• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1007-1017
• /
• 2019

Currently, most biometrics system authenticates users by using single biometric information. This method has many problems such as noise problem, sensitivity to data, spoofing, a limitation of recognition rate. One method to solve this problems is to use multi biometric information. The multi biometric authentication system performs information fusion for each biometric information to generate new information, and then uses the new information to authenticate the user. Among information fusion methods, a score-level fusion method is widely used. However, there is a problem that a normalization operation is required, and even if data is same, the recognition rate varies depending on the normalization method. A rank-level fusion method that does not require normalization is proposed. However, a existing rank-level fusion methods have lower recognition rate than score-level fusion methods. To solve this problem, we propose a rank-level fusion method with higher recognition rate than a score-level fusion method using correlation coefficient. The experiment compares recognition rate of a existing rank-level fusion methods with the recognition rate of proposed method using iris information(CASIA V3) and face information(FERET V1). We also compare with score-level fusion methods. As a result, the recognition rate improve from about 0.3% to 3.3%.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.13-19
• /
• 2019

This paper analyzed the SCMS and pilot policy, which is pursued by the U.S. government in connected vehicles. SCMS ensures authentication, integrity, privacy and interoperability. The SCMS Support Committee of U.S. government has established the National Unit SCMS and is responsible for system-wide control. Of course, it introduces security policy, procedures and training programs making. In this paper, the need for SCMS to be applied to C-ITS was discussed. The structure of the SCMS was analyzed and the U.S. government's filot policy for connected vehicles was discussed. The discussion of the need for SCMS highlighted the importance of the role and responsibilities of SCMS between vehicles and vehicles. The security certificate management system looked at the structure and analyzed the type of certificate used in the vehicle or road side unit (RSU). The functions and characteristics of the certificates were reviewed. In addition, the functions of basic safety messages were analyzed with consideration of the detection and warning functions of abnormal behavior in SCMS. Finally, the status of the pilot project for connected vehicles currently being pursued by the U.S. government was analyzed. In addition to the environment used for the test, the relevant messages were also discussed. We also looked at some of the issues that arise in the course of the pilot project.

• Journal of Practical Engineering Education
• /
• v.10 no.1
• /
• pp.1-7
• /
• 2018

The dual security system that manages user's account information and uses NFC and OTP has been proposed. It also enhances the security of the user authentication phase by using the features that recognize within the range of less than 1m of NFC and the high security of NFC itself. During the graduation work design process which was carried out for one year and six months in a group of two in the electronics engineering major of the four-year undergraduate system was conducted. In the interim results, we participated in the conferences and thesis contest at the Institute of related to major for three times. Finally passed the examination process for three times judged by 6 professors in the major. The results were published in a graduation thesis together with other people who passed and composed in thesis form. Through the experience gained through these stages of design and production, it has gained the confidence to gain employment opportunities and actively pursue the growth stage, and presented a methodology to practice engineering education through employment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.23-36
• /
• 2005

The main obstacle hindering the wide deployment of identity-based cryptosystem is that the entity responsible for creating the private key has too much power. As a result, private keys are no longer private. One obvious solution to this problem is to apply the threshold technique. However, this increases the authentication computation, and communication cost during the key issuing phase. In this paper, we propose a new effi ient model for issuing multiple private keys in identity-based encryption schemes based on the Weil pairing that also alleviates the key escrow problem. In our system, the private key of a user is divided into two components, KGK (Key Description Key) and KUD(Key Usage Desscriptor), which are issued separately by different parties. The KGK is issued in a threshold manner by KIC (Key Issuing Center), whereas the KW is issued by a single authority called KUM (Key Usage Manager). Changing KW results in a different private key. As a result, a user can efficiently obtain a new private key by interacting with KUM. We can also adapt Gentry's time-slot based private key revocation approach to our scheme more efficiently than others. We also show the security of the system and its efficiency by analyzing the existing systems.

• Journal of Convergence for Information Technology
• /
• v.11 no.2
• /
• pp.31-40
• /
• 2021

Blockchain technology is also actively studied in the real estate transaction field, and real estate transactions have various ways. In this paper, we propose a model that simplifies the authentication procedure of auction systems using Ethereum's Ether to solve the problem of offline court auctions. The proposed model is written in Ethereum's Solidity language, the court registers the sale date and the sale date with the DApp browser, and the bidder accesses the address of the individual's wallet created through Metamask's private key. The bidder then selects the desired sale and enters the bid price amount to participate in the auction. The bidder's record of the highest bid price for the sale he wants is written on the Ethereum test network as a smart contract. and creates a block. Finally, smart contracts written on the network are distributed by the court auction manager to all nodes in the blockchain network, and each node in the blockchain network can be viewed and contract verified. As a result of analyzing the smart contracts of the proposed model and the performance of the system, there are fees incurred due to the creation and use of Ether on platforms using Ethereum, and participation. Ether's changes in value affect the price of the sale, resulting in inconsistent fees in smart contracts each time. However, in future work, we issue our own tokens to solve the market volatility problem and commission problem with the value change of Ether, and refine complex court auction systems.

• Journal of Intelligence and Information Systems
• /
• v.12 no.1
• /
• pp.1-15
• /
• 2006

In Korea, a resident registration card has various personal information such as a present address, a resident registration number, a face picture and a fingerprint. A plastic-type resident card currently used is easy to forge or alter and tricks of forgery grow to be high-degree as time goes on. So, whether a resident card is forged or not is difficult to judge by only an examination with the naked eye. This paper proposed an automatic recognition method of a resident card which recognizes a resident registration number by using a refined ART2-based RBF network newly proposed and authenticates a face picture by a template image matching method. The proposed method, first, extracts areas including a resident registration number and the date of issue from a resident card image by applying Sobel masking, median filtering and horizontal smearing operations to the image in turn. To improve the extraction of individual codes from extracted areas, the original image is binarized by using a high-frequency passing filter and CDM masking is applied to the binaried image fur making image information of individual codes better. Lastly, individual codes, which are targets of recognition, are extracted by applying 4-directional contour tracking algorithm to extracted areas in the binarized image. And this paper proposed a refined ART2-based RBF network to recognize individual codes, which applies ART2 as the loaming structure of the middle layer and dynamicaly adjusts a teaming rate in the teaming of the middle and the output layers by using a fuzzy control method to improve the performance of teaming. Also, for the precise judgement of forgey of a resident card, the proposed method supports a face authentication by using a face template database and a template image matching method. For performance evaluation of the proposed method, this paper maked metamorphoses of an original image of resident card such as a forgey of face picture, an addition of noise, variations of contrast variations of intensity and image blurring, and applied these images with original images to experiments. The results of experiment showed that the proposed method is excellent in the recognition of individual codes and the face authentication fur the automatic recognition of a resident card.

• Journal of Intelligence and Information Systems
• /
• v.18 no.3
• /
• pp.97-117
• /
• 2012

Nowadays, Internet users tend to do a variety of actions at the same time such as web browsing, social networking and multimedia consumption. While watching a video, once a user is interested in any product, the user has to do information searches to get to know more about the product. With a conventional approach, user has to search it separately with search engines like Bing or Google, which might be inconvenient and time-consuming. For this reason, a video annotation platform has been developed in order to provide users more convenient and more interactive ways with video content. In the future of smart TV environment, users can follow annotated information, for example, a link to a vendor to buy the product of interest. It is even better to enable users to search for information by directly discussing with friends. Users can effectively get useful and relevant information about the product from friends who share common interests or might have experienced it before, which is more reliable than the results from search engines. Social networking services provide an appropriate environment for people to share products so that they can show new things to their friends and to share their personal experiences on any specific product. Meanwhile, they can also absorb the most relevant information about the product that they are interested in by either comments or discussion amongst friends. However, within a very huge graph of friends, determining the most appropriate persons to ask for information about a specific product has still a limitation within the existing conventional approach. Once users want to share or discuss a product, they simply share it to all friends as new feeds. This means a newly posted article is blindly spread to all friends without considering their background interests or knowledge. In this way, the number of responses back will be huge. Users cannot easily absorb the relevant and useful responses from friends, since they are from various fields of interest and knowledge. In order to overcome this limitation, we propose a method to filter a user's friends for information search, which leverages semantic video annotation and social networking services. Our method filters and brings out who can give user useful information about a specific product. By examining the existing Facebook information regarding users and their social graph, we construct a user profile of product interest. With user's permission and authentication, user's particular activities are enriched with the domain-specific ontology such as GoodRelations and BestBuy Data sources. Besides, we assume that the object in the video is already annotated using Linked Data. Thus, the detail information of the product that user would like to ask for more information is retrieved via product URI. Our system calculates the similarities among them in order to identify the most suitable friends for seeking information about the mentioned product. The system filters a user's friends according to their score which tells the order of whom can highly likely give the user useful information about a specific product of interest. We have conducted an experiment with a group of respondents in order to verify and evaluate our system. First, the user profile accuracy evaluation is conducted to demonstrate how much our system constructed user profile of product interest represents user's interest correctly. Then, the evaluation on filtering method is made by inspecting the ranked results with human judgment. The results show that our method works effectively and efficiently in filtering. Our system fulfills user needs by supporting user to select appropriate friends for seeking useful information about a specific product that user is curious about. As a result, it helps to influence and convince user in purchase decisions.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.405-422
• /
• 2007

Recently, according to the network environment, there are many researches for home network. Nowadays, in home network, the method that access control policy is managed for each home device by using ACL is popular, and EAM (Extranet access management) is applied as a solution. In addition, the research about secure OS is ongoing based on open operating system and the research of user authentication mechanisms for home network using home server is also in progress. However, these researches have some problems as follows; First, the transmission scope of expected access technology in home network is wide, so unauthenticated outside terminal can access the home network. Second, user is inconvenient because user need to set the necessary information for each device. Third, user privacy and convenience are not considered. OSGi provides a service platform for heterogeneous technologies in home network environment. Here, user access control is one of the core parts which should have no problems such as above items, but there are no concrete researches yet. Thus in this paper, we propose an access control policy management framework and access control operation based on RBAC for user access control in home network environment in which OSGi service platform is operated. First, we list the consideration which is not clearly mentioned in OSGi standard, and then we solve these above problems through new framework. In addition, we propose the effective and economical operation method which reduces the policy change frequency for user access control by using RBAC concept though limited resource of home gateway. Besides, in this paper, these proposed policies are defined separately as user-role assignment policy and permission-role assignment policy, and user decide their own policies. In conclusion, we provide the scheme to enhance the user convenience and to solve the privacy problem.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.

• Journal of Science and Technology Studies
• /
• v.17 no.1
• /
• pp.117-144
• /
• 2017

In Korea, currently, only the growth possibility of bioinformation industry has received the public attention, and social discussion on bioinformation management is meager. Based on this critical perspective, this study investigates the current status of public awareness of the bioinformation which can be a basis for the social discussion for bioinformation management. The most significant characteristics identified in the survey is that many citizens, while expressing their agreement on the use of biometric technology by purpose and taking an open stance on national fingerprint information collection, have considerable concern for the identity authentication system using the current biometric technology. In particular, the survey pointed out that it is hard to trust the institutions that collect the bioinformation. Also, the public expressed the particular concern for the health data including the body information and showed overwhelming consent for the necessity of more stringent regulation compared with other personal information. In regards to the medical information gathered from medical institutions, nearly 80% of the survey respondents did not agree on providing the information to commercial enterprises, and even 60% of them disagreed on using it for academic and statistical research. This result well demonstrates that thorough management of the bioinformation is required for its utilization.