• 제목/요약/키워드: 스마트폰 인증

Search Result 312, Processing Time 0.176 seconds

Risk Analysis on Various Contextual Situations and Progressive Authentication Method based on Contextual-Situation-based Risk Degree on Android Devices (안드로이드 단말에서의 상황별 위험도 분석 및 상황별 위험도 기반 지속인증 기법)

  • Kim, Jihwan;Kim, SeungHyun;Kim, Soo-Hyung;Lee, Younho
    • Journal of KIISE
    • /
    • v.43 no.10
    • /
    • pp.1154-1164
    • /
    • 2016
  • To prevent the use of one's smartphone by another user, the authentication checks the owner in several ways. However, whenever the owner does use his/her smartphone, this authentication requires an unnecessary action, and sometimes he/she finally decides not to use an authentication method. This can cause a fatal problem in the smartphone's security. We propose a sustainable android platform-based authentication mode to solve this security issue and to facilitate secure authentication. In the proposed model, a smartphone identifies the current situation and then performs the authentication. In order to define the risk of the situation, we conducted a survey and analyzed the survey results by age, location, behavior, etc. Finally, a demonstration program was implemented to show the relationship between risk and security authentication methods.

A Smart Phone Banking using motion password Athentication (모션 패스워드 인증방식을 이용한 스마트폰 뱅킹)

  • Song, Jong-Gun;Jang, Won-Tae;Kim, Tae-Yong;Lee, Hoon-Jae
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2012.07a
    • /
    • pp.199-201
    • /
    • 2012
  • 스마트폰은 사용자들에게 편리함을 제공하지만 분실과 악성코로 인한 보안적인 측면에서 문제점을 이슈가 되고 있다. 본 논문에서는 이중 보안 시스템 환경을 이용하여 기존에 사용되어지고 있는 스마트폰 뱅킹 환경에서의 문제점을 해결하고자 한다. 분실 또는 악성코드를 통해 개인정보 유출, 금전적인 피해를 줄이기 위해서는 스마트폰 뱅킹 서비스 환경에서 개인정보의 통제 및 보호가 보장되는 개인인증 방법을 제공할 필요가 있다. 이를 위해서 기존 방식과 더불어 스마트폰의 자이로센서를 이용한 모션 패스워드 인증방식을 제안한다.

  • PDF

Authentication of the smart wallet based on One-time password (일회용 패스워드 기반의 스마트 지갑 인증)

  • Choi, Yo-Han;Seo, Hee-Suk
    • Annual Conference of KIPS
    • /
    • 2011.11a
    • /
    • pp.739-742
    • /
    • 2011
  • 스마트폰의 보급과 함께 등장한 스마트지갑은 스마트폰을 이용한 지불 시스템이다. 스마트지갑을 이용하여 결제를 수행하기 위해서는 결제단말과 스마트폰의 페어링 과정이 필요하다. 페어링을 통해 결제가 이루어지는 만큼 페어링 과정의 보안이 중요하다. 하지만 현재의 페어링과정에 적용되는 보안절차는 이미지 비교, 바코드, 사운드 등의 원시적인 차원의 보안절차만이 적용되어 있는 수준으로 보안강도가 낮다. 본 논문에서는 일회용 패스워드를 이용하여 기존의 페어링의 취약점을 보완하려고 한다. 일회용 패스워드를 이용하기 위해서는 사용자의 모바일ID를 검증하는 인증서버가 필요하다. 인증서버와 사용자 인증을 수행하는 단말사이의 통신은 해시 값을 이용하여 통신함으로 보안성을 높일 수 있다. 또한, 일회용 패스워드 기반의 스마트 지갑은 지불 서비스 이외에도 출입인증수단으로 이용될 수 있다.

A Study of Security Authentication for Cloud Computing Based on Smart Phone (스마트폰 기반의 클라우드 컴퓨팅 보안 인증 연구)

  • Jeong, Yoon-Su;Kim, Yong-Tae
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37C no.11
    • /
    • pp.1027-1035
    • /
    • 2012
  • Recently, the smart phone including web and mobile service based on the reliability and extendability of cloud computing is receiving huge attention. However, most of current cloud services provide just an application service for synchronizing data between mobile entity and server. Business model developed by communication companies have problems with interoperability. This paper proposes a new service security authentication model to efficiently manage smart phone users using different business models between smartphones and to keep the reliability and extendability of cloud computing. Proposed model authenticates for smart phone users to stay with in the unified communication with smart phone user's identity and access control to effectively use the current cloud computing system.

Secure Management Method for Private Key using Smartphon's Information (스마트폰 고유정보를 이용한 안전한 개인키 관리 방안)

  • Kim, Seon-Joo
    • The Journal of the Korea Contents Association
    • /
    • v.16 no.8
    • /
    • pp.90-96
    • /
    • 2016
  • The 3390 million people, around 83% of the adult population in Korea use smartphone. Although the safety problem of the certificate has been occurred continuously, most of these users use the certificate. These safety issues as a solution to 'The owner of a mobile phone using SMS authentication technology', 'Biometric authentication', etc are being proposed. but, a secure and reliable authentication scheme has not been proposed for replace the certificate yet. and there are many attacks to steal the certificate and private key. For these reasons, security experts recommend to store the certificate and private key on usb flash drive, security tokens, smartphone. but smartphones are easily infected malware, an attacker can steal certificate and private key by malicious code. If an attacker snatchs the certificate, the private key file, and the password for the private key password, he can always act as valid user. In this paper, we proposed a safe way to keep the private key on smartphone using smartphone's unique information and user password. If an attacker knows the user password, the certificate and the private key, he can not know the smart phone's unique information, so it is impossible to use the encrypted private key. Therefore smartphone user use IT service safely.

A Study on User Authentication Scheme Using the Smart Phone in the Smart work Environment (스마트워크 환경에서 스마트폰을 이용한 사용자 인증 기법 연구)

  • Byun, Yun-Sang;Park, Dae-Sik;Kwak, Jin
    • Annual Conference of KIPS
    • /
    • 2011.11a
    • /
    • pp.797-800
    • /
    • 2011
  • 최근 정보통신기술의 발달과 스마트기기 이용의 확산으로 인해 생활환경 및 업무 환경이 크게 변화되었다. 특히 스마트폰의 보급이 빠르게 확산되어 스마트폰을 사용해 업무처리가 가능한 스마트워크 환경에 관심이 증가하고 있다. 국내의 스마트워크에 대한 연구 및 기술개발은 초기단계이며 기업 내부 네트워크에 접근하기 위한 사용자 인증 기법 또한 부족한 실정이다. 따라서 본 논문에서는 스마트워크 환경에서 스마트폰을 이용하여 보안카드와 이미지 패스워드 기반의 사용자 인증 기법을 제안한다.

A Study on User Authentication with Smartphone Accelerometer Sensor (스마트폰 가속도 센서를 이용한 사용자 인증 방법 연구)

  • Seo, Jun-seok;Moon, Jong-sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1477-1484
    • /
    • 2015
  • With the growth of financial industry with smartphone, interest on user authentication using smartphone has been arisen in these days. There are various type of biometric user authentication techniques, but gait recognition using accelerometer sensor in smartphone does not seem to develop remarkably. This paper suggests the method of user authentication using accelerometer sensor embedded in smartphone. Specifically, calibrate the sensor data from smartphone with 3D-transformation, extract features from transformed data and do principle component analysis, and learn model with using gaussian mixture model. Next, authenticate user data with confidence interval of GMM model. As result, proposed method is capable of user authentication with accelerometer sensor on smartphone as a high degree of accuracy(about 96%) even in the situation that environment control and limitation are minimum on the research.

Study on the Camera Image Frame's Comparison for Authenticating Smart Phone Users (스마트폰 사용자 인증을 위한 카메라 영상 프레임 비교에 관한 연구)

  • Jang, Eun-Gyeom;Nam, Seok-Woo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.16 no.6
    • /
    • pp.155-164
    • /
    • 2011
  • APP based on the smart phone is being utilized to various scopes such as medical services in hospitals, financing services at banks and credit card companies, and ubiquitous technologies in companies and homes etc. In this service environment, exposures of smart phones cause loss of assets including leaks of official/private information by outsiders. Though secret keys, pattern recognition technologies, and single image authentication techniques are being applied as protective methods, but they have problems in that accesses are possible by utilizing static key values or images like pictures. Therefore, this study proposes a face authentication technology for protecting smart phones from these dangerous factors and problems. The proposed technology authenticates users by extracting key frames of user's facial images by real time, and also controls accesses to the smart phone. Authentication information is composed of multiple key frames, and the user' access is controlled by distinction algorism of similarity utilizing DC values of image's pixel and luminance.

User Authentication Method Using Smartphone and Smartwatch (스마트폰과 스마트워치를 활용한 사용자 인증 기법)

  • Seo, Hwa-jeong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.11
    • /
    • pp.2109-2114
    • /
    • 2017
  • Personal Identification Number (PIN) is the most common user-authentication method for the access control of private and commercial applications. The users need to enter PIN information to the applications whenever the users get access to the private services. However, the process imposes a burden on the users and is vulnerable to the potential shoulder-surfing attacks. In order to resolve both problems, we present a continuous authentication method for both smartphone and smartwatch, namely, synchronized authentication. First we analyze the previous smartwatch based authentication and point-out some shortcomings. In the proposed method, we verify the validity of user by analyzing the combined acceleration data of both smartphone and smartwatch. If the monitored sensor data shows the high correlations between them, the user is successfully authenticated. For the authentication test, we used the Samsung Galaxy Note5 and Sony Smartwatch2.

A Study on the Utilization of Biometric Authentication for Digital Signature in Electronic Financial Transactions: Technological and Legal Aspect (전자금융 거래 시 생체인증을 전자서명에 활용하기 위한 기술 및 법률에 관한 연구)

  • Song, Jae-Hun;Kim, In-Seok
    • The Journal of Society for e-Business Studies
    • /
    • v.21 no.4
    • /
    • pp.41-53
    • /
    • 2016
  • Today, leading smartphone manufacturers offer biometric technologies such as fingerprints, voice recognition, and iris patterns in their flagship models. These biometric technologies are used for authentication. Biometric authentications are widely used in device security and even in financial transaction. This paper examines cases where a user uses biometric authentication during financial transaction (both online and smartphone banking), and explains biometric for non-repudiation by digital signature. Finally, the paper also explains technical and legal requirements for biometric authentication in the area of financial services.