• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.3
• /
• pp.73-80
• /
• 2018

Due to the popularity of smartphones and the simplification of financial services, the number of mobile financial services is increasing. However, the security keypads developed for existing financial services are susceptible to probability analysis attacks and have security vulnerabilities. In this paper, we propose and implement a security keypad based on dual touch. Prior to the proposal, we examined the existing types of security keypads used in the mobile banking and mobile payment systems of Korean mobile financial businesses and analyzed the vulnerabilities. In addition, we compared the security of the proposed dual touch keypad as well as existing keypads using the authentication framework and the existing keypad attack types (Brute Force Attack, Smudge Attack, Key Logging Attack, and Shoulder Surfing Attack, Joseph Bonneau). Based on the results, we can confirm that the proposed security keypad with dual touch presented in this paper shows a high level of security. The security keypad with dual touch can provide more secure financial services, and it can be applied to other mobile services to enhance their security.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1260-1262
• /
• 2010

IPTV 는 대표적인 방송통신융합 산업으로 IT 망의 양방향성을 이용한 서비스의 차별화를 내세우며 여러 사업자에 의해 서비스가 이루어지고 있다. 기존 유선 통신망을 중심으로 제공되어 왔던 IPTV 서비스는 최근 모바일 환경 등으로 그 영역을 확대하기 위해 연구가 진행되고 있으며, 다른 한편으로는 IPTV 서비스를 위한 플랫폼 등을 개방하여 사업자가 아닌 일반인도 IPTV 를 통한 방송을 할 수 있는 구조인 Open IPTV 에 대한 연구가 활발하다. 이러한 Open IPTV 환경에서는 다수의 컨텐츠 제공자가 존재하기 때문에 기존 IPTV 에서 사용 되는 특정 기기 혹은 스마트카드를 통한 사용자 인증 및 키 분배가 어려운 실정이다. 따라서 본 논문에서는 Open IPTV 환경에서 안전한 컨텐츠 전송을 위한 사용자 인증 및 키 분배 시스템을 제안하고자 한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.9
• /
• pp.4160-4168
• /
• 2011

The development of computing technology and the increase of using mobile smart devices have brought about changes in our daily life. It makes accessing the internet more easy, and also increases the convenience of our daily life and the variety of information. In this paper, a system for marking the absence using a smart-phone is developed, which is one of the means to increase the convenience of our daily life. Usually the conventional system for the same purpose uses a smart card, so that there are some drawbacks in the system such as attendance by proxy. To compensate the drawbacks, the system proposed in this paper uses a smart-phone belonging to an individual and an instant authentication key to mark the absence that is generated at the time when it is required. It makes the proposed system being more effectively used in marking the absence.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.560-563
• /
• 2015

Door lock system is used for the conventional method by using a key or a card, a pad Replication, loss, and the risk of damage, and has a problem that exposure to others. In this paper, Bluetooth communication and OTP built into smartphones in order to complement the existing door lock system problems OTP(One-Time-Password), Hide-Key utilizing the authentication method and the Arduino smartphone-based design of wireless OTP door lock system by enabling users it allows for more convenient and safe life free from the risk of theft and robbery.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.105-114
• /
• 1995

최근에 사설망의 네트웍 보안 수준을 향상시키기 위한 방법으로 많은 주목을 받고 있는 방화벽에 대해서 알아본다. 그리고 현재의 방화벽에서 사용자 인증과 네트웍 주소 인증 방법에 대한 문제점을 알아보고, 이를 해결하기 위한 인증 시스템을 설계하고자 한다. 사용자 인증을 위해서는 스마트카드를 이용하면서 공개키 암호 알고리듬을 이용하는 강한 사용자 인증 프로토콜을 설계하였으며, 네트웍 주소 인증을 위한 암호학적 기법을 제안했다. 또한 신뢰도에 따른 각 호스트에 적용할 접근 제어 정책에 대해서 알아본다.

• The Journal of Society for e-Business Studies
• /
• v.17 no.4
• /
• pp.1-16
• /
• 2012

Shieh and Wang [10] recently proposed an efficient mutual authentication scheme that combined the cost-effectiveness of operations of Lee et al. [6]. scheme and the security and key agreement of Chen and Yeh scheme. Shieh and Wang [10] scheme, however, does not satisfy the security requirements against a third party (the man-in the middle, attacker) that have to be considered in remote user authentication scheme using password-based smart cards. Shieh and Wang weaknesses are the inappropriateness that it cannot verify the forged message in 3-way handshaking mutual authentication, and the vulnerability that the system (server) secret key can easily be exposed. This paper investigates the problems of Shieh and Wang scheme in the verification procedure of the forged messages intercepted by the eavesdrop. An enhanced two-way remote user authentication scheme is proposed that is safe and strong against multiple attacks by adding the ability to perform integrity check on the server and proposed scheme is not expose user password information and the system's confidential information.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.173-180
• /
• 2016

There has been a growing interest in automation of factories in the country. And, the development in this regard has been actively attempted. In particular, on the basis of the "innovation 3.0 strategy of manufacturing industry", interest in the smart of the manufacturing plant of small and medium-sized enterprises has increased rapidly. As well as policy for building smart plant, technical, seeking a strategic approach. But, in order to introduce such a smart plant or factory automation systems, manufacturing plant security with vulnerability and personal information protection problems, it should always be top priority there. Accordingly, we provide the applicable lightweight secure protocols in RFID communication. It is a wireless communication technology that is most often introduced for factory automation. Our proposed lightweight secure protocol in this study, less the number of calculations in comparison with the existing public key-based and the symmetric key encryption algorithm. And it is fast in compare with the existing protocol. Furthermore, we design that it system can support to low power consumption and small consume the memory size.

• Journal of Digital Contents Society
• /
• v.12 no.1
• /
• pp.57-67
• /
• 2011

Recently, an interest in a mobile search is increasing according to the growing propagation of smart phones. However, a keypad, which is not appropriate for mobile environment, is the only input media for the mobile search. As an alternative, voice emerged as a new media for the mobile search, but this also has weaknesses. Thus, in the paper, we propose a mobile content called Orthros for searching the Internet using images as an input. Orthros extracts texts from images, and then inserts the texts to public search engines as a keyword. Also, Orthros can repeat searching with the extracted texts by storing result URL to internal databases. As an experiment, we analyze properties of recognizable images and present the implementation method in details.

• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.287-293
• /
• 2016

Wireless sensor networks (WSNs) have many applications and are deployed in a wide variety of areas. They are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these WSNs. Recently, an anonymous user authentication and key agreement scheme (AUAKAS) was proposed based on symmetric cryptosystem in WSNs. It is claimed in AUAKAS that it assures security against different types of attacks including impersonation attacks. However, this paper shows that AUAKAS does not cope from user impersonation attack and gateway impersonation attack from the legally registered user on the gateway. The security analysis could guide the required features of the security scheme to be satisfied.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.571-578
• /
• 2017

In order to approach information system through smart device and pc, user has to authenticate him or herself via user authentication. At that time when user tries reaching the system, well-used user authentication technologies are ID/PW base, OTP, certificate, security card, fingerprint, etc. The ID/PWbased method is familiar to users, however, it is vulnerable to brute force cracking, keylogging, dictionary attack. so as to protect these attacks, user has to change the passwords periodically as per password combination instructions. In this paper, we designed and implemented a user authentication system using smartphone's USIM without using password while enhancing security than existing ID / PW based authentication technology.