Abstract: An authentication method including: transmitting, by a first terminal, a security cookie to a server and making an authentication request; transmitting, by the server, session information and the security cookie to a second terminal in response to the authentication request; verifying, by the second terminal, whether the security cookie has been encoded by a session key pre-stored in the second terminal; and performing, by the second terminal and the server, mutual authentication in the case in which the security cookie is encoded by the session key pre-stored in the second terminal is disclosed.

Abstract: There are provided a method and device for providing a security assistant service. In an embodiment of the invention, there is provided a device for providing a security assistant service in which a first terminal and a second terminal are included.

Abstract: Provided are management and use of an authentication medium, and specifically, to an apparatus and method for registering and using an IC card as an authentication medium in a user terminal. An apparatus for using the IC card as the authentication medium includes an ID extracting module configured to extract identification information from the IC card that performs near field communication with a user terminal; an ID checking module configured to determine whether the extracted identification information matches identification information of the IC card that is previously registered as an authentication medium; and a security service module configured to provide a security service interface for a security service provided by the determined IC card.

Abstract: Disclosed are an apparatus and a method for verifying a web site by using a mobile terminal. A method, performed in a server verifying a web site, comprises receiving a message requesting verification on truth or falsehood of a web site which an access terminal accesses from the access terminal; processing the web site based on an Uniform Resource Location (URL) of the web site according to the message; generating verification information for verifying truth of falsehood of the web site based on the URL of the web site, and transmitting the verification information to a mobile terminal; and receiving verification result information on the web site which is generated in the mobile terminal based on an image of the web site and the verification information, and transmitting the verification result information to the access terminal.

Abstract: Disclosed herein are a system and a method for inspecting harmful information of a mobile device capable of temporarily stopping an automatic access to a web site using access information for accessing a web site when the access information is obtained from various paths through a mobile device, requesting an inspecting server to inspect whether or not the corresponding web site includes harmful information, and receiving and displaying an inspection result in response to the request.

Abstract: Disclosed are a system and a method for providing personal information using a cloud ID card. A system for providing personal information in accordance with the present invention includes: a cloud ID server configured to store user's personal information and cloud ID information for using the user's personal information; a cloud ID card configured to store the cloud ID information provided from the cloud ID server; and a service terminal configured to obtain the cloud ID information from the cloud ID card and to be provided with the user's personal information from the cloud ID server by use of the obtained cloud ID information. When the cloud ID information is provided from the service terminal, the cloud ID server confirms consent to use of the personal information from a user terminal corresponding to the provided cloud ID information and provides the confirmed personal information to the service terminal.

Abstract: Disclosed is a service equipment control method for easily controlling a plurality of pieces of service equipment with one application. The service equipment control method includes requesting control interface information, used for controlling control target service equipment, from the control target service equipment, receiving the control interface information from the control target service equipment in response to the request, and outputting the received control interface information to a user. Accordingly, it is not necessary to install a home gateway, and a plurality of pieces of control target service equipment can be controlled using one application without needing to install an application for individual service equipment for controlling the service equipment.

Abstract: A method and system for transmitting and receiving user's personal information using an agent are provided. An information management server managing user's personal information provides an agent including user's personal information in response to a user's personal information request message from a client. A client receives the agent and requests user's personal information from the agent. Then, the agent determines whether the client is authorized and provides the user's personal information to the client when it is determined that the client is authorized. Accordingly, the user's personal information is safely managed and transmitted.

Abstract: The prevent invention relates to a portable mobile apparatus for a user for providing a supplementary service and a method for providing a supplementary service by using the same, and more particularly, to an apparatus and a method for providing supplementary enhanced services by using an application run in a portable mobile terminal when the portable mobile terminal such as a cellular phone or a smart phone is used for a service through short-range RF communication. The present invention can provide a variety of supplementary services to the user by using an operation function included in the application in the mobile terminal when performing the services through the short-range RF communication. Specifically, it is possible to automate the supplementary function or provide convenience to the user and interact with the user.

Abstract: A phishing preventing system includes: a user computer outputting, at the time of accessing a predetermined website, a request signal for verifying whether the website is authenticated; a web server generating link information on the website at the time of inputting user information on the user computer and the request signal at the time of accessing the website and outputting the link information to the user computer; and a user terminal verifying whether the website is authenticated by comparing the link information with set normal authentication information by receiving the user information corresponding to the link information from the web server at the time of inputting terminal link information corresponding to the link information from the user computer.

Abstract: There are disclosed a receipt issuing apparatus, a user terminal, a receipt issue system, and a method using smart receipts. The receipt issuing apparatus can include an issue unit configured to receive settlement information, configure a smart receipt based on the settlement information, and issue the configured smart receipt and a receipt transmission unit configured to send the issued smart receipt to a user terminal using short range wireless communication, wherein the smart receipt comprises at least one of information on a place of business, the settlement information, information on a transaction article, discount information, and an image of user signing.

Abstract: Provided are an apparatus and method for managing identity information. The apparatus includes a contract detail manager managing details of an identity information sharing contract made between a user and an identity provider (IdP) wanting to provide identity information about the user, and details of an identity information sharing contract made between the user and an identity consumer (IdC) wanting to be provided with the identity information about the user, an IdP selector selecting an IdP capable of providing the identity information about the user based on the details of the sharing contract when a request for the identity information about the user is input from the IdC, and an information provider obtaining information according to the identity information request from the selected IdP, and providing the obtained information to the IdC. The apparatus and method can solve a problem that all of a user's identity information is provided to an IdC according to the user's comprehensive agreement.

Abstract: Provided are a system and method for updating a user identifier (ID). The user ID updating method includes: (a) collecting unauthorized access attempt information for a user ID; (b) creating a user ID update policy for an encoded user ID obtained by encoding the user ID, according to the unauthorized access attempt information collected in operation (a); (c) storing the user ID update policy created in operation (b); (d) loading the user ID update policy stored in operation (c) and determining whether or not to update the user ID; and (e) creating a new user ID if it is determined in operation (d) that the user ID should be updated, and changing the user ID to the new user ID. Therefore, it is possible to ensure security for user IDs, by dynamically creating and updating user IDs according to security environments.

Abstract: Provided are a mobile terminal for sharing resources, a method of sharing resources within a mobile terminal and a method of sharing resources between a web server and a terminal.

Abstract: A key tree construction and key distribution method for hierarchical role-based access control, includes: constructing a key tree including relationships between a hierarchical structure of role groups and data; performing encryption and decryption of data keys and role keys; and generating a key table, in which the data keys required to decrypt encrypted data and the role keys required to decrypt encrypted data keys are stored, with reference to the key tree. Further, the key tree construction and key distribution method for hierarchical role-based access control includes performing management such that a specific role group can obtain a data key by performing decryption based on its own role key by using both the key tree and the key table.

Abstract: A mobile terminal provides a personal information sharing service using a signed URL message. The terminal includes; a personal information sharing service module which receives a message that includes a first callback URL and a personal information sharing request and is signed using a private key of a server, and creates a second callback URL by adding a user response result in response to the personal information sharing request to the first callback URL; and an authentication module which verifies a signature of the message using a public key of the server, and signs the second callback URL using a user private key.

Abstract: A user authentication system using a personal identification number, includes a user terminal device for requesting issuance of a personal identification number from an authentication server, storing and displaying a personal identification number, and registering reference information used to permit verification of validity of the personal identification number on the authentication server. Further, the user authentication system includes an inquiry device for requesting verification of validity of the personal identification number from the authentication server, and receiving and displaying results of the verification.

Abstract: A method of providing customized service with privacy security includes: requesting service information provided from a smart environment to a smart environment control system; once the service information is transmitted from the smart environment control system, generating schedule information by using the service information, user personal information, and schedule generation information; and transmitting a service command to the smart environment control system according to the schedule information.

Abstract: A smart wallet service module includes: a management unit for installing, activating, and terminating a smart wallet service or receiving and managing a user's setting; a security unit for providing an authentication service through an authenticated certificate or electronic signature; a storage unit for storing data in a database of a mobile device and managing the stored data; and a functional unit connected to a storage medium inside the mobile device and providing a service related to electronic commerce or credit card issuing.

Abstract: An apparatus for inputting a user password, includes an interface receiving a command. Further, the apparatus for inputting the user password includes a control unit setting a target based on the command from the interface, receiving and storing a password character, and determining that authentication is successes only when the set target and the password character are positioned at a same coordinate on a skin image. Furthermore, the apparatus for inputting the user password includes a display unit connected to the interface to display the skin image of the interface that is transmitted from the control unit.