• Annual Conference of KIPS
• /
• 2013.05a
• /
• pp.595-598
• /
• 2013

클라우드 컴퓨팅 환경은 다양한 IT 기술이 융합된 형태로 수많은 사용자들이 같은 인프라를 기반으로 서비스를 제공받는 환경이다. 이렇게 수많은 사용자들이 이용하는 클라우드 컴퓨팅 환경에서는 악성코드 유포, 개인정보 탈취 등과 같은 문제점이 발생할 수 있기 때문에 사용자를 인증할 수 있는 필요성이 대두되었다. 이러한 문제점을 해결할 수 있는 대응 방안이 많이 연구되고 있지만, 클라우드 컴퓨팅 환경의 특징을 고려하지 않고 개발되었기 때문에 적용하기에는 다소 문제점이 있을 것으로 예상된다. 이러한 문제점을 해결하기 위해 Lee 등은 2-factor 인증 기법을 제안하였다. 그러나 Lee 등이 제안한 인증 기법은 무결성, 기밀성을 보장하지 못하며, 도청에 취약한 것으로 분석되었다. 따라서 본 논문에서는 이러한 문제점을 해결할 수 있는 프로토콜을 제안한다.

• Journal of Internet Computing and Services
• /
• v.15 no.3
• /
• pp.79-90
• /
• 2014

User authentication based on ID and PW has been widely used. As the Internet has become a growing part of people' lives, input times of ID/PW have been increased for a variety of services. People have already learned enough to perform the authentication procedure and have entered ID/PW while ones are unconscious. This is referred to as the adaptive unconscious, a set of mental processes incoming information and producing judgements and behaviors without our conscious awareness and within a second. Most people have joined up for various websites with a small number of IDs/PWs, because they relied on their memory for managing IDs/PWs. Human memory decays with the passing of time and knowledges in human memory tend to interfere with each other. For that reason, there is the potential for people to enter an invalid ID/PW. Therefore, these characteristics above mentioned regarding of user authentication with ID/PW can lead to human vulnerabilities: people use a few PWs for various websites, manage IDs/PWs depending on their memory, and enter ID/PW unconsciously. Based on the vulnerability of human factors, a variety of information leakage attacks such as phishing and pharming attacks have been increasing exponentially. In the past, information leakage attacks exploited vulnerabilities of hardware, operating system, software and so on. However, most of current attacks tend to exploit the vulnerabilities of the human factors. These attacks based on the vulnerability of the human factor are called social-engineering attacks. Recently, malicious social-engineering technique such as phishing and pharming attacks is one of the biggest security problems. Phishing is an attack of attempting to obtain valuable information such as ID/PW and pharming is an attack intended to steal personal data by redirecting a website's traffic to a fraudulent copy of a legitimate website. Screens of fraudulent copies used for both phishing and pharming attacks are almost identical to those of legitimate websites, and even the pharming can include the deceptive URL address. Therefore, without the supports of prevention and detection techniques such as vaccines and reputation system, it is difficult for users to determine intuitively whether the site is the phishing and pharming sites or legitimate site. The previous researches in terms of phishing and pharming attacks have mainly studied on technical solutions. In this paper, we focus on human behaviour when users are confronted by phishing and pharming attacks without knowing them. We conducted an attack experiment in order to find out how many IDs/PWs are leaked from pharming and phishing attack. We firstly configured the experimental settings in the same condition of phishing and pharming attacks and build a phishing site for the experiment. We then recruited 64 voluntary participants and asked them to log in our experimental site. For each participant, we conducted a questionnaire survey with regard to the experiment. Through the attack experiment and survey, we observed whether their password are leaked out when logging in the experimental phishing site, and how many different passwords are leaked among the total number of passwords of each participant. Consequently, we found out that most participants unconsciously logged in the site and the ID/PW management dependent on human memory caused the leakage of multiple passwords. The user should actively utilize repudiation systems and the service provider with online site should support prevention techniques that the user can intuitively determined whether the site is phishing.

• 한국디지털정책학회:학술대회논문집
• /
• 2005.06a
• /
• pp.107-143
• /
• 2005

Mobile service that geography, position by development of space Information Technology and technology of communications, space are various to us now becoming limelight as point contents and infra information that customers do demand based on radio superhigh speed authentication net on highly information society by offer infringement problem about individual's privacy or information by political and scientific interest be injured. Purpose of this study grasps use factor of LBS application Mobile service, and it is that analyze actual proof through questionnaire to grasp whether some relation is with value and action determination that is felt of LBS application Mobile service. Distributed all question of 190 copies but disk floret inclination did valid data 171 that clear question and omission remove a lot of questions by type of study among questionnaire of collected 182 wealths. Analyzed factor analysis and authoritativeness to search validity and confidence of questionnaire and used single regression analysis and multiple regression analysis for hypothetical verification. According to verification result, Mobile service that apply position base service usefulness and system quality, adaptedness of Mobile service that apply position base service by leading person affecting in use, acted for connection healthy and felt value is important factor immediately. Usability and social effect, felt expense, privacy did not appear by leading person that keep in mind in this study. Is been related with step that Mobile service that apply position base service is placed. That is, as present childhood, a person who have experience that use service to look for friend is few and usability fairly in last in wide application boundary and this very important person was removed finally in model. This study has sense in terms of study systematically about LBS application service use leading person that is getting into the spotlight worldwide among Mobile service that is injured newly.

• Journal of Korea Multimedia Society
• /
• v.6 no.5
• /
• pp.861-869
• /
• 2003

The rapid growth of multimedia network systems has caused overflowing illegal copies of digital contents. Among digital contents, watermarking technique can be used to protect ownership about the image. Copyright protection involves the authentication of image ownership and the identification of illegal copies of image. In this paper, a new digital watermarking technique using HVS and adaptive scale factor based on the wavelet transform is proposed to use the binary image watermark. The original image is decomposed by 3-level wavelet transform. It is embedded to baseband and high frequency band. The embedding in the baseband is considered robustness, the embedding in the high frequency band is concerned about HVS and invisibility. The watermarking of a visually recognizable binary image used the HVS and random permutation to protect the copyright. From the experimental results, we confirm that the proposed technique is strong to various attacks such as joint photographic experts ground(JPEG) compression, cropping, collusion, and inversion of lines.

• Journal of Korea Society of Industrial Information Systems
• /
• v.10 no.1
• /
• pp.16-27
• /
• 2005

This study tried to test hypotheses, using path analysis, whether the implementation factors of TQM have influences to organization performance through achieving the managerial goals of production, or not. This is an attempt to perform comprehensive analysis instead of using the simple correlation approach between the implementation factors and performances. In order to perform the empirical test, this study has surveyed 98 firms which acquired the ISO authentication and analyzed the data using the path analysis of AMOS. After testing the hypotheses of this study, the cause factor, i.e. TQM implementation factor, has effective influences to the goals of production system, and, also, the goals have a significant influence to managerial performance. Therefore, this study concludes that the implementation factors of TQM have significant effects on the managerial performance.

• Journal of information and communication convergence engineering
• /
• v.8 no.2
• /
• pp.173-179
• /
• 2010

Over recent years, much research attention has been devoted to a two-factor authentication mechanism which integrates both tokenized pseudorandom numbers with user specific biometric features for biometric verification, known as Biohash. The main advantage of Biohash over sole biometrics is that Biohash is able to achieve a zero equal error rate and provide a clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without imperiling the false reject rates. Nonetheless, when the token of a user is compromised, the recognition performance of a biometric system drops drastically. As such, a few solutions have been proposed to improve the degraded performance but such improvements appear to be insignificant. In this paper, we investigate and pinpoint the basis of such deterioration. Subsequently, we propose a two-level approach by utilizing strong inner products and fuzzy logic weighting strategies accordingly to increase the original performance of Biohash under this scenario.

• International Journal of Contents
• /
• v.16 no.2
• /
• pp.41-50
• /
• 2020

This paper presents Reflectance Transformation Imaging (RTI) as a tool to support the study of paintings and authentication. Manufacturing techniques of the artist are reviewed through the comparison between liberal perspectives and digital imaging techniques. In this study, RTI was applied to focus on the detailed textural information of eight paintings by Korean artist Lee Ji-ho. The RTI result visualizes shallow reliefs of brush strokes and different mediums on the surface technically enhanced through imaging filters, and these morphological textures on the surface act as a key factor in understanding the characteristics of the artist. The surface morphology and art criticism work as qualitative indicators to analyze the change of artistic techniques through time, and the usage of different mediums. The results of this study confirm that the RTI technique can be used as an analysis device in the study of paintings.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.12
• /
• pp.1775-1784
• /
• 2002

Fingerprint recognition technology is used in many biometrics field accordingly essential feature of fingerprint image and the study is progressing. However development is not perfect in performance of the fingerprint recognition and application of the usual life. In the paper, we study various necessity of preprocessing according to algorithm and circumstances of authentication system in automatic information machine. We prove that system circumstance and optation of fingerprints image effectively is the important factor by using optical fingerprint input device and scanning the fingerprint in ID card. And then we present correct and fast computation method for improving image and feature extraction of fingerprint. Also we study effective algorithm implementation of total system.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.647-660
• /
• 2003

The present of state is situation that is realized by necessity of maintenance of public security about great many information is real condition been increasing continually in knowledge info-age been situating in wide field of national defense, public peace, banking, politics, education etc. Also, loss or forgetfulness, and peculation by ID for individual information and number increase of password in Internet called that is sea of information is resulting various social problem. By alternative about these problem, including Biometrics, several authentication systems through sign(Signature), Smart Card, Watermarking technology are developed. Therefore, This paper shows that extract factor that efficiency can get into peculiar feature in physical features for good fingerprint recognition algorithm implementation with old study finding that take advantage of special quality of these fingerprint.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.41-48
• /
• 2004

Access control protocol have verified security of external mobile terminal that access to inner information sever at Ubiquitous ages. In this paper, I would design for If Access Control Protocol of considering operation time when make cipher digital signature. Public key are used Individual identification number that issued from certify communication company, and cipher algorithm are used ECDSA definition factor for generation and verification of digital signature and it used Elliptic Curve with over 160 bit Key. Also, Access control operate on If level that designed IPv6 frame architecture. I would conclude that IP Access Control Protocol have verified security and improved performance in operation time more 4 times than before protocols when through the communication of use cipher digital signature for authentication and verification.