• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.551-557
• /
• 2021

With increase of electric vehicle in the road, the number of charging/discharging infrastructure for electric vehicle in public space is also increased rapidly. To charge or discharge the electric vehicle the user of electric vehicle and service provider should verify the each other's identity to minimize security vulnerability. This paper proposes mutual authentication scheme between electric vehicle and charging/discharging service provider with help of hash function and Message Authentication Code(MAC). Also efficient operating scheme for charging/discharging service system is proposed. The analysis shows that the system has robustness against security vulnerability. Also this system can keep the sensitive personal information of service user safely.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.85-94
• /
• 2010

As an automatic identification technology, in which electronic tags are attached to items and system auto-identifies informations of the items using wireless communication technology, use of RFID system is increasing in various fields. According to that, related security problems are becoming important issue. Up to now, many authentication protocols have been proposed to solve security problem of RFID system. In this paper, We show that the RFID authentication protocols in [9, 10], which are compatible with Type C RFID system in ISO 18000-6 Amd1[8], are vulnerable to a spoofing attack. In addition, we propose improved protocols having small additional cost over the original protocols.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.4
• /
• pp.75-82
• /
• 2017

While the internet has evolved in terms of information sharing and efficiency, it is still prone to security attacks and remains vulnerable even when equipped with a security mechanism. Repeated patching against hacks involves excessive wear of system equipment and high costs. Methods of improving network security include the introduction of security equipment and network partitions, but they have not been fully effective. A fundamental solution is the Operation Content Network (OCN), which enables the strengthening of authentication. In this paper, Instead of following the existing TCP/IP system, OCN establishes an immunity-based security system through content-centric communications. Data transmission occurs over a Content Centric Network (CCN), which is provided with a protocol verified by the CCNx group. Areas protected by OCN rely only on CCN for communication without using any IP. As such, it defends the system against unknown attacks, including zero-day attacks.

• Journal of Multimedia Information System
• /
• v.3 no.2
• /
• pp.13-20
• /
• 2016

Biometric authentication for account-based mobile payment continues to gain attention because of improvements on sensors that can collect biometric information. We propose an enhanced method for mobile payment security based on biometric authentication. In this mobile payment system, the communication between the user and the relying party is based on public key infrastructure. This method secures both the key and the biometric template in the user side using fuzzy vault biometric cryptosystems, which is based on non-random chaff point generator. In this paper, we consider an important process for the common fuzzy vault system, that is, the feature extraction method. We evaluate various feature extraction methods to enhance the accurate performance of the system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.328-331
• /
• 2005

In this paper we review the security and privacy problems in the RFID system and briefly describe the research topics to solve these problem. And, we design and implement the tag authentication system to authenticate tags in the RFID system which is composed of PC, reader and passive type tag with low power 8 bit microprocessor.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.1-7
• /
• 2020

The secure access the lighting, Heating, ventilation, and air conditioning (HVAC), fire safety, and security control boxes of building facilities is the primary objective of future smart buildings. This paper proposes an authorized user access to the electrical, lighting, fire safety, and security control boxes in the smart building, by using color grid coded optical camera communication (OCC) with face recognition Technologies. The existing CCTV subsystem can be used as the face recognition security subsystem for the proposed approach. At the same time a smart device attached camera can used as an OCC receiver of color grid code for user access authentication data sent by the control boxes to proceed authorization. This proposed approach allows increasing an authorization control reliability and highly secured authentication on accessing building facility infrastructure. The result of color grid code sequence received by the unauthorized person and his face identification allows getting good results in security and gaining effectiveness of accessing building facility infrastructure. The proposed concept uses the encoded user access authentication information through control box monitor and the smart device application which detect and decode the color grid coded informations combinations and then send user through the smart building network to building management system for authentication verification in combination with the facial features that gives a high protection level. The proposed concept is implemented on testbed model and experiment results verified for the secured user authentication in real-time.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1983-1989
• /
• 2012

The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS(Denial of Service), the session hijacking and the MiM(Man in the Middle) attack due to caused by structural of authentication protocol. In this paper, we propose a WLAN system which can offer safety communication by complement of IEEE 802.1x vulnerabilities. The WLAN system accomplishes mutual authentications between authentication servers, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by the Dynamic WEP key distribution between clients and the AP.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.2
• /
• pp.113-122
• /
• 2020

In this paper, we propose the terminal authentication system using blockchain and TOTP(Time-based One-time Password Algorithm) to sustain a continuous authentication between user device and service device. And we experiment this system by using door-lock as a terminal of IoT(Internet of Things). In the future, we can apply this result to several devices of IoT for convenience and security. Although IoT devices frequently used everyday require convenience and security at the same time, it is difficult for IoT devices having features of the low-capacity and light-weight to apply the existing authentication technology requiring a high amount of computation. Blockchain technology having security and integrity have been used as a storage platform, but its authentication cannot be performed when the terminal cannot access any network. We show the method to solve this problem using Blockchain and TOPT.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.379-388
• /
• 2011

Ensuring the security of medical records is becoming an increasingly important problem as modern technology is integrated into existing medical services. As a consequence of the adoption of EMR(Electronic Medical Records) in the health care sector, it is becoming more and more common for a health professional to edit and view a patient's record. In order to protect the patient's privacy, a secure authentication model to access the electronic medical records system must be used. A traditional identity based digital certificate for the authenticity of EMR has private key management and key escrow of a user's private key. In order to protect the EMR, The traditional authentication system is based on the digital certificate. The identity based digital certificate has many disadvantages, for example, the private key can be forgotten or stolen, and can be easily escrow of the private key. Nowadays, authentication model using fingerprint recognition technology for EMR has become more prevalent because of the advantages over digital certificate -based authentication model. Because identity-based fingerprint recognition can eliminate disadvantages of identity-based digital certificate, the proposed authentication model provide high security for access control in EMR.

• Journal of Digital Convergence
• /
• v.12 no.4
• /
• pp.319-326
• /
• 2014

According to the increasing mobile security users who have experienced authentication failure by forgetting passwords, user names, or a response to a knowledge-based question have preference for biological information such as hand geometry, fingerprints, voice in personal identification and authentication. Therefore biometric verification of personal identification and authentication for mobile security provides assurance to both the customer and the seller in the internet. Our study focuses on human hand biometric information recognition system for personal identification and personal Authentication, including its shape, palm features and the lengths and widths of the fingers taken from mobile phone photographs such as iPhone4 and galaxy s2. Our hand biometric information recognition system consists of six steps processing: image acquisition, preprocessing, removing noises, extracting standard hand feature extraction, individual feature pattern extraction, hand biometric information recognition for personal identification and authentication from input images. The validity of the proposed system from mobile phone image is demonstrated through 93.5% of the sucessful recognition rate for 250 experimental data of hand shape images and palm information images from 50 subjects.