• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2014년도 추계학술발표대회
• /
• pp.516-519
• /
• 2014

Cloud computing is an up-and-coming paradigm shift transforming computing models from a technology to a utility. However, security concerns related to privacy, confidentiality and trust are among the issues that threaten the wide deployment of cloud computing. With the advancement of ubiquitous mobile-based clients, the ubiquity of the model suggests a higher integration in our day to day life and this leads to a rise in security issues. To strengthen the access control of cloud resources, most organizations are acquiring Identity Management Systems (IDM). This paper presents one of the most popular IDM systems, specifically OAuth, working in the scope of Mobile Cloud Computing which has many weaknesses in its protocol flow. OAuth is a Delegated Authorization protocol, and not an Authentication protocol and this is where the problem lies. This could lead to very poor security decisions around authentication when the basic OAuth flow is adhered to. OAuth provides an access token to a client, so that it can access a protected resource, based on the permission of the resource owner. Many researchers have opted to implement OpenlD alongside OAuth so as to solve this problem. But OpenlD similarly has several security flows. This paper presents scenarios of how insecure implementations of OAuth can be abused maliciously. We incorporate an authentication protocol to verify the identities before authorization is carried out.

• 정보보호학회논문지
• /
• 제14권3호
• /
• pp.137-144
• /
• 2004

3GPP-WLAN(3rd Generation Partnership Project-Wireless Local Area Network) interworking은 WLAN UE(user equipment)에 의한 3GPP 시스템내에서 자원 이용과 서비스 접근을 의미하며, 3GPP 서비스와 기능을 WALN 액세스 환경으로 확장함으로써, 3GPP 시스템에 무선 액세스 기술로 WLAN을 보완적으로 이용하는 것을 목적으로 한다. 본 논문에서는 3GPP-WLAN interworking에서 UE 개시 터널 설정을 위한 효율적인 메커니즘을 제안한다. 제안된 메커니즘은 UE와 3GPP AAA(Authentication, Authorization Accounting) 서버 사이의 인증과 키 일치 과정에서 미리 분배된 비밀키에 기반 한다. 따라서 UE에서 많은 계산을 필요로 하는 모듈러 지수승 연산과 공개키 서명 연산을 피할 수 있다. 또한 제안된 기법은 UE와 PDGW(Packet Data Gateway) 사이에 상호 인증과 세션 키 설정을 제공한다.

• International Journal of Internet, Broadcasting and Communication
• /
• 제12권2호
• /
• pp.1-7
• /
• 2020

The secure access the lighting, Heating, ventilation, and air conditioning (HVAC), fire safety, and security control boxes of building facilities is the primary objective of future smart buildings. This paper proposes an authorized user access to the electrical, lighting, fire safety, and security control boxes in the smart building, by using color grid coded optical camera communication (OCC) with face recognition Technologies. The existing CCTV subsystem can be used as the face recognition security subsystem for the proposed approach. At the same time a smart device attached camera can used as an OCC receiver of color grid code for user access authentication data sent by the control boxes to proceed authorization. This proposed approach allows increasing an authorization control reliability and highly secured authentication on accessing building facility infrastructure. The result of color grid code sequence received by the unauthorized person and his face identification allows getting good results in security and gaining effectiveness of accessing building facility infrastructure. The proposed concept uses the encoded user access authentication information through control box monitor and the smart device application which detect and decode the color grid coded informations combinations and then send user through the smart building network to building management system for authentication verification in combination with the facial features that gives a high protection level. The proposed concept is implemented on testbed model and experiment results verified for the secured user authentication in real-time.

• Genomics & Informatics
• /
• 제14권1호
• /
• pp.20-28
• /
• 2016

Internet addiction (IA) has become a widespread and problematic phenomenon as smart devices pervade society. Moreover, internet gaming disorder leads to increases in social expenditures for both individuals and nations alike. Although the prevention and treatment of IA are getting more important, the diagnosis of IA remains problematic. Understanding the neurobiological mechanism of behavioral addictions is essential for the development of specific and effective treatments. Although there are many databases related to other addictions, a database for IA has not been developed yet. In addition, bioinformatics databases, especially genetic databases, require a high level of security and should be designed based on medical information standards. In this respect, our study proposes the OAuth standard protocol for database access authorization. The proposed IA Bioinformatics (IABio) database system is based on internet user authentication, which is a guideline for medical information standards, and uses OAuth 2.0 for access control technology. This study designed and developed the system requirements and configuration. The OAuth 2.0 protocol is expected to establish the security of personal medical information and be applied to genomic research on IA.

• 한국산업정보학회논문지
• /
• 제13권3호
• /
• pp.110-116
• /
• 2008

본 논문에서는 이진위상 컴퓨터형성홀로그램(binary phase computer generated hologram;BPCGH)과 다중 XOR 연산을 이용하여 영상의 암호화를 개선시키는 방법을 제안하고자 한다. 먼저 암호화를 위해 원영상을 재생할 수 있는 BPCGH를 반복 알고리듬을 이용하여 설계하며, 이를 암호화할 영상으로 간주하여 랜덤하게 발생시킨 위상 키 영상과의 XOR 연산을 통해 암호화한다. 암호화된 영상을 다시 XOR 연산을 통해 여러 개의 슬라이드 영상으로 나눔으로써 암호화를 개선시킨다. 홀로그램의 복호화 과정은 암호화된 슬라이드 영상과 암호화시에 사용된 무작위 위상 키 영상을 직렬 정합시킨 후, 기준파와의 간섭에 의해 수행된다. 그리고 복호화 된 홀로그램 영상은 위상 변조한 후, 역푸리에 변환하여 최종적으로 구한다. 그리고 슬라이드 영상의 패턴을 적절히 바꾸어 주면 다양한 형태의 복호화된 BPCGH 영상을 생성할 수 있다. 제안된 암호화 방법은 암호화시에 사용된 무작위 키 영상 정보가 없으면 원영상이 전혀 복원되지 않고, 암호화된 슬라이드 영상을 달리함에 따라 복원되는 홀로그램의 패턴을 다양하게 얻을 수 있으므로 차별화 된 인증 시스템에 활용할 수 있다.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 1987년도 전기.전자공학 학술대회 논문집(II)
• /
• pp.1018-1021
• /
• 1987

This describes the standardization plan of data format (track 2) in magnetic stripe card and message format between terminal and host computer. The track 2's data format is composed of PAN and additional data based on ISO 3554. In the present social status of Korea, the VISA B message format is recommended.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2004년도 춘계학술발표대회
• /
• pp.1137-1140
• /
• 2004

사용자의 인증 및 자원에 대한 접근 권한을 제어하는 인가는 개별 서버에서 수행되어 왔다. 개별적인 인증과 인가는 서버의 관리 부담을 증가시키며, 서비스의 가입과 반복적인 인증으로 인해 사용자에게 불편을 초래한다. 따라서, 본 논문에서는 중앙집중적으로 인증과 인가를 대행하는 AAS를 제안한다. AAS는 ID 관리 기능 외에 단일인증(Single sign on), 멀티티어(multi-tier)인증, 역할기반 접근통제, 인증서 관리 서비스 등을 제공한다.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2003년도 ICCAS
• /
• pp.2101-2105
• /
• 2003

Recently the number of Internet users has very sharply increased, and the number of intrusions has also increased very much. Consequently, security products are being developed and adapted to prevent systems and networks from being hacked and intruded. Even if security products are adapted, however, hackers can still attack a system and get a special authorization because the security products cannot prevent a system and network from every instance of hacking and intrusion. Therefore, the researchers have focused on an active hacking prevention method, and they have tried to develop a traceback system that can find the real location of an attacker. At present, however, because of the characteristics of Internet - diversity, anonymity - the real-time traceback is very difficult. To over-come this problem the Network-based Real-Time Connection Traceback System (NRCTS) was proposed. But there is a security problem that the victim system can be hacked during the traceback. So, in this paper, we propose modified NRCTS with connection redirection technique. We call this traceback system as Connection Redirected Network-based Real-Time Connection Traceback System (CR-NRCTS).

• 산업경영시스템학회지
• /
• 제19권38호
• /
• pp.217-224
• /
• 1996

Recently groupware has been popularly adopted by corperations to gain competitive position. In Korea, one of major function of those systems is the Electronic Authorizing System because korean firms have authorizing system but western firms do not. Thus researches on EAS has never been produced before. The purpose of this research is to build the research framework for productivity measurement of EAS. The research model of EAS has investigated three dimensions including Business process, ease of system use and media richness to meet this end. Based on this model, author conducted case study with mailing questionaires. The result of research shows that the factors of the business process and ease of system use raise the productivity but the factor of electronic media a little decreases it. Also author finds business process affects the productivity in three ways such as changing layout of papers for authorizing, changing business process and removing waiting time for authorization. Finally, based on the result of research, this paper adds some recommendations for EAS builder.

• 경영과학
• /
• 제12권3호
• /
• pp.45-60
• /
• 1995

This study examines a normative model of project management systems, PPMS, to provide information for directing R&D activity in order to increase R&D productivity. The PPMS (Project Process Management System) is a disciplined and systematic framework to manage R&D projects effectively and efficiently under the assumption of a strategic decision making and long-range planning. The purpose of PPMS is to provide for the management of research organization at different levels an effective management tool; first, for the planning system which deals with rational selection and authorization of R&D projects, second, for the control system which concerns monitoring and controlling the execution of R&D projects, and finally, for the evaluation system which attains evaluation of the performance results of R&D projects and determination of the necessary follow-up. A view for the future development of project management within the context of a project-performing organization is also elaborated to exhibit the progress and phase description of the project management system.