Journal of the Korea Convergence Society (한국융합학회논문지)

Korea Convergence Society (한국융합학회)
권호 표지
DOI QR코드

DOI QR Code

Multiple Method Authentication System Using Embedded Device

임베디드 기기를 활용한 다중 방식 인증 시스템

  • Jeong, Pil-Seong (Dept. of Information Technology Communication, Myongji College) ;
  • Cho, Yang-Hyun (Division of Computer & Mechatronics Engineering, Sahmyook University)
  • 정필성 (명지전문대학 정보통신공학과) ;
  • 조양현 (삼육대학교 컴퓨터.메카트로닉스공학부)
  • Received : 2019.05.13
  • Accepted : 2019.07.02
  • Published : 2019.07.28
Download PDF
⟨ Previous Next ⟩

Abstract

Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.

스마트폰을 이용하는 사용자는 인증이 필요한 시스템에 접근 권한을 획득하기 위해서 지식기반 인증, 소유기반 인증, 생체기반 인증, 토큰기반 인증 등을 이용하여 인증을 진행한다. 하지만 데스크탑 컴퓨터 사용자는 다양한 인증 방식이 있음에도 불구하고 인증 기기의 제한으로 지식기반 인증 요소인 아이디와 비밀번호를 이용하여 인증하는 방식을 주로 사용하고 있다. 본 논문에서는 사용자가 원하는 방식의 인증 방식을 사용할 수 있는 기능을 제공하는 라즈베리 파이 기반의 다중 방식 인증 시스템을 설계하고 구현하였다. 구현 시스템은 지식기반 인증, 소지기반 인증, 생체기반 인증, 토큰기반 인증 방식을 사용한다. 제안 시스템을 이용하면 경제적인 부담 때문에 별도의 보안 담당자를 두기 어려운 중소기업에서 활용이 가능한 보안 기능을 제공할 수 있다. 구현된 시스템은 개인용뿐만 아니라 기업에서도 사용 가능하며, 금융, 게임 등 다양한 분야에 적용할 수 있다.

Keywords

OHHGBW_2019_v10n7_7_f0001.png 이미지

Fig. 1. Proposed system model

OHHGBW_2019_v10n7_7_f0002.png 이미지

Fig. 2. User registration flow

OHHGBW_2019_v10n7_7_f0003.png 이미지

Fig. 3. User Identification, password registration flow

OHHGBW_2019_v10n7_7_f0004.png 이미지

Fig. 4. User face registration flow

OHHGBW_2019_v10n7_7_f0005.png 이미지

Fig. 5. RFID tag registration flow

OHHGBW_2019_v10n7_7_f0006.png 이미지

Fig. 6. Smartphone registration flow

OHHGBW_2019_v10n7_7_f0007.png 이미지

Fig. 7. Possession based authentication method

OHHGBW_2019_v10n7_7_f0008.png 이미지

Fig. 8. Proposed system

OHHGBW_2019_v10n7_7_f0009.png 이미지

Fig. 9. User authentication using Identification, password

OHHGBW_2019_v10n7_7_f0010.png 이미지

Fig. 10. User authentication using RFID

OHHGBW_2019_v10n7_7_f0011.png 이미지

Fig. 11. User authentication using OTP

OHHGBW_2019_v10n7_7_f0012.png 이미지

Fig. 12. User authentication using face

Table 1. Raspberry Pi 3 B+ specifications

OHHGBW_2019_v10n7_7_t0001.png 이미지

Table 2. Proposed system specifications

OHHGBW_2019_v10n7_7_t0002.png 이미지

Table 3. Authentication System Comparison

OHHGBW_2019_v10n7_7_t0003.png 이미지

Table 4. Authentication System Comparison

OHHGBW_2019_v10n7_7_t0004.png 이미지

References

  1. J. W. Jung, J. D. Kim, M. G. Song & C. G. Jin. (2015). A study on Development of Certification Schemes for Cloud Security, The Journal of digital policy & management, 13(8), 43-49. DOI: 10.14400/JDC.2015.13.8.43
  2. S. H. Hong. (2012). New Authentication Methods based on User's Behavior Big Data Analysis on Cloud, Journal of Convergence for Information Technology, 2(2), 35-41. DOI: 10.22156/CS4SMB.2016.6.4.031
  3. M. K. Choi, T. C. Kwan & D. H. Lee. (2013). Analysis of Security Vulnerability in Home Trading System, and its Countermeasure using Cell phone, Journal of The Korea Institute of Information Security and Cryptology, 23(1), 19-32. DOI: 10.13089/jkiisc.2013.23.1.019
  4. S. J. Kim. (2010). Information Security Plan on Cloud Computing - Information Security Management System, Korean Review of Management Consulting, 1(2), 194- 208.
  5. H. T. Chae & S. J. Lee. (2014). Security Policy Proposals through PC Security Solution Log Analysis - Prevention Leakage of Personal Information, Journal of the Korea Institute of Information Security & Cryptology, 24(5), 961-968. DOI: 10.13089/jkiisc.2014.24.5.961
  6. D. R. Kim. (2015). A Study on the OTP Generation Algorithm for User Authentication, The Journal of digital policy & management, 13(1), 283-288. DOI: 10.14400/JDC.2015.13.1.283
  7. S. H. Lee. (2014). User Authentication Using Biometrics and OTP in Mobile Device, Journal of Convergence for Information Technology, 4(3), 85-90.
  8. T. K. Lee, Y. H. Kim & E. G. Im. (2017). Biometric User Authentication Method of Mobile Appilication in Trustable Space, Journal of The Korea Institute of Information Security and Cryptology, 27(2), 201-212. DOI: 10.13089/jkiisc.2017.27.2.201
  9. J. S. Kim, S. J. Lee, B. S. Kim & S. W. Lee. (2015). Standardization trend of non-face authentication technology based on telebio recognition, Journal of The Korea Institute of Information Security and Cryptology, 25(4), 43-50.
  10. Y. J. Lee, Y. E. Ku & T. K. Kwon. (2019). A Study of User Perception on Features Used in Behavior-Based Authentication, Journal of the Korea Institute of Information Security & Cryptology, 29(1), 127-137. https://doi.org/10.13089/JKIISC.2019.29.1.127
  11. Raspberry Pi Foundation. (2019). Raspberry Pi. Raspberry Pi [Online]. https://www.raspberrypi.org
  12. Y. J. Shin. (2017). A Study on the Personal Information Protection for Improvement of Personal Identification - Focusing on the Alternative Means of Resident Number for Users, Journal of Korean Associastion for Regional Information Society, 20(2), 1-24.
  13. S. H. Yun. (2016). The Biometric Authentication based Dynamic Group Signature Scheme, Journal of the Korea Convergence Society, 7(1), 49-55. DOI: 10.15207/jkcs.2016.7.1.049
  14. M. G. Lee, Do. W. Kim & J. S. Shon. (2012). Active Authentication Method using NFC, The Journal of Korean Institute of Communications and Information Sciences, 37(2), 140-156. https://doi.org/10.7840/KICS.2012.37C.2.140
  15. C. O. Kang, J. J. Won, S. J. Park & J. C. Ryou. (2013). Efficient File System Level Encryption Mechanism Using HSM, Journal of the Korea Institute of Information Security and Cryptology, 23(5), 849-858. DOI: 10.13089/jkiisc.2013.23.5.849
  16. S. Balaban. (2015). Deep learning and face recognition: the state of the art, Biometric and Surveillance Technology for Human and Activity Identification XII, 1-9 DOI: 10.1117/12.2181526