• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.71-76
• /
• 2017

Today, it is an information society where a large number of users access and view important data in a large number of information assets as needed. In this complexity, techniques related Identify Management are being applied, in order to verify authorized user access to important information assets and manage of history. But, the ability access to sensitive information using account has the disadvantage of being able to open the way for information to the attacker when it is hijacked. Thus, in this paper, we propose a secure Identify Management System that can control the use of accounts based on the attitude of the account holder, but also enhances the security and does not hinder the convenience.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.53-58
• /
• 2012

Network Access Control System that is one of the efforts to protect the information of internal applies to effectively control of insider and automatic network management and security. However, it has some problems : spoofing the authorized PC or mobile devices, connect to the internal network using a system that authorized users are away. In addition, information leakage due to malicious code in the same system. So in this paper, Network 2-Factor Access Control System based on RFID security control system is proposed for safety communication environment that performing a two-factor authentication using authorized user and devices to connect to the internal network.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.5
• /
• pp.1087-1096
• /
• 2011

Vehicular Ad Hoc Network(VANET) using wireless network is offering the communications between vehicle and vehicle(V2V) or vehicle and infrastructure(V2I). VANET is being actively researched from industry field and university because of the rapid developments of the industry and vehicular automation. Information, collected from VANET, of velocity, acceleration, condition of road and environments provides various services related with safe drive to the drivers, so security over network is the inevitable factor. For the secure message authentication, a number of authentication proposals have been proposed. Among of them, a scheme, proposed by Jung, applying database search algorithm, Bloom filter, to RAISE scheme, is efficient authentication algorithm in a dense space. However, k-anonymity used for obtaining the accurate vehicular identification in the paper has a weak point. Whenever requesting the righteous identification, all hash value of messages are calculated. For this reason, as the number of car increases, a amount of hash operation increases exponentially. Moreover the paper does not provide a complete key exchange algorithm while the hand-over operation. In this paper, we use a Received Signal Strength Indicator(RSSI) based velocity and distance estimation algorithm to localize the identification and provide the secure and efficient algorithm in which the problem of hand-over algorithm is corrected.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.853-856
• /
• 2012

모바일 디바이스의 대중화와 SNS(Social Networking Service)의 발전은 각 개인이 데이터와 정보를 생성하는 Web 2.0 의 페러다임을 앞당겼으며 최근 SNS 서비스를 통하여 새로운 형태의 커뮤니케이션 형태가 생성되었다. 이러한 커뮤니케이션 도구를 이용하는 유저는 대부분 ID 와 Password를 기반으로 사용자를 인증하여 서비스를 제공받는다. 이와 같은 서비스에서는 각 사용자의 정보자체보다 사용자의 사회적 위치와 사용자간의 관계를 이용한 보안사고가 우려된다. 근래의 ID/Password로 인증하는 방식의 웹서비스 또는 정보서비스들은 대부분 개인 PC, 스마트폰, 업무 PC 등에서 접근하는 추세이며, 임의적 장소에서 임의의 기기로 해당 서비스에 접근하는 양상은 과거에 비하여 감소하는 추세다. 이 같은 추세에 따라, 주로 사용하는 기기에 HTML5의 keygen과 Web-Storage 기능을 사용하여 암호화된 Key를 생성하고 저장하여 ID 와 Password가 노출되어도 해당 기기가 아니면 인증되지 않는 시스템을 구현 할 수 있으며 타 기기의 경우 일회성을 갖는 인증 방식을 사용하여, 기존 보다 안전한 인증 시스템을 적은 비용으로 구축 할 수 있다.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.183-191
• /
• 2012

This study proposes dual certification model using both what users know and what users own. In detail, this mobile OTP generation model is made up of mobile OTP generation and extraction algorithm satisfying the conditions for reviewing mobile OTP implementation. In order to improve the security of the existing OTP-based systems, the suggested method utilizes user's ID and random number at the mobile OTP generation stage.

• Journal of the Korea Convergence Society
• /
• v.1 no.1
• /
• pp.49-55
• /
• 2010

As the developing of the information communication technology, more and more devices are with the capacity of communication and networking. The convergence businesses which communicate with the devices have been developing rapidly. The IT convergence communication is viewed as one of the next frontiers in wireless communications. In this paper, we analyze detailed security threats against M2M(Machine to Machine), intelligent vehicle, smart grid and u-Healthcare in IT convergence architecture. We proposed a direction of the IT convergence security that imbedded system security, forensic security, user authentication and key management scheme.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.595-598
• /
• 2013

클라우드 컴퓨팅 환경은 다양한 IT 기술이 융합된 형태로 수많은 사용자들이 같은 인프라를 기반으로 서비스를 제공받는 환경이다. 이렇게 수많은 사용자들이 이용하는 클라우드 컴퓨팅 환경에서는 악성코드 유포, 개인정보 탈취 등과 같은 문제점이 발생할 수 있기 때문에 사용자를 인증할 수 있는 필요성이 대두되었다. 이러한 문제점을 해결할 수 있는 대응 방안이 많이 연구되고 있지만, 클라우드 컴퓨팅 환경의 특징을 고려하지 않고 개발되었기 때문에 적용하기에는 다소 문제점이 있을 것으로 예상된다. 이러한 문제점을 해결하기 위해 Lee 등은 2-factor 인증 기법을 제안하였다. 그러나 Lee 등이 제안한 인증 기법은 무결성, 기밀성을 보장하지 못하며, 도청에 취약한 것으로 분석되었다. 따라서 본 논문에서는 이러한 문제점을 해결할 수 있는 프로토콜을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.379-388
• /
• 2020

As the use of credit cards increases, security threats increase. In particular, despite being vulnerable to related crimes, such as fraudulent use of credit cards and theft of names, there are virtually no security procedures to authenticate the validity of user while paying with the credit card. In order to overcome these limitations of current credit card payments, we add a process of signing payment using a stylus pen with built-in acceleration sensor in the existing transaction method, and classifying and comparing the image of the signature and signature information measured by the sensor through the convolutional neural network. we propose a method to improve security in financial transactions by performing the user authentication process through the possession of the stylus pen and the characteristic values of the signature.

• Journal of information and communication convergence engineering
• /
• v.8 no.2
• /
• pp.173-179
• /
• 2010

Over recent years, much research attention has been devoted to a two-factor authentication mechanism which integrates both tokenized pseudorandom numbers with user specific biometric features for biometric verification, known as Biohash. The main advantage of Biohash over sole biometrics is that Biohash is able to achieve a zero equal error rate and provide a clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without imperiling the false reject rates. Nonetheless, when the token of a user is compromised, the recognition performance of a biometric system drops drastically. As such, a few solutions have been proposed to improve the degraded performance but such improvements appear to be insignificant. In this paper, we investigate and pinpoint the basis of such deterioration. Subsequently, we propose a two-level approach by utilizing strong inner products and fuzzy logic weighting strategies accordingly to increase the original performance of Biohash under this scenario.

• International Journal of Contents
• /
• v.16 no.2
• /
• pp.41-50
• /
• 2020

This paper presents Reflectance Transformation Imaging (RTI) as a tool to support the study of paintings and authentication. Manufacturing techniques of the artist are reviewed through the comparison between liberal perspectives and digital imaging techniques. In this study, RTI was applied to focus on the detailed textural information of eight paintings by Korean artist Lee Ji-ho. The RTI result visualizes shallow reliefs of brush strokes and different mediums on the surface technically enhanced through imaging filters, and these morphological textures on the surface act as a key factor in understanding the characteristics of the artist. The surface morphology and art criticism work as qualitative indicators to analyze the change of artistic techniques through time, and the usage of different mediums. The results of this study confirm that the RTI technique can be used as an analysis device in the study of paintings.