• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.195-202
• /
• 2011

RFID(Radio Frequency IDentification) is a system to identify objects and its usage is being extended to distribution, healthcare, and air&port etc. RFID is a contactless system environment, and reducing tag authentication time is important because multiple tags are identified at the same time. Studies about RFID system so far is, however, mostly to improve security vulnerability in the tag authentication process. Therefore, this paper suggests an efficient scheme to decrease the time of tag authentication which is also safe for the security of tag authentication process. The proposed scheme cuts down on the tag ID search time because it searches only the classified relevant ID in the database, which is one of many components of RFID system, by using identification bits for tag ID search. Consequently, the suggested scheme decreases process time for tag ID authentication by reducing the processing time and the load of the database. It also brings performance improvement of RFID system as it improves the energy applicability of passive tag.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.498-514
• /
• 2012

Machine to machine (M2M) communications is the hottest issue in the standardization and industry area, it is also defined as machine-type communication (MTC) in release 10 of the 3rd Generation Partnership Project (3GPP). Recently, most research have focused on congestion control, sensing, computing, and controlling technologies and resource management etc., but there are few studies on security aspects. In this paper, we first introduce the threats that exist in M2M system and corresponding solutions according to 3GPP. In addition, we present several new security issues including group access authentication, multiparty authentication and data authentication, and propose corresponding solutions through modifying existing authentication protocols and cryptographic algorithms, such as group authentication and key agreement protocol used to solve group access authentication of M2M, proxy signature for M2M system to tackle authentication issue among multiple entities and aggregate signature used to resolve security of small data transmission in M2M communications.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.17-22
• /
• 2023

Traditional authentication systems typically involve users entering their username and password into a centralized identity management system. To address the inconvenience of such authentication methods, a decentralized identity authentication system based on Distributed Identifiers(DID) is proposed, utilizing decentralized identity technology. The proposed system employs QR code scanning for login, enhancing security through the use of blockchain technology to ensure the uniqueness and safety of user identities during the login process. This system utilizes DIDs and integrates the InterPlanetary File System(IPFS) to securely manage organizational members' identity information while keeping it private. Using the distributed identity authentication system proposed in this study, it is possible to effectively manage the security and personal identity of organization members. To improve the usability of the system proposed in this study, research is needed to expand it into a solution.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5755-5772
• /
• 2019

Security is becoming more important as society changes rapidly. In addition, today's ICT environment demands changes in existing security technologies. As a result, password authentication methods are also changing. The authentication method most often used for security is password authentication. The most-commonly used passwords are text-based. Security enhancement requires longer and more complex passwords, but long, complex, text-based passwords are hard to remember and inconvenient to use. Therefore, authentication techniques that can replace text-based passwords are required today. Graphical passwords are more difficult to steal than text-based passwords and are easier for users to remember. In recent years, researches into graphical passwords that can replace existing text-based passwords are being actively conducting in various places throughout the world. This article surveys recent research and development directions of graphical password authentication systems in Korea. For this purpose, security authentication methods using graphical passwords are categorized into technical groups and the research associated with graphical passwords performed in Korea is explored. In addition, the advantages and disadvantages of all investigated graphical password authentication methods were analyzed along with their characteristics.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.187-198
• /
• 2011

User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6C
• /
• pp.645-650
• /
• 2006

GSM(Global System for Mobile communications) provides mobile users with portability and convenience as the most popular standard for mobile phones in the world. However, GSM system has the problem that can't normally authenticate a user by the exposure of IMSI(International Mobile Subscriber Identity) of Ms(Mobile station) during the user authentication procedure. In this paper, we propose secure user authentication by preventing the exposure if IMSI via transfer the encrypted IMSI from the HLR(Home Location Register) and making the only network entities verified from the HLR use the IMSI value, as the modified mechanism based on the original user authentication protocol to solve this authentication problem. Also the proposed mechanism provides fast user authentication without changing the architecture between new VLR and old VLR in the original GSM user authentication protocol as well as user's anonymity by using a temporary ID.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.4
• /
• pp.952-960
• /
• 2007

Most Websites perform login process for authentication. But simple features like ID and Password have no trust because most people worry about appropriation. So the youth can easily access illegal media sites using other's ID and Password. Therefore this paper examine features be adaptable to authentication system, and propose a design of authentication system using multiple features. A proposed authentication system has two categories, such as low-level and high-level method. Low-level method consists of grant of authentication number through mobile phone from server and certificate from authority. High-level method combines ID/Password and features of fingerprint, character, voice, face recognition systems. For this, this paper surveys six recognition systems such as fingerprint, face, iris, character, vein, voice recognition system. Among these, fingerprint, character, voice, face recognition systems can be easily implemented in personal computer with low cost accessories. Usage of multiple features can improve reliability of authentication.

• Journal of Convergence Society for SMB
• /
• v.5 no.3
• /
• pp.9-13
• /
• 2015

With the advance of ICT, the necessity of user authentication to verify the identity of an opponent online not face to face is increasing. The authentication, the basis of the security, is used in various fields. Because ID-based authentication has weaknesses in terms of stability and losses, two or more than two authentication tools are used in the place in which the security is important. Recently, biometric authentication rather than ID, OTP, SMS authentication has been an issue in terms of credibility and efficiency. As the fields applied to current biometric recognition technologies are increasing, the application of the biometric recognition is being used in various fields such as mobile payment system, intelligent CCTV, immigration inspection, and access control. As the biometric recognition, finger print, iris, retina, vein, and face recognition have been studied actively. This study is to inspect the current state of domestic and foreign standardization including understanding of the face recognition and the trend of technology.

• Journal of Internet Computing and Services
• /
• v.7 no.2
• /
• pp.161-172
• /
• 2006

As the innovative technologies related to ubiquitous computing are being rapidly developed in recent IT trend, the concern for IT dysfunction(e.g., personal information abuse, information risk, threat, vulnerability, etc.) are also increasing. In our study, we suggested how to design and implement to multiple schemes for strong authentication mechanism in real system environments. We introduce the systematic and secure authentication technologies that resolve the threats incurring from the abuse and illegal duplication of financial transaction card in the public and financial institutions. The multiple schemes for strong authentication mechanism applied to java technology, so various application programs can be embedded, Independent of different platforms, to the smartcard by applying the consolidated authentication technologies based on encryption and biometrics(e.g., finger print identification). We also introduce the appropriate guidelines which can be easily implemented by the system developer and utilized from the software engineering standpoint of view. Further, we proposed ways to utilize java card based biometrics by developing and applying the 'smartcard class library' in order for the developer and engineers involved in real system environment(Secure entrance system) to easily understand the program. Lastly, we briefly introduced the potential for its future business application.

• Journal of Intelligence and Information Systems
• /
• v.10 no.1
• /
• pp.65-75
• /
• 2004

It is notorious that PIN(Personal Identification Number) is used widely for user verification and authentication in networked environment. But, when the user Identification and password are exposed by hacking, we can be damaged monetary damage as well as invasion of privacy. In this paper, we adopt face recognition-based authentication which have nothing to worry what the ID and password will be exposed. Also, we suggest the remote authentication and verification system by considering not only 2-Tier system but also 3-Tier system getting be distributed. In this research, we analyze the face feature data using the SVM(Support Vector Machine) and PCA(Principle Component Analysis), and implement artificial intelligence face recognition module in distributed environment which increase the authentication speed and heightens accuracy by utilizing artificial intelligence techniques.