Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAK.KO-12.0130 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2010-12-23 ÃÑÆäÀÌÁö 25
ÇѱÛÇ¥Áظí ÀÏȸ¿ë Æнº¿öµå(OTP) ÅäÅ« º¸¾È ¿ä±¸ »çÇ×
¿µ¹®Ç¥Áظí Security Requirements for the OTP Token
Çѱ۳»¿ë¿ä¾à º» Ç¥ÁØ¿¡¼­´Â OTP »ý¼º ¾Ë°í¸®ÁòÀÇ º¸¾È ¿ä±¸ »çÇ×°ú OTP ÅäÅ«ÀÇ º¸¾È ¿ä±¸ »çÇ׿¡ ´ëÇØ Á¤ÀÇÇÏ°í ÀÖ´Ù.
OTP »ý¼º ¾Ë°í¸®ÁòÀÇ º¸¾È ¿ä±¸ »çÇ×Àº OTP Å°¸¦ »ý¼ºÇϱâ À§ÇÑ ¾Ë°í¸®ÁòÀÇ º¸¾È ¿ä±¸ »çÇ×°ú OTP¸¦ »ý¼ºÇÏ´Â ¾Ë°í¸®Áò¿¡ ´ëÇÑ ÃÖ¼ÒÇÑÀÇ º¸¾È ¿ä±¸ »çÇ×À» Á¤ÀÇÇÏ°í ÀÖ´Ù.
OTP ÅäÅ« º¸¾È ¿ä±¸ »çÇ׿¡¼­´Â Çϵå¿þ¾î¿Í ¸ð¹ÙÀÏ OTP ÅäÅ«¿¡ ´ëÇØ °¢°¢ÀÇ º¸¾È ¿ä±¸ »çÇ×À» Á¤ÀÇÇÏ°í ÀÖ´Ù. Çϵå¿þ¾î OTP ÅäÅ«Àº OTP¸¦ »ý¼ºÇÒ ¼ö ÀÖ´Â Àü¿ë Çϵå¿þ¾î¸¦ ³»ÀåÇÏ°í ÀÖ´Â ÅäÅ«À¸·Î ÅäÅ«ÀÇ ÀÏ·Ã ¹øÈ£ÀÇ À¯Àϼº º¸Àå, OTP ºñ¹Ð Å° ¹× ºÎ°¡ Á¤º¸ÀÇ ¿ÜºÎ ³ëÃâ ¹æÁö, OTP ºñ¹Ð Å°ÀÇ À¯Àϼº º¸Àå, ¼±ÅÃÀûÀ¸·Î Á¤´çÇÑ »ç¿ëÀÚÀÓÀ» È®ÀÎ ÇÑ ÈÄ ¸ðµâ ±¸µ¿ ±â´É, ¹°¸®Àû ħÇØ¿¡ ´ëÀÀÇÏ´Â ±â´É µî ±âº»ÀûÀÎ º¸¾È ¿ä±¸ »çÇ×À» Á¤ÀÇÇÏ°í ÀÖ´Ù.
¸ð¹ÙÀÏ OTP ÅäÅ«Àº ÈÞ´ë ÀåÄ¡(ÀÏ¹Ý ÈÞ´ëÆù)¿¡ žÀçµÈ ¼ÒÇÁÆ®¿þ¾î ¹æ½ÄÀÇ ÅäÅ«À¸·Î ÇÑÁ¤ÇÏ¿© °¡»ó ¸Ó½Å(VM:Virtual Machine)°ú ¹ü¿ë °¡ÀÔÀÚ ½Äº° ¸ðµâ(USIM: universal subscriber identity module) ¸ð¹ÙÀÏ OTPÀÇ º¸¾È ¿ä±¸ »çÇ×À» Á¤ÀÇÇÏ°í ÀÖ´Ù. ¸ð¹ÙÀÏ OTP ÅäÅ«Àº ¼ÒÇÁÆ®¿þ¾î ¹æ½ÄÀÇ OTP·Î ±âÁ¸ Çϵå¿þ¾î ±â¹ÝÀÇ OTP¿¡ ºñÇØ ¸ðµâÀÇ ¾ÈÀü¼ºÀ» À§ÇØ Ãß°¡ÀûÀÎ ¿ä±¸ »çÇ×À» Æ÷ÇÔÇÏ°í ÀÖ´Ù.
¿µ¹®³»¿ë¿ä¾à Security requirement for OTP generation algorithm and OTP token is described in detail. Security requirement for OTP generation algorithm define OTP key generation algorithm and minimum guideline of OTP generation algorithm. OTP token security requirements include H/W and mobile OTP token requirements. H/W OTP token that is specific device to generate OTP supports that guarantee uniqueness of token serial number, prevent exposure to OTP key and information, guarantee uniqueness of OTP key, optionally after check valid user then the module operate and against physical violations. Mobile OTP token that is embedded-software type in portable device (ex. Mobile phone) follow security requirements for VM, USIM mobile. Mobile OTP token include additional requirements to support safe module than H/W OTP token.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAK.KO-12.0130.pdf TTAK.KO-12.0130.pdf            

ÀÌÀü
IMT-2000 3GPP - E-UTRAN-X2 ÀÀ¿ë ÇÁ·ÎÅäÄÝ (R9)
´ÙÀ½
IMT-2000 3GPP - E-UTRAN; E-UTRAN¿¡¼­ MBMS¸¦ Áö¿øÇÏ´Â ÀÎÅÍÆäÀ̽º¸¦ À§ÇÑ ÀϹÝÀû Ãø¸é ¹× ¿ø¸® (R9)