• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.5
• /
• pp.197-202
• /
• 2021

Biometric technology using finger veins is receiving a lot of attention due to its high security, convenience and accuracy. And the recent development of deep learning technology has improved the processing speed and accuracy for authentication. However, the training data is a subset of real data not in a certain order or method and the results are not constant. so the amount of data and the complexity of the artificial neural network must be considered. In this paper, the deep learning model of Inception-Resnet-v2 was used to improve the high accuracy of the finger vein recognizer and the performance of the authentication system, We compared and analyzed the performance of the deep learning model of DenseNet-201. The simulations used data from MMCBNU_6000 of Jeonbuk National University and finger vein images taken directly. There is no preprocessing for the image in the finger vein authentication system, and the results are checked through EER.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.801-825
• /
• 2024

For Internet of Things, it is more preferred to have immediate access to environment information from sensor nodes (SNs) rather than from gateway nodes (GWNs). To fulfill the goal, mutual authentication scheme between user and SNs with session key (SK) negotiation is more suitable. However, this is a challenging task due to the constrained power, computation, communication and storage resources of SNs. Though lots of authentication schemes with SK negotiation have been designed to deal with it, they are still insufficiently secure and/or efficient, and some even have serious vulnerabilities. Therefore, we design an efficient secure authentication scheme with session key negotiation (eSAS2KN) for wireless sensor networks (WSNs) utilizing fuzzy extractor technique, hash function and bitwise exclusive-or lightweight operations. In the eSAS2KN, user and SNs are mutually authenticated with anonymity, and an SK is negotiated for their direct and instant communications subsequently. To prove the security of eSAS2KN, we give detailed informal security analysis, carry out logical verification by applying BAN logic, present formal security proof by employing Real-Or-Random (ROR) model, and implement formal security verification by using AVISPA tool. Finally, computation and communication costs comparison show the eSAS2kN is more efficient and secure for practical application.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.977-980
• /
• 2001

This paper is a study on the AC and PMI model for the defense computer network. It is suggested that the organization plan of PMI model is a proper model for the characteristics of military system and military defense network security demands based on defense PKI system. Futhermore, it will be presented both various types of defense AC and AC according to the role and clearance in PMI. Defense AC will provide strong users' authentication and Role Based Access Control to give more secured and trusted authentication service by using users' attribute such as role and clearance.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.305-310
• /
• 2013

To provide medical services to patients who have a terminal illness, recent hospital patients to monitor the state of the device attached to the body, the body insertion device is. U-Healthcare Environment and hospital officials indiscriminately exploited by the patient's vital information, however, could threaten the patient's life problems are appearing. In this paper, depending on the level of authority, hospital officials, Union of ID-based authentication model is proposed to use a patient's vital information. Union proposed model identify different authentication system is used in hospitals that exist in various forms in a number of ID information, health / medical information sharing between hospitals without exposure to unnecessary personal information, you can be assured of the anonymity. In particular, with easy access to patient information, hospital officials about the malicious act to protect patient information to access level for the rights granted by third parties to prevent easy access.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.731-740
• /
• 2001

Multi-distributed web cluster model expanding conventional cluster system is the cluster system which processes large-scaled work demanded from users with parallel computing method by building a number of system nodes on open network into a single imaginary network. Multi-distributed web cluster model on the structured characteristics exposes internal system nodes by an illegal third party and has a potential that normal job performance is impossible by the intentional prevention and attack in cooperative work among system nodes. This paper presents the mutual authentication protocol of system nodes through key division method for the authentication of system nodes concerned in the registration, requirement and cooperation of service code block of system nodes and collecting the results and then designs SNKDC which controls and divides symmetrical keys of the whole system nodes safely and effectively. SNKDC divides symmetrical keys required for performing the work of system nodes and the system nodes transmit encoded packet based on the key provided. Encryption packet given and taken between system nodes is decoded by a third party or can prevent the outflow of information through false message.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.347-355
• /
• 2012

A biometric hardware security module is a physical device that comes in the form of smartcard or some other USB type security token is composed with biometric sensor and microcontroller unit (MCU). These modules are designed to process key generation and electronic signature generation inside of the device (so that the security token can safely save and store confidential information, like the electronic signature generation key and the biometric sensing information). However, the existing model is not consistent that can be caused by the disclosure of an ID and password, which is used by the existing personal authentication technique based on the security token, and provide a high level of security and personal authentication techniques that can prevent any intentional misuse of a digital certificate. So, this paper presents a model that can provide high level of security by utilizing the biometric security token and Public Key Infrastructure efficiently, presenting a model for privacy preserving personal authentication that links the biometric security token and the digital certificate.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.8
• /
• pp.22-33
• /
• 2009

Mobile Ad Hoc Networks (MANETs) are self-organized networks that do not rely in their operation on wired infrastructure. As in any networking technology, security is an essential element in MANET as well, for proliferation of this type of networks. But supporting secure communication in MANETs proved to be a significant challenge, mainly due to the fact that the set of nodes in the network can change frequently and rapidly and due to the lack of access to the wired infrastructure. In particular, the trust model and the authentication protocols, which were developed for wired and infrastructure-based networks, cannot be used in MANETs. In [1], we addressed the problem of efficient authentication of distributed mobile users in geographically large networks and proposed a new authentication scheme for this case of MANETs. The proposed scheme exploits randomized groups to efficiently share authentication information among nodes that together implement the function of a distributive Certification Authority(CA). In this paper, we analyze numerically the performance of authentication method using randomized groups and compare with the simulation result.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2340-2346
• /
• 2011

This paper presents a user-friendly authentication system using a flexible USIM. In the proposed method and its system, the flexible USIM utilizes personalized data such as Mobile Directory Number(MDN) and social security number as the key to user authentication. The authentication method proposed in this paper permits limited times of use and/or limited duration of use. A simple simulation model shows that the proposed algorithm works well and shows high compatibility with existing authentication methods. In addition, an alternative or more advanced authentication system can be developed with the proposed flexible USIM card. It is seen that this simple alternative method will eventually be able to make wireless communication networks more easily accessible for subscribers, irrespective of user environments.