- Volume 14 Issue 7
DOI QR Code
Technology Trends, Research and Design of AIM Framework for Authentication Information Management
인증 정보 관리를 위한 기술 동향과 AIM 프레임워크 연구 및 설계
- Kim, Hyun-Joong (Gwangju Institute for Regional Program Evaluation) ;
- Cha, Byung-Rae (School of Electrical Engineering and Computer Science, GIST) ;
- Pan, Sung-Bum (Dept. of Electronics Engineering, Gawangju Chosun Univ.)
- Received : 2016.06.01
- Accepted : 2016.07.20
- Published : 2016.07.28
With mobile-epoch and emerging of Fin-tech, Bio-recognition technology utilizing bio-information in secure method has spread. Specially, In order to change convenient payment services and transportation cards, the combination of biometrics and mobile services are being expanded. The basic concept of authentication such as access control, IA&A, OpenID, OAuth 1.0a, SSO, and Biometrics techniques are investigated, and the protocol stack for security API platform, FIDO, SCIM, OAuth 2.0, JSON Identity Suite, Keystone of OpenStack, Cloud-based SSO, and AIM Agent are described detailed in aspect of application of AIM. The authentication technology in domestic and foreign will accelerate technology development and research of standardization centered in the federated FIDO Universal Authentication Framework(UAF) and Universal 2 Factor Framework(U2F). To accommodate the changing needs of the social computing paradigm recently in this paper, the trends of various authentication technology, and design and function of AIM framework was defined.
Certificate information management;FIDO;AIM framework;Bio-recognition;FinTech
Grant : 웹 서비스 사용자 계정 정보 관리 및 유출/악용 탐지 기술 개발
Supported by : 정보통신기술진흥센터
- Jeong-Min Ryu, Yong-Mo Seo, Han-Jin Cho, "A Study on Business Model of Fintech - Focus on the Business model canvas," Journal of Digital Convergence, v.14, no.3, pp.191-196, March 2016. https://doi.org/10.14400/JDC.2016.14.2.191
- Jin-Hee Han, So-Hyun Jae, Bo-Hyun Kim, Jee-Sun Park, "Effects of Consumer Trust and Perceived Usefulness on Mobile Payments and Online Shopping Website Loyalty," Journal of Digital Convergence, v.13, no.12, pp.75-87, Dec. 2015.
- Soonduck Yoo, Gijung Nam, "e-MP service activation research to support SME financial settlement," Journal of Digital Convergence, v.11, no.12, 61-67, Dec. 2013. https://doi.org/10.14400/JDPM.2013.11.12.61
- Kwang-Jae Lee, Keun-Ho Lee, "Authentication Scheme using Biometrics in Intelligent Vehicle Network," Journal of the Korea Convergence Society, v.4, no. 3, pp. 15-20, 2013.
- Chung-Geon Song, Keun-Ho Lee, "Design of Authentication System using Biometrics for U-Healthcare Environment in M2M", Journal of the Korea Convergence Society, v.3, no.2, pp. 13-17, 2012.
- Chung-GeonSong, Keun-HoLee, "A Study on Safe Identification Card Using Fingerprint Recognition and Encrypted QR," Journal of Digital Convergence, v.12, no.6, 317-323, June 2014.
- Dong-Ryool Kim, "Secure One-Time Password Authentication in Mobile Environments," Journal of Digital Convergence, v.11, no.12, 423-430, Dec. 2013. https://doi.org/10.14400/JDPM.2013.11.12.423
- Hong SeungPyo, at el. "ICT Brief 2016-02, Institute for Information & Communications Technology Promotion," pp.45, March 2016.
- FIDO Alliance, https://fidoalliance.org/
- Ed Tittel, at el. "CISSP: Certified Information Systems Security Professional Study Guide," SYBEC, 2004.
- OpenID, https://en.wikipedia.org/wiki/OpenID, 2016
- OAuth, http://earlybird.kr/1584, 2016
- SSO, http://kcats.tistory.com/68, 2016
- Yeun-Dek Chung, "Effective Utilization and Problems of Biometrics," Intellectual Property 21, 2004.
- Hyung-Jin Mun, Kun-Hee Han, "A Study on Design for Efficient Personal Policy of Service based RBAC," Journal of Digital Convergence, v.14, no.2, pp.191-196, Feb. 2016. https://doi.org/10.14400/JDC.2016.14.2.191
- API Security: Deep Dive into OAuth and OpenID Connect, http://nordicapis.com/api-security-oauth-openid-connect-depth, 2016
- SCIM, https://en.wikipedia.org/wiki/System_for_Cross-domain_Identity_Management, 2016
- kerberos, https://en.wikipedia.org/wiki/Kerberos_(protocol), 2016
- x.509, https://en.wikipedia.org/wiki/X.509, 2016
- SAML 2.0, https://en.wikipedia.org/wiki/SAML_2.0, 2016
- Michael B. Jones, "Identity Management," ISQ (Information Standards Quarterly), Vol. 26, Issue 3, Fall 2014.
- OpenStack, https://www.openstack.org, 2016
- Keystone, http://docs.openstack.org/developer/keystone, 2016.
- Thomas E., Zaigham M., and Ricardo P., "Cloud Computing. Concepts, Technology & Architecture," Prentice Hall/PearsonPTR, ISBN: 9780133387520, 2014.
- Yun Sang Byun, Jin Kwak, "A Study on Integration Security Management Model in Cloud Environment," Journal of Digital Convergence, v.11, no.12, 407-415, Dec. 2013. https://doi.org/10.14400/JDPM.2013.11.12.407