DOI QR코드

DOI QR Code

A Methodology for the Improvement of Accredited Digital Certificate Integrating FIDO Biometric Technology and TrustZone

FIDO 생체기술과 안전영역을 연계한 공인인증서 효율화 방법

  • Cho, Hwa-Gun (Information Security Group, Korea Financial Telecommunications & Clearings Institute) ;
  • Yang, Hae-Sool (Graduate School of Venture, Hoseo University)
  • 조화건 (금융결제원 정보보호본부) ;
  • 양해술 (호서대학교 벤처대학원)
  • Received : 2017.06.21
  • Accepted : 2017.08.20
  • Published : 2017.08.28

Abstract

Digital accredited certificates issued under the Digital Signature Act provide essential functionalities for online service, so certificates are used for various services such as online banking, e-government. However, certificates can be stolen by hackers and users need to install separate software to use certificates. Recently FIDO, which aims to solve the problems of password-based authentication and the lack of interoperability between authentication methods, is used for biometric authentication and TrustZone, hardware-based secure environment, is used for safe smartphone usage. In this paper, the new service method is suggested which uses FIDO-based biometric authentication and stores certificates in TrustZone. This method can not only improve security and convenience but also be easily applied to the service because it uses built-in functionalities of new smartphones such as biometric sensors and TrustZone. It is expected that people can use certificates in a safe and convenient way with this method.

Keywords

Accredited Digital Certificate;FIDO;Biometric Technology;TrustZone;Mobile Security

References

  1. RSA Laboratories, "PKCS #1 v2.2: RSA Cryptography Standard", 2012.
  2. National Law Information Center, "Digital Signature Act", http://www.law.go.kr (June, 2017)
  3. Kyung-Hye Park, "A study of the scenario for improvement of NPKI system", Journal of Digital Convergence, Vol. 8, No. 4, pp. 59-71, 2010.
  4. Korea Internet & Security Agency, "Digital Signature Certificate Profile", 2009.
  5. Korea Internet & Security Agency, "Accredited Digital Signature Certificate Revocation List Profile", 2009.
  6. Han-Wook Lee, "Current Status and Future Prospects of FIDO Authentication Technology", KFTC Payments Trends, Vol. 261, 2016.
  7. Jae Jung Kim and Seung Phil Hong, "Design of a Secure Biometric Authentication Framework Using PKI and FIDO in Fintech Environments", International Journal of Security and Its Applications, Vol. 10, No. 12, pp. 69-80, 2016.
  8. Hyun-Joong Kim, Byung-Rae Cha and Sung-Bum Pan, "Technology Trends, Research and Design of AIM Framework for Authentication Information Management", Journal of Digital Convergence, Vol. 14, No. 7, pp. 373-383, 2016.
  9. FIDO Alliance, http://fidoalliance.org (June, 2017)
  10. Young-Joon, Choi, "Digital Certificates Usage and Technology Trends in Smartphone", KFTC Payment Systems and Information Technology, Vol. 56, 2014.
  11. GlobalPlatform, "Trusted Execution Environment(TEE) Guide", https://globalplatform.org/mediaguidetee.asp (June, 2017)
  12. ARM Ltd., https://www.arm.com/products/security-on-arm/trustzone (June, 2017)
  13. Jeong Nyeo Kim, "Security Core Technology Implementation for Hardware-based Smart Devices", Journal of Digital Convergence, Vol. 14, No. 11, pp. 501-505, 2016.
  14. Hwi-Min Choi, Chang-Bok Jang and Joo-Man Kim, "Efficient Security Method Using Mobile Virtualization Technology And Trustzone of ARM", Journal of Digital Convergence, Vol. 12, No. 10, pp. 299-308, 2014.
  15. Keyong-Seog Song, "A Study on the Risk Management of e-Finance by Active Internet", Journal of Digital Convergence, Vol. 8, No. 2, pp. 189-202, 2010.
  16. Financial Services Commision, "Electronic Financial Fraud Prevention Service Press Release", 2013.
  17. Korea Internet & Security Agency, "User Interface Specification for the Interoperability between Accredited Certificate Authorities", 2015.
  18. Korea Internet & Security Agency, "Certificate Management in Mobile Device", 2015.
  19. Hyeon-Joon Moon, Min-Hyung Lee and Kang-Hun Jeong, "Authentication Performance Optimization for Smart-phone based Multimodal Biometrics", Journal of Digital Convergence, Vol. 13, No. 6, pp. 151-156, 2015.
  20. Sunghyun Yun, "The Biometric Signature Delegation Method with Undeniable Property", Journal of Digital Convergence, Vol. 12, No. 1, pp. 389-395, 2014.
  21. Korea Internet & Security Agency, "Implementation Guideline for Safe Usage of Accredited Certificate using bio information in Smart phone", 2016.