• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.29-37
• /
• 2020

Password based authentication technology is yet certain and id to provide a level of security being used in most systems, but already a myriad of personal information exposure to the accident. Above all, and once exposed, it is difficult to recover the password. Thus, the various authentication techniques - factor two was introduced, but they are expensive and discomfort to users, to lead. In this paper, the existing unique to users in such a single accreditation process / password id key - stroke, user authentication and cost effectively and at the same time. And not cause discomfort, suggested technologies that can also ensure high security exposure, password id. This paper's proposals and determine the effectiveness of the system to build model.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1411-1419
• /
• 2017

The two factor authentication capability, private key possession and key protection password knowledge, and the strong public key cryptography protocol of PKI authentication have largely contributed to the rapid construction of Internet transaction trusted infrastructure. The reusability of a certificate-based identity for every PKI site was another contribution factor of the spread of PKI authentication. Nevertheless, the PKI authentication has been criticised mainly for the cost of PKI construction, inconvenience of individual certificate management, and difficulties of password management. Recently FIDO authentication has received high attention as an alternative of the PKI authentication. The FIDO authentication is also based on the public key cryptography which provides strong authentication services, but it does not require individual certificate issuance and provides user-friendly and secure authentication services by integrating biometric technologies. The purpose of this paper is to concretely compare the PKI-authentication and FIDO-authentication and, based on the analysis result, to propose their corresponding applications.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.187-198
• /
• 2011

User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.65-72
• /
• 2022

In this paper, a zero trust-based complex biometric authentication was proposed in a passwordless environment. The linkage of FIDO 2.0 (Fast IDENTITY Online) transaction authentication platforms was designed in conjunction with metaverse. In particular, it was applied with the location information of a smart terminal according to a geomagnetic sensor, an accelerator sensor, and biometric information for multi-factor authentication(MFA). At this time, a FIDO transaction authentication platform was presented for adaptive complex authentication with user's environment through complex authentication with secondary authentication based on situational awareness such as illuminance and temperature/humidity. As a result, it is possible to authenticate secondary users based on zero trust with behavior patterns such as fingerprint recognition, iris recognition, face recognition, and voice according to the environment. In addition, it is intended to check the linkage result of the FIDO platform for complex integrated authentication and improve the authentication accuracy of the linkage platform for transaction authentication using FIDO2.0.

• Smart Media Journal
• /
• v.10 no.3
• /
• pp.48-53
• /
• 2021

The authentication process is a key step that should be used to verify that a user is legitimate, and it should be used to verify that a user is a legitimate user and grant access only to that user. Recently, two-factor authentication and OTP schemes are used by most applications to add a layer of security to the login process and to address the vulnerability of using only one factor for authentication, but this method also allows access to user accounts without permission. This is a known security vulnerability. In this paper, we propose a Zero Knowledge Proofs (ZKP) personal information authentication scheme based on a Smart Contract of a block chain that authenticates users with minimal personal information exposure conditions. This has the advantage of providing many security technologies to the authentication process based on blockchain technology, and that personal information authentication can be performed more safely than the existing authentication method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.511-535
• /
• 2017

Internet banking is one of many services provided by financial institutions that have become very popular with an increasing trend. Due to the increased amount of usage of the service, Internet banking has become a target from adversaries. One of the points that are at risk of an attack is the login process. Therefore, it is necessary to have a security mechanism that can reduce this risk. This research designs and develops a multi-factor authentication protocol, starting from a registration system, which generates authentication factors, to an actual authentication mechanism. These factors can be categorised into two groups: short term and long term. For the authentication protocol, only three messages need to be exchanged between a client and a financial institution's server. Many cryptographic processes are incorporated into the protocol, such as symmetric and asymmetric cryptography, a symmetric key generation process, a method for generating and verifying digital signatures. All of the authentication messages have been proved and analysed by the logic of GNY and the criteria of OWASP-AT-009. Even though there are additional factors of authentication, users do not really feel any extra load on their part, as shown by the satisfactory survey.

• Journal of Convergence for Information Technology
• /
• v.8 no.3
• /
• pp.85-90
• /
• 2018

Blockchain technology provides distributed trust structure; with this, we can implement a system that cannot be forged and make Smart Contract possible. With blockchain technology emerging as next generation security technology, there have been studies on authentication and security services that ensure integrity. Although Internet-based services have been going with user authentication with password, the information can be stolen through a client and a network and the server is exposed to hacking. For the reason, we suggest blockchain technology and OTP based authentication mechanism to ensure integrity. In particular, the Two-Factor Authentication is able to ensure secure authentication by combining OTP authentication and biometric authentication without using password. As the suggested authentication applies multiple hash functions and generates transactions to be placed in blocks in order for biometric information not to be identified, it is protected from server attacks by being separate from the server.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.31-36
• /
• 2011

Cloud computing is a system which efficiently utilizes resources. In this paper, we propose 2-factor authentication system combing PKI, ID_PW and location information. The proposed method improve the security of hybrid cloud systems and manage resources more safely.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.119-124
• /
• 2021

Today, both sides of modern culture are decisively invaded by digitalization. Authentication is considered to be one of the main components in keeping this process secure. Cyber criminals are working hard in penetrating through the existing network channels to encounter malicious attacks. When it comes to enterprises, the company's information is a major asset. Question here arises is how to protect the vital information. This takes into account various aspects of a society often termed as hyper connected society including online communication, purchases, regulation of access rights and many more. In this research paper, we will discuss about the concepts of MFA and KBA, i.e., Multi-Factor Authentication and Knowledge Based Authentication. The purpose of MFA and KBA its utilization for human.to.everything..interactions, offering easy to be used and secured validation mechanism while having access to the service. In the research, we will also explore the existing yet evolving factor providers (sensors) used for authenticating a user. This is an important tool to protect data from malicious insiders and outsiders. Access Management main goal is to provide authorized users the right to use a service also preventing access to illegal users. Multiple techniques can be implemented to ensure access management. In this paper, we will discuss various techniques to ensure access management suitable for enterprises, primarily focusing/restricting our discussion to multifactor authentication. We will also highlight the role of knowledge-based authentication in multi factor authentication and how it can make enterprises data more secure from Cyber Attack. Lastly, we will also discuss about the future of MFA and KBA.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.346-353
• /
• 2021

In this proposal, we aim to enhance the security of systems accounts by improving the authentication techniques. We mainly intend to enhance the accuracy of the one-time passwords via including voice biometric and recognition techniques. The recognition will be performed on the server to avoid redirecting voice signatures by hackers. Further, to enhance the privacy of data and to ensure that the active user is legitimate, we propose to periodically update the activated sessions using a user-selected biometric factor. Finally, we recommend adding a pre-transaction re-authentication which will guarantee enhanced security for sensitive operations. The main novelty of this proposal is the use of the voice factor in the verification of the one-time password and the various levels of authentications for a full-security guarantee. The improvement provided by this proposal is mainly designed for sensitive applications. From conducted simulations, findings prove the efficiency of the proposed scheme in reducing the probability of hacking users' sessions.