公开(公告)号：US20100042847A1

公开(公告)日：2010-02-18

申请号：US12498417

申请日：2009-07-07

Applicant: Kwansoo JUNG ,  Soohyung KIM ,  Deokjin KIM ,  Seunghun JIN ,  Youngseob CHO ,  Jinman CHO ,  Sangrae CHO ,  Daeseon CHOI ,  Jonghyouk NOH ,  Seunghyun KIM

Inventor： Kwansoo JUNG ,  Soohyung KIM ,  Deokjin KIM ,  Seunghun JIN ,  Youngseob CHO ,  Jinman CHO ,  Sangrae CHO ,  Daeseon CHOI ,  Jonghyouk NOH ,  Seunghyun KIM

IPC: G06F21/00

CPC classification number: G06F21/43 ,  G06F2221/2137 ,  G06F2221/2153

Abstract: The present invention relates to a method and system that can safely and conveniently perform user authentication by a service provider server and at a public terminal using one-time identification information. According to the present invention, when user authentication is performed using a public terminal to receive an Internet service provided by a service provider, personal identity information to be provided to the service provider can be prevented from being leaked due to fishing or hacking while the personal identity information is input. Therefore, the user can be safely and conveniently authenticated by the service provider.

Abstract translation: 本发明涉及一种方法和系统，其可以使用一次性识别信息安全地且方便地由服务提供商服务器和公共终端执行用户认证。 根据本发明，当使用公共终端进行用户认证以接收由服务提供商提供的因特网服务时，可以防止提供给服务提供商的个人身份信息由于钓鱼或黑客而泄漏，而个人 身份信息被输入。 因此，用户可以由服务提供商安全和方便地认证。

公开(公告)号：US20110150224A1

公开(公告)日：2011-06-23

申请号：US12786811

申请日：2010-05-25

Applicant: Jong-Hyouk NOH ,  DeokJin Kim ,  Soo Hyung Kim ,  Seung-Hyun Kim ,  Sang Rae Cho ,  Young Seob Cho ,  Jin-Man Cho ,  Dae Seon Choi ,  Seung Hun Jin

Inventor： Jong-Hyouk NOH ,  DeokJin Kim ,  Soo Hyung Kim ,  Seung-Hyun Kim ,  Sang Rae Cho ,  Young Seob Cho ,  Jin-Man Cho ,  Dae Seon Choi ,  Seung Hun Jin

IPC: H04L9/00

CPC classification number: H04L9/0836

Abstract: A key tree construction and key distribution method for hierarchical role-based access control, includes: constructing a key tree including relationships between a hierarchical structure of role groups and data; performing encryption and decryption of data keys and role keys; and generating a key table, in which the data keys required to decrypt encrypted data and the role keys required to decrypt encrypted data keys are stored, with reference to the key tree. Further, the key tree construction and key distribution method for hierarchical role-based access control includes performing management such that a specific role group can obtain a data key by performing decryption based on its own role key by using both the key tree and the key table.

Abstract translation: 层次化角色访问控制的关键树结构和密钥分配方法，包括：构建一个包括角色组和数据层次结构之间关系的密钥树; 执行数据密钥和角色密钥的加密和解密; 并且生成密钥表，其中参照密钥树存储解密加密数据所需的数据密钥和解密加密数据密钥所需的角色密钥。 此外，层次化的基于角色的访问控制的密钥树构造和密钥分发方法包括执行管理，使得特定角色组可以通过使用密钥树和密钥表两者通过基于其自己的角色密钥执行解密来获得数据密钥 。

公开(公告)号：US20100010824A1

公开(公告)日：2010-01-14

申请号：US12499969

申请日：2009-07-09

Applicant: Seunghyun KIM ,  Seunghun JIN ,  Jinman CHO ,  Youngseob CHO ,  Sangrae CHO ,  Daeseon CHOI ,  Jonghyouk NOH ,  Soohyung KIM ,  Kwansoo JUNG ,  Deokjin KIM

Inventor： Seunghyun KIM ,  Seunghun JIN ,  Jinman CHO ,  Youngseob CHO ,  Sangrae CHO ,  Daeseon CHOI ,  Jonghyouk NOH ,  Soohyung KIM ,  Kwansoo JUNG ,  Deokjin KIM

IPC: G06Q99/00 ,  G06F15/16

CPC classification number: G06Q30/02

Abstract: The present invention proposes a method of providing recommendation information to help user's decision about what private information to share from a service provider in a user-centered ID management environment. The present invention provides recommendation information to help appropriate user's decision about what private information to share from the service provider to a user, such that the user can more reasonably make a decision based on the recommendation value.

Abstract translation: 本发明提出了一种提供推荐信息的方法，以帮助用户决定在以用户为中心的ID管理环境中从服务提供商共享哪些私有信息。 本发明提供了推荐信息，以帮助适当的用户决定从服务提供商向用户共享什么私人信息，使得用户可以基于推荐值更合理地作出决定。

公开(公告)号：US08447037B2

公开(公告)日：2013-05-21

申请号：US12786811

申请日：2010-05-25

Applicant: Jong-Hyouk Noh ,  DeokJin Kim ,  Soo Hyung Kim ,  Seung-Hyun Kim ,  Sang Rae Cho ,  Young Seob Cho ,  Jin-Man Cho ,  Dae Seon Choi ,  Seung Hun Jin

Inventor： Jong-Hyouk Noh ,  DeokJin Kim ,  Soo Hyung Kim ,  Seung-Hyun Kim ,  Sang Rae Cho ,  Young Seob Cho ,  Jin-Man Cho ,  Dae Seon Choi ,  Seung Hun Jin

IPC: H04L9/00 ,  H04L9/08 ,  H04L29/06 ,  G06F11/30 ,  G06F17/30

CPC classification number: H04L9/0836

Abstract: A key tree construction and key distribution method for hierarchical role-based access control, includes: constructing a key tree including relationships between a hierarchical structure of role groups and data; performing encryption and decryption of data keys and role keys; and generating a key table, in which the data keys required to decrypt encrypted data and the role keys required to decrypt encrypted data keys are stored, with reference to the key tree. Further, the key tree construction and key distribution method for hierarchical role-based access control includes performing management such that a specific role group can obtain a data key by performing decryption based on its own role key by using both the key tree and the key table.

Abstract translation: 层次化角色访问控制的关键树结构和密钥分配方法，包括：构建一个包括角色组和数据层次结构之间关系的密钥树; 执行数据密钥和角色密钥的加密和解密; 并且生成密钥表，其中参照密钥树存储解密加密数据所需的数据密钥和解密加密数据密钥所需的角色密钥。 此外，层次化的基于角色的访问控制的密钥树构造和密钥分发方法包括执行管理，使得特定角色组可以通过使用密钥树和密钥表两者通过基于其自己的角色密钥执行解密来获得数据密钥 。

公开(公告)号：US20110119744A1

公开(公告)日：2011-05-19

申请号：US12874555

申请日：2010-09-02

Applicant: Sang Rae CHO ,  Jin-Man CHO ,  Young Seob CHO ,  Dae Seon CHOI ,  Jong-Hyouk NOH ,  Soo Hyung KIM ,  Seung-Hyun KIM ,  Kwansoo JUNG ,  DeokJin KIM ,  Seung Hun JIN

Inventor： Sang Rae CHO ,  Jin-Man CHO ,  Young Seob CHO ,  Dae Seon CHOI ,  Jong-Hyouk NOH ,  Soo Hyung KIM ,  Seung-Hyun KIM ,  Kwansoo JUNG ,  DeokJin KIM ,  Seung Hun JIN

IPC: H04L9/32

CPC classification number: H04L9/3234 ,  H04L2209/42

Abstract: A pseudonymous ID (identification) management apparatus includes a token processing unit for validating an authentication token; a pseudonymous ID generation unit for issuing a pseudonymous ID corresponding to the authentication token; a temporary ID generation unit for issuing a temporary ID for use in an offline subscription; and an ID validation unit for validating a pseudonymous ID received from a web service apparatus along with a pseudonymous ID validation request and transmitting pseudonymous ID validation result to the web service apparatus, and validating a temporary ID received from the web service apparatus along with a pseudonymous ID exchange request and transmitting a pseudonymous ID corresponding to the temporary ID to the web service apparatus. The web service apparatus provides a service to which a user desires to subscribe.

Abstract translation: 匿名ID（识别）管理装置包括用于验证认证令牌的令牌处理单元; 用于发出与所述认证令牌相对应的假名称的假名ID生成单元; 临时ID产生单元，用于发出用于离线订阅的临时ID; 以及ID验证单元，用于验证从web服务设备接收到的伪匿名ID以及假名ID验证请求，并向所述web服务设备发送伪匿名ID验证结果，以及验证从所述web服务设备接收的临时ID连同假名 ID交换请求并将与临时ID相对应的假名ID发送到web服务装置。 Web服务设备提供用户希望订阅的服务。

公开(公告)号：US20110202768A1

公开(公告)日：2011-08-18

申请号：US13124900

申请日：2009-12-11

Applicant: Daeseon Choi ,  Deokjin Kim ,  Soohyung Kim ,  Seunghyun Kim ,  Jonghyouk Noh ,  Kwansoo Jung ,  Sangrae Cho ,  Youngseob Cho ,  Jinman Cho ,  Seunghun Jin

Inventor： Daeseon Choi ,  Deokjin Kim ,  Soohyung Kim ,  Seunghyun Kim ,  Jonghyouk Noh ,  Kwansoo Jung ,  Sangrae Cho ,  Youngseob Cho ,  Jinman Cho ,  Seunghun Jin

IPC: H04L9/32 ,  H04L9/08

CPC classification number: G06F21/41 ,  G06F21/6245 ,  G06F21/88

Abstract: An apparatus and a method for managing identity data are disclosed, which can recover lost or deleted ID data stored in a user terminal and prevent a malicious user to plagiarize a user's ID. The apparatus includes a user ID management device (1), a back-up server (2) and a website system (3). The user ID management device (1) installed in a user's terminal allows ID data to be used on a website. The user ID management device (1) includes an ID management unit (10), a data storing unit (12), a back-up requesting unit (14) and a recovery requesting unit (16). A back-up server (2) backs up and stored ID data from the user ID management device (1). The back-up server includes a data storing unit (20), a back-up processing unit (22), a recovery processing unit (24), a suspension receiving unit (26) and a suspension requesting unit (28). A website system (3) includes a user account management unit (30), a suspension processing unit (32) and a recovery processing unit (34).

Abstract translation: 公开了一种用于管理身份数据的装置和方法，其可以恢复存储在用户终端中的丢失或删除的ID数据，并防止恶意用户剽窃用户的ID。 该装置包括用户ID管理装置（1），后备服务器（2）和网站系统（3）。 安装在用户终端中的用户ID管理装置（1）允许在网站上使用ID数据。 用户ID管理装置（1）包括ID管理单元（10），数据存储单元（12），备份请求单元（14）和恢复请求单元（16）。 备份服务器（2）备份并存储来自用户ID管理装置（1）的ID数据。 备用服务器包括数据存储单元（20），备份处理单元（22），恢复处理单元（24），暂停接收单元（26）和暂停请求单元（28）。 网站系统（3）包括用户帐户管理单元（30），暂停处理单元（32）和恢复处理单元（34）。

公开(公告)号：US20110023099A1

公开(公告)日：2011-01-27

申请号：US12934262

申请日：2009-03-31

Applicant: Seunghyun Kim ,  Daeseon Choi ,  Deokjin Kim ,  Soohyung Kim ,  Jonghyouk Noh ,  Kwansoo Jung ,  Sangrae Cho ,  Youngseob Cho ,  Jinman Cho ,  Seunghun Jin

Inventor： Seunghyun Kim ,  Daeseon Choi ,  Deokjin Kim ,  Soohyung Kim ,  Jonghyouk Noh ,  Kwansoo Jung ,  Sangrae Cho ,  Youngseob Cho ,  Jinman Cho ,  Seunghun Jin

IPC: H04L9/32 ,  G06F21/00

CPC classification number: H04L63/20 ,  G06F21/31 ,  G06F21/33 ,  G06F2221/2115 ,  H04L9/321 ,  H04L9/3226 ,  H04L63/08

Abstract: The present invention relates to a user terminal (100) with an identify selector and a method for an identity authentication using the identify selector of the same, in which when a web service makes a request to a web service providing server (300) using a virtual personal identification information issued from an identity authentication server (200), a corresponding user identity is authenticated between the user terminal and the identity authentication server (200) using the identity selector according to the request of the web service providing server (300). The present invention has advantages that it can solve the problem of inputting an ID and password within the range such that the I-PIN or SMAL service protocol is not changed, but the subscribed I-PIN or SAML service providing site cannot be easily copied and a phishing problem by simplifying a log-in process for identity authentication by adding the identity selector.

Abstract translation: 本发明涉及一种具有标识选择器和使用其识别选择器进行身份认证的方法的用户终端（100），其中，当Web服务向web服务提供服务器（300）请求时，使用 从身份认证服务器（200）发出的虚拟个人识别信息，根据web服务提供服务器（300）的请求，使用身份选择器在用户终端和身份认证服务器（200）之间认证相应的用户身份。 本发明的优点在于可以解决在I-PIN或SMAL业务协议不改变的范围内输入ID和密码的问题，但是不能轻易复制订阅的I-PIN或SAML服务提供站点， 通过添加身份选择器简化用于身份认证的登录过程的网络钓鱼问题。