DOI QR코드

DOI QR Code

User Authentication System based on Auto Identification and Data Collection

자동인식 및 데이터 수집을 이용한 사용자 인증 시스템

  • Received : 2017.10.25
  • Accepted : 2017.11.27
  • Published : 2018.01.31

Abstract

As user of mobile device increases, various user authentication methods are actively researched. The user authentication methods includes a method of using a user ID and a password, a method of using user biometric feature, a method of using location based, and a method of authenticating secondary authentication such as OTP(One Time Password) method is used. In this paper, we propose a user system which improves the problem of existing authentication method and encryption can proceed in a way that user desires. The proposed authentication system is composed of an authentication factor collection module that collects authentication factors using a mobile device, a security key generation module that generates a security key by combining the collected authentication factors, and a module that performs authentication using the generated security key module.

모바일 기기 사용자가 증가함에 따라서 다양한 사용자 인증 방식에 대한 연구가 활발하게 진행되고 있다. 사용자 인증방식에는 사용자 아이디와 비밀번호를 이용하는 지식기반 인증방식, 사용자만이 가지고 있는 특성인 생체기반, 위치기반 등을 이용하는 방법과 OTP(On Time Password)와 같은 2차 인증을 진행하는 인증방식이 사용되고 있다. 본 논문에서는 기존 인증방식의 문제점을 개선하고 사용자가 원하는 방식으로 암호화가 진행될 수 있는 사용자 시스템을 제안한다. 제안한 인증 시스템은 모바일 기기를 이용하여 인증요소를 수집하는 인증요소 수집 모듈, 수집한 인증요소를 조합하여 보안키를 생성하는 보안키 생성 모듈, 생성된 보안키를 이용하여 인증을 진행하는 암호화 및 복호화 모듈로 구성된다.

Keywords

References

  1. S. J. Oh, "A Cross-cultural Study on the Perception Types of Korean and American Users of Smartphone," Journal of the Korean society for Wellness, vol. 11, no. 3, pp. 1-21, Aug. 2016.
  2. S. R. Cho, D. S. Choi, S. H. Jin, and H. H. Lee, "Passwordless Authentication Technology-FIDO," Electronics and Telecommunications Trends, vol. 29, no. 4, pp. 101-109, Aug. 2014.
  3. S. J. Kim, "Information Security Plan on Cloud Computing - Information Security Management System," Korean Review of Management Consulting, vol. 1, no. 2, pp. 194-208, Aug. 2010.
  4. F. Zhang, A. Kondoro, and S. Muftic, "Location-Based Authentication and Authorization Using Smart Phones," 2012 IEEE 11th International Conference on Trust, Security, and Policy in Computing and Communications, pp. 1285-1292, June 2012.
  5. H. Takamizawa, and N. Tanaka, "Authentication system using location information on ipad or smartphone" International Journal of Computer Theory and Engineering, vol. 4, no. 2, pp.153-157, April 2012.
  6. W. Jansen, and V. Korolev, "A location-based mechanism for mobile device security," Computer Science and Information Engineering, 2009 WRI World Congress on IEEE, vol. 1, pp. 99-104, March 2009.
  7. H. Ketabdar, K. A. Yuksel, A. Jahnbekarn, M. Roshandel, and D. Skirop, "MagiSign: User Identification /Authentication Based on 3D Around Device Magnetic Signatures," The Fourth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 31-34, 2010.
  8. J. S. Seo, and J. S. Moon, "A Study on User Authentication with Smartphone Accelerometer Sensor," Journal of The Korea Institute of Information Security and Cryptology, vol. 25, no. 6, pp. 1477-1484, Dec. 2015. https://doi.org/10.13089/JKIISC.2015.25.6.1477
  9. A. Bianchi, I. Oakley, V. Kostakos, and D. S. Kwon, "The Phone Lock: Audio and Haptic Shoulder-Surfing Resistant PIN Entry Methods for Mobile Devices," TEI'11 Proceedings of the fifth international conference on Tangible, embedded, and embodied interaction, pp. 197-200, Jan. 2011.
  10. T. K. Lee, Y. H. Kim, and E. G. Im, "Biometric User Authentication Method of Mobile Appilication in Trustable Space," Journal of The Korea Institute of Information Security and Cryptology, vol. 27, no. 2, pp. 201-212, April 2017. https://doi.org/10.13089/JKIISC.2017.27.2.201