• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1259-1267
• /
• 2016

With the growing use of fingerprint authentication systems in recent years, the fake fingerprint detection is becoming more and more important. This paper mainly proposes a method for fake fingerprint detection based on CNN, it will visualize the distinctive part of detected fingerprint which provides a deeper insight in CNN model. After the preprocessing part using fingerprint segmentation, the pretrained CNN model is used for detecting the liveness detection. Not only a liveness detection but also feature analysis about the live fingerprint and fake fingerprint are provided after classifying which materials are used for making the fake fingerprint. Our system is evaluated on three databases in LivDet2013, which compromise almost 6500 live fingerprint images and 6000 fake fingerprint images in total. The proposed method achieves 3.1% ACE value about the liveness detection and achieves 79.58% accuracy on LiveDet2013.

• Journal of Convergence for Information Technology
• /
• v.9 no.10
• /
• pp.9-15
• /
• 2019

Recently, in the field of next-generation e-commerce and finance, interest in blockchain-based technologies such as Bitcoin and Ethereum is great. Although the security of blockchain technology is known to be secure, hacking incidents / accidents related to cryptocurrencies are being issued. The main causes were vulnerabilities in the external environment, such as taking over login sessions on cryptocurrency wallets, exposing private keys due to malware infection, and using simple passwords. However, private key management recommends general methods such as utilizing a dedicated application or local backup and physical archiving through document printing. In this paper, we propose a white box password-based private key protection scheme. As a result of safety and performance analysis, we strengthened the security against vulnerability of private key exposure and proved the processing efficiency of existing protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.79-89
• /
• 2004

Mobile IP Low Latency Handoffs allow greater support for real-time services on a Mobile W network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authenticate the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring funker involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that Performs a ousted thirty party. The Proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation

• Journal of Digital Convergence
• /
• v.18 no.12
• /
• pp.105-115
• /
• 2020

The purpose of this study is to investigate the factors influencing the innovation resistance of cloud computing services and to suggest policy alternatives to increase the use of domestic cloud computing services. For this, a survey was conducted on 178 SMEs that introduced cloud computing services with government support. As a result, technostress, CEO informatization leadership and organizational structure concentration had a significant influence on innovation resistance. Therefore, in the future, first, it is necessary to provide user-centered cloud computing services in the direction of reducing technostress. Second, it is necessary to apply cloud computing services through a deeper understanding of the organizational characteristics of each small and medium enterprise. Third, there is a need for advanced security authentication and a compensation system. In order to promote the use of cloud computing services, an environment in which users can safely use should be prepared first.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.23-37
• /
• 2012

Illegal game players' hacking and propagation of malignant code in online game exposes privacy of online game customers. So, online game companies have to support the standardized systems and operations of customers' privacies. Since online game companies implement authentication of information protection, which focuses on assets or physical, systemic security, they need a more professional system that is related to protection of individual privacy. We analyzed the individual information protection system, which includes ISO27001, ISMS of KISA, GMITS, ePrivacy, online game privacy protection guide, and BS10012. Using the suggested systems, we proposed the systemic tools that measure the level of individual information protection, which includes process and check items of each phase.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.1-10
• /
• 2003

In the distributed-computing environment, applications or users have to share resources and communicate with each other in order to perform their jobs more efficiently. In this case, it is important to keep resources and information integrity from the unexpected use by the unauthorized user. Therefore, there is a steady increase in need for a reasonable way to authentication and access control of distributed-shared resources. In RBAC, there are role hierarchies in which a higher case role can perform permissions of a lower case role. No vise versa. Actually, however, it is necessary for a lower case role to perform a higher case role's permission, which is not allowed to a lower case role basically. In this paper, we will propose a permission delegation method, which is a permission delegation server, and a permission delegation protocols with the secret key system. As the result of a permission delegation, junior roles can perform senior role's permissions or senior role itself on the exceptional condition in a dedicated interval.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.547-552
• /
• 2003

In this thesis, interference phenomena of bluetooth networks requiring Security were minimized; strengthened security of piconet by assigning an identical PIN code to bluetooth devices, which was establishing a specific piconet during authentication stage. To establish a bluetooth piconet system. an unique ID was assigned to each bluetooth device, communication algorithms having different data formats between devices was designed, and an embedded hardware module using ARM processor and uCOS-II RTOS was implemented. About 30% of CPU efficiency in the module was increased by modifying functions including block parameters to work as nonblocking; by the increased efficiency of total piconet, the module could be used as an access point. The module could transmit maximum 10 frames of image and also audio signal by switching the packet effectively according to channel condition. By above-mentioned process, video, audio, and data could be well transmitted by the bluetooth managing program and the possibility of a commercial remote control system using bluetooth technology was suggested.

• Journal of the Korea Convergence Society
• /
• v.8 no.11
• /
• pp.93-101
• /
• 2017

The purpose of this paper is to investigate the effect of the smart phone camera on the company's employees or employees of partner companies, we want to block things in advance. In this paper, we propose a smart phone camera control system which is connected with the personnel access right which enables to share the photographed image of the authorized user and the data shot only within the enterprise. To this end, we have developed the installation status of smart phone control program (MCS: Mobile Camera Control System) of employees, employees and visitors of company, and experimented and analyzed whether the smart phone control program installed in the authorized area. In addition, when visitors visited the company, the effect of prevention of photograph shooting through smart phone camera and the cost of seal sticker attached to the smart phone camera lens part were reduced.

• The Journal of the Korea Contents Association
• /
• v.8 no.4
• /
• pp.10-16
• /
• 2008

Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is necessary that create a many encryption key in one web application system. As a result, service quality comes to be low because of increased network traffic and system overload. There must be a system. That should be improved in secure service quality to process data. This paper describes a new approach for design and implementation of distributed encryption key processing for web application system. In this paper, it is based on distributed encipherment key, for the purpose of confidentially, integrity and authentication. It can prevent system degradation from server's data bottleneck and can improve service quality. For distributed encipherment system, we use java object activation technology. It can service while some distributed server are fail.