Browse > Article
http://dx.doi.org/10.9708/jksci.2019.24.01.145

User attribute verification method using user mobile dynamic information  

Kim, Seok-Hun (Dept. of. Electronic Commerce, PaiChai University)
Abstract
Various supplementary authentication methods are used to supplement user authentication and authorization provided by existing password verification online1. In recent years, authentication and authorization methods using user attribute information have been studied and utilized in various services. User attribute information can be divided into static information and dynamic information. The existing methods focus on research to identify users using dynamic information or to generate challenge questions for user reauthentication. Static information such as a user's home address, school, company, etc. is associated with dynamic information such as location information. We propose a method to verify user attribute information by using the association between two attribute information. For this purpose, the static information of the user is verified by using the user's location record which is dynamic information. The experiment of this paper collects the dynamic information of the actual user and extracts the static information to verify the user attributes. And we implemented the user attribute information authentication system using the proposal verification method and evaluated the utility based on applicability, convenience, and security.
Keywords
User authentication and authorization; Dynamic information; User attribute information;
Citations & Related Records
연도 인용수 순위
  • Reference
1 H.Y. Youm, K. H. Kim, and S. H. Kim, "Guideline on Identity Proofing Management", TTA Journal, Vol. 167, pp.78-82, 2016
2 K. H. Kim, D. H. Yoo, S. H. Kim, B. J. Yoon, and H. Y. Youm, Gap Analysis of ISO/IEC 29115 and ISO/IEC 29003 for Electronic Financial Services Environment in Korea, Review of Korean Society for Internet Information, Vol. 16, pp.65-69. 2015
3 Y.J. Shin, S. H. Shin, J. Lee, and W. Han, "A Study on Improvement of Identification Means in R.O.K.", Journal of Korean Association forRegional Information Society, Vol.18, No. 4, pp.59-88, 2015.
4 E. M. Underwood, J. E. Sullivan, and R. McGeehan, "Social age verification engine", U.S. Patent 8 671 453, Mar. 11, 2014.
5 L. Li, X. Zhao, and G. Xue, "Searching in the dark: A framework for authenticating unknown users in online social networks", in Proc. Glob. Commun. Conf. (GLOBECOM), Anaheim, CA, USA, pp. 714-719. 2012
6 James Clause, Wanchun Li, and Alessandro Orso. Dytan: A Generic Dynamic Taint Analysis Framework. In Proceedings of the 2007 International Symposium on Software Testing and Analysis, ISSTA '07, pages 196-206, New York, NY, USA, 2007. ACM.
7 Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Proceedings of the Network and Distributed System Security Symposium, NDSS '11, San Diego, CA, February 2011.
8 Rolland, C., Prakash, C., "Bridging the Gap Between Organisational Needs and ERP Functionality", RE Journal 5(3):180-193, Springer, 2000.
9 Maxwell Krohn, Alexander Yip, Micah Brodsky, Natan Clier, M. Frans Kaashoek, Eddie Kohler, and Robert Morris. Information Flow Control for Standard OS Abstractions. In Proceedings of 21st ACM SIGOPS Symposium on Operating Systems Principles, SOSP '07, pages 321{334, New York, NY, USA, 2007.
10 Lok Kwong Yan and Heng Yin. DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In Proceedings of the 21st USENIX Conference on Security Symposium, Security '12, pages 29{29, Berkeley, CA, USA, 2012.