• Proceedings of the KAIS Fall Conference
• /
• 2001.11a
• /
• pp.71-74
• /
• 2001

본 논문에서 대 규모 네트워크 게임서버는 기능별로 분산화 되어야 하며, 분산되어 있는 여러 서버 중 특정기능을 수행하는 서버가 장애를 발생하여 전체 시스템에 영향을 주어서는 안 된다. 본 논문이 제시한 구조는 로그인 처리만 수행하는 서버로서 네트워크 게임은 물론 로그인 처리를 요구하는 다른 시스템들에도 적용 가능하다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.3
• /
• pp.127-133
• /
• 2009

The pre-existing medical treatment was done in person between doctors and patients. EMR (Electronic Medical Record) System computerizing medical history of patients has been proceed and has raised concerns in terms of violation of human right for private information. Which integrates "Identification information" containing patients' personal details as well as "Medical records" such as the medical history of patients and computerizes all the records processed in hospital. Therefore, all medical information should be protected from misuse and abuse since it is very important for every patient. Particularly the right to privacy of medical record for each patient should be surely secured. Medical record means what doctors put down during the medical examination of patients. In this paper, we applies fingerprint identification to EMR system login to raise the quality of personal identification when user access to EMR System. The system implemented in this paper consists of embedded module to carry out fingerprint identification, web server and web site. Existing carries out it in client. And the confidence of hospital service is improved because login is forbidden without fingerprint identification success.

• The KIPS Transactions:PartC
• /
• v.14C no.4
• /
• pp.321-330
• /
• 2007

This paper proposes a two-phase server login authentication system by XML-Signature schema extension to protect server's information resources opened on network which offer various web contents. A proposed system requests and publishes XML-based certificate through on-line, registers certificate extension information provided by CA(Certification Authority) to XCMS(XML Certificate Management Server), and performs prior authentication using user's certificate password. Then, it requests certificate extension information added by user besides user's certificate password and certificate extension information registered in XCMS by using SOAP message, and performs posterior authentication by comparing these certificate extension information. As a result, a proposed system is a security reinforced system compared with existing systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.4987-5014
• /
• 2015

The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.511-535
• /
• 2017

Internet banking is one of many services provided by financial institutions that have become very popular with an increasing trend. Due to the increased amount of usage of the service, Internet banking has become a target from adversaries. One of the points that are at risk of an attack is the login process. Therefore, it is necessary to have a security mechanism that can reduce this risk. This research designs and develops a multi-factor authentication protocol, starting from a registration system, which generates authentication factors, to an actual authentication mechanism. These factors can be categorised into two groups: short term and long term. For the authentication protocol, only three messages need to be exchanged between a client and a financial institution's server. Many cryptographic processes are incorporated into the protocol, such as symmetric and asymmetric cryptography, a symmetric key generation process, a method for generating and verifying digital signatures. All of the authentication messages have been proved and analysed by the logic of GNY and the criteria of OWASP-AT-009. Even though there are additional factors of authentication, users do not really feel any extra load on their part, as shown by the satisfactory survey.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.1
• /
• pp.243-251
• /
• 2008

The cyber classes of an e-Learning system have been considered as one of the important form of education. Especially. some of non-major(liberal arts and science) and major subjects are held in cyber classes. However, there is no or little study of effectiveness and function for the students' position. In this study, we analyzed log files in the e-learning system. and classified login and learning hour patterns of students. who were enrolled in the cyber classes. into hourly pattern in a day, daily pattern in a week, and weekly pattern in a semester. We proposed general ideas to improve effectiveness and function of current e-learning. Over 50% of logins were for less than 30 minutes learning and there is wasteful use of e-learning system resources.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.472-474
• /
• 2017

Storage of files is important in the information age. In particular, files in the company should be managed more efficiently. In this paper, we connect to FTP Server through Client program to manage files efficiently. The FTP Server builds a database to manage employee information in the company and folder paths for each employee. The Client program can be used after login with the assigned employee number and password. You can check the list of files stored in the FTP server when login is successful and upload, download and delete after selecting specific files. Folders can also be created and deleted for more systematic management of files. For the efficient operation of the company, it is implemented so that it can be divided into a personal drive and a public drive.

• Journal of the Korea Computer Industry Society
• /
• v.7 no.3
• /
• pp.237-244
• /
• 2006

The purpose of this study is to propose the online game server architecture which can expand as the number of users increases. In most online game servers, there is a server group composed of a login server, a cache server, a database server, a game server, and an NPC server, and when the number of users increases, an additional server group with the same structure is installed. The server architecture proposed in this study does not install a server group composed of a login server, a cache server, a database server, a game server, an NPC server, etc., but installs a game server only. When there is a need for the cache server and database server, the required servers will be additionally installed, thus reducing costs.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.4
• /
• pp.43-53
• /
• 2020

There are three standards for FIDO1 authentication technology: Universal Second Factor (U2F), Universal Authentication Framework (UAF), and Client to Authenticator Protocols (CTAP). FIDO2 refers to the WebAuthn standard established by W3C for the creation and use of a certificate in a web application that complements the existing CTAP. In Korea, the FIDO certified market is dominated by UAF, which deals with standards for smartphone (Android, iOS) apps owned by the majority of the people. As the market requires certification through FIDO on PCs, FIDO Alliance and W3C established standards that can be certified on the platform-independent Web and published 『Web Authentication: An API for Accessing Public Key Credentials Level 1』 on March 4, 2019. Most PC do not contain biometrics, so they are not being utilized contrary to expectations. In this paper, we intend to present a model that allows login in PC environment through biometric recognition of smartphone and FIDO UAF authentication. We propose a model in which a user requests login from a PC and performs FIDO authentication on a smartphone, and authentication is completed on the PC without any other user's additional gesture.

• Journal of Information Technology Services
• /
• v.20 no.3
• /
• pp.87-101
• /
• 2021

Since the introduction of block chain technology, its potential use in financial service area have been increasing, and financial firms are seeking ways to take advantage of the benefits of it. The purpose of this study is to present an approach to prioritize block chain-based services for bank. Toward this, we picked out potential financial services through focus group interview and derived the criteria that can be used in evaluating the priorities of block chain-based banking services in the same way. Then, we propose an analytic hierarchy process model to help decision makers prioritize the banking services while considering multiple criteria of technology issues, governmental regulations in the financial industry, cost, managerial issues, customers' needs, and the business opportunity for the bank. By using the analytic hierarchy process model, we can estimate the weighting coefficients to be assigned to each criteria and determine the order of priority in determining the best block chain-based service for the case study bank. The results show that banking login authentication would be forefront service, followed by money transfer, document notarization, and trade financing service in the order, and the trade financing could be most important service in terms of the business profitability for the bank in the future.