KR20180124654A - Method for door security and an electronic device thereof - Google Patents

Abstract

The present disclosure relates to a security electronic device for security of a door, and a security electronic device according to an embodiment of the present invention includes a communication unit, an input unit, a lock operation for restricting opening of a door, And a processor, wherein the processor synchronizes time with the user terminal via the communication unit, receives the shared key shared with the user terminal, and based on the received shared key and the synchronized time, And can control the lock to perform a lock operation or an unlock operation of the door according to whether the input password obtained through the input unit and the generated password match.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to a door security system,

The present disclosure relates to a security electronic device and a security management method for enhancing security of a door by generating a time variant password based on a time synchronized with a user terminal and a shared key shared with a user terminal.

A security electronic device for security of a door is a security device that replaces an existing key and a lock system. Since a user sets a password in advance and inputs a preset password in order to release the security, Solved the problem that could be caused by inconvenience or losing the key.

However, existing security electronic devices have a problem that the security function is disabled unless the user manually changes the password even when the password is leaked. In addition, when the user frequently changes the password in consideration of this, the burden of storing the changed password is erased to the user.

SUMMARY OF THE INVENTION The present disclosure has been made in view of the above problems, and it is an object of the present disclosure to provide a method and apparatus for securing a password that is time-varying and synchronized with a user terminal, using a time synchronized with the user terminal and a shared key shared with the user terminal Electronic devices and security management methods.

The present disclosure can provide a security electronic device for security of a door according to an embodiment. According to one embodiment, a security electronic device includes a communication unit, an input unit, a lock unit configured to perform a lock operation or an unlock operation to limit opening of a door, and a processor, Synchronizes with the user terminal, receives a shared key shared with the user terminal, generates a password that is updated every preset period and synchronized with the user terminal based on the received shared key and the synchronized time, The lock can be controlled so as to perform the lock operation or the unlock operation of the door according to whether or not the created password is matched.

In addition, the processor according to an exemplary embodiment may control the communication unit to deactivate the communication function with the external device of the communication unit as the time synchronizes with the user terminal and receives the shared key from the user terminal.

In addition, the processor according to an exemplary embodiment may control the communication unit to activate the communication function deactivated upon receiving the input for initializing the security electronic device, and may control the storage unit to delete the stored shared key.

Also, the input unit according to an exemplary embodiment may acquire one security code among the password generated at the user terminal, the input image corresponding to the password displayed at the user terminal, and the identification code corresponding to the password . In addition, the processor according to one embodiment may obtain an input password from the obtained security code.

The present disclosure can provide a security management method of a door performed by a security electronic device, according to an embodiment. A security management method according to an exemplary embodiment includes receiving a shared key shared with a user terminal from a user terminal, synchronizing time with the user terminal, updating each predetermined period based on the synchronized time and the shared key, Generating a password synchronized with the terminal, acquiring the input password of the user, releasing the lock that limits opening of the door according to whether the input password and the generated password match.

A user terminal according to an embodiment of the present disclosure includes a communication unit, an input unit, a display unit, and a processor. The user terminal synchronizes time with a security electronic device through a communication unit, And generates a password that is updated every preset period and synchronized with the security electronic device based on the received shared key and the synchronized time as it receives a user input requesting a password through the input unit, The display unit can be controlled to display the security code corresponding to the password.

The present disclosure can provide a method for security management of a door performed by a user terminal, according to an embodiment. A security management method according to an embodiment includes transmitting a shared key shared with a security electronic device to a security electronic device, synchronizing time with a security electronic device, Generating a password that is updated every predetermined period and is synchronized with the security electronic device, and displaying a security code corresponding to the generated password.

In addition, the step of displaying the code for security may include the steps of generating an identification code corresponding to the generated password, and displaying the generated identification code.

The present disclosure can provide a security management system for a door including a server, a user terminal, and a security electronic device according to an embodiment. The server receives the identification information of the security electronic device from the user terminal, and transmits a shared key shared between the user terminal and the security electronic device to the user terminal based on the received identification information. The user terminal transmits the shared key received from the server to the security electronic device, performs time synchronization with the security electronic device, generates a password updated every predetermined period based on the shared key and the synchronized time And the security electronic device can generate a password that is updated every preset period and synchronized with the password generated at the user terminal based on the shared key and the synchronized time received from the user terminal.

The present disclosure can provide a computer-readable recording medium having recorded thereon one or more programs including instructions for causing a security electronic device to execute a security management method of a door, according to an embodiment. According to another aspect of the present invention, there is provided a security management method including: receiving a shared key shared with a user terminal from a user terminal; synchronizing time with the user terminal; The method may include generating a password that is updated and synchronized with the user terminal, acquiring the user's input password, and releasing the lock that limits the opening of the door, depending on whether the input password and the generated password match have.

Since the password is changed every predetermined period based on the time information based on the synchronization timing with the user terminal, the security function can be maintained even if the password is temporarily leaked.

In addition, since a password is generated based on the synchronized time and the shared key between the user terminal and the security electronic device, the user can input the password generated in the user terminal into the security electronic device to release the security, The burden of memorizing the changed password can be solved.

1 is a block diagram of a security electronic device according to an embodiment.
FIG. 2 is a flowchart illustrating a security management method performed by a security electronic device according to an embodiment.
3 is a block diagram of a user terminal in accordance with one embodiment.
FIG. 4 is a flowchart illustrating a security management method performed by the security management system according to an embodiment.
FIG. 5 is a flowchart illustrating a security management method performed by the security management system according to an embodiment.
FIG. 6 is a diagram for explaining an application example of the security management system according to an embodiment.
7A to 7D are diagrams for explaining various embodiments in which a user inputs a security code to a security electronic device.

Before describing the embodiments of the present disclosure in detail, terms used herein will be described.

As used herein, a " door " may include any structure that is capable of blocking a passage leading from the exterior to the interior of the body including the door when closed, and configured to form a passage from the outside to the inside when opened . For example, " door " may include, but is not limited to, a building doorway, a storage door, and the like.

Herein, the term " password " may be a character string used for judging whether or not to unlock the door, for example, a number, a letter or a combination of letters and numbers, No.

Hereinafter, various embodiments of the present invention will be described in detail with reference to Figs. In the following description, only parts necessary for understanding the operation according to the present invention will be described, and descriptions of other parts may be omitted so as not to disturb the gist of the present invention.

In addition, terms and words used in the following description and claims should not be construed to be limited to ordinary or dictionary meanings, but are to be construed in a manner consistent with the technical idea of the present invention As well as the concept.

1 is a block diagram of a security electronic device 100 according to an embodiment.

The security electronic device 100 according to an exemplary embodiment may include a communication unit 110, an input unit 120, a lock unit 130, a display unit 140, a control unit 150, and a storage unit 160 have.

The input 120 according to one embodiment may be configured to receive a user's input.

For example, the input unit 120 may include a key pad, an image sensor, a touch panel, a (digital) pen sensor, a key, or an ultrasonic sensor. But is not limited to, an input device. The touch panel may use at least one of electrostatic, pressure sensitive, infrared, and ultrasonic methods, for example. Further, the touch panel may further include a control circuit. The touch panel may further include a tactile layer to provide a tactile response to the user.

The input unit 120 according to an exemplary embodiment may receive a security code. For example, the security code may be one of a password generated at the user terminal, an input image corresponding to the password displayed at the user terminal, and an identification code corresponding to the password, but is not limited thereto.

The input unit 120 according to one embodiment may include a keypad or a touch panel. For example, the input unit 120 may receive a user's password input via a keypad or a touch panel.

The input unit 120 according to an exemplary embodiment may include a camera unit. For example, the input unit 120 may acquire an input image corresponding to a password displayed on the user terminal through the camera unit. For example, the input image may include an image representing a password. The security electronic device 100 can obtain data indicating a password from the input image without having to establish a communication link with the user terminal.

The input unit 120 according to one embodiment may include an identification code recognition unit. For example, the identification code recognizer may include, but is not limited to, a dedicated scanner, a camera, or an RFID receiver. For example, the input unit 120 may obtain an identification code corresponding to the password displayed on the user terminal through the identification code recognition unit. For example, the identification code may be, but is not limited to, a one-dimensional code, a two-dimensional QR code, a two-dimensional matrix code, a three-dimensional code, a color code, or other image code.

The communication unit 110 according to one embodiment may be configured to communicate with an external device.

For example, the communication unit 110 may include a cellular module, a WiFi module, a Bluetooth module, an NFC module, and a radio frequency (RF) module.

The cellular module may provide voice calls, video calls, text services, or Internet services, for example, over a communications network. According to one embodiment, the cellular module may perform identification and authentication of the electronic device 101 within the communication network using a subscriber identification module (e.g., a subscriber identification module (SIM) card). According to one embodiment, the cellular module may perform at least some of the functions that the controller 150 may provide. According to one embodiment, the cellular module may include a communication processor (CP).

Each of the WiFi module, the Bluetooth module, or the NFC module may include a processor for processing data transmitted and received through the corresponding module, for example. According to some embodiments, at least some (e.g., two or more) of the cellular module, the WiFi module, the Bluetooth module, or the NFC module may be included in one integrated chip (IC) or IC package.

The RF module is capable of transmitting and receiving, for example, a communication signal (e.g., an RF signal). The RF module may include, for example, a transceiver, a power amplifier module (PAM), a frequency filter, a low noise amplifier (LNA), or an antenna. According to another embodiment, at least one of the cellular module, the WiFi module, the Bluetooth module, the GNSS module, or the NFC module can transmit and receive RF signals through separate RF modules.

The storage unit 160 according to an exemplary embodiment of the present invention may be a volatile memory (e.g., a DRAM, an SRAM, or an SDRAM), a nonvolatile memory (e.g., an OTPROM, a PROM, an EPROM, an EEPROM, , A flash memory, a hard drive, or a solid state drive (SSD).

The display unit 140 according to one embodiment includes a liquid crystal display (LCD), a light-emitting diode (LED) display, an organic light-emitting diode (OLED) , Or a microelectromechanical systems (MEMS) display, or an electronic paper display. Display 105 may display various content (e.g., text, image, video, icon, symbol, etc.) to the user, for example. The display 105 may include a touch screen and may include a touch screen such as, for example, a touch using an electronic pen or a portion of the user's body, gesture, proximity, or hovering hovering input.

The control unit 150 according to an embodiment may control a plurality of hardware or software components connected to the control unit 150 by driving an operating system or an application program, and may perform various data processing and arithmetic operations. The controller 150 may be implemented as a system on chip (SoC), for example. According to one embodiment, the control unit 150 may further include a graphics processing unit (GPU) and / or an image signal processor. The control unit 150 may load and process commands or data received from at least one of the other components (e.g., non-volatile memory) into the volatile memory and store the various data in the non-volatile memory have.

The locking portion 130 according to one embodiment may include any type of structure capable of restricting the opening of the door. For example, the lock unit 130 can perform a lock operation to limit the opening of the door in the lock mode, under the control of the controller 150, and to perform the unlock operation Can be performed.

The controller 150 may control the communication unit 110 to establish a communication link with the user terminal. For example, the control unit 150 may control the communication unit 110 to perform short-range communication with the user terminal, for example, NFC and Bluetooth communication.

For example, the control unit 150 may perform a Bluetooth initialization process with an external device capable of Bluetooth connection. For example, the control unit 150 may control the communication unit 110 to transmit identification information including a Bluetooth device address corresponding to the security-purpose electronic device 100 to an external device. In addition, the control unit 150 may receive a Bluetooth connection request message including identification information of an external device from an external device. Upon receiving the connection request message, the control unit 150 may transmit the connection request response message to the external device and control the communication unit 110 to perform a pairing with the external device.

The control unit 150 may synchronize time with the user terminal through the communication unit 110 according to an exemplary embodiment of the present invention.

The control unit 150 may receive the shared key shared with the user terminal from the user terminal through the communication unit 110. [ For example, the shared key may be used for each of the security electronic device 100 and the user terminal to generate mutually synchronized passwords.

The controller 150 may control the storage unit 160 to store the received shared key.

The controller 150 according to an exemplary embodiment may control the communication unit 110 to synchronize time with the user terminal and disable the communication function upon receiving the shared key from the user terminal. For example, the control unit 150 may control the communication unit 110 to release the communication link with the user terminal. Also, the control unit 150 may control the communication unit 110 to deactivate the communication function with the external device. Since all the communication functions of the security electronic device 100 are deactivated after the time synchronization and the receiving of the shared key, which is a pre-process for generating a synchronized password between the user terminal and the security electronic device 100, Security can be enhanced by reducing the risk of key leakage.

The control unit 150 according to the embodiment activates the communication function of the inactivated communication unit 110 and deletes the shared key stored in the storage unit 160 upon receiving the input for initializing the security electronic device 100 . The control unit 150 activates the communication function of the inactivated communication unit 110 upon receiving the input for initializing the security electronic device 100, At least one of the passwords can be deleted.

The controller 150 according to an exemplary embodiment may generate a password that is updated every preset period and synchronized with the user terminal based on the received shared key and the synchronized time.

The controller 150 may acquire the shared key stored in the storage unit 160 according to an embodiment of the present invention.

The controller 150 may acquire time information based on the time synchronized with the user terminal. For example, the controller 150 according to an exemplary embodiment may acquire the current time information based on the synchronized time. Further, for example, the control unit 150 can acquire the reference time information used for generating the password based on the synchronized time. For example, the control unit 150 can control the storage unit 160 to store the acquired reference time information as it acquires the reference time information used for generating the password based on the synchronized time.

The controller 150 according to an exemplary embodiment may generate a password based on the synchronized time and the shared key. For example, the control unit 150 may generate a password according to a predetermined algorithm based on the synchronized time and the shared key.

For example, the control unit 150 can generate a password based on the time information acquired based on the synchronized time. For example, the control unit 150 may generate a password based on the shared key obtained from the storage unit 160.

The controller 150 according to an embodiment generates a password according to an algorithm using a hash function, a cryptographic hash function, and a keyed-hash message authentication code (HMAC) can do.

The hash function is a function for mapping input data having an arbitrary data size to output data having a fixed data size, that is, a hash value.

The cryptographic hash function is an example of a hash function, which is a hash function virtually impossible to invert. Therefore, the cryptographic hash function can be used for security password generation because of the characteristic that it is difficult to inversely derive the key value which is the corresponding input value from the hash value which is the output value of the cryptographic hash function.

In addition, HMAC uses a cryptographic hash function to represent two input variables, an encryption target message, and an encryption code generated from an encryption key. For example, the encryption target message, which is an input variable, may be the count value C obtained based on the synchronized time. Also, for example, the encryption key, which is an input variable, may be a shared key K shared between the security electronic device 100 and the user terminal.

According to one embodiment, the controller 150 may calculate the counting variable C that increases by 1 every predetermined period based on the synchronized time.

Also, the control unit 150 can obtain HMAC, which is output data, from the counting variable C, which is input data, and the shared key, according to the mathematical expression shown in Table 1 below.

HMAC (K, C) = CHF ((K 'XOR opad) OR CHF ((K' XOR iPAD) OR C))
In the above equation,
CHF is a cryptographic hash function,
C is a count value of a predetermined data size,
K is a shared key having an arbitrary data size,
K 'is a value adjusted to a predetermined data size by applying a padding or hash function to K,
opad is a hexadecimal constant of a predetermined data size having a value of 0x5c5c ... 5c5c,
ipad is a hexadecimal constant of a predetermined data size with a value of 0x3636 ... 3636.

The controller 150 may determine the lower 4 bits of the obtained HMAC as an offset. In addition, the controller 150 may obtain the 4-byte value M appearing after the upper offset byte value of the HMAC and obtain the remaining value I excluding the most significant bit of M. For example, I may be a 32 bit unsigned integer.

In addition, the controller 150 may obtain an N-digit password from the lower N-digit values of I expressed in decimal numbers. For example, at a particular point in time, from the counting value C and the shared key K, (Hexadecimal), the offset is 2 (hexadecimal), which is the lower 4-bit value of HMAC, M is 0x12345852 (hexadecimal), which is the 4-byte value after the upper 2 bytes of HMAC, I is M 0x12345852 (hexadecimal number), which is the remaining value except for the most significant bit of the decimal number, and I represented by the decimal number is 305420370 (decimal number). Therefore, a password of 6 digits, that is, the password when N is 6, is 420370 (decimal number) which is the lower six digits of I expressed in decimal.

As described above, since the cryptographic hash function is used in the HMAC calculation, even when the password 420370 is leaked due to the characteristic of the cryptographic hash function in which the inverse transformation is virtually impossible, the counter value C and the shared key K can not be derived, .

The above-described password generation algorithm is illustrative, and a password can be generated according to various other algorithms.

The controller 150 according to the embodiment may update the password every predetermined period.

The controller 150 according to the embodiment may acquire reference time information used for password generation based on the synchronized time.

The controller 150 may control the storage unit 160 to store the reference time information obtained based on the synchronized time for each preset period. Also, the control unit 150 may acquire the stored reference time information and the shared key from the storage unit 160, and generate a password based on the acquired reference time information and the shared key.

The controller 150 according to an exemplary embodiment may generate a password based on the reference time information and the shared key obtained every predetermined period. Also, the controller 150 may control the storage unit 160 to store the password generated every predetermined period.

The controller 150 may obtain an input password from the security code obtained through the input unit 120 according to an exemplary embodiment of the present invention. For example, the control unit 150 may obtain the input password input through the keypad or the touch panel. The control unit 150 may control the display unit 140 to display the input password of the user input through the keypad or the touch panel. For example, during input of a character string through a keypad or a touch panel, only the last entered character, number, or special symbol is displayed for a predetermined period of time, and the displayed input value is converted into a predetermined character The control unit 150 can obtain the input password from the acquired input image. For example, the control unit 150 can obtain an input password from the obtained identification code. Thereby, the user can release the locked state of the door without having to separately enter the displayed and generated password in the user terminal into the keypad or touch sensor of the security electronic device 100. [ In addition, when the communication function of the security electronic device 100 is deactivated in order to enhance the security as described below, since the security electronic device 100 and the user terminal need not establish a communication link, It is possible to facilitate the input of the password.

The control unit 150 according to the embodiment may control the lock unit 130 to perform a lock operation or an unlock operation of the door according to whether the input password obtained through the input unit 120 and the generated password match .

For example, the control unit 150 may control the lock unit 130 to perform the unlocking operation of the door when the obtained input password matches the generated password.

2 is a flowchart showing a security management method performed by the security electronic device 100 according to an embodiment.

In step 210, the security appliance 100 according to one embodiment may receive a shared key from the user terminal that is shared with the user terminal.

In step 220, the security appliance 100 according to one embodiment can synchronize time with the user terminal.

The security electronic device 100 according to an exemplary embodiment may receive a shared key shared with a user terminal. The shared key may be used for each of the electronic security device 100 and the user terminal to generate mutually synchronized passwords. The security electronic device 100 according to an exemplary embodiment may store the received shared key.

The security electronic device 100 according to an exemplary embodiment may synchronize time with the user terminal and disable the communication function as it receives the shared key from the user terminal. For example, the security electronic device 100 can release the communication link with the user terminal. In addition, the security electronic device 100 can disable the communication function with the external device.

The security electronic device 100 according to one embodiment can activate the disabled communication function and delete the stored shared key as it receives the input for initializing the security electronic device. Also, for example, the security electronic device 100 can activate the disabled communication function and delete at least one of the stored shared key and password as it receives an input for initializing the security electronic device.

In step 230, the security electronic device 100 according to one embodiment can generate a password that is updated every preset period and synchronized with the user terminal, based on the synchronized time and the shared key.

The security electronic device 100 according to an exemplary embodiment may acquire a stored shared key.

The security electronic device 100 according to an exemplary embodiment may acquire time information based on a time synchronized with a user terminal. For example, the security appliance 100 according to one embodiment can obtain current time information based on the synchronized time. Further, for example, the security electronic device 100 can acquire the reference time information used for generating the password based on the synchronized time. For example, the security electronic device 100 can store the acquired reference time information as it acquires the reference time information used to generate the password based on the synchronized time.

The security appliance 100 according to one embodiment may generate a password based on the synchronized time and the shared key. For example, the security electronic device 100 may generate a password according to a preset algorithm based on the synchronized time and the shared key.

For example, the security electronic device 100 can generate a password based on the time information obtained based on the synchronized time. For example, the security electronic device 100 can generate a password based on the stored shared key.

The security electronic device 100 according to the embodiment can update the password every predetermined period.

The security electronic device 100 according to an embodiment can acquire reference time information used for password generation based on the synchronized time.

The security electronic device 100 according to an exemplary embodiment may store the reference time information acquired based on the synchronized time every preset period. In addition, the security electronic device 100 can acquire the stored reference time information and the shared key, and generate the password based on the acquired reference time information and the shared key.

The security electronic device 100 according to an embodiment may generate a password based on the reference time information and the shared key obtained every predetermined period. In addition, the security electronic device 100 may store the password generated every predetermined period.

In step 240, the security appliance 100 according to one embodiment may obtain a user's input password.

For example, the security electronic device 100 can obtain an input password input through a keypad or a touch panel.

For example, the security electronic device 100 may acquire an input image displayed on the user terminal through the camera unit, and obtain an input password from the input image.

For example, the electronic security device 100 can acquire the identification code displayed on the user terminal through the identification code recognition unit, and obtain the input password from the identification code.

In step 250, the security electronic device 100 according to one embodiment can release the lock that limits the opening of the door, depending on whether the input password and the generated password match.

The security electronic device 100 according to an exemplary embodiment may perform a lock operation or an unlock operation of the door according to whether the input password obtained through the input unit 120 and the generated password match.

For example, the security electronic device 100 can perform the unlocking operation of the door when the obtained input password coincides with the generated password.

3 is a block diagram illustrating a configuration of a user terminal 300 according to an exemplary embodiment of the present invention.

3, the user terminal 300 may include a communication unit 310, an input unit 320, a display unit 330, a controller 340, and a storage unit 350.

The communication unit 310 according to one embodiment may be configured to communicate with an external device.

For example, the communication unit 310 may include, but is not limited to, a cellular module, a WiFi module, a Bluetooth module, an NFC module, and a radio frequency (RF) module.

The cellular module may provide voice calls, video calls, text services, or Internet services, for example, over a communications network. According to one embodiment, the cellular module may perform identification and authentication of the electronic device 101 within the communication network using a subscriber identification module (e.g., a subscriber identification module (SIM) card). According to one embodiment, the cellular module may perform at least some of the functions that the control unit 340 can provide. According to one embodiment, the cellular module may include a communication processor (CP).

Each of the WiFi module, the Bluetooth module, or the NFC module may include a processor for processing data transmitted and received through the corresponding module, for example. According to some embodiments, at least some (e.g., two or more) of the cellular module, the WiFi module, the Bluetooth module, or the NFC module may be included in one integrated chip (IC) or IC package.

The RF module is capable of transmitting and receiving, for example, a communication signal (e.g., an RF signal). The RF module may include, for example, a transceiver, a power amplifier module (PAM), a frequency filter, a low noise amplifier (LNA), or an antenna. According to another embodiment, at least one of the cellular module, the WiFi module, the Bluetooth module, the GNSS module, or the NFC module can transmit and receive RF signals through separate RF modules.

For example, the input unit 320 may be a key pad, a camera, a touch panel, a (digital) pen sensor, a key, or an ultrasonic input device But are not limited thereto. The touch panel may use at least one of electrostatic, pressure sensitive, infrared, and ultrasonic methods, for example. Further, the touch panel may further include a control circuit. The touch panel may further include a tactile layer to provide a tactile response to the user.

The storage unit 350 according to an exemplary embodiment may be a volatile memory (e.g., a DRAM, an SRAM, or an SDRAM), a nonvolatile memory (e.g., an OTPROM, a PROM, an EPROM, an EEPROM, , A flash memory, a hard drive, or a solid state drive (SSD).

The display portion 330 may include a liquid crystal display (LCD), a light-emitting diode (LED) display, an organic light-emitting diode (OLED) Or a microelectromechanical systems (MEMS) display, or an electronic paper display. Display 105 may display various content (e.g., text, image, video, icon, symbol, etc.) to the user, for example. The display 105 may include a touch screen and may include a touch screen such as, for example, a touch using an electronic pen or a portion of the user's body, gesture, proximity, or hovering hovering input.

The control unit 340 according to an embodiment may control a plurality of hardware or software components connected to the control unit 340 by driving an operating system or an application program, and may perform various data processing and computation. The control unit 340 may be implemented as a system on chip (SoC), for example. According to one embodiment, the control unit 340 may further include a graphics processing unit (GPU) and / or an image signal processor. The control unit 340 may load or process commands or data received from at least one of the other components (e.g., non-volatile memory) into the volatile memory and store the various data in the non-volatile memory have.

The control unit 340 may control the communication unit 310 to receive the identification information of the security electronic device 100 from the security electronic device 100 according to one embodiment.

The control unit 340 according to an exemplary embodiment may establish a communication link with the security electronic device 100. For example, the control unit 340 can establish a communication link with the security electronic device 100 through short-range communication such as Bluetooth or NFC.

For example, the control unit 340 may control the communication unit 310 to search for a device capable of Bluetooth connection. Also, the control unit 340 may perform an initial Bluetooth connection operation with the security-enabled electronic device 100 among the searched at least one Bluetooth-enabled device. For example, the control unit 340 may obtain the Bluetooth device address corresponding to the searched security electronic device 100. [ In addition, the control unit 340 may control the communication unit 310 to transmit the Bluetooth communication connection request to the security-purpose electronic device 100 based on the obtained Bluetooth device address. The control unit 340 may control the communication unit 310 to perform the pairing with the security electronic device 100 upon receiving the connection request response message from the security electronic device 100. [

The control unit 340 according to the embodiment may transmit the identification information of the user terminal 300 for registration or authentication of the user terminal 300 to the security electronic device 100 through the established communication link.

The control unit 340 according to the embodiment may receive the identification information of the security electronic device 100 through the established communication link.

The control unit 340 according to an exemplary embodiment may acquire a shared key shared with the security electronic device 100 based on the identification information of the received security electronic device 100. [ For example, the control unit 340 may transmit at least one identification information among the identification information of the user terminal 300 and the identification information of the security electronic device 100 to the server through the communication unit 310. The control unit 340 can receive the shared key corresponding to at least one of the identification information of the user terminal 300 and the identification information of the security electronic device 100 from the server through the communication unit 310 . Also, the control unit 340 may control the storage unit 350 to store the shared key received from the server. Also, the control unit 340 can transmit the shared key to the security electronic device 100 through the communication unit 310. [

The controller 340 may synchronize the time with the security electronic device 100 through the communication unit 310 according to an embodiment of the present invention.

The control unit 340 according to the embodiment can acquire time information synchronized with the security electronic device 100 every predetermined period based on the synchronized time.

The controller 340 according to an exemplary embodiment may acquire the current time information based on the synchronized time. Further, for example, the control unit 340 can acquire the reference time information used for generating the password based on the synchronized time. For example, the control unit 340 can control the storage unit 350 to store the acquired reference time information as it acquires the reference time information used to generate the password based on the synchronized time.

The controller 340 may receive an input of a user requesting a password through the input unit 320 according to an exemplary embodiment of the present invention.

The control unit 340 according to an exemplary embodiment may generate a password based on the synchronized time and the shared key as it receives the input of the user requesting the password. For example, the control unit 340 may generate a password according to a predetermined algorithm based on the synchronized time and the shared key.

For example, the control unit 340 can generate a password based on the time information acquired based on the synchronized time. For example, the control unit 340 can generate a password based on the shared key obtained from the storage unit 350. [

The controller 340 according to the embodiment may update the password every predetermined period.

According to one embodiment, the control unit 340 can acquire the reference time information used for password generation based on the synchronized time every preset period.

The controller 340 may control the storage unit 350 to store the reference time information obtained based on the synchronized time every preset period. Also, the control unit 340 can acquire the stored reference time information and the shared key from the storage unit 350, and generate a password based on the acquired reference time information and the shared key.

The control unit 340 may generate a password based on the reference time information acquired every predetermined period and the shared key obtained from the storage unit 350. [ Also, the control unit 340 may control the storage unit 350 to store the password generated every predetermined period.

The controller 340 may control the display unit 330 to display the generated password. For example, the control unit 340 controls the display unit 330 to display the password generated based on the reference time information and the shared key obtained from the storage unit 350 upon receiving the input of the user requesting the password can do. For example, the control unit 340 may control the display unit 330 to display the password obtained from the storage unit 350 upon receiving the input of the user requesting the password.

4 is a flowchart illustrating a security management method performed by the security management system according to an embodiment.

Referring to FIG. 4, the security management system may include a server 400, a user terminal 300, and a security electronic device 100.

The user terminal 300 according to an exemplary embodiment may send a registration request message to the server 400. [ For example, the registration request message may include a user identification and a password.

Upon receiving the user registration request message, the server 400 according to an exemplary embodiment may store the received user ID and password in a database storing data for identifying a user who can access the application. In addition, the server 400 may transmit a registration request response message to the user terminal 300.

The user terminal 300 according to one embodiment may send an application login request message to the server 400 that includes registered user identification information, e.g., a user ID and a password. For example, the user terminal 300 may transmit the user identification information, which is input to the user identification information input window displayed as the application related to the security management method is executed, to the server 400.

 When the identification information of the registered user stored in the database matches the user identification information included in the login request message received from the user terminal 300, the server 400 transmits a login request response message to the user terminal 300 Lt; / RTI >

The user terminal 300 and the security appliance 100 according to an embodiment can establish a communication link.

The security electronic device 100 according to one embodiment can transmit the identification information of the security electronic device 100 to the user terminal 300 through the established communication link.

The user terminal 300 according to one embodiment may transmit the shared key request message to the server 400 upon receiving the identification information of the security electronic device 100 from the security electronic device 100. For example, the shared key request message may include identification information of the electronic security device 100. [

The server 400 according to an exemplary embodiment may transmit the shared key to the user terminal 300 upon receiving the shared key request message from the user terminal 300. For example, the server 400 may transmit the determined shared key to the user terminal based on the identification information of the user and the identification information of the electronic security device 100. [ The server 400 may also store the determined shared key in the database by matching with the user identification information.

The user terminal 300 according to an exemplary embodiment may transmit the shared key received from the server 400 to the security electronic device 100 through a communication link with the security electronic device 100. Also, the user terminal 300 may store the received shared key.

The user terminal 300 according to an exemplary embodiment may synchronize time with the security electronic device 100 through a communication link with the security electronic device 100. [

5 is a flowchart illustrating a security management method performed by the security management system according to an embodiment.

4, the security management system may include a server 400, a user terminal 300, and a security electronic device 100. [ In addition, the user terminal 300 according to an exemplary embodiment may send a login request message to the server 400. Also, the user terminal 300 may receive a login request response message from the server 400. [ For example, the user terminal 300 may display an application execution result related to the security management method upon receiving the login request response message.

For example, upon receiving an input of a user requesting a password at a first time, the user terminal 300 may display a password generated based on the synchronized time and the shared key, e.g., " 1234 " have. Likewise, at a first point in time, the security appliance 100 may generate a password, e.g., " 1234, " which is the same as the password generated at the user terminal 300 based on the synchronized time and the shared key. Thereby, the user can release the locked state of the door by inputting the password displayed on the user terminal 300, for example, " 1234 " to the input unit of the security electronic device 100. [

Also, upon receiving the input of the user requesting the password at the second time point, the user terminal 300 may display a password generated based on the synchronized time and the shared key, e.g., " 5678 ". Likewise, at the second time point, the security appliance 100 may generate a password, e.g., " 5678, " which is the same as the password generated at the user terminal 300 based on the synchronized time and the shared key. Since the time information based on the synchronized time is used in generating the password, the password "1234" generated at each of the user terminal 300 and the security electronic device 100 at the first time and mutually synchronized is used as the synchronized password "5678" is different. Therefore, even if the password, for example, " 1234 " is exposed to the other person at the first time, the other person can not release the locked state of the door at the second time point after the lapse of a predetermined period from the first time.

FIG. 6 is a diagram for explaining an application example of the security management system according to an embodiment.

Referring to FIG. 6, a user may execute an application related to a security management method at a user terminal. Also, as the user's identification information is input into the user identification information input window displayed as the application is executed, the user terminal can access the application.

In addition, upon receipt of the user input requesting the password, the generated password can be displayed in a partial area of the execution result screen of the application. As another example, even when the user's separate password request is not received, the user terminal can notify the password generated based on the synchronized time and the shared key to a part of the execution result screen Can be displayed.

The user can input a password, for example, a six-digit number displayed on the terminal, to the security electronic device 100.

The security electronic device 100 may determine that the user's input password matches the password generated based on the time synchronized with the user terminal 300 and the shared key.

The security electronic device 100 can release the lock state of the door when the input password coincides with the password generated in the security electronic device 100. [

On the contrary, the security electronic device 100 can maintain the locked state of the door when the input password does not match the password generated in the security electronic device 100. In addition, the security electronic device 100 may display a message on the display unit that the input password does not match the generated password.

7A to 7D are diagrams for explaining various embodiments in which a user inputs a security code to the security electronic device 100. FIG.

Referring to FIG. 7A, a user may input a password displayed on the user terminal 300 through a key pad of the security electronic device 100 or a touch screen. For example, the user can input the password displayed on the user terminal 300 through the number pad displayed on the touch screen of the security electronic device 100.

7B, the user terminal 300 receives an input of a user for transmitting a password, and transmits information corresponding to a password generated in the user terminal 300 through the local communication to the user terminal 300 for security To the electronic device (100).

7C, a user may place a display portion of a user terminal 300 having a password on the camera portion of the security electronic device 100 so that the camera portion of the security electronic device 100 displays the display of the user terminal 300 It is possible to capture the image displayed in the part.

Referring to FIG. 7D, the user terminal 300 may display an identification code corresponding to the generated password. As described above, the identification code may be, but is not limited to, a one-dimensional code, a two-dimensional QR code, a two-dimensional matrix code, a three-dimensional code, a color code, or other image code. The user can identify the identification code of the security electronic device 100 by making the display part of the user terminal 300 having the identification code displayed adjacent to the identification code recognition part of the security electronic device 100, Code can be recognized.

An apparatus according to the present invention may include a processor, a memory for storing and executing program data, a permanent storage such as a disk drive, a communication port for communicating with an external device, a user interface such as a touch panel, a key, Devices, and the like. Methods implemented with software modules or algorithms may be stored on a computer readable recording medium as computer readable codes or program instructions executable on the processor.

Here, the computer-readable recording medium may be a magnetic storage medium such as a read-only memory (ROM), a random-access memory (RAM), a floppy disk, a hard disk, ), A DVD (Digital Versatile Disc)), or the like. The computer-readable recording medium may be distributed over networked computer systems so that computer readable code can be stored and executed in a distributed manner. The medium is readable by a computer, stored in a memory, and executable on a processor.

All documents, including publications, patent applications, patents, etc., cited in the present invention may be incorporated into the present invention in the same manner as each cited document is shown individually and specifically in conjunction with one another, .

In order to facilitate understanding of the present invention, reference will be made to the preferred embodiments shown in the drawings, and specific terminology is used to describe the embodiments of the present invention. However, the present invention is not limited to the specific terminology, Lt; / RTI > may include all elements commonly conceivable by those skilled in the art.

The present invention may be represented by functional block configurations and various processing steps. These functional blocks may be implemented in a wide variety of hardware and / or software configurations that perform particular functions. For example, the present invention may include integrated circuit configurations, such as memory, processing, logic, look-up tables, etc., that may perform various functions by control of one or more microprocessors or other control devices Can be adopted. Similar to the components of the present invention that may be implemented with software programming or software components, the present invention may be implemented as a combination of C, C ++, and C ++, including various algorithms implemented with data structures, processes, routines, , Java (Java), assembler, and the like. Functional aspects may be implemented with algorithms running on one or more processors. Further, the present invention can employ conventional techniques for electronic environment setting, signal processing, and / or data processing. Terms such as "mechanism", "element", "means", "configuration" may be used broadly and are not limited to mechanical and physical configurations. The term may include the meaning of a series of routines of software in conjunction with a processor or the like.

The specific acts described in the present invention are, by way of example, not intended to limit the scope of the invention in any way. For brevity of description, descriptions of conventional electronic configurations, control systems, software, and other functional aspects of such systems may be omitted. Also, the connections or connecting members of the lines between the components shown in the figures are illustrative of functional connections and / or physical or circuit connections, which may be replaced or additionally provided by a variety of functional connections, physical Connection, or circuit connections. Also, unless explicitly mentioned, such as " essential ", " importantly ", etc., it may not be a necessary component for application of the present invention.

The use of the terms " above " and similar indication words in the specification of the present invention (particularly in the claims) may refer to both singular and plural. In addition, in the present invention, when a range is described, it includes the invention to which the individual values belonging to the above range are applied (unless there is contradiction thereto), and each individual value constituting the above range is described in the detailed description of the invention The same. Finally, the steps may be performed in any suitable order, unless explicitly stated or contrary to the description of the steps constituting the method according to the invention. The present invention is not necessarily limited to the order of description of the above steps. The use of all examples or exemplary language (e.g., etc.) in this invention is for the purpose of describing the present invention only in detail and is not to be limited by the scope of the claims, It is not. It will also be appreciated by those skilled in the art that various modifications, combinations, and alterations may be made depending on design criteria and factors within the scope of the appended claims or equivalents thereof.

Claims (10)

A security electronic device for security of a door,
A communication unit;
An input unit;
A locking portion configured to perform a locking operation or an unlocking operation for restricting the opening of the door; And
A processor,
The processor comprising:
Synchronizing time with a user terminal through the communication unit, receiving a shared key shared with the user terminal,
Generating a password that is updated every preset period and is synchronized with the user terminal based on the received shared key and the synchronized time,
And controls the lock unit to perform a lock operation or an unlock operation of the door according to whether or not the input password obtained through the input unit matches the generated password. The method according to claim 1,
The processor comprising:
And controls the communication unit to deactivate a communication function with an external device of the communication unit upon synchronizing time with the user terminal and receiving a shared key from the user terminal. 3. The method of claim 2,
The processor comprising:
Controls the communication unit to activate the deactivated communication function upon receiving an input for initializing the security electronic device, and controls the storage unit to delete the stored shared key. The method according to claim 1,
Wherein the input unit comprises:
Acquiring one security code among a password generated at the user terminal, an input image corresponding to the password displayed at the user terminal, and an identification code corresponding to the password,
The processor comprising:
And obtains the input password from the obtained security code. A security management method for a door performed by a security electronic device,
Receiving a shared key shared with a user terminal from the user terminal;
Synchronizing time with the user terminal;
Generating a password that is updated every preset period and is synchronized with the user terminal based on the synchronized time and the shared key;
Obtaining an input password of the user; And
And releasing a lock that restricts opening of the door according to whether or not the input password and the generated password match. A communication unit;
An input unit;
A display unit; And
A processor,
Wherein the security electronic device transmits the shared key shared with the security electronic device to the security electronic device by synchronizing time with the security electronic device through the communication part,
And generating a password that is updated every preset period of time and is synchronized with the security electronic device based on the received shared key and the synchronized time upon receipt of a user input for requesting a password through the input unit,
And controls the display unit to display a security code corresponding to the generated password. A security management method for a door performed by a user terminal,
Transmitting a shared key shared with the security electronic device to the security electronic device;
Synchronizing time with the security electronic device;
Generating a password that is updated every preset period and is synchronized with the security electronic device based on the synchronized time and the shared key; And
And displaying a security code corresponding to the generated password. 8. The method of claim 7,
Wherein the step of displaying the security code comprises:
Generating an identification code corresponding to the generated password; And
And displaying the generated identification code. A security management system for a door including a server, a user terminal, and a security electronic device,
Wherein the server receives the identification information of the security electronic device from the user terminal and transmits a shared key shared between the user terminal and the security electronic device to the user terminal based on the received identification information,
Wherein the user terminal transmits the shared key received from the server to the security electronic device, synchronizes time with the security electronic device, and generates a password that is updated every preset period based on the shared key and the synchronized time Lt; / RTI >
Wherein the security electronic device generates a password that is updated every preset period and is synchronized with a password generated by the user terminal based on the shared key received from the user terminal and the synchronized time. A computer-readable recording medium having recorded thereon one or more programs including instructions for causing a security electronic device to execute a security management method of a door,
Receiving a shared key shared with a user terminal from the user terminal;
Synchronizing time with the user terminal;
Generating a password that is updated every preset period and is synchronized with the user terminal based on the synchronized time and the shared key;
Obtaining an input password of the user; And
And releasing a lock that restricts opening of the door according to whether or not the input password and the generated password match.

Images