• Journal of Venture Innovation
• /
• v.2 no.2
• /
• pp.21-29
• /
• 2019

In the public certificate technology commonly used in Korea, users have a cumbersome problem of always resetting when they forget their password. In this paper, as a solution to this problem, we propose a secure authentication certificate password recovery protocol using blockchain, PKI, and DID for distributed storage. DID is a schema for protecting block ID in blockchain system. The private key used in the PKI is configured as a user's biometric, for example, a fingerprint, so that it can completely replace the memory of the complex private key. To this end, based on the FIDO authentication technology that most users currently use on their smartphones, the process of authenticating a user to access data inside the block minimizes the risk of an attacker taking over the data.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.163-173
• /
• 2010

PKI(Public Key Infrastructure)-based information certification technology has some limitations to be universally applied to mobile banking services, using smart phones, since PKI is dependent on the specific kind of web browser, Internet Explorer. OTP(One Time Password) is considered to be a substitute or complementary service of PKI, but it still shows low acceptance rate. Therefore, in this research, we analyze why OTP has not been very popular, and provide useful implications of making OTP more extensively and frequently used in the mobile environment. Perceived security of OTP was set as a higher-order construct of integrity, confidentiality, authentication, and non-repudiation. Research findings show that security awareness and perceived security of OTP is positively associated, and the relationship between perceived security and trust on OTP is statistically significant. Also, trust is positively related to intention to use OTP continuously.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.29-38
• /
• 2012

Due to rapid spread of smart phones and SNS(Social Network Service), using of Internet applications has increased and taking up bandwidth more than 3G network's capacity recently. This caused reduction of speed and service quality, and occurred strong needs that backbone network company to increasing investment costs. Also a great rise of mobile network users causing identity management problems on mobile service provider through mobile network. This paper proposes advanced IDM3G[1] - to solve user ID management and security problems on mobile internet application services over 3G network and more - authentication management protocol. $I^2DM$ protocol breakup loads which made by existing IDM3G protocol's mutual authentication via mobile operator, via sending some parts to internet application service provider, enhancing mobile and ID management of service provider and network load and process load from information handling and numbers of transmitting packets, to suggest more optimized protocol against further demanding of 3G mobile network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1293-1300
• /
• 2012

With the rapid evolution of mobile devices and the development of wireless networks, users of mobile social network service on smartphone have been increasing. Also the security of personal information as a result of real-time communication and information-sharing are becoming a serious social issue. In this paper, a framework that can be linked with a social network services platform is designed using OpenAPI. In addition, we propose an authentication and detection mechanism to enhance the level of personal information security. The authentication scheme is based on an user ID and password, while the detection scheme analyzes user-designated input patterns to verify in advance whether personal information protection guidelines are met, enhancing the level of personal information security in a social network service environment. The effectiveness and validity of this study were confirmed through performance evaluations at the end.

• Journal of Convergence for Information Technology
• /
• v.12 no.4
• /
• pp.1-8
• /
• 2022

With the development of communication infrastructure, the number of network equipment owned by one person is gradually increasing. General-purpose devices such as smartphones can implement theft/loss prevention function by implementing S/W. However, other small devices lack practicality such as long-distance communication problems due to standard communication technology specifications or H/W limitations, and lack of functions(authentication and security). This study combines the Lora communication protocol in the LPWA standard environment and the blockchain technology. Anti-theft and security functions were added to the protocol, and the PBFT consensus algorithm was applied to build a blockchain network. As a result of the test, the effectiveness of safety(authentication and trust network) and performance(blockchain processing performance) were confirmed. This study aims to contribute to the future development of portable or small device anti-theft products as a 4th industrial convergence research.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.47-55
• /
• 2015

Recently, the environment of a hospital information system is a trend to combine various SMART technologies. Accordingly, various smart devices, such as a smart phone, Tablet PC is utilized in the medical information system. Also, these environments consist of various applications executing on heterogeneous sensors, devices, systems and networks. In these hospital information system environment, applying a security service by traditional access control method cause a problems. Most of the existing security system uses the access control list structure. It is only permitted access defined by an access control matrix such as client name, service object method name. The major problem with the static approach cannot quickly adapt to changed situations. Hence, we needs to new security mechanisms which provides more flexible and can be easily adapted to various environments with very different security requirements. In addition, for addressing the changing of service medical treatment of the patient, the researching is needed. In this paper, we suggest a dynamic approach to medical information systems in smart mobile environments. We focus on how to access medical information systems according to dynamic access control methods based on the existence of the hospital's information system environments. The physical environments consist of a mobile x-ray imaging devices, dedicated mobile/general smart devices, PACS, EMR server and authorization server. The software environment was developed based on the .Net Framework for synchronization and monitoring services based on mobile X-ray imaging equipment Windows7 OS. And dedicated a smart device application, we implemented a dynamic access services through JSP and Java SDK is based on the Android OS. PACS and mobile X-ray image devices in hospital, medical information between the dedicated smart devices are based on the DICOM medical image standard information. In addition, EMR information is based on H7. In order to providing dynamic access control service, we classify the context of the patients according to conditions of bio-information such as oxygen saturation, heart rate, BP and body temperature etc. It shows event trace diagrams which divided into two parts like general situation, emergency situation. And, we designed the dynamic approach of the medical care information by authentication method. The authentication Information are contained ID/PWD, the roles, position and working hours, emergency certification codes for emergency patients. General situations of dynamic access control method may have access to medical information by the value of the authentication information. In the case of an emergency, was to have access to medical information by an emergency code, without the authentication information. And, we constructed the medical information integration database scheme that is consist medical information, patient, medical staff and medical image information according to medical information standards.y Finally, we show the usefulness of the dynamic access application service based on the smart devices for execution results of the proposed system according to patient contexts such as general and emergency situation. Especially, the proposed systems are providing effective medical information services with smart devices in emergency situation by dynamic access control methods. As results, we expect the proposed systems to be useful for u-hospital information systems and services.

• Journal of the Korea Convergence Society
• /
• v.11 no.7
• /
• pp.19-24
• /
• 2020

WHO declared a global pandemic on March 11th for Corona 19. However, there is a situation where you have to go to building for face-to-face education or seminars for economic and social activities. The first check method of COVID-19 infection is to measure body temperature, so the primary entrance and exit is blocked for near-field body temperature measurement. However, since it is troublesome to check directly, thermal camera is installed at the entrance of the building, and body temperature is measured indirectly using the infrared camera to control access. In case of middle and high schools, universities, and lifelong education center, we need a system that is possible to interoperate with attendance checks and automatically recognizes whether to wear masks and can authenticate students. We proposed the system that is to confirm whether to wear a mask with a camera that is embedded in a smart mirror, and that authenticates the user through voice recognition of the user who wants to enter the building by using voice recognition technology and determines whether to enter them or not. The proposed system can check attendance if it is linked with near-field temperature measurement and attendance check APP of student's smart phone.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.10
• /
• pp.2473-2480
• /
• 2015

In telemedicaine, people can make their health checked at anywhere from temporal and spatial constraints and It's environment can provide continuous health information regardless of the location of customers through PCs and smart phones. In addition, personal health information collected utilizing the BYOD(bring your own device) is the most important factor data security and guaranteed personal privacy because it's directly connected to the individual's health and life. In this paper, we provide a signature of the private key encryption system and method for providing the security of personal health information data collected utilizing the BYOD. Against replay attacks and man-in-the-middle attacks on security issues that are emerging as a smart environmental health was used as the timestamp and signature methods. Proposed method provides encryption overhead, while a communication was lower compared to the pre-encrypted with a mean 1.499mJ 1.212mJ shown by simulation to respond quickly in an emergency situation to be about 59%.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.7
• /
• pp.15-21
• /
• 2015

Due to the appearance of various mobile terminals like smartphone, smartpad, and smartwatch and tremendous development of WiFi technology, data utilization rate on WiFi network is significantly increasing. As a result, users are wanting to use WiFi network using only a simple identification at a visited place as if they are at their home institute. In this paper, we review the domestic status of eduroam service which supports global extension of wireless network access environment and present the future development perspective of the service in Korea. Besides, we shed light on the current status of WiFi sharing service between domestic universities and propose some methods to facilitate the join of domestic universities in eduroam service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.189-200
• /
• 2012

With increasing the number of smart device such as Tablet PC, smart phone and netbook, information security which based on smart device in mobile environment have become the issue. It is important to enter a password safety. In various types of mobile devices, because of hardware limitation of device, it is difficult that to equip secondary input device such as keyboard and mouse. Also, a loss of accuracy becomes a problem because input information was entered by touch screen. Because of problem mentioned above it can be predicted to change password scheme text based password scheme to graphical password scheme, graphical password scheme is easy to use and is resistant to shoulder surfing attack. So this paper proposes new graphical password scheme based 5 strokes which are made by decomposed the Korean to defend against shoulder surfing attack.