Application Security Method and System for Performing Same
NOT A Patent … at least not yet
It has been widely repeated in the Blockchain and Cryptocurrency press that a South Korean news provider, The Digital Times, reported on October 15, 2018, that KB Financial Group, Inc., a South Korean company, had been awarded a patent for a novel blockchain based cryptographic fintech security solution.
However, our search of the patent databases for ‘KB Financial’ and ‘Kookmin’ could not find any such patent grant. Of course, it is possible that the patent grant lists a different name as the assignee, possibly a subsidiary or licensee. However, a search of just the relevant key words did not find any such patent with a grant date on or about October 15, 2018. Either we have not used the correct search criteria, or the news provider confused a patent ‘award’ with a patent ‘application’. But if you are in the trade you know they are two very different beasts, since it can be said that money is grudgingly produced by the former, but voraciously consumed by the latter.
. . . . . . .
Description of the Drawings
[Fig] 1 is a view showing the configuration of an application security system in accordance with one embodiment of the present invention.
1, the application security system 100 may include a client device 102, the verification server 104, management server 106, and a block chain (Blockchain) (108). Here, the client device 102 are coupled communicatively with the verification server 104 and the management server 106 via a communications network. In addition, the management server 106 is connected communicatively with the block chain 108 through a communications network. In some embodiments, the communication network is the Internet, for one or more local area network (local area networks), a wide area network (wire area networks), cellular networks, mobile networks, and other different types of networks, or a combination of such networks It can be included.
. . . . . .
Claims using ‘blockchain’ (see dependent claims 10 and 11)
Claim 1. Wherein in accordance with the static security-related les, and the verication result information to receive dynamic security-related files of the download security incomplete application of the said static security file with, and sends a verification request to the security incomplete application, corresponding to the validation request, the client device to transfer the security file requests for dynamic security-related files; Verification server that receives the verication request from the client device, performs the verification of the security incomplete application, transmitting the verification result information to the client device; And Receiving the security file request from the client apparatus, comprising a management server that transmits the encrypted dynamic security file to the client device, an application security system.
Claim 9. The method according to claim 1, The security file is requested, Encryption-related key values, and an application security system comprising at least one of operating system information of the client device that is generated based on the ID information, ID information of the client device of the client device.
Claim 10. The method according to claim 9, The application security system, ID information, and receives the encryption-related key values, the encryption-related key values to a unique identification information for each Clariant device and application security system further comprising: a block chain, and storing each of the matching of each client device from the management server.
Claim 11. The method according to claim 10,Wherein the management server,The unique identification information of the client device included in the security file request and transmitted to the block chains, The block chain, and to extract the ID information with the matching encrypted associated key values in the client device sent to the management server, Wherein the management server, the extracted dynamic security file corresponding to the operating system information of the client apparatus, and encryption using the encryption-related key values receive the extracted dynamic security file from the block chain, the encrypted dynamic security file and an application security system for transmitting the encryption-related key values to the client device.
One Claim using ‘chain block’:
Claim 23. One or more processors, and A method performed on a computing device with a memory for storing one or more programs to be executed by the one or more processors, Receiving a security file request for the dynamic security file from the static and dynamic security file security file from a client, downloading the static security-related security applications lack the file was mounted device;
Extracting the unique identification information of the client device included in the security file request; Transmitting the unique identification information of the client device to extract the chain block; Receiving an encrypted associated key value that matches the unique identification information of the client device from the chain block;
In conclusion, it is almost routine to see persons without patent training making the mistake that a patent application is the same as a granted or awarded ‘patent’. If a granted patent following the Digital Times story can be found, we will return to the this post for revision.
Happy Patenting!
Commentary by Attorney Timothy F. Mills, Editor / Action Cyber Times™ © 2018 All Rights Reserved.
Action Cyber Times™ provides resources for cybersecurity, data privacy, compliance, breach reporting and risk management, intellectual property theft, and the utilization of emerging technologies such as artificial intelligence, machine learning, blockchain DLT, advances in cryptographic applications, and more.
Disclaimer: The content available on the web site and in the blog posts is for informational purposes only and is not intended to, and does not, provide legal advice. Contact and retain an appropriate professional for legal advice. Use of this content or any of the links contained within the site do not create an attorney-client relationship. The opinions expressed are the opinions of the author.
Assuming the latter, in the WIPO/PCT database we did find publication number WO2018/164408 A1, Application Security Method and System for Performing Same, with KB Financial Group listed as the Applicant, a publication date of 13 September 2018, a filing date of 28 February 2018, and a priority date of 7 March 2017. The filing and publication language is Korean. The International Application Status Report was generated on 16 October 2018. The 20 month time limit for entry into the national / regional phase is 7 November 2018 and the 30 month limit is 7 September 2019. Thus we may have to wait awhile for the filed English translation.
[/vc_column_text][/vc_column][/vc_row]
The WIPO ‘408 Abstract states as follows:
An application security method and a system for performing the same are disclosed. The application security system according to one exemplary embodiment comprises: a client device, which downloads a security incomplete-application on which a static security-related file, between the static security-related file and a dynamic security-related file, is loaded, transmits a verification request for the security incomplete-application, and transmits a security file request for the dynamic security-related file according to verification result-related information corresponding to the verification request; a verification server, which receives the verification request from the client device, verifies the security incomplete-application, and transmits the verification result-related information to the client device; and a management server, which receives the security file request from the client device and transmits an encoded dynamic security-related file to the client device.
Brief Review of the Description:
[Note: The translation of the description and claims from Korean to English appears to be via machine – from Google or WIPO Translate.]
An application security method comprising the step of encrypting the extracted dynamic security file to the received encryption key-related values. System for application security and how does this. Embodiment of the invention relates to a security technique.
In recent years, and it is one application examples utilizing the applications installed on smart phones increased as the increasing use of smartphones. For example, to use an application that is installed on your smartphone, such as an increase in cases of performing financial transactions or payments. However, a third of the corrupt purpose of the application to perform a financial transaction or payment woman has a problem that can be stolen or hacked.
Embodiment of the present invention is to provide a system for application security method that can increase the security of the use and application to do this.
. . . . .
‘Block chain’ in the Description:
[Note: We did not find any definition of what the inventors consider a ‘block chain’ or a ‘chain block’ in the translation reviewed.]
The application security system, said management unique identification of each client device from the server information, and receives the encryption-related key values, and further comprising a block chain for storing the matched unique identification information for each of the corresponding encryption-related key values in each Clariant device can do.
Wherein the management server, to the security file requests sent the specific identification information of the client device to the block chain, and the block included in the chain, to extract the ID information with the matching encrypted associated key values in the client device and the and sent to the management server, the management server comprises: extracting a dynamic security file corresponding to the operating system information of the client device, and by using the encryption related key values receive the extracted dynamic security file from the block chain encryption, and it may transmit the encrypted dynamic security-related files and the encryption key-related value to the client device.
‘Chain block’ in the description:
[Note: Inclusion of the reversed term, ‘chain block’, may be a function of the machine translation. We shall have to wait for the applicant’s official English translation upon entry to the national / regional phase.]
Application security method according to another embodiment disclosed is a method performed on a computing device with a memory for storing one or more programs to be executed by the one or more processors and the one or more processors, the static security file and receiving a security file request for the dynamic security related files from the client devices of the dynamic security file download secure applications lack the said static security with file; Extracting the unique identification information of the client device included in the security file request; Transmitting the unique identification information of the client device to extract the chain block;
Receiving an encrypted associated key value that matches the unique identification information of the client device from the chain block; And a step of encrypting, and transmitting the encrypted dynamic security-related files and the encryption key-related value to the client device with the dynamic security related to the received encryption key related files value.
. . . . . . .
Description of the Drawings
[Fig] 1 is a view showing the configuration of an application security system in accordance with one embodiment of the present invention.
1, the application security system 100 may include a client device 102, the verification server 104, management server 106, and a block chain (Blockchain) (108). Here, the client device 102 are coupled communicatively with the verification server 104 and the management server 106 via a communications network. In addition, the management server 106 is connected communicatively with the block chain 108 through a communications network. In some embodiments, the communication network is the Internet, for one or more local area network (local area networks), a wide area network (wire area networks), cellular networks, mobile networks, and other different types of networks, or a combination of such networks It can be included.
. . . . . .
Claims using ‘blockchain’ (see dependent claims 10 and 11)
Claim 1. Wherein in accordance with the static security-related les, and the verication result information to receive dynamic security-related files of the download security incomplete application of the said static security file with, and sends a verification request to the security incomplete application, corresponding to the validation request, the client device to transfer the security file requests for dynamic security-related files; Verification server that receives the verication request from the client device, performs the verification of the security incomplete application, transmitting the verification result information to the client device; And Receiving the security file request from the client apparatus, comprising a management server that transmits the encrypted dynamic security file to the client device, an application security system.
Claim 9. The method according to claim 1, The security file is requested, Encryption-related key values, and an application security system comprising at least one of operating system information of the client device that is generated based on the ID information, ID information of the client device of the client device.
Claim 10. The method according to claim 9, The application security system, ID information, and receives the encryption-related key values, the encryption-related key values to a unique identification information for each Clariant device and application security system further comprising: a block chain, and storing each of the matching of each client device from the management server.
Claim 11. The method according to claim 10,Wherein the management server,The unique identification information of the client device included in the security file request and transmitted to the block chains, The block chain, and to extract the ID information with the matching encrypted associated key values in the client device sent to the management server, Wherein the management server, the extracted dynamic security file corresponding to the operating system information of the client apparatus, and encryption using the encryption-related key values receive the extracted dynamic security file from the block chain, the encrypted dynamic security file and an application security system for transmitting the encryption-related key values to the client device.
One Claim using ‘chain block’:
Claim 23. One or more processors, and A method performed on a computing device with a memory for storing one or more programs to be executed by the one or more processors, Receiving a security file request for the dynamic security file from the static and dynamic security file security file from a client, downloading the static security-related security applications lack the file was mounted device;
Extracting the unique identification information of the client device included in the security file request; Transmitting the unique identification information of the client device to extract the chain block; Receiving an encrypted associated key value that matches the unique identification information of the client device from the chain block;
In conclusion, it is almost routine to see persons without patent training making the mistake that a patent application is the same as a granted or awarded ‘patent’. If a granted patent following the Digital Times story can be found, we will return to the this post for revision.
Happy Patenting!
Commentary by Attorney Timothy F. Mills, Editor / Action Cyber Times™ © 2018 All Rights Reserved.
Action Cyber Times™ provides resources for cybersecurity, data privacy, compliance, breach reporting and risk management, intellectual property theft, and the utilization of emerging technologies such as artificial intelligence, machine learning, blockchain DLT, advances in cryptographic applications, and more.
Disclaimer: The content available on the web site and in the blog posts is for informational purposes only and is not intended to, and does not, provide legal advice. Contact and retain an appropriate professional for legal advice. Use of this content or any of the links contained within the site do not create an attorney-client relationship. The opinions expressed are the opinions of the author.
