• Journal of the Korea Society of Computer and Information
• /
• v.14 no.7
• /
• pp.73-80
• /
• 2009

Internet accidents have skyrocketed every year. It always has been threatened by the methods such as hacking and Spyware. The majority of security accident is formed of the loss of authentication information, and the internal user who is not authorized. The importance of security is also emphasized when someone tries to do something accessing to the main information system. Accordingly, Biometrics has been used in many ways. OTP, however, must have a few devices accessing to several systems, and Biometrics involve some risk of mis-recognition rate and mis-denial rate. It also has the risk possible to access to the main information system when losing OTP. This research reduced risks about the loss as separating RFID leader for mobile, Tag and the accessor's cellular phone, and is about pseudo random validation key generated from the administration system through contact with RFID leader for mobile and Tag. As sending the key to user's cell phone which is already registered, security is strengthened more than existing connection methods through the ID and password. RFID for mobile not generalized to the present has been studied as a tool accessing to the main information system.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• The Journal of the Korea Contents Association
• /
• v.22 no.5
• /
• pp.155-164
• /
• 2022

The purpose of this study is to understand the brand effectiveness of the small enterprise succession policy. small enterprise have a close relationship with consumers, it is necessary to examine the consumer effects of authentication policies. Therefore, the policy itself was identified as a brand, and the influence between brand image, attitude, and loyalty was attempted. As a result of the study, it was found that the brand image of the two factors of the policy had a positive effect on attitude and loyalty. Based on the research results, the necessity of evaluating policies from a business perspective was suggested. Above all, it will be meaningful in applying the concept of a brand to the policies used by consumers and examining the effects.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.285-301
• /
• 2004

Public service provision through internet is one of major parts for e-government implementation. It is essential to link the internal administrative network with internet to provide the services through internet and to support kiosks through internet, which should result in critical issues for security. A relay server, as a front server for the public service processing system and a web server, a control server for kiosks, are placed between the public service processing system and kiosks to solve those security issues. It is the way to solve security issues through protecting direct communication between the public service processing system and a web server and authenticating a relay server and a web server through authentication process. In the implementation of the system this paper provide a design for an architecture model of the public service processing system through internet, which are aiming to develop high level of the quality system effectively, to reduce the risk of initial stage of development, and to reduce the incurring cost due to reworks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.2
• /
• pp.452-458
• /
• 2021

The value and importance of personal information are increasing due to the increasing number of fields where the Internet environment and computing environment are used, and user authentication technology is also changing. Until now, accredited certificates, which are mainly used in the financial sector, are being replaced with biometric authentication technology due to the problem of revocation. However, another problem is that biometric information cannot be modified once it is leaked. Recently, with the advent of blockchain technology, research on user authentication methods has actively progressed. In this paper, both public certificate and blockchain-based user authentication can be used without system change, and a new DID issuance and reissuance method that can replace the resident registration number is presented. The proposed system can be used without restrictions in a blockchain. However, the currently used DID requires installation of an application at the Interworking Support Center for verification. Since a DID can be authenticated without registering as a member, indiscriminate information collection can be prevented. Security, convenience, and determinism are compared with the existing system, and excellence is proven based on various attack methods, its portability, and proxy use.

• Journal of Practical Engineering Education
• /
• v.15 no.3
• /
• pp.739-750
• /
• 2023

Several preceding studies have been conducted to integrate the education programs and qualification examination systems in higher education institutions, such as four-year engineering colleges and vocational universities. However, in practice, the implementation of such integration is a rare occurrence. The most ideal method of integrating education and qualifications can be seen as the unified operation of educational programs and qualification assessments. However, various elements required for accreditation of educational institutions and qualification systems must precede this. In this paper, we first compare and analyze the currently implemented competency-based qualification system and the Accreditation for engineering education evaluation operating as a quality management system for educational programs. Subsequently, through a case study of University K, which concurrently operates the Accreditation for engineering education and competency-based qualification systems, we examine the potential linkage between education and qualifications. After reviewing the case that education and qualifications can be linked, and reflecting the analysis results, if a program that has obtained the Accreditation for engineering education operates a curriculum that satisfies the criteria for Course-based Qualification System. We propose Accreditation-based Qualification System that can grant qualifications, students who have completed it will be provided.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.1
• /
• pp.1-6
• /
• 2021

Recently, incidents such as proxy surgery (unlicensed medical practice) have been reported in the media that threaten the safety of patients. Alternatives such as the introduction of operating room surveillance camera devices to prevent proxy surgery are emerging, but there are practical difficulties in implementing them due to strong opposition from the medical community. However, the social credibility of doctors is falling as incidents such as proxy surgery occur frequently. In this paper, we propose a medical staff identification system combining Beacon and iris recognition. The system adds reliability by operating on the blockchain network. The system performs primary identification by performing user authentication through iris recognition and proves that the medical staff is in the operating room through beacons. It also ensures patient trust in the surgeon by receiving beacon signals in the background and performing iris authentication at random intervals to prevent medical staff from leaving the operating room after only performing initial certification.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.112-120
• /
• 2009

Face membership authentication is to decide whether an incoming person is an enrolled member or not using face recognition, and basically belongs to two-class classification where support vector machine (SVM) has been successfully applied. The previous SVMs used for face membership authentication have been trained and tested using image feature vectors extracted from member face images of each class (enrolled class and unenrolled class). The SVM so trained using image feature vectors extracted from members in the training set may not achieve robust performance in the testing environments where configuration and size of each class can change dynamically due to member's joining or withdrawal as well as where testing face images have different illumination, pose, or facial expression from those in the training set. In this paper, we propose an effective class discriminating feature vector-based SVM for robust face membership authentication. The adopted features for training and testing the proposed SVM are chosen so as to reflect the capability of discriminating well between the enrolled class and the unenrolled class. Thus, the proposed SVM trained by the adopted class discriminating feature vectors is less affected by the change in membership and variations in illumination, pose, and facial expression of face images. Through experiments, it is shown that the face membership authentication method based on the proposed SVM performs better than the conventional SVM-based authentication methods and is relatively robust to the change in the enrolled class configuration.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.42 no.2
• /
• pp.29-36
• /
• 2005

The methode of user authorization used to the cookie, session and database in the blug site using the DHTML editor, frequently, of course, it is the detail and technical authorization methode but the above mentioned the methode to used, usually. But those methode have the problem in the security. In this paper proposed to the new methode of user authorization which it used to cookie, session and database in the using the DHTML editor. The proposed methode confirm to the impossible to the analysis and changing of the cookie information by hacker.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.1-10
• /
• 2009

Recently, Shin and Park proposed an authentication protocol using the hash function and the XOR operation in RFID/USN environment. However, Shin and Park's proposed authentication protocol is vulnerable to spoofing attack and location tracking attack and tag key exposure attack, and it does not provide tag anonymity. In this paper, we propose an improved authentication protocol for the RFID/USN environment that can withstand those attacks. The proposed authentication protocol provides more improved secrecy and communication efficiency because it decreases the communication rounds compared with the Shin and Park's protocol.