• Title/Summary/Keyword: 바이오메트릭 데이터

Search Result 7, Processing Time 0.024 seconds

The Server based Realtime Biometric Signature Scheme (서버 기반 실시간 바이오메트릭 서명 기법)

  • Yun, Sunghyun
    • Journal of Digital Convergence
    • /
    • v.11 no.9
    • /
    • pp.173-179
    • /
    • 2013
  • In a biometric authentication scheme, a user's biometric data that is unique to the user is used to prove the user's identity to the third party. Since the user should have to participate in every authentication sessions, it's not possible to delegate other users to authenticate instead of himself/herself. In a biometric signature scheme, contrary to authentication scheme, a user's biometric data is used to prove that "this message is signed by the signer who claims to be" to the third party. However, once the biometric key is created, it can be accessed by the signer. Thus, it's possible to lend the biometric key to other users. In this study, the server based biometric realtime signature scheme is proposed. The proposed scheme can be applied to sign the vote in electronic voting or to authenticate the copyright owner in DRM enabled mobile commerce where the proxy signatures are not allowed.

The Biometric Authentication Scheme Capable of Multilevel Security Control (보안레벨 조절이 가능한 바이오메트릭 인증 기법)

  • Yun, Sunghyun
    • Journal of the Korea Convergence Society
    • /
    • v.8 no.2
    • /
    • pp.9-14
    • /
    • 2017
  • A fingerprint is unique to each person and can be represented as a digital form. As the fingerprint is the part of human body, fingerprint recognition is much more easy to use and secure rather than using password or resident card for user authentication. In addition, as the newly released smart phones have built-in camera and fingerprint sensors, the demand for biometric authentication is increasing rapidly. But, the drawback is that the fingerprint can be counterfeited easily and if it's exposed to the hacker, it cannot be reused. Thus, the original fingerprint template should be transformed for registration and authentication purposes. Existing transformation functions use passcode to transform the original template to the cancelable form. Additional module is needed to input the passcode, so it requires more cost and lowers the usability. In this paper, we propose biometric authentication scheme that is economic and easy to use. The proposed scheme is consisted of cancelable biometric template creation, registration and user authentication protocols, and can control several security levels by configuring the number of fingerprints and scan times. We also analyzed that our scheme is secure against the brute-force attack and the active attacks.

The Development of QR-ID Card based on Biometric Data (바이오메트릭 데이터를 이용한 QR-ID 카드 개발)

  • Song, Kyu-hyun;Kim, Dong-hee;Yun, Sung-hyun
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2014.07a
    • /
    • pp.371-374
    • /
    • 2014
  • 현재 국내에서 사용되고 있는 신분 인증 시스템은 주민등록번호와 같은 개인 정보를 기반으로 인증을 수행하여, 프라이버시 침해 위협이 존재한다. 그 해결 방안으로 가상 ID를 이용하는 I-PIN과 e-ID 카드가 제안되었지만, 문제점은 ID와 패스워드만 알고 있다면 누구나 도용이 가능하고 오프라인에서 사용하는 플라스틱 카드의 경우 위 변조가 가능하다는 한계를 갖는다. 본 논문에서는 주민등록번호를 대체할 식별 데이터인 QR-ID를 생성하고, 이에 기반을 둔 QR-ID 카드를 제안한다. QR 코드는 인식기에 대한 제약이 적고 일부 데이터 조작만으로 새로운 QR 코드 생성이 가능하여 노출 시 새로운 ID로 갱신할 수 있으며, QR-ID는 소유자의 바이오메트릭 데이터로 암호화되어 타인이 복호화 할 수 없다.

  • PDF

The One Time Biometric Key Generation and Authentication Model for Portection of Paid Video Contents (상용 비디오 콘텐츠 보호를 위한 일회용 바이오메트릭 키 생성 및 인증 모델)

  • Yun, Sunghyun
    • Journal of the Korea Convergence Society
    • /
    • v.5 no.4
    • /
    • pp.101-106
    • /
    • 2014
  • Most peoples are used to prefer to view the video contents rather than the other contents since the video contents are more easy to understand with both their eyes and ears. As the wide spread use of smartphones, the demands for the contents services are increasing rapidly. To promote the contents business, it's important to provide security of subscriber authentication and corresponding communication channels through which the contents are delivered. Generally, symmetric key encryption scheme is used to protect the contents in the channel, and the session key should be upadated periodically for the security reasons. In addition, to protect viewing paid contents by illegal users, the proxy authentication should not be allowed. In this paper, we propose biometric based user authentication and one time key generation models. The proposed model is consist of biometric template registration, session key generation and chanel encryption steps. We analyze the difference and benefits of our model with existing CAS models which are made for CATV contents protection, and also provides applications of our model in electronic commerce area.

The Biometric Authentication based Dynamic Group Signature Scheme (바이오메트릭 인증 기반의 동적 그룹 서명 기법)

  • Yun, Sunghyun
    • Journal of the Korea Convergence Society
    • /
    • v.7 no.1
    • /
    • pp.49-55
    • /
    • 2016
  • In a delegate authentication, a user can lend his/her own authentication data to the third parties to let them be authenticated instead of himself/herself. The user authentication schemes based on the memory of unique data such as password, are vulnerable to this type of attack. Biometric authentication could minimize the risk of delegate authentication since it uses the biometric data unique by each person. Group authentication scheme is used to prove that each group member belongs to the corresponding group. For applications such as an electronic voting or a mobile meeting where the number of group members is changing dynamically, a new group authentication method is needed to reflect the status of group in real time. In this paper, we propose biometric authentication based dynamic group signature scheme. The proposed scheme is composed of biometric key generation, group public key creation, group signature generation, group signature verification and member update protocols. The proposed member update protocol is secure against colluding attacks of existing members and could reflect group status in real time.

Biometric One-Time Password Generation Mechanism and its Application on SIP Authentication (바이오메트릭 정보를 이용한 일회용 패스워드(B-OTP) 생성 기법 개발 및 응용)

  • Jang, Won-Jun;Lee, Hyung-Woo
    • Journal of the Korea Convergence Society
    • /
    • v.1 no.1
    • /
    • pp.93-100
    • /
    • 2010
  • Diverse kind of attack using the vulnerability of user authentication on Internet service is announced recently. Especially, security accidents on the Internet banking service and Internet telephony service(SIP) are increased rapidly. Attack skills are also evolved into intelligent mechanism. Therefore, more enhanced authentication mechanism is required on existing Internet banking and telephone services for preventing those kinds of attacks using personal identity information such as biometric data. In this research, the proposed B-OTP mechanism can be used to enhance security on a user authentication procedure by combining biometric data with existing OTP mechanism. As a result, the security on internet banking and Internet telephone service will be more improved by using proposed B-OTP mechanism.

Security Enhancement to an Biometric Authentication Protocol for WSN Environment (WSN 환경에서 Biometric 정보를 이용한 안전한 사용자 인증 스킴의 설계)

  • Lee, Youngsook
    • Convergence Security Journal
    • /
    • v.16 no.6_2
    • /
    • pp.83-88
    • /
    • 2016
  • Over recent years there has been considerable growth in interest in the use of biometric systems for personal authentication. Biometrics is a field of technology which has been and is being used in the identification of individuals based on some physical attribute. By using biometrics, authentication is directly linked to the person, rather than their token or password. Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. In 2013, Althobati et al. proposed an efficient remote user authentication protocol using biometric information. However, we uncovered Althobati et al.'s protocol does not guarantee its main security goal of mutual authentication. We showed this by mounting threat of data integrity and bypassing the gateway node attack on Althobati et al.'s protocol. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in WSN(Wireless Sensor Networks) operate with resource constraints such as limited power, computation, and storage space.