• 한국정보기술학회 영문논문지
• /
• 제8권2호
• /
• pp.79-87
• /
• 2018

The current PC user authentication uses character password based on user's knowledge. However, this can easily be exploited by password cracking or key-logging programs. In addition, the use of a difficult password and the periodic change of the password make it easy for the user to mistake exposing the password around the PC because it is difficult for the user to remember the password. In order to overcome this, we propose user gesture recognition and challenge-response authentication. We apply user's hand gesture instead of character password. In the challenge-response method, authentication is performed in the form of responding to a quiz, rather than using the same password every time. To apply the hand gesture to challenge-response authentication, the gesture is recognized and symbolized to be used in the quiz response. So we show that this method can be applied to PC user authentication.

• 한국컴퓨터정보학회논문지
• /
• 제21권4호
• /
• pp.31-38
• /
• 2016

The interface between servers and clients and system management in the cloud computing environment is different from the existing computing environment. The technology for information protection. Management and user authentication has become an important issue. For providing a more convenient service to users, SSO technology is applied to this cloud computing service. In the SSO service environment, system access using a single key facilitates access to several servers at the same time. This SSO authentication service technology is vulnerable to security of several systems, once the key is exposed. In this paper, we propose a technology to solve problems, which might be caused by single key authentication in SSO-based cloud computing access. This is a distributed agent authentication technology using a multiple SSO agent to reinforce user authentication using a single key in the SSO service environment. For user authentication reinforcement, phased access is applied and trackable log information is used when there is a security problem in system to provide a safe cloud computing service.

• 한국콘텐츠학회논문지
• /
• 제19권7호
• /
• pp.421-426
• /
• 2019

현재 사용자 인증에는 지식기반(ID/PW 등)인증과 생체기반(홍채/지문/정맥 인식 등)인증, 소유기반(OTP, 보안카드 등)인증 등 다양한 종류의 기술을 사용하고 있다. 지식기반 인증인 ID/PW인증 기술은 구현 및 유지 보수 비용이 적게 들며, 사용자에게 익숙한 방식이라는 장점에도 불구하고 해킹 공격에 취약하다는 단점을 가지고 있다. 다른 인증 방식들은 ID/PW인증기술에서의 취약점을 해결하였지만, 초기 구축비용과 유지보수시 비용이 많이 발생한다는 점과 재발급 시 번거로운 문제점을 가지고 있다. 본 논문에서는 기존의 ID/PW기반 인증 기술보다 보안성과 편리성을 증진시키고, 인증에 사용되는 기기에 제약이 없는 사용자 인증을 안전하게 할 수 있는 방안을 제안한다.

• 디지털산업정보학회논문지
• /
• 제10권1호
• /
• pp.81-87
• /
• 2014

Password-based authentication using smart card provides two factor authentications, namely a successful login requires the client to have a valid smart card and a correct password. While it provides stronger security guarantees than only password authentication, it could also fail if both authentication factors are compromised ((1) the user's smart card was stolen and (2) the user's password was exposed). In this case, there is no way to prevent the adversary from impersonating the user. Now, the new technology of biometrics is becoming a popular method for designing a more secure authentication scheme. In terms of physiological and behavior human characteristics, biometric information is used as a form of authentication factor. Biometric information, such as fingerprints, faces, voice, irises, hand geometry, and palmprints can be used to verify their identities. In this article, we review the biometric-based authentication scheme by Cheng et al. and provide a security analysis on the scheme. Our analysis shows that Cheng et al.'s scheme does not guarantee any kind of authentication, either server-to-user authentication or user-to-server authentication. The contribution of the current work is to demonstrate these by mounting two attacks, a server impersonation attack and a user impersonation attack, on Cheng et al.'s scheme. In addition, we propose the enhanced authentication scheme that eliminates the security vulnerabilities of Cheng et al.'s scheme.

• 전자통신동향분석
• /
• 제33권1호
• /
• pp.57-67
• /
• 2018

Modern users are intensifying their use of online services every day. In addition, hackers are attempting to execute advanced attacks to steal personal information protected using existing authentication technologies. However, existing authentication methods require an explicit authentication procedure for the user, and do not conduct identity verification in the middle of the authentication session. In this paper, we introduce an implicit continuous authentication technology to overcome the limitations of existing authentication technology. Implicit continuous authentication is a technique for continuously authenticating users without explicit intervention by utilizing their behavioral and environmental information. This can improve the level of security by verifying the user's identity during the authentication session without the burden of an explicit authentication procedure. In addition, we briefly introduce the definition, key features, applicable algorithms, and recent research trends for various authentication technologies that can be used as an implicit continuous authentication technology.

• 한국멀티미디어학회논문지
• /
• 제20권4호
• /
• pp.614-628
• /
• 2017

Recently, Due to the rapid development of the internet and IT technology, users can conveniently use various services provided by the server anytime and anywhere. However, these technologies are exposed to various security threat such as tampering, eavesdropping, and exposing of user's identity and location information. In 2016, Nikooghadam et al. proposed a lightweight authentication and key agreement protocol preserving user anonymity. This paper overcomes the vulnerability of Nikooghadam's authentication protocol proposed recently. This paper suggests an enhanced remote user authentication protocol that protects user's password and provides perfect forward secrecy.

• 한국컴퓨터정보학회논문지
• /
• 제22권9호
• /
• pp.65-71
• /
• 2017

This paper proposes a smart phone authentication method based on user's behavior and habit that is an authentication method against shoulder surfing attack and brute force attack. As smart phones evolve not only storage of personal data but also a key means of financial services, the importance of personal information security in smart phones is growing. When user authentication of smart phone, pattern authentication method is simple to use and memorize, but it is prone to leak and vulnerable to attack. Using the features of the smart phone pattern method of the user, the pressure applied when touching the touch pad with the finger, the size of the area touching the finger, and the time of completing the pattern are used as feature vectors and applied to user authentication security. First, a smart phone user models and stores three parameter values as prototypes for each section of the pattern. Then, when a new authentication request is made, the feature vector of the input pattern is obtained and compared with the stored model to decide whether to approve the access to the smart phone. The experimental results confirm that the proposed technique shows a robust authentication security using subjective data of smart phone user based on habits and behaviors.

• 전자통신동향분석
• /
• 제36권4호
• /
• pp.135-144
• /
• 2021

The field of user authentication in Korea has experienced new dimensions since December 2020. Accredited certificate, which had been in use for 21 years since 1999, has been abolished. Accredited certificates have provided a trust foundation for various ICT-based industrial developments; however, new changes in the authentication sector are also required due to changes in the service and policy environment. Changes in the service environment occur rapidly because of the emergence of new technologies such as AI, IoT, Bio, Blockchain, and the daily use of non-face-to-face environments caused by COVID-19. Even with changes in the service environment, user authentication remains an essential foundation for providing services. This paper summarizes the current status of user authentication techniques, analyzes major changes in the service environment (such as Metaverse) associated with user authentication, and presents the direction of authentication techniques (Decentralized, Invisible, Privacy-preserving) through the derived implications.

• Journal of Information Processing Systems
• /
• 제14권2호
• /
• pp.523-538
• /
• 2018

Keystroke dynamics user authentication is a behavior-based authentication method which analyzes patterns in how a user enters passwords and PINs to authenticate the user. Even if a password or PIN is revealed to another user, it analyzes the input pattern to authenticate the user; hence, it can compensate for the drawbacks of knowledge-based (what you know) authentication. However, users' input patterns are not always fixed, and each user's touch method is different. Therefore, there are limitations to extracting the same features for all users to create a user's pattern and perform authentication. In this study, we perform experiments to examine the changes in user authentication performance when using feature vectors customized for each user versus using all features. User customized features show a mean improvement of over 6% in error equal rate, as compared to when all features are used.

• 한국지능시스템학회:학술대회논문집
• /
• 한국퍼지및지능시스템학회 2003년도 ISIS 2003
• /
• pp.256-259
• /
• 2003

This paper presents mutual authentication scheme between user and network on mobile communications using public key scheme based on counter, and simultaneously shows key agreement between user and user using random number for secure communications. This is also a range of possible solutions to authentication and key agreement problem-authentication and key agreement protocol based on nonce and count, and secure end-to-end protocol based on the function Y=f(.)$\^$1/, C$\^$i/ is count of user I, and f(.) is one way function.