Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.IT-X.1451 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2021-12-08 ÃÑÆäÀÌÁö 35
ÇѱÛÇ¥Áظí ÀÎÁõ ÃÖÀûÈ­¸¦ À§ÇÑ À§Çè ½Äº°
¿µ¹®Ç¥Áظí Risk identification to optimize authentication
Çѱ۳»¿ë¿ä¾à ÀÌ Ç¥ÁØÀº ÀÎÁõ ±â´ÉÀÌ È£ÃâµÇ±â Àü¿¡ ICT ¼­ºñ½º ½Ã½ºÅÛÀÇ À§Çè ½Äº° ±â´ÉÀ» Àü 󸮱â·Î ÁöÁ¤ÇÑ´Ù. À̸¦ ÅëÇØ ICT ¼­ºñ½º ½Ã½ºÅÛÀº ½Äº°µÈ À§ÇèÀ» ±â¹ÝÀ¸·Î »ç¿ëÀÚ ÀÎÁõÀ» ÃÖÀûÈ­ÇÒ ¼ö ÀÖ´Ù.
±×¸®°í ´ÙÀ½ »çÇ×À» ´Ù·é´Ù.
- ÇÙ½É ¼­ºñ½º ó¸® ¼­ºê ½Ã½ºÅÛ°ú ÀÎÁõ ¼­ºê ½Ã½ºÅÛ »çÀÌ¿¡ À§Çè ½Äº° ±â´ÉÀÌ µµÀÔµÈ ICT ¼­ºñ½º ½Ã½ºÅÛÀÇ ÂüÁ¶ ¸ðµ¨;
- À§Çè ½Äº° ±â´ÉÀÇ ±¸¼º ¿ä¼Ò ¸ðµâ¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ¼³¸í°ú À§Çè ½Äº° ¹× »ç¿ëÀÚ ÀÎÁõ ÃÖÀûÈ­ ¹æ¹ý;
– À§Çè ½Äº° ¿£ÁøÀ» À§ÇÑ ´ë¾È ó¸® ¼³°è.
¿µ¹®³»¿ë¿ä¾à This Recommendation specifies a risk identification function in an ICT service system as a pre-processor before the authentication function is invoked. It enables the ICT service system to optimize user authentication based on identified risks.
This Recommendation covers the following topics:
a reference model of an ICT service system where a risk identification function is introduced in between the core service-handling subsystem and the authentication subsystem;
a detailed explanation of the component modules of this risk identification function, and how risks are identified and user authentication is optimized;
alternative processing designs for the risk identification engine.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.IT-X.1451.pdf TTAE.IT-X.1451.pdf            

ÀÌÀü
ÀÏȸ¿ë Æнº¿öµå(OTP) Å° ÄÁÅ×À̳Ê
´ÙÀ½
±â¹Ð¼º°ú ¸Þ½ÃÁö ÀÎÁõÀ» Á¦°øÇÏ´Â 128ºñÆ® ºí·Ï ¾ÏÈ£ ¾Ë°í¸®Áò ¿î¿µ ¸ðµå