• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.519-523
• /
• 2004

In this paper we challenge the user Authentication using KerberosV5 authentication protocol in WPKI environment. This paper is the security structure that defined in a WAP forum and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses wireless public key based structure and transmission hierarchical security back of a WAP forum, and a server client holds for user authentication of an application layer all and all, and it provides one counterproposal. Therefore, We offer authentication way solution that connected X.509 V3 with using WIM for complement an authentication protocol KerberosV5 and its disadvantages.

• Journal of Korea Multimedia Society
• /
• v.18 no.1
• /
• pp.71-80
• /
• 2015

Many researches have been studied to overcome the weak points in authentication schemes of mobile devices such as pattern-authentication that is vulnerable for smudge-attack. Since random-pattern-lock authenticates users by drawing figure of predefined-shape, it can be a method for robust security. However, the authentication performance of random-pattern-lock is influenced by input noise and individual characteristics sign pattern. We introduce an optimization method of user input direction to increase the authentication accuracy of random-pattern-lock. The method uses the likelihood of each direction given an data which is angles of line drawing by user. We adjusted recognition range for each direction and achieved the authentication rate of 95.60%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.2
• /
• pp.301-308
• /
• 2017

With the popularization of smart phones and the development of the Internet, many people use smart phones to conduct identity verification procedures. smart phones are easier and faster to authenticate than personal desktop computers. However, as Internet hacking technology and malicious code distribution technology rapidly evolve and attack types become more diverse, authentication methods suitable for mobile environment are required. As authentication methods, there are methods such as possessive-based authentication, knowledge-based authentication, biometric-based authentication, pattern-based authentication, and multi-element authentication. In this paper, we propose a user authentication mechanism that uses collected information as authentication factor using smart phone. Using the proposed authentication mechanism, it is possible to use the smart phone information and environment information of the user as a hidden authentication factor, so that the authentication process can be performed without being exposed to others. We implemented the user authentication system using the proposed authentication mechanism and evaluated the effectiveness based on applicability, convenience, and security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1033-1047
• /
• 2017

Traditional explicit authentication, which requires awareness of the user's authentication process, is a burden on the user, which is one of main reasons why users tend not to employ authentication. In this paper, we try to reduce such cost by employing implicit authentication methods, such as biometrics and location based authentication methods. We define the 4-level security assurance model, where each level is mapped to an explicit authentication method. We implement our model as an Android application, where the implicit authentication methods are touch-stroke dynamics-based, face recognition based, and the location based authentication. From user experiment, we could show that the authentication cost is reduced by 14.9% compared to password authentication-only case and by 21.7% compared to the case where 6-digit PIN authentication is solely used.

• Convergence Security Journal
• /
• v.14 no.6_1
• /
• pp.147-155
• /
• 2014

Encryption and authentication system in National Defense is divided into three system; KMI, MPKI, and GPKI. In this paper, we report inherent problem and security threaten in MPKI and propose an attribute-based authentication scheme using attribute-based signature in order to improve user authentication. In our scheme, access structure is used by Monotone Span Program, and system server provides service after user authentication.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.263-272
• /
• 2008

The proposed system can achieve more safety of RFID system with the 2-step authentication procedures for the enhancement about the security of general RFID systems. After it has authenticated RFID tag, additionally, the proposed system extract the characteristic information in the user image for acquisition of the additional authentication information of the user with the camera. In this paper, the system which was proposed more enforce the security of the automatic entrance and exit authentication system with the cognitive characters of RFID tag and the extracted characteristic information of the user image through the camera. The RFID system which use the active tag and reader with 2.4GHz bandwidth can recognize the tag of RFID in the various output manner. Additionally, when the RFID system have errors. the characteristic information of the user image is designed to replace the RFID system as it compare with the similarity of the color, outline and input image information which was recorded to the database previously. In the experimental result, the system can acquire more exact results as compared with the single authentication system when it using RFID tag and the information of color characteristics.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.713-720
• /
• 2010

Lately, IPTV is in the limelight using a broadband information service to provide video content and broadcast services. Current IPTV system is combining CAS and DRM system for VOD contents to protect transmitting contents and authentication, but it has drawbacks such as system's complexity and high construction costs. Multicast DRM system emerged as a method to improve them, but, in the multicast DRM system, if the key is intercepted by a malicious user, it can be viewed by an unauthorized user of illegal broadcasting which can be a problem. In this paper, we suggest to protect content from a malicious user by applying the techniques using user authentication in the multicast DRM system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2657-2662
• /
• 2010

Demand on information security in mobile devices based control system grows rapidly with a view to counteracting information hacking and leakage. Among these techniques, encryption and authentication are most common. This paper presents CBC-MAC (Cipher Block Chaining-Message Authentication Code) based mobile devices control system. The system is termed as Secure Mobile in Vehicle (SMIV)We use CBC-MAC that is one of the most efficient authentication modes to protect information against any malicious attacks. By sharing the secret key of CBC-MAC between the transmitter and receiver, it asserts authentic information. The proposed system is verified in such a way that we develop mobile devices control system, apply the CBC-MAC algorithm to the control system and validate the received data. Unlike conventional systems where the development of control mechanism in mobile devices based control systems is main concern, this proposed system offers a secure communication link of the data in mobile devices control system and therefore would be useful to the design and implementation of various mobile devices based control systems.

• Journal of information and communication convergence engineering
• /
• v.7 no.3
• /
• pp.335-339
• /
• 2009

RFID security and privacy issues have been intensively studied in the research field, the authentication between RFID reader and tag is the fundamental them. Most of the existing authentication protocols draw assumptions on classic primitives. Since tags have small capacities, the security mechanisms which are in use in computer networks and communication are not suitable. In this paper, we compare and analyze recent technical research on the problems of privacy and security. It consists of security mechanism, threats and performance evaluation, etc.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.9
• /
• pp.1674-1680
• /
• 2017

In this paper, an embedded system for face authentication, which exploits high-dimensional local binary pattern (LBP) descriptor and joint Bayesian algorithm, is proposed. We also present a feasible embedded system for the proposed algorithm implemented with a Raspberry Pi 3 model B. Computer simulation for performance evaluation of the presented face authentication algorithm is carried out using a face database of 500 persons. The face data of a person consist of 2 images, one for training and the other for test. As performance measures, we exploit score distribution and face authentication time with respect to the dimensions of principal component analysis (PCA). As a result, it is confirmed that an embedded system having a good face authentication performance can be implemented with a relatively low cost under an optimized embedded environment.