Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.OT-12.0020 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2019-12-11 ÃÑÆäÀÌÁö 181
ÇѱÛÇ¥Áظí À¥ ÀÎÁõ: °ø°³Å° Å©¸®µ§¼È Á¢±ÙÀ» À§ÇÑ API
¿µ¹®Ç¥Áظí Web Authentication: An API for accessing Public Key Credentials Level 1
Çѱ۳»¿ë¿ä¾à º» Ç¥ÁØÀº »ç¿ëÀÚ ¿¡ÀÌÀüÆ® ÀÎÁõÀÚ ½Å·Ú ´ç»çÀÚ °£ÀÇ ÀÎÁõ ÀýÂ÷¸¦ ¼öÇàÇÏ´Â À¥ ÀÎÁõ , API WebAuthn¿Í ÀÎÁõ¸ðµ¨À» »ó¼¼ÇÏ°Ô Á¤ÀÇÇÑ´Ù º» Ç¥ÁØÀ» ÁØ¿ëÇϸé ÁÖ¾îÁø ½Å·Ú ´ç»çÀÚ¿¡°Ô ¹üÀ§°¡ ÁöÁ¤µÈ Çϳª ÀÌ»óÀÇ °ø°³ Å° ÀÚ°Ý Áõ¸íÀÌ »ý¼ºµÇ¾î À¥ ¿¡ÀÌÀüÆ®¿Í ÇÔ²² »ç¿ëÀÚ ¿¡ÀÌÀüÆ®ÀÇ ÀÎÁõÀÚ¿¡ ÀúÀåµÈ´Ù »ç¿ëÀÚ ¿¡ÀÌÀüÆ®´Â °ø°³ Å° ÀÚ°Ý Áõ¸í¿¡ ´ëÇÑ ¾×¼¼½º¸¦ ÁßÀçÇÏ¿© »ç¿ëÀÚÀÇ °³ÀÎÁ¤º¸¸¦ º¸È£ÇÑ´Ù ÀÎÁõÀÚ´Â ÀÎÁõÀ» ÅëÇØ ½Å·Ú ´ç»çÀÚ¿¡°Ô ÀÚü ¼Ó¼º¿¡ ´ëÇÑ ¾Ïȣȭ Áõ¸íÀ» Á¦°øÇÑ´Ù º» Ç¥ÁØÀº ¼­¸í ¹× ÀÎÁõ ±â´ÉÀ» Æ÷ÇÔÇÏ¿© WebAuthn ÀÎÁõ ¸ðµ¨ÀÇ ±â´É ¸Þ½ÃÁö Æ÷¸Ë È®Àå µîÀ» ¼³¸íÇÑ´Ù ¸¶Áö¸·À¸·Î º¸¾È°ú ÇÁ¶óÀ̹ö½Ã °í·Á»çÇ×À» ¼³¸íÇÑ´Ù.
¿µ¹®³»¿ë¿ä¾à The standard defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. Conceptually, one or more public key credentials, each scoped to a given Relying Party, are created and stored on an authenticator by the user agent inconjunction with the web application. The user agent mediates access to public key credentials in order to preserve user privacy. Authenticators are responsible for ensuring that no operation is performed without user consent. Authenticators provide cryptographic proof of their properties to relying parties via attestation. The standard also describes the functional model for WebAuthn conformant authenticators, including their signature and attestation functionality.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.OT-12.0020.pdf TTAE.OT-12.0020.pdf            

ÀÌÀü
°ËÁõ¿ë µ¥ÀÌÅͼ¼Æ®ÀÇ ¹ë·±½º ±â¹Ý ÀΰøÁö´É ¼ÒÇÁÆ®¿þ¾î ½Å·Ú¼º Æò°¡ ¹æ¹ý - Á¦1ºÎ: ¹æ¹ý·Ð ¹× ü°è
´ÙÀ½
¼±¼ö¹æÀ§Á¦¾î½Ã½ºÅÛ(HCS)ÀÇ ±â´É½ÃÇèÀåºñ ÀÎÅÍÆäÀ̽º ¿ä±¸»çÇ×