• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.45-46
• /
• 2024

스프링 부트는 개발 및 실행 환경 설정이 간편하기 때문에 백엔드 개발에 활용되는 프레임워크이고 React는 프론트엔드 개발에 활용되는 프레임워크이다. 본 논문에서는 스프링 부트와 React를 사용하는 웹 응용에서 로그인 시스템 구축 시 JWT를 활용하는 방법과 구조에 관해 설명하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.111-122
• /
• 2018

Using OAuth protocol, third-party applications on the Android operating system use user's credentials or access tokens that have access authority on user's resources to gain user's account and personal information from account information providers. These credentials and token information are stored in the device by the OAuth data management method provided by the Android operating system. If this information is leaked, the attacker can use the leaked credential and token data to get user's personal data without login. This feature enables the digital forensic investigator to collect data directly from the remote server of the services used by the target of investigation in terms of collecting evidence data. Evidence data collected at a remote location can be a basis for secondary warranties and provide evidence which can be very important evidence when an attacker attempts to destroy evidence, such as the removal of an application from an Android device. In this paper, we analyze the management status of OAuth tokens in various Android operating system and device environment, and show how to collect data of various third party applications using it. This paper introduces a method of expanding the scope of data acquisition by collecting remote data of the services used by the subject of investigation from the viewpoint of digital forensics.

• Smart Media Journal
• /
• v.8 no.3
• /
• pp.23-30
• /
• 2019

With the popularization of the Internet and smartphone uses, people in the modern era are living in a multi-channel environment in which they access the information system freely through various methods and media. In the process of utilizing such services, users must authenticate themselves, the typical of which is ID & password authentication. It is considered the most convenient method as it can be authenticated only through the keyboard after remembering its own credentials. On the other hand, modern web services only allow passwords to be set with high complexity by different combinations. Passwords consisting of these complex strings also increase proportionally, since the more services users want to use, the more user authentication information they need to remember is recommended periodically to prevent personal information leakage. It is difficult for the blind, the disabled, or the elderly to remember the authentication information of users with such high entropy values and to use it through keyboard input. Therefore, this paper proposes a user authentication method using Google Assistant, MFCC and DTW algorithms and speaker authentication to provide the handicapped users with an easy user authentication method in the login process.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.3
• /
• pp.51-57
• /
• 2023

Smart mirror is an IoT device that attaches a display and an embedded computer to the mirror and provides various information to the user along with the mirror function. This paper presents performance evaluation of the CoMirror system as an extension of the previous research in which proposed and implemented the CoMirror system that connects Smart Mirrors using a network. First, the login performance utilizing face recognition was evaluated. As result of the performance evaluation, it was concluded that the 40 face images are most suitable for face learning and only one face image is most suitable for face recognition for login. Second, as a result of evaluating the message transmission time, the average time was 0.5 seconds for text, 0.63 seconds for audio, and 2.9 seconds for images. Third, as a result of measuring a video communication performance, the average setup time for video communication was 1.8 seconds and the average video reception time was 1.9 seconds. Finally, according to the performance evaluation results, we conclude that the CoMirror system has high practicality.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.6
• /
• pp.628-646
• /
• 2009

Users want to browse and search various web contents with mobile devices which can be used anywhere and anytime without limitations, in the same manner as desktop. But mobile devices have limited resources compared to desktop in terms of computing performance, network bandwidth, screen size for full browsing, and etc, so there are many difficulties in providing support for mobile devices to fully use desktop-based web contents. Recently, mobile network bandwidth has been greatly improved, however, since mobile devices cannot provide the same environment as desktop, users still feel inconvenienced. To provide web contents optimized for each user device, there have been studies about analyzing code to extract blocks for adaptation to a mobile environment. But since web contents are divided into several items such as menu, login, news, shopping, etc, if the block dividing basis is limited only to code or segment size, it will be difficult for users to recognize and find the items they need. Also it is necessary to resolve interface issues, which are the biggest inconvenience for users browsing in a mobile environment. In this paper, we suggest a personalized adaptation system that extracts item blocks from desktop-based web contents based on user interests, layers them, and adapts them for users so they can see preferred contents first.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.6
• /
• pp.205-212
• /
• 2015

SSH provides a secure, encrypted communication channel between two end point systems using public key encryption. But SSH brute force attack is one of the most significant attacks. This kind of attack aims to login to the SSH server by continually guessing a large number of user account and password combinations. In this paper, we analyze logs of SSH brute force attacks in 2014 and propose a failed-log based detection mechanism in high performance computing service environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1235-1243
• /
• 2015

The purpose of this study was to find if the password composition of domestic users is affected by the different form of the word 'Password' in the interface of login or password change. In particular, 'Password', foreign notation, and 'Secret Number', notation translated by Korean, have a semantic difference. According to the survey of 200 students in S university, passwords made under the word 'Secret Number' are heavy on numbers than alphabet. Because these passwords make much smaller composition space than another case, they have bad security impact. We expect to make use of this paper as a base line data for study to find how improve domestic user's password security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.9
• /
• pp.4508-4528
• /
• 2016

Widespread use of wireless networks has drawn attention to ascertain confidential communication and proper authentication of an entity before granting access to services over insecure channels. Recently, Truong et al. proposed a modified dynamic ID-based authentication scheme which they claimed to resist smart-card-theft attack. Nevertheless, we find that their scheme is prone to smart-card-theft attack contrary to the author's claim. Besides, anyone can impersonate the user as well as service provider server and can breach the confidentiality of communication by merely eavesdropping the login request and server's reply message from the network. We also notice that the scheme does not impart user anonymity and forward secrecy. Therefore, we present another authentication scheme keeping apart the threats encountered in the design of Truong et al.'s scheme. We also prove the security of the proposed scheme with the help of widespread BAN (Burrows, Abadi and Needham) Logic.

• The Journal of Information Technology
• /
• v.6 no.3
• /
• pp.65-73
• /
• 2003

The evaluation AP embedded Linux board is implemented. The board is made of IBM 405 GP processor, PPCBoot-1.2.1 boot loader, Linux-2.4.21 kernel and root file system. The evaluation board has two flash memories, boot flash and application flash of size 512Kbyte and 16Mbyte, respectively. And it supports IEEE 802.11a which provide the maximum throughput of 54Mbps in the 5.2GHz frequency band. MTD(Memory Technology Device) and JFFS2(Journalling Flash File System version 2) technologies are adopted to optimally package the system software, boot loader, kernel and root file system. And in order to optimize root file system, busybox package and tiny login are used. Linux kernel and root file system is combined together with mkimage utility.