using the public key of the received authentication information, and verifies the verification result. The method further includes the steps of authenticating the user based on the above, and the step of providing the service by the public terminal if the user is successfully authenticated.

According to at least one embodiment of the present invention described above, a more enhanced service authentication function is provided. Cryptography stored in a smart card (or communication terminal) using a public key certificate (that is, biometric certificate) in which biometric information is coded or tokenized and inserted into an extension area of the public key certificate. It is possible to prevent forgery and alteration of the converted biometric information and electronic signature.

Furthermore, according to at least one embodiment of the present invention, an accounting system, an electronic payment system, an electronic ID card issued by a government/public institution/financial institution, a passport, annuity, insurance, a transportation card, an electronic election, an electronic wallet. , Can be applied to coupons, etc. In this case, even if the other person knows simple personal information, card information, biometric information, or certified certificate information of the specific user, it is possible to prevent the unauthorized use of the other person.

Further, according to at least one embodiment of the present invention, there is an effect that it is possible to enhance the information protection against the remote connection to the business system.

1 is a schematic diagram of a user authentication management system in a ubiquitous environment according to at least one embodiment of the present invention.

1 is a schematic diagram of a user authentication management system in a ubiquitous environment according to at least one embodiment of the present invention.

FIG. 3 is a schematic diagram illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention. FIG. 3 is a schematic diagram illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention. FIG. 3 is a schematic diagram illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention.

FIG. 3 is a schematic diagram illustrating a hierarchical structure of a smart card according to at least one embodiment of the present invention.

1 is a schematic diagram showing a physical configuration of a smart card according to at least one embodiment of the present invention.

FIG. 3 is a functional block diagram of a smart card according to at least one embodiment of the present invention.

4 is a schematic diagram illustrating a user registration procedure according to at least one embodiment of the present invention. FIG.

4 is a schematic diagram illustrating a user registration procedure according to at least one embodiment of the present invention. FIG.

It is a schematic diagram showing a format of a public key certificate applied to a user authentication management system according to at least one embodiment of the present invention.

FIG. 6 is a schematic diagram showing an example of a format of a code stored in the EV area of the public key/secret key shown in FIG. 5B and an example of a format of authentication information transferred from the smart card.

6 is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention.

6 is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention.

1 is a schematic diagram of a user management system of an IoT device in a ubiquitous environment according to at least one embodiment of the present invention. 1 is a schematic diagram of a user management system of an IoT device in a ubiquitous environment according to at least one embodiment of the present invention.

5 is a schematic diagram illustrating a device user (Device User) registration procedure according to at least one embodiment of the present invention. FIG.

FIG. 6 is a schematic diagram illustrating a device user registration procedure according to at least one embodiment of the present invention.

4 is a schematic diagram illustrating a device user authentication procedure according to at least one embodiment of the present invention. FIG.

4 is a schematic diagram illustrating a device user authentication procedure according to at least one embodiment of the present invention. FIG.

It is a schematic diagram showing a concept of a ubiquitous authentication system in an online/offline environment.

5 is a schematic diagram illustrating a user authentication procedure in an offline environment according to at least one embodiment of the present invention. FIG.

3 is a table showing exemplary application areas applicable to at least one embodiment of the present invention.

It is a schematic diagram for explaining that various kinds of biometric information or a combination thereof can be divided into various uses and used.

Hereinafter, embodiments disclosed in the present specification will be described in detail with reference to the accompanying drawings. In assigning reference numerals to the constituent elements in each drawing, the same constituent elements are assigned the same numeral as much as possible even if they are shown in different drawings. In the description of the embodiments of the present invention, if it is determined that a detailed description of related known configurations or functions may dilute the gist of the present invention, detailed description thereof will be omitted.

Further, in describing the components of the invention, terms such as first, second, A, B, (a), (b) can be used. Such terms are used to distinguish the constituent elements from other constituent elements, and the terms do not limit the essence or order of the constituent elements. Throughout the specification, the phrase “comprising” or “comprising” a certain element with respect to a certain element does not exclude the other element, but includes the other element unless specifically stated to the contrary. It means that you can. In addition, terms such as “part” and “module” described in the specification mean a unit that processes at least one function or operation, and such a processing unit is hardware or software or hardware and software. Can be realized by a combination of. Further, the term "Internet of Things (IoT)" used in the description of the present invention is used for each standardization body such as M2M (Machine to Machine), MTC (Machine Type Communications), and SDC (Smart Device Device). Communication), MOC (Machine Oriented Communications), etc. should be understood as a comprehensive meaning.

FIG. 1a is a schematic diagram of a user authentication management system in a ubiquitous environment according to at least one embodiment of the present invention.

As shown in FIG. 1A, a user authentication management system includes a certificate authority (CA, 110), a smart card (120, a service providing server (130), an authentication server (140), a communication terminal (150), and A log storage server (160) is included.

The certification authority (CA, 110) issues a public key certification (Public Key Certificate) in which information on the certification authority (certificate version, expiration date, algorithm, issuance period, etc.) is recorded. During the user registration process, the public key certificate is converted into a public key certificate that matches the biometric information of the user. That is, the public key certificate is used to generate a public key/personal key in which a code matching the biometric information of the user is inserted. The public key certificate is a public certificate or a private certificate based on the Public Key Infrastructure (PKI). The public key certificate is generally issued by the user from the server of the certification authority (CA, 110), but when designing or producing the product, the secure area of the communication terminal or smart card (for example, It may be installed in advance in an IC chip, a Secure Element (SE), a Trusted Executed Environment (TEE), an OS, a CPU, a memory, a CloudSE, etc.).

The smart card (120) stores an internal biometric sensor, an IC chip or a memory, a private key, encrypted biometric information (Encrypted Biometric Data) for comparison with sensed biometric information, and other various information. doing. A biometric code generated by encoding (or tokenizing) the encrypted biometric information is inserted in the private key.

The smart card (120) encrypts the biometric information of the user based on the public key certificate and encodes (or tokenizes) the encrypted biometric information to generate a biometric code. The smart card (120) inserts the generated biometric code into the public key certificate to generate one key pair (ie, public key and private key). A biometric code or a personal key is used to verify the integrity of encrypted biometric information, non-repudiation, and the like, and is used as a biometric signature. it can. The biometric code generated in this way can be used like a token or can be used in combination with OTP (also called One Time Password or Dynamic Code). Here, the biometric information coded and inserted into the public key certificate may include fingerprint information, blood vessel information, voice information, iris information, handwriting information, facial information, heart beat, etc. of the registered subscriber. .. The smart card 120 transfers the public key to the service providing server 130 or the authentication server 140, and the service providing server or the authentication server uses the received public key for an authentication procedure later.

In at least one embodiment of the present invention, the smart card 120 merges biometric codes obtained by encoding a plurality of biometric information different from each other of a user and inserts the biometric codes into one certificate. For example, a combination of different types of biometric information such as fingerprint + iris, face + voice, heart beat + iris, fingerprint 1 (thumb) + fingerprint 2 (index finger), iris 1 (right side) + iris 2 (left side) Thus, a combination of the same type of biometric information can be used. When using a combination of a plurality of biometric information, the input order of each biometric information (for example, fingerprint 1→fingerprint 2→fingerprint 3 or fingerprint→iris) can be added as an authentication factor. In at least one embodiment of the present invention, the smart card may insert different biometric information or combination of biometric information of the user into different public key certificates. In at least one embodiment of the present invention, the physical signature of the user (Hand-written Signature or Dynamic Signature), Key Stroke, or the value of the code extracted from the biometric information input method is added to the certificate as an additional authentication element. can do. In this case, the user inputs a physical signature or Key Stroke for inputting a word or number having a predetermined meaning, which is an action characteristic (or action pattern element) such as time, speed, direction, pressure, position information, and the like. It can be considered as an element.

In at least one embodiment of the present invention, the smart card (120) may concatenate a biometric code with various additional codes as an additional purpose or authentication factor to generate one key pair. For example, the additional code obtained from the unique identification information given to the smart card (120), the additional code obtained from the position information indicating the position requesting authentication (or registration) of the user, the unique identification given to the user. Chaining at least one of the additional code obtained from the information, the additional code obtained from the characteristic information indicating the behavioral characteristics of the user, and the additional code obtained from the device identification information given to the IoT device to the biometric code. You can

Furthermore, the smart card (120) inserts the biometric code into the public key certificate to generate one key pair (public key/personal key), and thus, generates a plurality of biometric codes from different biometric information or a combination of biometric information. It is possible to generate and insert a plurality of biometric codes in the extended field of the public key certificate in a separated form. Each biometric code can be chained with one or more additional codes as described above. As a result, the private key and the public key include a plurality of biometric codes or a plurality of biometric codes concatenated with additional codes. In this case, the plurality of biometric codes can be used for different purposes. For example, one of a plurality of biometric codes is designated for authenticating a user with a private key. The remaining biometric code is used by a remote object (e.g., a service providing server, to request a user registration cancellation based on the already transferred public key, in order to notify the use of the private key by others. Alternatively, it may be designated in order to request initialization of an authentication management system managed by an authentication server, a centralized controller, or the like.

The communication terminal (150) is connected to the smart card (120) by wire or wirelessly, and responds to a tunneling start signal received from the smart card (120) between the smart card (120) and the service providing server (130). A virtual private network (VPN) is opened, and authentication information based on the registered certificate is received from the smart card (120) and transmitted to the service providing server (130). The communication terminal (150) obtains biometric information of a user, a dynamic signature, identification information of an IoT device, etc. required in a user registration procedure or a user authentication procedure for generating a private key/public key of the smart card (120). Can be used as a means for The communication terminal 150 may include or be connected to one or more biometric sensors, touch screens, cameras, MICs, and the like. The communication terminal (150) is not only a communication terminal owned by an individual (for example, a mobile phone, a tablet PC, a desktop computer, a Set-up Box, etc.) but also a service terminal (ATM, Kiosk, POS) used in public. Etc.), and should be understood to include all devices capable of communicating with a remote object on a communication network.

The authentication server verifies the authentication information transferred from the smart card (or communication terminal) using the public key obtained in the user registration procedure. For example, the authentication server receives the public key generated by the smart card (or communication terminal) using the public key certificate during the user registration procedure, and then the smart key is requested by the service providing server during the user authentication process. The authentication information transferred from the card (or communication terminal) is verified based on the public key.

The service providing server (130) provides various services such as bank/credit card (Bank/Credit Card) service, Payment service, e-Government service, Cloud service, IoT device interlocking service, and Emergy service to authenticated users. Means the service provider's server. The service providing server 130 authenticates the user based on the authentication information received from the smart card via the smart card (or communication terminal). For example, the service providing server may request the authentication server to verify the authentication information and authenticate the user according to the verification result. In at least one embodiment of the present invention, the service providing server and the authentication server can be realized by functional components in one server.

The log storage server 160 stores log data indicating a connection history of the smart card 120 via the communication terminal 150 to the service providing server and an authentication result. The log storage server 160 may record and store an access attempt and a result when the service providing server 130 connects to a certification authority server, a card company server, etc. to reconfirm information for a user. it can. Further, the log data storage server (160) also serves as a VPN firewall that monitors the VPN (170) opened between the smart card (120) and the service providing server (130) and blocks access by an unauthorized user. Can also Furthermore, the log storage server can confirm whether or not the user is an authorized user of the electronic wallet, and can issue or print an electronic receipt including the biometric code.

The data stored in the log storage server (160) can be used for digital forensics. For example, the log data can be used later as confirmation/evidence material for user actions. For example, the authentication information transferred from the smart card to the service providing server (130) may include the physical signature information of the user. By storing such physical signature information together with the log data, It can be printed out on an electronic receipt or invoice, or displayed in electronic form.

FIG. 1b is a schematic diagram illustrating a system for identity management in a ubiquitous environment according to at least one embodiment of the present invention.

As shown in FIG. 1a, the smart card (120) is configured independently of the communication terminal (150), but as shown in FIG. 1b, in at least one embodiment of the present invention, the smart card ( The function of 120) can be integrated in the communication terminal 150. That is, the certificate that matches the biometric information of the user can be stored/managed in the Secure Element (SE: Secure Memory and Execution Environment), the CPU, the OS, etc. in the communication terminal 150. The Secure Element in the communication terminal 150 can be realized in an IC chip such as SIM, USIM, microSD card, NFC card, or the like.

The communication terminal 150 may perform a user authentication procedure using an authentication certificate that matches biometric information of a user without being linked with a smart card. Further, the communication terminal may include various kinds of biometric sensors for sensing biometric information, and may be provided with appropriate input/sensing means for obtaining device information from the IoT device, or such means. Can be linked to an external device. The communication terminal (150) has features corresponding to various features given to the functions and operations of the smart card described throughout the present invention, unless otherwise specified.

The communication terminal of FIG. 1b includes a communication terminal owned by an individual (for example, a mobile phone, a wearable device (wearable device: wristwatch, glasses, rings, etc.), a tablet PC, a desktop computer, a Set-up Box, and the like. , Should be understood to mean all devices capable of communicating with a remote object on a communication network.

2a to 2c are schematic diagrams illustrating a communication method between a communication terminal and a smart card according to at least one embodiment of the present invention. 2a to 2c assume that the communication terminal of FIG. 1 is implemented as a mobile terminal such as a smartphone.

According to at least one embodiment of the present invention, as shown in FIG. 2a, a smart card may communicate with a communication terminal via a small pocket-sized dongle. The dongle can exchange information with a smart card in a contact or contactless manner. The dongle is connected to, for example, an audio terminal (Audio Jack) or a micro USB terminal of a smartphone. According to this structure, the user connects the smart card to the communication terminal by connecting the dongle to the smartphone and tagging the smart card with the dongle or swiping the smart card. be able to. The dongle preferably provides hardware based encryption for security.

In at least one embodiment of the present invention, as shown in FIG. 2b, the smart card can be directly connected to the communication terminal by a wireless communication method (eg, NFC, RFID, etc.).

In at least one embodiment of the present invention, as shown in FIG. 2c, the smart card may be implemented as a USB dongle type that can be directly connected to a communication terminal.

FIG. 3a is a schematic diagram showing a hierarchical structure of a smart card according to at least one embodiment of the present invention.

The physical hierarchy of the smart card includes CPU, Memory, and I/O Port. The memory may be a Read Only Memory (ROM), a Random-access Memory (RAM), an Electrically Erasable Programmable RAM (EEPROM), an erasable programmable RAM (EEPROM), an Erasable Programmable EPROM (Erasable Programmable EPROM) such as an electrically erasable programmable ROM (EEPROM), an erasable programmable ROM (EROM), an erasable programmable ROM (EROM), an erasable programmable ROM (EEPROM), and an erasable programmable EEPROM (EP). One of them or a combination thereof can be realized. Optionally, the smart card can further include a display and/or one or more biometric sensors. Optionally, the smart card may further include a Physical Unclonable Function (PUF) circuit.

The application hierarchy of the smart card relates to the functional components of the OS or the applet of the smart card, and includes, for example, a biometric data acquisition module, a biometric data management module, and a biometric authentication module (biometric data module). Biometric Authentication Module, Device Data Acquisition Module, VPN Management Module, OTP Generation Module, OTP Generation Module, Key Management Module, OTP Generation Module, Key Management Module, and OTP Generation Module. Module). A description of each functional component is provided below with reference to Figure 3c.

FIG. 3b is a schematic diagram showing a physical configuration of a smart card according to at least one embodiment of the present invention.

As shown in FIG. 3b, in at least one embodiment of the present invention, a smart card (300) includes an IC chip (301) including a CPU, a memory, an OS, a PUF circuit, etc., and one or more biosensors (303). ), a display (Display, 304).

The smart card (300) of FIG. 3b is configured to sense at least a part of one or more biometric information required for user registration and user authentication procedures from a user using a built-in biometric sensor (303). To be done. The biometric sensor (303) is a fingerprint recognition sensor, an iris recognition sensor, a voice recognition sensor, a blood vessel recognition sensor, a handwriting recognition sensor, a face (Facial) sensor, a heart beat (Heart Beat) sensor, a dynamic signature (Dynamic Signature) sensor. It can be realized by. In particular, the dynamic signature sensor can be coupled to a display (304) that includes a touch screen.

The smart card (300) can display on the display (304) the One Time Password (OTP) generated by the OTP generation module built in the OS, CPU, memory, etc. of the IC chip (301). Further, the smart card (300) can display the following information on the display (304).
-Biometric matching result-Absence of personal key corresponding to input biometric information or combination of biometric information-List of multiple personal keys corresponding to input biometric information or combination of biometric information-Input biometric information or biometric Use of private key corresponding to combination of information-registered dynamic signature

FIG. 3c is a functional block diagram of a smart card according to at least one embodiment of the present invention.

Each component of the smart card shown in FIG. 3c is a functional component that is logically divided or a functional component that is combined with a physical component. That is, since the respective configurations correspond to the functional components for realizing the technical idea of the present invention, even if the respective components perform functions by being integrated or separated, the functional configuration of the present invention is If it is performed, functions, and can be realized, it should be construed as within the scope of the present invention, and components that perform the same or similar functions are not related to the matching or non-matching in their names. Should be construed as within the range.

As shown in FIG. 3c, the functional elements of the smart card are the biometric information acquisition module (311), the biometric information management module (312), the key management module (313), the biometric authentication module (314), and the VPN management module (315). ), an authentication processing module (316), a device information acquisition module (318), and an OTP generation module (317).

The biometric information acquisition module (311) acquires biometric information of a user through a user registration procedure and a user authentication procedure. In at least one embodiment of the present invention, the biometric information acquisition module 311 can acquire biometric information of the user from a biometric sensor included in the smart card 310. According to at least one embodiment of the present invention, the biometric information acquisition module 311 includes biometric information sensed from a communication terminal including a biometric sensor or other external device (eg, ATM, Kiosk, POS, CARD Reader, etc.). Can be earned.

The biometric information management module (312) encrypts the biometric information acquired by the biometric information acquisition module (311) in the user registration procedure based on the public key certificate, and encrypts the encrypted biometric information with a smart card (for example, a smart card). It is stored and managed in the memory built in the IC chip, the biometric sensor built in the smart card, etc.). In at least one embodiment of the present invention, the biometric information management module (312) encrypts and stores a plurality of biometric information for a subscriber. For example, fingerprint information for a subscriber's finger can be stored on a smart card and iris information for the subscriber's eye can be stored. Furthermore, it is possible to store various combinations of biometric information such as the fingerprint + iris of the subscriber and the iris + face.

The key management module (313) encodes (or tokenizes) the biometric information encrypted based on the public key certificate to generate a biometric code, and uses the generated biometric code as the public key certificate (110). One key pair (personal key, public key) with the biometric code inserted is generated. The key management module (313) installs or stores the generated personal key in a memory, a CPU, an OS, an application, etc. built in an IC chip of a smart card, and stores the generated public key in an authentication server (or a service providing server). ) To. In at least one embodiment of the present invention, the key management module 313 may concatenate a biometric code with various additional codes as an additional purpose or an authentication factor to generate one key pair. it can. In the following, in order to avoid ambiguity, the public key certificate used for generating the key pair, that is, the public key certificate in which the biometric code is not inserted is referred to as a “blank certificate”.

In at least one embodiment of the present invention, the blank certificate may be pre-installed or stored on the smart card. That is, at the smart card production/issuance stage, the government, producer, financial operator, service provider, etc. install or store one or more blank certificates in advance on the smart card's IC chip, OS, CPU, Memory, etc. Can be kept. In this case, it is desirable to place a restriction so that only the authority issuing the smart card (120) can store the certificate in the smart card. In at least one embodiment of the present invention, the smart card can receive a blank certificate from the server of the certification authority (CA) via the communication terminal. In at least one embodiment of the present invention, the certificate management module 313 may copy an empty certificate stored in a computer or a communication terminal. The empty certificate may have its expiration date and purpose of use restricted depending on, for example, the type and purpose of the service, the service providing period, and the reliability of the user. The expiration date of the blank certificate may be the same as the expiration date of the smart card. Further, the plurality of blank certificates may have different expiration dates, and may have different purposes of use.

The biometric authentication module (314) compares the biometric information acquired by the biometric information acquisition module (311) with the encrypted biometric information stored in the smart card. Further, the biometric authentication module (314) compares the biometric information acquired by the biometric information acquisition module (311) with the biometric code inserted in the public key certificate stored in the smart card. That is, the biometric authentication module (314) determines whether or not the biometric information matches the already stored encrypted biometric information and biometric code. In at least one embodiment of the present invention, the biometric module (314) is configured to compare only one of the already stored encrypted biometric information or biometric code with the obtained biometric information. May be.

The VPN management module (315) is in charge of establishing and managing a VPN with a remote object (Remote Entity) such as a service providing server, and provides End to End encryption and a secure transfer section. For example, when it is determined that the acquired biometric information matches the already stored encrypted biometric information and biometric code, the VPN management module (315) starts tunneling for opening a VPN with the service providing server. Transfer the signal to the communication terminal. The tunneling start signal may include a destination URL for opening the VPN. Here, the communication terminals are not only communication terminals owned by individuals (for example, mobile phones, tablet PCs, desktop computers, Set-up Boxes, etc.) but also service terminals used in public (ATM, Kiosk, POS). Etc.), and should be understood to include all devices capable of communicating with a remote object on a communication network.

When the biometric information management module (312) manages a plurality of biometric information, the VPN management module (315) has already stored live biometric information input via the biometric information input module (311). It is possible to transfer a tunneling start signal by designating different destination URLs for VPN opening depending on which of a plurality of pieces of biometric information is matched. The destination URL provides various services such as bank/credit card (Bank/Credit Card) service, Payment service, e-Government service, Cloud service, IoT device interlocking service, and Energy service to authenticated users. Means the server of the person. Such a URL can be specified at the manufacturing stage of the smart card, the issuance of the certificate, or the generation stage of the private key/public key. For example, the URL may be inserted in a public key certificate previously stored on the smart card, or may be stored in the same storage area as the public key certificate. The storage area is preferably an area in which data in the IC chip cannot be changed. According to at least one embodiment of the present invention, when a new public key certificate is additionally issued by a smart card, the issued public key certificate and the associated URL are received together or the associated URL is received. The inserted public key certificate is issued. It is desirable to store such a public key certificate in an area in the IC chip where data can be changed. Further, it is desirable that the URL is inserted in the private key/public key in a form of being combined with the biometric code.

Further, of the plurality of pieces of biometric information, a specific combination of specific pieces of biometric information or a combination of a plurality of pieces of biometric information (the order may be given) can be designated as an application for notifying an emergency situation of the user. For example, a tunneling start signal corresponding to specific biometric information may be configured to open a VPN at a preset URL (eg, Metropolitan Police Department server, security management server) to inform the user of an emergency situation. With such a configuration, when the user has to perform the user authentication procedure using the smart card (120) forcibly due to the intimidation of another person, the specific information set in advance out of the plurality of registered biometric information is used. By using the biometric information, the emergency signal of the user can be transferred to the Metropolitan Police Department server without being noticed by the threatening others. Such emergency signals can later be used as evidence for insured treatments or lawsuits for mandatory use.

When the communication tunnel is opened in the service providing server, the authentication processing module (316) transfers the authentication information based on the private key managed by the key management module (313) to the service providing server, and the smart card (120) stores the authentication information. Perform the process to authenticate that the user is a legitimate user. The authentication information will be described later with reference to FIG.

The smart card may further include an OTP generation module (317). The OTP generation module (317) generates a one-time password (One Time Password: OTP) according to a method preset by the issuing authority of the smart card (120). In at least one embodiment of the present invention, the OTP generated by the OTP generation module (317) is displayed on the smart card display so that the user of the smart card (120) can recognize the OTP generation module (317). The OTP input by the user is transmitted to the authentication processing module (316). In at least one embodiment of the present invention, the one-time password generated by the OTP generation module (317) may be immediately transmitted to the authentication processing module (316) without being displayed on the display. The OTP transmitted to the authentication processing module (316) is transferred to the target terminal together with the authentication information based on the certificate. This makes it possible to verify (authenticate) that the smart card (120) has been issued by a valid issuing agency. Conventional techniques in the art have used smart cards and separate OTP devices.

The smart card (120) may further include a device information acquisition module (318). The device information acquisition module (318) acquires the identification information of the IoT device. The identification information of the IoT device means identification information unique to the apparatus given to each IoT device at the time of production, distribution, or purchase, and more specific contents will be described later with reference to FIG. The device information acquisition module 318 may include a sensor embedded in the smart card 120, a communication terminal 150 including one or more sensors, or other external device (eg, ATM, Kiosk, POS, CARD Reader). Etc.) to identify the IoT device.

FIG. 4a is a schematic diagram illustrating a user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 4a is suitable for the user authentication system having the configuration shown in FIG. 1a. Although FIG. 4a assumes that the smart card has a public key certificate previously stored (eg, at the time of smart card fabrication or issuance), the new public key certificate is issued from the certificate authority (CA) server. You can also receive.

First, the communication terminal acquires the biometric information of the user and transmits the acquired biometric information of the user to the smart card (S401 to S402). Here, the biometric sensor built in the communication terminal can be used to acquire the biometric information, or an external biometric sensor connected to the communication terminal can be used. Unlike the example shown in FIG. 4a, in at least one embodiment of the present invention, the smart card can directly acquire the biometric information of the user by using the built-in biosensor.

The smart card that has acquired the biometric information of the user encrypts the biometric information of the user based on a pre-stored or pre-existing public key certificate that has been stored in advance (S403). That is, the smart card encrypts the biometric information with the encryption algorithm specified in the public key certificate.

The smart card also encodes or tokenizes the encrypted biometric information to generate a code value (S404). The coding or tokenization algorithm may be built into the smart card application or may be specified in the public key certificate. For example, in at least one embodiment of the present invention, a message reduction algorithm (Message-Digest Algorithm) defined in a public key certificate can be used for encoding or tokenizing. The code value is information obtained by encoding the biometric information of the user based on the public key certificate, and thus can also be referred to as a “biometric code” or a “biometric digital signature”.

Next, the smart card inserts the biometric code into the EV area (Extended Validation Domain) of the public key certificate to generate one key pair (public key, private key). That is, the biometric code is inserted in the generated private key and public key. The personal key is stored in the smart card together with the encrypted biometric information for use in the user authentication procedure later (S405). Although not shown in FIG. 4a, various additional codes generated in the same or similar manner as the biometric code can be linked to the biometric code as additional authentication factors. For example, in the area of the public key certificate, in addition to the biometric code, an additional code obtained from the unique identification information given to the portable device and an additional code obtained from the position information indicating the position requesting user authentication. Of the code, the additional code obtained from the unique identification information given to the user, and the additional code obtained from the characteristic information indicating the behavioral characteristics of the user, the additional code obtained from the device identification information given to the IoT device. At least one can be further inserted. The additional code will be described later with reference to FIG.

Also, the smart card requests the user registration by transferring the public key to the authentication server (or service providing server) via the communication terminal (S406). A virtual private network (VPN) can be used to transfer the public key. The authentication server registers the user and manages the public key in another secure DB (S407 to S408).

FIG. 4b is a schematic diagram illustrating a user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 4b is suitable for the user authentication system having the configuration shown in FIG. 1b. Therefore, the communication terminal of FIG. 4B includes a communication terminal (for example, a mobile phone, a tablet PC, a desktop computer, a Set-up Box, etc.) owned by an individual, and further communicates with a remote object on the communication network. It should be understood as a comprehensive meaning of all possible devices.

First, the communication terminal requests a server of a certification authority (CA) to issue a public key certificate for user registration (S451). The server of the certification authority (CA) that has received the public key certificate issuance request issues the public key certificate to the communication terminal (S452). Unlike the example shown in FIG. 4a, in at least one embodiment of the present invention, the communication terminal is pre-stored with a public key certificate (eg, during production or sale of the communication terminal).

Next, the communication terminal acquires biometric information of the user (S453). Here, the biometric sensor built in the communication terminal can be used to acquire the biometric information, or the biometric sensor of an external device connected to the communication terminal can be used.

Next, the communication terminal encrypts the biometric information of the user with the issued public key certificate (S454). That is, the communication terminal encrypts the biometric information with the encryption algorithm specified in the public key certificate. The encrypted biometric information is stored in the communication terminal for later use in the user authentication procedure.

The communication terminal encodes or tokenizes the encrypted biometric information to generate a code value (ie, biometric code) (S455). The coding or tokenization algorithm is built into the application of the communication terminal or specified in the public key certificate. In at least one embodiment of the present invention, the message reduction algorithm (Message-Digest Algorithm) defined in the public key certificate is used for encoding or tokenizing.

Next, the communication terminal inserts the generated biometric code into the EV area (Extended Validation Domain) of the public key certificate to generate one key pair (public key, private key) (S456). That is, the biometric code is inserted in the generated private key and public key. The private key is stored in the communication terminal for use in the user authentication procedure later. Although not shown in FIG. 4a, other additional codes can be generated in the same or similar manner as the biometric code and added to the public key certificate as additional authentication.

Also, the communication terminal transfers the public key to the authentication server (or service providing server) and requests user registration (S457). A virtual private network (VPN) can be used to transfer the public key. The authentication server registers the user and manages the public key in a separate secure DB (S458-S459).

5A and 5B are schematic diagrams showing a format of a public key certificate that is applied to the ubiquitous management system according to at least one embodiment of the present invention.

A public key certificate (for example, a public key infrastructure (PKI) ITU-T standard X.509 certificate) is a kind of electronic guarantee that allows a partner to trust when doing business or transactions on the Internet web. Means The public key certificate can be issued by a certification body designated by a specific government or financial institution, a private certification body, a product producer, or a device service provider.

FIG. 5A shows an example of the format of the public key certificate that has not undergone the user registration procedure. The public key certificate contains the version, serial number, signature algorithm, issuer, expiration date, public key, and electronic signature of the issuer. It should be noted that the EV domain (Extended Validate Domain) of the public key certificate that has not undergone the user registration procedure is empty.

FIG. 5B shows an example of the format of the public key certificate (public key/private key) generated from the public key certificate through the user registration procedure. Different from the example shown in FIG. 5A, the biometric information of the user is encoded in the EV area (Extended Validity Domain) of the public key certificate that has undergone the user registration procedure or the public key/personal key generated from this certificate. The generated biometric code is inserted. The biometric code stored in the EV area can be concatenated with various additional codes as an additional authentication factor. The specific additional code will be described later with reference to FIG.

In at least one embodiment of the invention, different issuers, different formats of public key certificates can be used. Therefore, the format of the public key certificate in which the biometric code is inserted is not limited to that shown in FIGS. 5A and 5B, and the extension area of the public key certificate in which the biometric code is inserted is It is not limited to the EV area.

FIG. 6 is a schematic diagram showing an example of the format of the code stored in the EV area of the public key/secret key shown in FIG. 5B and the example of the format of the authentication information transferred from the smart card.

As described above, the body of the biometric code generated by simply encoding the biometric information of the user can be stored in the EV area of the public key/secret key (see (a) of FIG. 6). It is also possible to store a code formed by chaining one or more additional codes of various types. For example, in at least one embodiment of the present invention, an additional code (ie, Device Code) coded (or tokenized) from the identification information of the IoT device owned by the user can be linked to the biometric code (see FIG. 6 (b) and (c)). Here, the identification information of the IoT device means unique identification information given to each IoT device at the time of production, distribution, or purchase. The identification information of the IoT device includes a device number, delivery information, a serial number, an Electronic Product Code (EPC), a Universal Product Code (UPC), a Physically Unclonable Function (PUF), a Global Protective Nation (PUF), and a Global Defective (SIP). The identification information of the IoT device can be collected from a Bar Code, a QR Code attached to the IoT device in the form of a printed matter, or an electronic element incorporated in the IoT device. Usage of the Device Code will be described later with reference to FIG.

In at least one embodiment of the present invention, an additional code encoded (or tokenized) from the identification information of the smart card or the communication terminal in which the public key certificate is stored can be linked to the biometric code (FIG. 6). (D)). Here, the identification information of the smart card or the communication terminal in which the public key certificate is stored includes, for example, a Cryptographic Hash Functions Value, a Physically Unclonable Function (PUF), and a Payment Card Number.

In at least one embodiment of the present invention, unique identification information (for example, Social Security Number, Unique Identification Information, and Personal Access Number) given to a user for public purposes by a government, a bank, or the like, and information relating to the behavioral characteristics of the user. Additional codes encoded (or tokenized) from (eg, Key Stroke, Dynamic Signature) can be linked to the biometric code. (See (e) and (f) in FIG. 6). The information related to the behavioral characteristics of the user can be acquired through a smart card or a touch screen provided in the communication terminal.

In at least one embodiment of the present invention, the position information of the communication terminal (or smart card) is encoded (or tokenized) from Global Positioning System (GPS), Group on Earth Observation (GEO) Location, for example. The additional code can be linked to the biometric code. The additional code is stolen by considering whether it is a transaction act (eg, financial transaction, trust service act, financial settlement, payment service, charge addition) at a position deviating from the normal transaction position as a cumulative authentication factor. It can be applied to detect and prevent fraudulent transactions due to loss, etc., or prove.

Furthermore, a plurality of additional codes can be linked to the biometric code (see (g) to (i) in FIG. 6). FIG. 6(j) shows a code in which a plurality of additional codes are chained to the biometric code. The lengths of the biometric code and the additional code in the chained code may be the same or different from each other.

For the algorithm for generating such an additional code, substantially the same method as the algorithm for generating the biometric code can be applied. Further, the data encrypted in the process of generating the additional code (for example, the encrypted dynamic signature) can be stored in the smart card or the communication terminal together with the personal key. The stored encrypted data can be used as an additional authentication means for primary user authentication (based on biometric matching) performed in a smart card or a communication terminal.

FIG. 6J shows an example of a code included in the authentication information transferred to the service providing server in the user authentication procedure. That is, the authentication information includes a code inserted (chained) in the private key. A detailed description thereof will be given later with reference to FIG. 7a.

In particular, the code inserted in the private key/public key and the authentication information transferred from the smart card can have various formats depending on the application and/or the level of security, and some of the sequences shown in FIG. The combination is not limited. Furthermore, elements other than the authentication element shown in FIG. 6 can be additionally used.

FIG. 7a is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 7a is suitable for the user authentication system having the configuration shown in FIG. 1a.

First, the communication terminal acquires the biometric information of the user and transmits the acquired biometric information of the user to the smart card (S701 to S702). Here, the biometric sensor built in the communication terminal can be used to acquire the biometric information, or an external biometric sensor connected to the communication terminal can be used. Unlike the example shown in FIG. 7a, in at least one embodiment of the present invention, the smart card can directly acquire the biometric information of the user by using the built-in biosensor.

Next, the smart card compares the obtained biometric information with the encrypted biometric information stored in the smart card and/or the biometric code inserted in the private key stored in the smart card (S703). That is, the smart card determines whether the acquired biometric information matches the already stored encrypted biometric information and/or biometric code.

Next, when the obtained biometric information matches the already stored encrypted biometric information and biometric code, the smart card transfers the authentication information based on the private key to the service providing server via the communication terminal. Yes (S704). A virtual private network (VPN) can be used to transfer the authentication information. For example, the smart card transfers a tunneling start signal for establishing a VPN with the service providing server to the communication terminal, and the communication terminal responds to the tunneling start signal and the service providing server establishes the VPN with the smart card. Open. The smart card transfers the authentication information to the service providing server via the opened VPN. The destination URL information of the VPN may be included in the tunneling start signal.

The service providing server requests the authentication server to verify the received authentication information (S705). The authentication server verifies the authentication information using the public key already registered. The service providing server completes user authentication based on the verification result of the authentication server (S706 to S708).

On the other hand, the authentication information transferred to the service providing server is generated based on the code (see (a) to (i) in FIG. 6) inserted in the private key stored in the smart card. For example, the authentication information may include the biometric code inserted in the EV area of the public key certificate or the chained code itself (Contain). In at least one embodiment of the present invention, the authentication information includes not only the code inserted in the EV area of the certificate but also the OTP generated by the OTP generator based on the software embedded in the smart card ( Content) (see (j) of FIG. 6). Although each authentication factor (Biometric Code, OTP, PUF, etc.) can be transferred in an independent form, it can be transferred as one authentication data in which authentication factors are chained (Concatenated).

In at least one embodiment of the present invention, the authentication information transmitted to the service providing server may further include unique information for certifying the authentication action of the user. The unique information is preferably implemented in the form of a bar code capable of authenticating the user, an electronic signature of the user (e-Signing), or the like. Further, such a barcode, a user's electronic signature, etc. may be in a form that can be output as a printed matter. The authentication using a smart card can increase the reliability of mutual contracts by allowing receipts and slips to be printed in the form of barcodes or signatures. In at least one embodiment of the present invention, the authentication information transmitted to the service providing server may further include time information regarding a transfer time of the authentication information. In at least one embodiment of the present invention, the authentication information transmitted to the service providing server may include time information regarding a user registration time (eg, private key/public key generation time or authentication server user registration completion time). , Time Stamp).

According to such a user authentication procedure, the following user experience (User Experience) can be provided as compared with the related art. For example, assume a smart card is used to connect to Internet banking. The conventional process of inputting a user ID (Identifier) required to connect to a service providing server that provides an internet banking service can be replaced by a process of opening a communication tunnel based on a user's biometric information. .. Further, the conventional process of inputting the password of the user can be replaced with the process of transferring the authentication information including the code inserted in the private key through the opened communication tunnel. Further, the conventional process of inputting the password of the public key certificate can be replaced with the process of comparing the biometric information of the user with the matching information included in the public key certificate. That is, according to at least one embodiment of the present invention, the process of inputting the certificate and password required by the conventional service providing server can be omitted. As described above, by performing the tunneling and the authentication process using the smart card, single sign-on (Single Sign On) using biometric information can be realized.

Further, according to the conventional Multi-Factor Authentication, all authentication factors such as ID, password, certificate password, and OTP are managed as object authentication factors. On the other hand, according to at least one embodiment of the present invention, the encrypted biometric information of the user, the biometric code, and the additional code are used as authentication information in a linked form. Therefore, it is possible to realize One-Stop, Tap & Pay ubiquitous authentication, and Multi-Factor Authentication with more enhanced security.

FIG. 7b is a flowchart illustrating a user authentication procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 7b is suitable for the user authentication system having the configuration shown in FIG. 1b.

First, the communication terminal acquires biometric information of the user (S751). Here, the biometric information can be acquired by using a biometric sensor built in the communication terminal or a biometric sensor of an external device connected to the communication terminal.

Next, the communication terminal compares the obtained biometric information with the encrypted biometric information stored in the communication terminal and/or the biometric code inserted in the private key stored in the communication terminal ( S752). That is, the communication terminal determines whether the acquired biometric information matches the already stored encrypted biometric information and/or biometric code.

Next, when determining that the acquired biometric information matches the already stored encrypted biometric information and biometric code, the communication terminal transfers authentication information based on the private key to the service providing server (S753). .. A virtual private network (VPN) can be used to transfer the authentication information. For example, the communication terminal opens a VPN between the service providing server and the smart card, and the smart card transfers the authentication information to the service providing server via the opened VPN.

The service providing server requests the authentication server to verify the received authentication information (S754). The authentication server verifies the authentication information using the public key already registered. The service providing server completes the user authentication based on the verification result of the authentication server (S755-757).

In the above description, the user authentication method using the private key/public key with the biometric code inserted has been described. In at least one embodiment of the present invention described below, the biometric code of the user and the identification information of the IoT device are associated with each other and used for management and control of the IoT device. Hereinafter, at least one embodiment of the present invention regarding an IoT device will be described with reference to FIGS. 8, 9, 10a, and 10b.

8a and 8b are schematic diagrams of a user management system of an IoT device in a ubiquitous environment according to at least one embodiment of the present invention.

As shown in FIG. 8a, a plurality of IoT devices (850) having wired and wireless communication functions form an IoT network (800). As described above, the smart card (810) generates the private key/public key from the public key certificate, and in addition to the biometric code, the additional information generated by encoding the identification information of the IoT device owned by the user. A code (ie, Device Code) can be inserted. According to this, the ownership relationship between the user and the IoT device can be proved by associating the biometric code of the user with the identification information of the IoT device.

According to at least one embodiment of the present invention, the smart card (810) generates a private key and a public key having a biometric code and a Device Code inserted therein, and the private key is stored therein, and the public key is Communicate to the associated IoT device (850). The smart card (810) transfers the authentication information based on the private key to the IoT device (850), and the IoT device (850) verifies the authentication information using the public key to verify the user (owner). It can be carried out.

On the other hand, in a network covering a predetermined area such as a company, a building, a business office, a home, and a car, an IoT device that manages (registers, monitors, controls, etc.) various IoT devices connected to the network (for example, in a home network Set-up Box, Access Point, etc.), ie, a centralized controller (Centralized Controller, 830). The central controller (830) may additionally perform a role of a user interface, and may have a function of combining various functions of each IoT device (850) to provide various integrated services. In this case, the smart card (810) transmits the public key corresponding to the individual IoT device (850) to the central controller (830), thereby registering the IoT device (850) on the network and registering the IoT device (850). It can be used for user (owner) authentication for remote control.

Further, the smart card (810) transfers the public key to the server (840) of the IoT service provider that provides the IoT service, thereby registering the IoT device on the network and performing remote control (Remote Control) of the IoT device. It can be used for user (owner) authentication, etc.

Furthermore, the smart card (810) transfers the public key to the server of the producer/seller of the IoT device (850), so that the user (owner) necessary for the owner registration/change/transfer of the IoT device. It can be used for authentication.

Further, the smart card transfers the public key associated with each IoT device to the communication terminal (820, eg, mobile phone), and the communication terminal (820) uses the public key of the IoT device to Can be used as an integrated remote control to control IoT devices. For example, the user performs a user authentication procedure (primary authentication) on the communication terminal (820) using the personal key stored in the smart card, and if the primary authentication succeeds, the communication terminal does not work with the smart card. The public key stored in (820) can be used to control the individual IoT device or central controller (830).

Meanwhile, according to at least one embodiment of the present invention, a specific combination of biometric information may be used for the reset function of the IoT device or for controlling the essential function of the IoT device. it can. For example, the private key/public key in which the code information generated from the combination of the specific biometric information is inserted is used for the reset function of the IoT device when the IoT device is in a state of failure, control failure, or the like. It can be used in applications to control the essential functions of IoT devices.

Meanwhile, the functions of the smart card 810 of FIG. 8a can be integrated in the communication terminal 820. That is, according to at least one embodiment of the present invention, as shown in FIG. 8b, the communication terminal 860 generates a private key and a public key in which a biometric code and a device code are inserted. The communication terminal (860) stores a private key inside, and the public key is associated with the related IoT device (850), IoT service provider server (840), IoT device producer/seller server, central It is transmitted to the control device (830).

Hereinafter, a user (owner) registration and authentication procedure of the IoT device performed with respect to the central controller will be described with reference to FIGS. 9a to 10b. It is obvious that the same or similar procedure can be performed for individual IoT devices, servers of IoT service providers, and servers of producers/sellers of IoT devices.

FIG. 9a is a schematic diagram illustrating a device user (Device User) registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 9a is suitable for the device user authentication system having the configuration shown in FIG. 8a.

As an optional pre-procedure, the smart card 810 allows the user to perform the device user registration procedure using the already stored encrypted biometric information and/or the personal key into which the biometric code is inserted. On the other hand, biometric authentication can be performed. That is, the smart card (810) may be configured to allow only the registered user to perform the device user registration procedure.

First, the communication terminal 820 acquires the biometric information of the user and transfers the acquired biometric information of the user to the smart card 810 (S901 to S902). Here, the biometric information may be acquired using a biometric sensor built in the communication terminal 820 or a biometric sensor provided in an external device connected to the communication terminal 820. Unlike the example shown in FIG. 9a, in another embodiment, the smart card (810) can directly acquire the biometric information of the user by using the built-in biosensor.

The smart card (810) encrypts the biometric information of the user using the already stored public key certificate and encodes (or tokenizes) the encrypted biometric information to generate a biometric code (S903). ). The encryption and coding (or tokenization) algorithm may be built into the smart card (810) application or may be specified in a public key certificate.

Next, the smart card 810 acquires the device identification information (Device Identity Data) given to the IoT device via the communication terminal (S904 to S905). Here, as the device identification information, a sensor built in the communication terminal 820 may be used, or a sensor provided in an external device connected to the communication terminal 820 may be used. Unlike the example shown in FIG. 9a, the smart card may directly acquire the device identification information using an embedded sensor.

Next, the smart card (810) generates a device code from the device identification information in the same or similar manner as the biometric code (S906). That is, the smart card 810 encrypts the device identification information and encodes or tokenizes the encrypted device identification information to generate a device code.

Next, the smart card (810) inserts the biometric code and the device code into the EV area (Extended Validate Domain) of the public key certificate to generate one key pair (public key, private key). That is, the biometric code and the device code are inserted in the generated private key and public key. The biometric code and the device code inserted in the private key and the public key may be in a Concatenated form. The private key is stored in the smart card (810) together with the biometric information encrypted in the smart card (810) (S907). Although not shown in FIG. 9a, other additional codes generated in the same or similar manner as the biometric code can be used to generate the private and public keys. It can be added as an additional authentication factor to the EV area of the public key certificate.

Next, the smart card 810 requests the device user registration while providing the public key to the central controller through the communication terminal (S908). A virtual private network (VPN) can be used to transfer the public key. The central controller (830) registers the device user and manages the public key in another secure DB (S909 to S910).

FIG. 9b is a schematic diagram illustrating a device user registration procedure according to at least one embodiment of the present invention. The user registration procedure shown in FIG. 9b is suitable for the device user authentication system having the configuration shown in FIG. 8b.

As an optional pre-procedure, the communication terminal 860 is a user who performs a device user registration procedure using a personal key in which the already stored encrypted biometric information and/or biometric code is inserted. Biometric authentication can be performed for. That is, the communication terminal 860 may be configured to allow only the registered user to perform the device user registration procedure.

First, the communication terminal 860 acquires biometric information of the user (S951 to S952). Here, the biometric sensor included in the communication terminal 860 may be used to acquire the biometric information, or the biometric sensor included in an external device connected to the communication terminal 860 may be used.

The communication terminal (860) encrypts the biometric information of the user using the already stored public key certificate and encodes (or tokenizes) the encrypted biometric information to generate a biometric code ( S953). The encryption and coding (or tokenization) algorithm may be built into the smart card application or may be specified in a public key certificate.

Next, the communication terminal 860 acquires the device identification information given to the IoT device (S954 to S955). Here, the device identification information may be acquired using a sensor built in the communication terminal or a sensor provided in an external device connected to the communication terminal.

Next, the communication terminal 860 generates a device code from the device identification information using the same or similar method as the biometric code (S956). That is, the communication terminal 860 encrypts the device identification information and encodes or tokenizes the encrypted device identification information to generate a device code.

Next, the communication terminal 860 inserts the biometric code and the device code into the EV area (Extended Validate Domain) of the public key certificate to generate one key pair (public key, private key). That is, the biometric code and the device code are inserted in the generated private key and public key. The biometric code and the device code inserted in the private key and the public key may be in a Concatenated form. The private key is stored in the communication terminal 860 together with the encrypted biometric information (S957). Although not shown in FIG. 9a, other additional codes generated in the same or similar manner as the biometric code can be used to generate the private and public keys. It can be added as an additional authentication factor to the EV area of the public key certificate.

Then, the communication terminal 860 requests the device user registration while providing the public key to the central controller 830 (S958). A virtual private network (VPN) can be used to transfer the public key. The central controller (830) registers the device user and manages the public key in another secure DB (S959-S960).

In the device user registration procedure shown in FIGS. 9a and 9b, a new key pair (private key, private key, It has been described as generating a public key). However, in another embodiment, a new key pair (private key, public key) can be generated by additionally inserting the device code into the already stored private key.

FIG. 10A is a schematic diagram illustrating a device user authentication procedure according to at least one embodiment of the present invention. The user authentication procedure shown in FIG. 10a is suitable for the device user authentication system having the configuration shown in FIG. 8a.

First, the communication terminal 820 acquires biometric information of the user and transmits the acquired biometric information of the user to the smart card 810 (S1001 to S1002). Here, to obtain biometric information, a biometric sensor built in the communication terminal (820) or an external biometric sensor connected to the communication terminal (820) can be used. Unlike the example shown in FIG. 10a, in another embodiment, the smart card (810) can directly acquire the biometric information of the user by using the built-in biosensor.

Next, the smart card (810) stores the obtained biometric information in the encrypted biometric information already stored in the smart card (810) and/or the private key already stored in the smart card (810). It is compared with the (Contained) biometric code (S1003). That is, the smart card 810 determines whether the acquired live biometric data (Live Biometric Data) matches the already stored encrypted biometric information and/or biometric code.

Next, when the acquired biometric information matches the already stored encrypted biometric information and/or biometric code, the smart card (810) provides authentication information based on the private key to the central controller (830). (S1004). A virtual private network (VPN) can be used to transfer the authentication information. For example, the smart card (810) transfers a tunneling start signal for opening a VPN with the central controller (830) to the communication terminal (820), and the communication terminal (820) transmits the tunneling start signal in response to the centralized signal. A VPN is opened between the controller (830) and the smart card (810), and the smart card (810) transfers the authentication information to the central controller (830) via the opened VPN.

The central controller (830) verifies the received authentication information using the already registered public key, and completes the device user authentication based on the verification result (S1005 to S1007). In at least one embodiment of the present invention, the central controller (830) requests the IoT service providing server (840) or the authentication server (not shown) to verify the authentication information received from the smart card (810). The device user authentication can be completed based on the verification result.

FIG. 10b is a schematic diagram illustrating a User Device authentication procedure according to at least one embodiment of the present invention. The user authentication procedure shown in FIG. 10b is suitable for the device user authentication system having the configuration shown in FIG. 8b.

First, the communication terminal 860 acquires biometric information of the user (S1051 to S1052). Here, the biometric sensor included in the communication terminal 860 may be used to acquire the biometric information, or the biometric sensor of an external device connected to the communication terminal 860 may be used.

Next, the communication terminal 860 compares the obtained biometric information with the already stored encrypted biometric information and/or with the stored biometric code in the stored private key. (S1053). That is, the communication terminal 860 determines whether the acquired biometric information matches the already stored encrypted biometric information and/or biometric code.

Next, when the acquired biometric information matches the encrypted biometric information and biometric code already stored, the communication terminal (860) sends the authentication information based on the private key to the central controller (830). It is transferred (S1054). A virtual private network (VPN) can be used to transfer the authentication information. For example, the communication terminal 860 opens a VPN with the central controller 830 and transfers the authentication information to the central controller 830 via the opened VPN.

The central controller (830) verifies the received authentication information using the already registered public key, and completes the device user authentication based on the verification result (S1055 to S1057). In some embodiments, the central controller (830) requests the IoT service providing server (840) or the authentication server (not shown) to verify the received authentication information, and authenticates the device user based on the verification result. Can also be completed.

FIG. 11 is a schematic diagram showing the concept of a ubiquitous authentication system in an online/offline environment.

While all ubiquitous certifications deal with online certifications, not all regions have the Internet or the minimum means of communication in the developing world environment. In addition, temporary online failures may occur due to disasters such as earthquakes, typhoons, floods, blackouts, and heavy snowfall. In order to overcome such temporary and non-temporary restrictions, it is necessary to appropriately supplement the authentication system based on the online environment. For example, service terminals (or public terminals) such as ATM, POS, and Kiosk need to allow a minimum cash withdrawal and settlement even in an offline environment. As another example, even if the smart home network is temporarily placed in an offline environment, it is necessary to allow a limited access right to a centralized controller that integrally manages IoT devices in the home. As yet another example, a smart car has a plurality of sensors or IoT devices internally networked to perform functions such as unmanned driving, autonomous driving, position information, and navigation online. Even if such a smart car is placed in an offline environment, it is necessary to provide authorization in a limited range as compared with the online environment.

INDUSTRIAL APPLICABILITY The present invention uses a part of various authentication means such as online biometric information (biometric code), PKI, OTP, etc. and partially limited service in the offline environment with the minimum power (for example, cash withdrawal). , Payment method for food and drink purchase, access control, etc.) are provided. In at least one embodiment of the present invention, the service providing server provides a user who has completed user registration with predetermined authentication information (Credentials) or token (Token) that can be used for user authentication in an offline environment. For example, the authentication information may be a modified public key derived from a public key received from a smart card or a communication terminal owned or owned by the user in the user registration procedure.

FIG. 12 is a schematic diagram illustrating a user authentication procedure in an offline environment according to at least one embodiment of the present invention. Although FIG. 12 assumes that a smart card is used, the same method can be applied when a communication terminal (eg, a smartphone) is used instead of the smart card.

First, a public terminal (eg, ATM, POS, Centralized Controller, etc.) in an offline environment acquires biometric information of a user and transmits the acquired biometric information of the user to a smart card (S1201 to S1202). Here, to obtain biometric information, a biometric sensor built in the public terminal can be used, or an external biometric sensor connected to the public terminal can be used. Unlike the example shown in FIG. 12, in another embodiment, the smart card may directly acquire the biometric information of the user by using the built-in biometric sensor.

Then, the smart card inserts the acquired biometric information into the encrypted biometric information already stored in the smart card and/or the contained biometric code in the private key already stored in the smart card. (S1203). That is, the smart card determines whether the obtained live biometric data (Live Biometric Data) matches the already stored encrypted biometric information and/or biometric code.

Next, when the obtained biometric information (Biometric Data) matches with the already stored encrypted biometric information and/or biometric code, the smart card obtains authentication information based on the Private Key and a service providing server in advance. The authentication information based on the modified public key provided by the user is transferred to the public terminal (S1204).

The public terminal in the offline environment performs the authentication in a limited range compared to the online environment without requesting the service providing server to verify the received authentication information. That is, the service/transaction/access right limited to a predetermined range is allowed. In some embodiments, the public terminal may verify that the verification code inserted in the received authentication information is generated based on the same public key certificate.

Relevant transaction information (ie transaction details or service offering details and associated authentication information) can be stored in a secure area, such as a secure element of a smart card and/or public terminal, for later settlement of transaction details online. It is stored (S1205). Further, the transaction information can be stored in an encrypted state using the private key/public key.

When returning to the online environment again, the public terminal transfers the stored transaction information to the service providing server (S1206). The service providing server verifies the authentication information included in the transaction information via the authentication server, and settles the transaction details included in the transaction information based on the verification result (S1207 to S1209).

FIG. 13 is a table showing exemplary application areas applicable to at least one embodiment of the present invention.

You can use compound authentication for user authentication, but gradually integrate and use information for various purposes such as credit card + electronic identification card + electronic passport + driver's license into a smart card. You can

As shown in the table of FIG. 13, the application fields to which various embodiments of the present invention can be applied can be roughly divided into four areas.

The financial and identification area (Financial and Identification Section) refers to online and offline financial transactions and user authentication associated with various types of identification. In order to apply to such fields, smart cards (or communication terminals) are used for electronic identification, pension, medical insurance, electronic wallet, digital currency, medical records, driver's license, electronic election, discount coupon (Credit Card). /Debit Card/Cyber Money/E-Wallet/Digital Coupon/Financial Data/National ID/Driver's License/Medical Information/e-Voting/Pension). Some of such information may be inserted into the EV area of the public key certificate for the related service use. For example, in the EV area of a public key certificate issued for use as an electronic identification card, a code indicating the unique identification information (for example, resident registration number, social security number, etc.) given to an individual is stored. May be inserted. Further, some information may be pre-stored in the same area as the public key certificate for the relevant service application.

The physical access area is an application area for access control, and the smart card (or communication terminal) can serve as an ID Badge or an access card. Add the location information (eg GEO, GIS, GPS information, etc.) of the smart card (or communication terminal) or the code that encodes it to the private key/public key for use in such application areas. You can The added location information or code can be utilized as an additional authentication factor for detecting alteration, forgery and withdrawal.

The single sign-on (SSO Section: integrated authentication) area is an authentication function that enables resources on several independent software systems to be used in one user authentication process. In at least one embodiment of the present invention, by performing the authentication procedure based on the biometric matching and the private key/public key into which the biometric code is inserted, the certificate and password required by the service providing server (130) can be obtained. The input process can be omitted, and biometric single sign-on (Single Sign On) can be realized. In at least one embodiment of the present invention, a private key generated by an arbitrary communication terminal (eg, smartphone) owned or owned by the user is stored in its own Cloud so that the user owns or owns it. The personal key can be downloaded and used in another communication terminal (for example, tablet PC, smart watch, etc.). According to this, it is not necessary to generate a personal key for the same purpose for each communication terminal, and a personal key generated by one communication terminal can be shared by a plurality of communication terminals owned or owned by the user. it can.

The device user authentication section represents an application area for supporting user authentication for registering an IoT device or controlling access to the IoT device. In the public key/personal key used in such an application area, not only the biometric code but also a device code in which identification information of the IoT device is encoded is further inserted. Further, the public key is transmitted to each IoT device, central control unit, IoT service server, IoT Vendor server, etc., and used for device user authentication, remote control and the like.

FIG. 14 is a schematic diagram for explaining that various types of biometric information or a combination thereof can be divided into various types and used. It is a figure for demonstrating that various biometric information or these combinations can be divided and used for various uses.

As described above, in at least one embodiment of the present invention, different biometric information of the user and/or a combination thereof may be used. For example, FIG. 14 illustrates an example in which ten pieces of fingerprint information are used for different purposes as examples of different types of biometric information of the same type. That is, in at least one embodiment of the present invention, the same type of biometric information is encoded and inserted into one private key/public key, or a separate private key/public key is provided for each biometric information. Each can be generated.

Further, FIG. 14 exemplifies that various combinations of biometric information are used in different applications. That is, in at least one embodiment of the present invention, a plurality of combinations of biometric information can be coded and inserted into one private key/public key, and each combination can have a separate key pair (private key/private key/key). You can also generate a public key). Furthermore, the input order of biometric information can be given to the same combination of biometric information.

Meanwhile, in the description of various embodiments of the present invention, throughout the specification, in addition to the private key in which the biometric code is inserted, the encrypted biometric information used for biometric matching is stored in the smart card or the communication terminal. It is assumed that it has been. However, it is undesirable for such a feature to be treated as an essential component in all embodiments of the invention. For example, in some embodiments, the encrypted biometric information is not stored in the smart card or the communication terminal, and only the biometric code inserted in the private key can be used for biometric matching. Further, in some embodiments, a hash value (Hash Value) of the biometric information of an individual managed by a government agency (for example, administrative department, investigation agency, immigration department, etc.) can be used. The hash value can be stored in advance in a partial area of the smart card and can also be inserted in the EV area of the public key certificate issued by the relevant institution. Furthermore, the encrypted biometric information used for biometric matching may be biometric information encrypted by the encryption algorithm specified in the public key certificate, or it may be encrypted using the private key with the biometric code inserted. It may be biometric information. Furthermore, the biometric information encrypted using the public key certificate may be stored together with the private key in a state where the biometric information encrypted with the private key is additionally encrypted.

On the other hand, the method described above can be realized as a computer-readable code on a computer-readable recording medium. The computer-readable recording medium includes any kind of recording device that stores data that can be read by a computer system. That is, a computer-readable recording medium includes a magnetic storage medium (eg, ROM, floppy disk, hard disk, etc.), an optical readable medium (eg, CD-ROM, DVD, etc.), and a carrier wave (eg, Internet). Storage medium) (such as transfer over). Further, the computer-readable recording medium can be distributed to computer systems connected via a network to store and execute computer-readable code in a distributed manner.

Although the present invention has been described using the embodiments, the technical scope of the present invention is not limited to the scope described in the above embodiments. It is apparent to those skilled in the art that various modifications and improvements can be added to the above-described embodiment. It is apparent from the scope of the claims that the embodiment added with such changes or improvements can be included in the technical scope of the present invention.

Claims (30)

In the user registration method performed by the portable device owned by the user in the authentication management system based on the public key certificate,
Encrypting the biometric information of the user or a combination of biometric information using the encryption algorithm defined in the public key certificate, and storing the encrypted biometric information in the portable device;
Generating a biometric code by tokenizing the encrypted biometric information or a combination of biometric information,
Inserting a verification code including at least the biometric code into an extension field of the public key certificate to generate one key pair (including a private key and a public key);
Transferring the public key to a remote object and requesting registration of the user;
With
User registration method. The verification code further includes an additional code generated by encrypting the unique identification information given to the portable device and tokenizing the encrypted unique identification information.
The user registration method according to claim 1. The verification code further includes an additional code generated by encrypting characteristic information representing the behavior characteristic of the user and tokenizing the encrypted characteristic information.
The user registration method according to claim 1. The verification code further includes an additional code generated by encrypting position information indicating a position requesting authentication of the user and tokenizing the encrypted position information.
The user registration method according to claim 1. The verification code further includes an additional code generated by encrypting the unique identification information given to the user and tokenizing the encrypted unique identification information.
The user registration method according to claim 1. Inserting a biometric code obtained from different biometric information or a combination of different biometric information into a plurality of public key certificates to generate one key pair for each public key certificate,
The user registration method according to claim 1. The plurality of public key certificates have different uses,
The user registration method according to claim 6. The step of generating the one key pair includes
A step of generating an additional biometric code from biometric information or a combination of biometric information different from the biometric information or the combination of biometric information used to generate the biometric code;
Further inserting an additional verification code including at least the additional biometric code into the extension field of the public key certificate to generate one key pair (including a private key and a public key);
including,
The user registration method according to claim 1. The additional verification code is designated for the purpose of notifying that the private key is used by others.
The user registration method according to claim 8. The additional verification code designates the use requesting to deregister the user based on the public key already transferred,
The user registration method according to claim 8. The additional verification code is designated for use in requesting initialization of an authentication management system managed by the remote object,
The user registration method according to claim 8. In the extended field of the public key certificate, data relating to at least one of an electronic identification card, a driver's license, electronic money, and a medical card as additional information corresponding to the intended use specified in the public key certificate. Further including,
The user registration method according to claim 1. The extended field of the public key certificate includes URL information of a remote object transferring the public key.
The user registration method according to claim 1. Further comprising an additional code generated by encrypting the device identification information provided to the IoT device and tokenizing the encrypted device identification information,
The user registration method according to claim 1. A biometric code obtained from different biometric information or a combination of different biometric information and an additional code obtained from the device identification information of different IoT devices are inserted into a plurality of public key certificates, and one associated one for each IoT device is inserted. Generate a key pair,
The user registration method according to claim 14. A virtual private network (VPN) is used to transfer the public key.
The user registration method according to claim 1. The portable device is a smart card or a mobile communication terminal,
The user registration method according to claim 1. In a user authentication method performed by a portable device owned by a user in an authentication management system based on a public key certificate, the portable device can obtain a personal key into which a verification code including a biometric code is inserted and the biometric code. Stored encrypted biometric information or a combination of biometric information, the user authentication method,
Acquiring biometric information or a combination of biometric information of the user,
Comparing the biometric information of the user or a combination of biometric information with at least one of the encrypted biometric information and the biometric code already stored in the portable device;
When the biometric information of the user or a combination of biometric information matches at least one of the encrypted biometric information and the biometric code, the authentication information including the verification code inserted in the private key is transferred to the remote object. Requesting authentication of the user,
With
User authentication method. The verification code inserted in the private key is an additional code obtained from the unique identification information given to the portable device, an additional code obtained from position information indicating a position requesting authentication of the user, the user. At least one of an additional code obtained from the unique identification information given to the user, an additional code obtained from the characteristic information indicating the behavioral characteristic of the user, and an additional code obtained from the device identification information given to the IoT device. Further including one,
The user authentication method according to claim 18. The authentication information further includes an OTP generated by an OTP generation module built in the portable device,
The user authentication method according to claim 18. The authentication information further includes information regarding a transfer time point of the authentication information,
The user authentication method according to claim 18. The authentication information further includes information about a location requesting authentication of the user.
The user authentication method according to claim 18. The authentication information further includes information about a time when the private key is generated,
The user authentication method according to claim 18. A virtual private network (VPN) is used to transfer the authentication information.
The user authentication method according to claim 18. The destination URL of the virtual private network is included in the extension field of the private key,
The user authentication method according to claim 18. The portable device is a smart card or a mobile communication terminal,
The user authentication method according to claim 18. In the authentication management system based on the public key certificate, the authentication management method performed by the remote object connected to the portable device owned by the user by the network,
A public key corresponding to a private key in which a verification code including a biometric code obtained from the biometric information of the user or a combination of biometric information is inserted from the portable device, and user registration is performed based on the received public key. Process,
Receiving authentication information including a verification code inserted in the personal key from the portable device, verifying the authentication information received using the public key, and authenticating the user based on the verification result;
With
Authentication management method. In an authentication management method performed by a public terminal that provides a service in an authentication management system based on a public key certificate and a service providing server that manages the public terminal,
The service providing server receives a public key corresponding to a private key into which a verification code including a biometric code obtained from the biometric information of the user or a combination of biometric information is inserted from the portable device, and based on the received public key User registration process,
The public terminal receives authentication information including a verification code inserted in the personal key from the portable device, requests the service providing server to verify the received authentication information using the public key, and Authenticating the user based on the result of the verification,
The public terminal provides a service upon successful authentication of the user,
With
Authentication management method. The step of performing user registration is for use when the public terminal and the service providing server are in an offline state, and the service providing server generates a modified public key by applying the public key. And transmitting the modified public key to the portable device.
The authentication management method according to claim 28. When the public terminal and the service providing server are offline, the public terminal receives the verification code inserted in the private key and the verification code inserted in the modified public key from the portable device. Then, verifying whether the received verification code is generated based on the same public key certificate, and if the verification is successful, providing a service within a limited range from the online status,
When the offline status changes to the online status, the public terminal transmits the verification code and the service provision information to the service providing server, the service providing server verifies the verification code, and the service based on the verification result. The process of producing the information provided,
Further comprising,
The authentication management method according to claim 29.