한국융합학회논문지 (Journal of the Korea Convergence Society)

  • 제8권2호
  • /
  • Pages.9-14
  • /
  • 2017
  • /
  • 2233-4890(pISSN)
  • /
  • 2713-6353(eISSN)
한국융합학회 (Korea Convergence Society)
권호 표지
DOI QR코드

DOI QR Code

보안레벨 조절이 가능한 바이오메트릭 인증 기법

The Biometric Authentication Scheme Capable of Multilevel Security Control

  • 윤성현 (백석대학교 정보통신학부)
  • Yun, Sunghyun (Division of Information and Communication Engineering, Baekseok University)
  • 투고 : 2017.01.06
  • 심사 : 2017.02.20
  • 발행 : 2017.02.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

지문은 사람마다 고유하며 디지털 데이터로 표현할 수 있는 생체 정보이다. 지문은 사람 몸의 일부이기 때문에, 지문인식은 패스워드나 신분증을 이용한 방법보다 사용하기 편리하다. 더불어, 최근 보급되고 있는 스마트폰은 카메라 및 지문인식 센서가 내장되어 있어서, 바이오메트릭 인증에 대한 사용자의 수요가 증가하고 있다. 하지만 지문은 쉽게 복제가 가능하고 한 번 도용되면 해당 지문을 다시 사용할 수 없는 단점이 있다. 따라서, 바이오메트릭 데이터는 원본을 변형하여 등록 및 인증해야 한다. 기존의 패스코드 입력 방식은 지문인식 센서 외에 별도의 입력 모듈이 필요하기 때문에 경제성과 사용성이 떨어진다. 본 논문에서는 사용성과 경제성을 고려한 취소 가능한 바이오메트릭 인증 기법을 제안한다. 제안한 인증 기법은 취소 가능한 바이오메트릭 템플릿 생성, 바이오메트릭 템플릿 등록 그리고 사용자 인증 프로토콜로 구성되며, 사용된 지문 개수와 스캔 타임에 따라서 보안레벨을 조절할 수 있다. 더불어, 제안한 방법이 전사적 공격과 능동적 공격으로부터 안전함을 분석하였다.

A fingerprint is unique to each person and can be represented as a digital form. As the fingerprint is the part of human body, fingerprint recognition is much more easy to use and secure rather than using password or resident card for user authentication. In addition, as the newly released smart phones have built-in camera and fingerprint sensors, the demand for biometric authentication is increasing rapidly. But, the drawback is that the fingerprint can be counterfeited easily and if it's exposed to the hacker, it cannot be reused. Thus, the original fingerprint template should be transformed for registration and authentication purposes. Existing transformation functions use passcode to transform the original template to the cancelable form. Additional module is needed to input the passcode, so it requires more cost and lowers the usability. In this paper, we propose biometric authentication scheme that is economic and easy to use. The proposed scheme is consisted of cancelable biometric template creation, registration and user authentication protocols, and can control several security levels by configuring the number of fingerprints and scan times. We also analyzed that our scheme is secure against the brute-force attack and the active attacks.

키워드

참고문헌

  1. G. J. Lee, K. H. Lee, "A Study of Security Threats in Bluetooth v4.1 Beacon based Coupon Convergence Service," Journal of the Korea Convergence Society, Vol. 6, No. 2, pp. 65-70, 2015. https://doi.org/10.15207/JKCS.2015.6.2.065
  2. J. K. Mun, J, M, Kim, "Modify of extended API for Smart-TV security," Journal of the Korea Convergence Society, Vol. 5, No. 2, pp. 1-6, 2014. https://doi.org/10.15207/JKCS.2014.5.2.001
  3. M. Stamp, Information Security: Principles and Practice 2nd Edition, Wiley-Inerscience, 2011.
  4. S. Y. Kim, K. S. Jang, S. J. Lee, "Study on Password Security," Journal of Digital Forensics, No. 8, pp. 28-39, 2011.
  5. H. Li, K. Toh, L. Li, Advanced Topics in Biometrics, World Scientific, 2011.
  6. Apple Support, Use Touch ID on iPhone and iPad, https://support.apple.com/en-us/HT201371.
  7. N. K. Ratha, J. H. Connell, R. M. Bolle, "Enhancing security and privacy in biometric-based authentication systems," IBM Systems Journal, Vol. 40, No. 3, pp. 614-634, 2001. https://doi.org/10.1147/sj.403.0614
  8. V. M. Patel, N. K. Ratha and R. Chellappa, "Cancelable Biometrics: A review," IEEE Signal Processing Magazine, Vol. 32, No. 5, pp. 54-65, 2015. https://doi.org/10.1109/MSP.2015.2434151
  9. ITU-T X.1088, A Framework for biometric digital key generation, ITU-T, 2008.
  10. S. H. Yun, "The One Time Biometric Key Generation and Authentication Model for Portection of Paid Video Contents," Journal of the Korea Convergence Society, Vol. 5, No. 4, pp. 101-106, 2014. https://doi.org/10.15207/JKCS.2014.5.4.101
  11. Paul F. Roberts, "7 ways to beat fingerprint biometrics," ITworld, http://www.networkworld.com/article/2293129/data-center/120606-10-ways-to-be at-fingerprint-biometrics.html, 2013.
  12. Y. S. Lee, "Security Enhancement to an Biometric Authentication Protocol for WSN Environment," Journal of Information and Security, Vol. 16, No. 6, pp. 83-88, 2016.
  13. G. Jaspher Willsie Kathrine, E. Kirubakaran,. "Biometric Authentication and Authorization System for Grid Security," International Journal of Hybrid Information Technology, Vol. 4, No. 4, pp. 43-58, 2011.
  14. Rathgeb, Uhl, "A survey on biometric cryptosystems and cancelable biometrics," EURASIP Journal on Information Security, http://jis.eurasipjournals.com/content/2011/1/3, 2011.
  15. S. H. Lee, "Relation between Certainty and Uncertainty with Fuzzy Entropy and Similarity Measure," Journal of the Korea Convergence Society, Vol. 5, No. 4, pp. 155-161, 2014. https://doi.org/10.15207/JKCS.2014.5.4.155
  16. J. S. Lee, J. H. Kim, J. S. Chae, B. S. Lee, "A Detection Method of Fake Fingerprint in Optical Fingerprint Sensor," Journal of Korea Multimedia Society, Vol. 11, No. 4, pp. 492-503, 2008.
  17. H. S. Choi, "The Trend of Technology on Count- -erfeiting Biometric Data," The Magazine of the IEIE, Vol. 33, No. 1, pp. 64-72, 2006.