• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.2
• /
• pp.154-173
• /
• 2010

Database outsourcing is unavoidable in the near future. In the scenario of data stream outsourcing, the data owner continuously publishes the latest data and associated authentication information through a service provider. Clients may register queries to the service provider and verify the result's correctness, utilizing the additional authentication information. Research on On-line Stream Analytics (OLSA) is motivated by extending the data cube technology for higher multi-level abstraction on the low-level-abstracted data streams. Existing work on OLSA fails to consider the issue of database outsourcing, while previous work on stream authentication does not support OLSA. To close this gap and solve the problem of OLSA query authentication while outsourcing data streams, we propose MDAHRB and MDAHB, two multi-dimensional authentication approaches. They are based on the general data model for OLSA, the stream cube. First, we improve the data structure of the H-tree, which is used to store the stream cube. Then, we design and implement two authentication schemes based on the improved H-trees, the HRB- and HB-trees, in accordance with the main stream query authentication framework for database outsourcing. Along with a cost models analysis, consistent with state-of-the-art cost metrics, an experimental evaluation is performed on a real data set. It exhibits that both MDAHRB and MDAHB are feasible for authenticating OLSA queries, while MDAHRB is more scalable.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1361-1373
• /
• 2016

Recently the need for user authentication with increasing, there are a variety of mechanisms, such as password, graphic authentication, token, biometrics and multiple authentication. in particular, the data of the 2-dimensional(2D) factors such as password, graphic authentication, biometrics is used because of the convenience. The stored information is problematic in that additional data recording needs to be performed whenever authentication data is updated. Furthermore, this storage method is problematic in that the time it takes to perform authentication increases because the time it takes to compare storage data with authentication data increases in proportion to an increase in the amount of the storage data. Accordingly, authentication through the rapid comparison of storage data with authentication data is a very important factor in data recording and authentication technology using memory. Using the three-dimensional(3D) optical memory by variously changing the recoding elements during recoding of data constitutes the way that multiple recoding different data storage. This enables high-density recoding in this way, and by applying the possible parallel processing at the time of recording and restoring method, provided that it is possible to quickly record and restore the data. In addition, each time to solve problems that require additional data recorded by a combination of the stored data record in the old data using a combination of the authentication. The proposed mechanism is proposed an authentication method using scheme after the recoding data in 3D optical memory to apply the conditions corresponding to the recoding condition when restoring the recorded data and through the experiment it was confirmed possible application as an authentication mechanism.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.292-294
• /
• 2021

In this study, we designed an authentication method that can perform authentication again by loading authentication data using a blockchain and comparing it with the authentication data in the future. To this end, after passing through the conventional ID and password input method and the widely used ARS authentication method, authentication is performed using biometric data stored in each user's terminal. After going through these steps, we chose a method of comparing the previously stored chain data with the recently authenticated data to perform final authentication and then reloading the authenticated data into the chain data. It is expected that this study will be able to suggest various authentication methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.8
• /
• pp.2772-2786
• /
• 2022

We had researched an automatic authentication-supported medical information platform[6]. The proposed automatic authentication consists of user authentication and mobile terminal authentication, and the authentications are performed simultaneously in patients' emergency conditions. In this paper, we studied on finding emergency conditions for the automatic authentication by applying big data processing and AI mechanism on the extended medical information platform with an added edge computing system. We used big data processing, SVM, and 1-Dimension CNN of AI mechanism to find emergency conditions as authentication means considering patients' underlying diseases such as hypertension, diabetes mellitus, and arrhythmia. To quickly determine a patient's emergency conditions, we placed edge computing at the end of the platform. The medical information server derives patients' emergency conditions decision values using big data processing and AI mechanism and transmits the values to an edge node. If the edge node determines the patient emergency conditions, the edge node notifies the emergency conditions to the medical information server. The medical server transmits an emergency message to the patient's charge medical staff. The medical staff performs the automatic authentication using a mobile terminal. After the automatic authentication is completed, the medical staff can access the patient's upper medical information that was not seen in the normal condition.

• Journal of Korea Multimedia Society
• /
• v.10 no.12
• /
• pp.1655-1662
• /
• 2007

Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.

• Journal of Korean Institute of Industrial Engineers
• /
• v.42 no.4
• /
• pp.280-289
• /
• 2016

User authentication is an important issue on computer network systems. Most of the current computer network systems use the ID-password string match as the primary user authentication method. However, in password-based authentication, whoever acquires the password of a valid user can access the system without any restrictions. In this paper, we present a keystroke dynamics-based user authentication to resolve limitations of the password-based authentication. Since most previous studies employed a fixed-length text as an input data, we aims at enhancing the authentication performance by combining four different variable creation methods from a variable-length free text as an input data. As authentication algorithms, four one-class classifiers are employed. We verify the proposed approach through an experiment based on actual keystroke data collected from 100 participants who provided more than 17,000 keystrokes for both Korean and English. The experimental results show that our proposed method significantly improve the authentication performance compared to the existing approaches.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.4
• /
• pp.17-22
• /
• 2020

Behavior-based authentication technology, which is currently being researched a lot, requires a long extraction of a lot of data to increase the recognition rate of authentication compared to other authentication technologies. This paper uses the touch sensor and the gyroscope embedded in the smartphone in the Android environment to measure five times to the user to use only the minimum data that is essential among the behavior feature data used in the behavior-based authentication study. By requesting, a total of six behavior feature data were collected by touching the five touch screen, and the mean value was calculated from the changes in data during the next touch measurement to measure the cosine similarity between the value and the measured value. After generating the allowable range of cosine similarity by performing, we propose a user behavior based authentication method that compares the cosine similarity value of the authentication attempt data. Through this paper, we succeeded in demonstrating high performance from the first EER of 37.6% to the final EER of 1.9% by adjusting the threshold applied to the cosine similarity authentication range even in a small number of feature data and experimenter environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2922-2945
• /
• 2018

Achieving efficient authentication is a crucial issue for stream data commonly seen in content delivery, peer-to-peer, and multicast/broadcast networks. Stream authentication mechanisms need to be operated efficiently at both sender-side and receiver-side at the same time because of the properties of stream data such as real-time and delay-sensitivity. Until now, many stream authentication mechanisms have been proposed, but they are not efficient enough to be used in stream applications where the efficiency for sender and receiver sides are required simultaneously since most of them could achieve one of either sender-side and receiver-side efficiency. In this paper, we propose an efficient stream authentication mechanism, so called TIM, by integrating Trapdoor Hash Function and Merkle Hash Tree. Our construction can support efficient streaming data processing at both sender-side and receiver-side at the same time differently from previously proposed other schemes. Through theoretical and experimental analysis, we show that TIM can provide enhanced performance at both sender and receiver sides compared with existing mechanisms. Furthermore, TIM provides an important feature for streaming authentication, the resilience against transmission loss, since each data block can be verified with authentication information contained in itself.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.4
• /
• pp.1049-1065
• /
• 2023

Recently, with the development of IoT, AI, and mobile terminals, medical information platforms are expanding. The medical information platform can determine a patient's emergency situation, and medical staff can easily access patient information through a mobile terminal. However, in the existing platform, emergency situation decision is delayed, and faster and stronger authentication is required in emergency situations. Therefore, we propose an edge computing-based medical information platform for automatic authentication using patient situations. We design an edge computing-based medical information platform architecture capable of rapid transmission of biometric data of IoT and quick emergency situation decision, and implement the platform data flow in emergency situations. Relying on this platform, we propose the automatic authentication using patient situations. The automatic authentication protects patient information through patient-centered authentication by using the patient's situation as an authentication factor, and enables quick authentication by automatically proceeding with mobile terminal authentication after user authentication in emergencies without user intervention. We compared the proposed platform with existing platforms to show that it can make quick and stable emergency decisions. In addition, comparing the automatic authentication with existing authentication showed that it is fast and protects medical information centered on patient situations in emergency situations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4643-4660
• /
• 2014

Integrity authentication of biometric data in Wireless Body Area Network (WBAN) is a critical issue because the sensitive data transmitted over broadcast wireless channels could be attacked easily. However, traditional cryptograph-based integrity authentication schemes are not suitable for WBAN as they consume much computational resource on the sensor nodes with limited memory, computational capability and power. To address this problem, a novel lightweight integrity authentication scheme based on reversible watermark is proposed for WBAN and implemented on a TinyOS-based WBAN test bed in this paper. In the proposed scheme, the data is divided into groups with a fixed size to improve grouping efficiency; the histogram shifting technique is adopted to avoid possible underflow or overflow; local maps are generated to restore the shifted data; and the watermarks are generated and embedded in a chaining way for integrity authentication. Our analytic and experimental results demonstrate that the integrity of biometric data can be reliably authenticated with low cost, and the data can be entirely recovered for healthcare applications by using our proposed scheme.