Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ [ÆóÁö] TTAI.OT-12.0010 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2009-12-22 ÃÑÆäÀÌÁö 54
ÇѱÛÇ¥Áظí HTTP¸¦ À§ÇÑ »óÈ£ ÀÎÁõ ÇÁ·ÎÅäÄÝ
¿µ¹®Ç¥Áظí Mutual Authentication Protocol for HTTP
Çѱ۳»¿ë¿ä¾à º» Ç¥ÁØÀº °£´ÜÇÑ Æнº¿öµå-±â¹ÝÀÇ ÀÎÁõ ¹æ½ÄÀ» »ç¿ëÇÏ¿© HTTP ¼­¹ö¿Í Ŭ¶óÀ̾ðÆ®°£ÀÇ »óÈ£ ÀÎÁõÀ» Á¦°øÇÏ´Â ÇÁ·ÎÅäÄÝ¿¡ ´ëÇÑ ±â¼ú ±Ô°ÝÀ» ¼³¸íÇÑ´Ù. °¢°¢ÀÇ ¿£Æ¼Æ¼´Â »ó´ë¹æÀÇ ½Å¿øÀ» È®ÀÎÇÏ°í ÀÚ½ÅÀÇ ½Å¿øÀ» Áõ¸íÇÒ ¼ö ÀÖÀ¸¸ç, À̸¦ ÅëÇØ HTTP ¿¡¼­ ¹®Á¦°¡ µÇ´Â ÇÇ½Ì ¹× ÆĹְú °°Àº °ø°Ý¿¡ ´ëóÇÒ ¼ö ÀÖ´Ù.
º» Ç¥ÁØÀº IETF draft-owia-http-mutualtuah-04 ¡°Mutual Authentication Protocol for HTTP¡±¸¦ ±Ù°Å·Î ÇÑ ±¹³» Ç¥ÁØÀ¸·Î ÇÁ·ÎÅäÄÝ ¸Þ½ÃÁö ¹®¹ý, ¼­¹ö¿Í Ŭ¶óÀ̾ðÆ®ÀÇ ±¸µ¿ ÀýÂ÷, ÀÎÁõ ¾Ë°í¸®Áò, ¼¼¼Ç °ü¸®, È®Àå ¹æ¹ý, º¸¾È °í·Á»çÇ×À» ±â¼úÇÑ´Ù.
¿µ¹®³»¿ë¿ä¾à This standard describes technical specification for the mutual authentication protocol between HTTP servers and clients using simple password-based authentication. Each entity proves their identity by itself and verifies other¡¯s identity. Through these steps, they protect several attacks such as phishing and pharming which are serious problems in the HTTP environments.
This standard is a domestic standard based on IETF draft-owia-http-mutualtuah-04 ¡°Mutual Authentication Protocol for HTTP¡± and contains the following contents of the original standard such as syntax of protocol messages, decision procedure for the server and client, authentication algorithms, session management, extension method of this protocol, and security considerations.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAI.OT-12.0010.pdf

ÀÌÀü
´ë±Ô¸ð »ç¹°ÀÎÅÍ³Ý È¯°æ¿¡¼­ ±â±â Á¾·ù¿¡ µû¸¥ Á¢±ÙÁ¦¾î ÀýÂ÷
´ÙÀ½
ºí·ÏüÀÎ ±â¹Ý »ç¹°ÀÎÅÍ³Ý µð¹ÙÀ̽º ¹× ÀÚ¿ø °Ë»ö ÇÁ·¹ÀÓ¿öÅ©