CLOUD SERVICE SYSTEM BASED ON ENHANCED SECURITY FUNCTION AND METHOD FOR SUPPORTING THE SAME

US 20130333005A1
Filed: 09/05/2012
Published: 12/12/2013
Est. Priority Date: 06/07/2012
Status: Active Grant

First Claim

Patent Images

1. A cloud service system based on an enhanced security function, the system comprising:

a terminal including a trusted platform therein and configured to perform security authentication based on encrypted information provided by the trusted platform, to perform normal authentication based on preregistered ID and password information, and to use a cloud service according to the security authentication and the normal authentication; and

a cloud service apparatus configured to provide the cloud service to the terminal after completing the security authentication and the normal authentication with the terminal that includes the trusted platform therein.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to cloud service supporting technology. Particularly, a cloud service system based on an enhanced security function includes a terminal that includes a trusted platform therein and is configured to perform security authentication based on encrypted information provided by the trusted platform, to perform normal authentication based on preregistered ID and password information, and to use a cloud service according to the security authentication and the normal authentication, and a cloud service apparatus that is configured to provide the cloud service to the terminal after completing the security authentication and the normal authentication with the terminal that includes the trusted platform therein. The service apparatus, the terminal, and a method for supporting them are also disclosed.

103 Citations

View as Search Results

15 Claims

1. A cloud service system based on an enhanced security function, the system comprising:
- a terminal including a trusted platform therein and configured to perform security authentication based on encrypted information provided by the trusted platform, to perform normal authentication based on preregistered ID and password information, and to use a cloud service according to the security authentication and the normal authentication; and
  
  a cloud service apparatus configured to provide the cloud service to the terminal after completing the security authentication and the normal authentication with the terminal that includes the trusted platform therein.

2. A cloud service apparatus based on an enhanced security function, the apparatus comprising:
- an apparatus communication unit configured to establish a communication channel for access from a terminal including a trusted platform therein;
  
  an apparatus control unit configured to perform at least one of security authentication and normal authentication, the security authentication being based on encrypted information provided by the trusted platform, the normal authentication being based on preregistered ID and password information, and to support a cloud service according to the security authentication and the normal authentication; and
  
  an apparatus storage unit configured to store database for supporting the cloud service.
- View Dependent Claims (3, 4, 5)
- - 3. The cloud service apparatus of claim 2, wherein the apparatus storage unit is further configured to store:
    - a security database configured to realize a security area that is accessible according to the security authentication;
      
      a normal database configured to realize a normal area that is accessible according to the normal authentication; and
      
      authentication information used for authenticating the terminal that requests the access.
  - 4. The cloud service apparatus of claim 3, wherein the apparatus control unit is further configured to:
    - allocate authority to access the normal area to the terminal that performs the normal authentication;
      
      allocate authority to access the security area or authority to access both the security area and the normal area to the terminal that performs the security authentication;
      
      orallocate authority to access the security area or authority to access both the security area and the normal area to the terminal that performs both the normal authentication and the security authentication.
  - 5. The cloud service apparatus of claim 3, wherein the apparatus control unit is further configured to allocate authority to access the normal area to a terminal that does not include the trusted platform therein and performs the normal authentication.

6. A terminal for supporting a cloud service based on an enhanced security function, the terminal comprising:
- a communication unit configured to establish a communication channel for access a cloud service apparatus; and
  
  a control unit including a security region for providing encrypted information based on a trusted platform and a non-security region for supporting a user function based on the security function by communicating with the security region, and configured to control at least one of normal authentication and security authentication when accessing the cloud service apparatus, the normal authentication being based on preregistered ID and password information, the security authentication being based on the encrypted information, and to support a cloud service provided by the cloud service apparatus.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The terminal of claim 6, further comprising:
    - an input unit configured to receive a predetermined security number required for entering into the security region from the non-security region in order to use the encrypted information,wherein the security region is configured to create the encrypted information by encrypting a public key allocated to the trusted platform in response to a request for using the encrypted information after authentication of the secure number, and to transmit the encrypted information to the non-security region.
  - 8. The terminal of claim 6, further comprising:
    - a display unit configured to display a cloud service screen provided when at least one of the normal authentication and the security authentication is performed,wherein the display unit is further configured to display at least one of;
      
      a normal area access screen provided by the cloud service apparatus when the normal authentication is performed;
      
      a security area access screen provided by the cloud service apparatus when the security authentication is performed; and
      
      a unified area access screen, for both security area access and normal area access, provided by the cloud service apparatus when the security authentication is performed.
  - 9. The terminal of claim 8, wherein the control unit is further configured to, in response to a specific input signal, transfer data displayed in the security area to the normal area, or to transfer data displayed in the normal area to the security area.
  - 10. The terminal of claim 8, wherein the normal area access screen contains a security key map displayed at a part of the screen in order to request the security authentication after the normal authentication is completed.

11. A method for supporting a cloud service based on an enhanced security function, the method comprising steps of:
- at a terminal, requesting access to a cloud service apparatus;
  
  performing normal authentication on the basis of basic authentication information including ID and password preregistered for the access to the cloud service apparatus by the terminal;
  
  after the normal authentication is performed, performing security authentication on the basis of encrypted information based on a trusted platform of the terminal; and
  
  depending on the result of performing the normal authentication and the security authentication, operating a cloud service provided by the cloud service apparatus.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, further comprising step of:
    - performing an input of a security number predetermined for performing the security authentication.
  - 13. The method of claim 11, wherein the step of operating includes at least one of steps of:
    - at the cloud service apparatus, allocating normal area accessible authority based on a normal database to the terminal that performs the normal authentication;
      
      at the cloud service apparatus, allocating security area accessible authority based on a security database to the terminal that performs the security authentication; and
      
      at the cloud service apparatus, allocating both the normal area accessible authority based on the normal database and the security area accessible authority based on the security database to the terminal that performs both the normal authentication and the security authentication.
  - 14. The method of claim 13, further comprising at least one of steps of:
    - at the terminal, displaying a normal area access screen provided by the cloud service apparatus when the normal authentication is performed;
      
      displaying a security key map for requesting the security authentication at a part of the normal area access screen; and
      
      at the terminal, displaying at least one of the normal area access screen and a security area access screen provided by the cloud service apparatus when the security authentication is performed.

15. A computer-readable medium having thereon a program executing steps of:
- requesting access to a cloud service apparatus;
  
  performing normal authentication on the basis of basic authentication information including ID and password preregistered for the access to the cloud service apparatus by the terminal;
  
  after the normal authentication is performed, performing security authentication on the basis of encrypted information based on a trusted platform of the terminal; and
  
  depending on the result of performing the normal authentication and the security authentication, operating a cloud service provided by the cloud service apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SK Planet Co., Ltd. (SK Telecom Co., Ltd.)
Original Assignee
SK Planet Co., Ltd. (SK Telecom Co., Ltd.)
Inventors
Kim, Do Wan, Kim, Hyun Wook, Shin, Jung Keum

Granted Patent

US 9,055,060 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

CLOUD SERVICE SYSTEM BASED ON ENHANCED SECURITY FUNCTION AND METHOD FOR SUPPORTING THE SAME

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

103 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

CLOUD SERVICE SYSTEM BASED ON ENHANCED SECURITY FUNCTION AND METHOD FOR SUPPORTING THE SAME

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links