• Journal of Multimedia Information System
• /
• v.8 no.1
• /
• pp.23-30
• /
• 2021

Palmprint has become a popular biometric modality; however, palmprint recognition has not been conducted in video media. Video palmprint recognition (VPR) has some advantages that are absent in image palmprint recognition. In VPR, the registration and recognition can be automatically implemented without users' manual manipulation. A good-quality image can be selected from the video frames or generated from the fusion of multiple video frames. VPR in contactless mode overcomes several problems caused by contact mode; however, contactless mode, especially mobile mode, encounters with several revere challenges. Double-line-single-point (DLSP) assisted placement technique can overcome the challenges as well as effectively reduce the localization error and computation complexity. This paper modifies DLSP technique to reduce the invalid area in the frames. In addition, the valid frames, in which users place their hands correctly, are selected according to finger gap judgement, and then some key frames, which have good quality, are selected from the valid frames as the gallery samples that are matched with the query samples for authentication decision. The VPR algorithm is conducted on the system designed and developed on mobile device.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.129-137
• /
• 2009

While the broadband network and multimedia technologies have been developing, the commercial market of digital contents also has been widely spreading with recently starting IPTV. As the IPTV services are getting to be generalized and popularized, the contents protection and authentication system tends to draw more attentions. So we need a system that can protect contents and allow only authenticated person to use right service by controling user authority and using content encryption. Until now, the conventional protection and authentication system is taking advantages of merits both in CAS and DRM. But the weak point of this system are in high costs, complexity and using HW. For resolving these problems, in this paper, we proposed IPTV contents protection and authentication system using OTP. When we transmit the content encrypted by OTP key using contents delivery technology, we operate XOR with contents using another settop-box's OTP key which was transmitted from distribution server. And contents are reconstructed and transmitted to the settop-box, In the end, downloaded content are encrypted by OTP key and are superior in content protection when contents redistribution. Since OTP use double-authentication elements in encryption process, this method is excellent in content protection. And it is very effective in cost aspect because it could be implemented by SW program. Another benefit is that we can shorten the development time period. In this paper, we propose and find its possibility as a new content protection and authentication method suitable for IPTV services.

• Journal of the Korea Convergence Society
• /
• v.9 no.4
• /
• pp.9-14
• /
• 2018

Recently, as the internet speed is getting faster, in the cloud environment, the service receiving device is changing from a general PC to a compact device such as a mobile phone or a tablet PC. Since handheld devices such as mobile phones or tablet PCs are often used in wireless rather than wired, there are many problems that personal information may be exposed maliciously from a third party. In this paper, we propose a user privacy protection scheme through a duplicate duplicate key generation process which can safely protect user 's privacy from third party among cloud services being served through various wireless media. The proposed scheme is used to synchronize the duplicated key between the server and the intermediary device, and aims at shortening the time of the authentication process protecting the user 's privacy. In this case, the proposed scheme uses Interleave() function and random number to synchronize the server and the intermediary device, so it can safely prevent the malicious attack of the third party.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.261-273
• /
• 2019

Recently, with the development of IT technology, there is an increasing interest in cloud services as the number of users using mobile devices such as mobile phones and tablets is increasing. However, there is a need for techniques to control or control various methods of accessing data as the user's service demands increase. In this paper, we propose a dual key based user authentication model that improves the user 's authentication efficiency by using two keys (secret key and access control key) to access the users accessing various services provided in the cloud environment. In the proposed model, the operation process and the function are divided through the sequence diagram of the algorithms (key generation, user authentication, permission class permission, etc.) for controlling the access right of the user with dual keys. In the proposed model, two keys are used for user authentication and service authorization class to solve various security problems in the cloud service. In particular, the proposed model is one of the most important features in that the algorithm responsible for access control of the user determines the service class of the user according to the authority, thereby shortening the management process so that the cloud administrator can manage the service access permission information of the user.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.239-254
• /
• 2007

Ubiquitous computing supports environment to freely connect to network without restrictions of place and time. This environment enables easy access and sharing of information, but because of easy unauthorized accesses, specified security policy is needed. Especially, ubiquitous sensor network devices use limited power and are small in size, so, many restrictions on policies are bound to happen. This paper proposes double-key based light weight security protocol, independent to specific sensor OS, platform and routing protocol in ubiquitous sensor network. The proposed protocol supports safe symmetric key distribution, and allows security manager to change and manage security levels and keys. This had a strong merit by which small process can make large security measures. In the performance evaluation, the proposed light weight security protocol using double-key in ubiquitous sensor network allows relatively efficient low power security policy. It will be efficient to ubiquitous sensor network, such as smart of ace and smart home.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.1
• /
• pp.108-113
• /
• 2008

A proposed system can decrypt each contents block through a double buffer algorithm which can continually buffer contents by dividing a multimedia contents into some blocks and provides more improved method of encryption than existing system by being not capable of decrypting the whole multimedia contents if one key is exposed. Also, using digital signature and public encryption algorithm for mutual authentication between systems, this paper proposes the system which sends and encrypts symmetric keys for contents encryption through SOAP messages.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.11a
• /
• pp.666-670
• /
• 2001

기존의 리눅스 패스워드 인증 시스템에서는 사용자의 계정을 만들어 처음으로 로그인하여 패스워드를 생성할 때에는 사용자의 프로세스 번호와 패스워드를 생성한 시각에 해당하는 값을 seed로 하여 난수를 발생시켜서 salt값을 만든다. 이 salt값은 사용자가 서로 같은 암호를 사용할 경우 암호가 같은 값으로 저장되는걸 막기 위해서 사용하는데 시스템은 salt값과 사용자 패스워드를 단방향 DES 알고리즘을 사용하여 패스워드 파일을 암호화하여 저장한다. 그러나 패스워드 파일에 사용자암호는 암호화되어 저장되지만, salt값이 그대로 저장되기 때문에 패스워드 파일을 가져가게 된다면 사전공격 해킹툴인 John-the-ripper나 Crack 프로그램 등을 이용하여 쉬운 패스워드는 공격자에 의해 간단하게 풀려버린다. 이러한 사전공격에 대한 취약점을 해결하기 위해 암호화된 사용자 패스워드들을 시스템의 또 다른 비밀키를 사용하여 암호화하는 방법을 도입함으로써 사전공격에 강한 패스워드 인증 시스템을 설계 및 구현한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.68-75
• /
• 2013

Recently IPTV that transmits multimedia contents in real time through internet, cable TV net and satelite net gets the limelight. But IPTV service that gives service to users by various media has a problem of not supporting user certification fully. This paper suggests a certification model which prevents getting access permission of IPTV service by sending illegal certification information by adolescent through integrating mobile communication technique with RFID(Radio Frequency IDentification) technique which is a key technique of Ubiquitous environment. This model performs the process of adult certification by keeping synchronization with user's certificaiton information that is saved in data-base of certification server and contents server after getting the system of class categorization in contents server to overcome disadvantage of simple adult certification system that is popular in the existing internet. Also, it adapts double hash chain technique not to down load illegally contents without the permission of manager even if an adolescent gets manager's approval key.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.93-99
• /
• 2011

Recently, the development of internet technology makes user's personal data used by being saved in USB. But there is a critical issue that personal data can be exposed with malicious purpose because that personal data doesn't need to be certificate to use. This paper proposes USB security framework to prevent a duplicate use of personal data for protecting the data which in USB. The proposed USB security framework performs certification process of user with additional 4bite of user's identification data and usage choice of USB security token before certification data when the framework uses USB security product in different network. It makes communication overhead and service delay increased. As a result of the experiment, packet certification delay time is more increased by average 7.6% in the proposed USB security framework than simple USB driver and USB Token, and procedure rate of certification server on the number of USB is also increased by average 9.8%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.11-18
• /
• 2003

As the Internet moves to mobile environment, one of the most serious problems for the security is to required a new security Protocol with safety and efficiency. To solve the problem. we Propose a new Protocol that reduces the communication franc and solves the problem associated with the private security keys supplied by the trusted third party. The protocol is a non-Interactive oblivious transfer protocol, based on the EIGamal public-key algorithm. Due to its Non-Interactive oblivious transfer protocol, it can effectively reduce communication traffic in server-client environment. And it is also possible to increase the efficiency of protocol through the mechanism that authentication probability becomes lower utilizing a challenge selection bit. The protocol complexity becomes higher because it utilizes double exponentiation. This means that the protocol is difficult rather than the existing discrete logarithm or factorization in prime factors. Therefore this can raise the stability of protocol.