• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.3
• /
• pp.195-200
• /
• 2012

Smart Phone devices offer convenience for users, but present a new set of security issues due to loss or malicious code. In this paper, a mobile cloud system environment is used with existing smart phones in an attempt to solve the problems in a banking environment. In order to prevent financial damages due to loss or personal information leakage by malicious code, a mobile cloud computing service that provides control and protection of personal information in environment that ensures individual authentication is used. Existing ID / Password with certificate, with the way smart phone dual password authentication scheme using the gyro sensors proposed.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.3-10
• /
• 2018

Each online user should perform a separate registration and manage his ID and password for each online commerce or SNS service. Since a common secret is shared between the user and the SNS server, the server compromise induces the user privacy breach and financial loss. In this paper, it is considered that the user's authentication material is shared between multiple SNS servers for user authentication. A blockchain service architecture based on Hyperledger Fabric is proposed for each user to utilize an identical ID and OTP using the enhanced hash-chain-based OTP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.73-92
• /
• 2005

Joux's tripartite key agreement protocol is one of the most prominent developments in the area of key agreement. Although certificate-based and ID-based authentication schemes have been proposed to provide authentication for Joux's protocol, no provably secure password-based one round tripartite key agreement protocol has been proposed yet. We propose a secure one round password-based tripartite key agreement protocol that builds on Joux's protocol and adapts PAK-EC scheme for password-based authentication, and present a proof of its security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.509-516
• /
• 2021

The transitive signature scheme is a technique that can be very useful when authenticating edges in a graph that is transitively closed. In other words, when there is an authentication value for an edge (i, j) and an authentication value for an edge (j, k), the authentication value for the edge (i, k) can also be calculated immediately without any separate authentication procedure through a transitive signature. In this paper, we propose the first identity-based transitive signature scheme. Our scheme is based on the lattice problem.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.35-39
• /
• 2007

OpenID는 웹 서비스를 위한 사용자 중심의 분산형 인증 메커니즘을 제공한다. OpenID를 이용하면 기존의 아이디와 패스워드를 이용한 인증방법보다 더 편리한 회원등록과 로그인 기능을 제공 할 수 있다. 본 논문에서는 OpenID를 이용하여 모바일 웹 환경에서의 사용자 인증 메커니즘을 설계한다. 먼저, 이동통신 망과 무선인터넷에서의 사용자 인증기술에 대해서 분석하고, OpenID를 이용한 개선된 모바일 웹 사용자 인증 메커니즘을 제안한다. 제안하는 메커니즘의 목표는 모바일 웹 사용자에게는 보다 효율적인 회원등록과 로그인 기능을 제공하고, 모바일 웹 서비스 제공자에게는 좀 더 신뢰성 있는 사용자 인증 수단을 제공하는 데 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.652-654
• /
• 2015

최근 여러 선진국을 중심으로 전자신분증 기능을 갖는 eID 카드가 도입되고 있다. eID 카드의 도입을 위해서는 안전한 개인정보보호 대책이 필수적으로 고려되어야 한다. 그러나 현행 eID 인증시스템에서 중간자공격에 대한 위험성이 기존 연구 문헌에서 제기된 바 있다. 본 논문에서는 기존의 eID 인증방식을 개선하여, 중간자공격으로부터 안전한 방식을 제안하고자 한다. 제안한 방식으로 인증 과정에서의 개인정보 노출에서 안전을 보장받을 수 있다.

• Journal of the Korean Society of Industry Convergence
• /
• v.20 no.2
• /
• pp.177-186
• /
• 2017

With the latest developments in ICT(Information Communication Technology) technology, research on Intelligent Car, Connected Car that support autonomous driving or services is actively underway. It is true that the number of inputs linked to external connections is likely to be exposed to a malicious intrusion. I studied possible security issues that may occur within the Connected Car. A variety of security issues may arise in the use of CAN, the most typical internal network of vehicles. The data can be encrypted by encrypting the entire data within the CAN network system to resolve the security issues, but can be time-consuming and time-consuming, and can cause the authentication process to be carried out in the event of a certification procedure. To resolve this problem, CAN network system can be used to authenticate nodes in the network to perform a unique authentication of nodes using nodes in the network to authenticate nodes in the nodes and By encoding the ID, identifying the identity of the data, changing the identity of the ID and decryption algorithm, and identifying the cipher and certification techniques of the external invader, the encryption and authentication techniques could be detected by detecting and verifying the external intruder. Add a monitoring node to the CAN network to resolve this. Share a unique ID that can be authenticated using the server that performs the initial certification of nodes within the network and encrypt IDs to secure data. By detecting external invaders, designing encryption and authentication techniques was designed to detect external intrusion and certification techniques, enabling them to detect external intrusions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.37-50
• /
• 2009

With the increase of number of internet services due to development of internet, it becomes a critical issue to appropriately manage the personal information about user's identity, that is ID information that service providers collect in terms of user's convenience improvement and privacy protection. But the existing ID information management models are service provider-centric or they insufficiently provide ID information management functions, so that they have not been satisfying user's requirement. In this paper, by establishing user-centric concept in we information management, we propose the new user-centric ID information management model in which user can make use of the internet service more conveniently and eventually enhance user's privacy.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

• Journal of Internet Computing and Services
• /
• v.21 no.4
• /
• pp.25-34
• /
• 2020

In the current medical information system, a system environment is constructed in which Biometric data generated by using IoT or medical equipment connected to a patient can be stored in a medical information server and monitored at the same time. Also, the patient's biometric data, medical information, and personal information after simple authentication using only the ID / PW via the mobile terminal of the medical staff are easily accessible. However, the method of accessing these medical information needs to be improved in the dimension of protecting patient's personal information, and provides a quick authentication system for first aid. In this paper, we implemented an automatic authentication system based on the patient's situation and evaluated its performance. Patient's situation was graded into normal and emergency situation, and the situation of the patient was determined in real time using incoming patient biometric data from the ward. If the patient's situation is an emergency, an emergency message including an emergency code is send to the mobile terminal of the medical staff, and they attempted automatic authentication to access the upper medical information of the patient. Automatic authentication is a combination of user authentication(ID/PW, emergency code) and mobile terminal authentication(medical staff's role, working hours, work location). After user authentication, mobile terminal authentication is proceeded automatically without additional intervention by medical staff. After completing all authentications, medical staffs get authorization according to the role of medical staffs and patient's situations, and can access to the patient's graded medical information and personal information through the mobile terminal. We protected the patient's medical information through limited medical information access by the medical staff according to the patient's situation, and provided an automatic authentication without additional intervention in an emergency situation. We performed performance evaluation to verify the performance of the implemented automatic authentication system.