METHOD FOR IMPLEMENTING COMMON APPLICATION BASED ON ENVIRONMENT WHERE AUTHENTICATION OF SERVICE PROVIDER AND SECURE COMMUNICATION ARE AVAILABLE

摘要

The present invention relates to a method for implementing a common application to authenticate a service provider and create a secure communication channel. The method includes: a first step of allowing, in an environment in which a service application of a service provider calls a common application, a service provider to generate a public key and a private key and receive a public key certificate, in which the information about the service provider and the public key are stored, issued by a reliable certification agency; a second step of allowing the service provider to store information about the public key certificate of the service provider inside the service application and to provide a service; a third step of delivering, when the service application calls the common application, the information about the public key certificate of the service provider and information required for the common application, to the common application; a fourth step of allowing the common application to secure the public key certificate, verify the validity of the public key certificate, and configure information about the service provider which receives the public key certificate, so as to provide the information for a user through an output unit; a fifth step of allowing the user to verify the information about the service provider outputted to the output unit; a sixth step of allowing the common application to perform functions requested by the service application, encrypt the result through an encryption protocol based on the public key certificate of the service provider, and deliver the result to the service application; a seventh step of allowing the service application to deliver the encrypted information from the common application to the service provider; an eighth step of allowing the service provider to decrypt the encrypted information through the encryption protocol using the private key corresponding to the public key of the public key certificate; and a ninth step of allowing the service provider to provide a service that the user needs, based on the decrypted information.;COPYRIGHT KIPO 2016