최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0485288 (2017-04-12) |
등록번호 | US-10027707 (2018-07-17) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 548 |
A method and system for providing security against phishing attacks. The method can include receiving a login ID from a client, and providing an encrypted commitment to the client. The method can also include receiving a one-time password (OTP) from the client, and validating the OTP. The method can
A method and system for providing security against phishing attacks. The method can include receiving a login ID from a client, and providing an encrypted commitment to the client. The method can also include receiving a one-time password (OTP) from the client, and validating the OTP. The method can also include sending a commitment key, to be authenticated by the client, receiving a static password from the client and authenticating the client. Embodiments of the invention are directed to a system for providing security against phishing attacks. The system can include one or more servers configured to receive a login ID from a client, and provide an encrypted commitment to the client. The processors can be configured to receive a one-time password (OTP) from the client, validate the OTP, send a commitment key, to be authenticated by the client, receive a static password from the client and authenticate the client.
1. A method for providing security against phishing attacks, the method comprising: providing encrypted commitment information to a client;receiving a dynamic credential from the client, in response to the encrypted commitment information provided;determining when the dynamic credential is valid bas
1. A method for providing security against phishing attacks, the method comprising: providing encrypted commitment information to a client;receiving a dynamic credential from the client, in response to the encrypted commitment information provided;determining when the dynamic credential is valid based on the received dynamic credential;sending a commitment key for the encrypted commitment information to the client, when the determination indicates that the dynamic credential is a valid dynamic credential;receiving a static credential from the client in response to the sent commitment key; andauthenticating the client based on the dynamic credential and the static credential. 2. The method of claim 1, further comprising providing the encrypted commitment information appearing to the client as a random sequence of numbers. 3. The method of claim 1, further comprising: determining a value of the dynamic credential before receiving the dynamic credential. 4. The method of claim 1, establishing a client-server session between the client and a server, upon successfully authenticating the client. 5. The method of claim 1, further comprising: receiving user identification information from the client; andidentifying the client based on the received user identification information. 6. The method of claim 1, wherein the dynamic credential comprises a one-time password (OTP). 7. The method of claim 6, wherein the OTP is derived from a name of a server. 8. The method of claim 1, further comprising: terminating a Secure Socket Layer (SSL) session between the client and a server, when the determination indicates that the dynamic credential is an invalid dynamic credential. 9. The method of claim 1, further comprising embedding a name of a server into an algorithm for generating the dynamic credential. 10. A system for providing security against phishing attacks, comprising one or more client devices or server devices, the system comprising a memory, the memory comprising programmed instructions stored thereon and one or more processors configured to be capable of executing the stored programmed instructions to: provide encrypted commitment information to a client;receive, a dynamic credential from the client, in response to the encrypted commitment information provided;determine when the dynamic credential is valid based on the received dynamic credential;send a commitment key for the encrypted commitment information to the client when the determination indicates that the dynamic credential is a valid dynamic credential;receive, a static credential from the client in response to the sent commitment key; andauthenticate the client based on the dynamic credential and the static credential. 11. The system of claim 10, wherein the one or more processors are further configured to be capable of executing the stored programmed instructions to: provide the encrypted commitment information appearing to the client as a random sequence of numbers. 12. The system of claim 10, wherein the one or more processors are further configured to be capable of executing the stored programmed instructions to: determine a value of the dynamic credential before receiving the dynamic credential. 13. The system of claim 10, wherein the one or more processors are further configured to be capable of executing the stored programmed instructions to: establish a client-server session between the client and a server, upon successfully authenticating the client. 14. The system of claim 10, wherein the one or more processors are further configured to be capable of executing the stored programmed instructions to: receive user identification information from the client; andidentify the client based on the received user identification information. 15. The system of claim 10, wherein the dynamic credential comprises a one-time password (OTP). 16. The system of claim 15, wherein the OTP is derived from a name of a server. 17. The system of claim 10, wherein the one or more processors are further configured to be capable of executing the stored programmed instructions to: terminate a Secure Socket Layer (SSL) session between the client and a server, when the determination indicates that the dynamic credential is an invalid dynamic credential. 18. The system of claim 10, wherein the one or more processors are further configured to be capable of executing the stored programmed instructions to: embed a name of a server into an algorithm for generating the dynamic credential. 19. A non-transitory computer readable storage medium having stored thereon instructions for providing security against phishing attacks, comprising executable code which when executed by one or more processors, cause the one or more processors to: provide encrypted commitment information to a client;receive a dynamic credential from the client, in response to the encrypted commitment information provided;determine when the dynamic credential is valid based on the received dynamic credential;send a commitment key for the encrypted commitment information to the client when the determination indicates that the dynamic credential is a valid dynamic credential;receive a static credential from the client in response to the sent commitment key; andauthenticate the client based on the dynamic credential and the static credential.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.