• Journal of Digital Convergence
• /
• v.12 no.4
• /
• pp.285-291
• /
• 2014

Recent, development of wireless communication devices are rapidly and these device being deployed to the user very fast. By this results, a wired network device and the new device such as wireless devices incorporate. Then a demand of new mesh network is rapidly growing. In this wired/wireless integrated network environment, the network is configured automatically, and a user or wireless communication devices must be provided for authentication services. But, these services do not in the real world. Therefore, in this paper, we propose that wired/wireless integrated network environment to automatically configure the network using OpenFlow and the authentication system using Kerberos method. Our proposed system to be able to provide authentication services, confidentiality, integrity services for user or wired/wireless communication devices. And it can be prvented as well to man-in-the-middle attacks.

• Journal of Digital Convergence
• /
• v.15 no.5
• /
• pp.217-223
• /
• 2017

With the development of sensor networks and Internet of Things (IoT) technology, personalized context information has been collected and customized services can be provided to related users. Currently, the context information system is at the level of analyzing and recognizing user specific behavioral characteristics and generating events.In the IoT environment, IoT products themselves should provide the required services with minimal user intervention, rather than acting for a specific purpose. In this paper, to minimize the user intervention in the IoT environment, we implemented an automatic attendance recognition system using context information from the ECG based on beacon. Environment of provided specific Context information, we compared and analyzed the degree of user intervention among the authentication method using ECG sensor in this paper and the existing authentication method. As a result of the analysis, we confirmed that the system implemented in this paper minimizes user intervention.

• Journal of Digital Convergence
• /
• v.18 no.11
• /
• pp.227-232
• /
• 2020

The one of the biggest challenges in using e-mail is that it is difficult to filter out unconfirmed senders. Therefore, in this study, an email group authentication API was designed using blockchain technology, which has been widely used as an authentication method. As the proposed model, the node-node weighting index was obtained through the relationship association network, and after designing the email reliability model, the reliability calculation model of the Rotten Tomato method was obtained. Based on this, the system structure was designed, chain code methods were defined, and API was developed. Through this study, it is expected that it will be used in various fields requiring authentication as well as email user authentication, and it is expected that the relationship of group authentication can be proved by allowing a large number of users to use the API in the future.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.795-801
• /
• 2013

As the life which existed only offline has changed into a life part of which is led online, it is an important problem to identify whether an online user is legitimate one or not. Biometric authentication technology was developed to identify the user more correctly either online or in offline daily life. Biometric authentication is a technology where a person is identified by his or her unique characteristics, and is highlighted as a next-generation authentication technology replacing password. There are various kinds of traits unique to each individual, and biometric authentication technologies drawing on such traits use various devices and algorithms. Firstly, this paper classified such various biometric authentication technologies, and analyzed the effects of them when they are applied on smartphone, smartwatch and M2M of the different devices platforms. Secondly, it suggested the effectiveness-based AIB(Authentication for Integrated Biometrics) authentication technique, a comprehensive authentication technique, which can be used in different devices platforms. We have successfully included the establishment scheme of the effectiveness authentication using biometrics.

• Journal of Digital Convergence
• /
• v.11 no.9
• /
• pp.173-179
• /
• 2013

In a biometric authentication scheme, a user's biometric data that is unique to the user is used to prove the user's identity to the third party. Since the user should have to participate in every authentication sessions, it's not possible to delegate other users to authenticate instead of himself/herself. In a biometric signature scheme, contrary to authentication scheme, a user's biometric data is used to prove that "this message is signed by the signer who claims to be" to the third party. However, once the biometric key is created, it can be accessed by the signer. Thus, it's possible to lend the biometric key to other users. In this study, the server based biometric realtime signature scheme is proposed. The proposed scheme can be applied to sign the vote in electronic voting or to authenticate the copyright owner in DRM enabled mobile commerce where the proxy signatures are not allowed.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.775-781
• /
• 2013

N-screen is a Service that can be provide for One Service Multi Device. If the network is changed or if the device is changed after authentication the device fits seamlessly send footage. Security threats that occur here have a problem with user authentication. In this paper proposes available in a multi-device the authentication system. Homomorphic Encryption Algorithm of authentication scheme used. Among the authentication mechanism that already exists is a simple and lightweight authentication mechanism. In addition, N-screen service that uses multiple devices is simple authentication process of the device. Review the results of proposed authentication protocol, encryption algorithm to process a small storage capacity and is easy to work in low processor. And was suitable for use with multiple devices.

• Journal of Digital Convergence
• /
• v.19 no.4
• /
• pp.133-139
• /
• 2021

Due to the rapid progress in network technology, many research on content security technologies is also being conducted in the mobile digital content sector. In the meantime, content protection has been immersed in preventing illegal copying, certifying, and issuance/management certificates, but still have many vulnerabilities in managing or authenticating confidential information. This study aims to strengthen confidential information about content based on dual management of content download rights through mobile phone numbers or device numbers. It also protect replay-attack by building a secure mobile DRM system where digital content is safely distributed based on a three-stage user authentication process. In addition, blockchain-based content security enhancements were studied during the primary/secondary process for user authentication for the prevention of piracy and copyright protection. In addition, the client authentication process was further improved through three final stages of authorization in the use of illegal content, considering that legitimate users redistributed their content to third-party.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.549-554
• /
• 2014

Studies on the intelligent vehicles that are converged with IT and vehicular technologies are currently under active discussion. A variety of communication technologies for safety intelligent vehicle services are support. As such intelligent vehicles use communication technologies, they are exposed to the diverse factors of security threats. To conduct intelligent vehicle security authentication solutions, there are some factors that can be adopted ownership, knowledge and biometrics[6,7]. This paper proposes to analyze the factors to threaten intelligent vehicle, which are usually intruded through communication network system and the security solution using biometric authentication scheme. This study proposed above user's biometrics information-based authentication scheme that can solve the anticipated problems with an intelligent vehicle, which requires a higher level of security than existing authentication solution.

• Review of KIISC
• /
• v.26 no.4
• /
• pp.41-46
• /
• 2016

전통적으로 바이오인식기술은 출입국심사(전자여권, 승무원 승객 신원확인), 출입통제(도어락, 출입통제 근태관리), 행정(무인민원발급, 전자조달), 사회복지(미아찾기, 복지기금관리), 의료(원격의료, 의료진 환자 신원확인), 정보통신(휴대폰 PC 인터넷 인증), 금융(온라인 뱅킹, ATM 현금인출) 등 다방면에서 폭넓게 보급되어 실생활에서 널리 활용되고 있다. [그림1]은 신체적 특징(Physiological biometrics)과 행동적 특징(Behavioral biometrics)을 이용한 사용자 인증기술인 바이오인식기술의 유형과 함께 각 기술별 보안취약점(괄호 안 빨강색글자)을 나타내고 있다. 최근 들어, 모바일 지급결제서비스 ATM 인출기 인터넷전문은행 등과 같은 핀테크 분야에서 비대면 인증기술로 바이오인식기술이 각광을 받기 시작했다. 한편, 가짜지문 등 기존의 신체적 특징을 이용한 바이오인식기술의 위변조 위협에 대한 우려 존재함에 따라 뇌파 심전도 근전도 맥박 등 살아있는 사람의 행동적(신체의 기능적) 특징을 이용한 생체신호를 이용하여 비대면 인증기술로서 활용하기 위하여 주요 선진국에서 차세대 바이오인식 기술개발이 가속화되고 있는 추세이다.[1] 또한, 이러한 생체신호는 최근에 삼성전자, LG전자, 애플 등에서 스마트워치를 통해 심장박동수를 측정하고 스마트폰을 통하여 모바일 지급결제, 헬스케어 등과 같은 IoT 모바일 융복합 응용서비스에 활용될 전망이다. 본고에서는 뇌파 심전도(심박수)와 같은 생체신호를 측정하는 스마트워치 밴드형 의복형 또는 패치형태의 웨어러블 디바이스와 같은 생체신호센서, 생체신호 인증기술 및 관련표준화 동향을 고찰해 보기로 한다. 국내외 관련기술과 표준화 동향을 면밀히 분석하여 지난 2015년 5월29일에 발족한 국내외 전문가그룹인 KISA"모바일 생체신호 인증기술 표준연구회"(이하 KISA 표준연구회)가 구심점이 되어 한국형 생체신호를 이용한 차세대 텔레바이오인식기술에 대한 연구개발과 국내외 표준화 추진에 박차를 가할 계획이다.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.153-159
• /
• 2012

Now a days, U-healthcare comes into the spotlight as a new business model which combines RFID technology with medical service in the well-being era and IT popularization. U-healthcare service needs a method that can deals with hand-writing, overlap data, forgery and falsification of data, difference between information version that happen in medical process because of graft between RFID technology and u-healthcare. This paper proposes RFID based user certification protocol to protect user's privacy who gets medical service through U-healthcare. In the protocol, secret information of patient does the XOR with the secret key that is created in the hospital to reconsider the stability of security system of U-healthcare and user's data forgery and falsification and privacy and then saves it in the secret key field of patient in DB table. Also, it informs the case of illegal access to certification server and make it approved the access of u-healthcare service by differentiating whether u-healthcare is illegal or not.