1. Field of the Invention
The present disclosure relates to a method, client and system for reservation access to a management server using a one-time password, and more particularly, to a method, client and system for reservation access to a management server using a onetime password, which are capable of automatically accessing to the system employing a one-time password authentication method through an arbitrary route according to previously reserved settings in the case where a system manager is unable to directly access the system through a determined route because of temporal and spatial limitations, thereby collecting information and processing a specific functions.
2. Description of the Related Art
A related art authentication method for permitting only authenticated users to gain system access is implemented by a typical user identification (ID)/password. However, the related art ID/password method fails to completely block password guessing no matter how complex the password is, and is vulnerable to password leakage because the password is transmitted over network. The security vulnerability of the related art method increases as the danger of password exposure increases due to development of hacking skills and limitations of user management. For this reason, the need for more secure security authentication methods arises than the related art IP/password method depending on the user management.
In response, a one-time password method using a password that is usable only once has been developed. A representative example of the onetime password method is a challenge/response method of using a challenge code and a response code, which has been implemented to make password guessing by outsiders impossible.
The related art security authentication system employing the challenge/response method includes an authentication system that generates and authenticates a challenge code, and a portable device of a small electronic calculator type, for generating a response code of a user.
A user accesses the authentication system of a system intended to access via the Internet of a computer, and inputs a user ID to login to the corresponding system.
At this time, the authentication system generates a challenge code with a user ID and a random number, and sends the challenge code back to the user.
The user inputs the challenge code received from the authentication system to a response code generator provided in the computer, and the response code generator generates a response code on the basis of the challenge code and displays the response code on the user computer.
Thereafter, the user inputs the displayed response code, i.e., a one-time password. Then, the authentication system compares a value generated by itself and the user input value, i.e., the one-time password. If the two values coincide with each other, the authentication system permits the user to access an internal system or an application.
Such a reinforced authentication method is being applied to various systems and also partially to a sensor application system. In the sensor application system, a sensor that changes physical quantity into an electrical signal is installed in an environment limited in, e.g., time and space. Particularly, in the case where the system employs a device having a core micro control function such as a baseboard management controller (BMC), system data collection, system monitoring and system management can be performed through sensor detection and remote system hardware via a client and a user interface of a server in an intelligent platform management interface (IPMI) structure.
In the sensor application system, because of the temporal and spatial limitations in use, the client automatically accesses a system management server according to reserved settings to perform system data collection and system management and monitoring. This is more common than the case where the user directly accesses the system and controls system functions manually. Also, even when the user directly accesses the system, a specific client or a random client may be used to access the system.
Thus, a separate device that can generate a response code in response to a challenge code and a process of inputting a response code are needed for each individual user if the security authentication system employing the related art challenge/response method is applied to the sensor application system. However, the security authentication system employing the related art challenge/response method is limited in system access through an arbitrary client and in automated system access based on reserved settings. Thus, it is difficult to apply such a security authentication system to the sensor application system as it is.