Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

Technology Trends, Research and Design of AIM Framework for Authentication Information Management

인증 정보 관리를 위한 기술 동향과 AIM 프레임워크 연구 및 설계

  • Kim, Hyun-Joong (Gwangju Institute for Regional Program Evaluation) ;
  • Cha, Byung-Rae (School of Electrical Engineering and Computer Science, GIST) ;
  • Pan, Sung-Bum (Dept. of Electronics Engineering, Gawangju Chosun Univ.)
  • Received : 2016.06.01
  • Accepted : 2016.07.20
  • Published : 2016.07.28
Download PDF
⟨ Previous Next ⟩

Abstract

With mobile-epoch and emerging of Fin-tech, Bio-recognition technology utilizing bio-information in secure method has spread. Specially, In order to change convenient payment services and transportation cards, the combination of biometrics and mobile services are being expanded. The basic concept of authentication such as access control, IA&A, OpenID, OAuth 1.0a, SSO, and Biometrics techniques are investigated, and the protocol stack for security API platform, FIDO, SCIM, OAuth 2.0, JSON Identity Suite, Keystone of OpenStack, Cloud-based SSO, and AIM Agent are described detailed in aspect of application of AIM. The authentication technology in domestic and foreign will accelerate technology development and research of standardization centered in the federated FIDO Universal Authentication Framework(UAF) and Universal 2 Factor Framework(U2F). To accommodate the changing needs of the social computing paradigm recently in this paper, the trends of various authentication technology, and design and function of AIM framework was defined.

모바일 시대와 핀테크에 맞물려 바이오 정보를 보안 방식으로 활용하는 바이오 인식 기술이 확산되고 있다. 특히 간편결제 서비스, 교통카드 대체, 바이오 인식 기술과 결합한 모바일 서비스가 확대되고 있다. 인증을 위한 기본 개념인 접근 제어, IA&A, OpenID, OAuth 1.0a, SSO와 생체인식기술들을 고찰하였으며, AIM의 응용 측면에서 보안 API 플랫폼을 위한 프로토콜 스택과 FIDO, SCIM, OAuth 2.0, JSON Identity Suite, OpenStack의 Keystone, 클라우드 기반의 SSO, AIM Agent 등의 기술을 세부적으로 묘사한다. 국내외 인증기술은 FIDO UAF(Universal Authentication Framework)와 U2F(Universal 2 Factor Framework) 연합 중심으로 기술개발 표준화 연구 활동을 가속화될 것이며, 본 연구에서는 최근 컴퓨팅 패러다임의 변화와 사회적 요구를 수용하기 위한 다양한 인증 기술의 동향과 AIM 프레임워크를 설계 및 기능을 정의하였다.

Keywords

Acknowledgement

Grant : 웹 서비스 사용자 계정 정보 관리 및 유출/악용 탐지 기술 개발

Supported by : 정보통신기술진흥센터

References

  1. Jeong-Min Ryu, Yong-Mo Seo, Han-Jin Cho, "A Study on Business Model of Fintech - Focus on the Business model canvas," Journal of Digital Convergence, v.14, no.3, pp.191-196, March 2016. https://doi.org/10.14400/JDC.2016.14.2.191
  2. Jin-Hee Han, So-Hyun Jae, Bo-Hyun Kim, Jee-Sun Park, "Effects of Consumer Trust and Perceived Usefulness on Mobile Payments and Online Shopping Website Loyalty," Journal of Digital Convergence, v.13, no.12, pp.75-87, Dec. 2015. https://doi.org/10.14400/JDC.2015.13.12.75
  3. Soonduck Yoo, Gijung Nam, "e-MP service activation research to support SME financial settlement," Journal of Digital Convergence, v.11, no.12, 61-67, Dec. 2013. https://doi.org/10.14400/JDPM.2013.11.12.61
  4. Kwang-Jae Lee, Keun-Ho Lee, "Authentication Scheme using Biometrics in Intelligent Vehicle Network," Journal of the Korea Convergence Society, v.4, no. 3, pp. 15-20, 2013. https://doi.org/10.15207/JKCS.2013.4.3.015
  5. Chung-Geon Song, Keun-Ho Lee, "Design of Authentication System using Biometrics for U-Healthcare Environment in M2M", Journal of the Korea Convergence Society, v.3, no.2, pp. 13-17, 2012.
  6. Chung-GeonSong, Keun-HoLee, "A Study on Safe Identification Card Using Fingerprint Recognition and Encrypted QR," Journal of Digital Convergence, v.12, no.6, 317-323, June 2014. https://doi.org/10.14400/JDC.2014.12.6.317
  7. Dong-Ryool Kim, "Secure One-Time Password Authentication in Mobile Environments," Journal of Digital Convergence, v.11, no.12, 423-430, Dec. 2013. https://doi.org/10.14400/JDPM.2013.11.12.423
  8. Hong SeungPyo, at el. "ICT Brief 2016-02, Institute for Information & Communications Technology Promotion," pp.45, March 2016.
  9. FIDO Alliance, https://fidoalliance.org/
  10. Ed Tittel, at el. "CISSP: Certified Information Systems Security Professional Study Guide," SYBEC, 2004.
  11. OpenID, https://en.wikipedia.org/wiki/OpenID, 2016
  12. OAuth, http://earlybird.kr/1584, 2016
  13. SSO, http://kcats.tistory.com/68, 2016
  14. Yeun-Dek Chung, "Effective Utilization and Problems of Biometrics," Intellectual Property 21, 2004.
  15. Hyung-Jin Mun, Kun-Hee Han, "A Study on Design for Efficient Personal Policy of Service based RBAC," Journal of Digital Convergence, v.14, no.2, pp.191-196, Feb. 2016. https://doi.org/10.14400/JDC.2016.14.2.191
  16. API Security: Deep Dive into OAuth and OpenID Connect, http://nordicapis.com/api-security-oauth-openid-connect-depth, 2016
  17. SCIM, https://en.wikipedia.org/wiki/System_for_Cross-domain_Identity_Management, 2016
  18. kerberos, https://en.wikipedia.org/wiki/Kerberos_(protocol), 2016
  19. x.509, https://en.wikipedia.org/wiki/X.509, 2016
  20. SAML 2.0, https://en.wikipedia.org/wiki/SAML_2.0, 2016
  21. Michael B. Jones, "Identity Management," ISQ (Information Standards Quarterly), Vol. 26, Issue 3, Fall 2014.
  22. OpenStack, https://www.openstack.org, 2016
  23. Keystone, http://docs.openstack.org/developer/keystone, 2016.
  24. Thomas E., Zaigham M., and Ricardo P., "Cloud Computing. Concepts, Technology & Architecture," Prentice Hall/PearsonPTR, ISBN: 9780133387520, 2014.
  25. Yun Sang Byun, Jin Kwak, "A Study on Integration Security Management Model in Cloud Environment," Journal of Digital Convergence, v.11, no.12, 407-415, Dec. 2013. https://doi.org/10.14400/JDPM.2013.11.12.407