• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.977-980
• /
• 2007

로그인 과정은 사용자의 ID와 Password를 기반으로 시스템에 대한 사용권한을 부여한다. 로그인 과정에서 입력된 ID와 Password 정보는 패킷 스니핑 또는 Keylogger 프로그램 등을 이용하여 악의적인 공격자에 의해 노출될 수 있다는 취약점이 있다. 웹서버 또는 웹메일 시스템 등에 등록된 ID와 Password가 노출된다면 이는 개인 프라이버시 문제와도 연결되어 매우 심각한 문제이기도 하다. 현재 대부분의 시스템에서는 ID와 Password 만을 가지고 사용자에 대한 인증 및 로그인 과정을 수행하기 때문에 더욱더 강력한 복합 로그인 메카니즘이 제시되어야 한다. 본 연구에서는 기존의 ID/Password 기반 로그인 기법과 더불어 소프트웨어 형태의 보안카드를 핸드폰에 설치하여 유무선망을 통한 이중 인증(Two factor authentication) 기법을 제시한다. 제안한 소프트웨어 형태의 보안카드 기반 로그인 기법은 ID/Password와 함께 부가적 정보로써 사용자의 핸드폰에 발급받은 보안카드내 난수 형태로 생성된 번호를 사용한다. 따라서 제안한 시스템을 사용할 경우 기존의 ID와 Password와 연계되어 일회용 패스워드 형태로 제공되는 보안카드 정보를 사용하여 로그인 과정을 수행하기 때문에 보다 안전한 인증 시스템을 구축할 수 있다.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.9
• /
• pp.89-96
• /
• 2021

In this paper, we analyzed that the user authentication scheme for TMIS(Telecare Medicine Information System) proposed by Al-Saggaf et al. In 2019, Al-Saggaf et al. proposed authentication scheme using biometric information, Al-Saggaf et al. claimed that their authentication scheme provides high security against various attacks along with very low computational cost. However in this paper after analyzing Al-Saggaf et al's authentication scheme, the Al-Saggaf et al's one are missing random number s from the DB to calculate the identity of the user from the server, and there is a design error in the authentication scheme due to the lack of delivery method. Al-Saggaf et al also claimed that their authentication scheme were safe against a variety of attacks, but were vulnerable to password guessing attack using login request messages and smart cards, session key exposure and insider attack. An attacker could also use a password to decrypt the stored user's biometric information by encrypting the DB with a password. Exposure of biometric information is a very serious breach of the user's privacy, which could allow an attacker to succeed in the user impersonation. Furthermore, Al-Saggaf et al's authentication schemes are vulnerable to identity guessing attack, which, unlike what they claimed, do not provide significant user anonymity in TMIS.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.997-1000
• /
• 2007

u-Healthcare란 언제 어디서나 의료 장비 및 센서 등을 이용하여 수집된 생체 정보를 유선 또는 무선의 통신수단을 이용하여 유비쿼터스를 지향하는 지능형 의료정보를 제공하는데 목적을 두고 있는 서비스이다. 각종 센서에서 수집된 생체 신호 및 의료 데이터는 그 데이터를 필요로 하는 기관 또는 병원 등에 전송되어야 하는데, 현시점에서는 하드웨어나 서비스 중심의 구현에만 집중되고 있어서 전송시에 보안에 대한 연구가 제대로 이루어 지지 않고 있다. 또한 이와 같은 이런 정보들은 개인에게는 매우 중요한 데이터로써 외부로 노출될 시에 심각한 프라이버시 침해가 예상된다. 이를 위해 본 논문에서는 PKI 사용자 인증을 통하여 본인 여부를 확인하여 u-Healthcare서버에 로그인 하는 시스템을 설계하고 구현하였다.

• The Journal of the Korea Contents Association
• /
• v.13 no.12
• /
• pp.568-574
• /
• 2013

In recent years, IT companies offer various cloud services using hardware-based technologies or software-based technologies. User can access these cloud services without the constraints of location or devices. The technologies are virtualization, provisioning, and big data processing. However, security incidents are constantly occurring even with these techniques. Thus, many companies build and operate private cloud service to prevent the leak of critical data. If virtual environment are different according to user permission, many system are needed, and user should login several virtual system to execute an program. In this paper, I suggest the access control method for application software on virtual operating system using the Open Authentication protocol in the Cloud system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.3B
• /
• pp.220-230
• /
• 2011

Mobile RFID which integrates mobile network with RFID technique is the technique to get the information of products by transmitting the identifier through mobile network after reading the identifier of RFID tag. It attached on the equipment as the mobile phone. However, mobile RFID has the privacy-related problem among requested secure problems required from the existing RFID. In this paper, the random key created by mobile RFID reader and Tag during the inter-certificating and initialization procedure for mobile RFID users to receive tag information from backend server securely is divided into random sizes and any information on the tag which requires the protection of privacy shouldn't be provided to anyone. In performance analysis, previous protocol used modulo operation in registration and login computation. But the proposed protocol has higher efficiency in saving space and computation volume than MARP scheme and Kim. et. al scheme because our protocol is accomplished by mutual authentication and registering user information through one-way hash function.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.49-60
• /
• 2011

Instant Messenger is one of the most popular communication service when translating message or data each other through Internet. For digital crime investigation, therefore, it is obviously important to obtain communication trace and contents derived from Instant Messenger. This is because that gathering traditional communication histories also have been important until now. However, extracting communication trace and contents are not easy because they are generally encrypted or obfuscated in local system, futhermore, sometimes they are located at server computer for Instant Messenger. This paper researches on extracting communication histories against NateOn, BuddyBuddy, Yahoo! messenger and Mi3 messenger, and obtaining user password or bypassing authentication system to Instant Messenger Service when a user use auto-login option.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.55-62
• /
• 2012

Grid web applications by standard Web technology are increasingly used to provide grid service to users as normal Web user interface and service. It is however difficult to integrate a grid security system such as Grid Security Infrastructure (GSI) into Web applications because the delegation way of standard Web security is not the same as the one of Grid security. This can be solved by allowing Web applications to get a Grid credential by using an online credential repository system such as MyProxy. In this paper, we investigate the problem that occurs when MyProxy, which assumes mutual trust between a user and Grid web application, is adapted for achieving security integration between Web and Grid, and we propose a new Grid proxy delegation service to delegate a Grid credential to the Web without assuming mutual trust. In the service, the X.509 proxy delegation process is added to OAuth protocol for credential exchange, and authentication can be done by an external service such as OpenID. So, users can login onto the Grid web application in a single sign-on manner, and are allowed to securely delegate and retrieve multiple credentials for one or more Virtual Organizations.

• Journal of Advanced Navigation Technology
• /
• v.16 no.1
• /
• pp.76-81
• /
• 2012

With the spread of the various mobile devices, the studies on the learning management system based on the u-learning are actively proceeding. The u-learning-based learning management system is very convenient in that there are no restrictions on the various access devices as well as the access time and place. However, the judgments on the authentication for the user and whether learning is focused on are difficult. In this paper, the voice and user face capture interface rather than the common user event oriented interface was applied to the learning management system. When a user is accessing the learning management system, user's registered password is input and login as voice, and the user's learning attitude is judged through the response utterance of simple words during the process of learning through contents. As a result of evaluating the proposed learning management system, the user's learning achievement and concentration were improved, thus enabling the manager to monitor the user's abnormal learning attitude.

• Journal of Advanced Navigation Technology
• /
• v.14 no.2
• /
• pp.191-197
• /
• 2010

Many does an application and application but the image analysis of face detection considerably is difficult. In order for with effect of the illumination which is irregular in the present paper America the illumination to range evenly in the face which is detected, detects a face territory, Complemented the result which detects only the front face of existing. With LAB color illumination revisions compared in Adaboost face detection of existing and 32% was visible the face detection result which improves. Bought two images which are input and executed Glassfire label rings. Compared Area critical price and became the area of above critical value and revised from RGB smooth anger and LAB images with LCFD system algorithm. The operational conversion image which is extracted like this executed a face territory detection in the object. In order to extract the feature which is necessary to a face detection used AdaBoost algorithms. The face territory remote login with the face territory which tilts in the present paper, until Multi-view face territory detections was possible. Also relationship without high detection rate seems in direction of illumination, With only the public PC application is possible was given proof user authentication field etc.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1478-1486
• /
• 2016

This paper introduces technical methods to improve the accessibility and usability of a WebRTC video conference (VC) application. Simplified login is essential, by applying such as single sign-on (SSO) to improve the accessibility of VC applications. High usability and manageability are also necessary to attract more users, enhance user experiences, and save service management cost. The proposed VC application leverages SAML-based federated identity management (FIM) to enable higher service accessibility. Users can access the application with their organizational ID and SSO authentication. The FIM eases user ID management and indirectly strengthens privacy information protection. Proposed web application has high usability and manageability because users and/or administrators can easily create, join, monitor, or tear down VC sessions through RESTful web service (REST API). We verify the feasibility of the VC application after illustrating the SAML-based identity federation and the designed REST API.