• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    PURPOSE: An identity authentication system for securing personal information is provided to identify the identity of an user and receive necessary data from a public office server by using personal peculiar data. CONSTITUTION: An identity authentication system for securing personal information includes a terminal(3), a main server(4), a public office server(5), an administration server(6), and a company server(7). The terminal includes a card reader, a vital recognition system, and an input unit to identify an user(1). The main server is used for connecting the terminal to the public office server. The main server includes a comparator and an authentication unit. The public office server is used for storing and sorting the personal data(2). The administration server is used for connecting the company server to the public office server.
    公开号:KR20030068020A
    申请号:KR1020020007805
    申请日:2002-02-09
    公开日:2003-08-19
    发明作者:박승복
    申请人:박승복;
    IPC主号:
    专利说明:

    Identification system for personal information security}
    [9] The present invention relates to an identity authentication method for security of personal information. When it is confirmed that the user or the family is using the specific data of the individual, the personal information is provided from the government server in a private state, so that it can be used quickly and conveniently and safely. One personal information authentication method.
    [10] Recently, the number of institutions (public offices, schools, financial institutions, corporations, etc.) that provide services based on personal information such as personal identity, personal situation, and households is increasing. Even when buying alcohol, tobacco, using credit cards and checks, they present their identity cards and require identification when using the site on the Internet.
    [11] To this end, at the age of 17, you go to the government office that has jurisdiction over your place of residence, create a personal card, take a fingerprint and take a photo, make it a card, distribute it to individuals and use it as a document, and document your income and financial situation. As a result, the data is provided for a small fee when the individual wants it.
    [12] Conventionally, personal information has been used by inputting personal information into public offices by using the above-described method, and directly searching and reading the personal information when necessary, and copying and submitting the information to the public where necessary.
    [13] However, the use of the above copy the personal information as a document and enter it directly into the computer, and anyone who reads when necessary, the case of the loss and misuse has increased rapidly, the leakage of personal information is very serious.
    [14] Even recently, due to the development of information and communication, there are many cases that require identity verification on the Internet, and personal information is input to various sites. However, damages continue as there is no system or equipment for securing personal information.
    [15] Accordingly, the present invention inputs its specific data (biometric system, ID card, Card) with the resident's report when the age of 17 is entered into the local jurisdiction, and communicates with the main server when the user needs identification in real life. After verifying the identity through the terminal and classifying the personal information into 5 grades (1 to 5 grades) according to the usage in the public office server that has jurisdiction over the area, the company server is classified in private state under the approval of the administration. The company server uses the received information to confirm the identity of the company, to sell the company's goods or to use the service, and if the company requires the storage of personal information, the company server-administrative server-government server. When linking personal information with a company's computer under the security of the administration through the network, and trying to read the personal information By the approved requests to the administration, and view the data as long as one can get rid of the hassle receive a certificate, and to protect the personal information for that purpose.
    [16] In addition, the present invention is connected to the computer and the terminal when using the Internet to obtain identity verification while using the terminal to enter the specific data of the individual to communicate with the main server via the Internet to confirm that the identity of the person, the information on the Internet Check the purpose of the information at the filling place, set the required grade (grades A to C) and request it to the main server. The main server checks the grade and requests for information transmission to the public office. The public office sends the data to the site server that has been used in a private state with the approval of the administration, and if the user wants to store the data, the site server and the administration server can be linked so that the necessary information can be viewed later. At this time, for the purpose of reading the data, the administration requests to read the data, and if the purpose of use is clear, a password is given and used. This password is automatically changed to another password after one use. This aims to protect personal information on the Internet.
    [17] The identity authentication system for personal information security to achieve the above purpose is to check the personal information level required according to the usage when the user who uses the real life or the Internet tries to obtain the identity authentication, and uses the terminal to identify the specific data of the individual. After inputting the terminal, the terminal sends specific data to the main server, and the main server retrieves the specific data stored in the public office to determine whether the user or the family, and the user can communicate with the public office server, the administration server, and the company server. To form. If the user or his or her family is confirmed, the user inputs the information use level into the terminal according to the use purpose, and the public office server classifies the requested data by class and sends it to the administration server, and approves and secures the use of personal information in the administration server. Give a password for
    [18] By providing personal information to the company in the private state password is provided by the administration server, the user can prevent the leakage of personal information, the company can verify the identity of the user by the administration of the administration.
    [19] In addition, since the company can not store personal information, and only the link in the network state can be viewed, if you want to read this information, after requesting to read the personal information to the administration server to clarify the use, if the personal information reading is approved, The administration server sends a password to the company, the company uses the received password to view the personal information. At this time, the personal information is read only once, and the password is automatically changed after reading.
    [20] Thus, by maintaining the security of personal information, the user can go directly to the government office to reduce the burden of receiving identification, and to minimize the leakage of personal information.
    [1] 1 is a block diagram showing the overall configuration according to an embodiment of the present invention.
    [2] 2 is a flow chart showing an identification process according to the present invention.
    [3] 3 is a flow chart showing a personal information viewing process according to the present invention.
    [4] Symbols and descriptions of the main parts of the drawings
    [5] 11: Real life and Internet usage check 14: Privacy rating classification
    [6] 15: Life grade 16: Internet grade
    [7] 19: Administration approval 21: Personal information security work
    [8] 24: Formation of Business, Administration, and Government Networks
    [21] Hereinafter, exemplary embodiments of the present invention will be described with reference to the accompanying drawings.
    [22] 1 schematically shows the configuration of a state applied to daily life according to an embodiment of the present invention,
    [23] User (1) to use the identity authentication system for personal information security,
    [24] Specific data (2) of an individual registered at the age of 17 in order to use the identification system;
    [25] A terminal 3 for inputting and using specific data of a user and requesting an information level;
    [26] A main server 4 for comparing and analyzing the specific data inputted from the terminal with the data stored in the public office server 5 and transmitting the confirmed result to the terminal;
    [27] A public office server (5) which inputs all personal information provided by the identification system and specific data (2), classifies and stores the level of information;
    [28] Receiving the personal information transmitted from the government office server, the administration administration approval and security work, and the administrative server server (6) that serves to protect the government server by the security device when the network between the government server and the company server, and
    [29] When personal information is required, the internal server is composed of a company server 7 which can link data from the administration server and view the data.
    [30] The public office server, the administration server, and the company server form a network to exchange information, and secure personal information through security operations in the administration server, and use the personal information by acting as authentication confirmation and subscription approval in real life and on the Internet. 8)
    [31] In the identity authentication system service method for personal information security according to the present invention, a user using real life or the Internet inputs personal specific data to a terminal to receive identity verification (step 9), and inputs a data grade according to a use purpose ( In step 10), the terminal 3 confirms whether it is real life or Internet use, and at the same time, compares with the specific data of the individual stored in the government office server 5 to confirm that it is the person or family (step 12), When a request for data in this unrequested range is requested, it is asked whether it is to be restarted (step 13). When it is restarted, it returns to the step of inputting specific data, and when it is not restarted, it is terminated (step 27).
    [32] When it is confirmed that the person or the family, the main server 4 displays the 'usable' on the terminal, and transmits the data grade (step 10) input to the terminal 3 to the public office.
    [33] The public office server classifies personal information into life grade (step 15) and internet grade (step 16), while life grade (step 15) includes grade 1 (highest grade for providing public office) and grade 2 (including grade 3). It provides seal certification, social welfare, etc., and is certified as the highest grade of business use, grade 3 (certifies financial transactions including grade 2, and grade of Internet use), grade 4 (address including 5 grades, address, contact, residents) It provides information on personal life such as number, occupation, etc.) and 5 levels (provides basic data such as name and gender).
    [34] Internet level (step 16) is classified into A grade (same as life grade 3), B grade (same as life grade 4), and C grade (same as life grade 5). Differentiated data provision through systematic management.
    [35] When the request for approval to the administration server for each grade according to the request (step 17) according to the request, the type and use of the terminal is confirmed (step 18) and approved in the name of the administration (19). In addition, if the manufacture of the terminal is uncertain or unknown use, 'unused for use' is displayed on the terminal and is automatically terminated (step 27).
    [36] When the personal information of the requested level is authenticated by the administration (step 20), the security information (step 21) is performed on the personal information, and the requested personal information is transmitted to the company server 7 in a private state (step 22). give.
    [37] At this time, if the company requests the storage of the data (step 23), the administration server (6) forms a network between the company server (7) and the public office server (step 24), the data is stored in a private state It provides a link (step 25), and a security device is operated between the company server 7 and the public office server 4 to protect personal information in the public office.
    [38] After the company does not require the storage or the personal information is linked to the company server 7 (step 25), the administrator confirms the administrative approval of the personal information (step 26) and ends.
    [39] In addition, in order to view the linked personal information, the field and information desired to be selected are selected (steps 27 and 28), and the purpose of reading is entered (step 20). If the administration judges whether it is public (step 30) and confirms that the purpose of reading is a server of linked company, it transmits a password for information reading (step 32), and the server of linked company is uncertain. If not, it will automatically shut down.
    [40] The company that receives the password (step 33) enters the password (step 34), authenticates via the network (step 35), and if the password is the same (step 36), approves the necessary personal information (step 37). If not, it will be terminated automatically and you must reapply.
    [41] The password was automatically changed (step 39) by the automatic password change system (step 38) in the administration server 6 at the same time as the approval of the reading of the personal information (step 37), and the system was configured to use the password only once.
    [42] The personal information is checked (step 40), used according to the purpose (step 41), and the linked personal information viewing process is completed as it ends.
    [43] In the same way as above, the personal information is used under the approval of the administration, and when the company needs the personal information, the link is stored instead of stored, and security work is performed. It is impossible to verify, so it aims to secure personal information.
    [44] As described in detail above, in the service method of the identity authentication system for personal information security according to the present invention, when identity verification is required in real life or on the Internet,
    [45] It reduces the time, effort and labor costs for users to go to government offices to authenticate their personal information, and can use the service quickly and accurately while maintaining security in the network.
    [46] In addition, if the system is used all over the world, a network between countries can be formed to prevent smuggling or entry and departure of criminals, and to prevent damages such as the sale and loss of personal information.
    权利要求:
    Claims (9)
    [1" claim-type="Currently amended] When you want to get identity verification using real life or the Internet, in forming a communication network by networking a company-public office-administrative server with a main server,
    Terminal to verify identity when user requests his / her information-The above terminal inputs card reader for reading personal information and biometric system for inputting specific data of the user's body and rating and password of personal information And an input device.
    The main server that connects the terminal and the public office server and performs a comparative analysis and notification of whether or not the person is a person.-A comparison unit comparing the specific data of the individual in the public office server with the data input to the terminal and the person or the family. Includes an authorization permitting device to be enabled if verified;
    A public office server for inputting and storing personal specific data, storing personal information, managing data and classifying the level of personal information, including a biometric input device, a data cleaning and storage system, and a data classification system;
    The administration server that connects the company server and the government server, and functions to authenticate and view personal information-Check the grade of personal information received from the above government server and the personal information with the administrator authentication device and the company server to perform proxy authentication When sending, a security device for personal information security, a one-time password generation device that establishes and sends a security gate and a one-time password that connects the government server and the company server, and links the personal information of each company server and the public office. Includes a server;
    A company server receiving data from the server, including a reading request program and a personal information management program used to request a reading;
    Identification system comprising a.
    [2" claim-type="Currently amended] The identification system of claim 1, wherein the personal specific data includes a biometric system, a card, an identification card, and a password.
    [3" claim-type="Currently amended] The system of claim 2, wherein the terminal including the biometric system includes a face recognition, a voice recognition, a fingerprint recognition, a vein recognition, and an iris recognition.
    [4" claim-type="Currently amended] According to claim 1, the data classification of the government server is classified into the life grade (step 15) and the Internet grade (step 16), and the life grade (step 15), the first grade (the highest grade for providing public office), Level 2 (Certificate of Seal including 3rd grade, Social Welfare, etc., Certificate of Herbal Medicine, Best Grade for Business Use), Level 3 (Certifying Financial Transactions, including Grade 2, Top Grade of Internet Use), Grade 4 (Level 5) Provide personal life information such as address, contact information, social security number, occupation, etc.), 5th grade (provides basic data such as name and gender), and Internet grade (level 16). An identity verification system that includes a Level B (Same as Level 4) and Level C (Same as Level 5).
    [5" claim-type="Currently amended] In a method in which a company server-administrative server-government server forms a network and authenticates an identity to a user in a private state by class,
    Allowing the user-main server-government server to network to form a communication network,
    When a communication network is formed, the specific data of the individual is input to the terminal, and the main server compares the specific data of the individual stored in the government server with the data input through the terminal through a comparison unit;
    If the main server is confirmed that you or your family is available to the terminal and sending a step,
    Checking the availability through the terminal, inputting a grade of the necessary data through the input device of the terminal;
    Sending the grade entered through the terminal to the government server, the government server sends the corresponding personal information to the administration server, and
    The administration server checks the use of the information and secures the personal information for each grade from the government office from the security device and authenticates with the administration authentication device.
    After the authentication is completed, send the secured personal information to the company server, and using this step,
    Networking the enterprise server, the administration server, and the government server at the gate in the administration server when the enterprise needs storage;
    When the network is formed, the private information stored in the government server by the security device of the administration server linking to the company server in a private state,
    When the company wants to read the personal information linked to the server, requesting to read the storage to the administration server using the read request program,
    If the purpose of reading is confirmed by the administration and sends a one-time password to the company server,
    When receiving a one-time password, the company uses a personal information management program to view personal information, and
    And at the same time the one-time password generation device in the administration server is activated to change the password automatically,
    Personal information authentication method characterized in that the user checks the identity centered on the main server and the company server-administrative server-public office server to form a network to provide information more accurately and quickly.
    [6" claim-type="Currently amended] 6. An identity verification system according to claim 5 wherein the identity verification system comprises real life and Internet use.
    [7" claim-type="Currently amended] The identification authentication system according to claim 5, wherein the reading request program used by the company includes a form of requesting the administration server and viewing data by selecting only a necessary part of the purpose of checking the personal information of the company and the personal information for each grade.
    [8" claim-type="Currently amended] The identity authentication system of claim 5, wherein the user enters specific data by directly visiting a public office having jurisdiction over his or her residence when he is 17 years old to use the system.
    [9" claim-type="Currently amended] The identity authentication system of claim 8, wherein a user can directly communicate with a government server using the Internet to input personal specific data using a personal terminal.
    类似技术:
    公开号 | 公开日 | 专利标题
    US10223695B2|2019-03-05|Centralized identity authentication for electronic communication networks
    US20200145399A1|2020-05-07|System and Method for Identity Management
    US10469503B1|2019-11-05|Systems, methods, and software applications for providing an identity and age-appropriate verification registry
    US9461990B2|2016-10-04|Method for reading attributes from an ID token
    US9864992B1|2018-01-09|System and method for enrolling in a biometric system
    DK2564345T3|2015-12-07|Device, system and method for registering and authenticating handwritten signatures and archiving of handwritten information
    US8793777B2|2014-07-29|Verification and authentication systems and methods
    AU2008203506B2|2010-07-22|Trusted authentication digital signature | system
    US7519558B2|2009-04-14|Biometrically enabled private secure information repository
    US8171556B2|2012-05-01|Personal information protection method, personal information protection system, processing device, portable transmitter/receiver, and program
    AU2003212617B2|2006-07-20|A biometric authentication system and method
    US6040783A|2000-03-21|System and method for remote, wireless positive identity verification
    US6341169B1|2002-01-22|System and method for evaluating a document and creating a record of the evaluation process and an associated transaction
    EP2053777B1|2016-01-13|A certification method, system, and device
    CA2487055C|2010-07-06|Use of public switched telephone network for authentication and authorization in on-line transactions
    WO2016128569A1|2016-08-18|Digital identity system
    US7909245B1|2011-03-22|Network based method of providing access to information
    US7681228B2|2010-03-16|Method of one time authentication response to a session-specific challenge indicating a random subset of password or PIN character positions
    US7853535B2|2010-12-14|System for secure internet access for children
    US5790674A|1998-08-04|System and method of providing system integrity and positive audit capabilities to a positive identification system
    US8230490B2|2012-07-24|System and method for authentication of users in a secure computer system
    US8224753B2|2012-07-17|System and method for identity verification and management
    EP1721256B1|2010-03-31|Use of public switched telephone network for capturing electronic signatures in on-line transactions
    US20140289842A1|2014-09-25|System and method for user enrollment in a secure biometric verification system
    CN100511088C|2009-07-08|Identity confirmer and identity confirming method
    同族专利:
    公开号 | 公开日
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    法律状态:
    2002-02-09|Application filed by 박승복
    2002-02-09|Priority to KR1020020007805A
    2003-08-19|Publication of KR20030068020A
    优先权:
    申请号 | 申请日 | 专利标题
    KR1020020007805A|KR20030068020A|2002-02-09|2002-02-09|Identification system for personal information security|
    [返回顶部]