• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.19-25
• /
• 2004

This research develops an algorithm using image synthesis for a server to authenticate users and implements it. The server creates cards with random dots for users and distribute them to users. The server also manages information of the cards distributed to users. When there is an authentication request from a user, the server creates a server card based on information of the user' s card in real time and send it to the user. Different server card is generated for each authentication. Thus, the server card plays a role of one-time password challenge. The user overlaps his/her card with the server card and read an image(eg. a number with four digits) made up from them and inputs the image to the system. This is the authentication process. Keeping security level high, this paper proposes a technique to generate the image clearly and implements it.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.103-112
• /
• 2004

This paper suggests the way to realize smart card security system by using handwritten signature instead of a password which is traditionally used for user authentication. Because of the familiarity of signature we don't need to try to remember the password and signature is difficult to be used by guess or illegal forced situation. The feature data of handwritten signature is large, so we designed COS which is consist of special commands for processing user's handwritten signature data, user authentication, and basic commands based on ISO 7816-3. Also protocol among user, smart card terminal and DB server is designed. In registration process, the feature data of user signature is saved in both a DB server and a smart card. User authentication is processed by comparing the user signature and the saved feature data in a smart card and in a DB server. And the authentication result and hash value of signature data in DB server are transferred to smart card. During this process the authentication between DB server and user is finished. The proposed security system has more higher level of security in user authentication of smart card and it will Provide safer and more convenient security services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.3-14
• /
• 1999

In this paper, the Client-Server authentication system is proposed and implemented using the smart card on the internet. Based on the MPCOS-3DES smart card manufactured by GEMPLUS, three phases of authentication using the challenge-response mechanism are performed, which includes user-card authentication, client-server authentication, and card-server authentication.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.381-385
• /
• 2010

An aging Society solitary life old mans are increasing. The nurses have to visit old mans and must confirm their disease, because they do not act well. It is very difficult to take care old man, because the number of Nurses are small. This problem is solved by collection of data about condition of old mans from long distance. Data communication with Ethernet have benefit to collection of measurement of old man's condition. The Data storage system an long distance place are storaged data and after several day data was transmitted to the DB over the Ethernet. For Miniaturization of such system the system must be OS-less Embedded Ethernet Server system. Such system manages the file management system only with H/W. The Storage device is used SD-card. SD Card is small size and operates with small power. By using 512MB sd memory card, it is possible to storage during 5~6 years, 10 byte of temperature value per second. In this paper, we make a Embedded Ethernet Server using W3100A, Atmega128 MCU and data stroage device using SD-Card. This system operates with O/S-less Embedded Ethernet Server. We talk about file System, Storage and Ethernet. We explained about MCU Atmega128, Interface between LAN LSIand W3100A, Interface between W3100A and Phyceiver RTL8201, data I/O between MCU and SD-Card and File System. We shows the experiment device and result of monitoring.

• The KIPS Transactions:PartD
• /
• v.9D no.3
• /
• pp.477-486
• /
• 2002

vCard that is the electronic business card automates the exchange of personal information typically found on a traditional business card. vCard information contains not only simple text, but also graphics and multimedia data like pictures, company logos, Web addresses, and so on. This paper describes the design and implementation of Web-based vCard agent system for exchanging vCard, an electronic business card and searching another user's vCard in mobile phone environment. In today's business environment, such as that this information is typically exchanged on business cards. Our web agent system in this paper connect web server which provide vCard service and search, edit vCard information displayed by web browser of mobile phone and exchange vCard with another user through internet. Considering characteristics of wireless devices that have limited storage space, It also saves constructed XML documents that include user's informations in a web server and solves the security problem by exchanging not personal data or XML but encrypted directory name where XML document exits as exchanging vcard.

• KIPS Transactions on Software and Data Engineering
• /
• v.3 no.4
• /
• pp.155-162
• /
• 2014

In this study, we developed a server-based mobile multi-lingual name-card recognition system which utilizes smartphone only as a terminal for capturing images of name-card and displaying results of recognition, running server as a recognizer of characters. For efficient processing and transmission of captured images, we corrected the distorted images, removed noises from them, and defined the socket-based protocol for wireless transmission of images between smartphone and the recognizer on server. Various tests for name-cards of five language types show increased recognition rate and speed of the developed system against conventional smartphone-based recognizers.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.1
• /
• pp.81-87
• /
• 2014

Password-based authentication using smart card provides two factor authentications, namely a successful login requires the client to have a valid smart card and a correct password. While it provides stronger security guarantees than only password authentication, it could also fail if both authentication factors are compromised ((1) the user's smart card was stolen and (2) the user's password was exposed). In this case, there is no way to prevent the adversary from impersonating the user. Now, the new technology of biometrics is becoming a popular method for designing a more secure authentication scheme. In terms of physiological and behavior human characteristics, biometric information is used as a form of authentication factor. Biometric information, such as fingerprints, faces, voice, irises, hand geometry, and palmprints can be used to verify their identities. In this article, we review the biometric-based authentication scheme by Cheng et al. and provide a security analysis on the scheme. Our analysis shows that Cheng et al.'s scheme does not guarantee any kind of authentication, either server-to-user authentication or user-to-server authentication. The contribution of the current work is to demonstrate these by mounting two attacks, a server impersonation attack and a user impersonation attack, on Cheng et al.'s scheme. In addition, we propose the enhanced authentication scheme that eliminates the security vulnerabilities of Cheng et al.'s scheme.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.651-652
• /
• 2009

온라인에서의 전자 거래가 활성화됨에 따라 생활의 편의성은 높아진 반면에 개인 정보 유출의 위험은 점점 증가하고 있다. OTP(One Time Password)는 고정된 패스워드 사용의 문제점을 보완한 강력한 보안 메커니즘이다. 웹 기반의 어플리케이션 탑재가 가능한 SCWS(Smart Card Web Server)에 OTP 기술의 적용은 보안관점에서 더욱 효과적인 결과를 유도할 수 있다. 본 논문은 차세대 스마트카드의 주요 기능 중 하나인 SCWS에 대해 연구하고 OTP 기술을 탑재하여 사용자 중심의 편의성 증진과 안전성을 강화하는 방법을 모색한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2719-2735
• /
• 2015

In the cloud environment, users pay more attentions to their data security since all of them are stored in the cloud server. Researchers have proposed many mutual authentication schemes for the access control of the cloud server by using the smart card to protect the sensitive data. However, few of them can resist from the smart card lost problem and provide both of the forward security and the backward security. In this paper, we propose a novel authentication scheme for cloud computing which can address these problems and also provide the anonymity for the user. The trick we use is using the password, the smart card and the public key technique to protect the processes of the user's authentication and key exchange. Under the Elliptic Curve Diffie-Hellman (ECDH) assumption, it is provably secure in the random oracle model. Compared with the existing smart card based authentication schemes in the cloud computing, the proposed scheme can provide better security degree.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.637-640
• /
• 2003

Authentication between Server and Client is necessary in most of Internet Service because of increasing of using of Internet. Unix-based Server upgraded security of user authentication using "Shadow Password" instead of "crypt" function. But "Shadow Password" most use same authentication method about all services. But we individually can set user authentication method using PAM(Pluggable Authentication Module). This paper will propose user authentication system using Linux-PAM that use SMART CARD as authentication token.