Electronics and Telecommunications Trends (전자통신동향분석)

Electronics and Telecommunications Research Institute (한국전자통신연구원)
권호 표지
DOI QR코드

DOI QR Code

FIDO Universal Authentication System Based on Blockchain

블록체인 기반의 FIDO 범용 인증 시스템

  • Published : 2018.02.01
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we describe a FIDO universal authentication system based on a Blockchain that can share the user's FIDO authentication information between the application services of multiple domains without the use of a server. In addition we provide a method to query the FIDO authentication information of the user recorded in the Blockchain using only the user's service ID. Therefore, even if the user executes the FIDO registration process only once, the user can use the FIDO authentication service of another application service without repeating an additional FIDO registration procedure, and the service provider can securely share and utilize the FIDO authentication information of the user without the use of a trusted third party, thereby lowering the deployment and maintenance costs of the FIDO server.

Keywords

Acknowledgement

Grant : 상황인지기반 멀티팩터 인증 및 전자서명을 제공하는 범용인증플랫폼기술 개발, 비대면 본인확인을 위한 바이오 공개키 기반 구조 기술 개발

Supported by : 정보통신기술진흥센터

References

  1. 김태균, "네이버 아이디로 로그인 사용자 월 1천만명 넘어," 연합뉴스, 2017. 6. 2.
  2. 정영훈, "온라인 서비스에서의 소셜 로그인과 소비자 이슈," 소비자정책동향, 제 79호, 한국소비자원, 2017. 4. 30, pp. 1-19.
  3. T.S. Pasricha, "Pros and Cons of Facebook Social Login on eCommerce Website," nopAccelerate, Sept. 19, 2017, Accessed 2017. http://www.nopaccelerate.com/proscons-facebook-social-login-ecommerce-website/
  4. ITWorld 편집부, "FIDO 생체인증 플랫폼 도입 예정 기업 급증," ITWorld, 2016. 10. 27, Accessed 2017. http://www.itworld.co.kr/news/101780
  5. FIDO Alliance, History of FIDO Alliance, 2017, Accessed 2017. https://fidoalliance.org/about/history/
  6. 조상래, 김수형, "FIDO 기술 표준화 동향," TTA 저널, vol. 172, 2017. 10, pp. 65-70.
  7. W3C, Web Authentication: An API for accessing Public Key Credentials Level 1, Dec. 5, 2017, Accessed 2017. https://www.w3.org/TR/webauthn/
  8. 김석현, 조영섭, 조상래, 김수형, "FIDO UAF 1.0 서버 구현," 한국정보처리학회 추계 학술대회, 2015. 4, pp. 620-623.
  9. Wikipedia, Blockchain, 2017, Accessed 2017. https://en.wikipedia.org/wiki/Blockchain
  10. FIDO Alliance, FIDO Metadata Statements, 2017, Accessed 2017. https://fidoalliance.org/specs/fido-uafv1.1-id-20170202/fido-metadata-statement-v1.1-id-20170202.html
  11. 최종원, 이정현, "안드로이드구글 계정앱의 개인정보유출 취약점 분석," 디지털포렌식연구, 제8권 제2호, 2014. 12, pp. 65-81.