-
公开(公告)号:KR1020080052092A
公开(公告)日:2008-06-11
申请号:KR1020060124134
申请日:2006-12-07
Applicant: 한국전자통신연구원
CPC classification number: H04L9/0869 , H04L9/0631 , H04L9/0643 , H04L9/0668 , H04L9/14 , H04W12/04
Abstract: A method and an apparatus for creating an user secret key in a mobile communication system are provided to create an user secret key which is a master key through a verified password algorithm and a secure mechanism in a mobile communication system of a third generation partnership project manner. A method and an apparatus for creating an user secret key in a mobile communication system includes a step of creating a key factor by inputting an operator secret key and a seed to a Hash function based on a block password(101). The created key factor is a key of algorithm of the block password. An input factor is created by operating the algorithm with an Output FeedBack mode by inputting user information for creating a user secret key into the algorithm of the block password(102). The created input factor is an input value of a keyed Hash function. The user secret key is created with the key factor which is the keyed Hash function(103).
Abstract translation: 提供了一种用于在移动通信系统中创建用户密钥的方法和装置,用于通过第三代合作伙伴项目方式的移动通信系统中的验证密码算法和安全机制来创建作为主密钥的用户秘密密钥 。 用于在移动通信系统中创建用户密钥的方法和装置包括通过基于块密码(101)将操作员密钥和种子输入到哈希函数来创建关键因素的步骤。 创建的关键因素是块密码算法的关键。 通过将用于创建用户密钥的用户信息输入到块密码(102)的算法中,通过使用输出反馈模式来操作算法来创建输入因子。 创建的输入因子是键控哈希函数的输入值。 用关键因素创建用户密钥,这是密钥哈希函数(103)。
-
142.发明公开
公开(公告)号:KR1020080050931A
公开(公告)日:2008-06-10
申请号:KR1020070028882
申请日:2007-03-23
Applicant: 한국전자통신연구원
CPC classification number: H04L9/3234 , H04L9/0877 , H04L9/14 , H04L9/3247 , H04L2209/805
Abstract: A method and a system for authorizing a request of reading and writing execution of user data of a mobile RFID tag are provided to improve a security level of an mRFID(mobile Radio Frequency IDentification) service by storing a decryption key both in a server and a terminal. Authentication modules(111,121) in a web kiosk terminal and an RFID(Radio Frequency IDentification) application server include an application unit(1112) and a password key management/storage unit(1113). A security script message process request and a read/write command execution request are applied to the application unit. A password key is handled by the password key management/storage unit. The security module of the web kiosk terminal includes a key generator(1111) for generating a decryption key of the password.
Abstract translation: 提供了一种用于授权读取和写入移动RFID标签的用户数据的执行请求的方法和系统,以通过将解密密钥存储在服务器和服务器中来提高mRFID(移动射频识别)服务的安全级别 终奌站。 网络亭终端和RFID(射频识别)应用服务器中的认证模块(111,121)包括应用单元(1112)和密码密钥管理/存储单元(1113)。 安全脚本消息处理请求和读/写命令执行请求被应用于应用单元。 密码密钥由密码密钥管理/存储单元处理。 web信息亭终端的安全模块包括用于生成密码的解密密钥的密钥生成器(1111)。
-
公开(公告)号:KR1020080050170A
公开(公告)日:2008-06-05
申请号:KR1020060121053
申请日:2006-12-01
Applicant: 한국전자통신연구원
Abstract: A role-based certification method applying transitivity is provided to achieve an efficient authentication process by applying a transitive signature to a role-based authentication system, improve accuracy of authentication by minimizing strings of a delegation chain, and protect privacy by exposing contents of the delegation chain at the minimum. Credential between a user or agency V(i) and V(j) is expressed as E(i,j). A user or agency V(i) has a secret key sk(i) and an open key V(i). An agency V(i) issues delegation credential E(i,j) to an agency V(j), wherein the E(i,j) is regarded as an edge of a graph. The agency V(i) combines the secret key sk(i) with secret key sk(j) of the agency V(j) for making the delegation credential E(i,j). The agency V(i) receives the secret key sk(j) of the agency V(j) through a trusted communication path for generating E(i,j) and transmitting the E(i,j) to the agency V(j). When a user A receives role credential R(k) from an agency V(k), a condition capable of accessing the agency V(i) is that the user A demonstrates that the user A has the delegation credential E(i,j), the credential E(j,k), and the role credential R(k) to an agency V(i). For the condition, the user A combines the credential E(i,j) and the credential E(j,k) for constituting E(i,k) by calculating E(i,k)=E(i,j)xE(j,k) and concatenating the result with the R(k).
Abstract translation: 提供了一种应用传递性的基于角色的认证方法,通过对基于角色的认证系统应用传输签名来实现有效的认证过程,通过最小化授权链的字符串来提高认证的准确性,并通过暴露授权的内容来保护隐私 链条至少。 用户或代理商V(i)和V(j)之间的凭证表示为E(i,j)。 用户或代理V(i)具有秘密密钥sk(i)和打开密钥V(i)。 代理V(i)向代理V(j)发出授权凭证E(i,j),其中E(i,j)被视为图的边。 代理V(i)将秘密密钥sk(i)与代理证书V(j)的秘密密钥sk(j)组合以进行授权凭证E(i,j)。 代理V(i)通过用于产生E(i,j)的可信任通信路径接收代理V(j)的秘密密钥sk(j),并将E(i,j)发送给代理V(j) 。 当用户A从代理V(k)接收角色凭证R(k)时,能够访问代理V(i)的条件是用户A证明用户A具有授权凭证E(i,j) ,凭证E(j,k)和代理V(i)的角色凭证R(k)。 对于该条件,用户A通过计算E(i,k)= E(i,j)×E(i,k)来组合凭证E(i,j)和用于构成E(i,k)的证书E(j,k) j,k)并将结果与R(k)连接起来。
-
公开(公告)号:KR1020080048320A
公开(公告)日:2008-06-02
申请号:KR1020060118573
申请日:2006-11-28
Applicant: 한국전자통신연구원
CPC classification number: G06F21/32 , H04M1/72527
Abstract: A sub security device for biometric authentication is provided to raise a security management level of a biometric authentication terminal by providing the secondary sub security device independent of the biometric authentication terminal and connected to the biometric authentication terminal. An input unit(210) receives a character string corresponding to at least one of user ID information and a command for controlling a biometric authentication terminal from the user. A processor(220) sets a communication channel for the biometric authentication terminal and transfers the command to the biometric authentication terminal. The processor includes a communication channel setter(221) setting the communication channel through mutual authentication with the biometric authentication terminal, and a command processor(222) transferring the command to the biometric authentication terminal when an instruction included in the command is within a user authority. A display driver(230) displays the character string and/or a communication state with the biometric authentication terminal. A communication port controller(240) controls a communication port for communicating with the biometric terminal.
Abstract translation: 提供用于生物认证的子安全设备,通过提供独立于生物认证终端并连接到生物认证终端的辅助子安全设备来提高生物认证终端的安全管理级别。 输入单元(210)从用户接收与用户ID信息和用于控制生物体认证终端的命令中的至少一个相对应的字符串。 处理器(220)设置用于生物认证终端的通信信道,并将该命令传送到生物认证终端。 处理器包括通过与生物认证终端的相互认证来设置通信信道的通信信道设置器(221),以及当命令中包含的指令在用户权限内时将命令传送到生物认证终端的命令处理器(222) 。 显示驱动器(230)与生物认证终端显示字符串和/或通信状态。 通信端口控制器(240)控制用于与生物测定终端进行通信的通信端口。
-
公开(公告)号:KR1020080046490A
公开(公告)日:2008-05-27
申请号:KR1020060116016
申请日:2006-11-22
Applicant: 한국전자통신연구원
CPC classification number: G06F17/30271 , G06K9/00295 , G06K9/46 , G06T2207/30201
Abstract: A method and a device for recognizing a face by using a montage face image are provided to search the face of a criminal easily by generating the montage face image with a sketch operator based on a face image database, extracting a feature vector from a similar montage face image, and performing montage face recognition. A feature vector storing part(310) extracts feature vectors from a similar montage face image and stores the feature vectors. An authenticator(320) performs authentication by receiving a target face image, extracting feature vectors from the target face image, and comparing the extracted feature vectors with feature vectors stored in the feature vector database. The authenticator includes a second generator(321) converting the target face image into the similar montage face image, a second extractor(323) extracting feature vectors from the similar montage face image, and a similarity comparator(333) evaluating similarity by comparing feature vectors of the feature vector storing part with feature vectors of the second extractor. The second generator performs conversion by applying a sketch operation including a DIP(Difference of Inverse Probability), BDIP(Block DIP), or morphology filter.
Abstract translation: 提供一种通过使用蒙太奇面部图像来识别面部的方法和装置,用于通过基于面部图像数据库的草图算子生成蒙太奇脸部图像,轻松地搜索犯罪者的脸部,从类似的蒙太奇中提取特征向量 面部图像,并执行蒙太奇脸部识别。 特征向量存储部(310)从类似的蒙太奇面部图像中提取特征向量并存储特征向量。 认证器(320)通过接收目标人脸图像,从目标人脸图像中提取特征向量,并将所提取的特征向量与存储在特征向量数据库中的特征向量进行比较来进行认证。 认证器包括将目标人脸图像转换成类似蒙太奇脸部图像的第二发生器(321),从相似蒙太奇脸部图像提取特征向量的第二提取器(323)和通过比较特征向量来评估相似度的相似性比较器 具有第二提取器的特征向量的特征向量存储部分。 第二发生器通过应用包括DIP(反向概率的差异),BDIP(块DIP)或形态滤波器的草图操作来执行转换。
-
Patent Agency Ranking
公开(公告)号:KR100826874B1
公开(公告)日:2008-05-06
申请号:KR1020060086270
申请日:2006-09-07
Applicant: 한국전자통신연구원
Abstract: 본 발명은 응급 상황 긴급 처리 수단에 관한 것으로, 특히 사용자가 응급 상황에 처해 있음을 재난 센터로 알리는 과정에서도 사용자의 프라이버시 보호가 가능한 수단을 제공하기 위하여, 응급상황 처리기에서 응급 상황을 처리하는 방법은 센서 장치로부터 사용자의 생체 정보 및 상황 정보를 수집하는 단계; 상기 수집된 정보를, 인증 서버로부터 상기 사용자에 대하여 부여받은 암호화키로 암호화한 후 저장하는 단계; 상기 저장된 생체 정보 및 상황 정보를 분석하여 상기 사용자가 응급 상황인지 여부를 판단하는 단계; 및 상기 판단 결과 상기 사용자가 응급 상황인 경우에 한하여 재난 센터로 응급 상황 정보를 송출하고 응급 서비스를 요청하는 단계를 포함하여 구성된다.
응급 상황 처리, 프라이버시 프로파일, 암호화-
公开(公告)号:KR100825736B1
公开(公告)日:2008-04-29
申请号:KR1020060098096
申请日:2006-10-09
Applicant: 한국전자통신연구원
CPC classification number: G06F21/64
Abstract: 본 발명에 의한 무선 XML 전자 서명 서비스 제공 장치 및 그 방법은 모바일 클라이언트로부터 수신되는 XML 전자서명 템플릿 생성 요청 또는 XML 전자 서명 검증 요청에 따라 상기 모바일 클라이언트를 인증하는 XML 메시지분석부; 상기 인증이 성공하면 상기 전자서명 템플릿과 정규화된 형태의 SignedInfo를 생성하고, 전자 서명을 검증하는 전자서명처리부; 및 상기 전자서명 템플릿 생성과 전자 서명 검증을 위한 적어도 하나 이상의 설정값들과 키 정보들을 상기 전자서명처리부로 제공하는 암호화부;를 포함하는 것을 특징으로 하며, 무선 환경에서 교환되는 메시지에 대한 인증, 무결성, 부인봉쇄 등을 제공해 주며, 제한된 리소스의 무선 환경에 적용가능하고, 기존의 유선 환경을 위한 XML 전자서명과 호환 가능하여 유무선 통합 전자거래에 활용 가능하며, 무선 XML 전자서명 적용에 따른 기존 유선 환경의 변화를 최소화 시킬 수 있다.
모바일 XML, 모바일 XML 전자서명-
公开(公告)号:KR100819048B1
公开(公告)日:2008-04-02
申请号:KR1020060120112
申请日:2006-11-30
Applicant: 한국전자통신연구원
CPC classification number: G06K19/07309 , G06K2017/0093
Abstract: An electronic tag for personalizing an RFID(Radio Frequency IDentification)-attached article, and a method and a device for protecting privacy by using the same are provided to prevent leakage of article and owner information, thereby enabling a user to use the tag attached to the article safely in a ubiquitous environment. A receiver(610) receives a personalization instruction and an access password. A personalizer(620) changes an electronic tag ID value storing ID information for discrimination from other electronic tags into a predetermined value and stores the electronic tag ID value to a storing part(630) by the personalization instruction. The storing part stores privacy information and the access password needed for recognizing the electronic tag ID value. A comparator(640) compares the received access password with the stored access password. A transmitter(650) transmits the ID value of the electronic tag if the received access password is identical with the stored access password, and does not transmit the ID value of the electronic tag if not.
Abstract translation: 提供用于个性化RFID(射频识别)附属物品的电子标签,以及用于通过使用其来保护隐私的方法和设备,以防止物品和所有者信息的泄漏,由此使得用户能够使用附于 该文章安全地在无所不在的环境中。 接收器(610)接收个性化指令和访问密码。 个性化器(620)将存储有用于鉴别的ID信息的电子标签ID值改变为预定值,并通过个性化指令将电子标签ID值存储到存储部分(630)。 存储部分存储用于识别电子标签ID值所需的隐私信息和访问密码。 比较器(640)将接收的访问密码与存储的访问密码进行比较。 如果接收到的访问密码与存储的访问密码相同,则发送器(650)发送电子标签的ID值,如果不是,则发送电子标签的ID值。
-
公开(公告)号:KR100799578B1
公开(公告)日:2008-01-30
申请号:KR1020060085822
申请日:2006-09-06
Applicant: 한국전자통신연구원
Abstract: 생체정보를 이용한 사용자 신원확인장치 및 방법, 그 방법을 이용한 여행자 출입국 관리방법에 관한 것으로, 사용자로부터 입력받은 제1생체정보와 생체여권에 등록된 제2생체정보를 비교하여 상기 제1생체정보를 인증하는 이동형 생체인증 단말부, 상기 이동형 생체인증 단말부로부터 상기 제1생체정보를 암호화된 메세지로 수신하여 복호화하는 이동형 생체인증 단말관리부, 상기 이동형 생체인증 단말관리부로부터 전달된 상기 제1생체정보와 기등록된 인물에 대한 생체정보를 비교하여 일치여부를 확인하는 메인검색부 및 상기 생체여권에 등록된 제2생체정보와 상기 메인검색부의 일치여부에 대한 정보를 상기 사용자가 통과하는 심사대에서 디스플레이하여 상기 사용자를 확인하는 사용자 출입 승인부로 구성되어, 출입국 심사 과정에서 필요한 생체인증 및 생체검색에 소요되는 시간을 개인적으로 활용할 수 있으면서 최종 출입국 심사를 기존의 방법보다 간소하게 수행하여 출입국 절차를 빠르게 진행할 수 있는 장점을 제공한다.
-
公开(公告)号:KR100772534B1
公开(公告)日:2007-11-01
申请号:KR1020060103693
申请日:2006-10-24
Applicant: 한국전자통신연구원
CPC classification number: H04L9/3263 , H04L9/3273 , H04L63/0442 , H04L63/0823
Abstract: A device authentication system based on a public key and an authentication method thereof are provided to simplify an authentication process if a device moves from one domain to the other and to register the device and issue device authentication by using a certificate server. A device authentication system based on a public key is composed of an authentication unit(210) for a server(200), for checking ID(Identification) of a device in which a service list is registered, and obtaining device authentication for the corresponding device issued from a certificate authority; a code key generating unit(220) for generating the public key and a secret key for the device and then transmitting the generated public and secret keys to the device; and a permission issuing unit(230) for authenticating the device on the basis of the device authentication and issuing device permissions getting access to the other device.
Abstract translation: 提供了一种基于公共密钥的设备认证系统及其认证方法,以便在设备从一个域移动到另一个域之间简化认证过程,并通过使用证书服务器注册设备并发布设备认证。 基于公开密钥的设备认证系统由服务器(200)的认证单元(210)构成,用于检查其中注册了服务列表的设备的ID(识别),并获得相应设备的设备认证 从认证机构发出; 用于产生公钥的代码密钥生成单元(220)和用于该设备的秘密密钥,然后将生成的公钥和秘密密钥发送到设备; 以及许可发布单元,用于基于所述设备认证和发布设备的许可访问所述另一设备来认证所述设备。
-
-
-
-
-
-
-
-
-
Search Results
346
records
(took 0.031 seconds)
