• Journal of information and communication convergence engineering
• /
• v.8 no.4
• /
• pp.427-432
• /
• 2010

The fast-emerging of cloud computing technology today has sufficiently benefited its wide range of users from individuals to large organizations. It carries an attractive characteristic by renting myriad virtual storages, computing resources and platform for users to manipulate their data or utilize the processing resources conveniently over Internet without the need to know the exact underlying infrastructure which is resided remotely at cloud servers. However due to the loss of direct control over the systems/applications, users are concerned about the risks of cloud services if it is truly secured. In the literature, there are cases where attackers masquerade as cloud users, illegally access to their accounts, by stealing the static login password or breaking the poor authentication gate. In this paper, we propose a two-factor authentication framework to enforce cloud services' authentication process, which are Public Key Infrastructure (PKI) authentication and mobile out-of-band (OOB) authentication. We discuss the framework's security analysis in later session and conclude that it is robust to phishing and replay attacks, prohibiting fraud users from accessing to the cloud services.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.317-322
• /
• 2005

The existing certificate based authentication or identification just verifies whether the owner of private key corresponding to public key of certificate is the DN user set in the user field in the certificate or not, then we cannot find out who is the actual private key owner in a real world. To make up for this weak points, the method to insert the identification number like the resident registration number into the certificate extension field is applied as a technical standard to current domestic PKI system. In this paper, we propose the ECC based integrated identification, identification number checking and key management protocol providing user validation during the login.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06c
• /
• pp.216-220
• /
• 2010

저가화, 소형화, 지능화되고 있는 RFID 칩은 조달, 국방, 우편, 교육, 문화, 교통 및 환경 등의 다양한 분야에 적용되고 있다. 본 연구는 이러한 RFID를 생명공학의 핵심기술인 PCR 기술을 수행하는 Thermal Cycler에 도입하였다. 이는 사용자가 RFID 리더기를 장착한 Thermal Cycler 장비에 본인의 RFID 태그를 인식시켜 별도의 login을 하지 않고도 실험에 쓰인 protocol에 손쉽게 접근할 수 있도록 한다. 또한 사용자 본인의 RFID 태그를 사용하기 때문에 같은 장비를 사용하는 다른 사용자나 제 3의 인물로부터 실험내용을 보호함으로써 보안성을 높일 수 있다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.5 no.6
• /
• pp.809-815
• /
• 1999

본 논문에서는 현재 웹의 주요한 기술로 부각되고 있는 액티브 서버페이지와 동적 웹 기술을 이용한 가상교육 시스템 구현에 대해서 다룬다. 이 시스템은 사용자로부터 프로그램 소스를 보호할 수 있고 또한 인터넷 서버에서 실행되는 액티브 서버 기술을 동적 웹 기술과 접목하여 사용자를 인지, 구별하고 사용자의 정보에 적합한 웹 페이지를 구성할 수 있다. 또한 가상교육시스템은 학년, 학과, 수강신청 정보에 따라서 적합한 사용자 환경을 구성하여 주고 수업진도에 따라 교안 및 정보를 제공할 수 있다. 이렇게 구성함으로써 시스템의 접속 사용자에 관련된 적합한 정보를 제공하여 사용자가 원하는 교육서비스를 받을 수 있게 한다.Abstract In this paper, we present our implementation of cyber education system using Dynamic Web and Active Server Pages, key technologies of the current web. This system is composed of web pages fitted to user information, which is collected and differentiated by both Active Server Technology running at server and protecting program source and Dynamic Web Technology. This system provides information and teaching content according to the progress of a course and user environments based on information such as a school year, a department and credit request information. Therefore login users can receive education services by providing adequate information related to them.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.892-911
• /
• 2019

Biometric recognition systems have been widely used for information security. Among the most popular biometric traits, there are fingerprint and face due to their high recognition accuracies. However, the security system that uses face recognition as the login method are vulnerable to face-spoofing attacks, from using printed photo or video of the valid user. In this study, we propose a fast and robust method to detect face-spoofing attacks based on the analysis of spatial frequency differences between the real and fake videos. We found that the effect of a spoofing attack stands out more prominently in certain regions of the 2D Fourier spectra and, therefore, it is adequate to use the information about those regions to classify the input video or image as real or fake. We adopt a divide-conquer-aggregate approach, where we first divide the frequency domain image into local blocks, classify each local block independently, and then aggregate all the classification results by the weighted-sum approach. The effectiveness of the methodology is demonstrated using two different publicly available databases, namely: 1) Replay Attack Database and 2) CASIA-Face Anti-Spoofing Database. Experimental results show that the proposed method provides state-of-the-art performance by processing fewer frames of each video.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.1
• /
• pp.9-16
• /
• 2019

Smartphones are becoming a portable computer. As a result, even the most sensitive financial application services are now available anywhere on the smartphone. Compared to general PCs, smartphones communicate with external devices through various channels such as wireless internet, mobile communication network, Bluetooth, and NFC, and a wide variety of applications are provided. Therefore, if vulnerabilities exist, the possibility of attack damage increases. In this paper, we analyze the vulnerabilities of dynamic virtual keyboards used in login of banking apps of smartphones with various physical constraints and propose countermeasures.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.125-134
• /
• 2018

Lamport firstly suggested password base authentication scheme and then, similar authentication schemes have been studied. Due to the development of Internet network technology, remote user authentication using smart card has been studied. Li et al. analyzed authentication scheme of Chen et al. and then, Li et al. found out the security weakness of Chen et al.'s scheme such forward secrecy and the wrong password login problem, and proposed an a new smart card based user password authentication scheme. But Liu et al. found out that Li et al.'s scheme still had security problems such an insider attack and man-in-the-middle attack and then Liu et al. proposed an efficient and secure smart card based password authentication scheme. This paper analyzed Liu et al.'s authentication and found out that Liu et al.'s authentication has security weakness such as no perfect forward secrecy, off-line password guessing attack, smart-card loss attack, and no anonymity. And then, this paper proposed security enhanced efficient smart card based password authentication scheme using fuzzy extraction technology.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.111-118
• /
• 2021

Banking systems are sensitive to data privacy since users' data, if not well protected, may be used to perform fake transactions. Blockchains, public and private, are frequently used in such systems thanks to their efficiency and high security. Public blockchains fail to fully protect users' data, despite their power in the accuracy of the transactions. The private blockchain is better used to protect the privacy of the sensitive data. They are not open and they apply authorization to login into the blockchain. However, they have a lower security compared to public blockchain. We propose in this paper a hybrid public-private architecture that profits from network virtualization. The main novelty of this proposal is the use of network virtualization that helps to reduce the complexity and efficiency of the computations. Simulations have been conducted to evaluate the performance of the proposed solution. Findings prove the efficiency of the scheme in reducing complexity and enhancing data privacy by guarantee high security. The contribution conducted by this proposal is that the results are verified by the centralized controller that ensures a correct validation of the resulted blockchains. In addition, computation complexity is to be reduced by profiting from the cooperation performed by the virtual agents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.49-60
• /
• 2011

Instant Messenger is one of the most popular communication service when translating message or data each other through Internet. For digital crime investigation, therefore, it is obviously important to obtain communication trace and contents derived from Instant Messenger. This is because that gathering traditional communication histories also have been important until now. However, extracting communication trace and contents are not easy because they are generally encrypted or obfuscated in local system, futhermore, sometimes they are located at server computer for Instant Messenger. This paper researches on extracting communication histories against NateOn, BuddyBuddy, Yahoo! messenger and Mi3 messenger, and obtaining user password or bypassing authentication system to Instant Messenger Service when a user use auto-login option.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.5
• /
• pp.149-158
• /
• 2010

A messenger program in this paper was designed and implemented using Use Case Diagram, Class Diagram, Activity Diagram, and Sequence Diagram. We selected total 7 major functionalities such as PC server, login, friends management, chatting, file transfer, account management, etc. The followings are various implementation results from this paper. First, developers could easily understand the desired product and programming flow from using UML Diagrams. Second, PDA users could communicate with developers for a long time without time constraints. Third, there was high usability of UML Diagram in the phase of objected-oriented analysis. Forth, it was easy to update and maintain a program.