• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.513-525
• /
• 2020

Until today, the personal information of subjects has been centralized in many companies or institutions. However, in recent days, the paradigm has gradually changed in the direction that subjects control their personal information and persue their self-sovereignty. Globally, individual data sovereignty is strengthened by the European Union's General Data Protection Regulation(GDPR) and the US California Consumer Privacy Act(CCPA). In Korea, a few alliances consist of various companies are creating technology research and service application cases for decentralized ID service model. In this paper, the current decentralized ID service model and its limitations are studied, and a improved decentralized ID service model that can solve them is proposed. The proposed model has a function of securely storing decentralized ID to the third party and a linkage function that can be interoperated even if different decentralized ID services are generated. In addition, a more secure and convenient model by identifying the security threats of the proposed model and deriving the security requirements, is proposed. It is expected that the decentralized ID technology will be applied not only to the proof of people but also to the device ID authentication management of the IoT in the future.

• Information Systems Review
• /
• v.20 no.3
• /
• pp.33-49
• /
• 2018

Since there are growing concerns regarding personal information, users have perceived the importance of it. It makes users try to manage and control personal information by their own intentions. Therefore, we assume users now have begun to perceive psychological ownership on personal information. A main objective of this study is to identitythe relationship between accountability, self-identity, self-efficacy and sense of belongingness and psychological ownership on personal information. We conduct an online-basedsurvey and establish a structural equation model for testing hypothesis. The results show that users' accountability, self-identity and sense of belongingness positively influence to psychological ownership on personal information. Additionally, users' perceived psychological ownership on personal information increase their concern for information privacy. This study suggests a new concept as 'perceived psychological ownership on personal information' to explain for intentions of their psychological possessions toward personal information. The findings of this study can provide a way for how firms have to require clients' personal information with increasing their satisfactions.

• Bulletin of the Korean Mathematical Society
• /
• v.46 no.4
• /
• pp.743-769
• /
• 2009

An ID-based DNF signature scheme is an ID-based signature scheme with an access structure which is expressed as a disjunctive normal form (DNF) with literals of signer identities. ID-based DNF signature schemes are useful to achieve not only signer-privacy but also a multi-user access control. In this paper, we formally define a notion of a (non-interactive) ID-based DNF signature and propose the first noninteractive ID-based DNF signature schemes that are secure under the computational Diffie-Hellman and subgroup decision assumptions. Our first scheme uses random oracles, and our second one is designed without random oracles. To construct the second one, we use a novel technique that converts a non-interactive witness indistinguishable proof system of encryption of one bit into a corresponding proof system of encryption of a bit-string. This technique may be of independent interest. The second scheme straightforwardly yields the first ID-based ring signature that achieves anonymity against full key exposure without random oracles. We finally present two extensions of the proposed ID-based DNF signature schemes to support multiple KGCs and different messages.

• Journal of Korea Multimedia Society
• /
• v.16 no.10
• /
• pp.1156-1162
• /
• 2013

Face verification has been widely studied during the past two decades. One of the challenges is the rising concern about the security and privacy of the template database. In this paper, we propose a secure face verification system which generates a unique secure cryptographic key from a face template. The face images are processed to produce face templates or codes to be utilized for the encryption and decryption tasks. The result identity data is encrypted using Advanced Encryption Standard (AES). Distance metric naming hamming distance and Euclidean distance are used for template matching identification process, where template matching is a process used in pattern recognition. The proposed system is tested on the ORL, YALEs, and PKNU face databases, which contain 360, 135, and 54 training images respectively. We employ Principle Component Analysis (PCA) to determine the most discriminating features among face images. The experimental results showed that the proposed distance measure was one the promising best measures with respect to different characteristics of the biometric systems. Using the proposed method we needed to extract fewer images in order to achieve 100% cumulative recognition than using any other tested distance measure.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5616-5642
• /
• 2016

Different from traditional auctions, electronic auctions provide a platform to allow bidders and auctioneers merchandise to each other over network anytime and anywhere. Auctioneers can publish information of goods, and bidders can choose the interested targets through this bidding platform. To ensure the fairness and security of electronic auctions, Li et al. have proposed a practical electronic auction scheme which can confirm the requirement of strong anonymity, bidding privacy, and secret bidding price. However, we have found out that Li et al.'s scheme may lurk the risk of the denial-of-service attack during the bidding phase in a sealed-bid auction. Thus, we propose a brand-new sealed-bid auction mechanism, in which the essentials of e-auction can be firmly preserved. In particular, each bidder only needs to register at the center once and then can join to multiple plays launched by different auctioneers. Moreover, the correctness of mutual authentication is confirmed according to the BAN logic model.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.516-519
• /
• 2014

Cloud computing is an up-and-coming paradigm shift transforming computing models from a technology to a utility. However, security concerns related to privacy, confidentiality and trust are among the issues that threaten the wide deployment of cloud computing. With the advancement of ubiquitous mobile-based clients, the ubiquity of the model suggests a higher integration in our day to day life and this leads to a rise in security issues. To strengthen the access control of cloud resources, most organizations are acquiring Identity Management Systems (IDM). This paper presents one of the most popular IDM systems, specifically OAuth, working in the scope of Mobile Cloud Computing which has many weaknesses in its protocol flow. OAuth is a Delegated Authorization protocol, and not an Authentication protocol and this is where the problem lies. This could lead to very poor security decisions around authentication when the basic OAuth flow is adhered to. OAuth provides an access token to a client, so that it can access a protected resource, based on the permission of the resource owner. Many researchers have opted to implement OpenlD alongside OAuth so as to solve this problem. But OpenlD similarly has several security flows. This paper presents scenarios of how insecure implementations of OAuth can be abused maliciously. We incorporate an authentication protocol to verify the identities before authorization is carried out.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.63-76
• /
• 2023

Identity and access management in cloud computing is one of the leading significant issues that require various security countermeasures to preserve user privacy. An authentication mechanism is a leading solution to authenticate and verify the identities of cloud users while accessing cloud applications. Building a secured and flexible authentication mechanism in a cloud computing platform is challenging. Authentication techniques can be combined with other security techniques such as intrusion detection systems to maintain a verifiable layer of security. In this paper, we provide an interactive, flexible, and reliable multi-factor authentication mechanisms that are primarily based on a proposed Authentication Method Selector (AMS) technique. The basic idea of AMS is to rely on the user's previous authentication information and user behavior which can be embedded with additional authentication methods according to the organization's requirements. In AMS, the administrator has the ability to add the appropriate authentication method based on the requirements of the organization. Based on these requirements, the administrator will activate and initialize the authentication method that has been added to the authentication pool. An intrusion detection component has been added to apply the users' location and users' default web browser feature. The AMS and intrusion detection components provide a security enhancement to increase the accuracy and efficiency of cloud user identity verification.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1478-1486
• /
• 2016

This paper introduces technical methods to improve the accessibility and usability of a WebRTC video conference (VC) application. Simplified login is essential, by applying such as single sign-on (SSO) to improve the accessibility of VC applications. High usability and manageability are also necessary to attract more users, enhance user experiences, and save service management cost. The proposed VC application leverages SAML-based federated identity management (FIM) to enable higher service accessibility. Users can access the application with their organizational ID and SSO authentication. The FIM eases user ID management and indirectly strengthens privacy information protection. Proposed web application has high usability and manageability because users and/or administrators can easily create, join, monitor, or tear down VC sessions through RESTful web service (REST API). We verify the feasibility of the VC application after illustrating the SAML-based identity federation and the designed REST API.

• The Journal of the Korea Contents Association
• /
• v.12 no.7
• /
• pp.156-168
• /
• 2012

As the increase of violent crimes such as robbery, murder, and rape has become a social problem, the government is considering institutionalizing the identification of criminals to prevent crime and to guarantee people's right to know. Such an atmosphere led to the approval of the revision of 'Special Law On the Punishment of Specific violent Crimes' in the National Assembly in April 2010. The revision allows the revelation of the profiles of crime suspects including the pictures of their faces at the investigation stage. However, whether the revision had been effective in preventing crime has not been demonstrated empirically. Moreover, identity revelation is a grave intrusion into privacy and an abuse of human rights such as personal rights and the right to a fair trial, since personal information of criminal suspects would be released to the media prior to the court's final judgements. Also it violates the principle of presumption of innocence, the principles of due process, the principle of double jeopardy, the principle of prohibition against excessive, the principles of clarity, and the principle of liability.

• Journal of Digital Convergence
• /
• v.15 no.12
• /
• pp.477-487
• /
• 2017

This study is for empirical analyzing the ethical contents in using social media, such as what kind of ethical responsibility do the teenage users have, how do they recognize the ethical concept in producing or sharing the information and how these ethical factors affect their behavior of social media uses. After survey with the structured questionnaire, statistical analyses with available 227 cases are processed. As a result, there are 4 ethical factors in using social media which as included 'privacy', 'copyright', 'fullness', 'accuracy', 'truth-telling', 'fairness', 'relief of harmful effect', 'credibility', 'objectivity', 'impartiality', included 'moderation', 'respect', 'autonomy', 'control', 'care of mischief', included 'interactivity', 'multiplicity', 'anonymity', 'divergence', 'social community', included 'transparency', 'openness'. All these ethical factors are positive correlated to the level of social media users' opinion expression, opinion support, information leading, information searching. Especially, is the most effective factor to social media users' behavior.