• 정보처리학회논문지C
• /
• 제12C권2호
• /
• pp.301-308
• /
• 2005

최근 온라인을 이용한 금융거래가 매우 빠른 속도로 증가함에 따라 해당 거래에 대한 유효성 보장은 더욱 중요한 의미를 가지게 되었다. 해당 거래에 대한 유효성 보장을 효과적으로 제공하기 위해서는 거래 당사자의 신원확인, 거래 데이터의 무결성 및 기밀성 보장, 거래의 대한 부인방지 기능 등을 실시간으로 제공할 수 있는 인증서 상태 검증 시스템이 요구된다. 기존의 실시간 인중서 상태 검증 시스템은 모든 트랜잭션에 대해 하나의 노드에서 처리해야하는 구조적인 집중화 현상이 발생한다. 또한 상태 검증을 요청할 때마다 불필요한 정보까지 모두 전송하기 때문에 네트워크 과부하와 통신 병목현상이 발생한다. 이와 갉은 문제점으로 인해 실시간 응답시간이 중요시 되는 금융거래에는 적합하지 않다. 본 논문에서는 기존의 실시간 인증서 상태 검증 요청시 불필요한 정보와 구조적인 집중화 현상으로 인한 문제점을 개선하기 위하여 검증서버를 도메인별로 분산시켜 상태 검증을 처리한다. 또한 인증서 상태 검증에 반드시 필요한 축약정보만을 이용하여 검증을 요청함으로써 네트워크 과부하와 통신 병목현상을 해결 할 수 있는 실시간 인증서 상태 검증 기법을 제안한다. 또한, 실험을 통하여 기존 OCSP(Online Certificate Status Protocol) 기법에 비해 약 $15\%$정도 인증서 상태 검증 속도가 향상됨을 확인하였다.

• 한국멀티미디어학회논문지
• /
• 제18권8호
• /
• pp.950-959
• /
• 2015

The necessity of an empirical study on how projection mapping videos are evaluated from consumers' point of view has arisen, as they can lead to visual pollution if factors including spatial characteristics around the structure and details of the contents are not taken into consideration. This study aims to evaluate projection mapping videos and elucidate the question on whether evaluation criteria positively influence the satisfaction level or not. Above all, five evaluation criteria including artistry, creativity, identity, immersion and usefulness were deducted and a hypothesis from preceding research "each evaluation criteria will positively(+) influence the satisfaction level of projection mapping video" has been established. In order to test the hypothesis, big domestic department stores which screened projection mapping videos were selected and a verification experiment has been conducted with ordinary citizens as subjects. In the result of the experiment, among the five evaluation criteria, artistry, creativity, and usefulness were chosen, while identity and immersion were dismissed. The result verifies that if useful information is provided in forms of interesting contents produced with distinctive ideas and creative methods, it will satisfy the consumers as attractive public design.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권12호
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• 디지털산업정보학회논문지
• /
• 제13권3호
• /
• pp.53-64
• /
• 2017

Korean Identification card or driver license is usually used to verify one's identity in Korea. These are also used as an adult certification. Since the form of these ID card is an analog and it needs to be checked with naked eyes, it might be used maliciously. Someone who's got someone else's ID card can do other things. Therefore, it must be reported rapidly when ID card is lost or stolen. The most serious problem might be occurred when they do not recognize and report the loss. They might suffer from pecuniary or mental damage such as opening a mobile phone service, providing loan or credit card, opening a personal checking account, etc. Thus, this study suggests and compares the ways of avoiding these problems. First, the most effective way is to send the authorization code via mobile phones in consideration of build-up period and cost. The person in charge of business processing department using ID card sends the authorization code via registered mobile phone. The owners submits it to the person and their identifications are confirmed. Next effective way is that the person in charge of business processing department using ID card sends text messages via registered mobile phone. Lastly, the most ineffective way is to introduce and implement the electronic ID card ultimately even though it is expensive and takes a long time to build up the system.

• International Journal of Computer Science & Network Security
• /
• 제23권8호
• /
• pp.63-76
• /
• 2023

Identity and access management in cloud computing is one of the leading significant issues that require various security countermeasures to preserve user privacy. An authentication mechanism is a leading solution to authenticate and verify the identities of cloud users while accessing cloud applications. Building a secured and flexible authentication mechanism in a cloud computing platform is challenging. Authentication techniques can be combined with other security techniques such as intrusion detection systems to maintain a verifiable layer of security. In this paper, we provide an interactive, flexible, and reliable multi-factor authentication mechanisms that are primarily based on a proposed Authentication Method Selector (AMS) technique. The basic idea of AMS is to rely on the user's previous authentication information and user behavior which can be embedded with additional authentication methods according to the organization's requirements. In AMS, the administrator has the ability to add the appropriate authentication method based on the requirements of the organization. Based on these requirements, the administrator will activate and initialize the authentication method that has been added to the authentication pool. An intrusion detection component has been added to apply the users' location and users' default web browser feature. The AMS and intrusion detection components provide a security enhancement to increase the accuracy and efficiency of cloud user identity verification.

• 응용통계연구
• /
• 제37권2호
• /
• pp.209-224
• /
• 2024

화자검증(speaker verification)이란 두개의 음성 데이터로부터 같은 화자의 목소리 인지 아닌지를 판단하는것을 말한다. 범죄현장에서 범인의 목소리만이 증거로 남는경우, 두개의 목소리를 객관적이고 정확하게 비교할 수 있는 화자 검증 시스템 또는 화자 매칭 시스템의 구축이 시급하다. 본 연구에서는 한국어에 대한 화자검증 딥러닝 모형을 새롭게 구축하고, 학습에 필요한 적절한 형태의 학습데이터셋에 대해 연구한다. 음성데이터는 고차원이면서 백그라운드 노이즈를 포함하는 등의 변동성이 큰 특징이 있다. 따라서 화자 검증 시스템을 구축하기위해 딥러닝 기반의 방법 선택하는경우가 많다. 본 연구에서는 ECAPA-TDNN 모형을 선택하여 화자 매칭 알고리즘을 구축하였다. 구축한 모형을 학습시키는데 사용한 Voxceleb은 대용량의 목소리 데이터로 다양한 국적을 가진 사람들로부터 음성데이터를 포함하지만 한국어에 대한 정보는 포함하지 않는 다. 본 연구에서는 한국어 음성데이터를 학습에 포함시켰을때와 포함시키지 않았을때 학습 데이터 내 해당언어의 존재 유무가 모델의 성능에 미치는 영향에 대해 파악하였다. Voxceleb으로만 학습한 모델과 언어와 화자의 다양성을 최대로 하기 위해 Voxceleb과 한국어 데이터셋을 결합한 데이터셋으로 학습한 모델을 비교하였을 때, 모든 테스트 셋에 대해 한국어를 포함한 학습데이터의 성능이 개선됨을 보인다.

• 한국군사과학기술학회지
• /
• 제10권1호
• /
• pp.55-69
• /
• 2007

The paper provides the approach to apply formal methods to the development and certification criteria of defense safety/security-critical software. RTCA/DO-178B is recognized as a do facto international standard for airworthiness certification but lack of concrete activities and vagueness of verification/certification criteria have been criticized. In the case of MoD Def Stan 00-55, the guidelines based on formal methods are concrete enough and structured for the defense safety-related software. Also Common Criteria Evaluation Assurance Level includes the strict requirements of formal methods for the certification of high-level security software. By analyzing the problems of DO-178B and comparing it with MoD Def Stan 00-55 and Common Criteria, we identity the important issues In safety and security space. And considering the identified issues, we carry out merging of DO-178B and CC EAL7 on the basis of formal methods. Also the actual case studies for formal methods applications are shown with respect to the verification and reuse of software components.

• ETRI Journal
• /
• 제25권5호
• /
• pp.401-406
• /
• 2003

A biometric system determines the identity of a person by measuring physical features that can distinguish that person from others. Since biometric features have many variations and can be easily corrupted by noises and deformations, it is necessary to apply machine learning techniques to treat the data. When applying the conventional machine learning methods in designing a specific biometric system, however, one first runs into the difficulty of collecting sufficient data for each person to be registered to the system. In addition, there can be an almost infinite number of variations of non-registered data. Therefore, it is difficult to analyze and predict the distributional properties of real data that are essential for the system to deal with in practical applications. These difficulties require a new framework of identification and verification that is appropriate and efficient for the specific situations of biometric systems. As a preliminary solution, this paper proposes a simple but theoretically well-defined method based on a statistical test theory. Our computational experiments on real-world data show that the proposed method has potential for coping with the actual difficulties in biometrics.

• Human Ecology Research
• /
• 제53권2호
• /
• pp.195-208
• /
• 2015

This study explored general marriage migration for 180 unmarried Vietnamese immigrant women and identified differences in recognition after the choice of marriage. The methods used were frequency analysis, kai verification, and independent t verification were conducted. The findings were as follows. First, unmarried Vietnamese women showed a receptive attitude towards marriage migration with the less-educated group more likely to opt for marriage migration. Economic benefit expectations topped other factors in regards to the image of marriage migrant women and motivation. Dual national identity benefits were also indicated. Second, the perception of external and illusionary images of the spouses of marriage migrant women was low; however, the perception of good occupations and gender equality was high. A vague expectancy of marriage was also found. The perception was high that children from multi-cultural families would be global bilingual talents and adjust to school; however, the perception of social discrimination or prejudice was low. The perception of social discrimination was low concerning the perception of social integration towards marriage migrant women; however, the perception of identities, cultural differences and employment was present. By contrast, the group opting for marriage migration showed a significantly low perception of social discrimination and difficulty in employment. The suggested measures are to regulate and maintain forms of marriage type, reinforce prior training systems for Vietnamese immigrant women (and spouses), enhance multicultural recognition, and supplement multicultural policies.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권10호
• /
• pp.5039-5061
• /
• 2017

Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.