Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.2.347

Privacy Preserving User Authentication Using Biometric Hardware Security Module  

Shin, Yong-Nyuo (Hanyang Cyber University)
Chun, Myung-Geun (Chungbuk National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.2, 2012 , pp. 347-355 More about this Journal
Abstract
A biometric hardware security module is a physical device that comes in the form of smartcard or some other USB type security token is composed with biometric sensor and microcontroller unit (MCU). These modules are designed to process key generation and electronic signature generation inside of the device (so that the security token can safely save and store confidential information, like the electronic signature generation key and the biometric sensing information). However, the existing model is not consistent that can be caused by the disclosure of an ID and password, which is used by the existing personal authentication technique based on the security token, and provide a high level of security and personal authentication techniques that can prevent any intentional misuse of a digital certificate. So, this paper presents a model that can provide high level of security by utilizing the biometric security token and Public Key Infrastructure efficiently, presenting a model for privacy preserving personal authentication that links the biometric security token and the digital certificate.
Keywords
Biometric Hardware Security Module; Biometrics; Personal Identifiable Information; Privacy;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 곽진, 홍순원, 이완석, "보안 토큰의 취약성/보안요구사항 분석 및 CC V3.1기반 보호 프로파일 개발," 정보보호학회논문지 18(2) pp. 139-150, 2008년.
2 전명근, "바이오 보안 토큰을 위한 표준안 개발," 정보통신표준기술력향상사업 최종보고서, 지식경제부, 방송통신위원회, 2011년.
3 신용녀, 김영진, 전명근, "바이오보안 토큰과 PKI 연계방안," 한국정보기술학회 논문지, 9(5), pp. 207-216, 2011년.
4 한국정보통신기술협회, "바이오보안 토큰용 API: TTAK.KO-12.0165," 정보통신단체표준, 2011 년.
5 이재일, 박종욱, 김승주, 송주석, "X.509 인증서에 포함된 프라이버시 보호기능을 가진 개인 식별 방법," 정보보호학회논문지, 16(5), pp. 59-66, 2006년.
6 ISO/IEC JTC1 SC27 International Standard 24745, "Biometric Information protection," 2011년.
7 A. Carlisle, L. Steve, "Understanding PKI: Concepts, Standards, and Deployment Considerrations," 2nd Edition, Addison Wesley, 2003년.
8 신용녀, 권만준, 이용준, 박진일, 전명근, "개인식 별정보와 바이오인식정보의 보호기법," 한국지능시스템학회 논문지 19(2), pp.160-167, 2009 년.
9 권만준, 신용녀, 송창규, 전명근, "재발급 가능한 바이오인식 정보를 이용한 개인인증용 표준 포맷 설계 및 구현," 한국정보기술학회논문지 9(6), pp.177-188, 2011년.
10 한국인터넷진흥원, "식별번호를 이용한 본인확인 기술규격," V1.21, 2009년.
11 IETF RFC 4683, "Internet X.509 Public Key Infrastructure Subject Identification," 2006년.
12 RSA Laboratories PKCS#10 V1.7, "Certificate Request Syntax Standard," 2000년.
13 ISO/IEC JTC1 SC27 International Standard 24761- Security techniques- ACBio, Authentication Context for Biometrics, 2009년.
14 ITU-T International Standard X.1084 "Telebiometric system mechanism - part1 : General biometric authentication protocol and system model profiles for telecommunication systems," 2008년.
15 ISO/IEC 19795 -Information technology- Biometric performance testing and reporting, 2006년.
16 신용녀, 김학일, 전명근, "개인정보보호 참조 아키텍처와 국제표준화 동향," 정보보호학회지 21(5), pp. 12-20, 2011년.
17 한병진, 김학일, 신용녀, 전명근, "바이오인식 표준화 동향- 국제표준화기구를 중심으로," 정보보호학회지 21(2), pp. 61-69, 2011년.