• Journal of the Korea Convergence Society
• /
• v.8 no.11
• /
• pp.57-62
• /
• 2017

With various sensors and communications capabilities, the Internet is growing larger as the internet can communicate with the Internet. Given the growing vulnerability of the internet market, the development of security and security is increasing, and the development of the internet is actively evolving and the development of the internet is actively being carried out. In particular, it is required to introduce lightweight and secure authentication schemes, especially those that are difficult to use due to the difficulty of using authentication schemes. Thus, the safety of the secure authentication system of the Internet is becoming very important. Therefore, in this thesis, we propose certification technologies on secure objects to ensure correct, safe communication in the context of the internet context.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.179-188
• /
• 2022

Password authentication schemes (PAS) are the most common mechanisms used to ensure secure communication in open networks. Mathematical-based cryptographic authentication schemes such as factorization and discrete logarithms have been proposed and provided strong security features, but they have the disadvantage of high computational and message transmission costs required to construct passwords. Fairuz et al. therefore argued for an improved cryptographic authentication scheme based on two difficult fixed issues related to session key consent using the smart card scheme. However, in this paper, we have made clear through security analysis that Fairuz et al.'s protocol has security holes for Privileged Insider Attack, Lack of Perfect Forward Secrecy, Lack of User Anonymity, DoS Attack, Off-line Password Guessing Attack.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.59-65
• /
• 2005

Ubiquitous computing environment has a lot of different things as for applying existing security technical. It needs authentication method which is different kinks of confidence level or which satisfies for privacy of user's position. Using range localizes appoint workstation or it uses assumption which is satify environment of client in Kerberos authentication method which is representation of existing authentication method but it needs new security mechanism because it is difficult to offer the condition in ubiquitous computing environment. This paper want to prove the result which is authentication method for user authentication and offering security which are using wireless certificate from experiment in ubiquitous environment. Then I propose method which is offering security and authentication in ubiquitous environment.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.83-88
• /
• 2016

Over recent years there has been considerable growth in interest in the use of biometric systems for personal authentication. Biometrics is a field of technology which has been and is being used in the identification of individuals based on some physical attribute. By using biometrics, authentication is directly linked to the person, rather than their token or password. Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. In 2013, Althobati et al. proposed an efficient remote user authentication protocol using biometric information. However, we uncovered Althobati et al.'s protocol does not guarantee its main security goal of mutual authentication. We showed this by mounting threat of data integrity and bypassing the gateway node attack on Althobati et al.'s protocol. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in WSN(Wireless Sensor Networks) operate with resource constraints such as limited power, computation, and storage space.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.35-42
• /
• 2008

While an information system and administration for an application that a user contacts with raise a head by an important problem, a system approach and methodology for administration are mentioned. Authentication technology of various configuration is used, but non-efficiency by complicated authentication administration and operation inappropriate use are for a successful expansion of various and new business of wire/wireless environment. In addition, under the mobile computer environment with different authentic method each other, it is difficult at all to expect flexible and continuous service. Under the ubiquitous computing environment, It is very important thing plan to research and develop compatibility and the side of variance authentication plan that preservation characteristics are helped. Hereby, This paper look around an requirement items and authority mechanism for the administration and the operation mechanism of the distributed authentication considering expansion possibility of the ubiquitous computing environment not only fixed computing environment but also mobile computing. In future, we expect it by can guide positive participation about distributed authentication technique of the genuine ubiquitous environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6152-6168
• /
• 2017

Recently, the biometric-based authentication systems such as FIDO (Fast Identity Online) are increased in mobile computing environments. The biometric-based authentication systems are performed on the mobile devices with the battery, the improving energy efficiency is important issue. In the case, the size of images (i.e., face, fingerprint, iris, and etc.) affects both recognition accuracy and energy consumption, and hence the tradeoff analysis between the both recognition accuracy and energy consumption is necessary. In this paper, we propose an energy-efficient way to authenticate based on biometric information with tradeoff analysis between the both recognition accuracy and energy consumption in multimedia IoT (Internet of Things) transmission environments. We select the facial information among biometric information, and especially consider the multicore-based mobile devices. Based on our experimental results, we prove that the proposed approach can enhance the energy efficiency of GABOR+LBP+GRAY VALUE, GABOR+LBP, GABOR, and LBP by factors of 6.8, 3.6, 3.6, and 2.4 over the baseline, respectively, while satisfying user's face recognition accuracy.

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.59-68
• /
• 2002

The smart card including memory and processor is able to simple process such as privilege unauthorized access and used to Authentication System for security. In this paper, we propose using the smart card in the key exchange phase when secure Internet phones conversation, so certainly guarantee to mutual authentication and secret communication.

• Journal of Convergence for Information Technology
• /
• v.11 no.11
• /
• pp.66-74
• /
• 2021

With the development of the Internet, user authentication technology that proves me online is improving. Existing ID methods pose a threat of personal information leakage if the service provider manages personal information and security is weak, and the information subject is to the service provider. In this study, as online identification technology develops, we propose a DID-based self-authentication model to prevent the threat of leakage of personal information from a centralized format and strengthen sovereignty. The proposed model allows users to directly manage personal information and strengthen their sovereignty over information topics through VC issued by the issuing agency. As a research method, a self-authentication model that guarantees security and integrity is presented using a decentralized identifier method based on distributed ledger technology, and the security of the attack method is analyzed. Because it authenticates through DID Auth using public key encryption algorithms, it is safe from sniffing, man in the middle attack, and the proposed model can replace real identity card.

• Journal of Industrial Convergence
• /
• v.20 no.11
• /
• pp.191-196
• /
• 2022

In the fintech field, financial transactions with smart phones are actively conducted. User authentication technology is essential for safe financial transactions. PIN authentication through the existing security keypads is convenient to input but has weaknesses in security and others. The biometric authentication technique is secure, but there is a possibility of false positive and false negative authentication. To compensate for this, two-factor authentication is used. In this paper, we propose the 1.5-factor authentication that can increase convenience and security through PIN input with biometric authentication. It provides the stability of fingerprint authentication and convenience of two or three PIN inputs, and this makes safe financial transaction possible. Since biometric authentication is performed at the same time when entering PIN, while security is required by applying fingerprint authentication to the area touched while entering PIN. The User authentication is performed while ensuring convenience to input through additional PIN input in situations where high safety is required, and Safe financial transactions are possible.

• Journal of the Korea Convergence Society
• /
• v.8 no.2
• /
• pp.9-14
• /
• 2017

A fingerprint is unique to each person and can be represented as a digital form. As the fingerprint is the part of human body, fingerprint recognition is much more easy to use and secure rather than using password or resident card for user authentication. In addition, as the newly released smart phones have built-in camera and fingerprint sensors, the demand for biometric authentication is increasing rapidly. But, the drawback is that the fingerprint can be counterfeited easily and if it's exposed to the hacker, it cannot be reused. Thus, the original fingerprint template should be transformed for registration and authentication purposes. Existing transformation functions use passcode to transform the original template to the cancelable form. Additional module is needed to input the passcode, so it requires more cost and lowers the usability. In this paper, we propose biometric authentication scheme that is economic and easy to use. The proposed scheme is consisted of cancelable biometric template creation, registration and user authentication protocols, and can control several security levels by configuring the number of fingerprints and scan times. We also analyzed that our scheme is secure against the brute-force attack and the active attacks.