• International Journal of Contents
• /
• v.1 no.1
• /
• pp.29-34
• /
• 2005

In this paper, we proposed an advanced authentication structure for reducing the certificate acquisition time which is one of the factors that should be improved in a conventional wireless PKI. A conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. We simulated and compared the authentication structure proposed by Sufatrio, K. Lam[4] and proposed authentication structure in terms of the authentication time. Simulation results show that the proposed method reduces the authentication time compared to the conventional wireless PKI authentication method.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.187-198
• /
• 2011

User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.63-76
• /
• 2023

Identity and access management in cloud computing is one of the leading significant issues that require various security countermeasures to preserve user privacy. An authentication mechanism is a leading solution to authenticate and verify the identities of cloud users while accessing cloud applications. Building a secured and flexible authentication mechanism in a cloud computing platform is challenging. Authentication techniques can be combined with other security techniques such as intrusion detection systems to maintain a verifiable layer of security. In this paper, we provide an interactive, flexible, and reliable multi-factor authentication mechanisms that are primarily based on a proposed Authentication Method Selector (AMS) technique. The basic idea of AMS is to rely on the user's previous authentication information and user behavior which can be embedded with additional authentication methods according to the organization's requirements. In AMS, the administrator has the ability to add the appropriate authentication method based on the requirements of the organization. Based on these requirements, the administrator will activate and initialize the authentication method that has been added to the authentication pool. An intrusion detection component has been added to apply the users' location and users' default web browser feature. The AMS and intrusion detection components provide a security enhancement to increase the accuracy and efficiency of cloud user identity verification.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.1
• /
• pp.81-87
• /
• 2014

Password-based authentication using smart card provides two factor authentications, namely a successful login requires the client to have a valid smart card and a correct password. While it provides stronger security guarantees than only password authentication, it could also fail if both authentication factors are compromised ((1) the user's smart card was stolen and (2) the user's password was exposed). In this case, there is no way to prevent the adversary from impersonating the user. Now, the new technology of biometrics is becoming a popular method for designing a more secure authentication scheme. In terms of physiological and behavior human characteristics, biometric information is used as a form of authentication factor. Biometric information, such as fingerprints, faces, voice, irises, hand geometry, and palmprints can be used to verify their identities. In this article, we review the biometric-based authentication scheme by Cheng et al. and provide a security analysis on the scheme. Our analysis shows that Cheng et al.'s scheme does not guarantee any kind of authentication, either server-to-user authentication or user-to-server authentication. The contribution of the current work is to demonstrate these by mounting two attacks, a server impersonation attack and a user impersonation attack, on Cheng et al.'s scheme. In addition, we propose the enhanced authentication scheme that eliminates the security vulnerabilities of Cheng et al.'s scheme.

• Journal of the Korea Convergence Society
• /
• v.10 no.7
• /
• pp.7-14
• /
• 2019

Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.7 no.5
• /
• pp.879-886
• /
• 2006

In this paper, we proposed an advanced authentication structure for reducing the certificate acquisition time which is one of the factors that should be improved in a conventional wireless PKI. A conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. We simulated and compared the authentication structure proposed by Sufatrio, K. Lam[4] and the our authentication structure in terms of the authentication time. Simulation results show that the proposed method reduces the authentication time comparing to the conventional wireless PKI authentication method.

• Korean Institute of Interior Design Journal
• /
• v.18 no.1
• /
• pp.99-107
• /
• 2009

In order to prepare future green hospital architecture authentication system, this study is a comparative year report to Korean, the United States, Japanese, British, Canadian and Australian green building authentication systems. Also, the United States and Australian Green hospital authentication systems were examined, and the authentication items of hospitals were compared with those of civil architecture. Though the examination and analysis, the portion of indoor environmental quality section commonly shows the average of 20.7 percent in all 6 countries. Especially, IAQ(Indoor Air Quality) among inside IEQ(Indoor Environment Quality) is overwhelmingly much treated in Korea, the U.S.A, Canada and Australia. In Japan, heat, light and sound are the important factors for authentication evaluation, while in the U.K light are more emphasized for the authentication. 'LEED for Healthcare' as a hospital evaluation authentication system subdivided currently most. The system includes the detailed and extensive evaluation items ranging from hospital management, traffic, emission, water resources utilization to integrated design and furnishing. These overseas systems should be carefully investigated, researched and analyzed for an appropriate improvement of domestic green hospital authentication system. Also the current evaluation method of IEQ section of Korean GBCC needs to be modified. That's why the method puts too much importance on IAQ in IEQ section.

• Journal of Korea Multimedia Society
• /
• v.24 no.8
• /
• pp.1076-1089
• /
• 2021

Among the currently used knowledge-based authentication methods for smartphones, text and graphic-based authentication methods, such as PIN and pattern methods, use a display unit and a touch function of the display unit for input/output of secret information. Recently released smartphone form factors are trying to transform into various forms, away from the conventional bar and slate types because of the material change of the display unit used in the existing smartphone and the increased flexibility of the display unit. However, as mentioned in the study of D. Choi [1], the structural change of the display unit may directly or indirectly affect the authentication method using the display unit as the main input/output device for confidential information, resulting in unexpected security vulnerabilities. In this paper, we analyze the security vulnerabilities of the current mobile user authentication methods that is applied atypical form factor. According to the analysis results, it seems that the existing display-dependent mobile user authentication methods do not consider emerging security threats at all. Furthermore, it is easily affected by changes in the form factor of smartphones. Finally, we propose countermeasures for security vulnerabilities expected when applying conventional authentication methods to atypical form factor-based smartphones.

• Journal of Korea Multimedia Society
• /
• v.19 no.3
• /
• pp.585-594
• /
• 2016

Recently because of development of remote network technology, users are able to access the network freely without constraints of time and space. As users are getting more frequent to access the remote server in a computing environment, they are increasingly being exposed to various risk factors such as forward secrecy and server impersonation attack. Therefore, researches for remote user authentication scheme have been studying actively. This paper overcomes the weaknesses of many authentication schemes proposed recently. This paper suggests an improved authentication scheme that protects user's anonymity with preserving variable more safe and also provides forward secrecy.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.