The Journal of Society for e-Business Studies (한국전자거래학회지)

Society for e-Business Studies (한국전자거래학회)
권호 표지
DOI QR코드

DOI QR Code

Framework for Secure User Authentication of Internet of Things Devices

사물인터넷 기기의 안전한 사용자 인증 방안에 관한 프레임워크

  • Song, Yongtaek (Department of Security Convergence, Chung-Ang University) ;
  • Lee, Jaewoo (Department of Industrial Security, Chung-Ang University)
  • Received : 2019.04.02
  • Accepted : 2019.05.29
  • Published : 2019.05.31
Download PDF
⟨ Previous Next ⟩

Abstract

In the 4th Industrial Revolution, the Internet of Things emerged and various services and convenience improved. As the frequency of use increases, security threats such as leakage of personal information coexist and the importance of security are increasing. In this paper, we analyze the security threats of the Internet of things and propose a model for enhancing security through user authentication using Fast IDentity Online (FIDO). As a result, we propose to implement strong user authentication by introducing second authentication through FIDO.

4차 산업혁명을 맞아 사물인터넷이 떠오르며 다양한 서비스가 생겨나고 편의성이 개선되었다. 사용빈도가 높아짐에 따라 개인정보의 유출 등과 같은 보안위협이 공존하게 되었으며 보안의 중요성이 증가하고 있다. 본 논문은 사물인터넷의 보안위협에 대해 분석하여 Fast IDentity Online(FIDO)을 사용한 사용자인증을 통하여 보안성을 강화하는 모델을 제시하고자 한다. 연구결과 향후 FIDO를 통한 2차 인증 도입을 통하여 강력한 사용자인증을 구현할 것을 제안한다.

Keywords

References

  1. Chae, C., Cho, H., and Jeong, H., "Authentication Method using Multiple Biometric Information in FIDO Environment," Journal of Digital Convergence, Vol. 16, No. 1, pp. 159-164, 2019. https://doi.org/10.14400/JDC.2018.16.1.159
  2. Cho, S. and Kim, S., "FIDO technology standardization trend," Telecommunications Technology Association, TTA Journal, Vol. 172, pp. 65-70, 2017.
  3. Dunkerberger, P., "FIDO2 puts biometrics at heart of web security," ELSEVIER Vol. 2018, No. 8, pp. 8-10, 2018.
  4. FIDO Alliance, "Client to Authenticator Protocol(CTAP)," Propose Standard, 2019.
  5. FIDO Alliance, "Universal 2nd Factor (U2F) Overview," FIDO Alliacne Proposed Standard, 2017.
  6. Gubbi, J. and Buyya, R., Marimuthu, S., and Palaniswami, M., "Internet of Things (IoT): A vision, architectural elements, and future directions," Future Generation Computer Systems, Vol. 29, No. 7, pp. 1645-1660, 2013. https://doi.org/10.1016/j.future.2013.01.010
  7. Hossain, M., Fotouhi, M., and Hasan, R., "Towards an Analysis of Security Issues, Challenge and Open Problems in the Internet of Things," 2015 IEEE World Congress on Services, pp. 21-28, 2015.
  8. IoT Security Alliance, "Home.Appliance IoT Security Guide," Korea Internet & Security Agency, 2017.
  9. Kang, J., "A Verification of Smart TV Security in IoT Environment," Soongsil University, 2017.
  10. Kim, Y., Lee, J., and Yun, G., "Study on Smart Office Fit Model of Government and Local Governments," The Korea Institute of Public Administration, Frequent assignment 2014-04, 2014.
  11. Lee, G. H., "Exploring the standardization forum _Special Theme Bio-recognition," Telecommunications Technology Association, TTA Journal, Vol. 165, pp. 12-17, 2016.
  12. Lee, S. and Jahng, J., "The Diffusion of Internet of Things: Forecasting Technologies and Company Strategies using Qualitative and Quantitative Approach," The Journal of Society for e-Business Studies, Vol. 20, No. 4, pp. 19-39, 2015. https://doi.org/10.7838/jsebs.2015.20.4.019
  13. Walker, M., "Hype Cycle for Emerging Technologies, 2018," Gartner Inc., 2018.

Cited by

  1. 의료 ICT융합 환경에서 안전한 사용자 관리를 위한 인증시스템 설계 및 구현: 중소형 의료기관을 중심으로 vol.19, pp.3, 2019, https://doi.org/10.33778/kcsa.2019.19.3.029